src/HOL/Library/Float.thy
 author immler Mon Dec 16 17:08:22 2013 +0100 (2013-12-16) changeset 54782 cd8f55c358c5 parent 54489 03ff4d1e6784 child 54783 25860d89a044 permissions -rw-r--r--
additional definitions and lemmas for Float
1 (*  Title:      HOL/Library/Float.thy
2     Author:     Johannes Hölzl, Fabian Immler
4 *)
6 header {* Floating-Point Numbers *}
8 theory Float
9 imports Complex_Main Lattice_Algebras
10 begin
12 definition "float = {m * 2 powr e | (m :: int) (e :: int). True}"
14 typedef float = float
15   morphisms real_of_float float_of
16   unfolding float_def by auto
19   real_of_float_def[code_unfold]: "real \<equiv> real_of_float"
21 lemma type_definition_float': "type_definition real float_of float"
22   using type_definition_float unfolding real_of_float_def .
24 setup_lifting (no_code) type_definition_float'
26 lemmas float_of_inject[simp]
28 declare [[coercion "real :: float \<Rightarrow> real"]]
30 lemma real_of_float_eq:
31   fixes f1 f2 :: float shows "f1 = f2 \<longleftrightarrow> real f1 = real f2"
32   unfolding real_of_float_def real_of_float_inject ..
34 lemma float_of_real[simp]: "float_of (real x) = x"
35   unfolding real_of_float_def by (rule real_of_float_inverse)
37 lemma real_float[simp]: "x \<in> float \<Longrightarrow> real (float_of x) = x"
38   unfolding real_of_float_def by (rule float_of_inverse)
40 subsection {* Real operations preserving the representation as floating point number *}
42 lemma floatI: fixes m e :: int shows "m * 2 powr e = x \<Longrightarrow> x \<in> float"
43   by (auto simp: float_def)
45 lemma zero_float[simp]: "0 \<in> float" by (auto simp: float_def)
46 lemma one_float[simp]: "1 \<in> float" by (intro floatI[of 1 0]) simp
47 lemma numeral_float[simp]: "numeral i \<in> float" by (intro floatI[of "numeral i" 0]) simp
48 lemma neg_numeral_float[simp]: "- numeral i \<in> float" by (intro floatI[of "- numeral i" 0]) simp
49 lemma real_of_int_float[simp]: "real (x :: int) \<in> float" by (intro floatI[of x 0]) simp
50 lemma real_of_nat_float[simp]: "real (x :: nat) \<in> float" by (intro floatI[of x 0]) simp
51 lemma two_powr_int_float[simp]: "2 powr (real (i::int)) \<in> float" by (intro floatI[of 1 i]) simp
52 lemma two_powr_nat_float[simp]: "2 powr (real (i::nat)) \<in> float" by (intro floatI[of 1 i]) simp
53 lemma two_powr_minus_int_float[simp]: "2 powr - (real (i::int)) \<in> float" by (intro floatI[of 1 "-i"]) simp
54 lemma two_powr_minus_nat_float[simp]: "2 powr - (real (i::nat)) \<in> float" by (intro floatI[of 1 "-i"]) simp
55 lemma two_powr_numeral_float[simp]: "2 powr numeral i \<in> float" by (intro floatI[of 1 "numeral i"]) simp
56 lemma two_powr_neg_numeral_float[simp]: "2 powr - numeral i \<in> float" by (intro floatI[of 1 "- numeral i"]) simp
57 lemma two_pow_float[simp]: "2 ^ n \<in> float" by (intro floatI[of 1 "n"]) (simp add: powr_realpow)
58 lemma real_of_float_float[simp]: "real (f::float) \<in> float" by (cases f) simp
60 lemma plus_float[simp]: "r \<in> float \<Longrightarrow> p \<in> float \<Longrightarrow> r + p \<in> float"
61   unfolding float_def
62 proof (safe, simp)
63   fix e1 m1 e2 m2 :: int
64   { fix e1 m1 e2 m2 :: int assume "e1 \<le> e2"
65     then have "m1 * 2 powr e1 + m2 * 2 powr e2 = (m1 + m2 * 2 ^ nat (e2 - e1)) * 2 powr e1"
66       by (simp add: powr_realpow[symmetric] powr_divide2[symmetric] field_simps)
67     then have "\<exists>(m::int) (e::int). m1 * 2 powr e1 + m2 * 2 powr e2 = m * 2 powr e"
68       by blast }
69   note * = this
70   show "\<exists>(m::int) (e::int). m1 * 2 powr e1 + m2 * 2 powr e2 = m * 2 powr e"
71   proof (cases e1 e2 rule: linorder_le_cases)
72     assume "e2 \<le> e1" from *[OF this, of m2 m1] show ?thesis by (simp add: ac_simps)
73   qed (rule *)
74 qed
76 lemma uminus_float[simp]: "x \<in> float \<Longrightarrow> -x \<in> float"
77   apply (auto simp: float_def)
78   apply (rule_tac x="-x" in exI)
79   apply (rule_tac x="xa" in exI)
81   done
83 lemma times_float[simp]: "x \<in> float \<Longrightarrow> y \<in> float \<Longrightarrow> x * y \<in> float"
84   apply (auto simp: float_def)
85   apply (rule_tac x="x * xa" in exI)
86   apply (rule_tac x="xb + xc" in exI)
88   done
90 lemma minus_float[simp]: "x \<in> float \<Longrightarrow> y \<in> float \<Longrightarrow> x - y \<in> float"
91   using plus_float [of x "- y"] by simp
93 lemma abs_float[simp]: "x \<in> float \<Longrightarrow> abs x \<in> float"
94   by (cases x rule: linorder_cases[of 0]) auto
96 lemma sgn_of_float[simp]: "x \<in> float \<Longrightarrow> sgn x \<in> float"
97   by (cases x rule: linorder_cases[of 0]) (auto intro!: uminus_float)
99 lemma div_power_2_float[simp]: "x \<in> float \<Longrightarrow> x / 2^d \<in> float"
100   apply (auto simp add: float_def)
101   apply (rule_tac x="x" in exI)
102   apply (rule_tac x="xa - d" in exI)
104   done
106 lemma div_power_2_int_float[simp]: "x \<in> float \<Longrightarrow> x / (2::int)^d \<in> float"
107   apply (auto simp add: float_def)
108   apply (rule_tac x="x" in exI)
109   apply (rule_tac x="xa - d" in exI)
111   done
113 lemma div_numeral_Bit0_float[simp]:
114   assumes x: "x / numeral n \<in> float" shows "x / (numeral (Num.Bit0 n)) \<in> float"
115 proof -
116   have "(x / numeral n) / 2^1 \<in> float"
117     by (intro x div_power_2_float)
118   also have "(x / numeral n) / 2^1 = x / (numeral (Num.Bit0 n))"
119     by (induct n) auto
120   finally show ?thesis .
121 qed
123 lemma div_neg_numeral_Bit0_float[simp]:
124   assumes x: "x / numeral n \<in> float" shows "x / (- numeral (Num.Bit0 n)) \<in> float"
125 proof -
126   have "- (x / numeral (Num.Bit0 n)) \<in> float" using x by simp
127   also have "- (x / numeral (Num.Bit0 n)) = x / - numeral (Num.Bit0 n)"
128     by simp
129   finally show ?thesis .
130 qed
132 lift_definition Float :: "int \<Rightarrow> int \<Rightarrow> float" is "\<lambda>(m::int) (e::int). m * 2 powr e" by simp
133 declare Float.rep_eq[simp]
135 lemma compute_real_of_float[code]:
136   "real_of_float (Float m e) = (if e \<ge> 0 then m * 2 ^ nat e else m / 2 ^ (nat (-e)))"
137 by (simp add: real_of_float_def[symmetric] powr_int)
139 code_datatype Float
141 subsection {* Arithmetic operations on floating point numbers *}
143 instantiation float :: "{ring_1, linorder, linordered_ring, linordered_idom, numeral, equal}"
144 begin
146 lift_definition zero_float :: float is 0 by simp
147 declare zero_float.rep_eq[simp]
148 lift_definition one_float :: float is 1 by simp
149 declare one_float.rep_eq[simp]
150 lift_definition plus_float :: "float \<Rightarrow> float \<Rightarrow> float" is "op +" by simp
151 declare plus_float.rep_eq[simp]
152 lift_definition times_float :: "float \<Rightarrow> float \<Rightarrow> float" is "op *" by simp
153 declare times_float.rep_eq[simp]
154 lift_definition minus_float :: "float \<Rightarrow> float \<Rightarrow> float" is "op -" by simp
155 declare minus_float.rep_eq[simp]
156 lift_definition uminus_float :: "float \<Rightarrow> float" is "uminus" by simp
157 declare uminus_float.rep_eq[simp]
159 lift_definition abs_float :: "float \<Rightarrow> float" is abs by simp
160 declare abs_float.rep_eq[simp]
161 lift_definition sgn_float :: "float \<Rightarrow> float" is sgn by simp
162 declare sgn_float.rep_eq[simp]
164 lift_definition equal_float :: "float \<Rightarrow> float \<Rightarrow> bool" is "op = :: real \<Rightarrow> real \<Rightarrow> bool" ..
166 lift_definition less_eq_float :: "float \<Rightarrow> float \<Rightarrow> bool" is "op \<le>" ..
167 declare less_eq_float.rep_eq[simp]
168 lift_definition less_float :: "float \<Rightarrow> float \<Rightarrow> bool" is "op <" ..
