(* Title: HOL/Int.thy
Author: Lawrence C Paulson, Cambridge University Computer Laboratory
Author: Tobias Nipkow, Florian Haftmann, TU Muenchen
*)
header {* The Integers as Equivalence Classes over Pairs of Natural Numbers *}
theory Int
imports Equiv_Relations Wellfounded Quotient
begin
subsection {* Definition of integers as a quotient type *}
definition intrel :: "(nat \ nat) \ (nat \ nat) \ bool" where
"intrel = (\(x, y) (u, v). x + v = u + y)"
lemma intrel_iff [simp]: "intrel (x, y) (u, v) \ x + v = u + y"
by (simp add: intrel_def)
quotient_type int = "nat \ nat" / "intrel"
morphisms Rep_Integ Abs_Integ
proof (rule equivpI)
show "reflp intrel"
unfolding reflp_def by auto
show "symp intrel"
unfolding symp_def by auto
show "transp intrel"
unfolding transp_def by auto
qed
lemma eq_Abs_Integ [case_names Abs_Integ, cases type: int]:
"(!!x y. z = Abs_Integ (x, y) ==> P) ==> P"
by (induct z) auto
subsection {* Integers form a commutative ring *}
instantiation int :: comm_ring_1
begin
lift_definition zero_int :: "int" is "(0, 0)"
by simp
lift_definition one_int :: "int" is "(1, 0)"
by simp
lift_definition plus_int :: "int \ int \ int"
is "\(x, y) (u, v). (x + u, y + v)"
by clarsimp
lift_definition uminus_int :: "int \ int"
is "\(x, y). (y, x)"
by clarsimp
lift_definition minus_int :: "int \ int \ int"
is "\(x, y) (u, v). (x + v, y + u)"
by clarsimp
lift_definition times_int :: "int \ int \ int"
is "\(x, y) (u, v). (x*u + y*v, x*v + y*u)"
proof (clarsimp)
fix s t u v w x y z :: nat
assume "s + v = u + t" and "w + z = y + x"
hence "(s + v) * w + (u + t) * x + u * (w + z) + v * (y + x)
= (u + t) * w + (s + v) * x + u * (y + x) + v * (w + z)"
by simp
thus "(s * w + t * x) + (u * z + v * y) = (u * y + v * z) + (s * x + t * w)"
by (simp add: algebra_simps)
qed
instance
by default (transfer, clarsimp simp: algebra_simps)+
end
abbreviation int :: "nat \ int" where
"int \ of_nat"
lemma int_def: "int n = Abs_Integ (n, 0)"
by (induct n, simp add: zero_int.abs_eq,
simp add: one_int.abs_eq plus_int.abs_eq)
lemma int_transfer [transfer_rule]:
"(fun_rel (op =) cr_int) (\n. (n, 0)) int"
unfolding fun_rel_def cr_int_def int_def by simp
lemma int_diff_cases:
obtains (diff) m n where "z = int m - int n"
by transfer clarsimp
subsection {* Integers are totally ordered *}
instantiation int :: linorder
begin
lift_definition less_eq_int :: "int \ int \ bool"
is "\(x, y) (u, v). x + v \ u + y"
by auto
lift_definition less_int :: "int \ int \ bool"
is "\(x, y) (u, v). x + v < u + y"
by auto
instance
by default (transfer, force)+
end
instantiation int :: distrib_lattice
begin
definition
"(inf \ int \ int \ int) = min"
definition
"(sup \ int \ int \ int) = max"
instance
by intro_classes
(auto simp add: inf_int_def sup_int_def min_max.sup_inf_distrib1)
end
subsection {* Ordering properties of arithmetic operations *}
instance int :: ordered_cancel_ab_semigroup_add
proof
fix i j k :: int
show "i \ j \ k + i \ k + j"
by transfer clarsimp
qed
text{*Strict Monotonicity of Multiplication*}
text{*strict, in 1st argument; proof is by induction on k>0*}
lemma zmult_zless_mono2_lemma:
"(i::int) 0 int k * i < int k * j"
apply (induct k)
