merged
authorwenzelm
Wed Feb 26 17:14:23 2014 +0100 (2014-02-26)
changeset 557691f27d75ccf05
parent 55760 aaaccc8e015f
parent 55768 72c6ce5aea2a
child 55770 f2cf7f92c9ac
child 55777 90484dff4dc4
merged
     1.1 --- a/src/HOL/Decision_Procs/Parametric_Ferrante_Rackoff.thy	Wed Feb 26 16:48:15 2014 +0100
     1.2 +++ b/src/HOL/Decision_Procs/Parametric_Ferrante_Rackoff.thy	Wed Feb 26 17:14:23 2014 +0100
     1.3 @@ -158,30 +158,46 @@
     1.4       else []!(m - (length xs - 1)))"
     1.5  proof (induct xs arbitrary: n m)
     1.6    case Nil
     1.7 -  thus ?case by simp
     1.8 +  then show ?case by simp
     1.9  next
    1.10    case (Cons x xs n m)
    1.11 -  {assume nxs: "n \<ge> length (x#xs)" hence ?case using removen_same[OF nxs] by simp}
    1.12 +  {
    1.13 +    assume nxs: "n \<ge> length (x#xs)"
    1.14 +    then have ?case using removen_same[OF nxs] by simp
    1.15 +  }
    1.16    moreover
    1.17 -  {assume nxs: "\<not> (n \<ge> length (x#xs))"
    1.18 -    {assume mln: "m < n" hence ?case using Cons by (cases m, auto)}
    1.19 +  {
    1.20 +    assume nxs: "\<not> (n \<ge> length (x#xs))"
    1.21 +    {
    1.22 +      assume mln: "m < n"
    1.23 +      then have ?case using Cons by (cases m) auto
    1.24 +    }
    1.25      moreover
    1.26 -    {assume mln: "\<not> (m < n)"
    1.27 -      {assume mxs: "m \<le> length (x#xs)" hence ?case using Cons by (cases m, auto)}
    1.28 +    {
    1.29 +      assume mln: "\<not> (m < n)"
    1.30 +      {
    1.31 +        assume mxs: "m \<le> length (x#xs)"
    1.32 +        then have ?case using Cons by (cases m) auto
    1.33 +      }
    1.34        moreover
    1.35 -      {assume mxs: "\<not> (m \<le> length (x#xs))"
    1.36 +      {
    1.37 +        assume mxs: "\<not> (m \<le> length (x#xs))"
    1.38          have th: "length (removen n (x#xs)) = length xs"
    1.39            using removen_length[where n="n" and xs="x#xs"] nxs by simp
    1.40 -        with mxs have mxs':"m \<ge> length (removen n (x#xs))" by auto
    1.41 -        hence "(removen n (x#xs))!m = [] ! (m - length xs)"
    1.42 +        with mxs have mxs':"m \<ge> length (removen n (x#xs))"
    1.43 +          by auto
    1.44 +        then have "(removen n (x#xs))!m = [] ! (m - length xs)"
    1.45            using th nth_length_exceeds[OF mxs'] by auto
    1.46 -        hence th: "(removen n (x#xs))!m = [] ! (m - (length (x#xs) - 1))"
    1.47 +        then have th: "(removen n (x#xs))!m = [] ! (m - (length (x#xs) - 1))"
    1.48            by auto
    1.49 -        hence ?case using nxs mln mxs by auto }
    1.50 +        then have ?case
    1.51 +          using nxs mln mxs by auto
    1.52 +      }
    1.53        ultimately have ?case by blast
    1.54      }
    1.55      ultimately have ?case by blast
    1.56 -  } ultimately show ?case by blast
    1.57 +  }
    1.58 +  ultimately show ?case by blast
    1.59  qed
    1.60  
    1.61  lemma decrtm:
    1.62 @@ -243,7 +259,7 @@
    1.63  (* Simplification *)
    1.64  
    1.65  consts tmadd:: "tm \<times> tm \<Rightarrow> tm"
    1.66 -recdef tmadd "measure (\<lambda> (t,s). size t + size s)"
    1.67 +recdef tmadd "measure (\<lambda>(t,s). size t + size s)"
    1.68    "tmadd (CNP n1 c1 r1,CNP n2 c2 r2) =
    1.69      (if n1 = n2 then
    1.70        let c = c1 +\<^sub>p c2
    1.71 @@ -278,9 +294,9 @@
    1.72  
    1.73  fun tmmul:: "tm \<Rightarrow> poly \<Rightarrow> tm"
    1.74  where
    1.75 -  "tmmul (CP j) = (\<lambda> i. CP (i *\<^sub>p j))"
    1.76 -| "tmmul (CNP n c a) = (\<lambda> i. CNP n (i *\<^sub>p c) (tmmul a i))"
    1.77 -| "tmmul t = (\<lambda> i. Mul i t)"
    1.78 +  "tmmul (CP j) = (\<lambda>i. CP (i *\<^sub>p j))"
    1.79 +| "tmmul (CNP n c a) = (\<lambda>i. CNP n (i *\<^sub>p c) (tmmul a i))"
    1.80 +| "tmmul t = (\<lambda>i. Mul i t)"
    1.81  
    1.82  lemma tmmul[simp]: "Itm vs bs (tmmul t i) = Itm vs bs (Mul i t)"
    1.83    by (induct t arbitrary: i rule: tmmul.induct) (simp_all add: field_simps)
    1.84 @@ -362,8 +378,7 @@
    1.85    done
    1.86  
    1.87  lemma simptm_ci[simp]: "Itm vs bs (simptm t) = Itm vs bs t"
    1.88 -  by (induct t rule: simptm.induct)
    1.89 -    (auto simp add: tmneg tmadd tmsub tmmul Let_def polynate_stupid)
    1.90 +  by (induct t rule: simptm.induct) (auto simp add: Let_def polynate_stupid)
    1.91  
    1.92  lemma simptm_tmbound0[simp]: "tmbound0 t \<Longrightarrow> tmbound0 (simptm t)"
    1.93    by (induct t rule: simptm.induct) (auto simp add: Let_def)
    1.94 @@ -422,9 +437,10 @@
    1.95  proof -
    1.96    fix c' t'
    1.97    assume "split0 t = (c', t')"
    1.98 -  hence "c' = fst (split0 t)" and "t' = snd (split0 t)"
    1.99 +  then have "c' = fst (split0 t)" and "t' = snd (split0 t)"
   1.100      by auto
   1.101 -  with split0[where t="t" and bs="bs"] show "Itm vs bs t = Itm vs bs (CNP 0 c' t')"
   1.102 +  with split0[where t="t" and bs="bs"]
   1.103 +  show "Itm vs bs t = Itm vs bs (CNP 0 c' t')"
   1.104      by simp
   1.105  qed
   1.106  
   1.107 @@ -434,7 +450,7 @@
   1.108  proof -
   1.109    fix c' t'
   1.110    assume "split0 t = (c', t')"
   1.111 -  hence "c' = fst (split0 t)" and "t' = snd (split0 t)"
   1.112 +  then have "c' = fst (split0 t)" and "t' = snd (split0 t)"
   1.113      by auto
   1.114    with conjunct1[OF split0[where t="t"]] show "tmbound 0 t'"
   1.115      by simp
   1.116 @@ -498,7 +514,8 @@
   1.117    by (induct p rule: fmsize.induct) simp_all
   1.118  
   1.119    (* Semantics of formulae (fm) *)
   1.120 -primrec Ifm ::"'a::{linordered_field_inverse_zero} list \<Rightarrow> 'a list \<Rightarrow> fm \<Rightarrow> bool" where
   1.121 +primrec Ifm ::"'a::{linordered_field_inverse_zero} list \<Rightarrow> 'a list \<Rightarrow> fm \<Rightarrow> bool"
   1.122 +where
   1.123    "Ifm vs bs T = True"
   1.124  | "Ifm vs bs F = False"
   1.125  | "Ifm vs bs (Lt a) = (Itm vs bs a < 0)"
   1.126 @@ -513,7 +530,8 @@
   1.127  | "Ifm vs bs (E p) = (\<exists>x. Ifm vs (x#bs) p)"
   1.128  | "Ifm vs bs (A p) = (\<forall>x. Ifm vs (x#bs) p)"
   1.129  
   1.130 -fun not:: "fm \<Rightarrow> fm" where
   1.131 +fun not:: "fm \<Rightarrow> fm"
   1.132 +where
   1.133    "not (NOT (NOT p)) = not p"
   1.134  | "not (NOT p) = p"
   1.135  | "not T = F"
   1.136 @@ -549,7 +567,7 @@
   1.137       else Or p q)"
   1.138  
   1.139  lemma disj[simp]: "Ifm vs bs (disj p q) = Ifm vs bs (Or p q)"
   1.140 -  by (cases "p=T \<or> q=T", simp_all add: disj_def) (cases p, simp_all)
   1.141 +  by (cases "p = T \<or> q = T", simp_all add: disj_def) (cases p, simp_all)
   1.142  
   1.143  definition imp :: "fm \<Rightarrow> fm \<Rightarrow> fm"
   1.144  where
   1.145 @@ -560,7 +578,7 @@
   1.146       else Imp p q)"
   1.147  
   1.148  lemma imp[simp]: "Ifm vs bs (imp p q) = Ifm vs bs (Imp p q)"
   1.149 -  by (cases "p=F \<or> q=T") (simp_all add: imp_def)
   1.150 +  by (cases "p = F \<or> q = T") (simp_all add: imp_def)
   1.151  
   1.152  definition iff :: "fm \<Rightarrow> fm \<Rightarrow> fm"
   1.153  where
   1.154 @@ -574,7 +592,7 @@
   1.155      else Iff p q)"
   1.156  
   1.157  lemma iff[simp]: "Ifm vs bs (iff p q) = Ifm vs bs (Iff p q)"
   1.158 -  by (unfold iff_def,cases "p=q", simp,cases "p=NOT q", simp) (cases "NOT p= q", auto)
   1.159 +  by (unfold iff_def, cases "p = q", simp, cases "p = NOT q", simp) (cases "NOT p= q", auto)
   1.160  
   1.161  (* Quantifier freeness *)
   1.162  fun qfree:: "fm \<Rightarrow> bool"
   1.163 @@ -593,10 +611,10 @@
   1.164  where
   1.165    "boundslt n T = True"
   1.166  | "boundslt n F = True"
   1.167 -| "boundslt n (Lt t) = (tmboundslt n t)"
   1.168 -| "boundslt n (Le t) = (tmboundslt n t)"
   1.169 -| "boundslt n (Eq t) = (tmboundslt n t)"
   1.170 -| "boundslt n (NEq t) = (tmboundslt n t)"
   1.171 +| "boundslt n (Lt t) = tmboundslt n t"
   1.172 +| "boundslt n (Le t) = tmboundslt n t"
   1.173 +| "boundslt n (Eq t) = tmboundslt n t"
   1.174 +| "boundslt n (NEq t) = tmboundslt n t"
   1.175  | "boundslt n (NOT p) = boundslt n p"
   1.176  | "boundslt n (And p q) = (boundslt n p \<and> boundslt n q)"
   1.177  | "boundslt n (Or p q) = (boundslt n p \<and> boundslt n q)"
   1.178 @@ -656,7 +674,7 @@
   1.179        and nb: "bound (Suc n) p" and le: "Suc n \<le> length (y#bs)" by simp+
   1.180      from E.hyps[OF bnd nb le tmbound_I] have "Ifm vs ((y#bs)[Suc n:=x]) p = Ifm vs (y#bs) p" .
   1.181    }
   1.182 -  thus ?case by simp
   1.183 +  then show ?case by simp
   1.184  next
   1.185    case (A p bs n)
   1.186    {
   1.187 @@ -667,10 +685,11 @@
   1.188        by simp_all
   1.189      from A.hyps[OF bnd nb le tmbound_I] have "Ifm vs ((y#bs)[Suc n:=x]) p = Ifm vs (y#bs) p" .
   1.190    }
   1.191 -  thus ?case by simp
   1.192 +  then show ?case by simp
   1.193  qed auto
   1.194  
   1.195 -fun decr0 :: "fm \<Rightarrow> fm" where
   1.196 +fun decr0 :: "fm \<Rightarrow> fm"
   1.197 +where
   1.198    "decr0 (Lt a) = Lt (decrtm0 a)"
   1.199  | "decr0 (Le a) = Le (decrtm0 a)"
   1.200  | "decr0 (Eq a) = Eq (decrtm0 a)"
   1.201 @@ -721,7 +740,7 @@
   1.202      from E(1)[OF bnd nb nle]
   1.203      have "Ifm vs (removen (Suc m) (x#bs)) (decr (Suc m) p) = Ifm vs (x#bs) p" .
   1.204    }
   1.205 -  thus ?case by auto
   1.206 +  then show ?case by auto
   1.207  next
   1.208    case (A p bs m)
   1.209    { fix x
   1.210 @@ -733,7 +752,7 @@
   1.211      from A(1)[OF bnd nb nle]
   1.212      have "Ifm vs (removen (Suc m) (x#bs)) (decr (Suc m) p) = Ifm vs (x#bs) p" .
   1.213    }
   1.214 -  thus ?case by auto
   1.215 +  then show ?case by auto
   1.216  qed (auto simp add: decrtm removen_nth)
   1.217  
   1.218  primrec subst0 :: "tm \<Rightarrow> fm \<Rightarrow> fm"
   1.219 @@ -795,12 +814,14 @@
   1.220      from E have nlm: "Suc n \<le> length (x#bs)"
   1.221        by simp
   1.222      from E(1)[OF bn nlm]
   1.223 -    have "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) = Ifm vs ((x#bs)[Suc n:= Itm vs (x#bs) (incrtm0 t)]) p"
   1.224 +    have "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) =
   1.225 +        Ifm vs ((x#bs)[Suc n:= Itm vs (x#bs) (incrtm0 t)]) p"
   1.226        by simp
   1.227 -    hence "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) = Ifm vs (x#bs[n:= Itm vs bs t]) p"
   1.228 +    then have "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) =
   1.229 +        Ifm vs (x#bs[n:= Itm vs bs t]) p"
   1.230        by (simp add: incrtm0[where x="x" and bs="bs" and t="t"])
   1.231    }
   1.232 -  thus ?case by simp
   1.233 +  then show ?case by simp
   1.234  next
   1.235    case (A p bs n)
   1.236    {
   1.237 @@ -810,12 +831,14 @@
   1.238      from A have nlm: "Suc n \<le> length (x#bs)"
   1.239        by simp
   1.240      from A(1)[OF bn nlm]
   1.241 -    have "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) = Ifm vs ((x#bs)[Suc n:= Itm vs (x#bs) (incrtm0 t)]) p"
   1.242 +    have "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) =
   1.243 +        Ifm vs ((x#bs)[Suc n:= Itm vs (x#bs) (incrtm0 t)]) p"
   1.244        by simp
   1.245 -    hence "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) = Ifm vs (x#bs[n:= Itm vs bs t]) p"
   1.246 +    then have "Ifm vs (x#bs) (subst (Suc n) (incrtm0 t) p) =
   1.247 +        Ifm vs (x#bs[n:= Itm vs bs t]) p"
   1.248        by (simp add: incrtm0[where x="x" and bs="bs" and t="t"])
   1.249    }
   1.250 -  thus ?case by simp
   1.251 +  then show ?case by simp
   1.252  qed (auto simp add: tmsubst)
   1.253  
   1.254  lemma subst_nb:
   1.255 @@ -852,11 +875,11 @@
   1.256    using disj_def by auto
   1.257  
   1.258  lemma imp_qf[simp]: "qfree p \<Longrightarrow> qfree q \<Longrightarrow> qfree (imp p q)"
   1.259 -  using imp_def by (cases "p=F \<or> q=T") (simp_all add: imp_def)
   1.260 +  using imp_def by (cases "p = F \<or> q = T") (simp_all add: imp_def)
   1.261  lemma imp_nb0[simp]: "bound0 p \<Longrightarrow> bound0 q \<Longrightarrow> bound0 (imp p q)"
   1.262 -  using imp_def by (cases "p=F \<or> q=T \<or> p=q") (simp_all add: imp_def)
   1.263 +  using imp_def by (cases "p = F \<or> q = T \<or> p = q") (simp_all add: imp_def)
   1.264  lemma imp_nb[simp]: "bound n p \<Longrightarrow> bound n q \<Longrightarrow> bound n (imp p q)"
   1.265 -  using imp_def by (cases "p=F \<or> q=T \<or> p=q") (simp_all add: imp_def)
   1.266 +  using imp_def by (cases "p = F \<or> q = T \<or> p = q") (simp_all add: imp_def)
   1.267  lemma imp_blt[simp]: "boundslt n p \<Longrightarrow> boundslt n q \<Longrightarrow> boundslt n (imp p q)"
   1.268    using imp_def by auto
   1.269  
   1.270 @@ -895,7 +918,7 @@
   1.271    where "evaldjf f ps \<equiv> foldr (djf f) ps F"
   1.272  
   1.273  lemma djf_Or: "Ifm vs bs (djf f p q) = Ifm vs bs (Or (f p) q)"
   1.274 -  by (cases "q=T", simp add: djf_def,cases "q=F",simp add: djf_def)
   1.275 +  by (cases "q=T", simp add: djf_def,cases "q=F", simp add: djf_def)
   1.276      (cases "f p", simp_all add: Let_def djf_def)
   1.277  
   1.278  lemma evaldjf_ex: "Ifm vs bs (evaldjf f ps) \<longleftrightarrow> (\<exists>p \<in> set ps. Ifm vs bs (f p))"
   1.279 @@ -923,89 +946,109 @@
   1.280  lemma disjuncts_nb: "bound0 p \<Longrightarrow> \<forall>q \<in> set (disjuncts p). bound0 q"
   1.281  proof -
   1.282    assume nb: "bound0 p"
   1.283 -  hence "list_all bound0 (disjuncts p)"
   1.284 -    by (induct p rule:disjuncts.induct,auto)
   1.285 -  thus ?thesis by (simp only: list_all_iff)
   1.286 +  then have "list_all bound0 (disjuncts p)"
   1.287 +    by (induct p rule:disjuncts.induct) auto
   1.288 +  then show ?thesis
   1.289 +    by (simp only: list_all_iff)
   1.290  qed
   1.291  
   1.292  lemma disjuncts_qf: "qfree p \<Longrightarrow> \<forall>q\<in> set (disjuncts p). qfree q"
   1.293  proof-
   1.294    assume qf: "qfree p"
   1.295 -  hence "list_all qfree (disjuncts p)"
   1.296 -    by (induct p rule: disjuncts.induct, auto)
   1.297 -  thus ?thesis by (simp only: list_all_iff)
   1.298 +  then have "list_all qfree (disjuncts p)"
   1.299 +    by (induct p rule: disjuncts.induct) auto
   1.300 +  then show ?thesis by (simp only: list_all_iff)
   1.301  qed
   1.302  
   1.303 -definition DJ :: "(fm \<Rightarrow> fm) \<Rightarrow> fm \<Rightarrow> fm" where
   1.304 -  "DJ f p \<equiv> evaldjf f (disjuncts p)"
   1.305 -
   1.306 -lemma DJ: assumes fdj: "\<forall>p q. Ifm vs bs (f (Or p q)) = Ifm vs bs (Or (f p) (f q))"
   1.307 -  and fF: "f F = F"
   1.308 +definition DJ :: "(fm \<Rightarrow> fm) \<Rightarrow> fm \<Rightarrow> fm"
   1.309 +  where "DJ f p \<equiv> evaldjf f (disjuncts p)"
   1.310 +
   1.311 +lemma DJ:
   1.312 +  assumes fdj: "\<forall>p q. Ifm vs bs (f (Or p q)) = Ifm vs bs (Or (f p) (f q))"
   1.313 +    and fF: "f F = F"
   1.314    shows "Ifm vs bs (DJ f p) = Ifm vs bs (f p)"
   1.315 -proof-
   1.316 +proof -
   1.317    have "Ifm vs bs (DJ f p) = (\<exists>q \<in> set (disjuncts p). Ifm vs bs (f q))"
   1.318      by (simp add: DJ_def evaldjf_ex)
   1.319 -  also have "\<dots> = Ifm vs bs (f p)" using fdj fF by (induct p rule: disjuncts.induct, auto)
   1.320 +  also have "\<dots> = Ifm vs bs (f p)"
   1.321 +    using fdj fF by (induct p rule: disjuncts.induct) auto
   1.322    finally show ?thesis .
   1.323  qed
   1.324  
   1.325 -lemma DJ_qf: assumes
   1.326 -  fqf: "\<forall>p. qfree p \<longrightarrow> qfree (f p)"
   1.327 -  shows "\<forall>p. qfree p \<longrightarrow> qfree (DJ f p) "
   1.328 -proof(clarify)
   1.329 -  fix  p assume qf: "qfree p"
   1.330 -  have th: "DJ f p = evaldjf f (disjuncts p)" by (simp add: DJ_def)
   1.331 +lemma DJ_qf:
   1.332 +  assumes fqf: "\<forall>p. qfree p \<longrightarrow> qfree (f p)"
   1.333 +  shows "\<forall>p. qfree p \<longrightarrow> qfree (DJ f p)"
   1.334 +proof clarify
   1.335 +  fix  p
   1.336 +  assume qf: "qfree p"
   1.337 +  have th: "DJ f p = evaldjf f (disjuncts p)"
   1.338 +    by (simp add: DJ_def)
   1.339    from disjuncts_qf[OF qf] have "\<forall>q\<in> set (disjuncts p). qfree q" .