169 declare less_float.rep_eq[simp]
171 instance
172   proof qed (transfer, fastforce simp add: field_simps intro: mult_left_mono mult_right_mono)+
173 end
175 lemma real_of_float_power[simp]: fixes f::float shows "real (f^n) = real f^n"
176   by (induct n) simp_all
178 lemma fixes x y::float
179   shows real_of_float_min: "real (min x y) = min (real x) (real y)"
180     and real_of_float_max: "real (max x y) = max (real x) (real y)"
181   by (simp_all add: min_def max_def)
183 instance float :: unbounded_dense_linorder
184 proof
185   fix a b :: float
186   show "\<exists>c. a < c"
187     apply (intro exI[of _ "a + 1"])
188     apply transfer
189     apply simp
190     done
191   show "\<exists>c. c < a"
192     apply (intro exI[of _ "a - 1"])
193     apply transfer
194     apply simp
195     done
196   assume "a < b"
197   then show "\<exists>c. a < c \<and> c < b"
198     apply (intro exI[of _ "(a + b) * Float 1 -1"])
199     apply transfer
201     done
202 qed
205 begin
207 definition inf_float::"float\<Rightarrow>float\<Rightarrow>float"
208 where "inf_float a b = min a b"
210 definition sup_float::"float\<Rightarrow>float\<Rightarrow>float"
211 where "sup_float a b = max a b"
213 instance
214   by default
215      (transfer, simp_all add: inf_float_def sup_float_def real_of_float_min real_of_float_max)+
216 end
218 lemma float_numeral[simp]: "real (numeral x :: float) = numeral x"
219   apply (induct x)
220   apply simp
221   apply (simp_all only: numeral_Bit0 numeral_Bit1 real_of_float_eq real_float
222                   plus_float.rep_eq one_float.rep_eq plus_float numeral_float one_float)
223   done
225 lemma transfer_numeral [transfer_rule]:
226   "fun_rel (op =) pcr_float (numeral :: _ \<Rightarrow> real) (numeral :: _ \<Rightarrow> float)"
227   unfolding fun_rel_def float.pcr_cr_eq  cr_float_def by simp
229 lemma float_neg_numeral[simp]: "real (- numeral x :: float) = - numeral x"
230   by simp
232 lemma transfer_neg_numeral [transfer_rule]:
233   "fun_rel (op =) pcr_float (- numeral :: _ \<Rightarrow> real) (- numeral :: _ \<Rightarrow> float)"
234   unfolding fun_rel_def float.pcr_cr_eq cr_float_def by simp
236 lemma
237   shows float_of_numeral[simp]: "numeral k = float_of (numeral k)"
238     and float_of_neg_numeral[simp]: "- numeral k = float_of (- numeral k)"
239   unfolding real_of_float_eq by simp_all
241 subsection {* Represent floats as unique mantissa and exponent *}
243 lemma int_induct_abs[case_names less]:
244   fixes j :: int
245   assumes H: "\<And>n. (\<And>i. \<bar>i\<bar> < \<bar>n\<bar> \<Longrightarrow> P i) \<Longrightarrow> P n"
246   shows "P j"
247 proof (induct "nat \<bar>j\<bar>" arbitrary: j rule: less_induct)
248   case less show ?case by (rule H[OF less]) simp
249 qed
251 lemma int_cancel_factors:
252   fixes n :: int assumes "1 < r" shows "n = 0 \<or> (\<exists>k i. n = k * r ^ i \<and> \<not> r dvd k)"
253 proof (induct n rule: int_induct_abs)
254   case (less n)
255   { fix m assume n: "n \<noteq> 0" "n = m * r"
256     then have "\<bar>m \<bar> < \<bar>n\<bar>"
257       by (metis abs_dvd_iff abs_ge_self assms comm_semiring_1_class.normalizing_semiring_rules(7)
258                 dvd_imp_le_int dvd_refl dvd_triv_right linorder_neq_iff linorder_not_le
259                 mult_eq_0_iff zdvd_mult_cancel1)
260     from less[OF this] n have "\<exists>k i. n = k * r ^ Suc i \<and> \<not> r dvd k" by auto }
261   then show ?case
262     by (metis comm_semiring_1_class.normalizing_semiring_rules(12,7) dvdE power_0)
263 qed
265 lemma mult_powr_eq_mult_powr_iff_asym:
266   fixes m1 m2 e1 e2 :: int
267   assumes m1: "\<not> 2 dvd m1" and "e1 \<le> e2"
268   shows "m1 * 2 powr e1 = m2 * 2 powr e2 \<longleftrightarrow> m1 = m2 \<and> e1 = e2"
269 proof
270   have "m1 \<noteq> 0" using m1 unfolding dvd_def by auto
271   assume eq: "m1 * 2 powr e1 = m2 * 2 powr e2"
272   with `e1 \<le> e2` have "m1 = m2 * 2 powr nat (e2 - e1)"
273     by (simp add: powr_divide2[symmetric] field_simps)
274   also have "\<dots> = m2 * 2^nat (e2 - e1)"
276   finally have m1_eq: "m1 = m2 * 2^nat (e2 - e1)"
277     unfolding real_of_int_inject .
278   with m1 have "m1 = m2"
279     by (cases "nat (e2 - e1)") (auto simp add: dvd_def)
280   then show "m1 = m2 \<and> e1 = e2"
281     using eq `m1 \<noteq> 0` by (simp add: powr_inj)
282 qed simp
284 lemma mult_powr_eq_mult_powr_iff:
285   fixes m1 m2 e1 e2 :: int
286   shows "\<not> 2 dvd m1 \<Longrightarrow> \<not> 2 dvd m2 \<Longrightarrow> m1 * 2 powr e1 = m2 * 2 powr e2 \<longleftrightarrow> m1 = m2 \<and> e1 = e2"
287   using mult_powr_eq_mult_powr_iff_asym[of m1 e1 e2 m2]
288   using mult_powr_eq_mult_powr_iff_asym[of m2 e2 e1 m1]
289   by (cases e1 e2 rule: linorder_le_cases) auto
291 lemma floatE_normed:
292   assumes x: "x \<in> float"
293   obtains (zero) "x = 0"
294    | (powr) m e :: int where "x = m * 2 powr e" "\<not> 2 dvd m" "x \<noteq> 0"
295 proof atomize_elim
296   { assume "x \<noteq> 0"
297     from x obtain m e :: int where x: "x = m * 2 powr e" by (auto simp: float_def)
298     with `x \<noteq> 0` int_cancel_factors[of 2 m] obtain k i where "m = k * 2 ^ i" "\<not> 2 dvd k"
299       by auto
300     with `\<not> 2 dvd k` x have "\<exists>(m::int) (e::int). x = m * 2 powr e \<and> \<not> (2::int) dvd m"
301       by (rule_tac exI[of _ "k"], rule_tac exI[of _ "e + int i"])
303   then show "x = 0 \<or> (\<exists>(m::int) (e::int). x = m * 2 powr e \<and> \<not> (2::int) dvd m \<and> x \<noteq> 0)"
304     by blast
305 qed
307 lemma float_normed_cases:
308   fixes f :: float
309   obtains (zero) "f = 0"
310    | (powr) m e :: int where "real f = m * 2 powr e" "\<not> 2 dvd m" "f \<noteq> 0"
311 proof (atomize_elim, induct f)
312   case (float_of y) then show ?case
313     by (cases rule: floatE_normed) (auto simp: zero_float_def)
314 qed
316 definition mantissa :: "float \<Rightarrow> int" where
317   "mantissa f = fst (SOME p::int \<times> int. (f = 0 \<and> fst p = 0 \<and> snd p = 0)
318    \<or> (f \<noteq> 0 \<and> real f = real (fst p) * 2 powr real (snd p) \<and> \<not> 2 dvd fst p))"
320 definition exponent :: "float \<Rightarrow> int" where
321   "exponent f = snd (SOME p::int \<times> int. (f = 0 \<and> fst p = 0 \<and> snd p = 0)
322    \<or> (f \<noteq> 0 \<and> real f = real (fst p) * 2 powr real (snd p) \<and> \<not> 2 dvd fst p))"
324 lemma
325   shows exponent_0[simp]: "exponent (float_of 0) = 0" (is ?E)
326     and mantissa_0[simp]: "mantissa (float_of 0) = 0" (is ?M)
327 proof -
328   have "\<And>p::int \<times> int. fst p = 0 \<and> snd p = 0 \<longleftrightarrow> p = (0, 0)" by auto
329   then show ?E ?M
330     by (auto simp add: mantissa_def exponent_def zero_float_def)
331 qed
333 lemma
334   shows mantissa_exponent: "real f = mantissa f * 2 powr exponent f" (is ?E)
335     and mantissa_not_dvd: "f \<noteq> (float_of 0) \<Longrightarrow> \<not> 2 dvd mantissa f" (is "_ \<Longrightarrow> ?D")
336 proof cases
337   assume [simp]: "f \<noteq> (float_of 0)"
338   have "f = mantissa f * 2 powr exponent f \<and> \<not> 2 dvd mantissa f"
339   proof (cases f rule: float_normed_cases)
340     case (powr m e)
341     then have "\<exists>p::int \<times> int. (f = 0 \<and> fst p = 0 \<and> snd p = 0)
342      \<or> (f \<noteq> 0 \<and> real f = real (fst p) * 2 powr real (snd p) \<and> \<not> 2 dvd fst p)"
343       by auto
344     then show ?thesis
345       unfolding exponent_def mantissa_def
346       by (rule someI2_ex) (simp add: zero_float_def)