apply simp
apply (simp add: distrib_right)
apply (case_tac "k=0")
apply (simp_all add: add_strict_mono)
done
lemma zero_le_imp_eq_int: "(0::int) \ k ==> \n. k = int n"
apply transfer
apply clarsimp
apply (rule_tac x="a - b" in exI, simp)
done
lemma zero_less_imp_eq_int: "(0::int) < k ==> \n>0. k = int n"
apply transfer
apply clarsimp
apply (rule_tac x="a - b" in exI, simp)
done
lemma zmult_zless_mono2: "[| i k*i < k*j"
apply (drule zero_less_imp_eq_int)
apply (auto simp add: zmult_zless_mono2_lemma)
done
text{*The integers form an ordered integral domain*}
instantiation int :: linordered_idom
begin
definition
zabs_def: "\i\int\ = (if i < 0 then - i else i)"
definition
zsgn_def: "sgn (i\int) = (if i=0 then 0 else if 0* 0 < k \ k * i < k * j"
by (rule zmult_zless_mono2)
show "\i\ = (if i < 0 then -i else i)"
by (simp only: zabs_def)
show "sgn (i\int) = (if i=0 then 0 else if 0** w + (1\int) \ z"
by transfer clarsimp
lemma zless_iff_Suc_zadd:
"(w \ int) < z \ (\n. z = w + int (Suc n))"
apply transfer
apply auto
apply (rename_tac a b c d)
apply (rule_tac x="c+b - Suc(a+d)" in exI)
apply arith
done
lemmas int_distrib =
distrib_right [of z1 z2 w]
distrib_left [of w z1 z2]
left_diff_distrib [of z1 z2 w]
right_diff_distrib [of w z1 z2]
for z1 z2 w :: int
subsection {* Embedding of the Integers into any @{text ring_1}: @{text of_int}*}
context ring_1
begin
lift_definition of_int :: "int \ 'a" is "\(i, j). of_nat i - of_nat j"
by (clarsimp simp add: diff_eq_eq eq_diff_eq diff_add_eq
of_nat_add [symmetric] simp del: of_nat_add)
lemma of_int_0 [simp]: "of_int 0 = 0"
by transfer simp
lemma of_int_1 [simp]: "of_int 1 = 1"
by transfer simp
lemma of_int_add [simp]: "of_int (w+z) = of_int w + of_int z"
by transfer (clarsimp simp add: algebra_simps)
lemma of_int_minus [simp]: "of_int (-z) = - (of_int z)"
by (transfer fixing: uminus) clarsimp
lemma of_int_diff [simp]: "of_int (w - z) = of_int w - of_int z"
by (simp add: diff_minus Groups.diff_minus)
lemma of_int_mult [simp]: "of_int (w*z) = of_int w * of_int z"
by (transfer fixing: times) (clarsimp simp add: algebra_simps of_nat_mult)
text{*Collapse nested embeddings*}
lemma of_int_of_nat_eq [simp]: "of_int (int n) = of_nat n"
by (induct n) auto
lemma of_int_numeral [simp, code_post]: "of_int (numeral k) = numeral k"
by (simp add: of_nat_numeral [symmetric] of_int_of_nat_eq [symmetric])
lemma of_int_neg_numeral [simp, code_post]: "of_int (neg_numeral k) = neg_numeral k"
unfolding neg_numeral_def neg_numeral_class.neg_numeral_def
by (simp only: of_int_minus of_int_numeral)
lemma of_int_power:
"of_int (z ^ n) = of_int z ^ n"
by (induct n) simp_all
end
context ring_char_0
begin
lemma of_int_eq_iff [simp]:
"of_int w = of_int z \ w = z"
by transfer (clarsimp simp add: algebra_simps
of_nat_add [symmetric] simp del: of_nat_add)
text{*Special cases where either operand is zero*}
lemma of_int_eq_0_iff [simp]:
"of_int z = 0 \ z = 0"
using of_int_eq_iff [of z 0] by simp
lemma of_int_0_eq_iff [simp]:
"0 = of_int z \ z = 0"
using of_int_eq_iff [of 0 z] by simp
end
context linordered_idom
begin
text{*Every @{text linordered_idom} has characteristic zero.*}
subclass ring_char_0 ..