   1.340 -  with fqf have th':"\<forall>q\<in> set (disjuncts p). qfree (f q)" by blast
   1.341 -
   1.342 -  from evaldjf_qf[OF th'] th show "qfree (DJ f p)" by simp
   1.343 +  with fqf have th':"\<forall>q\<in> set (disjuncts p). qfree (f q)"
   1.344 +    by blast
   1.345 +  from evaldjf_qf[OF th'] th show "qfree (DJ f p)"
   1.346 +    by simp
   1.347  qed
   1.348  
   1.349 -lemma DJ_qe: assumes qe: "\<forall>bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm vs bs (qe p) = Ifm vs bs (E p))"
   1.350 +lemma DJ_qe:
   1.351 +  assumes qe: "\<forall>bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm vs bs (qe p) = Ifm vs bs (E p))"
   1.352    shows "\<forall>bs p. qfree p \<longrightarrow> qfree (DJ qe p) \<and> (Ifm vs bs ((DJ qe p)) = Ifm vs bs (E p))"
   1.353 -proof(clarify)
   1.354 -  fix p::fm and bs
   1.355 +proof clarify
   1.356 +  fix p :: fm and bs
   1.357    assume qf: "qfree p"
   1.358 -  from qe have qth: "\<forall>p. qfree p \<longrightarrow> qfree (qe p)" by blast
   1.359 -  from DJ_qf[OF qth] qf have qfth:"qfree (DJ qe p)" by auto
   1.360 -  have "Ifm vs bs (DJ qe p) = (\<exists>q\<in> set (disjuncts p). Ifm vs bs (qe q))"
   1.361 +  from qe have qth: "\<forall>p. qfree p \<longrightarrow> qfree (qe p)"
   1.362 +    by blast
   1.363 +  from DJ_qf[OF qth] qf have qfth:"qfree (DJ qe p)"
   1.364 +    by auto
   1.365 +  have "Ifm vs bs (DJ qe p) \<longleftrightarrow> (\<exists>q\<in> set (disjuncts p). Ifm vs bs (qe q))"
   1.366      by (simp add: DJ_def evaldjf_ex)
   1.367 -  also have "\<dots> = (\<exists>q \<in> set(disjuncts p). Ifm vs bs (E q))" using qe disjuncts_qf[OF qf] by auto
   1.368 -  also have "\<dots> = Ifm vs bs (E p)" by (induct p rule: disjuncts.induct, auto)
   1.369 -  finally show "qfree (DJ qe p) \<and> Ifm vs bs (DJ qe p) = Ifm vs bs (E p)" using qfth by blast
   1.370 +  also have "\<dots> = (\<exists>q \<in> set(disjuncts p). Ifm vs bs (E q))"
   1.371 +    using qe disjuncts_qf[OF qf] by auto
   1.372 +  also have "\<dots> = Ifm vs bs (E p)"
   1.373 +    by (induct p rule: disjuncts.induct) auto
   1.374 +  finally show "qfree (DJ qe p) \<and> Ifm vs bs (DJ qe p) = Ifm vs bs (E p)"
   1.375 +    using qfth by blast
   1.376  qed
   1.377  
   1.378 -fun conjuncts :: "fm \<Rightarrow> fm list" where
   1.379 -  "conjuncts (And p q) = (conjuncts p) @ (conjuncts q)"
   1.380 +fun conjuncts :: "fm \<Rightarrow> fm list"
   1.381 +where
   1.382 +  "conjuncts (And p q) = conjuncts p @ conjuncts q"
   1.383  | "conjuncts T = []"
   1.384  | "conjuncts p = [p]"
   1.385  
   1.386 -definition list_conj :: "fm list \<Rightarrow> fm" where
   1.387 -  "list_conj ps \<equiv> foldr conj ps T"
   1.388 -
   1.389 -definition CJNB :: "(fm \<Rightarrow> fm) \<Rightarrow> fm \<Rightarrow> fm" where
   1.390 -  "CJNB f p \<equiv> (let cjs = conjuncts p ; (yes,no) = partition bound0 cjs
   1.391 -                   in conj (decr0 (list_conj yes)) (f (list_conj no)))"
   1.392 +definition list_conj :: "fm list \<Rightarrow> fm"
   1.393 +  where "list_conj ps \<equiv> foldr conj ps T"
   1.394 +
   1.395 +definition CJNB :: "(fm \<Rightarrow> fm) \<Rightarrow> fm \<Rightarrow> fm"
   1.396 +where
   1.397 +  "CJNB f p \<equiv>
   1.398 +    (let cjs = conjuncts p;
   1.399 +      (yes, no) = partition bound0 cjs
   1.400 +     in conj (decr0 (list_conj yes)) (f (list_conj no)))"
   1.401  
   1.402  lemma conjuncts_qf: "qfree p \<Longrightarrow> \<forall>q\<in> set (conjuncts p). qfree q"
   1.403 -proof-
   1.404 +proof -
   1.405    assume qf: "qfree p"
   1.406 -  hence "list_all qfree (conjuncts p)"
   1.407 -    by (induct p rule: conjuncts.induct, auto)
   1.408 -  thus ?thesis by (simp only: list_all_iff)
   1.409 +  then have "list_all qfree (conjuncts p)"
   1.410 +    by (induct p rule: conjuncts.induct) auto
   1.411 +  then show ?thesis
   1.412 +    by (simp only: list_all_iff)
   1.413  qed
   1.414  
   1.415  lemma conjuncts: "(\<forall>q\<in> set (conjuncts p). Ifm vs bs q) = Ifm vs bs p"
   1.416 -by(induct p rule: conjuncts.induct, auto)
   1.417 +  by (induct p rule: conjuncts.induct) auto
   1.418  
   1.419  lemma conjuncts_nb: "bound0 p \<Longrightarrow> \<forall>q\<in> set (conjuncts p). bound0 q"
   1.420 -proof-
   1.421 +proof -
   1.422    assume nb: "bound0 p"
   1.423 -  hence "list_all bound0 (conjuncts p)" by (induct p rule:conjuncts.induct,auto)
   1.424 -  thus ?thesis by (simp only: list_all_iff)
   1.425 +  then have "list_all bound0 (conjuncts p)"
   1.426 +    by (induct p rule:conjuncts.induct) auto
   1.427 +  then show ?thesis
   1.428 +    by (simp only: list_all_iff)
   1.429  qed
   1.430  
   1.431 -fun islin :: "fm \<Rightarrow> bool" where
   1.432 +fun islin :: "fm \<Rightarrow> bool"
   1.433 +where
   1.434    "islin (And p q) = (islin p \<and> islin q \<and> p \<noteq> T \<and> p \<noteq> F \<and> q \<noteq> T \<and> q \<noteq> F)"
   1.435  | "islin (Or p q) = (islin p \<and> islin q \<and> p \<noteq> T \<and> p \<noteq> F \<and> q \<noteq> T \<and> q \<noteq> F)"
   1.436  | "islin (Eq (CNP 0 c s)) = (isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s)"
   1.437 @@ -1017,62 +1060,84 @@
   1.438  | "islin (Iff p q) = False"
   1.439  | "islin p = bound0 p"
   1.440  
   1.441 -lemma islin_stupid: assumes nb: "tmbound0 p"
   1.442 -  shows "islin (Lt p)" and "islin (Le p)" and "islin (Eq p)" and "islin (NEq p)"
   1.443 +lemma islin_stupid:
   1.444 +  assumes nb: "tmbound0 p"
   1.445 +  shows "islin (Lt p)"
   1.446 +    and "islin (Le p)"
   1.447 +    and "islin (Eq p)"
   1.448 +    and "islin (NEq p)"
   1.449    using nb by (cases p, auto, case_tac nat, auto)+
   1.450  
   1.451  definition "lt p = (case p of CP (C c) \<Rightarrow> if 0>\<^sub>N c then T else F| _ \<Rightarrow> Lt p)"
   1.452  definition "le p = (case p of CP (C c) \<Rightarrow> if 0\<ge>\<^sub>N c then T else F | _ \<Rightarrow> Le p)"
   1.453 -definition eq where "eq p = (case p of CP (C c) \<Rightarrow> if c = 0\<^sub>N then T else F | _ \<Rightarrow> Eq p)"
   1.454 +definition "eq p = (case p of CP (C c) \<Rightarrow> if c = 0\<^sub>N then T else F | _ \<Rightarrow> Eq p)"
   1.455  definition "neq p = not (eq p)"
   1.456  
   1.457  lemma lt: "allpolys isnpoly p \<Longrightarrow> Ifm vs bs (lt p) = Ifm vs bs (Lt p)"
   1.458 -  apply(simp add: lt_def)
   1.459 -  apply(cases p, simp_all)
   1.460 -  apply (case_tac poly, simp_all add: isnpoly_def)
   1.461 +  apply (simp add: lt_def)
   1.462 +  apply (cases p)
   1.463 +  apply simp_all
   1.464 +  apply (case_tac poly)
   1.465 +  apply (simp_all add: isnpoly_def)
   1.466    done
   1.467  
   1.468  lemma le: "allpolys isnpoly p \<Longrightarrow> Ifm vs bs (le p) = Ifm vs bs (Le p)"
   1.469 -  apply(simp add: le_def)
   1.470 -  apply(cases p, simp_all)
   1.471 -  apply (case_tac poly, simp_all add: isnpoly_def)
   1.472 +  apply (simp add: le_def)
   1.473 +  apply (cases p)
   1.474 +  apply simp_all
   1.475 +  apply (case_tac poly)
   1.476 +  apply (simp_all add: isnpoly_def)
   1.477    done
   1.478  
   1.479  lemma eq: "allpolys isnpoly p \<Longrightarrow> Ifm vs bs (eq p) = Ifm vs bs (Eq p)"
   1.480 -  apply(simp add: eq_def)
   1.481 -  apply(cases p, simp_all)
   1.482 -  apply (case_tac poly, simp_all add: isnpoly_def)
   1.483 +  apply (simp add: eq_def)
   1.484 +  apply (cases p)
   1.485 +  apply simp_all
   1.486 +  apply (case_tac poly)
   1.487 +  apply (simp_all add: isnpoly_def)
   1.488    done
   1.489  
   1.490  lemma neq: "allpolys isnpoly p \<Longrightarrow> Ifm vs bs (neq p) = Ifm vs bs (NEq p)"
   1.491 -  by(simp add: neq_def eq)
   1.492 +  by (simp add: neq_def eq)
   1.493  
   1.494  lemma lt_lin: "tmbound0 p \<Longrightarrow> islin (lt p)"
   1.495    apply (simp add: lt_def)
   1.496 -  apply (cases p, simp_all)
   1.497 -  apply (case_tac poly, simp_all)
   1.498 -  apply (case_tac nat, simp_all)
   1.499 +  apply (cases p)
   1.500 +  apply simp_all
   1.501 +  apply (case_tac poly)
   1.502 +  apply simp_all
   1.503 +  apply (case_tac nat)
   1.504 +  apply simp_all
   1.505    done
   1.506  
   1.507  lemma le_lin: "tmbound0 p \<Longrightarrow> islin (le p)"
   1.508    apply (simp add: le_def)
   1.509 -  apply (cases p, simp_all)
   1.510 -  apply (case_tac poly, simp_all)
   1.511 -  apply (case_tac nat, simp_all)
   1.512 +  apply (cases p)
   1.513 +  apply simp_all
   1.514 +  apply (case_tac poly)
   1.515 +  apply simp_all
   1.516 +  apply (case_tac nat)
   1.517 +  apply simp_all
   1.518    done
   1.519  
   1.520  lemma eq_lin: "tmbound0 p \<Longrightarrow> islin (eq p)"
   1.521    apply (simp add: eq_def)
   1.522 -  apply (cases p, simp_all)
   1.523 -  apply (case_tac poly, simp_all)
   1.524 -  apply (case_tac nat, simp_all)
   1.525 +  apply (cases p)
   1.526 +  apply simp_all
   1.527 +  apply (case_tac poly)
   1.528 +  apply simp_all
   1.529 +  apply (case_tac nat)
   1.530 +  apply simp_all
   1.531    done
   1.532  
   1.533  lemma neq_lin: "tmbound0 p \<Longrightarrow> islin (neq p)"
   1.534    apply (simp add: neq_def eq_def)
   1.535 -  apply (cases p, simp_all)
   1.536 -  apply (case_tac poly, simp_all)
   1.537 -  apply (case_tac nat, simp_all)
   1.538 +  apply (cases p)
   1.539 +  apply simp_all
   1.540 +  apply (case_tac poly)
   1.541 +  apply simp_all
   1.542 +  apply (case_tac nat)
   1.543 +  apply simp_all
   1.544    done
   1.545  
   1.546  definition "simplt t = (let (c,s) = split0 (simptm t) in if c= 0\<^sub>p then lt s else Lt (CNP 0 c s))"
   1.547 @@ -1080,203 +1145,269 @@
   1.548  definition "simpeq t = (let (c,s) = split0 (simptm t) in if c= 0\<^sub>p then eq s else Eq (CNP 0 c s))"
   1.549  definition "simpneq t = (let (c,s) = split0 (simptm t) in if c= 0\<^sub>p then neq s else NEq (CNP 0 c s))"
   1.550  
   1.551 -lemma simplt_islin[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.552 +lemma simplt_islin[simp]:
   1.553 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.554    shows "islin (simplt t)"
   1.555    unfolding simplt_def
   1.556    using split0_nb0'
   1.557 -by (auto simp add: lt_lin Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly] islin_stupid allpolys_split0[OF simptm_allpolys_npoly])
   1.558 -
   1.559 -lemma simple_islin[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.560 +  by (auto simp add: lt_lin Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly]
   1.561 +      islin_stupid allpolys_split0[OF simptm_allpolys_npoly])
   1.562 +
   1.563 +lemma simple_islin[simp]:
   1.564 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.565    shows "islin (simple t)"
   1.566    unfolding simple_def
   1.567    using split0_nb0'
   1.568 -by (auto simp add: Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly] islin_stupid allpolys_split0[OF simptm_allpolys_npoly] le_lin)
   1.569 -lemma simpeq_islin[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.570 +  by (auto simp add: Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly]
   1.571 +      islin_stupid allpolys_split0[OF simptm_allpolys_npoly] le_lin)
   1.572 +
   1.573 +lemma simpeq_islin[simp]:
   1.574 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.575    shows "islin (simpeq t)"
   1.576    unfolding simpeq_def
   1.577    using split0_nb0'
   1.578 -by (auto simp add: Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly] islin_stupid allpolys_split0[OF simptm_allpolys_npoly] eq_lin)
   1.579 -
   1.580 -lemma simpneq_islin[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.581 +  by (auto simp add: Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly]
   1.582 +      islin_stupid allpolys_split0[OF simptm_allpolys_npoly] eq_lin)
   1.583 +
   1.584 +lemma simpneq_islin[simp]:
   1.585 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.586    shows "islin (simpneq t)"
   1.587    unfolding simpneq_def
   1.588    using split0_nb0'
   1.589 -by (auto simp add: Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly] islin_stupid allpolys_split0[OF simptm_allpolys_npoly] neq_lin)
   1.590 +  by (auto simp add: Let_def split_def isnpoly_fst_split0[OF simptm_allpolys_npoly]
   1.591 +      islin_stupid allpolys_split0[OF simptm_allpolys_npoly] neq_lin)
   1.592  
   1.593  lemma really_stupid: "\<not> (\<forall>c1 s'. (c1, s') \<noteq> split0 s)"
   1.594 -  by (cases "split0 s", auto)
   1.595 -lemma split0_npoly:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.596 -  and n: "allpolys isnpoly t"
   1.597 -  shows "isnpoly (fst (split0 t))" and "allpolys isnpoly (snd (split0 t))"
   1.598 +  by (cases "split0 s") auto
   1.599 +
   1.600 +lemma split0_npoly:
   1.601 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.602 +    and n: "allpolys isnpoly t"
   1.603 +  shows "isnpoly (fst (split0 t))"
   1.604 +    and "allpolys isnpoly (snd (split0 t))"
   1.605    using n
   1.606 -  by (induct t rule: split0.induct, auto simp add: Let_def split_def polyadd_norm polymul_norm polyneg_norm polysub_norm really_stupid)
   1.607 -lemma simplt[simp]:
   1.608 -  shows "Ifm vs bs (simplt t) = Ifm vs bs (Lt t)"
   1.609 -proof-
   1.610 -  have n: "allpolys isnpoly (simptm t)" by simp
   1.611 +  by (induct t rule: split0.induct)
   1.612 +    (auto simp add: Let_def split_def polyadd_norm polymul_norm polyneg_norm
   1.613 +      polysub_norm really_stupid)
   1.614 +
   1.615 +lemma simplt[simp]: "Ifm vs bs (simplt t) = Ifm vs bs (Lt t)"
   1.616 +proof -
   1.617 +  have n: "allpolys isnpoly (simptm t)"
   1.618 +    by simp
   1.619    let ?t = "simptm t"
   1.620 -  {assume "fst (split0 ?t) = 0\<^sub>p" hence ?thesis
   1.621 +  {
   1.622 +    assume "fst (split0 ?t) = 0\<^sub>p"
   1.623 +    then have ?thesis
   1.624        using split0[of "simptm t" vs bs] lt[OF split0_npoly(2)[OF n], of vs bs]
   1.625 -      by (simp add: simplt_def Let_def split_def lt)}
   1.626 +      by (simp add: simplt_def Let_def split_def lt)
   1.627 +  }
   1.628    moreover
   1.629 -  {assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
   1.630 -    hence ?thesis using  split0[of "simptm t" vs bs] by (simp add: simplt_def Let_def split_def)
   1.631 +  {
   1.632 +    assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
   1.633 +    then have ?thesis
   1.634 +      using  split0[of "simptm t" vs bs]
   1.635 +      by (simp add: simplt_def Let_def split_def)
   1.636    }
   1.637    ultimately show ?thesis by blast
   1.638  qed
   1.639  
   1.640 -lemma simple[simp]:
   1.641 -  shows "Ifm vs bs (simple t) = Ifm vs bs (Le t)"
   1.642 -proof-
   1.643 -  have n: "allpolys isnpoly (simptm t)" by simp
   1.644 +lemma simple[simp]: "Ifm vs bs (simple t) = Ifm vs bs (Le t)"
   1.645 +proof -
   1.646 +  have n: "allpolys isnpoly (simptm t)"
   1.647 +    by simp
   1.648    let ?t = "simptm t"
   1.649 -  {assume "fst (split0 ?t) = 0\<^sub>p" hence ?thesis
   1.650 +  {
   1.651 +    assume "fst (split0 ?t) = 0\<^sub>p"
   1.652 +    then have ?thesis
   1.653        using split0[of "simptm t" vs bs] le[OF split0_npoly(2)[OF n], of vs bs]
   1.654 -      by (simp add: simple_def Let_def split_def le)}
   1.655 +      by (simp add: simple_def Let_def split_def le)
   1.656 +  }
   1.657    moreover
   1.658 -  {assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
   1.659 -    hence ?thesis using  split0[of "simptm t" vs bs] by (simp add: simple_def Let_def split_def)
   1.660 +  {
   1.661 +    assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
   1.662 +    then have ?thesis
   1.663 +      using split0[of "simptm t" vs bs]
   1.664 +      by (simp add: simple_def Let_def split_def)
   1.665    }
   1.666    ultimately show ?thesis by blast
   1.667  qed
   1.668  
   1.669 -lemma simpeq[simp]:
   1.670 -  shows "Ifm vs bs (simpeq t) = Ifm vs bs (Eq t)"
   1.671 -proof-
   1.672 -  have n: "allpolys isnpoly (simptm t)" by simp
   1.673 +lemma simpeq[simp]: "Ifm vs bs (simpeq t) = Ifm vs bs (Eq t)"
   1.674 +proof -
   1.675 +  have n: "allpolys isnpoly (simptm t)"
   1.676 +    by simp
   1.677    let ?t = "simptm t"
   1.678 -  {assume "fst (split0 ?t) = 0\<^sub>p" hence ?thesis
   1.679 +  {
   1.680 +    assume "fst (split0 ?t) = 0\<^sub>p"
   1.681 +    then have ?thesis
   1.682        using split0[of "simptm t" vs bs] eq[OF split0_npoly(2)[OF n], of vs bs]
   1.683 -      by (simp add: simpeq_def Let_def split_def)}
   1.684 +      by (simp add: simpeq_def Let_def split_def)
   1.685 +  }
   1.686    moreover
   1.687 -  {assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
   1.688 -    hence ?thesis using  split0[of "simptm t" vs bs] by (simp add: simpeq_def Let_def split_def)
   1.689 +  {
   1.690 +    assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
   1.691 +    then have ?thesis using  split0[of "simptm t" vs bs]
   1.692 +      by (simp add: simpeq_def Let_def split_def)
   1.693    }
   1.694    ultimately show ?thesis by blast
   1.695  qed
   1.696  
   1.697 -lemma simpneq[simp]:
   1.698 -  shows "Ifm vs bs (simpneq t) = Ifm vs bs (NEq t)"
   1.699 -proof-
   1.700 -  have n: "allpolys isnpoly (simptm t)" by simp
   1.701 +lemma simpneq[simp]: "Ifm vs bs (simpneq t) = Ifm vs bs (NEq t)"
   1.702 +proof -
   1.703 +  have n: "allpolys isnpoly (simptm t)"
   1.704 +    by simp
   1.705    let ?t = "simptm t"
   1.706 -  {assume "fst (split0 ?t) = 0\<^sub>p" hence ?thesis
   1.707 +  {
   1.708 +    assume "fst (split0 ?t) = 0\<^sub>p"
   1.709 +    then have ?thesis
   1.710        using split0[of "simptm t" vs bs] neq[OF split0_npoly(2)[OF n], of vs bs]
   1.711 -      by (simp add: simpneq_def Let_def split_def )}
   1.712 +      by (simp add: simpneq_def Let_def split_def)
   1.713 +  }
   1.714    moreover
   1.715 -  {assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
   1.716 -    hence ?thesis using  split0[of "simptm t" vs bs] by (simp add: simpneq_def Let_def split_def)
   1.717 +  {
   1.718 +    assume "fst (split0 ?t) \<noteq> 0\<^sub>p"
   1.719 +    then have ?thesis
   1.720 +      using split0[of "simptm t" vs bs] by (simp add: simpneq_def Let_def split_def)
   1.721    }
   1.722    ultimately show ?thesis by blast
   1.723  qed
   1.724  
   1.725  lemma lt_nb: "tmbound0 t \<Longrightarrow> bound0 (lt t)"
   1.726    apply (simp add: lt_def)
   1.727 -  apply (cases t, auto)
   1.728 -  apply (case_tac poly, auto)
   1.729 +  apply (cases t)
   1.730 +  apply auto
   1.731 +  apply (case_tac poly)
   1.732 +  apply auto
   1.733    done
   1.734  
   1.735  lemma le_nb: "tmbound0 t \<Longrightarrow> bound0 (le t)"
   1.736    apply (simp add: le_def)
   1.737 -  apply (cases t, auto)
   1.738 -  apply (case_tac poly, auto)
   1.739 +  apply (cases t)
   1.740 +  apply auto
   1.741 +  apply (case_tac poly)
   1.742 +  apply auto
   1.743    done
   1.744  
   1.745  lemma eq_nb: "tmbound0 t \<Longrightarrow> bound0 (eq t)"
   1.746    apply (simp add: eq_def)
   1.747 -  apply (cases t, auto)
   1.748 -  apply (case_tac poly, auto)
   1.749 +  apply (cases t)
   1.750 +  apply auto
   1.751 +  apply (case_tac poly)
   1.752 +  apply auto
   1.753    done
   1.754  
   1.755  lemma neq_nb: "tmbound0 t \<Longrightarrow> bound0 (neq t)"
   1.756    apply (simp add: neq_def eq_def)
   1.757 -  apply (cases t, auto)
   1.758 -  apply (case_tac poly, auto)
   1.759 +  apply (cases t)
   1.760 +  apply auto
   1.761 +  apply (case_tac poly)
   1.762 +  apply auto
   1.763    done
   1.764  
   1.765 -lemma simplt_nb[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.766 +lemma simplt_nb[simp]:
   1.767 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.768    shows "tmbound0 t \<Longrightarrow> bound0 (simplt t)"
   1.769 -  using split0 [of "simptm t" "vs::'a list" bs]
   1.770 -proof(simp add: simplt_def Let_def split_def)
   1.771 +proof (simp add: simplt_def Let_def split_def)
   1.772    assume nb: "tmbound0 t"
   1.773 -  hence nb': "tmbound0 (simptm t)" by simp
   1.774 +  then have nb': "tmbound0 (simptm t)"
   1.775 +    by simp
   1.776    let ?c = "fst (split0 (simptm t))"
   1.777    from tmbound_split0[OF nb'[unfolded tmbound0_tmbound_iff[symmetric]]]
   1.778 -  have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p" by auto
   1.779 +  have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p"
   1.780 +    by auto
   1.781    from isnpoly_fst_split0[OF simptm_allpolys_npoly[of t]]
   1.782 -  have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0" by (simp_all add: isnpoly_def)
   1.783 +  have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0"
   1.784 +    by (simp_all add: isnpoly_def)
   1.785    from iffD1[OF isnpolyh_unique[OF ths] th]
   1.786    have "fst (split0 (simptm t)) = 0\<^sub>p" .