348   then show ?E ?D by auto
349 qed simp
351 lemma mantissa_noteq_0: "f \<noteq> float_of 0 \<Longrightarrow> mantissa f \<noteq> 0"
352   using mantissa_not_dvd[of f] by auto
354 lemma
355   fixes m e :: int
356   defines "f \<equiv> float_of (m * 2 powr e)"
357   assumes dvd: "\<not> 2 dvd m"
358   shows mantissa_float: "mantissa f = m" (is "?M")
359     and exponent_float: "m \<noteq> 0 \<Longrightarrow> exponent f = e" (is "_ \<Longrightarrow> ?E")
360 proof cases
361   assume "m = 0" with dvd show "mantissa f = m" by auto
362 next
363   assume "m \<noteq> 0"
364   then have f_not_0: "f \<noteq> float_of 0" by (simp add: f_def)
365   from mantissa_exponent[of f]
366   have "m * 2 powr e = mantissa f * 2 powr exponent f"
367     by (auto simp add: f_def)
368   then show "?M" "?E"
369     using mantissa_not_dvd[OF f_not_0] dvd
370     by (auto simp: mult_powr_eq_mult_powr_iff)
371 qed
373 subsection {* Compute arithmetic operations *}
375 lemma Float_mantissa_exponent: "Float (mantissa f) (exponent f) = f"
376   unfolding real_of_float_eq mantissa_exponent[of f] by simp
378 lemma Float_cases[case_names Float, cases type: float]:
379   fixes f :: float
380   obtains (Float) m e :: int where "f = Float m e"
381   using Float_mantissa_exponent[symmetric]
382   by (atomize_elim) auto
384 lemma denormalize_shift:
385   assumes f_def: "f \<equiv> Float m e" and not_0: "f \<noteq> float_of 0"
386   obtains i where "m = mantissa f * 2 ^ i" "e = exponent f - i"
387 proof
388   from mantissa_exponent[of f] f_def
389   have "m * 2 powr e = mantissa f * 2 powr exponent f"
390     by simp
391   then have eq: "m = mantissa f * 2 powr (exponent f - e)"
392     by (simp add: powr_divide2[symmetric] field_simps)
393   moreover
394   have "e \<le> exponent f"
395   proof (rule ccontr)
396     assume "\<not> e \<le> exponent f"
397     then have pos: "exponent f < e" by simp
398     then have "2 powr (exponent f - e) = 2 powr - real (e - exponent f)"
399       by simp
400     also have "\<dots> = 1 / 2^nat (e - exponent f)"
401       using pos by (simp add: powr_realpow[symmetric] powr_divide2[symmetric])
402     finally have "m * 2^nat (e - exponent f) = real (mantissa f)"
403       using eq by simp
404     then have "mantissa f = m * 2^nat (e - exponent f)"
405       unfolding real_of_int_inject by simp
406     with `exponent f < e` have "2 dvd mantissa f"
407       apply (intro dvdI[where k="m * 2^(nat (e-exponent f)) div 2"])
408       apply (cases "nat (e - exponent f)")
409       apply auto
410       done
411     then show False using mantissa_not_dvd[OF not_0] by simp
412   qed
413   ultimately have "real m = mantissa f * 2^nat (exponent f - e)"
415   with `e \<le> exponent f`
416   show "m = mantissa f * 2 ^ nat (exponent f - e)" "e = exponent f - nat (exponent f - e)"
417     unfolding real_of_int_inject by auto
418 qed
420 lemma compute_float_zero[code_unfold, code]: "0 = Float 0 0"
421   by transfer simp
422 hide_fact (open) compute_float_zero
424 lemma compute_float_one[code_unfold, code]: "1 = Float 1 0"
425   by transfer simp
426 hide_fact (open) compute_float_one
428 definition normfloat :: "float \<Rightarrow> float" where
429   [simp]: "normfloat x = x"
431 lemma compute_normfloat[code]: "normfloat (Float m e) =
432   (if m mod 2 = 0 \<and> m \<noteq> 0 then normfloat (Float (m div 2) (e + 1))
433                            else if m = 0 then 0 else Float m e)"
434   unfolding normfloat_def
436 hide_fact (open) compute_normfloat
438 lemma compute_float_numeral[code_abbrev]: "Float (numeral k) 0 = numeral k"
439   by transfer simp
440 hide_fact (open) compute_float_numeral
442 lemma compute_float_neg_numeral[code_abbrev]: "Float (- numeral k) 0 = - numeral k"
443   by transfer simp
444 hide_fact (open) compute_float_neg_numeral
446 lemma compute_float_uminus[code]: "- Float m1 e1 = Float (- m1) e1"
447   by transfer simp
448 hide_fact (open) compute_float_uminus
450 lemma compute_float_times[code]: "Float m1 e1 * Float m2 e2 = Float (m1 * m2) (e1 + e2)"
452 hide_fact (open) compute_float_times
454 lemma compute_float_plus[code]: "Float m1 e1 + Float m2 e2 =
455   (if e1 \<le> e2 then Float (m1 + m2 * 2^nat (e2 - e1)) e1
456               else Float (m2 + m1 * 2^nat (e1 - e2)) e2)"
457   by transfer (simp add: field_simps powr_realpow[symmetric] powr_divide2[symmetric])
458 hide_fact (open) compute_float_plus
460 lemma compute_float_minus[code]: fixes f g::float shows "f - g = f + (-g)"
461   by simp
462 hide_fact (open) compute_float_minus
464 lemma compute_float_sgn[code]: "sgn (Float m1 e1) = (if 0 < m1 then 1 else if m1 < 0 then -1 else 0)"
465   by transfer (simp add: sgn_times)
466 hide_fact (open) compute_float_sgn
468 lift_definition is_float_pos :: "float \<Rightarrow> bool" is "op < 0 :: real \<Rightarrow> bool" ..
470 lemma compute_is_float_pos[code]: "is_float_pos (Float m e) \<longleftrightarrow> 0 < m"
471   by transfer (auto simp add: zero_less_mult_iff not_le[symmetric, of _ 0])
472 hide_fact (open) compute_is_float_pos
474 lemma compute_float_less[code]: "a < b \<longleftrightarrow> is_float_pos (b - a)"
475   by transfer (simp add: field_simps)
476 hide_fact (open) compute_float_less
478 lift_definition is_float_nonneg :: "float \<Rightarrow> bool" is "op \<le> 0 :: real \<Rightarrow> bool" ..
480 lemma compute_is_float_nonneg[code]: "is_float_nonneg (Float m e) \<longleftrightarrow> 0 \<le> m"
481   by transfer (auto simp add: zero_le_mult_iff not_less[symmetric, of _ 0])
482 hide_fact (open) compute_is_float_nonneg
484 lemma compute_float_le[code]: "a \<le> b \<longleftrightarrow> is_float_nonneg (b - a)"
485   by transfer (simp add: field_simps)
486 hide_fact (open) compute_float_le
488 lift_definition is_float_zero :: "float \<Rightarrow> bool"  is "op = 0 :: real \<Rightarrow> bool" by simp
490 lemma compute_is_float_zero[code]: "is_float_zero (Float m e) \<longleftrightarrow> 0 = m"
491   by transfer (auto simp add: is_float_zero_def)
492 hide_fact (open) compute_is_float_zero
494 lemma compute_float_abs[code]: "abs (Float m e) = Float (abs m) e"
495   by transfer (simp add: abs_mult)
496 hide_fact (open) compute_float_abs
498 lemma compute_float_eq[code]: "equal_class.equal f g = is_float_zero (f - g)"
499   by transfer simp
500 hide_fact (open) compute_float_eq
502 subsection {* Rounding Real numbers *}
504 definition round_down :: "int \<Rightarrow> real \<Rightarrow> real" where
505   "round_down prec x = floor (x * 2 powr prec) * 2 powr -prec"
507 definition round_up :: "int \<Rightarrow> real \<Rightarrow> real" where
508   "round_up prec x = ceiling (x * 2 powr prec) * 2 powr -prec"
510 lemma round_down_float[simp]: "round_down prec x \<in> float"
511   unfolding round_down_def
512   by (auto intro!: times_float simp: real_of_int_minus[symmetric] simp del: real_of_int_minus)
514 lemma round_up_float[simp]: "round_up prec x \<in> float"
515   unfolding round_up_def
516   by (auto intro!: times_float simp: real_of_int_minus[symmetric] simp del: real_of_int_minus)
518 lemma round_up: "x \<le> round_up prec x"
519   by (simp add: powr_minus_divide le_divide_eq round_up_def)
521 lemma round_down: "round_down prec x \<le> x"
522   by (simp add: powr_minus_divide divide_le_eq round_down_def)
524 lemma round_up_0[simp]: "round_up p 0 = 0"
525   unfolding round_up_def by simp
527 lemma round_down_0[simp]: "round_down p 0 = 0"
528   unfolding round_down_def by simp
530 lemma round_up_diff_round_down:
531   "round_up prec x - round_down prec x \<le> 2 powr -prec"