lemma of_int_le_iff [simp]:
"of_int w \ of_int z \ w \ z"
by (transfer fixing: less_eq) (clarsimp simp add: algebra_simps
of_nat_add [symmetric] simp del: of_nat_add)
lemma of_int_less_iff [simp]:
"of_int w < of_int z \ w < z"
by (simp add: less_le order_less_le)
lemma of_int_0_le_iff [simp]:
"0 \ of_int z \ 0 \ z"
using of_int_le_iff [of 0 z] by simp
lemma of_int_le_0_iff [simp]:
"of_int z \ 0 \ z \ 0"
using of_int_le_iff [of z 0] by simp
lemma of_int_0_less_iff [simp]:
"0 < of_int z \ 0 < z"
using of_int_less_iff [of 0 z] by simp
lemma of_int_less_0_iff [simp]:
"of_int z < 0 \ z < 0"
using of_int_less_iff [of z 0] by simp
end
lemma of_int_eq_id [simp]: "of_int = id"
proof
fix z show "of_int z = id z"
by (cases z rule: int_diff_cases, simp)
qed
subsection {* Magnitude of an Integer, as a Natural Number: @{text nat} *}
lift_definition nat :: "int \ nat" is "\(x, y). x - y"
by auto
lemma nat_int [simp]: "nat (int n) = n"
by transfer simp
lemma int_nat_eq [simp]: "int (nat z) = (if 0 \ z then z else 0)"
by transfer clarsimp
corollary nat_0_le: "0 \ z ==> int (nat z) = z"
by simp
lemma nat_le_0 [simp]: "z \ 0 ==> nat z = 0"
by transfer clarsimp
lemma nat_le_eq_zle: "0 < w | 0 \ z ==> (nat w \ nat z) = (w\z)"
by transfer (clarsimp, arith)
text{*An alternative condition is @{term "0 \ w"} *}
corollary nat_mono_iff: "0 < z ==> (nat w < nat z) = (w < z)"
by (simp add: nat_le_eq_zle linorder_not_le [symmetric])
corollary nat_less_eq_zless: "0 \ w ==> (nat w < nat z) = (w z" and "\m. z = int m \ P"
shows P
using assms by (blast dest: nat_0_le sym)
lemma nat_eq_iff: "(nat w = m) = (if 0 \ w then w = int m else m=0)"
by transfer (clarsimp simp add: le_imp_diff_is_add)
corollary nat_eq_iff2: "(m = nat w) = (if 0 \ w then w = int m else m=0)"
by (simp only: eq_commute [of m] nat_eq_iff)
lemma nat_less_iff: "0 \ w ==> (nat w < m) = (w < of_nat m)"
by transfer (clarsimp, arith)
lemma nat_le_iff: "nat x \ n \ x \ int n"
by transfer (clarsimp simp add: le_diff_conv)
lemma nat_mono: "x \ y \ nat x \ nat y"
by transfer auto
lemma nat_0_iff[simp]: "nat(i::int) = 0 \ i\0"
by transfer clarsimp
lemma int_eq_iff: "(of_nat m = z) = (m = nat z & 0 \ z)"
by (auto simp add: nat_eq_iff2)
lemma zero_less_nat_eq [simp]: "(0 < nat z) = (0 < z)"
by (insert zless_nat_conj [of 0], auto)
lemma nat_add_distrib:
"[| (0::int) \ z; 0 \ z' |] ==> nat (z+z') = nat z + nat z'"
by transfer clarsimp
lemma nat_diff_distrib:
"[| (0::int) \ z'; z' \ z |] ==> nat (z-z') = nat z - nat z'"
by transfer clarsimp
lemma nat_zminus_int [simp]: "nat (- int n) = 0"
by transfer simp
lemma zless_nat_eq_int_zless: "(m < nat z) = (int m < z)"
by transfer (clarsimp simp add: less_diff_conv)
context ring_1
begin
lemma of_nat_nat: "0 \ z \ of_nat (nat z) = of_int z"
by transfer (clarsimp simp add: of_nat_diff)
end
text {* For termination proofs: *}
lemma measure_function_int[measure_function]: "is_measure (nat o abs)" ..