   1.787 -  thus "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (lt (snd (split0 (simptm t))))) \<and>
   1.788 -       fst (split0 (simptm t)) = 0\<^sub>p" by (simp add: simplt_def Let_def split_def lt_nb)
   1.789 +  then show "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (lt (snd (split0 (simptm t))))) \<and>
   1.790 +      fst (split0 (simptm t)) = 0\<^sub>p"
   1.791 +    by (simp add: simplt_def Let_def split_def lt_nb)
   1.792  qed
   1.793  
   1.794 -lemma simple_nb[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.795 +lemma simple_nb[simp]:
   1.796 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.797    shows "tmbound0 t \<Longrightarrow> bound0 (simple t)"
   1.798 -  using split0 [of "simptm t" "vs::'a list" bs]
   1.799  proof(simp add: simple_def Let_def split_def)
   1.800    assume nb: "tmbound0 t"
   1.801 -  hence nb': "tmbound0 (simptm t)" by simp
   1.802 +  then have nb': "tmbound0 (simptm t)"
   1.803 +    by simp
   1.804    let ?c = "fst (split0 (simptm t))"
   1.805    from tmbound_split0[OF nb'[unfolded tmbound0_tmbound_iff[symmetric]]]
   1.806 -  have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p" by auto
   1.807 +  have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p"
   1.808 +    by auto
   1.809    from isnpoly_fst_split0[OF simptm_allpolys_npoly[of t]]
   1.810 -  have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0" by (simp_all add: isnpoly_def)
   1.811 +  have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0"
   1.812 +    by (simp_all add: isnpoly_def)
   1.813    from iffD1[OF isnpolyh_unique[OF ths] th]
   1.814    have "fst (split0 (simptm t)) = 0\<^sub>p" .
   1.815 -  thus "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (le (snd (split0 (simptm t))))) \<and>
   1.816 -       fst (split0 (simptm t)) = 0\<^sub>p" by (simp add: simplt_def Let_def split_def le_nb)
   1.817 +  then show "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (le (snd (split0 (simptm t))))) \<and>
   1.818 +      fst (split0 (simptm t)) = 0\<^sub>p"
   1.819 +    by (simp add: simplt_def Let_def split_def le_nb)
   1.820  qed
   1.821  
   1.822 -lemma simpeq_nb[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.823 +lemma simpeq_nb[simp]:
   1.824 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.825    shows "tmbound0 t \<Longrightarrow> bound0 (simpeq t)"
   1.826 -  using split0 [of "simptm t" "vs::'a list" bs]
   1.827 -proof(simp add: simpeq_def Let_def split_def)
   1.828 +proof (simp add: simpeq_def Let_def split_def)
   1.829    assume nb: "tmbound0 t"
   1.830 -  hence nb': "tmbound0 (simptm t)" by simp
   1.831 +  then have nb': "tmbound0 (simptm t)"
   1.832 +    by simp
   1.833    let ?c = "fst (split0 (simptm t))"
   1.834    from tmbound_split0[OF nb'[unfolded tmbound0_tmbound_iff[symmetric]]]
   1.835 -  have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p" by auto
   1.836 +  have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p"
   1.837 +    by auto
   1.838    from isnpoly_fst_split0[OF simptm_allpolys_npoly[of t]]
   1.839 -  have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0" by (simp_all add: isnpoly_def)
   1.840 +  have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0"
   1.841 +    by (simp_all add: isnpoly_def)
   1.842    from iffD1[OF isnpolyh_unique[OF ths] th]
   1.843    have "fst (split0 (simptm t)) = 0\<^sub>p" .
   1.844 -  thus "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (eq (snd (split0 (simptm t))))) \<and>
   1.845 -       fst (split0 (simptm t)) = 0\<^sub>p" by (simp add: simpeq_def Let_def split_def eq_nb)
   1.846 +  then show "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (eq (snd (split0 (simptm t))))) \<and>
   1.847 +      fst (split0 (simptm t)) = 0\<^sub>p"
   1.848 +    by (simp add: simpeq_def Let_def split_def eq_nb)
   1.849  qed
   1.850  
   1.851 -lemma simpneq_nb[simp]:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.852 +lemma simpneq_nb[simp]:
   1.853 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
   1.854    shows "tmbound0 t \<Longrightarrow> bound0 (simpneq t)"
   1.855 -  using split0 [of "simptm t" "vs::'a list" bs]
   1.856 -proof(simp add: simpneq_def Let_def split_def)
   1.857 +proof (simp add: simpneq_def Let_def split_def)
   1.858    assume nb: "tmbound0 t"
   1.859 -  hence nb': "tmbound0 (simptm t)" by simp
   1.860 +  then have nb': "tmbound0 (simptm t)"
   1.861 +    by simp
   1.862    let ?c = "fst (split0 (simptm t))"
   1.863    from tmbound_split0[OF nb'[unfolded tmbound0_tmbound_iff[symmetric]]]
   1.864 -  have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p" by auto
   1.865 +  have th: "\<forall>bs. Ipoly bs ?c = Ipoly bs 0\<^sub>p"
   1.866 +    by auto
   1.867    from isnpoly_fst_split0[OF simptm_allpolys_npoly[of t]]
   1.868 -  have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0" by (simp_all add: isnpoly_def)
   1.869 +  have ths: "isnpolyh ?c 0" "isnpolyh 0\<^sub>p 0"
   1.870 +    by (simp_all add: isnpoly_def)
   1.871    from iffD1[OF isnpolyh_unique[OF ths] th]
   1.872    have "fst (split0 (simptm t)) = 0\<^sub>p" .
   1.873 -  thus "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (neq (snd (split0 (simptm t))))) \<and>
   1.874 -       fst (split0 (simptm t)) = 0\<^sub>p" by (simp add: simpneq_def Let_def split_def neq_nb)
   1.875 +  then show "(fst (split0 (simptm t)) = 0\<^sub>p \<longrightarrow> bound0 (neq (snd (split0 (simptm t))))) \<and>
   1.876 +      fst (split0 (simptm t)) = 0\<^sub>p"
   1.877 +    by (simp add: simpneq_def Let_def split_def neq_nb)
   1.878  qed
   1.879  
   1.880 -fun conjs   :: "fm \<Rightarrow> fm list" where
   1.881 -  "conjs (And p q) = (conjs p)@(conjs q)"
   1.882 +fun conjs :: "fm \<Rightarrow> fm list"
   1.883 +where
   1.884 +  "conjs (And p q) = conjs p @ conjs q"
   1.885  | "conjs T = []"
   1.886  | "conjs p = [p]"
   1.887 +
   1.888  lemma conjs_ci: "(\<forall>q \<in> set (conjs p). Ifm vs bs q) = Ifm vs bs p"
   1.889 -by (induct p rule: conjs.induct, auto)
   1.890 -definition list_disj :: "fm list \<Rightarrow> fm" where
   1.891 -  "list_disj ps \<equiv> foldr disj ps F"
   1.892 +  by (induct p rule: conjs.induct) auto
   1.893 +
   1.894 +definition list_disj :: "fm list \<Rightarrow> fm"
   1.895 +  where "list_disj ps \<equiv> foldr disj ps F"
   1.896  
   1.897  lemma list_conj: "Ifm vs bs (list_conj ps) = (\<forall>p\<in> set ps. Ifm vs bs p)"
   1.898 -  by (induct ps, auto simp add: list_conj_def)
   1.899 +  by (induct ps) (auto simp add: list_conj_def)
   1.900 +
   1.901  lemma list_conj_qf: " \<forall>p\<in> set ps. qfree p \<Longrightarrow> qfree (list_conj ps)"
   1.902 -  by (induct ps, auto simp add: list_conj_def)
   1.903 +  by (induct ps) (auto simp add: list_conj_def)
   1.904 +
   1.905  lemma list_disj: "Ifm vs bs (list_disj ps) = (\<exists>p\<in> set ps. Ifm vs bs p)"
   1.906 -  by (induct ps, auto simp add: list_disj_def)
   1.907 +  by (induct ps) (auto simp add: list_disj_def)
   1.908  
   1.909  lemma conj_boundslt: "boundslt n p \<Longrightarrow> boundslt n q \<Longrightarrow> boundslt n (conj p q)"
   1.910    unfolding conj_def by auto
   1.911 @@ -1297,25 +1428,27 @@
   1.912    apply (unfold ball_Un)
   1.913    apply (unfold boundslt.simps)
   1.914    apply blast
   1.915 -by simp_all
   1.916 +  apply simp_all
   1.917 +  done
   1.918  
   1.919  lemma list_conj_boundslt: " \<forall>p\<in> set ps. boundslt n p \<Longrightarrow> boundslt n (list_conj ps)"
   1.920    unfolding list_conj_def
   1.921 -  by (induct ps, auto simp add: conj_boundslt)
   1.922 -
   1.923 -lemma list_conj_nb: assumes bnd: "\<forall>p\<in> set ps. bound n p"
   1.924 +  by (induct ps) auto
   1.925 +
   1.926 +lemma list_conj_nb:
   1.927 +  assumes bnd: "\<forall>p\<in> set ps. bound n p"
   1.928    shows "bound n (list_conj ps)"
   1.929    using bnd
   1.930    unfolding list_conj_def
   1.931 -  by (induct ps, auto simp add: conj_nb)
   1.932 +  by (induct ps) auto
   1.933  
   1.934  lemma list_conj_nb': "\<forall>p\<in>set ps. bound0 p \<Longrightarrow> bound0 (list_conj ps)"
   1.935 -unfolding list_conj_def by (induct ps , auto)
   1.936 +  unfolding list_conj_def by (induct ps) auto
   1.937  
   1.938  lemma CJNB_qe:
   1.939    assumes qe: "\<forall>bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm vs bs (qe p) = Ifm vs bs (E p))"
   1.940    shows "\<forall>bs p. qfree p \<longrightarrow> qfree (CJNB qe p) \<and> (Ifm vs bs ((CJNB qe p)) = Ifm vs bs (E p))"
   1.941 -proof(clarify)
   1.942 +proof clarify
   1.943    fix bs p
   1.944    assume qfp: "qfree p"
   1.945    let ?cjs = "conjuncts p"
   1.946 @@ -1323,24 +1456,36 @@
   1.947    let ?no = "snd (partition bound0 ?cjs)"
   1.948    let ?cno = "list_conj ?no"
   1.949    let ?cyes = "list_conj ?yes"
   1.950 -  have part: "partition bound0 ?cjs = (?yes,?no)" by simp
   1.951 -  from partition_P[OF part] have "\<forall>q\<in> set ?yes. bound0 q" by blast
   1.952 -  hence yes_nb: "bound0 ?cyes" by (simp add: list_conj_nb')
   1.953 -  hence yes_qf: "qfree (decr0 ?cyes )" by (simp add: decr0_qf)
   1.954 +  have part: "partition bound0 ?cjs = (?yes,?no)"
   1.955 +    by simp
   1.956 +  from partition_P[OF part] have "\<forall>q\<in> set ?yes. bound0 q"
   1.957 +    by blast
   1.958 +  then have yes_nb: "bound0 ?cyes"
   1.959 +    by (simp add: list_conj_nb')
   1.960 +  then have yes_qf: "qfree (decr0 ?cyes)"
   1.961 +    by (simp add: decr0_qf)
   1.962    from conjuncts_qf[OF qfp] partition_set[OF part]
   1.963 -  have " \<forall>q\<in> set ?no. qfree q" by auto
   1.964 -  hence no_qf: "qfree ?cno"by (simp add: list_conj_qf)
   1.965 -  with qe have cno_qf:"qfree (qe ?cno )"
   1.966 -    and noE: "Ifm vs bs (qe ?cno) = Ifm vs bs (E ?cno)" by blast+
   1.967 +  have " \<forall>q\<in> set ?no. qfree q"
   1.968 +    by auto
   1.969 +  then have no_qf: "qfree ?cno"
   1.970 +    by (simp add: list_conj_qf)
   1.971 +  with qe have cno_qf:"qfree (qe ?cno)"
   1.972 +    and noE: "Ifm vs bs (qe ?cno) = Ifm vs bs (E ?cno)"
   1.973 +    by blast+
   1.974    from cno_qf yes_qf have qf: "qfree (CJNB qe p)"
   1.975 -    by (simp add: CJNB_def Let_def conj_qf split_def)
   1.976 -  {fix bs
   1.977 -    from conjuncts have "Ifm vs bs p = (\<forall>q\<in> set ?cjs. Ifm vs bs q)" by blast
   1.978 +    by (simp add: CJNB_def Let_def split_def)
   1.979 +  {
   1.980 +    fix bs
   1.981 +    from conjuncts have "Ifm vs bs p = (\<forall>q\<in> set ?cjs. Ifm vs bs q)"
   1.982 +      by blast
   1.983      also have "\<dots> = ((\<forall>q\<in> set ?yes. Ifm vs bs q) \<and> (\<forall>q\<in> set ?no. Ifm vs bs q))"
   1.984        using partition_set[OF part] by auto
   1.985 -    finally have "Ifm vs bs p = ((Ifm vs bs ?cyes) \<and> (Ifm vs bs ?cno))" using list_conj[of vs bs] by simp}
   1.986 -  hence "Ifm vs bs (E p) = (\<exists>x. (Ifm vs (x#bs) ?cyes) \<and> (Ifm vs (x#bs) ?cno))" by simp
   1.987 -  also have "\<dots> = (\<exists>x. (Ifm vs (y#bs) ?cyes) \<and> (Ifm vs (x#bs) ?cno))"
   1.988 +    finally have "Ifm vs bs p = ((Ifm vs bs ?cyes) \<and> (Ifm vs bs ?cno))"
   1.989 +      using list_conj[of vs bs] by simp
   1.990 +  }
   1.991 +  then have "Ifm vs bs (E p) = (\<exists>x. (Ifm vs (x#bs) ?cyes) \<and> (Ifm vs (x#bs) ?cno))"
   1.992 +    by simp
   1.993 +  also fix y have "\<dots> = (\<exists>x. (Ifm vs (y#bs) ?cyes) \<and> (Ifm vs (x#bs) ?cno))"
   1.994      using bound0_I[OF yes_nb, where bs="bs" and b'="y"] by blast
   1.995    also have "\<dots> = (Ifm vs bs (decr0 ?cyes) \<and> Ifm vs bs (E ?cno))"
   1.996      by (auto simp add: decr0[OF yes_nb] simp del: partition_filter_conv)
   1.997 @@ -1348,7 +1493,8 @@
   1.998      using qe[rule_format, OF no_qf] by auto
   1.999    finally have "Ifm vs bs (E p) = Ifm vs bs (CJNB qe p)"
  1.1000      by (simp add: Let_def CJNB_def split_def)
  1.1001 -  with qf show "qfree (CJNB qe p) \<and> Ifm vs bs (CJNB qe p) = Ifm vs bs (E p)" by blast
  1.1002 +  with qf show "qfree (CJNB qe p) \<and> Ifm vs bs (CJNB qe p) = Ifm vs bs (E p)"
  1.1003 +    by blast
  1.1004  qed
  1.1005  
  1.1006  consts simpfm :: "fm \<Rightarrow> fm"
  1.1007 @@ -1360,11 +1506,13 @@
  1.1008    "simpfm (And p q) = conj (simpfm p) (simpfm q)"
  1.1009    "simpfm (Or p q) = disj (simpfm p) (simpfm q)"
  1.1010    "simpfm (Imp p q) = disj (simpfm (NOT p)) (simpfm q)"
  1.1011 -  "simpfm (Iff p q) = disj (conj (simpfm p) (simpfm q)) (conj (simpfm (NOT p)) (simpfm (NOT q)))"
  1.1012 +  "simpfm (Iff p q) =
  1.1013 +    disj (conj (simpfm p) (simpfm q)) (conj (simpfm (NOT p)) (simpfm (NOT q)))"
  1.1014    "simpfm (NOT (And p q)) = disj (simpfm (NOT p)) (simpfm (NOT q))"
  1.1015    "simpfm (NOT (Or p q)) = conj (simpfm (NOT p)) (simpfm (NOT q))"
  1.1016    "simpfm (NOT (Imp p q)) = conj (simpfm p) (simpfm (NOT q))"
  1.1017 -  "simpfm (NOT (Iff p q)) = disj (conj (simpfm p) (simpfm (NOT q))) (conj (simpfm (NOT p)) (simpfm q))"
  1.1018 +  "simpfm (NOT (Iff p q)) =
  1.1019 +    disj (conj (simpfm p) (simpfm (NOT q))) (conj (simpfm (NOT p)) (simpfm q))"
  1.1020    "simpfm (NOT (Eq t)) = simpneq t"
  1.1021    "simpfm (NOT (NEq t)) = simpeq t"
  1.1022    "simpfm (NOT (Le t)) = simplt (Neg t)"
  1.1023 @@ -1375,23 +1523,33 @@
  1.1024    "simpfm p = p"
  1.1025  
  1.1026  lemma simpfm[simp]: "Ifm vs bs (simpfm p) = Ifm vs bs p"
  1.1027 -by(induct p arbitrary: bs rule: simpfm.induct, auto)
  1.1028 -
  1.1029 -lemma simpfm_bound0:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1.1030 +  by (induct p arbitrary: bs rule: simpfm.induct) auto
  1.1031 +
  1.1032 +lemma simpfm_bound0:
  1.1033 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1.1034    shows "bound0 p \<Longrightarrow> bound0 (simpfm p)"
  1.1035 -by (induct p rule: simpfm.induct, auto)
  1.1036 +  by (induct p rule: simpfm.induct) auto
  1.1037  
  1.1038  lemma lt_qf[simp]: "qfree (lt t)"
  1.1039 -  apply (cases t, auto simp add: lt_def)
  1.1040 -  by (case_tac poly, auto)
  1.1041 +  apply (cases t)
  1.1042 +  apply (auto simp add: lt_def)
  1.1043 +  apply (case_tac poly)
  1.1044 +  apply auto
  1.1045 +  done
  1.1046  
  1.1047  lemma le_qf[simp]: "qfree (le t)"
  1.1048 -  apply (cases t, auto simp add: le_def)
  1.1049 -  by (case_tac poly, auto)
  1.1050 +  apply (cases t)
  1.1051 +  apply (auto simp add: le_def)
  1.1052 +  apply (case_tac poly)
  1.1053 +  apply auto
  1.1054 +  done
  1.1055  
  1.1056  lemma eq_qf[simp]: "qfree (eq t)"
  1.1057 -  apply (cases t, auto simp add: eq_def)
  1.1058 -  by (case_tac poly, auto)
  1.1059 +  apply (cases t)
  1.1060 +  apply (auto simp add: eq_def)
  1.1061 +  apply (case_tac poly)
  1.1062 +  apply auto
  1.1063 +  done
  1.1064  
  1.1065  lemma neq_qf[simp]: "qfree (neq t)" by (simp add: neq_def)
  1.1066  
  1.1067 @@ -1401,16 +1559,17 @@
  1.1068  lemma simpneq_qf[simp]: "qfree (simpneq t)" by (simp add: simpneq_def Let_def split_def)
  1.1069  
  1.1070  lemma simpfm_qf[simp]: "qfree p \<Longrightarrow> qfree (simpfm p)"
  1.1071 -by (induct p rule: simpfm.induct, auto simp add: disj_qf imp_qf iff_qf conj_qf not_qf Let_def)
  1.1072 -
  1.1073 -lemma disj_lin: "islin p \<Longrightarrow> islin q \<Longrightarrow> islin (disj p q)" by (simp add: disj_def)
  1.1074 -lemma conj_lin: "islin p \<Longrightarrow> islin q \<Longrightarrow> islin (conj p q)" by (simp add: conj_def)
  1.1075 -
  1.1076 -lemma   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1.1077 +  by (induct p rule: simpfm.induct) auto
  1.1078 +
  1.1079 +lemma disj_lin: "islin p \<Longrightarrow> islin q \<Longrightarrow> islin (disj p q)"
  1.1080 +  by (simp add: disj_def)
  1.1081 +lemma conj_lin: "islin p \<Longrightarrow> islin q \<Longrightarrow> islin (conj p q)"
  1.1082 +  by (simp add: conj_def)
  1.1083 +
  1.1084 +lemma
  1.1085 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1.1086    shows "qfree p \<Longrightarrow> islin (simpfm p)"
  1.1087 -  apply (induct p rule: simpfm.induct)
  1.1088 -  apply (simp_all add: conj_lin disj_lin)
  1.1089 -  done
  1.1090 +  by (induct p rule: simpfm.induct) (simp_all add: conj_lin disj_lin)
  1.1091  
  1.1092  consts prep :: "fm \<Rightarrow> fm"
  1.1093  recdef prep "measure fmsize"
  1.1094 @@ -1438,33 +1597,36 @@
  1.1095    "prep (Iff p q) = disj (prep (And p q)) (prep (And (NOT p) (NOT q)))"
  1.1096    "prep p = p"
  1.1097  (hints simp add: fmsize_pos)
  1.1098 +
  1.1099  lemma prep: "Ifm vs bs (prep p) = Ifm vs bs p"
  1.1100 -by (induct p arbitrary: bs rule: prep.induct, auto)
  1.1101 -
  1.1102 -
  1.1103 -
  1.1104 -  (* Generic quantifier elimination *)
  1.1105 -function (sequential) qelim :: "fm \<Rightarrow> (fm \<Rightarrow> fm) \<Rightarrow> fm" where
  1.1106 -  "qelim (E p) = (\<lambda> qe. DJ (CJNB qe) (qelim p qe))"
  1.1107 -| "qelim (A p) = (\<lambda> qe. not (qe ((qelim (NOT p) qe))))"
  1.1108 -| "qelim (NOT p) = (\<lambda> qe. not (qelim p qe))"
  1.1109 -| "qelim (And p q) = (\<lambda> qe. conj (qelim p qe) (qelim q qe))"
  1.1110 -| "qelim (Or  p q) = (\<lambda> qe. disj (qelim p qe) (qelim q qe))"
  1.1111 -| "qelim (Imp p q) = (\<lambda> qe. imp (qelim p qe) (qelim q qe))"
  1.1112 -| "qelim (Iff p q) = (\<lambda> qe. iff (qelim p qe) (qelim q qe))"
  1.1113 -| "qelim p = (\<lambda> y. simpfm p)"
  1.1114 +  by (induct p arbitrary: bs rule: prep.induct) auto
  1.1115 +
  1.1116 +
  1.1117 +(* Generic quantifier elimination *)
  1.1118 +function (sequential) qelim :: "fm \<Rightarrow> (fm \<Rightarrow> fm) \<Rightarrow> fm"
  1.1119 +where
  1.1120 +  "qelim (E p) = (\<lambda>qe. DJ (CJNB qe) (qelim p qe))"
  1.1121 +| "qelim (A p) = (\<lambda>qe. not (qe ((qelim (NOT p) qe))))"
  1.1122 +| "qelim (NOT p) = (\<lambda>qe. not (qelim p qe))"
  1.1123 +| "qelim (And p q) = (\<lambda>qe. conj (qelim p qe) (qelim q qe))"
  1.1124 +| "qelim (Or  p q) = (\<lambda>qe. disj (qelim p qe) (qelim q qe))"
  1.1125 +| "qelim (Imp p q) = (\<lambda>qe. imp (qelim p qe) (qelim q qe))"
  1.1126 +| "qelim (Iff p q) = (\<lambda>qe. iff (qelim p qe) (qelim q qe))"
  1.1127 +| "qelim p = (\<lambda>y. simpfm p)"
  1.1128  by pat_completeness simp_all
  1.1129  termination by (relation "measure fmsize") auto
  1.1130  
  1.1131  lemma qelim:
  1.1132    assumes qe_inv: "\<forall>bs p. qfree p \<longrightarrow> qfree (qe p) \<and> (Ifm vs bs (qe p) = Ifm vs bs (E p))"
  1.1133    shows "\<And> bs. qfree (qelim p qe) \<and> (Ifm vs bs (qelim p qe) = Ifm vs bs p)"