532 proof -
533   have "round_up prec x - round_down prec x =
534     (ceiling (x * 2 powr prec) - floor (x * 2 powr prec)) * 2 powr -prec"
535     by (simp add: round_up_def round_down_def field_simps)
536   also have "\<dots> \<le> 1 * 2 powr -prec"
537     by (rule mult_mono)
538        (auto simp del: real_of_int_diff
539              simp: real_of_int_diff[symmetric] real_of_int_le_one_cancel_iff ceiling_diff_floor_le_1)
540   finally show ?thesis by simp
541 qed
543 lemma round_down_shift: "round_down p (x * 2 powr k) = 2 powr k * round_down (p + k) x"
544   unfolding round_down_def
548 lemma round_up_shift: "round_up p (x * 2 powr k) = 2 powr k * round_up (p + k) x"
549   unfolding round_up_def
553 subsection {* Rounding Floats *}
555 lift_definition float_up :: "int \<Rightarrow> float \<Rightarrow> float" is round_up by simp
556 declare float_up.rep_eq[simp]
558 lemma round_up_correct:
559   shows "round_up e f - f \<in> {0..2 powr -e}"
560 unfolding atLeastAtMost_iff
561 proof
562   have "round_up e f - f \<le> round_up e f - round_down e f" using round_down by simp
563   also have "\<dots> \<le> 2 powr -e" using round_up_diff_round_down by simp
564   finally show "round_up e f - f \<le> 2 powr real (- e)"
565     by simp
566 qed (simp add: algebra_simps round_up)
568 lemma float_up_correct:
569   shows "real (float_up e f) - real f \<in> {0..2 powr -e}"
570   by transfer (rule round_up_correct)
572 lift_definition float_down :: "int \<Rightarrow> float \<Rightarrow> float" is round_down by simp
573 declare float_down.rep_eq[simp]
575 lemma round_down_correct:
576   shows "f - (round_down e f) \<in> {0..2 powr -e}"
577 unfolding atLeastAtMost_iff
578 proof
579   have "f - round_down e f \<le> round_up e f - round_down e f" using round_up by simp
580   also have "\<dots> \<le> 2 powr -e" using round_up_diff_round_down by simp
581   finally show "f - round_down e f \<le> 2 powr real (- e)"
582     by simp
583 qed (simp add: algebra_simps round_down)
585 lemma float_down_correct:
586   shows "real f - real (float_down e f) \<in> {0..2 powr -e}"
587   by transfer (rule round_down_correct)
589 lemma compute_float_down[code]:
590   "float_down p (Float m e) =
591     (if p + e < 0 then Float (m div 2^nat (-(p + e))) (-p) else Float m e)"
592 proof cases
593   assume "p + e < 0"
594   hence "real ((2::int) ^ nat (-(p + e))) = 2 powr (-(p + e))"
595     using powr_realpow[of 2 "nat (-(p + e))"] by simp
596   also have "... = 1 / 2 powr p / 2 powr e"
598   finally show ?thesis
599     using `p + e < 0`
600     by transfer (simp add: ac_simps round_down_def floor_divide_eq_div[symmetric])
601 next
602   assume "\<not> p + e < 0"
603   then have r: "real e + real p = real (nat (e + p))" by simp
604   have r: "\<lfloor>(m * 2 powr e) * 2 powr real p\<rfloor> = (m * 2 powr e) * 2 powr real p"
605     by (auto intro: exI[where x="m*2^nat (e+p)"]
607   with `\<not> p + e < 0` show ?thesis
608     by transfer
610 qed
611 hide_fact (open) compute_float_down
613 lemma abs_round_down_le: "\<bar>f - (round_down e f)\<bar> \<le> 2 powr -e"
614   using round_down_correct[of f e] by simp
616 lemma abs_round_up_le: "\<bar>f - (round_up e f)\<bar> \<le> 2 powr -e"
617   using round_up_correct[of e f] by simp
619 lemma round_down_nonneg: "0 \<le> s \<Longrightarrow> 0 \<le> round_down p s"
620   by (auto simp: round_down_def intro!: mult_nonneg_nonneg)
622 lemma ceil_divide_floor_conv:
623 assumes "b \<noteq> 0"
624 shows "\<lceil>real a / real b\<rceil> = (if b dvd a then a div b else \<lfloor>real a / real b\<rfloor> + 1)"
625 proof cases
626   assume "\<not> b dvd a"
627   hence "a mod b \<noteq> 0" by auto
628   hence ne: "real (a mod b) / real b \<noteq> 0" using `b \<noteq> 0` by auto
629   have "\<lceil>real a / real b\<rceil> = \<lfloor>real a / real b\<rfloor> + 1"
630   apply (rule ceiling_eq) apply (auto simp: floor_divide_eq_div[symmetric])
631   proof -
632     have "real \<lfloor>real a / real b\<rfloor> \<le> real a / real b" by simp
633     moreover have "real \<lfloor>real a / real b\<rfloor> \<noteq> real a / real b"
634     apply (subst (2) real_of_int_div_aux) unfolding floor_divide_eq_div using ne `b \<noteq> 0` by auto
635     ultimately show "real \<lfloor>real a / real b\<rfloor> < real a / real b" by arith
636   qed
637   thus ?thesis using `\<not> b dvd a` by simp
638 qed (simp add: ceiling_def real_of_int_minus[symmetric] divide_minus_left[symmetric]
639   floor_divide_eq_div dvd_neg_div del: divide_minus_left real_of_int_minus)
641 lemma compute_float_up[code]:
642   "float_up p (Float m e) =
643     (let P = 2^nat (-(p + e)); r = m mod P in
644       if p + e < 0 then Float (m div P + (if r = 0 then 0 else 1)) (-p) else Float m e)"
645 proof cases
646   assume "p + e < 0"
647   hence "real ((2::int) ^ nat (-(p + e))) = 2 powr (-(p + e))"
648     using powr_realpow[of 2 "nat (-(p + e))"] by simp
649   also have "... = 1 / 2 powr p / 2 powr e"
651   finally have twopow_rewrite:
652     "real ((2::int) ^ nat (- (p + e))) = 1 / 2 powr real p / 2 powr real e" .
653   with `p + e < 0` have powr_rewrite:
654     "2 powr real e * 2 powr real p = 1 / real ((2::int) ^ nat (- (p + e)))"
655     unfolding powr_divide2 by simp
656   show ?thesis
657   proof cases
658     assume "2^nat (-(p + e)) dvd m"
659     with `p + e < 0` twopow_rewrite show ?thesis
660       by transfer (auto simp: ac_simps round_up_def floor_divide_eq_div dvd_eq_mod_eq_0)
661   next
662     assume ndvd: "\<not> 2 ^ nat (- (p + e)) dvd m"
663     have one_div: "real m * (1 / real ((2::int) ^ nat (- (p + e)))) =
664       real m / real ((2::int) ^ nat (- (p + e)))"
666     have "real \<lceil>real m * (2 powr real e * 2 powr real p)\<rceil> =
667       real \<lfloor>real m * (2 powr real e * 2 powr real p)\<rfloor> + 1"
668       using ndvd unfolding powr_rewrite one_div
669       by (subst ceil_divide_floor_conv) (auto simp: field_simps)
670     thus ?thesis using `p + e < 0` twopow_rewrite
671       by transfer (auto simp: ac_simps round_up_def floor_divide_eq_div[symmetric])
672   qed
673 next
674   assume "\<not> p + e < 0"
675   then have r1: "real e + real p = real (nat (e + p))" by simp
676   have r: "\<lceil>(m * 2 powr e) * 2 powr real p\<rceil> = (m * 2 powr e) * 2 powr real p"
678       intro: exI[where x="m*2^nat (e+p)"])
679   then show ?thesis using `\<not> p + e < 0`
680     by transfer
682 qed
683 hide_fact (open) compute_float_up
685 lemmas real_of_ints =
686   real_of_int_zero
687   real_of_one
689   real_of_int_minus
690   real_of_int_diff
691   real_of_int_mult
692   real_of_int_power
693   real_numeral
694 lemmas real_of_nats =
695   real_of_nat_zero
696   real_of_nat_one
697   real_of_nat_1
699   real_of_nat_mult
700   real_of_nat_power
702 lemmas int_of_reals = real_of_ints[symmetric]
703 lemmas nat_of_reals = real_of_nats[symmetric]
705 lemma two_real_int: "(2::real) = real (2::int)" by simp
706 lemma two_real_nat: "(2::real) = real (2::nat)" by simp
708 lemma mult_cong: "a = c ==> b = d ==> a*b = c*d" by simp
710 subsection {* Compute bitlen of integers *}
712 definition bitlen :: "int \<Rightarrow> int" where
713   "bitlen a = (if a > 0 then \<lfloor>log 2 a\<rfloor> + 1 else 0)"
715 lemma bitlen_nonneg: "0 \<le> bitlen x"
716 proof -
717   {
718     assume "0 > x"
719     have "-1 = log 2 (inverse 2)" by (subst log_inverse) simp_all
720     also have "... < log 2 (-x)" using `0 > x` by auto
721     finally have "-1 < log 2 (-x)" .