subsection{*Lemmas about the Function @{term of_nat} and Orderings*}
lemma negative_zless_0: "- (int (Suc n)) < (0 \ int)"
by (simp add: order_less_le del: of_nat_Suc)
lemma negative_zless [iff]: "- (int (Suc n)) < int m"
by (rule negative_zless_0 [THEN order_less_le_trans], simp)
lemma negative_zle_0: "- int n \ 0"
by (simp add: minus_le_iff)
lemma negative_zle [iff]: "- int n \ int m"
by (rule order_trans [OF negative_zle_0 of_nat_0_le_iff])
lemma not_zle_0_negative [simp]: "~ (0 \ - (int (Suc n)))"
by (subst le_minus_iff, simp del: of_nat_Suc)
lemma int_zle_neg: "(int n \ - int m) = (n = 0 & m = 0)"
by transfer simp
lemma not_int_zless_negative [simp]: "~ (int n < - int m)"
by (simp add: linorder_not_less)
lemma negative_eq_positive [simp]: "(- int n = of_nat m) = (n = 0 & m = 0)"
by (force simp add: order_eq_iff [of "- of_nat n"] int_zle_neg)
lemma zle_iff_zadd: "w \ z \ (\n. z = w + int n)"
proof -
have "(w \ z) = (0 \ z - w)"
by (simp only: le_diff_eq add_0_left)
also have "\ = (\n. z - w = of_nat n)"
by (auto elim: zero_le_imp_eq_int)
also have "\ = (\n. z = w + of_nat n)"
by (simp only: algebra_simps)
finally show ?thesis .
qed
lemma zadd_int_left: "int m + (int n + z) = int (m + n) + z"
by simp
lemma int_Suc0_eq_1: "int (Suc 0) = 1"
by simp
text{*This version is proved for all ordered rings, not just integers!
It is proved here because attribute @{text arith_split} is not available
in theory @{text Rings}.
But is it really better than just rewriting with @{text abs_if}?*}
lemma abs_split [arith_split,no_atp]:
"P(abs(a::'a::linordered_idom)) = ((0 \ a --> P a) & (a < 0 --> P(-a)))"
by (force dest: order_less_le_trans simp add: abs_if linorder_not_less)
lemma negD: "x < 0 \ \n. x = - (int (Suc n))"
apply transfer
apply clarsimp
apply (rule_tac x="b - Suc a" in exI, arith)
done
subsection {* Cases and induction *}
text{*Now we replace the case analysis rule by a more conventional one:
whether an integer is negative or not.*}
theorem int_cases [case_names nonneg neg, cases type: int]:
"[|!! n. z = int n ==> P; !! n. z = - (int (Suc n)) ==> P |] ==> P"
apply (cases "z < 0")
apply (blast dest!: negD)
apply (simp add: linorder_not_less del: of_nat_Suc)
apply auto
apply (blast dest: nat_0_le [THEN sym])
done
theorem int_of_nat_induct [case_names nonneg neg, induct type: int]:
"[|!! n. P (int n); !!n. P (- (int (Suc n))) |] ==> P z"
by (cases z) auto
lemma nonneg_int_cases:
assumes "0 \ k" obtains n where "k = int n"
using assms by (cases k, simp, simp del: of_nat_Suc)
lemma Let_numeral [simp]: "Let (numeral v) f = f (numeral v)"
-- {* Unfold all @{text let}s involving constants *}
unfolding Let_def ..
lemma Let_neg_numeral [simp]: "Let (neg_numeral v) f = f (neg_numeral v)"
-- {* Unfold all @{text let}s involving constants *}
unfolding Let_def ..