  1.1134 -using qe_inv DJ_qe[OF CJNB_qe[OF qe_inv]]
  1.1135 -by (induct p rule: qelim.induct) auto
  1.1136 -
  1.1137 -subsection{* Core Procedure *}
  1.1138 -
  1.1139 -fun minusinf:: "fm \<Rightarrow> fm" (* Virtual substitution of -\<infinity>*) where
  1.1140 +  using qe_inv DJ_qe[OF CJNB_qe[OF qe_inv]]
  1.1141 +  by (induct p rule: qelim.induct) auto
  1.1142 +
  1.1143 +
  1.1144 +subsection {* Core Procedure *}
  1.1145 +
  1.1146 +fun minusinf:: "fm \<Rightarrow> fm" (* Virtual substitution of -\<infinity>*)
  1.1147 +where
  1.1148    "minusinf (And p q) = conj (minusinf p) (minusinf q)"
  1.1149  | "minusinf (Or p q) = disj (minusinf p) (minusinf q)"
  1.1150  | "minusinf (Eq  (CNP 0 c e)) = conj (eq (CP c)) (eq e)"
  1.1151 @@ -1473,7 +1635,8 @@
  1.1152  | "minusinf (Le  (CNP 0 c e)) = disj (conj (eq (CP c)) (le e)) (lt (CP (~\<^sub>p c)))"
  1.1153  | "minusinf p = p"
  1.1154  
  1.1155 -fun plusinf:: "fm \<Rightarrow> fm" (* Virtual substitution of +\<infinity>*) where
  1.1156 +fun plusinf:: "fm \<Rightarrow> fm" (* Virtual substitution of +\<infinity>*)
  1.1157 +where
  1.1158    "plusinf (And p q) = conj (plusinf p) (plusinf q)"
  1.1159  | "plusinf (Or p q) = disj (plusinf p) (plusinf q)"
  1.1160  | "plusinf (Eq  (CNP 0 c e)) = conj (eq (CP c)) (eq e)"
  1.1161 @@ -1482,443 +1645,811 @@
  1.1162  | "plusinf (Le  (CNP 0 c e)) = disj (conj (eq (CP c)) (le e)) (lt (CP c))"
  1.1163  | "plusinf p = p"
  1.1164  
  1.1165 -lemma minusinf_inf: assumes lp:"islin p"
  1.1166 +lemma minusinf_inf:
  1.1167 +  assumes lp: "islin p"
  1.1168    shows "\<exists>z. \<forall>x < z. Ifm vs (x#bs) (minusinf p) \<longleftrightarrow> Ifm vs (x#bs) p"
  1.1169    using lp
  1.1170  proof (induct p rule: minusinf.induct)
  1.1171 -  case 1 thus ?case by (auto,rule_tac x="min z za" in exI, auto)
  1.1172 +  case 1
  1.1173 +  then show ?case
  1.1174 +    apply auto
  1.1175 +    apply (rule_tac x="min z za" in exI)
  1.1176 +    apply auto
  1.1177 +    done
  1.1178  next
  1.1179 -  case 2 thus ?case by (auto,rule_tac x="min z za" in exI, auto)
  1.1180 +  case 2
  1.1181 +  then show ?case
  1.1182 +    apply auto
  1.1183 +    apply (rule_tac x="min z za" in exI)
  1.1184 +    apply auto
  1.1185 +    done
  1.1186  next
  1.1187 -  case (3 c e) hence nbe: "tmbound0 e" by simp
  1.1188 -  from 3 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1.1189 +  case (3 c e)
  1.1190 +  then have nbe: "tmbound0 e"
  1.1191 +    by simp
  1.1192 +  from 3 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e"
  1.1193 +    by simp_all
  1.1194    note eqs = eq[OF nc(1), where ?'a = 'a] eq[OF nc(2), where ?'a = 'a]
  1.1195    let ?c = "Ipoly vs c"
  1.1196 +  fix y
  1.1197    let ?e = "Itm vs (y#bs) e"
  1.1198 -  have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1.1199 -  moreover {assume "?c = 0" hence ?case
  1.1200 -      using eq[OF nc(2), of vs] eq[OF nc(1), of vs] by auto}
  1.1201 -  moreover {assume cp: "?c > 0"
  1.1202 -    {fix x assume xz: "x < -?e / ?c" hence "?c * x < - ?e"
  1.1203 -        using pos_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1204 -      hence "?c * x + ?e < 0" by simp
  1.1205 -      hence "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Eq (CNP 0 c e)))"
  1.1206 -        using eqs tmbound0_I[OF nbe, where b="y" and b'="x" and vs=vs and bs=bs] by auto} hence ?case by auto}
  1.1207 -  moreover {assume cp: "?c < 0"
  1.1208 -    {fix x assume xz: "x < -?e / ?c" hence "?c * x > - ?e"
  1.1209 -        using neg_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1210 -      hence "?c * x + ?e > 0" by simp
  1.1211 -      hence "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Eq (CNP 0 c e)))"
  1.1212 -        using tmbound0_I[OF nbe, where b="y" and b'="x"] eqs by auto} hence ?case by auto}
  1.1213 -  ultimately show ?case by blast
  1.1214 -next
  1.1215 -  case (4 c e)  hence nbe: "tmbound0 e" by simp
  1.1216 -  from 4 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1.1217 -  note eqs = eq[OF nc(1), where ?'a = 'a] eq[OF nc(2), where ?'a = 'a]
  1.1218 -  let ?c = "Ipoly vs c"
  1.1219 -  let ?e = "Itm vs (y#bs) e"
  1.1220 -  have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1.1221 -  moreover {assume "?c = 0" hence ?case using eqs by auto}
  1.1222 -  moreover {assume cp: "?c > 0"
  1.1223 -    {fix x assume xz: "x < -?e / ?c" hence "?c * x < - ?e"
  1.1224 -        using pos_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1225 -      hence "?c * x + ?e < 0" by simp
  1.1226 -      hence "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (NEq (CNP 0 c e)))"
  1.1227 -        using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto} hence ?case by auto}
  1.1228 -  moreover {assume cp: "?c < 0"
  1.1229 -    {fix x assume xz: "x < -?e / ?c" hence "?c * x > - ?e"
  1.1230 -        using neg_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1231 -      hence "?c * x + ?e > 0" by simp
  1.1232 -      hence "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (NEq (CNP 0 c e)))"
  1.1233 -        using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto} hence ?case by auto}
  1.1234 +  have "?c = 0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1.1235 +  moreover {
  1.1236 +    assume "?c = 0"
  1.1237 +    then have ?case
  1.1238 +      using eq[OF nc(2), of vs] eq[OF nc(1), of vs] by auto
  1.1239 +  }
  1.1240 +  moreover {
  1.1241 +    assume cp: "?c > 0"
  1.1242 +    {
  1.1243 +      fix x
  1.1244 +      assume xz: "x < -?e / ?c"
  1.1245 +      then have "?c * x < - ?e"
  1.1246 +        using pos_less_divide_eq[OF cp, where a="x" and b="-?e"]
  1.1247 +        by (simp add: mult_commute)
  1.1248 +      then have "?c * x + ?e < 0"
  1.1249 +        by simp
  1.1250 +      then have "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Eq (CNP 0 c e)))"
  1.1251 +        using eqs tmbound0_I[OF nbe, where b="y" and b'="x" and vs=vs and bs=bs] by auto
  1.1252 +    }
  1.1253 +    then have ?case by auto
  1.1254 +  }
  1.1255 +  moreover {
  1.1256 +    assume cp: "?c < 0"
  1.1257 +    {
  1.1258 +      fix x
  1.1259 +      assume xz: "x < -?e / ?c"
  1.1260 +      then have "?c * x > - ?e"
  1.1261 +        using neg_less_divide_eq[OF cp, where a="x" and b="-?e"]
  1.1262 +        by (simp add: mult_commute)
  1.1263 +      then have "?c * x + ?e > 0"
  1.1264 +        by simp
  1.1265 +      then have "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Eq (CNP 0 c e)))"
  1.1266 +        using tmbound0_I[OF nbe, where b="y" and b'="x"] eqs by auto
  1.1267 +    }
  1.1268 +    then have ?case by auto
  1.1269 +  }
  1.1270    ultimately show ?case by blast
  1.1271  next
  1.1272 -  case (5 c e)  hence nbe: "tmbound0 e" by simp
  1.1273 -  from 5 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1.1274 -  hence nc': "allpolys isnpoly (CP (~\<^sub>p c))" by (simp add: polyneg_norm)
  1.1275 -  note eqs = lt[OF nc', where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] lt[OF nc(2), where ?'a = 'a]
  1.1276 +  case (4 c e)
  1.1277 +  then have nbe: "tmbound0 e"
  1.1278 +    by simp
  1.1279 +  from 4 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e"
  1.1280 +    by simp_all
  1.1281 +  note eqs = eq[OF nc(1), where ?'a = 'a] eq[OF nc(2), where ?'a = 'a]
  1.1282    let ?c = "Ipoly vs c"
  1.1283 +  fix y
  1.1284    let ?e = "Itm vs (y#bs) e"
  1.1285 -  have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1.1286 -  moreover {assume "?c = 0" hence ?case using eqs by auto}
  1.1287 -  moreover {assume cp: "?c > 0"
  1.1288 -    {fix x assume xz: "x < -?e / ?c" hence "?c * x < - ?e"
  1.1289 -        using pos_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1290 -      hence "?c * x + ?e < 0" by simp
  1.1291 -      hence "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Lt (CNP 0 c e)))"
  1.1292 -        using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
  1.1293 -  moreover {assume cp: "?c < 0"
  1.1294 -    {fix x assume xz: "x < -?e / ?c" hence "?c * x > - ?e"
  1.1295 -        using neg_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1296 -      hence "?c * x + ?e > 0" by simp
  1.1297 -      hence "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Lt (CNP 0 c e)))"
  1.1298 -        using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] cp by auto} hence ?case by auto}
  1.1299 +  have "?c=0 \<or> ?c > 0 \<or> ?c < 0"
  1.1300 +    by arith
  1.1301 +  moreover {
  1.1302 +    assume "?c = 0"
  1.1303 +    then have ?case
  1.1304 +      using eqs by auto
  1.1305 +  }
  1.1306 +  moreover {
  1.1307 +    assume cp: "?c > 0"
  1.1308 +    {
  1.1309 +      fix x
  1.1310 +      assume xz: "x < -?e / ?c"
  1.1311 +      then have "?c * x < - ?e"
  1.1312 +        using pos_less_divide_eq[OF cp, where a="x" and b="-?e"]
  1.1313 +        by (simp add: mult_commute)
  1.1314 +      then have "?c * x + ?e < 0"
  1.1315 +        by simp
  1.1316 +      then have "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (NEq (CNP 0 c e)))"
  1.1317 +        using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto
  1.1318 +    }
  1.1319 +    then have ?case by auto
  1.1320 +  }
  1.1321 +  moreover {
  1.1322 +    assume cp: "?c < 0"
  1.1323 +    {
  1.1324 +      fix x
  1.1325 +      assume xz: "x < -?e / ?c"
  1.1326 +      then have "?c * x > - ?e"
  1.1327 +        using neg_less_divide_eq[OF cp, where a="x" and b="-?e"]
  1.1328 +        by (simp add: mult_commute)
  1.1329 +      then have "?c * x + ?e > 0"
  1.1330 +        by simp
  1.1331 +      then have "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (NEq (CNP 0 c e)))"
  1.1332 +        using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto
  1.1333 +    }
  1.1334 +    then have ?case by auto
  1.1335 +  }
  1.1336    ultimately show ?case by blast
  1.1337  next
  1.1338 -  case (6 c e)  hence nbe: "tmbound0 e" by simp
  1.1339 -  from 6 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1.1340 -  hence nc': "allpolys isnpoly (CP (~\<^sub>p c))" by (simp add: polyneg_norm)
  1.1341 +  case (5 c e)
  1.1342 +  then have nbe: "tmbound0 e"
  1.1343 +    by simp
  1.1344 +  from 5 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e"
  1.1345 +    by simp_all
  1.1346 +  then have nc': "allpolys isnpoly (CP (~\<^sub>p c))"
  1.1347 +    by (simp add: polyneg_norm)
  1.1348 +  note eqs = lt[OF nc', where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] lt[OF nc(2), where ?'a = 'a]
  1.1349 +  let ?c = "Ipoly vs c"
  1.1350 +  fix y
  1.1351 +  let ?e = "Itm vs (y#bs) e"
  1.1352 +  have "?c=0 \<or> ?c > 0 \<or> ?c < 0"
  1.1353 +    by arith
  1.1354 +  moreover {
  1.1355 +    assume "?c = 0"
  1.1356 +    then have ?case using eqs by auto
  1.1357 +  }
  1.1358 +  moreover {
  1.1359 +    assume cp: "?c > 0"
  1.1360 +    {
  1.1361 +      fix x
  1.1362 +      assume xz: "x < -?e / ?c"
  1.1363 +      then have "?c * x < - ?e"
  1.1364 +        using pos_less_divide_eq[OF cp, where a="x" and b="-?e"]
  1.1365 +        by (simp add: mult_commute)
  1.1366 +      then have "?c * x + ?e < 0" by simp
  1.1367 +      then have "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Lt (CNP 0 c e)))"
  1.1368 +        using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto
  1.1369 +    }
  1.1370 +    then have ?case by auto
  1.1371 +  }
  1.1372 +  moreover {
  1.1373 +    assume cp: "?c < 0"
  1.1374 +    {
  1.1375 +      fix x
  1.1376 +      assume xz: "x < -?e / ?c"
  1.1377 +      then have "?c * x > - ?e"
  1.1378 +        using neg_less_divide_eq[OF cp, where a="x" and b="-?e"]
  1.1379 +        by (simp add: mult_commute)
  1.1380 +      then have "?c * x + ?e > 0"
  1.1381 +        by simp
  1.1382 +      then have "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Lt (CNP 0 c e)))"
  1.1383 +        using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] cp by auto
  1.1384 +    }
  1.1385 +    then have ?case by auto
  1.1386 +  }
  1.1387 +  ultimately show ?case by blast
  1.1388 +next
  1.1389 +  case (6 c e)
  1.1390 +  then have nbe: "tmbound0 e"
  1.1391 +    by simp
  1.1392 +  from 6 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e"
  1.1393 +    by simp_all
  1.1394 +  then have nc': "allpolys isnpoly (CP (~\<^sub>p c))"
  1.1395 +    by (simp add: polyneg_norm)
  1.1396    note eqs = lt[OF nc', where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] le[OF nc(2), where ?'a = 'a]
  1.1397    let ?c = "Ipoly vs c"
  1.1398 +  fix y
  1.1399    let ?e = "Itm vs (y#bs) e"
  1.1400 -  have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1.1401 -  moreover {assume "?c = 0" hence ?case using eqs by auto}
  1.1402 -  moreover {assume cp: "?c > 0"
  1.1403 -    {fix x assume xz: "x < -?e / ?c" hence "?c * x < - ?e"
  1.1404 -        using pos_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1405 -      hence "?c * x + ?e < 0" by simp
  1.1406 -      hence "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Le (CNP 0 c e)))"
  1.1407 -        using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
  1.1408 -  moreover {assume cp: "?c < 0"
  1.1409 -    {fix x assume xz: "x < -?e / ?c" hence "?c * x > - ?e"
  1.1410 -        using neg_less_divide_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1411 -      hence "?c * x + ?e > 0" by simp
  1.1412 -      hence "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Le (CNP 0 c e)))"
  1.1413 -        using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
  1.1414 +  have "?c = 0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1.1415 +  moreover {
  1.1416 +    assume "?c = 0"
  1.1417 +    then have ?case using eqs by auto
  1.1418 +  }
  1.1419 +  moreover {
  1.1420 +    assume cp: "?c > 0"
  1.1421 +    {
  1.1422 +      fix x
  1.1423 +      assume xz: "x < -?e / ?c"
  1.1424 +      then have "?c * x < - ?e"
  1.1425 +        using pos_less_divide_eq[OF cp, where a="x" and b="-?e"]
  1.1426 +        by (simp add: mult_commute)
  1.1427 +      then have "?c * x + ?e < 0"
  1.1428 +        by simp
  1.1429 +      then have "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Le (CNP 0 c e)))"
  1.1430 +        using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs
  1.1431 +        by auto
  1.1432 +    }
  1.1433 +    then have ?case by auto
  1.1434 +  }
  1.1435 +  moreover {
  1.1436 +    assume cp: "?c < 0"
  1.1437 +    {
  1.1438 +      fix x
  1.1439 +      assume xz: "x < -?e / ?c"
  1.1440 +      then have "?c * x > - ?e"
  1.1441 +        using neg_less_divide_eq[OF cp, where a="x" and b="-?e"]
  1.1442 +        by (simp add: mult_commute)
  1.1443 +      then have "?c * x + ?e > 0"
  1.1444 +        by simp
  1.1445 +      then have "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (minusinf (Le (CNP 0 c e)))"
  1.1446 +        using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs
  1.1447 +        by auto
  1.1448 +    }
  1.1449 +    then have ?case by auto
  1.1450 +  }
  1.1451    ultimately show ?case by blast
  1.1452 -qed (auto)
  1.1453 -
  1.1454 -lemma plusinf_inf: assumes lp:"islin p"
  1.1455 +qed auto
  1.1456 +
  1.1457 +lemma plusinf_inf:
  1.1458 +  assumes lp: "islin p"
  1.1459    shows "\<exists>z. \<forall>x > z. Ifm vs (x#bs) (plusinf p) \<longleftrightarrow> Ifm vs (x#bs) p"
  1.1460    using lp
  1.1461  proof (induct p rule: plusinf.induct)
  1.1462 -  case 1 thus ?case by (auto,rule_tac x="max z za" in exI, auto)
  1.1463 +  case 1
  1.1464 +  then show ?case
  1.1465 +    apply auto
  1.1466 +    apply (rule_tac x="max z za" in exI)
  1.1467 +    apply auto
  1.1468 +    done
  1.1469  next
  1.1470 -  case 2 thus ?case by (auto,rule_tac x="max z za" in exI, auto)
  1.1471 +  case 2
  1.1472 +  then show ?case
  1.1473 +    apply auto
  1.1474 +    apply (rule_tac x="max z za" in exI)
  1.1475 +    apply auto
  1.1476 +    done
  1.1477  next
  1.1478 -  case (3 c e) hence nbe: "tmbound0 e" by simp
  1.1479 -  from 3 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1.1480 +  case (3 c e)
  1.1481 +  then have nbe: "tmbound0 e"
  1.1482 +    by simp
  1.1483 +  from 3 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e"
  1.1484 +    by simp_all
  1.1485    note eqs = eq[OF nc(1), where ?'a = 'a] eq[OF nc(2), where ?'a = 'a]
  1.1486    let ?c = "Ipoly vs c"
  1.1487 +  fix y
  1.1488    let ?e = "Itm vs (y#bs) e"
  1.1489    have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1.1490 -  moreover {assume "?c = 0" hence ?case
  1.1491 -      using eq[OF nc(2), of vs] eq[OF nc(1), of vs] by auto}
  1.1492 -  moreover {assume cp: "?c > 0"
  1.1493 -    {fix x assume xz: "x > -?e / ?c" hence "?c * x > - ?e"
  1.1494 -        using pos_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1495 -      hence "?c * x + ?e > 0" by simp
  1.1496 -      hence "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Eq (CNP 0 c e)))"
  1.1497 -        using eqs tmbound0_I[OF nbe, where b="y" and b'="x" and vs=vs and bs=bs] by auto} hence ?case by auto}
  1.1498 -  moreover {assume cp: "?c < 0"
  1.1499 -    {fix x assume xz: "x > -?e / ?c" hence "?c * x < - ?e"
  1.1500 -        using neg_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1501 -      hence "?c * x + ?e < 0" by simp
  1.1502 -      hence "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Eq (CNP 0 c e)))"
  1.1503 -        using tmbound0_I[OF nbe, where b="y" and b'="x"] eqs by auto} hence ?case by auto}
  1.1504 +  moreover {
  1.1505 +    assume "?c = 0"
  1.1506 +    then have ?case
  1.1507 +      using eq[OF nc(2), of vs] eq[OF nc(1), of vs] by auto
  1.1508 +  }
  1.1509 +  moreover {
  1.1510 +    assume cp: "?c > 0"
  1.1511 +    {
  1.1512 +      fix x
  1.1513 +      assume xz: "x > -?e / ?c"
  1.1514 +      then have "?c * x > - ?e"
  1.1515 +        using pos_divide_less_eq[OF cp, where a="x" and b="-?e"]
  1.1516 +        by (simp add: mult_commute)
  1.1517 +      then have "?c * x + ?e > 0"
  1.1518 +        by simp
  1.1519 +      then have "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Eq (CNP 0 c e)))"
  1.1520 +        using eqs tmbound0_I[OF nbe, where b="y" and b'="x" and vs=vs and bs=bs] by auto
  1.1521 +    }
  1.1522 +    then have ?case by auto
  1.1523 +  }
  1.1524 +  moreover {
  1.1525 +    assume cp: "?c < 0"
  1.1526 +    {
  1.1527 +      fix x
  1.1528 +      assume xz: "x > -?e / ?c"