722   } thus "0 \<le> bitlen x" unfolding bitlen_def by (auto intro!: add_nonneg_nonneg)
723 qed
725 lemma bitlen_bounds:
726   assumes "x > 0"
727   shows "2 ^ nat (bitlen x - 1) \<le> x \<and> x < 2 ^ nat (bitlen x)"
728 proof
729   have "(2::real) ^ nat \<lfloor>log 2 (real x)\<rfloor> = 2 powr real (floor (log 2 (real x)))"
730     using powr_realpow[symmetric, of 2 "nat \<lfloor>log 2 (real x)\<rfloor>"] `x > 0`
731     using real_nat_eq_real[of "floor (log 2 (real x))"]
732     by simp
733   also have "... \<le> 2 powr log 2 (real x)"
734     by simp
735   also have "... = real x"
736     using `0 < x` by simp
737   finally have "2 ^ nat \<lfloor>log 2 (real x)\<rfloor> \<le> real x" by simp
738   thus "2 ^ nat (bitlen x - 1) \<le> x" using `x > 0`
740 next
741   have "x \<le> 2 powr (log 2 x)" using `x > 0` by simp
742   also have "... < 2 ^ nat (\<lfloor>log 2 (real x)\<rfloor> + 1)"
744     using `x > 0` by simp
745   finally show "x < 2 ^ nat (bitlen x)" using `x > 0`
746     by (simp add: bitlen_def ac_simps int_of_reals del: real_of_ints)
747 qed
749 lemma bitlen_pow2[simp]:
750   assumes "b > 0"
751   shows "bitlen (b * 2 ^ c) = bitlen b + c"
752 proof -
753   from assms have "b * 2 ^ c > 0" by (auto intro: mult_pos_pos)
754   thus ?thesis
755     using floor_add[of "log 2 b" c] assms
756     by (auto simp add: log_mult log_nat_power bitlen_def)
757 qed
759 lemma bitlen_Float:
760   fixes m e
761   defines "f \<equiv> Float m e"
762   shows "bitlen (\<bar>mantissa f\<bar>) + exponent f = (if m = 0 then 0 else bitlen \<bar>m\<bar> + e)"
763 proof (cases "m = 0")
764   case True
765   then show ?thesis by (simp add: f_def bitlen_def Float_def)
766 next
767   case False
768   hence "f \<noteq> float_of 0"
769     unfolding real_of_float_eq by (simp add: f_def)
770   hence "mantissa f \<noteq> 0"
772   moreover
773   obtain i where "m = mantissa f * 2 ^ i" "e = exponent f - int i"
774     by (rule f_def[THEN denormalize_shift, OF `f \<noteq> float_of 0`])
775   ultimately show ?thesis by (simp add: abs_mult)
776 qed
778 lemma compute_bitlen[code]:
779   shows "bitlen x = (if x > 0 then bitlen (x div 2) + 1 else 0)"
780 proof -
781   { assume "2 \<le> x"
782     then have "\<lfloor>log 2 (x div 2)\<rfloor> + 1 = \<lfloor>log 2 (x - x mod 2)\<rfloor>"
783       by (simp add: log_mult zmod_zdiv_equality')
784     also have "\<dots> = \<lfloor>log 2 (real x)\<rfloor>"
785     proof cases
786       assume "x mod 2 = 0" then show ?thesis by simp
787     next
788       def n \<equiv> "\<lfloor>log 2 (real x)\<rfloor>"
789       then have "0 \<le> n"
790         using `2 \<le> x` by simp
791       assume "x mod 2 \<noteq> 0"
792       with `2 \<le> x` have "x mod 2 = 1" "\<not> 2 dvd x" by (auto simp add: dvd_eq_mod_eq_0)
793       with `2 \<le> x` have "x \<noteq> 2^nat n" by (cases "nat n") auto
794       moreover
795       { have "real (2^nat n :: int) = 2 powr (nat n)"
797         also have "\<dots> \<le> 2 powr (log 2 x)"
798           using `2 \<le> x` by (simp add: n_def del: powr_log_cancel)
799         finally have "2^nat n \<le> x" using `2 \<le> x` by simp }
800       ultimately have "2^nat n \<le> x - 1" by simp
801       then have "2^nat n \<le> real (x - 1)"
802         unfolding real_of_int_le_iff[symmetric] by simp
803       { have "n = \<lfloor>log 2 (2^nat n)\<rfloor>"
804           using `0 \<le> n` by (simp add: log_nat_power)
805         also have "\<dots> \<le> \<lfloor>log 2 (x - 1)\<rfloor>"
806           using `2^nat n \<le> real (x - 1)` `0 \<le> n` `2 \<le> x` by (auto intro: floor_mono)
807         finally have "n \<le> \<lfloor>log 2 (x - 1)\<rfloor>" . }
808       moreover have "\<lfloor>log 2 (x - 1)\<rfloor> \<le> n"
809         using `2 \<le> x` by (auto simp add: n_def intro!: floor_mono)
810       ultimately show "\<lfloor>log 2 (x - x mod 2)\<rfloor> = \<lfloor>log 2 x\<rfloor>"
811         unfolding n_def `x mod 2 = 1` by auto
812     qed
813     finally have "\<lfloor>log 2 (x div 2)\<rfloor> + 1 = \<lfloor>log 2 x\<rfloor>" . }
814   moreover
815   { assume "x < 2" "0 < x"
816     then have "x = 1" by simp
817     then have "\<lfloor>log 2 (real x)\<rfloor> = 0" by simp }
818   ultimately show ?thesis
819     unfolding bitlen_def
820     by (auto simp: pos_imp_zdiv_pos_iff not_le)
821 qed
822 hide_fact (open) compute_bitlen
824 lemma float_gt1_scale: assumes "1 \<le> Float m e"
825   shows "0 \<le> e + (bitlen m - 1)"
826 proof -
827   have "0 < Float m e" using assms by auto
828   hence "0 < m" using powr_gt_zero[of 2 e]
829     by (auto simp: zero_less_mult_iff)
830   hence "m \<noteq> 0" by auto
831   show ?thesis
832   proof (cases "0 \<le> e")
833     case True thus ?thesis using `0 < m`  by (simp add: bitlen_def)
834   next
835     have "(1::int) < 2" by simp
836     case False let ?S = "2^(nat (-e))"
837     have "inverse (2 ^ nat (- e)) = 2 powr e" using assms False powr_realpow[of 2 "nat (-e)"]
838       by (auto simp: powr_minus field_simps inverse_eq_divide)
839     hence "1 \<le> real m * inverse ?S" using assms False powr_realpow[of 2 "nat (-e)"]
840       by (auto simp: powr_minus)
841     hence "1 * ?S \<le> real m * inverse ?S * ?S" by (rule mult_right_mono, auto)
842     hence "?S \<le> real m" unfolding mult_assoc by auto
843     hence "?S \<le> m" unfolding real_of_int_le_iff[symmetric] by auto
844     from this bitlen_bounds[OF `0 < m`, THEN conjunct2]
845     have "nat (-e) < (nat (bitlen m))" unfolding power_strict_increasing_iff[OF `1 < 2`, symmetric] by (rule order_le_less_trans)
846     hence "-e < bitlen m" using False by auto
847     thus ?thesis by auto
848   qed
849 qed
851 lemma bitlen_div: assumes "0 < m" shows "1 \<le> real m / 2^nat (bitlen m - 1)" and "real m / 2^nat (bitlen m - 1) < 2"
852 proof -
853   let ?B = "2^nat(bitlen m - 1)"
855   have "?B \<le> m" using bitlen_bounds[OF `0 <m`] ..
856   hence "1 * ?B \<le> real m" unfolding real_of_int_le_iff[symmetric] by auto
857   thus "1 \<le> real m / ?B" by auto
859   have "m \<noteq> 0" using assms by auto
860   have "0 \<le> bitlen m - 1" using `0 < m` by (auto simp: bitlen_def)
862   have "m < 2^nat(bitlen m)" using bitlen_bounds[OF `0 <m`] ..