text {* Unfold @{text min} and @{text max} on numerals. *}
lemmas max_number_of [simp] =
max_def [of "numeral u" "numeral v"]
max_def [of "numeral u" "neg_numeral v"]
max_def [of "neg_numeral u" "numeral v"]
max_def [of "neg_numeral u" "neg_numeral v"] for u v
lemmas min_number_of [simp] =
min_def [of "numeral u" "numeral v"]
min_def [of "numeral u" "neg_numeral v"]
min_def [of "neg_numeral u" "numeral v"]
min_def [of "neg_numeral u" "neg_numeral v"] for u v
subsubsection {* Binary comparisons *}
text {* Preliminaries *}
lemma even_less_0_iff:
"a + a < 0 \ a < (0::'a::linordered_idom)"
proof -
have "a + a < 0 \ (1+1)*a < 0" by (simp add: distrib_right del: one_add_one)
also have "(1+1)*a < 0 \ a < 0"
by (simp add: mult_less_0_iff zero_less_two
order_less_not_sym [OF zero_less_two])
finally show ?thesis .
qed
lemma le_imp_0_less:
assumes le: "0 \ z"
shows "(0::int) < 1 + z"
proof -
have "0 \ z" by fact
also have "... < z + 1" by (rule less_add_one)
also have "... = 1 + z" by (simp add: add_ac)
finally show "0 < 1 + z" .
qed
lemma odd_less_0_iff:
"(1 + z + z < 0) = (z < (0::int))"
proof (cases z)
case (nonneg n)
thus ?thesis by (simp add: linorder_not_less add_assoc add_increasing
le_imp_0_less [THEN order_less_imp_le])
next
case (neg n)
thus ?thesis by (simp del: of_nat_Suc of_nat_add of_nat_1
add: algebra_simps of_nat_1 [where 'a=int, symmetric] of_nat_add [symmetric])
qed
subsubsection {* Comparisons, for Ordered Rings *}
lemmas double_eq_0_iff = double_zero
lemma odd_nonzero:
"1 + z + z \ (0::int)"
proof (cases z)
case (nonneg n)
have le: "0 \ z+z" by (simp add: nonneg add_increasing)
thus ?thesis using le_imp_0_less [OF le]
by (auto simp add: add_assoc)
next
case (neg n)
show ?thesis
proof
assume eq: "1 + z + z = 0"
have "(0::int) < 1 + (int n + int n)"
by (simp add: le_imp_0_less add_increasing)
also have "... = - (1 + z + z)"
by (simp add: neg add_assoc [symmetric])
also have "... = 0" by (simp add: eq)
finally have "0<0" ..
thus False by blast
qed
qed
subsection {* The Set of Integers *}
context ring_1
begin
definition Ints :: "'a set" where
"Ints = range of_int"
notation (xsymbols)
Ints ("\")
lemma Ints_of_int [simp]: "of_int z \ \"
by (simp add: Ints_def)
lemma Ints_of_nat [simp]: "of_nat n \ \"
using Ints_of_int [of "of_nat n"] by simp
lemma Ints_0 [simp]: "0 \ \"
using Ints_of_int [of "0"] by simp
lemma Ints_1 [simp]: "1 \ \"
using Ints_of_int [of "1"] by simp
lemma Ints_add [simp]: "a \ \ \ b \ \ \ a + b \ \"
apply (auto simp add: Ints_def)
apply (rule range_eqI)
apply (rule of_int_add [symmetric])
done
lemma Ints_minus [simp]: "a \ \ \ -a \ \"
apply (auto simp add: Ints_def)
apply (rule range_eqI)
apply (rule of_int_minus [symmetric])
done
lemma Ints_diff [simp]: "a \ \ \ b \ \ \ a - b \ \"
apply (auto simp add: Ints_def)
apply (rule range_eqI)
apply (rule of_int_diff [symmetric])
done
lemma Ints_mult [simp]: "a \ \ \ b \ \ \ a * b \ \"
apply (auto simp add: Ints_def)
apply (rule range_eqI)
apply (rule of_int_mult [symmetric])
done
lemma Ints_power [simp]: "a \ \ \ a ^ n \ \"
by (induct n) simp_all
lemma Ints_cases [cases set: Ints]:
assumes "q \ \"
obtains (of_int) z where "q = of_int z"
unfolding Ints_def
proof -
from `q \ \` have "q \ range of_int" unfolding Ints_def .
then obtain z where "q = of_int z" ..
then show thesis ..