  1.1529 +      then have "?c * x < - ?e"
  1.1530 +        using neg_divide_less_eq[OF cp, where a="x" and b="-?e"]
  1.1531 +        by (simp add: mult_commute)
  1.1532 +      then have "?c * x + ?e < 0" by simp
  1.1533 +      then have "Ifm vs (x#bs) (Eq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Eq (CNP 0 c e)))"
  1.1534 +        using tmbound0_I[OF nbe, where b="y" and b'="x"] eqs by auto
  1.1535 +    }
  1.1536 +    then have ?case by auto
  1.1537 +  }
  1.1538    ultimately show ?case by blast
  1.1539  next
  1.1540 -  case (4 c e) hence nbe: "tmbound0 e" by simp
  1.1541 -  from 4 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1.1542 +  case (4 c e)
  1.1543 +  then have nbe: "tmbound0 e"
  1.1544 +    by simp
  1.1545 +  from 4 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e"
  1.1546 +    by simp_all
  1.1547    note eqs = eq[OF nc(1), where ?'a = 'a] eq[OF nc(2), where ?'a = 'a]
  1.1548    let ?c = "Ipoly vs c"
  1.1549 -  let ?e = "Itm vs (y#bs) e"
  1.1550 -  have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1.1551 -  moreover {assume "?c = 0" hence ?case using eqs by auto}
  1.1552 -  moreover {assume cp: "?c > 0"
  1.1553 -    {fix x assume xz: "x > -?e / ?c" hence "?c * x > - ?e"
  1.1554 -        using pos_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1555 -      hence "?c * x + ?e > 0" by simp
  1.1556 -      hence "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (NEq (CNP 0 c e)))"
  1.1557 -        using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto} hence ?case by auto}
  1.1558 -  moreover {assume cp: "?c < 0"
  1.1559 -    {fix x assume xz: "x > -?e / ?c" hence "?c * x < - ?e"
  1.1560 -        using neg_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1561 -      hence "?c * x + ?e < 0" by simp
  1.1562 -      hence "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (NEq (CNP 0 c e)))"
  1.1563 -        using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto} hence ?case by auto}
  1.1564 -  ultimately show ?case by blast
  1.1565 -next
  1.1566 -  case (5 c e) hence nbe: "tmbound0 e" by simp
  1.1567 -  from 5 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1.1568 -  hence nc': "allpolys isnpoly (CP (~\<^sub>p c))" by (simp add: polyneg_norm)
  1.1569 -  note eqs = lt[OF nc(1), where ?'a = 'a] lt[OF nc', where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] lt[OF nc(2), where ?'a = 'a]
  1.1570 -  let ?c = "Ipoly vs c"
  1.1571 +  fix y
  1.1572    let ?e = "Itm vs (y#bs) e"
  1.1573    have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1.1574 -  moreover {assume "?c = 0" hence ?case using eqs by auto}
  1.1575 -  moreover {assume cp: "?c > 0"
  1.1576 -    {fix x assume xz: "x > -?e / ?c" hence "?c * x > - ?e"
  1.1577 -        using pos_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1578 -      hence "?c * x + ?e > 0" by simp
  1.1579 -      hence "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Lt (CNP 0 c e)))"
  1.1580 -        using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
  1.1581 -  moreover {assume cp: "?c < 0"
  1.1582 -    {fix x assume xz: "x > -?e / ?c" hence "?c * x < - ?e"
  1.1583 -        using neg_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1584 -      hence "?c * x + ?e < 0" by simp
  1.1585 -      hence "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Lt (CNP 0 c e)))"
  1.1586 -        using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] cp by auto} hence ?case by auto}
  1.1587 +  moreover {
  1.1588 +    assume "?c = 0"
  1.1589 +    then have ?case using eqs by auto
  1.1590 +  }
  1.1591 +  moreover {
  1.1592 +    assume cp: "?c > 0"
  1.1593 +    {
  1.1594 +      fix x
  1.1595 +      assume xz: "x > -?e / ?c"
  1.1596 +      then have "?c * x > - ?e"
  1.1597 +        using pos_divide_less_eq[OF cp, where a="x" and b="-?e"]
  1.1598 +        by (simp add: mult_commute)
  1.1599 +      then have "?c * x + ?e > 0"
  1.1600 +        by simp
  1.1601 +      then have "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (NEq (CNP 0 c e)))"
  1.1602 +        using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto
  1.1603 +    }
  1.1604 +    then have ?case by auto
  1.1605 +  }
  1.1606 +  moreover {
  1.1607 +    assume cp: "?c < 0"
  1.1608 +    {
  1.1609 +      fix x
  1.1610 +      assume xz: "x > -?e / ?c"
  1.1611 +      then have "?c * x < - ?e"
  1.1612 +        using neg_divide_less_eq[OF cp, where a="x" and b="-?e"]
  1.1613 +        by (simp add: mult_commute)
  1.1614 +      then have "?c * x + ?e < 0"
  1.1615 +        by simp
  1.1616 +      then have "Ifm vs (x#bs) (NEq (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (NEq (CNP 0 c e)))"
  1.1617 +        using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] by auto
  1.1618 +    }
  1.1619 +    then have ?case by auto
  1.1620 +  }
  1.1621    ultimately show ?case by blast
  1.1622  next
  1.1623 -  case (6 c e)  hence nbe: "tmbound0 e" by simp
  1.1624 -  from 6 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e" by simp_all
  1.1625 -  hence nc': "allpolys isnpoly (CP (~\<^sub>p c))" by (simp add: polyneg_norm)
  1.1626 +  case (5 c e)
  1.1627 +  then have nbe: "tmbound0 e"
  1.1628 +    by simp
  1.1629 +  from 5 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e"
  1.1630 +    by simp_all
  1.1631 +  then have nc': "allpolys isnpoly (CP (~\<^sub>p c))"
  1.1632 +    by (simp add: polyneg_norm)
  1.1633 +  note eqs = lt[OF nc(1), where ?'a = 'a] lt[OF nc', where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] lt[OF nc(2), where ?'a = 'a]
  1.1634 +  let ?c = "Ipoly vs c"
  1.1635 +  fix y
  1.1636 +  let ?e = "Itm vs (y#bs) e"
  1.1637 +  have "?c = 0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1.1638 +  moreover {
  1.1639 +    assume "?c = 0"
  1.1640 +    then have ?case using eqs by auto
  1.1641 +  }
  1.1642 +  moreover {
  1.1643 +    assume cp: "?c > 0"
  1.1644 +    {
  1.1645 +      fix x
  1.1646 +      assume xz: "x > -?e / ?c"
  1.1647 +      then have "?c * x > - ?e"
  1.1648 +        using pos_divide_less_eq[OF cp, where a="x" and b="-?e"]
  1.1649 +        by (simp add: mult_commute)
  1.1650 +      then have "?c * x + ?e > 0"
  1.1651 +        by simp
  1.1652 +      then have "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Lt (CNP 0 c e)))"
  1.1653 +        using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto
  1.1654 +    }
  1.1655 +    then have ?case by auto
  1.1656 +  }
  1.1657 +  moreover {
  1.1658 +    assume cp: "?c < 0"
  1.1659 +    {
  1.1660 +      fix x
  1.1661 +      assume xz: "x > -?e / ?c"
  1.1662 +      then have "?c * x < - ?e"
  1.1663 +        using neg_divide_less_eq[OF cp, where a="x" and b="-?e"]
  1.1664 +        by (simp add: mult_commute)
  1.1665 +      then have "?c * x + ?e < 0"
  1.1666 +        by simp
  1.1667 +      then have "Ifm vs (x#bs) (Lt (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Lt (CNP 0 c e)))"
  1.1668 +        using eqs tmbound0_I[OF nbe, where b="y" and b'="x"] cp by auto
  1.1669 +    }
  1.1670 +    then have ?case by auto
  1.1671 +  }
  1.1672 +  ultimately show ?case by blast
  1.1673 +next
  1.1674 +  case (6 c e)
  1.1675 +  then have nbe: "tmbound0 e"
  1.1676 +    by simp
  1.1677 +  from 6 have nc: "allpolys isnpoly (CP c)" "allpolys isnpoly e"
  1.1678 +    by simp_all
  1.1679 +  then have nc': "allpolys isnpoly (CP (~\<^sub>p c))"
  1.1680 +    by (simp add: polyneg_norm)
  1.1681    note eqs = lt[OF nc(1), where ?'a = 'a] eq [OF nc(1), where ?'a = 'a] le[OF nc(2), where ?'a = 'a]
  1.1682    let ?c = "Ipoly vs c"
  1.1683 +  fix y
  1.1684    let ?e = "Itm vs (y#bs) e"
  1.1685 -  have "?c=0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1.1686 -  moreover {assume "?c = 0" hence ?case using eqs by auto}
  1.1687 -  moreover {assume cp: "?c > 0"
  1.1688 -    {fix x assume xz: "x > -?e / ?c" hence "?c * x > - ?e"
  1.1689 -        using pos_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1690 -      hence "?c * x + ?e > 0" by simp
  1.1691 -      hence "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Le (CNP 0 c e)))"
  1.1692 -        using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
  1.1693 -  moreover {assume cp: "?c < 0"
  1.1694 -    {fix x assume xz: "x > -?e / ?c" hence "?c * x < - ?e"
  1.1695 -        using neg_divide_less_eq[OF cp, where a="x" and b="-?e"] by (simp add: mult_commute)
  1.1696 -      hence "?c * x + ?e < 0" by simp
  1.1697 -      hence "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Le (CNP 0 c e)))"
  1.1698 -        using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto} hence ?case by auto}
  1.1699 +  have "?c = 0 \<or> ?c > 0 \<or> ?c < 0" by arith
  1.1700 +  moreover {
  1.1701 +    assume "?c = 0"
  1.1702 +    then have ?case using eqs by auto
  1.1703 +  }
  1.1704 +  moreover {
  1.1705 +    assume cp: "?c > 0"
  1.1706 +    {
  1.1707 +      fix x
  1.1708 +      assume xz: "x > -?e / ?c"
  1.1709 +      then have "?c * x > - ?e"
  1.1710 +        using pos_divide_less_eq[OF cp, where a="x" and b="-?e"]
  1.1711 +        by (simp add: mult_commute)
  1.1712 +      then have "?c * x + ?e > 0"
  1.1713 +        by simp
  1.1714 +      then have "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Le (CNP 0 c e)))"
  1.1715 +        using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto
  1.1716 +    }
  1.1717 +    then have ?case by auto
  1.1718 +  }
  1.1719 +  moreover {
  1.1720 +    assume cp: "?c < 0"
  1.1721 +    {
  1.1722 +      fix x
  1.1723 +      assume xz: "x > -?e / ?c"
  1.1724 +      then have "?c * x < - ?e"
  1.1725 +        using neg_divide_less_eq[OF cp, where a="x" and b="-?e"]
  1.1726 +        by (simp add: mult_commute)
  1.1727 +      then have "?c * x + ?e < 0"
  1.1728 +        by simp
  1.1729 +      then have "Ifm vs (x#bs) (Le (CNP 0 c e)) = Ifm vs (x#bs) (plusinf (Le (CNP 0 c e)))"
  1.1730 +        using tmbound0_I[OF nbe, where b="y" and b'="x"] cp eqs by auto
  1.1731 +    }
  1.1732 +    then have ?case by auto
  1.1733 +  }
  1.1734    ultimately show ?case by blast
  1.1735 -qed (auto)
  1.1736 +qed auto
  1.1737  
  1.1738  lemma minusinf_nb: "islin p \<Longrightarrow> bound0 (minusinf p)"
  1.1739 -  by (induct p rule: minusinf.induct, auto simp add: eq_nb lt_nb le_nb)
  1.1740 +  by (induct p rule: minusinf.induct) (auto simp add: eq_nb lt_nb le_nb)
  1.1741 +
  1.1742  lemma plusinf_nb: "islin p \<Longrightarrow> bound0 (plusinf p)"
  1.1743 -  by (induct p rule: minusinf.induct, auto simp add: eq_nb lt_nb le_nb)
  1.1744 -
  1.1745 -lemma minusinf_ex: assumes lp: "islin p" and ex: "Ifm vs (x#bs) (minusinf p)"
  1.1746 +  by (induct p rule: minusinf.induct) (auto simp add: eq_nb lt_nb le_nb)
  1.1747 +
  1.1748 +lemma minusinf_ex:
  1.1749 +  assumes lp: "islin p"
  1.1750 +    and ex: "Ifm vs (x#bs) (minusinf p)"
  1.1751    shows "\<exists>x. Ifm vs (x#bs) p"
  1.1752 -proof-
  1.1753 -  from bound0_I [OF minusinf_nb[OF lp], where b="a" and bs ="bs"] ex
  1.1754 -  have th: "\<forall>x. Ifm vs (x#bs) (minusinf p)" by auto
  1.1755 +proof -
  1.1756 +  from bound0_I [OF minusinf_nb[OF lp], where bs ="bs"] ex
  1.1757 +  have th: "\<forall>x. Ifm vs (x#bs) (minusinf p)"
  1.1758 +    by auto
  1.1759    from minusinf_inf[OF lp, where bs="bs"]
  1.1760 -  obtain z where z_def: "\<forall>x<z. Ifm vs (x # bs) (minusinf p) = Ifm vs (x # bs) p" by blast
  1.1761 -  from th have "Ifm vs ((z - 1)#bs) (minusinf p)" by simp
  1.1762 -  moreover have "z - 1 < z" by simp
  1.1763 -  ultimately show ?thesis using z_def by auto
  1.1764 +  obtain z where z: "\<forall>x<z. Ifm vs (x # bs) (minusinf p) = Ifm vs (x # bs) p"
  1.1765 +    by blast
  1.1766 +  from th have "Ifm vs ((z - 1)#bs) (minusinf p)"
  1.1767 +    by simp
  1.1768 +  moreover have "z - 1 < z"
  1.1769 +    by simp
  1.1770 +  ultimately show ?thesis
  1.1771 +    using z by auto
  1.1772  qed
  1.1773  
  1.1774 -lemma plusinf_ex: assumes lp: "islin p" and ex: "Ifm vs (x#bs) (plusinf p)"
  1.1775 +lemma plusinf_ex:
  1.1776 +  assumes lp: "islin p"
  1.1777 +    and ex: "Ifm vs (x#bs) (plusinf p)"
  1.1778    shows "\<exists>x. Ifm vs (x#bs) p"
  1.1779 -proof-
  1.1780 -  from bound0_I [OF plusinf_nb[OF lp], where b="a" and bs ="bs"] ex
  1.1781 -  have th: "\<forall>x. Ifm vs (x#bs) (plusinf p)" by auto
  1.1782 +proof -
  1.1783 +  from bound0_I [OF plusinf_nb[OF lp], where bs ="bs"] ex
  1.1784 +  have th: "\<forall>x. Ifm vs (x#bs) (plusinf p)"
  1.1785 +    by auto
  1.1786    from plusinf_inf[OF lp, where bs="bs"]
  1.1787 -  obtain z where z_def: "\<forall>x>z. Ifm vs (x # bs) (plusinf p) = Ifm vs (x # bs) p" by blast
  1.1788 -  from th have "Ifm vs ((z + 1)#bs) (plusinf p)" by simp
  1.1789 -  moreover have "z + 1 > z" by simp
  1.1790 -  ultimately show ?thesis using z_def by auto
  1.1791 +  obtain z where z: "\<forall>x>z. Ifm vs (x # bs) (plusinf p) = Ifm vs (x # bs) p"
  1.1792 +    by blast
  1.1793 +  from th have "Ifm vs ((z + 1)#bs) (plusinf p)"
  1.1794 +    by simp
  1.1795 +  moreover have "z + 1 > z"
  1.1796 +    by simp
  1.1797 +  ultimately show ?thesis
  1.1798 +    using z by auto
  1.1799  qed
  1.1800  
  1.1801 -fun uset :: "fm \<Rightarrow> (poly \<times> tm) list" where
  1.1802 +fun uset :: "fm \<Rightarrow> (poly \<times> tm) list"
  1.1803 +where
  1.1804    "uset (And p q) = uset p @ uset q"
  1.1805  | "uset (Or p q) = uset p @ uset q"
  1.1806 -| "uset (Eq (CNP 0 a e))  = [(a,e)]"
  1.1807 -| "uset (Le (CNP 0 a e))  = [(a,e)]"
  1.1808 -| "uset (Lt (CNP 0 a e))  = [(a,e)]"
  1.1809 -| "uset (NEq (CNP 0 a e)) = [(a,e)]"
  1.1810 +| "uset (Eq (CNP 0 a e)) = [(a, e)]"
  1.1811 +| "uset (Le (CNP 0 a e)) = [(a, e)]"
  1.1812 +| "uset (Lt (CNP 0 a e)) = [(a, e)]"
  1.1813 +| "uset (NEq (CNP 0 a e)) = [(a, e)]"
  1.1814  | "uset p = []"
  1.1815  
  1.1816  lemma uset_l:
  1.1817    assumes lp: "islin p"
  1.1818    shows "\<forall>(c,s) \<in> set (uset p). isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s"
  1.1819 -using lp by(induct p rule: uset.induct,auto)
  1.1820 +  using lp by (induct p rule: uset.induct) auto
  1.1821  
  1.1822  lemma minusinf_uset0:
  1.1823    assumes lp: "islin p"
  1.1824 -  and nmi: "\<not> (Ifm vs (x#bs) (minusinf p))"
  1.1825 -  and ex: "Ifm vs (x#bs) p" (is "?I x p")
  1.1826 -  shows "\<exists>(c,s) \<in> set (uset p). x \<ge> - Itm vs (x#bs) s / Ipoly vs c"
  1.1827 -proof-
  1.1828 -  have "\<exists>(c,s) \<in> set (uset p). (Ipoly vs c < 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s) \<or>  (Ipoly vs c > 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s)"
  1.1829 +    and nmi: "\<not> (Ifm vs (x#bs) (minusinf p))"
  1.1830 +    and ex: "Ifm vs (x#bs) p" (is "?I x p")
  1.1831 +  shows "\<exists>(c, s) \<in> set (uset p). x \<ge> - Itm vs (x#bs) s / Ipoly vs c"
  1.1832 +proof -
  1.1833 +  have "\<exists>(c, s) \<in> set (uset p).
  1.1834 +      Ipoly vs c < 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s \<or>
  1.1835 +      Ipoly vs c > 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s"
  1.1836      using lp nmi ex
  1.1837 -    apply (induct p rule: minusinf.induct, auto simp add: eq le lt polyneg_norm)
  1.1838 +    apply (induct p rule: minusinf.induct)
  1.1839 +    apply (auto simp add: eq le lt polyneg_norm)
  1.1840      apply (auto simp add: linorder_not_less order_le_less)
  1.1841      done
  1.1842 -  then obtain c s where csU: "(c,s) \<in> set (uset p)" and x: "(Ipoly vs c < 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s) \<or>  (Ipoly vs c > 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s)" by blast
  1.1843 -  hence "x \<ge> (- Itm vs (x#bs) s) / Ipoly vs c"
  1.1844 +  then obtain c s where csU: "(c, s) \<in> set (uset p)"
  1.1845 +    and x: "(Ipoly vs c < 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s) \<or>
  1.1846 +      (Ipoly vs c > 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s)" by blast
  1.1847 +  then have "x \<ge> (- Itm vs (x#bs) s) / Ipoly vs c"
  1.1848      using divide_le_eq[of "- Itm vs (x#bs) s" "Ipoly vs c" x]
  1.1849 -      by (auto simp add: mult_commute)
  1.1850 -  thus ?thesis using csU by auto
  1.1851 +    by (auto simp add: mult_commute)
  1.1852 +  then show ?thesis
  1.1853 +    using csU by auto
  1.1854  qed
  1.1855  
  1.1856  lemma minusinf_uset:
  1.1857    assumes lp: "islin p"
  1.1858 -  and nmi: "\<not> (Ifm vs (a#bs) (minusinf p))"
  1.1859 -  and ex: "Ifm vs (x#bs) p" (is "?I x p")
  1.1860 +    and nmi: "\<not> (Ifm vs (a#bs) (minusinf p))"
  1.1861 +    and ex: "Ifm vs (x#bs) p" (is "?I x p")
  1.1862    shows "\<exists>(c,s) \<in> set (uset p). x \<ge> - Itm vs (a#bs) s / Ipoly vs c"
  1.1863 -proof-
  1.1864 -  from nmi have nmi': "\<not> (Ifm vs (x#bs) (minusinf p))"
  1.1865 +proof -
  1.1866 +  from nmi have nmi': "\<not> Ifm vs (x#bs) (minusinf p)"
  1.1867      by (simp add: bound0_I[OF minusinf_nb[OF lp], where b=x and b'=a])
  1.1868    from minusinf_uset0[OF lp nmi' ex]
  1.1869 -  obtain c s where csU: "(c,s) \<in> set (uset p)" and th: "x \<ge> - Itm vs (x#bs) s / Ipoly vs c" by blast
  1.1870 -  from uset_l[OF lp, rule_format, OF csU] have nb: "tmbound0 s" by simp
  1.1871 -  from th tmbound0_I[OF nb, of vs x bs a] csU show ?thesis by auto
  1.1872 +  obtain c s where csU: "(c,s) \<in> set (uset p)"
  1.1873 +    and th: "x \<ge> - Itm vs (x#bs) s / Ipoly vs c"
  1.1874 +    by blast
  1.1875 +  from uset_l[OF lp, rule_format, OF csU] have nb: "tmbound0 s"
  1.1876 +    by simp
  1.1877 +  from th tmbound0_I[OF nb, of vs x bs a] csU show ?thesis
  1.1878 +    by auto
  1.1879  qed
  1.1880  
  1.1881  
  1.1882  lemma plusinf_uset0:
  1.1883    assumes lp: "islin p"
  1.1884 -  and nmi: "\<not> (Ifm vs (x#bs) (plusinf p))"
  1.1885 -  and ex: "Ifm vs (x#bs) p" (is "?I x p")
  1.1886 -  shows "\<exists>(c,s) \<in> set (uset p). x \<le> - Itm vs (x#bs) s / Ipoly vs c"
  1.1887 +    and nmi: "\<not> (Ifm vs (x#bs) (plusinf p))"
  1.1888 +    and ex: "Ifm vs (x#bs) p" (is "?I x p")
  1.1889 +  shows "\<exists>(c, s) \<in> set (uset p). x \<le> - Itm vs (x#bs) s / Ipoly vs c"
  1.1890  proof-
  1.1891 -  have "\<exists>(c,s) \<in> set (uset p). (Ipoly vs c < 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s) \<or>  (Ipoly vs c > 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s)"
  1.1892 +  have "\<exists>(c, s) \<in> set (uset p).