863   also have "\<dots> = 2^nat(bitlen m - 1 + 1)" using `0 < m` by (auto simp: bitlen_def)
864   also have "\<dots> = ?B * 2" unfolding nat_add_distrib[OF `0 \<le> bitlen m - 1` zero_le_one] by auto
865   finally have "real m < 2 * ?B" unfolding real_of_int_less_iff[symmetric] by auto
866   hence "real m / ?B < 2 * ?B / ?B" by (rule divide_strict_right_mono, auto)
867   thus "real m / ?B < 2" by auto
868 qed
870 subsection {* Approximation of positive rationals *}
872 lemma zdiv_zmult_twopow_eq: fixes a b::int shows "a div b div (2 ^ n) = a div (b * 2 ^ n)"
875 lemma div_mult_twopow_eq: fixes a b::nat shows "a div ((2::nat) ^ n) div b = a div (b * 2 ^ n)"
876   by (cases "b=0") (simp_all add: div_mult2_eq[symmetric] ac_simps)
878 lemma real_div_nat_eq_floor_of_divide:
879   fixes a b::nat
880   shows "a div b = real (floor (a/b))"
881 by (metis floor_divide_eq_div real_of_int_of_nat_eq zdiv_int)
883 definition "rat_precision prec x y = int prec - (bitlen x - bitlen y)"
885 lift_definition lapprox_posrat :: "nat \<Rightarrow> nat \<Rightarrow> nat \<Rightarrow> float"
886   is "\<lambda>prec (x::nat) (y::nat). round_down (rat_precision prec x y) (x / y)" by simp
888 lemma compute_lapprox_posrat[code]:
889   fixes prec x y
890   shows "lapprox_posrat prec x y =
891    (let
892        l = rat_precision prec x y;
893        d = if 0 \<le> l then x * 2^nat l div y else x div 2^nat (- l) div y
894     in normfloat (Float d (- l)))"
895     unfolding div_mult_twopow_eq normfloat_def
896     by transfer
897        (simp add: round_down_def powr_int real_div_nat_eq_floor_of_divide field_simps Let_def
898              del: two_powr_minus_int_float)
899 hide_fact (open) compute_lapprox_posrat
901 lift_definition rapprox_posrat :: "nat \<Rightarrow> nat \<Rightarrow> nat \<Rightarrow> float"
902   is "\<lambda>prec (x::nat) (y::nat). round_up (rat_precision prec x y) (x / y)" by simp
904 (* TODO: optimize using zmod_zmult2_eq, pdivmod ? *)
905 lemma compute_rapprox_posrat[code]:
906   fixes prec x y
907   defines "l \<equiv> rat_precision prec x y"
908   shows "rapprox_posrat prec x y = (let
909      l = l ;
910      X = if 0 \<le> l then (x * 2^nat l, y) else (x, y * 2^nat(-l)) ;
911      d = fst X div snd X ;
912      m = fst X mod snd X
913    in normfloat (Float (d + (if m = 0 \<or> y = 0 then 0 else 1)) (- l)))"
914 proof (cases "y = 0")
915   assume "y = 0" thus ?thesis unfolding normfloat_def by transfer simp
916 next
917   assume "y \<noteq> 0"
918   show ?thesis
919   proof (cases "0 \<le> l")
920     assume "0 \<le> l"
921     def x' == "x * 2 ^ nat l"
922     have "int x * 2 ^ nat l = x'" by (simp add: x'_def int_mult int_power)
923     moreover have "real x * 2 powr real l = real x'"
924       by (simp add: powr_realpow[symmetric] `0 \<le> l` x'_def)
925     ultimately show ?thesis
926       unfolding normfloat_def
927       using ceil_divide_floor_conv[of y x'] powr_realpow[of 2 "nat l"] `0 \<le> l` `y \<noteq> 0`
928         l_def[symmetric, THEN meta_eq_to_obj_eq]
929       by transfer
930          (simp add: floor_divide_eq_div[symmetric] dvd_eq_mod_eq_0 round_up_def)
931    next
932     assume "\<not> 0 \<le> l"
933     def y' == "y * 2 ^ nat (- l)"
934     from `y \<noteq> 0` have "y' \<noteq> 0" by (simp add: y'_def)
935     have "int y * 2 ^ nat (- l) = y'" by (simp add: y'_def int_mult int_power)
936     moreover have "real x * real (2::int) powr real l / real y = x / real y'"
937       using `\<not> 0 \<le> l`
938       by (simp add: powr_realpow[symmetric] powr_minus y'_def field_simps inverse_eq_divide)
939     ultimately show ?thesis
940       unfolding normfloat_def
941       using ceil_divide_floor_conv[of y' x] `\<not> 0 \<le> l` `y' \<noteq> 0` `y \<noteq> 0`
942         l_def[symmetric, THEN meta_eq_to_obj_eq]
943       by transfer
944          (simp add: round_up_def ceil_divide_floor_conv floor_divide_eq_div[symmetric] dvd_eq_mod_eq_0)
945   qed
946 qed
947 hide_fact (open) compute_rapprox_posrat
949 lemma rat_precision_pos:
950   assumes "0 \<le> x" and "0 < y" and "2 * x < y" and "0 < n"
951   shows "rat_precision n (int x) (int y) > 0"
952 proof -
953   { assume "0 < x" hence "log 2 x + 1 = log 2 (2 * x)" by (simp add: log_mult) }
954   hence "bitlen (int x) < bitlen (int y)" using assms
957   thus ?thesis
959 qed
961 lemma power_aux: assumes "x > 0" shows "(2::int) ^ nat (x - 1) \<le> 2 ^ nat x - 1"
962 proof -
963   def y \<equiv> "nat (x - 1)" moreover
964   have "(2::int) ^ y \<le> (2 ^ (y + 1)) - 1" by simp
965   ultimately show ?thesis using assms by simp
966 qed
968 lemma rapprox_posrat_less1:
969   assumes "0 \<le> x" and "0 < y" and "2 * x < y" and "0 < n"
970   shows "real (rapprox_posrat n x y) < 1"
971 proof -
972   have powr1: "2 powr real (rat_precision n (int x) (int y)) =
973     2 ^ nat (rat_precision n (int x) (int y))" using rat_precision_pos[of x y n] assms
975   have "x * 2 powr real (rat_precision n (int x) (int y)) / y = (x / y) *
976      2 powr real (rat_precision n (int x) (int y))" by simp
977   also have "... < (1 / 2) * 2 powr real (rat_precision n (int x) (int y))"
978     apply (rule mult_strict_right_mono) by (insert assms) auto
979   also have "\<dots> = 2 powr real (rat_precision n (int x) (int y) - 1)"
981   also have "\<dots> = 2 ^ nat (rat_precision n (int x) (int y) - 1)"
982     using rat_precision_pos[of x y n] assms by (simp add: powr_realpow[symmetric])
983   also have "\<dots> \<le> 2 ^ nat (rat_precision n (int x) (int y)) - 1"
984     unfolding int_of_reals real_of_int_le_iff
985     using rat_precision_pos[OF assms] by (rule power_aux)
986   finally show ?thesis
987     apply (transfer fixing: n x y)
988     apply (simp add: round_up_def field_simps powr_minus inverse_eq_divide powr1)
989     unfolding int_of_reals real_of_int_less_iff
991     done
992 qed
994 lift_definition lapprox_rat :: "nat \<Rightarrow> int \<Rightarrow> int \<Rightarrow> float" is
995   "\<lambda>prec (x::int) (y::int). round_down (rat_precision prec \<bar>x\<bar> \<bar>y\<bar>) (x / y)" by simp
997 lemma compute_lapprox_rat[code]:
998   "lapprox_rat prec x y =
999     (if y = 0 then 0
1000     else if 0 \<le> x then
1001       (if 0 < y then lapprox_posrat prec (nat x) (nat y)
1002       else - (rapprox_posrat prec (nat x) (nat (-y))))
1003       else (if 0 < y
1004         then - (rapprox_posrat prec (nat (-x)) (nat y))
1005         else lapprox_posrat prec (nat (-x)) (nat (-y))))"
1006   by transfer (auto simp: round_up_def round_down_def ceiling_def ac_simps)
1007 hide_fact (open) compute_lapprox_rat
1009 lift_definition rapprox_rat :: "nat \<Rightarrow> int \<Rightarrow> int \<Rightarrow> float" is
1010   "\<lambda>prec (x::int) (y::int). round_up (rat_precision prec \<bar>x\<bar> \<bar>y\<bar>) (x / y)" by simp
1012 lemma compute_rapprox_rat[code]:
1013   "rapprox_rat prec x y =
1014     (if y = 0 then 0
1015     else if 0 \<le> x then
1016       (if 0 < y then rapprox_posrat prec (nat x) (nat y)
1017       else - (lapprox_posrat prec (nat x) (nat (-y))))
1018       else (if 0 < y
1019         then - (lapprox_posrat prec (nat (-x)) (nat y))
1020         else rapprox_posrat prec (nat (-x)) (nat (-y))))"
1021   by transfer (auto simp: round_up_def round_down_def ceiling_def ac_simps)
1022 hide_fact (open) compute_rapprox_rat
1024 subsection {* Division *}
1026 definition "real_divl prec a b = round_down (int prec + \<lfloor> log 2 \<bar>b\<bar> \<rfloor> - \<lfloor> log 2 \<bar>a\<bar> \<rfloor>) (a / b)"
1028 definition "real_divr prec a b = round_up (int prec + \<lfloor> log 2 \<bar>b\<bar> \<rfloor> - \<lfloor> log 2 \<bar>a\<bar> \<rfloor>) (a / b)"
1030 lift_definition float_divl :: "nat \<Rightarrow> float \<Rightarrow> float \<Rightarrow> float" is real_divl
1033 lemma compute_float_divl[code]:
1034   "float_divl prec (Float m1 s1) (Float m2 s2) = lapprox_rat prec m1 m2 * Float 1 (s1 - s2)"
1035 proof cases
1036   let ?f1 = "real m1 * 2 powr real s1" and ?f2 = "real m2 * 2 powr real s2"
1037   let ?m = "real m1 / real m2" and ?s = "2 powr real (s1 - s2)"
1038   assume not_0: "m1 \<noteq> 0 \<and> m2 \<noteq> 0"
1039   then have eq2: "(int prec + \<lfloor>log 2 \<bar>?f2\<bar>\<rfloor> - \<lfloor>log 2 \<bar>?f1\<bar>\<rfloor>) = rat_precision prec \<bar>m1\<bar> \<bar>m2\<bar> + (s2 - s1)"
1040     by (simp add: abs_mult log_mult rat_precision_def bitlen_def)
1041   have eq1: "real m1 * 2 powr real s1 / (real m2 * 2 powr real s2) = ?m * ?s"
1042     by (simp add: field_simps powr_divide2[symmetric])
1044   show ?thesis
1045     using not_0
1046     by (transfer fixing: m1 s1 m2 s2 prec) (unfold eq1 eq2 round_down_shift real_divl_def,