qed
lemma Ints_induct [case_names of_int, induct set: Ints]:
"q \ \ \ (\z. P (of_int z)) \ P q"
by (rule Ints_cases) auto
end
text {* The premise involving @{term Ints} prevents @{term "a = 1/2"}. *}
lemma Ints_double_eq_0_iff:
assumes in_Ints: "a \ Ints"
shows "(a + a = 0) = (a = (0::'a::ring_char_0))"
proof -
from in_Ints have "a \ range of_int" unfolding Ints_def [symmetric] .
then obtain z where a: "a = of_int z" ..
show ?thesis
proof
assume "a = 0"
thus "a + a = 0" by simp
next
assume eq: "a + a = 0"
hence "of_int (z + z) = (of_int 0 :: 'a)" by (simp add: a)
hence "z + z = 0" by (simp only: of_int_eq_iff)
hence "z = 0" by (simp only: double_eq_0_iff)
thus "a = 0" by (simp add: a)
qed
qed
lemma Ints_odd_nonzero:
assumes in_Ints: "a \ Ints"
shows "1 + a + a \ (0::'a::ring_char_0)"
proof -
from in_Ints have "a \ range of_int" unfolding Ints_def [symmetric] .
then obtain z where a: "a = of_int z" ..
show ?thesis
proof
assume eq: "1 + a + a = 0"
hence "of_int (1 + z + z) = (of_int 0 :: 'a)" by (simp add: a)
hence "1 + z + z = 0" by (simp only: of_int_eq_iff)
with odd_nonzero show False by blast
qed
qed
lemma Nats_numeral [simp]: "numeral w \ Nats"
using of_nat_in_Nats [of "numeral w"] by simp
lemma Ints_odd_less_0:
assumes in_Ints: "a \ Ints"
shows "(1 + a + a < 0) = (a < (0::'a::linordered_idom))"
proof -
from in_Ints have "a \ range of_int" unfolding Ints_def [symmetric] .
then obtain z where a: "a = of_int z" ..
hence "((1::'a) + a + a < 0) = (of_int (1 + z + z) < (of_int 0 :: 'a))"
by (simp add: a)
also have "... = (z < 0)" by (simp only: of_int_less_iff odd_less_0_iff)
also have "... = (a < 0)" by (simp add: a)
finally show ?thesis .
qed
subsection {* @{term setsum} and @{term setprod} *}
lemma of_nat_setsum: "of_nat (setsum f A) = (\x\A. of_nat(f x))"
apply (cases "finite A")
apply (erule finite_induct, auto)
done
lemma of_int_setsum: "of_int (setsum f A) = (\x\A. of_int(f x))"
apply (cases "finite A")
apply (erule finite_induct, auto)
done
lemma of_nat_setprod: "of_nat (setprod f A) = (\x\A. of_nat(f x))"
apply (cases "finite A")
apply (erule finite_induct, auto simp add: of_nat_mult)
done
lemma of_int_setprod: "of_int (setprod f A) = (\x\A. of_int(f x))"
apply (cases "finite A")
apply (erule finite_induct, auto)
done
lemmas int_setsum = of_nat_setsum [where 'a=int]
lemmas int_setprod = of_nat_setprod [where 'a=int]
text {* Legacy theorems *}
lemmas zle_int = of_nat_le_iff [where 'a=int]
lemmas int_int_eq = of_nat_eq_iff [where 'a=int]
lemmas numeral_1_eq_1 = numeral_One
subsection {* Setting up simplification procedures *}
lemmas int_arith_rules =
neg_le_iff_le numeral_One
minus_zero diff_minus left_minus right_minus
mult_zero_left mult_zero_right mult_1_left mult_1_right
mult_minus_left mult_minus_right
minus_add_distrib minus_minus mult_assoc
of_nat_0 of_nat_1 of_nat_Suc of_nat_add of_nat_mult
of_int_0 of_int_1 of_int_add of_int_mult
ML_file "Tools/int_arith.ML"
declaration {* K Int_Arith.setup *}
simproc_setup fast_arith ("(m::'a::linordered_idom) < n" |
"(m::'a::linordered_idom) <= n" |
"(m::'a::linordered_idom) = n") =
{* fn _ => fn ss => fn ct => Lin_Arith.simproc ss (term_of ct) *}