  1.1893 +      Ipoly vs c < 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s \<or>
  1.1894 +      Ipoly vs c > 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s"
  1.1895      using lp nmi ex
  1.1896 -    apply (induct p rule: minusinf.induct, auto simp add: eq le lt polyneg_norm)
  1.1897 +    apply (induct p rule: minusinf.induct)
  1.1898 +    apply (auto simp add: eq le lt polyneg_norm)
  1.1899      apply (auto simp add: linorder_not_less order_le_less)
  1.1900      done
  1.1901 -  then obtain c s where csU: "(c,s) \<in> set (uset p)" and x: "(Ipoly vs c < 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s) \<or>  (Ipoly vs c > 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s)" by blast
  1.1902 -  hence "x \<le> (- Itm vs (x#bs) s) / Ipoly vs c"
  1.1903 +  then obtain c s where csU: "(c, s) \<in> set (uset p)"
  1.1904 +    and x: "Ipoly vs c < 0 \<and> Ipoly vs c * x \<ge> - Itm vs (x#bs) s \<or>
  1.1905 +      Ipoly vs c > 0 \<and> Ipoly vs c * x \<le> - Itm vs (x#bs) s"
  1.1906 +    by blast
  1.1907 +  then have "x \<le> (- Itm vs (x#bs) s) / Ipoly vs c"
  1.1908      using le_divide_eq[of x "- Itm vs (x#bs) s" "Ipoly vs c"]
  1.1909 -    by (auto simp add: mult_commute del: divide_minus_left)
  1.1910 -  thus ?thesis using csU by auto
  1.1911 +    by (auto simp add: mult_commute)
  1.1912 +  then show ?thesis
  1.1913 +    using csU by auto
  1.1914  qed
  1.1915  
  1.1916  lemma plusinf_uset:
  1.1917    assumes lp: "islin p"
  1.1918 -  and nmi: "\<not> (Ifm vs (a#bs) (plusinf p))"
  1.1919 -  and ex: "Ifm vs (x#bs) p" (is "?I x p")
  1.1920 +    and nmi: "\<not> (Ifm vs (a#bs) (plusinf p))"
  1.1921 +    and ex: "Ifm vs (x#bs) p" (is "?I x p")
  1.1922    shows "\<exists>(c,s) \<in> set (uset p). x \<le> - Itm vs (a#bs) s / Ipoly vs c"
  1.1923 -proof-
  1.1924 +proof -
  1.1925    from nmi have nmi': "\<not> (Ifm vs (x#bs) (plusinf p))"
  1.1926      by (simp add: bound0_I[OF plusinf_nb[OF lp], where b=x and b'=a])
  1.1927    from plusinf_uset0[OF lp nmi' ex]
  1.1928 -  obtain c s where csU: "(c,s) \<in> set (uset p)" and th: "x \<le> - Itm vs (x#bs) s / Ipoly vs c" by blast
  1.1929 -  from uset_l[OF lp, rule_format, OF csU] have nb: "tmbound0 s" by simp
  1.1930 -  from th tmbound0_I[OF nb, of vs x bs a] csU show ?thesis by auto
  1.1931 +  obtain c s where csU: "(c,s) \<in> set (uset p)"
  1.1932 +    and th: "x \<le> - Itm vs (x#bs) s / Ipoly vs c"
  1.1933 +    by blast
  1.1934 +  from uset_l[OF lp, rule_format, OF csU] have nb: "tmbound0 s"
  1.1935 +    by simp
  1.1936 +  from th tmbound0_I[OF nb, of vs x bs a] csU show ?thesis
  1.1937 +    by auto
  1.1938  qed
  1.1939  
  1.1940  lemma lin_dense:
  1.1941    assumes lp: "islin p"
  1.1942 -  and noS: "\<forall>t. l < t \<and> t< u \<longrightarrow> t \<notin> (\<lambda> (c,t). - Itm vs (x#bs) t / Ipoly vs c) ` set (uset p)"
  1.1943 -  (is "\<forall>t. _ \<and> _ \<longrightarrow> t \<notin> (\<lambda> (c,t). - ?Nt x t / ?N c) ` ?U p")
  1.1944 -  and lx: "l < x" and xu:"x < u" and px:" Ifm vs (x#bs) p"
  1.1945 -  and ly: "l < y" and yu: "y < u"
  1.1946 +    and noS: "\<forall>t. l < t \<and> t< u \<longrightarrow> t \<notin> (\<lambda>(c,t). - Itm vs (x#bs) t / Ipoly vs c) ` set (uset p)"
  1.1947 +      (is "\<forall>t. _ \<and> _ \<longrightarrow> t \<notin> (\<lambda>(c,t). - ?Nt x t / ?N c) ` ?U p")
  1.1948 +    and lx: "l < x" and xu:"x < u" and px:" Ifm vs (x#bs) p"
  1.1949 +    and ly: "l < y" and yu: "y < u"
  1.1950    shows "Ifm vs (y#bs) p"
  1.1951 -using lp px noS
  1.1952 +  using lp px noS
  1.1953  proof (induct p rule: islin.induct)
  1.1954    case (5 c s)
  1.1955    from "5.prems"
  1.1956    have lin: "isnpoly c" "c \<noteq> 0\<^sub>p" "tmbound0 s" "allpolys isnpoly s"
  1.1957      and px: "Ifm vs (x # bs) (Lt (CNP 0 c s))"
  1.1958 -    and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp_all
  1.1959 -  from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp
  1.1960 -  hence ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c" by auto
  1.1961 -  have ccs: "?N c = 0 \<or> ?N c < 0 \<or> ?N c > 0" by dlo
  1.1962 -  moreover
  1.1963 -  {assume "?N c = 0" hence ?case using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])}
  1.1964 +    and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
  1.1965 +    by simp_all
  1.1966 +  from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
  1.1967 +    by simp
  1.1968 +  then have ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c"
  1.1969 +    by auto
  1.1970 +  have ccs: "?N c = 0 \<or> ?N c < 0 \<or> ?N c > 0"
  1.1971 +    by dlo
  1.1972    moreover
  1.1973 -  {assume c: "?N c > 0"
  1.1974 -      from px pos_less_divide_eq[OF c, where a="x" and b="-?Nt x s"]
  1.1975 -      have px': "x < - ?Nt x s / ?N c"
  1.1976 -        by (auto simp add: not_less field_simps)
  1.1977 -    {assume y: "y < - ?Nt x s / ?N c"
  1.1978 -      hence "y * ?N c < - ?Nt x s"
  1.1979 -        by (simp add: pos_less_divide_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
  1.1980 -      hence "?N c * y + ?Nt x s < 0" by (simp add: field_simps)
  1.1981 -      hence ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp}
  1.1982 -    moreover
  1.1983 -    {assume y: "y > -?Nt x s / ?N c"
  1.1984 -      with yu have eu: "u > - ?Nt x s / ?N c" by auto
  1.1985 -      with noS ly yu have th: "- ?Nt x s / ?N c \<le> l" by (cases "- ?Nt x s / ?N c > l", auto)
  1.1986 -      with lx px' have "False" by simp  hence ?case by simp }
  1.1987 -    ultimately have ?case using ycs by blast
  1.1988 +  {
  1.1989 +    assume "?N c = 0"
  1.1990 +    then have ?case
  1.1991 +      using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])
  1.1992    }
  1.1993    moreover
  1.1994 -  {assume c: "?N c < 0"
  1.1995 -      from px neg_divide_less_eq[OF c, where a="x" and b="-?Nt x s"]
  1.1996 -      have px': "x > - ?Nt x s / ?N c"
  1.1997 -        by (auto simp add: not_less field_simps)
  1.1998 -    {assume y: "y > - ?Nt x s / ?N c"
  1.1999 -      hence "y * ?N c < - ?Nt x s"
  1.2000 +  {
  1.2001 +    assume c: "?N c > 0"
  1.2002 +    from px pos_less_divide_eq[OF c, where a="x" and b="-?Nt x s"]
  1.2003 +    have px': "x < - ?Nt x s / ?N c"
  1.2004 +      by (auto simp add: not_less field_simps)
  1.2005 +    {
  1.2006 +      assume y: "y < - ?Nt x s / ?N c"
  1.2007 +      then have "y * ?N c < - ?Nt x s"
  1.2008 +        by (simp add: pos_less_divide_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
  1.2009 +      then have "?N c * y + ?Nt x s < 0"
  1.2010 +        by (simp add: field_simps)
  1.2011 +      then have ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"]
  1.2012 +        by simp
  1.2013 +    }
  1.2014 +    moreover
  1.2015 +    {
  1.2016 +      assume y: "y > -?Nt x s / ?N c"
  1.2017 +      with yu have eu: "u > - ?Nt x s / ?N c"
  1.2018 +        by auto
  1.2019 +      with noS ly yu have th: "- ?Nt x s / ?N c \<le> l"
  1.2020 +        by (cases "- ?Nt x s / ?N c > l") auto
  1.2021 +      with lx px' have False
  1.2022 +        by simp
  1.2023 +      then have ?case ..
  1.2024 +    }
  1.2025 +    ultimately have ?case
  1.2026 +      using ycs by blast
  1.2027 +  }
  1.2028 +  moreover
  1.2029 +  {
  1.2030 +    assume c: "?N c < 0"
  1.2031 +    from px neg_divide_less_eq[OF c, where a="x" and b="-?Nt x s"]
  1.2032 +    have px': "x > - ?Nt x s / ?N c"
  1.2033 +      by (auto simp add: not_less field_simps)
  1.2034 +    {
  1.2035 +      assume y: "y > - ?Nt x s / ?N c"
  1.2036 +      then have "y * ?N c < - ?Nt x s"
  1.2037          by (simp add: neg_divide_less_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
  1.2038 -      hence "?N c * y + ?Nt x s < 0" by (simp add: field_simps)
  1.2039 -      hence ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp}
  1.2040 +      then have "?N c * y + ?Nt x s < 0"
  1.2041 +        by (simp add: field_simps)
  1.2042 +      then have ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"]
  1.2043 +        by simp
  1.2044 +    }
  1.2045      moreover
  1.2046 -    {assume y: "y < -?Nt x s / ?N c"
  1.2047 -      with ly have eu: "l < - ?Nt x s / ?N c" by auto
  1.2048 -      with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u" by (cases "- ?Nt x s / ?N c < u", auto)
  1.2049 -      with xu px' have "False" by simp  hence ?case by simp }
  1.2050 -    ultimately have ?case using ycs by blast
  1.2051 +    {
  1.2052 +      assume y: "y < -?Nt x s / ?N c"
  1.2053 +      with ly have eu: "l < - ?Nt x s / ?N c"
  1.2054 +        by auto
  1.2055 +      with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u"
  1.2056 +        by (cases "- ?Nt x s / ?N c < u") auto
  1.2057 +      with xu px' have False
  1.2058 +        by simp
  1.2059 +      then have ?case ..
  1.2060 +    }
  1.2061 +    ultimately have ?case
  1.2062 +      using ycs by blast
  1.2063    }
  1.2064 -  ultimately show ?case by blast
  1.2065 +  ultimately show ?case
  1.2066 +    by blast
  1.2067  next
  1.2068    case (6 c s)
  1.2069    from "6.prems"
  1.2070    have lin: "isnpoly c" "c \<noteq> 0\<^sub>p" "tmbound0 s" "allpolys isnpoly s"
  1.2071      and px: "Ifm vs (x # bs) (Le (CNP 0 c s))"
  1.2072 -    and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp_all
  1.2073 -  from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp
  1.2074 -  hence ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c" by auto
  1.2075 +    and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
  1.2076 +    by simp_all
  1.2077 +  from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
  1.2078 +    by simp
  1.2079 +  then have ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c"
  1.2080 +    by auto
  1.2081    have ccs: "?N c = 0 \<or> ?N c < 0 \<or> ?N c > 0" by dlo
  1.2082    moreover
  1.2083 -  {assume "?N c = 0" hence ?case using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])}
  1.2084 -  moreover
  1.2085 -  {assume c: "?N c > 0"
  1.2086 -      from px pos_le_divide_eq[OF c, where a="x" and b="-?Nt x s"]
  1.2087 -      have px': "x <= - ?Nt x s / ?N c" by (simp add: not_less field_simps)
  1.2088 -    {assume y: "y < - ?Nt x s / ?N c"
  1.2089 -      hence "y * ?N c < - ?Nt x s"
  1.2090 -        by (simp add: pos_less_divide_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
  1.2091 -      hence "?N c * y + ?Nt x s < 0" by (simp add: field_simps)
  1.2092 -      hence ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp}
  1.2093 -    moreover
  1.2094 -    {assume y: "y > -?Nt x s / ?N c"
  1.2095 -      with yu have eu: "u > - ?Nt x s / ?N c" by auto
  1.2096 -      with noS ly yu have th: "- ?Nt x s / ?N c \<le> l" by (cases "- ?Nt x s / ?N c > l", auto)
  1.2097 -      with lx px' have "False" by simp  hence ?case by simp }
  1.2098 -    ultimately have ?case using ycs by blast
  1.2099 +  {
  1.2100 +    assume "?N c = 0"
  1.2101 +    then have ?case
  1.2102 +      using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])
  1.2103    }
  1.2104    moreover
  1.2105 -  {assume c: "?N c < 0"
  1.2106 -      from px neg_divide_le_eq[OF c, where a="x" and b="-?Nt x s"]
  1.2107 -      have px': "x >= - ?Nt x s / ?N c" by (simp add: field_simps)
  1.2108 -    {assume y: "y > - ?Nt x s / ?N c"
  1.2109 -      hence "y * ?N c < - ?Nt x s"
  1.2110 -        by (simp add: neg_divide_less_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
  1.2111 -      hence "?N c * y + ?Nt x s < 0" by (simp add: field_simps)
  1.2112 -      hence ?case using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp}
  1.2113 +  {
  1.2114 +    assume c: "?N c > 0"
  1.2115 +    from px pos_le_divide_eq[OF c, where a="x" and b="-?Nt x s"]
  1.2116 +    have px': "x \<le> - ?Nt x s / ?N c"
  1.2117 +      by (simp add: not_less field_simps)
  1.2118 +    {
  1.2119 +      assume y: "y < - ?Nt x s / ?N c"
  1.2120 +      then have "y * ?N c < - ?Nt x s"
  1.2121 +        by (simp add: pos_less_divide_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
  1.2122 +      then have "?N c * y + ?Nt x s < 0"
  1.2123 +        by (simp add: field_simps)
  1.2124 +      then have ?case
  1.2125 +        using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp
  1.2126 +    }
  1.2127      moreover
  1.2128 -    {assume y: "y < -?Nt x s / ?N c"
  1.2129 -      with ly have eu: "l < - ?Nt x s / ?N c" by auto
  1.2130 -      with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u" by (cases "- ?Nt x s / ?N c < u", auto)
  1.2131 -      with xu px' have "False" by simp  hence ?case by simp }
  1.2132 -    ultimately have ?case using ycs by blast
  1.2133 +    {
  1.2134 +      assume y: "y > -?Nt x s / ?N c"
  1.2135 +      with yu have eu: "u > - ?Nt x s / ?N c"
  1.2136 +        by auto
  1.2137 +      with noS ly yu have th: "- ?Nt x s / ?N c \<le> l"
  1.2138 +        by (cases "- ?Nt x s / ?N c > l") auto
  1.2139 +      with lx px' have False
  1.2140 +        by simp
  1.2141 +      then have ?case ..
  1.2142 +    }
  1.2143 +    ultimately have ?case
  1.2144 +      using ycs by blast
  1.2145    }
  1.2146 -  ultimately show ?case by blast
  1.2147 +  moreover
  1.2148 +  {
  1.2149 +    assume c: "?N c < 0"
  1.2150 +    from px neg_divide_le_eq[OF c, where a="x" and b="-?Nt x s"]
  1.2151 +    have px': "x >= - ?Nt x s / ?N c"
  1.2152 +      by (simp add: field_simps)
  1.2153 +    {
  1.2154 +      assume y: "y > - ?Nt x s / ?N c"
  1.2155 +      then have "y * ?N c < - ?Nt x s"
  1.2156 +        by (simp add: neg_divide_less_eq[OF c, where a="y" and b="-?Nt x s", symmetric])
  1.2157 +      then have "?N c * y + ?Nt x s < 0"
  1.2158 +        by (simp add: field_simps)
  1.2159 +      then have ?case
  1.2160 +        using tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"] by simp
  1.2161 +    }
  1.2162 +    moreover
  1.2163 +    {
  1.2164 +      assume y: "y < -?Nt x s / ?N c"
  1.2165 +      with ly have eu: "l < - ?Nt x s / ?N c"
  1.2166 +        by auto
  1.2167 +      with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u"
  1.2168 +        by (cases "- ?Nt x s / ?N c < u") auto
  1.2169 +      with xu px' have False by simp
  1.2170 +      then have ?case ..
  1.2171 +    }
  1.2172 +    ultimately have ?case
  1.2173 +      using ycs by blast
  1.2174 +  }
  1.2175 +  ultimately show ?case
  1.2176 +    by blast
  1.2177  next
  1.2178 -    case (3 c s)
  1.2179 +  case (3 c s)
  1.2180    from "3.prems"
  1.2181    have lin: "isnpoly c" "c \<noteq> 0\<^sub>p" "tmbound0 s" "allpolys isnpoly s"
  1.2182      and px: "Ifm vs (x # bs) (Eq (CNP 0 c s))"
  1.2183 -    and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp_all
  1.2184 -  from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp
  1.2185 -  hence ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c" by auto
  1.2186 +    and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
  1.2187 +    by simp_all
  1.2188 +  from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
  1.2189 +    by simp
  1.2190 +  then have ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c"
  1.2191 +    by auto
  1.2192    have ccs: "?N c = 0 \<or> ?N c < 0 \<or> ?N c > 0" by dlo
  1.2193    moreover
  1.2194 -  {assume "?N c = 0" hence ?case using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])}
  1.2195 -  moreover
  1.2196 -  {assume c: "?N c > 0" hence cnz: "?N c \<noteq> 0" by simp
  1.2197 -    from px eq_divide_eq[of "x" "-?Nt x s" "?N c"]  cnz
  1.2198 -    have px': "x = - ?Nt x s / ?N c" by (simp add: field_simps)
  1.2199 -    {assume y: "y < -?Nt x s / ?N c"
  1.2200 -      with ly have eu: "l < - ?Nt x s / ?N c" by auto
  1.2201 -      with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u" by (cases "- ?Nt x s / ?N c < u", auto)
  1.2202 -      with xu px' have "False" by simp  hence ?case by simp }
  1.2203 -    moreover
  1.2204 -    {assume y: "y > -?Nt x s / ?N c"
  1.2205 -      with yu have eu: "u > - ?Nt x s / ?N c" by auto
  1.2206 -      with noS ly yu have th: "- ?Nt x s / ?N c \<le> l" by (cases "- ?Nt x s / ?N c > l", auto)
  1.2207 -      with lx px' have "False" by simp  hence ?case by simp }
  1.2208 -    ultimately have ?case using ycs by blast
  1.2209 +  {
  1.2210 +    assume "?N c = 0"
  1.2211 +    then have ?case
  1.2212 +      using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])
  1.2213    }
  1.2214    moreover
  1.2215 -  {assume c: "?N c < 0" hence cnz: "?N c \<noteq> 0" by simp
  1.2216 -    from px eq_divide_eq[of "x" "-?Nt x s" "?N c"]  cnz
  1.2217 -    have px': "x = - ?Nt x s / ?N c" by (simp add: field_simps)
  1.2218 -    {assume y: "y < -?Nt x s / ?N c"
  1.2219 -      with ly have eu: "l < - ?Nt x s / ?N c" by auto
  1.2220 -      with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u" by (cases "- ?Nt x s / ?N c < u", auto)
  1.2221 -      with xu px' have "False" by simp  hence ?case by simp }
  1.2222 +  {
  1.2223 +    assume c: "?N c > 0"
  1.2224 +    then have cnz: "?N c \<noteq> 0"
  1.2225 +      by simp
  1.2226 +    from px eq_divide_eq[of "x" "-?Nt x s" "?N c"] cnz
  1.2227 +    have px': "x = - ?Nt x s / ?N c"
  1.2228 +      by (simp add: field_simps)
  1.2229 +    {
  1.2230 +      assume y: "y < -?Nt x s / ?N c"
  1.2231 +      with ly have eu: "l < - ?Nt x s / ?N c"
  1.2232 +        by auto
  1.2233 +      with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u"
  1.2234 +        by (cases "- ?Nt x s / ?N c < u") auto
  1.2235 +      with xu px' have False by simp
  1.2236 +      then have ?case ..
  1.2237 +    }
  1.2238      moreover
  1.2239 -    {assume y: "y > -?Nt x s / ?N c"
  1.2240 -      with yu have eu: "u > - ?Nt x s / ?N c" by auto
  1.2241 -      with noS ly yu have th: "- ?Nt x s / ?N c \<le> l" by (cases "- ?Nt x s / ?N c > l", auto)
  1.2242 -      with lx px' have "False" by simp  hence ?case by simp }
  1.2243 +    {
  1.2244 +      assume y: "y > -?Nt x s / ?N c"
  1.2245 +      with yu have eu: "u > - ?Nt x s / ?N c"
  1.2246 +        by auto
  1.2247 +      with noS ly yu have th: "- ?Nt x s / ?N c \<le> l"
  1.2248 +        by (cases "- ?Nt x s / ?N c > l") auto
  1.2249 +      with lx px' have False by simp
  1.2250 +      then have ?case ..
  1.2251 +    }
  1.2252 +    ultimately have ?case
  1.2253 +      using ycs by blast
  1.2254 +  }
  1.2255 +  moreover
  1.2256 +  {
  1.2257 +    assume c: "?N c < 0"
  1.2258 +    then have cnz: "?N c \<noteq> 0"
  1.2259 +      by simp
  1.2260 +    from px eq_divide_eq[of "x" "-?Nt x s" "?N c"] cnz
  1.2261 +    have px': "x = - ?Nt x s / ?N c"
  1.2262 +      by (simp add: field_simps)
  1.2263 +    {
  1.2264 +      assume y: "y < -?Nt x s / ?N c"
  1.2265 +      with ly have eu: "l < - ?Nt x s / ?N c"
  1.2266 +        by auto
  1.2267 +      with noS ly yu have th: "- ?Nt x s / ?N c \<ge> u"
  1.2268 +        by (cases "- ?Nt x s / ?N c < u") auto
  1.2269 +      with xu px' have False by simp
  1.2270 +      then have ?case ..
  1.2271 +    }
  1.2272 +    moreover
  1.2273 +    {
  1.2274 +      assume y: "y > -?Nt x s / ?N c"
  1.2275 +      with yu have eu: "u > - ?Nt x s / ?N c"
  1.2276 +        by auto
  1.2277 +      with noS ly yu have th: "- ?Nt x s / ?N c \<le> l"
  1.2278 +        by (cases "- ?Nt x s / ?N c > l") auto
  1.2279 +      with lx px' have False by simp
  1.2280 +      then have ?case ..