1048 qed (transfer, auto simp: real_divl_def)
1049 hide_fact (open) compute_float_divl
1051 lift_definition float_divr :: "nat \<Rightarrow> float \<Rightarrow> float \<Rightarrow> float" is real_divr
1054 lemma compute_float_divr[code]:
1055   "float_divr prec (Float m1 s1) (Float m2 s2) = rapprox_rat prec m1 m2 * Float 1 (s1 - s2)"
1056 proof cases
1057   let ?f1 = "real m1 * 2 powr real s1" and ?f2 = "real m2 * 2 powr real s2"
1058   let ?m = "real m1 / real m2" and ?s = "2 powr real (s1 - s2)"
1059   assume not_0: "m1 \<noteq> 0 \<and> m2 \<noteq> 0"
1060   then have eq2: "(int prec + \<lfloor>log 2 \<bar>?f2\<bar>\<rfloor> - \<lfloor>log 2 \<bar>?f1\<bar>\<rfloor>) = rat_precision prec \<bar>m1\<bar> \<bar>m2\<bar> + (s2 - s1)"
1061     by (simp add: abs_mult log_mult rat_precision_def bitlen_def)
1062   have eq1: "real m1 * 2 powr real s1 / (real m2 * 2 powr real s2) = ?m * ?s"
1063     by (simp add: field_simps powr_divide2[symmetric])
1065   show ?thesis
1066     using not_0
1067     by (transfer fixing: m1 s1 m2 s2 prec) (unfold eq1 eq2 round_up_shift real_divr_def,
1069 qed (transfer, auto simp: real_divr_def)
1070 hide_fact (open) compute_float_divr
1072 subsection {* Lemmas needed by Approximate *}
1074 lemma Float_num[simp]: shows
1075    "real (Float 1 0) = 1" and "real (Float 1 1) = 2" and "real (Float 1 2) = 4" and
1076    "real (Float 1 -1) = 1/2" and "real (Float 1 -2) = 1/4" and "real (Float 1 -3) = 1/8" and
1077    "real (Float -1 0) = -1" and "real (Float (number_of n) 0) = number_of n"
1078 using two_powr_int_float[of 2] two_powr_int_float[of "-1"] two_powr_int_float[of "-2"] two_powr_int_float[of "-3"]
1079 using powr_realpow[of 2 2] powr_realpow[of 2 3]
1080 using powr_minus[of 2 1] powr_minus[of 2 2] powr_minus[of 2 3]
1081 by auto
1083 lemma real_of_Float_int[simp]: "real (Float n 0) = real n" by simp
1085 lemma float_zero[simp]: "real (Float 0 e) = 0" by simp
1087 lemma abs_div_2_less: "a \<noteq> 0 \<Longrightarrow> a \<noteq> -1 \<Longrightarrow> abs((a::int) div 2) < abs a"
1088 by arith
1090 lemma lapprox_rat:
1091   shows "real (lapprox_rat prec x y) \<le> real x / real y"
1092   using round_down by (simp add: lapprox_rat_def)
1094 lemma mult_div_le: fixes a b:: int assumes "b > 0" shows "a \<ge> b * (a div b)"
1095 proof -
1096   from zmod_zdiv_equality'[of a b]
1097   have "a = b * (a div b) + a mod b" by simp
1098   also have "... \<ge> b * (a div b) + 0" apply (rule add_left_mono) apply (rule pos_mod_sign)
1099   using assms by simp
1100   finally show ?thesis by simp
1101 qed
1103 lemma lapprox_rat_nonneg:
1104   fixes n x y
1105   defines "p == int n - ((bitlen \<bar>x\<bar>) - (bitlen \<bar>y\<bar>))"
1106   assumes "0 \<le> x" "0 < y"
1107   shows "0 \<le> real (lapprox_rat n x y)"
1108 using assms unfolding lapprox_rat_def p_def[symmetric] round_down_def real_of_int_minus[symmetric]
1109    powr_int[of 2, simplified]
1110   by (auto simp add: inverse_eq_divide intro!: mult_nonneg_nonneg divide_nonneg_pos mult_pos_pos)
1112 lemma rapprox_rat: "real x / real y \<le> real (rapprox_rat prec x y)"
1113   using round_up by (simp add: rapprox_rat_def)
1115 lemma rapprox_rat_le1:
1116   fixes n x y
1117   assumes xy: "0 \<le> x" "0 < y" "x \<le> y"
1118   shows "real (rapprox_rat n x y) \<le> 1"
1119 proof -
1120   have "bitlen \<bar>x\<bar> \<le> bitlen \<bar>y\<bar>"
1121     using xy unfolding bitlen_def by (auto intro!: floor_mono)
1122   then have "0 \<le> rat_precision n \<bar>x\<bar> \<bar>y\<bar>" by (simp add: rat_precision_def)
1123   have "real \<lceil>real x / real y * 2 powr real (rat_precision n \<bar>x\<bar> \<bar>y\<bar>)\<rceil>
1124       \<le> real \<lceil>2 powr real (rat_precision n \<bar>x\<bar> \<bar>y\<bar>)\<rceil>"
1125     using xy by (auto intro!: ceiling_mono simp: field_simps)
1126   also have "\<dots> = 2 powr real (rat_precision n \<bar>x\<bar> \<bar>y\<bar>)"
1127     using `0 \<le> rat_precision n \<bar>x\<bar> \<bar>y\<bar>`
1128     by (auto intro!: exI[of _ "2^nat (rat_precision n \<bar>x\<bar> \<bar>y\<bar>)"] simp: powr_int)
1129   finally show ?thesis
1130     by (simp add: rapprox_rat_def round_up_def)
1132 qed
1134 lemma rapprox_rat_nonneg_neg:
1135   "0 \<le> x \<Longrightarrow> y < 0 \<Longrightarrow> real (rapprox_rat n x y) \<le> 0"
1136   unfolding rapprox_rat_def round_up_def
1137   by (auto simp: field_simps mult_le_0_iff zero_le_mult_iff)
1139 lemma rapprox_rat_neg:
1140   "x < 0 \<Longrightarrow> 0 < y \<Longrightarrow> real (rapprox_rat n x y) \<le> 0"
1141   unfolding rapprox_rat_def round_up_def
1142   by (auto simp: field_simps mult_le_0_iff)
1144 lemma rapprox_rat_nonpos_pos:
1145   "x \<le> 0 \<Longrightarrow> 0 < y \<Longrightarrow> real (rapprox_rat n x y) \<le> 0"
1146   unfolding rapprox_rat_def round_up_def
1147   by (auto simp: field_simps mult_le_0_iff)
1149 lemma real_divl: "real_divl prec x y \<le> x / y"
1150   by (simp add: real_divl_def round_down)
1152 lemma real_divr: "x / y \<le> real_divr prec x y"
1153   using round_up by (simp add: real_divr_def)
1155 lemma float_divl: "real (float_divl prec x y) \<le> real x / real y"
1156   by transfer (rule real_divl)
1158 lemma real_divl_lower_bound:
1159   "0 \<le> x \<Longrightarrow> 0 \<le> y \<Longrightarrow> 0 \<le> real_divl prec x y"
1160   by (simp add: real_divl_def round_down_def zero_le_mult_iff zero_le_divide_iff)
1162 lemma float_divl_lower_bound:
1163   "0 \<le> x \<Longrightarrow> 0 \<le> y \<Longrightarrow> 0 \<le> real (float_divl prec x y)"
1164   by transfer (rule real_divl_lower_bound)
1166 lemma exponent_1: "exponent 1 = 0"
1167   using exponent_float[of 1 0] by (simp add: one_float_def)
1169 lemma mantissa_1: "mantissa 1 = 1"
1170   using mantissa_float[of 1 0] by (simp add: one_float_def)
1172 lemma bitlen_1: "bitlen 1 = 1"
1175 lemma mantissa_eq_zero_iff: "mantissa x = 0 \<longleftrightarrow> x = 0"
1176 proof
1177   assume "mantissa x = 0" hence z: "0 = real x" using mantissa_exponent by simp
1178   show "x = 0" by (simp add: zero_float_def z)
1181 lemma float_upper_bound: "x \<le> 2 powr (bitlen \<bar>mantissa x\<bar> + exponent x)"
1182 proof (cases "x = 0", simp)
1183   assume "x \<noteq> 0" hence "mantissa x \<noteq> 0" using mantissa_eq_zero_iff by auto
1184   have "x = mantissa x * 2 powr (exponent x)" by (rule mantissa_exponent)
1185   also have "mantissa x \<le> \<bar>mantissa x\<bar>" by simp
1186   also have "... \<le> 2 powr (bitlen \<bar>mantissa x\<bar>)"
1187     using bitlen_bounds[of "\<bar>mantissa x\<bar>"] bitlen_nonneg `mantissa x \<noteq> 0`
1188     by (simp add: powr_int) (simp only: two_real_int int_of_reals real_of_int_abs[symmetric]
1189       real_of_int_le_iff less_imp_le)
1191 qed
1193 lemma real_divl_pos_less1_bound:
1194   "0 < x \<Longrightarrow> x < 1 \<Longrightarrow> prec \<ge> 1 \<Longrightarrow> 1 \<le> real_divl prec 1 x"
1195 proof (unfold real_divl_def)
1196   fix prec :: nat and x :: real assume x: "0 < x" "x < 1" and prec: "1 \<le> prec"
1197   def p \<equiv> "int prec + \<lfloor>log 2 \<bar>x\<bar>\<rfloor>"
1198   show "1 \<le> round_down (int prec + \<lfloor>log 2 \<bar>x\<bar>\<rfloor> - \<lfloor>log 2 \<bar>1\<bar>\<rfloor>) (1 / x) "
1199   proof cases
1200     assume nonneg: "0 \<le> p"
1201     hence "2 powr real (p) = floor (real ((2::int) ^ nat p)) * floor (1::real)"
1202       by (simp add: powr_int del: real_of_int_power) simp
1203     also have "floor (1::real) \<le> floor (1 / x)" using x prec by simp
1204     also have "floor (real ((2::int) ^ nat p)) * floor (1 / x) \<le>
1205       floor (real ((2::int) ^ nat p) * (1 / x))"
1206       by (rule le_mult_floor) (auto simp: x prec less_imp_le)
1207     finally have "2 powr real p \<le> floor (2 powr nat p / x)" by (simp add: powr_realpow)
1208     thus ?thesis unfolding p_def[symmetric]
1209       using x prec nonneg by (simp add: powr_minus inverse_eq_divide round_down_def)
1210   next
1211     assume neg: "\<not> 0 \<le> p"
1213     have "x = 2 powr (log 2 x)"
1214       using x by simp
1215     also have "2 powr (log 2 x) \<le> 2 powr p"
1216     proof (rule powr_mono)
1217       have "log 2 x \<le> \<lceil>log 2 x\<rceil>"
1218         by simp
1219       also have "\<dots> \<le> \<lfloor>log 2 x\<rfloor> + 1"
1220         using ceiling_diff_floor_le_1[of "log 2 x"] by simp
1221       also have "\<dots> \<le> \<lfloor>log 2 x\<rfloor> + prec"
1222         using prec by simp
1223       finally show "log 2 x \<le> real p"
1224         using x by (simp add: p_def)
1225     qed simp
1226     finally have x_le: "x \<le> 2 powr p" .