subsection{*Lemmas About Small Numerals*}
lemma abs_power_minus_one [simp]:
"abs(-1 ^ n) = (1::'a::linordered_idom)"
by (simp add: power_abs)
subsection{*More Inequality Reasoning*}
lemma zless_add1_eq: "(w < z + (1::int)) = (w z) = (w z - (1::int)) = (wz)"
by arith
lemma int_one_le_iff_zero_less: "((1::int) \ z) = (0 < z)"
by arith
subsection{*The functions @{term nat} and @{term int}*}
text{*Simplify the term @{term "w + - z"}*}
lemmas diff_int_def_symmetric = diff_def [where 'a=int, symmetric, simp]
lemma nat_0 [simp]: "nat 0 = 0"
by (simp add: nat_eq_iff)
lemma nat_1 [simp]: "nat 1 = Suc 0"
by (subst nat_eq_iff, simp)
lemma nat_2: "nat 2 = Suc (Suc 0)"
by (subst nat_eq_iff, simp)
lemma one_less_nat_eq [simp]: "(Suc 0 < nat z) = (1 < z)"
apply (insert zless_nat_conj [of 1 z])
apply auto
done
text{*This simplifies expressions of the form @{term "int n = z"} where
z is an integer literal.*}
lemmas int_eq_iff_numeral [simp] = int_eq_iff [of _ "numeral v"] for v
lemma split_nat [arith_split]:
"P(nat(i::int)) = ((\n. i = int n \ P n) & (i < 0 \ P 0))"
(is "?P = (?L & ?R)")
proof (cases "i < 0")
case True thus ?thesis by auto
next
case False
have "?P = ?L"
proof
assume ?P thus ?L using False by clarsimp
next
assume ?L thus ?P using False by simp
qed
with False show ?thesis by simp
qed
context ring_1
begin
lemma of_int_of_nat [nitpick_simp]:
"of_int k = (if k < 0 then - of_nat (nat (- k)) else of_nat (nat k))"
proof (cases "k < 0")
case True then have "0 \ - k" by simp
then have "of_nat (nat (- k)) = of_int (- k)" by (rule of_nat_nat)
with True show ?thesis by simp
next
case False then show ?thesis by (simp add: not_less of_nat_nat)
qed
end
lemma nat_mult_distrib:
fixes z z' :: int
assumes "0 \ z"
shows "nat (z * z') = nat z * nat z'"
proof (cases "0 \ z'")
case False with assms have "z * z' \ 0"
by (simp add: not_le mult_le_0_iff)
then have "nat (z * z') = 0" by simp
moreover from False have "nat z' = 0" by simp
ultimately show ?thesis by simp
next
case True with assms have ge_0: "z * z' \ 0" by (simp add: zero_le_mult_iff)
show ?thesis
by (rule injD [of "of_nat :: nat \ int", OF inj_of_nat])
(simp only: of_nat_mult of_nat_nat [OF True]
of_nat_nat [OF assms] of_nat_nat [OF ge_0], simp)
qed
lemma nat_mult_distrib_neg: "z \ (0::int) ==> nat(z*z') = nat(-z) * nat(-z')"
apply (rule trans)
apply (rule_tac [2] nat_mult_distrib, auto)
done
lemma nat_abs_mult_distrib: "nat (abs (w * z)) = nat (abs w) * nat (abs z)"
apply (cases "z=0 | w=0")
apply (auto simp add: abs_if nat_mult_distrib [symmetric]
nat_mult_distrib_neg [symmetric] mult_less_0_iff)
done
lemma Suc_nat_eq_nat_zadd1: "(0::int) <= z ==> Suc (nat z) = nat (1 + z)"
apply (rule sym)
apply (simp add: nat_eq_iff)
done
lemma diff_nat_eq_if:
"nat z - nat z' =
(if z' < 0 then nat z
else let d = z-z' in
if d < 0 then 0 else nat d)"
by (simp add: Let_def nat_diff_distrib [symmetric])
(* nat_diff_distrib has too-strong premises *)
lemma nat_diff_distrib': "\0 \ x; 0 \ y\ \ nat (x - y) = nat x - nat y"
apply (rule int_int_eq [THEN iffD1], clarsimp)
apply (subst of_nat_diff)
apply (rule nat_mono, simp_all)