  1.2281 +    }
  1.2282      ultimately have ?case using ycs by blast
  1.2283    }
  1.2284    ultimately show ?case by blast
  1.2285 @@ -1927,136 +2458,228 @@
  1.2286    from "4.prems"
  1.2287    have lin: "isnpoly c" "c \<noteq> 0\<^sub>p" "tmbound0 s" "allpolys isnpoly s"
  1.2288      and px: "Ifm vs (x # bs) (NEq (CNP 0 c s))"
  1.2289 -    and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp_all
  1.2290 -  from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" by simp
  1.2291 -  hence ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c" by auto
  1.2292 +    and noS: "\<forall>t. l < t \<and> t < u \<longrightarrow> t \<noteq> - Itm vs (x # bs) s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
  1.2293 +    by simp_all
  1.2294 +  from ly yu noS have yne: "y \<noteq> - ?Nt x s / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
  1.2295 +    by simp
  1.2296 +  then have ycs: "y < - ?Nt x s / ?N c \<or> y > -?Nt x s / ?N c"
  1.2297 +    by auto
  1.2298    have ccs: "?N c = 0 \<or> ?N c \<noteq> 0" by dlo
  1.2299    moreover
  1.2300 -  {assume "?N c = 0" hence ?case using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])}
  1.2301 +  {
  1.2302 +    assume "?N c = 0"
  1.2303 +    then have ?case
  1.2304 +      using px by (simp add: tmbound0_I[OF lin(3), where bs="bs" and b="x" and b'="y"])
  1.2305 +  }
  1.2306    moreover
  1.2307 -  {assume c: "?N c \<noteq> 0"
  1.2308 -    from yne c eq_divide_eq[of "y" "- ?Nt x s" "?N c"] have ?case
  1.2309 -      by (simp add: field_simps tmbound0_I[OF lin(3), of vs x bs y] sum_eq[symmetric]) }
  1.2310 -  ultimately show ?case by blast
  1.2311 +  {
  1.2312 +    assume c: "?N c \<noteq> 0"
  1.2313 +    from yne c eq_divide_eq[of "y" "- ?Nt x s" "?N c"]
  1.2314 +    have ?case
  1.2315 +      by (simp add: field_simps tmbound0_I[OF lin(3), of vs x bs y] sum_eq[symmetric])
  1.2316 +  }
  1.2317 +  ultimately show ?case
  1.2318 +    by blast
  1.2319  qed (auto simp add: tmbound0_I[where vs=vs and bs="bs" and b="y" and b'="x"] bound0_I[where vs=vs and bs="bs" and b="y" and b'="x"])
  1.2320  
  1.2321  lemma inf_uset:
  1.2322    assumes lp: "islin p"
  1.2323 -  and nmi: "\<not> (Ifm vs (x#bs) (minusinf p))" (is "\<not> (Ifm vs (x#bs) (?M p))")
  1.2324 -  and npi: "\<not> (Ifm vs (x#bs) (plusinf p))" (is "\<not> (Ifm vs (x#bs) (?P p))")
  1.2325 -  and ex: "\<exists>x.  Ifm vs (x#bs) p" (is "\<exists>x. ?I x p")
  1.2326 -  shows "\<exists>(c,t) \<in> set (uset p). \<exists>(d,s) \<in> set (uset p). ?I ((- Itm vs (x#bs) t / Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) / 2) p"
  1.2327 -proof-
  1.2328 -  let ?Nt = "\<lambda> x t. Itm vs (x#bs) t"
  1.2329 +    and nmi: "\<not> (Ifm vs (x#bs) (minusinf p))" (is "\<not> (Ifm vs (x#bs) (?M p))")
  1.2330 +    and npi: "\<not> (Ifm vs (x#bs) (plusinf p))" (is "\<not> (Ifm vs (x#bs) (?P p))")
  1.2331 +    and ex: "\<exists>x.  Ifm vs (x#bs) p" (is "\<exists>x. ?I x p")
  1.2332 +  shows "\<exists>(c, t) \<in> set (uset p). \<exists>(d, s) \<in> set (uset p).
  1.2333 +    ?I ((- Itm vs (x#bs) t / Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) / 2) p"
  1.2334 +proof -
  1.2335 +  let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
  1.2336    let ?N = "Ipoly vs"
  1.2337    let ?U = "set (uset p)"
  1.2338 -  from ex obtain a where pa: "?I a p" by blast
  1.2339 +  from ex obtain a where pa: "?I a p"
  1.2340 +    by blast
  1.2341    from bound0_I[OF minusinf_nb[OF lp], where bs="bs" and b="x" and b'="a"] nmi
  1.2342 -  have nmi': "\<not> (?I a (?M p))" by simp
  1.2343 +  have nmi': "\<not> (?I a (?M p))"
  1.2344 +    by simp
  1.2345    from bound0_I[OF plusinf_nb[OF lp], where bs="bs" and b="x" and b'="a"] npi
  1.2346 -  have npi': "\<not> (?I a (?P p))" by simp
  1.2347 +  have npi': "\<not> (?I a (?P p))"
  1.2348 +    by simp
  1.2349    have "\<exists>(c,t) \<in> set (uset p). \<exists>(d,s) \<in> set (uset p). ?I ((- ?Nt a t/?N c + - ?Nt a s /?N d) / 2) p"
  1.2350 -  proof-
  1.2351 -    let ?M = "(\<lambda> (c,t). - ?Nt a t / ?N c) ` ?U"
  1.2352 -    have fM: "finite ?M" by auto
  1.2353 +  proof -
  1.2354 +    let ?M = "(\<lambda>(c,t). - ?Nt a t / ?N c) ` ?U"
  1.2355 +    have fM: "finite ?M"
  1.2356 +      by auto
  1.2357      from minusinf_uset[OF lp nmi pa] plusinf_uset[OF lp npi pa]
  1.2358 -    have "\<exists>(c,t) \<in> set (uset p). \<exists>(d,s) \<in> set (uset p). a \<le> - ?Nt x t / ?N c \<and> a \<ge> - ?Nt x s / ?N d" by blast
  1.2359 -    then obtain "c" "t" "d" "s" where
  1.2360 -      ctU: "(c,t) \<in> ?U" and dsU: "(d,s) \<in> ?U"
  1.2361 -      and xs1: "a \<le> - ?Nt x s / ?N d" and tx1: "a \<ge> - ?Nt x t / ?N c" by blast
  1.2362 +    have "\<exists>(c, t) \<in> set (uset p). \<exists>(d, s) \<in> set (uset p).
  1.2363 +        a \<le> - ?Nt x t / ?N c \<and> a \<ge> - ?Nt x s / ?N d"
  1.2364 +      by blast
  1.2365 +    then obtain "c" "t" "d" "s"
  1.2366 +      where ctU: "(c,t) \<in> ?U"
  1.2367 +        and dsU: "(d,s) \<in> ?U"
  1.2368 +        and xs1: "a \<le> - ?Nt x s / ?N d"
  1.2369 +        and tx1: "a \<ge> - ?Nt x t / ?N c"
  1.2370 +      by blast
  1.2371      from uset_l[OF lp] ctU dsU tmbound0_I[where bs="bs" and b="x" and b'="a"] xs1 tx1
  1.2372 -    have xs: "a \<le> - ?Nt a s / ?N d" and tx: "a \<ge> - ?Nt a t / ?N c" by auto
  1.2373 +    have xs: "a \<le> - ?Nt a s / ?N d" and tx: "a \<ge> - ?Nt a t / ?N c"
  1.2374 +      by auto
  1.2375      from ctU have Mne: "?M \<noteq> {}" by auto
  1.2376 -    hence Une: "?U \<noteq> {}" by simp
  1.2377 +    then have Une: "?U \<noteq> {}" by simp
  1.2378      let ?l = "Min ?M"
  1.2379      let ?u = "Max ?M"
  1.2380 -    have linM: "?l \<in> ?M" using fM Mne by simp
  1.2381 -    have uinM: "?u \<in> ?M" using fM Mne by simp
  1.2382 -    have ctM: "- ?Nt a t / ?N c \<in> ?M" using ctU by auto
  1.2383 -    have dsM: "- ?Nt a s / ?N d \<in> ?M" using dsU by auto
  1.2384 -    have lM: "\<forall>t\<in> ?M. ?l \<le> t" using Mne fM by auto
  1.2385 -    have Mu: "\<forall>t\<in> ?M. t \<le> ?u" using Mne fM by auto
  1.2386 -    have "?l \<le> - ?Nt a t / ?N c" using ctM Mne by simp hence lx: "?l \<le> a" using tx by simp
  1.2387 -    have "- ?Nt a s / ?N d \<le> ?u" using dsM Mne by simp hence xu: "a \<le> ?u" using xs by simp
  1.2388 -    from finite_set_intervals2[where P="\<lambda> x. ?I x p",OF pa lx xu linM uinM fM lM Mu]
  1.2389 +    have linM: "?l \<in> ?M"
  1.2390 +      using fM Mne by simp
  1.2391 +    have uinM: "?u \<in> ?M"
  1.2392 +      using fM Mne by simp
  1.2393 +    have ctM: "- ?Nt a t / ?N c \<in> ?M"
  1.2394 +      using ctU by auto
  1.2395 +    have dsM: "- ?Nt a s / ?N d \<in> ?M"
  1.2396 +      using dsU by auto
  1.2397 +    have lM: "\<forall>t\<in> ?M. ?l \<le> t"
  1.2398 +      using Mne fM by auto
  1.2399 +    have Mu: "\<forall>t\<in> ?M. t \<le> ?u"
  1.2400 +      using Mne fM by auto
  1.2401 +    have "?l \<le> - ?Nt a t / ?N c"
  1.2402 +      using ctM Mne by simp
  1.2403 +    then have lx: "?l \<le> a"
  1.2404 +      using tx by simp
  1.2405 +    have "- ?Nt a s / ?N d \<le> ?u"
  1.2406 +      using dsM Mne by simp
  1.2407 +    then have xu: "a \<le> ?u"
  1.2408 +      using xs by simp
  1.2409 +    from finite_set_intervals2[where P="\<lambda>x. ?I x p",OF pa lx xu linM uinM fM lM Mu]
  1.2410      have "(\<exists>s\<in> ?M. ?I s p) \<or>
  1.2411        (\<exists>t1\<in> ?M. \<exists>t2 \<in> ?M. (\<forall>y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M) \<and> t1 < a \<and> a < t2 \<and> ?I a p)" .
  1.2412 -    moreover {fix u assume um: "u\<in> ?M" and pu: "?I u p"
  1.2413 -      hence "\<exists>(nu,tu) \<in> ?U. u = - ?Nt a tu / ?N nu" by auto
  1.2414 -      then obtain "tu" "nu" where tuU: "(nu,tu) \<in> ?U" and tuu:"u= - ?Nt a tu / ?N nu" by blast
  1.2415 -      from pu tuu
  1.2416 -      have "?I (((- ?Nt a tu / ?N nu) + (- ?Nt a tu / ?N nu)) / 2) p" by simp
  1.2417 -      with tuU have ?thesis by blast}
  1.2418 -    moreover{
  1.2419 +    moreover {
  1.2420 +      fix u
  1.2421 +      assume um: "u\<in> ?M"
  1.2422 +        and pu: "?I u p"
  1.2423 +      then have "\<exists>(nu,tu) \<in> ?U. u = - ?Nt a tu / ?N nu"
  1.2424 +        by auto
  1.2425 +      then obtain tu nu where tuU: "(nu, tu) \<in> ?U"
  1.2426 +        and tuu:"u= - ?Nt a tu / ?N nu"
  1.2427 +        by blast
  1.2428 +      from pu tuu have "?I (((- ?Nt a tu / ?N nu) + (- ?Nt a tu / ?N nu)) / 2) p"
  1.2429 +        by simp
  1.2430 +      with tuU have ?thesis by blast
  1.2431 +    }
  1.2432 +    moreover {
  1.2433        assume "\<exists>t1\<in> ?M. \<exists>t2 \<in> ?M. (\<forall>y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M) \<and> t1 < a \<and> a < t2 \<and> ?I a p"
  1.2434 -      then obtain t1 and t2 where t1M: "t1 \<in> ?M" and t2M: "t2\<in> ?M"
  1.2435 -        and noM: "\<forall>y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M" and t1x: "t1 < a" and xt2: "a < t2" and px: "?I a p"
  1.2436 +      then obtain t1 t2
  1.2437 +        where t1M: "t1 \<in> ?M"
  1.2438 +          and t2M: "t2\<in> ?M"
  1.2439 +          and noM: "\<forall>y. t1 < y \<and> y < t2 \<longrightarrow> y \<notin> ?M"
  1.2440 +          and t1x: "t1 < a"
  1.2441 +          and xt2: "a < t2"
  1.2442 +          and px: "?I a p"
  1.2443          by blast
  1.2444 -      from t1M have "\<exists>(t1n,t1u) \<in> ?U. t1 = - ?Nt a t1u / ?N t1n" by auto
  1.2445 -      then obtain "t1u" "t1n" where t1uU: "(t1n,t1u) \<in> ?U" and t1u: "t1 = - ?Nt a t1u / ?N t1n" by blast
  1.2446 -      from t2M have "\<exists>(t2n,t2u) \<in> ?U. t2 = - ?Nt a t2u / ?N t2n" by auto
  1.2447 -      then obtain "t2u" "t2n" where t2uU: "(t2n,t2u) \<in> ?U" and t2u: "t2 = - ?Nt a t2u / ?N t2n" by blast
  1.2448 +      from t1M have "\<exists>(t1n, t1u) \<in> ?U. t1 = - ?Nt a t1u / ?N t1n"
  1.2449 +        by auto
  1.2450 +      then obtain t1u t1n where t1uU: "(t1n, t1u) \<in> ?U"
  1.2451 +        and t1u: "t1 = - ?Nt a t1u / ?N t1n"
  1.2452 +        by blast
  1.2453 +      from t2M have "\<exists>(t2n, t2u) \<in> ?U. t2 = - ?Nt a t2u / ?N t2n"
  1.2454 +        by auto
  1.2455 +      then obtain t2u t2n where t2uU: "(t2n, t2u) \<in> ?U"
  1.2456 +        and t2u: "t2 = - ?Nt a t2u / ?N t2n"
  1.2457 +        by blast
  1.2458        from t1x xt2 have t1t2: "t1 < t2" by simp
  1.2459        let ?u = "(t1 + t2) / 2"
  1.2460 -      from less_half_sum[OF t1t2] gt_half_sum[OF t1t2] have t1lu: "t1 < ?u" and ut2: "?u < t2" by auto
  1.2461 +      from less_half_sum[OF t1t2] gt_half_sum[OF t1t2] have t1lu: "t1 < ?u" and ut2: "?u < t2"
  1.2462 +        by auto
  1.2463        from lin_dense[OF lp noM t1x xt2 px t1lu ut2] have "?I ?u p" .
  1.2464 -      with t1uU t2uU t1u t2u have ?thesis by blast}
  1.2465 +      with t1uU t2uU t1u t2u have ?thesis by blast
  1.2466 +    }
  1.2467      ultimately show ?thesis by blast
  1.2468    qed
  1.2469 -  then obtain "l" "n" "s"  "m" where lnU: "(n,l) \<in> ?U" and smU:"(m,s) \<in> ?U"
  1.2470 -    and pu: "?I ((- ?Nt a l / ?N n + - ?Nt a s / ?N m) / 2) p" by blast
  1.2471 -  from lnU smU uset_l[OF lp] have nbl: "tmbound0 l" and nbs: "tmbound0 s" by auto
  1.2472 +  then obtain l n s  m
  1.2473 +    where lnU: "(n, l) \<in> ?U"
  1.2474 +      and smU:"(m,s) \<in> ?U"
  1.2475 +      and pu: "?I ((- ?Nt a l / ?N n + - ?Nt a s / ?N m) / 2) p"
  1.2476 +    by blast
  1.2477 +  from lnU smU uset_l[OF lp] have nbl: "tmbound0 l" and nbs: "tmbound0 s"
  1.2478 +    by auto
  1.2479    from tmbound0_I[OF nbl, where bs="bs" and b="a" and b'="x"]
  1.2480      tmbound0_I[OF nbs, where bs="bs" and b="a" and b'="x"] pu
  1.2481 -  have "?I ((- ?Nt x l / ?N n + - ?Nt x s / ?N m) / 2) p" by simp
  1.2482 -  with lnU smU
  1.2483 -  show ?thesis by auto
  1.2484 +  have "?I ((- ?Nt x l / ?N n + - ?Nt x s / ?N m) / 2) p"
  1.2485 +    by simp
  1.2486 +  with lnU smU show ?thesis by auto
  1.2487  qed
  1.2488  
  1.2489 -    (* The Ferrante - Rackoff Theorem *)
  1.2490 +(* The Ferrante - Rackoff Theorem *)
  1.2491  
  1.2492  theorem fr_eq:
  1.2493    assumes lp: "islin p"
  1.2494 -  shows "(\<exists>x. Ifm vs (x#bs) p) = ((Ifm vs (x#bs) (minusinf p)) \<or> (Ifm vs (x#bs) (plusinf p)) \<or> (\<exists>(n,t) \<in> set (uset p). \<exists>(m,s) \<in> set (uset p). Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs n + - Itm vs (x#bs) s / Ipoly vs m) / 2)#bs) p))"
  1.2495 +  shows "(\<exists>x. Ifm vs (x#bs) p) \<longleftrightarrow>
  1.2496 +    (Ifm vs (x#bs) (minusinf p) \<or>
  1.2497 +     Ifm vs (x#bs) (plusinf p) \<or>
  1.2498 +     (\<exists>(n, t) \<in> set (uset p). \<exists>(m, s) \<in> set (uset p).
  1.2499 +       Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs n + - Itm vs (x#bs) s / Ipoly vs m) / 2)#bs) p))"
  1.2500    (is "(\<exists>x. ?I x p) = (?M \<or> ?P \<or> ?F)" is "?E = ?D")
  1.2501  proof
  1.2502    assume px: "\<exists>x. ?I x p"
  1.2503 -  have "?M \<or> ?P \<or> (\<not> ?M \<and> \<not> ?P)" by blast
  1.2504 -  moreover {assume "?M \<or> ?P" hence "?D" by blast}
  1.2505 -  moreover {assume nmi: "\<not> ?M" and npi: "\<not> ?P"
  1.2506 -    from inf_uset[OF lp nmi npi] have "?F" using px by blast hence "?D" by blast}
  1.2507 -  ultimately show "?D" by blast
  1.2508 +  have "?M \<or> ?P \<or> (\<not> ?M \<and> \<not> ?P)"
  1.2509 +    by blast
  1.2510 +  moreover {
  1.2511 +    assume "?M \<or> ?P"
  1.2512 +    then have "?D" by blast
  1.2513 +  }
  1.2514 +  moreover {
  1.2515 +    assume nmi: "\<not> ?M"
  1.2516 +      and npi: "\<not> ?P"
  1.2517 +    from inf_uset[OF lp nmi npi] have ?F
  1.2518 +      using px by blast
  1.2519 +    then have ?D by blast
  1.2520 +  }
  1.2521 +  ultimately show ?D by blast
  1.2522  next
  1.2523 -  assume "?D"
  1.2524 -  moreover {assume m:"?M" from minusinf_ex[OF lp m] have "?E" .}
  1.2525 -  moreover {assume p: "?P" from plusinf_ex[OF lp p] have "?E" . }
  1.2526 -  moreover {assume f:"?F" hence "?E" by blast}
  1.2527 -  ultimately show "?E" by blast
  1.2528 +  assume ?D
  1.2529 +  moreover {
  1.2530 +    assume m: ?M
  1.2531 +    from minusinf_ex[OF lp m] have ?E .
  1.2532 +  }
  1.2533 +  moreover {
  1.2534 +    assume p: ?P
  1.2535 +    from plusinf_ex[OF lp p] have ?E .