1228     from neg have "2 powr real p \<le> 2 powr 0"
1229       by (intro powr_mono) auto
1230     also have "\<dots> \<le> \<lfloor>2 powr 0\<rfloor>" by simp
1231     also have "\<dots> \<le> \<lfloor>2 powr real p / x\<rfloor>" unfolding real_of_int_le_iff
1232       using x x_le by (intro floor_mono) (simp add:  pos_le_divide_eq mult_pos_pos)
1233     finally show ?thesis
1234       using prec x unfolding p_def[symmetric]
1235       by (simp add: round_down_def powr_minus_divide pos_le_divide_eq mult_pos_pos)
1236   qed
1237 qed
1239 lemma float_divl_pos_less1_bound:
1240   "0 < real x \<Longrightarrow> real x < 1 \<Longrightarrow> prec \<ge> 1 \<Longrightarrow> 1 \<le> real (float_divl prec 1 x)"
1241   by (transfer, rule real_divl_pos_less1_bound)
1243 lemma float_divr: "real x / real y \<le> real (float_divr prec x y)"
1244   by transfer (rule real_divr)
1246 lemma real_divr_pos_less1_lower_bound: assumes "0 < x" and "x < 1" shows "1 \<le> real_divr prec 1 x"
1247 proof -
1248   have "1 \<le> 1 / x" using `0 < x` and `x < 1` by auto
1249   also have "\<dots> \<le> real_divr prec 1 x" using real_divr[where x=1 and y=x] by auto
1250   finally show ?thesis by auto
1251 qed
1253 lemma float_divr_pos_less1_lower_bound: "0 < x \<Longrightarrow> x < 1 \<Longrightarrow> 1 \<le> float_divr prec 1 x"
1254   by transfer (rule real_divr_pos_less1_lower_bound)
1256 lemma real_divr_nonpos_pos_upper_bound:
1257   "x \<le> 0 \<Longrightarrow> 0 < y \<Longrightarrow> real_divr prec x y \<le> 0"
1258   by (auto simp: field_simps mult_le_0_iff divide_le_0_iff round_up_def real_divr_def)
1260 lemma float_divr_nonpos_pos_upper_bound:
1261   "real x \<le> 0 \<Longrightarrow> 0 < real y \<Longrightarrow> real (float_divr prec x y) \<le> 0"
1262   by transfer (rule real_divr_nonpos_pos_upper_bound)
1264 lemma real_divr_nonneg_neg_upper_bound:
1265   "0 \<le> x \<Longrightarrow> y < 0 \<Longrightarrow> real_divr prec x y \<le> 0"
1266   by (auto simp: field_simps mult_le_0_iff zero_le_mult_iff divide_le_0_iff round_up_def real_divr_def)
1268 lemma float_divr_nonneg_neg_upper_bound:
1269   "0 \<le> real x \<Longrightarrow> real y < 0 \<Longrightarrow> real (float_divr prec x y) \<le> 0"
1270   by transfer (rule real_divr_nonneg_neg_upper_bound)
1272 definition truncate_down::"nat \<Rightarrow> real \<Rightarrow> real" where
1273   "truncate_down prec x = round_down (prec - \<lfloor>log 2 \<bar>x\<bar>\<rfloor> - 1) x"
1275 lemma truncate_down: "truncate_down prec x \<le> x"
1276   using round_down by (simp add: truncate_down_def)
1278 lemma truncate_down_le: "x \<le> y \<Longrightarrow> truncate_down prec x \<le> y"
1279   by (rule order_trans[OF truncate_down])
1281 definition truncate_up::"nat \<Rightarrow> real \<Rightarrow> real" where
1282   "truncate_up prec x = round_up (prec - \<lfloor>log 2 \<bar>x\<bar>\<rfloor> - 1) x"
1284 lemma truncate_up: "x \<le> truncate_up prec x"
1285   using round_up by (simp add: truncate_up_def)
1287 lemma truncate_up_le: "x \<le> y \<Longrightarrow> x \<le> truncate_up prec y"
1288   by (rule order_trans[OF _ truncate_up])
1290 lemma truncate_up_zero[simp]: "truncate_up prec 0 = 0"
1293 lift_definition float_round_up :: "nat \<Rightarrow> float \<Rightarrow> float" is truncate_up
1296 lemma float_round_up: "real x \<le> real (float_round_up prec x)"
1297   using truncate_up by transfer simp
1299 lift_definition float_round_down :: "nat \<Rightarrow> float \<Rightarrow> float" is truncate_down
1302 lemma float_round_down: "real (float_round_down prec x) \<le> real x"
1303   using truncate_down by transfer simp
1305 lemma floor_add2[simp]: "\<lfloor> real i + x \<rfloor> = i + \<lfloor> x \<rfloor>"
1308 lemma compute_float_round_down[code]:
1309   "float_round_down prec (Float m e) = (let d = bitlen (abs m) - int prec in
1310     if 0 < d then let P = 2^nat d ; n = m div P in Float n (e + d)
1311              else Float m e)"
1312   using Float.compute_float_down[of "prec - bitlen \<bar>m\<bar> - e" m e, symmetric]
1313   by transfer (simp add: field_simps abs_mult log_mult bitlen_def truncate_down_def
1314     cong del: if_weak_cong)
1315 hide_fact (open) compute_float_round_down
1317 lemma compute_float_round_up[code]:
1318   "float_round_up prec (Float m e) = (let d = (bitlen (abs m) - int prec) in
1319      if 0 < d then let P = 2^nat d ; n = m div P ; r = m mod P
1320                    in Float (n + (if r = 0 then 0 else 1)) (e + d)
1321               else Float m e)"
1322   using Float.compute_float_up[of "prec - bitlen \<bar>m\<bar> - e" m e, symmetric]
1323   unfolding Let_def
1324   by transfer (simp add: field_simps abs_mult log_mult bitlen_def truncate_up_def
1325     cong del: if_weak_cong)
1326 hide_fact (open) compute_float_round_up
1328 lemma Float_le_zero_iff: "Float a b \<le> 0 \<longleftrightarrow> a \<le> 0"
1329  apply (auto simp: zero_float_def mult_le_0_iff)
1330  using powr_gt_zero[of 2 b] by simp
1332 lemma real_of_float_pprt[simp]: fixes a::float shows "real (pprt a) = pprt (real a)"
1333   unfolding pprt_def sup_float_def max_def sup_real_def by auto
1335 lemma real_of_float_nprt[simp]: fixes a::float shows "real (nprt a) = nprt (real a)"
1336   unfolding nprt_def inf_float_def min_def inf_real_def by auto
1338 lift_definition int_floor_fl :: "float \<Rightarrow> int" is floor by simp
1340 lemma compute_int_floor_fl[code]:
1341   "int_floor_fl (Float m e) = (if 0 \<le> e then m * 2 ^ nat e else m div (2 ^ (nat (-e))))"
1342   by transfer (simp add: powr_int int_of_reals floor_divide_eq_div del: real_of_ints)
1343 hide_fact (open) compute_int_floor_fl
1345 lift_definition floor_fl :: "float \<Rightarrow> float" is "\<lambda>x. real (floor x)" by simp
1347 lemma compute_floor_fl[code]:
1348   "floor_fl (Float m e) = (if 0 \<le> e then Float m e else Float (m div (2 ^ (nat (-e)))) 0)"
1349   by transfer (simp add: powr_int int_of_reals floor_divide_eq_div del: real_of_ints)
1350 hide_fact (open) compute_floor_fl
1352 lemma floor_fl: "real (floor_fl x) \<le> real x" by transfer simp
1354 lemma int_floor_fl: "real (int_floor_fl x) \<le> real x" by transfer simp
1356 lemma floor_pos_exp: "exponent (floor_fl x) \<ge> 0"
1357 proof (cases "floor_fl x = float_of 0")
1358   case True
1359   then show ?thesis by (simp add: floor_fl_def)
1360 next
1361   case False
1362   have eq: "floor_fl x = Float \<lfloor>real x\<rfloor> 0" by transfer simp
1363   obtain i where "\<lfloor>real x\<rfloor> = mantissa (floor_fl x) * 2 ^ i" "0 = exponent (floor_fl x) - int i"
1364     by (rule denormalize_shift[OF eq[THEN eq_reflection] False])
1365   then show ?thesis by simp
1366 qed
1368 end