done
lemma nat_numeral [simp, code_abbrev]:
"nat (numeral k) = numeral k"
by (simp add: nat_eq_iff)
lemma nat_neg_numeral [simp]:
"nat (neg_numeral k) = 0"
by simp
lemma diff_nat_numeral [simp]:
"(numeral v :: nat) - numeral v' = nat (numeral v - numeral v')"
by (simp only: nat_diff_distrib' zero_le_numeral nat_numeral)
lemma nat_numeral_diff_1 [simp]:
"numeral v - (1::nat) = nat (numeral v - 1)"
using diff_nat_numeral [of v Num.One] by simp
lemmas nat_arith = diff_nat_numeral
subsection "Induction principles for int"
text{*Well-founded segments of the integers*}
definition
int_ge_less_than :: "int => (int * int) set"
where
"int_ge_less_than d = {(z',z). d \ z' & z' < z}"
theorem wf_int_ge_less_than: "wf (int_ge_less_than d)"
proof -
have "int_ge_less_than d \ measure (%z. nat (z-d))"
by (auto simp add: int_ge_less_than_def)
thus ?thesis
by (rule wf_subset [OF wf_measure])
qed
text{*This variant looks odd, but is typical of the relations suggested
by RankFinder.*}
definition
int_ge_less_than2 :: "int => (int * int) set"
where
"int_ge_less_than2 d = {(z',z). d \ z & z' < z}"
theorem wf_int_ge_less_than2: "wf (int_ge_less_than2 d)"
proof -
have "int_ge_less_than2 d \ measure (%z. nat (1+z-d))"
by (auto simp add: int_ge_less_than2_def)
thus ?thesis
by (rule wf_subset [OF wf_measure])
qed
(* `set:int': dummy construction *)
theorem int_ge_induct [case_names base step, induct set: int]:
fixes i :: int
assumes ge: "k \ i" and
base: "P k" and
step: "\i. k \ i \ P i \ P (i + 1)"
shows "P i"
proof -
{ fix n
have "\i::int. n = nat (i - k) \ k \ i \ P i"
proof (induct n)
case 0
hence "i = k" by arith
thus "P i" using base by simp
next
case (Suc n)
then have "n = nat((i - 1) - k)" by arith
moreover
have ki1: "k \ i - 1" using Suc.prems by arith
ultimately
have "P (i - 1)" by (rule Suc.hyps)
from step [OF ki1 this] show ?case by simp
qed
}
with ge show ?thesis by fast
qed
(* `set:int': dummy construction *)
theorem int_gr_induct [case_names base step, induct set: int]:
assumes gr: "k < (i::int)" and
base: "P(k+1)" and
step: "\i. \k < i; P i\ \ P(i+1)"
shows "P i"
apply(rule int_ge_induct[of "k + 1"])
using gr apply arith
apply(rule base)
apply (rule step, simp+)
done
theorem int_le_induct [consumes 1, case_names base step]:
assumes le: "i \ (k::int)" and
base: "P(k)" and
step: "\i. \i \ k; P i\ \ P(i - 1)"
shows "P i"
proof -
{ fix n
have "\i::int. n = nat(k-i) \ i \ k \ P i"
proof (induct n)
case 0
hence "i = k" by arith
thus "P i" using base by simp
next
case (Suc n)
hence "n = nat (k - (i + 1))" by arith
moreover
have ki1: "i + 1 \ k" using Suc.prems by arith
ultimately
have "P (i + 1)" by(rule Suc.hyps)
from step[OF ki1 this] show ?case by simp
qed
}
with le show ?thesis by fast
qed
theorem int_less_induct [consumes 1, case_names base step]:
assumes less: "(i::int) < k" and
base: "P(k - 1)" and
step: "\i. \i < k; P i\ \ P(i - 1)"
shows "P i"
apply(rule int_le_induct[of _ "k - 1"])
using less apply arith
apply(rule base)
apply (rule step, simp+)
done
theorem int_induct [case_names base step1 step2]:
fixes k :: int
assumes base: "P k"
and step1: "\i. k \ i \ P i \*