  1.2536 +  }
  1.2537 +  moreover {
  1.2538 +    assume f: ?F
  1.2539 +    then have ?E by blast
  1.2540 +  }
  1.2541 +  ultimately show ?E by blast
  1.2542  qed
  1.2543  
  1.2544 -section{* First implementation : Naive by encoding all case splits locally *}
  1.2545 +
  1.2546 +section {* First implementation : Naive by encoding all case splits locally *}
  1.2547 +
  1.2548  definition "msubsteq c t d s a r =
  1.2549    evaldjf (split conj)
  1.2550 -  [(let cd = c *\<^sub>p d in (NEq (CP cd), Eq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2551 -   (conj (Eq (CP c)) (NEq (CP d)) , Eq (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2552 -   (conj (NEq (CP c)) (Eq (CP d)) , Eq (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2553 -   (conj (Eq (CP c)) (Eq (CP d)) , Eq r)]"
  1.2554 -
  1.2555 -lemma msubsteq_nb: assumes lp: "islin (Eq (CNP 0 a r))" and t: "tmbound0 t" and s: "tmbound0 s"
  1.2556 +  [(let cd = c *\<^sub>p d
  1.2557 +    in (NEq (CP cd), Eq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2558 +   (conj (Eq (CP c)) (NEq (CP d)), Eq (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2559 +   (conj (NEq (CP c)) (Eq (CP d)), Eq (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2560 +   (conj (Eq (CP c)) (Eq (CP d)), Eq r)]"
  1.2561 +
  1.2562 +lemma msubsteq_nb:
  1.2563 +  assumes lp: "islin (Eq (CNP 0 a r))"
  1.2564 +    and t: "tmbound0 t"
  1.2565 +    and s: "tmbound0 s"
  1.2566    shows "bound0 (msubsteq c t d s a r)"
  1.2567 -proof-
  1.2568 -  have th: "\<forall>x\<in> set [(let cd = c *\<^sub>p d in (NEq (CP cd), Eq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2569 -   (conj (Eq (CP c)) (NEq (CP d)) , Eq (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2570 -   (conj (NEq (CP c)) (Eq (CP d)) , Eq (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2571 -   (conj (Eq (CP c)) (Eq (CP d)) , Eq r)]. bound0 (split conj x)"
  1.2572 -    using lp by (simp add: Let_def t s )
  1.2573 -  from evaldjf_bound0[OF th] show ?thesis by (simp add: msubsteq_def)
  1.2574 +proof -
  1.2575 +  have th: "\<forall>x \<in> set
  1.2576 +    [(let cd = c *\<^sub>p d
  1.2577 +      in (NEq (CP cd), Eq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2578 +     (conj (Eq (CP c)) (NEq (CP d)), Eq (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2579 +     (conj (NEq (CP c)) (Eq (CP d)), Eq (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2580 +     (conj (Eq (CP c)) (Eq (CP d)), Eq r)]. bound0 (split conj x)"
  1.2581 +    using lp by (simp add: Let_def t s)
  1.2582 +  from evaldjf_bound0[OF th] show ?thesis
  1.2583 +    by (simp add: msubsteq_def)
  1.2584  qed
  1.2585  
  1.2586 -lemma msubsteq: assumes lp: "islin (Eq (CNP 0 a r))"
  1.2587 -  shows "Ifm vs (x#bs) (msubsteq c t d s a r) = Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) / 2)#bs) (Eq (CNP 0 a r))" (is "?lhs = ?rhs")
  1.2588 -proof-
  1.2589 -  let ?Nt = "\<lambda>(x::'a) t. Itm vs (x#bs) t"
  1.2590 +lemma msubsteq:
  1.2591 +  assumes lp: "islin (Eq (CNP 0 a r))"
  1.2592 +  shows "Ifm vs (x#bs) (msubsteq c t d s a r) =
  1.2593 +    Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) / 2)#bs) (Eq (CNP 0 a r))"
  1.2594 +  (is "?lhs = ?rhs")
  1.2595 +proof -
  1.2596 +  let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
  1.2597    let ?N = "\<lambda>p. Ipoly vs p"
  1.2598    let ?c = "?N c"
  1.2599    let ?d = "?N d"
  1.2600 @@ -2064,81 +2687,116 @@
  1.2601    let ?s = "?Nt x s"
  1.2602    let ?a = "?N a"
  1.2603    let ?r = "?Nt x r"
  1.2604 -  from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r" by simp_all
  1.2605 +  from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r"
  1.2606 +    by simp_all
  1.2607    note r= tmbound0_I[OF lin(3), of vs _ bs x]
  1.2608 -  have cd_cs: "?c * ?d \<noteq> 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d \<noteq> 0) \<or> (?c \<noteq> 0 \<and> ?d = 0)" by auto
  1.2609 +  have cd_cs: "?c * ?d \<noteq> 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d \<noteq> 0) \<or> (?c \<noteq> 0 \<and> ?d = 0)"
  1.2610 +    by auto
  1.2611    moreover
  1.2612 -  {assume c: "?c = 0" and d: "?d=0"
  1.2613 -    hence ?thesis  by (simp add: r[of 0] msubsteq_def Let_def evaldjf_ex)}
  1.2614 +  {
  1.2615 +    assume c: "?c = 0"
  1.2616 +      and d: "?d=0"
  1.2617 +    then have ?thesis
  1.2618 +      by (simp add: r[of 0] msubsteq_def Let_def evaldjf_ex)
  1.2619 +  }
  1.2620    moreover
  1.2621 -  {assume c: "?c = 0" and d: "?d\<noteq>0"
  1.2622 -    from c have th: "(- ?t / ?c + - ?s / ?d)/2 = -?s / (2*?d)" by simp
  1.2623 -    have "?rhs = Ifm vs (-?s / (2*?d) # bs) (Eq (CNP 0 a r))" by (simp only: th)
  1.2624 -    also have "\<dots> \<longleftrightarrow> ?a * (-?s / (2*?d)) + ?r = 0" by (simp add: r[of "- (Itm vs (x # bs) s / (2 * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"])
  1.2625 -    also have "\<dots> \<longleftrightarrow> 2*?d * (?a * (-?s / (2*?d)) + ?r) = 0"
  1.2626 +  {
  1.2627 +    assume c: "?c = 0"
  1.2628 +      and d: "?d\<noteq>0"
  1.2629 +    from c have th: "(- ?t / ?c + - ?s / ?d)/2 = -?s / (2*?d)"
  1.2630 +      by simp
  1.2631 +    have "?rhs = Ifm vs (-?s / (2*?d) # bs) (Eq (CNP 0 a r))"
  1.2632 +      by (simp only: th)
  1.2633 +    also have "\<dots> \<longleftrightarrow> ?a * (-?s / (2*?d)) + ?r = 0"
  1.2634 +      by (simp add: r[of "- (Itm vs (x # bs) s / (2 * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"])
  1.2635 +    also have "\<dots> \<longleftrightarrow> 2 * ?d * (?a * (-?s / (2*?d)) + ?r) = 0"
  1.2636        using d mult_cancel_left[of "2*?d" "(?a * (-?s / (2*?d)) + ?r)" 0] by simp
  1.2637 -    also have "\<dots> \<longleftrightarrow> (- ?a * ?s) * (2*?d / (2*?d)) + 2*?d*?r= 0"
  1.2638 +    also have "\<dots> \<longleftrightarrow> (- ?a * ?s) * (2*?d / (2*?d)) + 2 * ?d * ?r= 0"
  1.2639        by (simp add: field_simps distrib_left[of "2*?d"] del: distrib_left)
  1.2640 -
  1.2641 -    also have "\<dots> \<longleftrightarrow> - (?a * ?s) + 2*?d*?r = 0" using d by simp
  1.2642 -    finally have ?thesis using c d
  1.2643 +    also have "\<dots> \<longleftrightarrow> - (?a * ?s) + 2*?d*?r = 0"
  1.2644 +      using d by simp
  1.2645 +    finally have ?thesis
  1.2646 +      using c d
  1.2647        by (simp add: r[of "- (Itm vs (x # bs) s / (2 * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"] msubsteq_def Let_def evaldjf_ex)
  1.2648    }
  1.2649    moreover
  1.2650 -  {assume c: "?c \<noteq> 0" and d: "?d=0"
  1.2651 -    from d have th: "(- ?t / ?c + - ?s / ?d)/2 = -?t / (2*?c)" by simp
  1.2652 -    have "?rhs = Ifm vs (-?t / (2*?c) # bs) (Eq (CNP 0 a r))" by (simp only: th)
  1.2653 -    also have "\<dots> \<longleftrightarrow> ?a * (-?t / (2*?c)) + ?r = 0" by (simp add: r[of "- (?t/ (2 * ?c))"])
  1.2654 -    also have "\<dots> \<longleftrightarrow> 2*?c * (?a * (-?t / (2*?c)) + ?r) = 0"
  1.2655 -      using c mult_cancel_left[of "2*?c" "(?a * (-?t / (2*?c)) + ?r)" 0] by simp
  1.2656 -    also have "\<dots> \<longleftrightarrow> (?a * -?t)* (2*?c) / (2*?c) + 2*?c*?r= 0"
  1.2657 -      by (simp add: field_simps distrib_left[of "2*?c"] del: distrib_left)
  1.2658 -    also have "\<dots> \<longleftrightarrow> - (?a * ?t) + 2*?c*?r = 0" using c by simp
  1.2659 +  {
  1.2660 +    assume c: "?c \<noteq> 0"
  1.2661 +      and d: "?d = 0"
  1.2662 +    from d have th: "(- ?t / ?c + - ?s / ?d)/2 = -?t / (2 * ?c)"
  1.2663 +      by simp
  1.2664 +    have "?rhs = Ifm vs (-?t / (2*?c) # bs) (Eq (CNP 0 a r))"
  1.2665 +      by (simp only: th)
  1.2666 +    also have "\<dots> \<longleftrightarrow> ?a * (-?t / (2*?c)) + ?r = 0"
  1.2667 +      by (simp add: r[of "- (?t/ (2 * ?c))"])
  1.2668 +    also have "\<dots> \<longleftrightarrow> 2 * ?c * (?a * (-?t / (2 * ?c)) + ?r) = 0"
  1.2669 +      using c mult_cancel_left[of "2 * ?c" "(?a * (-?t / (2 * ?c)) + ?r)" 0] by simp
  1.2670 +    also have "\<dots> \<longleftrightarrow> (?a * -?t)* (2 * ?c) / (2 * ?c) + 2 * ?c * ?r= 0"
  1.2671 +      by (simp add: field_simps distrib_left[of "2 * ?c"] del: distrib_left)
  1.2672 +    also have "\<dots> \<longleftrightarrow> - (?a * ?t) + 2 * ?c * ?r = 0" using c by simp
  1.2673      finally have ?thesis using c d
  1.2674 -      by (simp add: r[of "- (?t/ (2*?c))"] msubsteq_def Let_def evaldjf_ex)
  1.2675 +      by (simp add: r[of "- (?t/ (2 * ?c))"] msubsteq_def Let_def evaldjf_ex)
  1.2676    }
  1.2677    moreover
  1.2678 -  {assume c: "?c \<noteq> 0" and d: "?d\<noteq>0" hence dc: "?c * ?d *2 \<noteq> 0" by simp
  1.2679 +  {
  1.2680 +    assume c: "?c \<noteq> 0"
  1.2681 +      and d: "?d \<noteq> 0"
  1.2682 +    then have dc: "?c * ?d * 2 \<noteq> 0"
  1.2683 +      by simp
  1.2684      from add_frac_eq[OF c d, of "- ?t" "- ?s"]
  1.2685 -    have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2*?c*?d)"
  1.2686 +    have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2 * ?c * ?d)"
  1.2687        by (simp add: field_simps)
  1.2688 -    have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Eq (CNP 0 a r))" by (simp only: th)
  1.2689 +    have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Eq (CNP 0 a r))"
  1.2690 +      by (simp only: th)
  1.2691      also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r = 0"
  1.2692        by (simp add: r [of "(- (?d * ?t) - (?c *?s)) / (2 * ?c * ?d)"])
  1.2693 -    also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) =0 "
  1.2694 -      using c d mult_cancel_left[of "2 * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r" 0] by simp
  1.2695 -    also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + 2*?c*?d*?r =0"
  1.2696 +    also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) = 0"
  1.2697 +      using c d mult_cancel_left[of "2 * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ (2 * ?c * ?d)) + ?r" 0]
  1.2698 +      by simp
  1.2699 +    also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + 2 * ?c * ?d * ?r = 0"
  1.2700        using nonzero_mult_divide_cancel_left [OF dc] c d
  1.2701        by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  1.2702      finally  have ?thesis using c d
  1.2703 -      by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubsteq_def Let_def evaldjf_ex field_simps)
  1.2704 +      by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"]
  1.2705 +          msubsteq_def Let_def evaldjf_ex field_simps)
  1.2706    }
  1.2707 -  ultimately show ?thesis by blast
  1.2708 +  ultimately show ?thesis
  1.2709 +    by blast
  1.2710  qed
  1.2711  
  1.2712  
  1.2713  definition "msubstneq c t d s a r =
  1.2714    evaldjf (split conj)
  1.2715 -  [(let cd = c *\<^sub>p d in (NEq (CP cd), NEq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2716 -   (conj (Eq (CP c)) (NEq (CP d)) , NEq (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2717 -   (conj (NEq (CP c)) (Eq (CP d)) , NEq (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2718 -   (conj (Eq (CP c)) (Eq (CP d)) , NEq r)]"
  1.2719 -
  1.2720 -lemma msubstneq_nb: assumes lp: "islin (NEq (CNP 0 a r))" and t: "tmbound0 t" and s: "tmbound0 s"
  1.2721 +  [(let cd = c *\<^sub>p d
  1.2722 +    in (NEq (CP cd), NEq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2723 +   (conj (Eq (CP c)) (NEq (CP d)), NEq (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2724 +   (conj (NEq (CP c)) (Eq (CP d)), NEq (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2725 +   (conj (Eq (CP c)) (Eq (CP d)), NEq r)]"
  1.2726 +
  1.2727 +lemma msubstneq_nb:
  1.2728 +  assumes lp: "islin (NEq (CNP 0 a r))"
  1.2729 +    and t: "tmbound0 t"
  1.2730 +    and s: "tmbound0 s"
  1.2731    shows "bound0 (msubstneq c t d s a r)"
  1.2732 -proof-
  1.2733 -  have th: "\<forall>x\<in> set [(let cd = c *\<^sub>p d in (NEq (CP cd), NEq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2734 -    (conj (Eq (CP c)) (NEq (CP d)) , NEq (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2735 -    (conj (NEq (CP c)) (Eq (CP d)) , NEq (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2736 -    (conj (Eq (CP c)) (Eq (CP d)) , NEq r)]. bound0 (split conj x)"
  1.2737 -    using lp by (simp add: Let_def t s )
  1.2738 -  from evaldjf_bound0[OF th] show ?thesis by (simp add: msubstneq_def)
  1.2739 +proof -
  1.2740 +  have th: "\<forall>x\<in> set
  1.2741 +   [(let cd = c *\<^sub>p d
  1.2742 +     in (NEq (CP cd), NEq (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2743 +    (conj (Eq (CP c)) (NEq (CP d)), NEq (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2744 +    (conj (NEq (CP c)) (Eq (CP d)), NEq (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2745 +    (conj (Eq (CP c)) (Eq (CP d)), NEq r)]. bound0 (split conj x)"
  1.2746 +    using lp by (simp add: Let_def t s)
  1.2747 +  from evaldjf_bound0[OF th] show ?thesis
  1.2748 +    by (simp add: msubstneq_def)
  1.2749  qed
  1.2750  
  1.2751 -lemma msubstneq: assumes lp: "islin (Eq (CNP 0 a r))"
  1.2752 -  shows "Ifm vs (x#bs) (msubstneq c t d s a r) = Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /2)#bs) (NEq (CNP 0 a r))" (is "?lhs = ?rhs")
  1.2753 -proof-
  1.2754 -  let ?Nt = "\<lambda>(x::'a) t. Itm vs (x#bs) t"
  1.2755 +lemma msubstneq:
  1.2756 +  assumes lp: "islin (Eq (CNP 0 a r))"
  1.2757 +  shows "Ifm vs (x#bs) (msubstneq c t d s a r) =
  1.2758 +    Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /2)#bs) (NEq (CNP 0 a r))"
  1.2759 +  (is "?lhs = ?rhs")
  1.2760 +proof -
  1.2761 +  let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
  1.2762    let ?N = "\<lambda>p. Ipoly vs p"
  1.2763    let ?c = "?N c"
  1.2764    let ?d = "?N d"
  1.2765 @@ -2146,87 +2804,125 @@
  1.2766    let ?s = "?Nt x s"
  1.2767    let ?a = "?N a"
  1.2768    let ?r = "?Nt x r"
  1.2769 -  from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r" by simp_all
  1.2770 -  note r= tmbound0_I[OF lin(3), of vs _ bs x]
  1.2771 -  have cd_cs: "?c * ?d \<noteq> 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d \<noteq> 0) \<or> (?c \<noteq> 0 \<and> ?d = 0)" by auto
  1.2772 +  from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r"
  1.2773 +    by simp_all
  1.2774 +  note r = tmbound0_I[OF lin(3), of vs _ bs x]
  1.2775 +  have cd_cs: "?c * ?d \<noteq> 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d \<noteq> 0) \<or> (?c \<noteq> 0 \<and> ?d = 0)"
  1.2776 +    by auto
  1.2777    moreover
  1.2778 -  {assume c: "?c = 0" and d: "?d=0"
  1.2779 -    hence ?thesis  by (simp add: r[of 0] msubstneq_def Let_def evaldjf_ex)}
  1.2780 +  {
  1.2781 +    assume c: "?c = 0"
  1.2782 +      and d: "?d=0"
  1.2783 +    then have ?thesis
  1.2784 +      by (simp add: r[of 0] msubstneq_def Let_def evaldjf_ex)
  1.2785 +  }
  1.2786    moreover
  1.2787 -  {assume c: "?c = 0" and d: "?d\<noteq>0"
  1.2788 -    from c have th: "(- ?t / ?c + - ?s / ?d)/2 = -?s / (2*?d)" by simp
  1.2789 -    have "?rhs = Ifm vs (-?s / (2*?d) # bs) (NEq (CNP 0 a r))" by (simp only: th)
  1.2790 -    also have "\<dots> \<longleftrightarrow> ?a * (-?s / (2*?d)) + ?r \<noteq> 0" by (simp add: r[of "- (Itm vs (x # bs) s / (2 * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"])
  1.2791 +  {
  1.2792 +    assume c: "?c = 0"
  1.2793 +      and d: "?d\<noteq>0"
  1.2794 +    from c have th: "(- ?t / ?c + - ?s / ?d)/2 = -?s / (2 * ?d)"
  1.2795 +      by simp
  1.2796 +    have "?rhs = Ifm vs (-?s / (2*?d) # bs) (NEq (CNP 0 a r))"
  1.2797 +      by (simp only: th)
  1.2798 +    also have "\<dots> \<longleftrightarrow> ?a * (-?s / (2*?d)) + ?r \<noteq> 0"
  1.2799 +      by (simp add: r[of "- (Itm vs (x # bs) s / (2 * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"])
  1.2800      also have "\<dots> \<longleftrightarrow> 2*?d * (?a * (-?s / (2*?d)) + ?r) \<noteq> 0"
  1.2801        using d mult_cancel_left[of "2*?d" "(?a * (-?s / (2*?d)) + ?r)" 0] by simp
  1.2802      also have "\<dots> \<longleftrightarrow> (- ?a * ?s) * (2*?d / (2*?d)) + 2*?d*?r\<noteq> 0"
  1.2803        by (simp add: field_simps distrib_left[of "2*?d"] del: distrib_left)
  1.2804 -
  1.2805 -    also have "\<dots> \<longleftrightarrow> - (?a * ?s) + 2*?d*?r \<noteq> 0" using d by simp
  1.2806 -    finally have ?thesis using c d
  1.2807 +    also have "\<dots> \<longleftrightarrow> - (?a * ?s) + 2*?d*?r \<noteq> 0"
  1.2808 +      using d by simp
  1.2809 +    finally have ?thesis
  1.2810 +      using c d
  1.2811        by (simp add: r[of "- (Itm vs (x # bs) s / (2 * \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>))"] msubstneq_def Let_def evaldjf_ex)
  1.2812    }
  1.2813    moreover
  1.2814 -  {assume c: "?c \<noteq> 0" and d: "?d=0"
  1.2815 -    from d have th: "(- ?t / ?c + - ?s / ?d)/2 = -?t / (2*?c)" by simp
  1.2816 -    have "?rhs = Ifm vs (-?t / (2*?c) # bs) (NEq (CNP 0 a r))" by (simp only: th)
  1.2817 -    also have "\<dots> \<longleftrightarrow> ?a * (-?t / (2*?c)) + ?r \<noteq> 0" by (simp add: r[of "- (?t/ (2 * ?c))"])
  1.2818 +  {
  1.2819 +    assume c: "?c \<noteq> 0"
  1.2820 +      and d: "?d=0"
  1.2821 +    from d have th: "(- ?t / ?c + - ?s / ?d)/2 = -?t / (2*?c)"
  1.2822 +      by simp
  1.2823 +    have "?rhs = Ifm vs (-?t / (2*?c) # bs) (NEq (CNP 0 a r))"
  1.2824 +      by (simp only: th)
  1.2825 +    also have "\<dots> \<longleftrightarrow> ?a * (-?t / (2*?c)) + ?r \<noteq> 0"
  1.2826 +      by (simp add: r[of "- (?t/ (2 * ?c))"])
  1.2827      also have "\<dots> \<longleftrightarrow> 2*?c * (?a * (-?t / (2*?c)) + ?r) \<noteq> 0"
  1.2828        using c mult_cancel_left[of "2*?c" "(?a * (-?t / (2*?c)) + ?r)" 0] by simp
  1.2829      also have "\<dots> \<longleftrightarrow> (?a * -?t)* (2*?c) / (2*?c) + 2*?c*?r \<noteq> 0"
  1.2830        by (simp add: field_simps distrib_left[of "2*?c"] del: distrib_left)
  1.2831 -    also have "\<dots> \<longleftrightarrow> - (?a * ?t) + 2*?c*?r \<noteq> 0" using c by simp
  1.2832 -    finally have ?thesis using c d
  1.2833 -      by (simp add: r[of "- (?t/ (2*?c))"] msubstneq_def Let_def evaldjf_ex)
  1.2834 +    also have "\<dots> \<longleftrightarrow> - (?a * ?t) + 2*?c*?r \<noteq> 0"
  1.2835 +      using c by simp
  1.2836 +    finally have ?thesis
  1.2837 +      using c d by (simp add: r[of "- (?t/ (2*?c))"] msubstneq_def Let_def evaldjf_ex)
  1.2838    }
  1.2839    moreover
  1.2840 -  {assume c: "?c \<noteq> 0" and d: "?d\<noteq>0" hence dc: "?c * ?d *2 \<noteq> 0" by simp
  1.2841 +  {
  1.2842 +    assume c: "?c \<noteq> 0"
  1.2843 +      and d: "?d \<noteq> 0"
  1.2844 +    then have dc: "?c * ?d *2 \<noteq> 0"
  1.2845 +      by simp
  1.2846      from add_frac_eq[OF c d, of "- ?t" "- ?s"]
  1.2847 -    have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2*?c*?d)"
  1.2848 +    have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c * ?s )/ (2 * ?c * ?d)"
  1.2849        by (simp add: field_simps)
  1.2850 -    have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (NEq (CNP 0 a r))" by (simp only: th)
  1.2851 +    have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (NEq (CNP 0 a r))"
  1.2852 +      by (simp only: th)
  1.2853      also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r \<noteq> 0"
  1.2854        by (simp add: r [of "(- (?d * ?t) - (?c *?s)) / (2 * ?c * ?d)"])
  1.2855 -    also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) \<noteq> 0 "
  1.2856 -      using c d mult_cancel_left[of "2 * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r" 0] by simp
  1.2857 +    also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) \<noteq> 0"
  1.2858 +      using c d mult_cancel_left[of "2 * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r" 0]
  1.2859 +      by simp
  1.2860      also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + 2*?c*?d*?r \<noteq> 0"
  1.2861        using nonzero_mult_divide_cancel_left[OF dc] c d
  1.2862        by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  1.2863 -    finally  have ?thesis using c d
  1.2864 -      by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubstneq_def Let_def evaldjf_ex field_simps)
  1.2865 +    finally have ?thesis
  1.2866 +      using c d
  1.2867 +      by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"]
  1.2868 +          msubstneq_def Let_def evaldjf_ex field_simps)
  1.2869    }
  1.2870    ultimately show ?thesis by blast
  1.2871  qed
  1.2872  
  1.2873  definition "msubstlt c t d s a r =
  1.2874    evaldjf (split conj)
  1.2875 -  [(let cd = c *\<^sub>p d in (lt (CP (~\<^sub>p cd)), Lt (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2876 -  (let cd = c *\<^sub>p d in (lt (CP cd), Lt (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2877 -   (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)) , Lt (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2878 -   (conj (lt (CP c)) (Eq (CP d)) , Lt (Sub (Mul a t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2879 -   (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)) , Lt (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2880 -   (conj (lt (CP d)) (Eq (CP c)) , Lt (Sub (Mul a s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2881 -   (conj (Eq (CP c)) (Eq (CP d)) , Lt r)]"
  1.2882 -
  1.2883 -lemma msubstlt_nb: assumes lp: "islin (Lt (CNP 0 a r))" and t: "tmbound0 t" and s: "tmbound0 s"
  1.2884 +  [(let cd = c *\<^sub>p d
  1.2885 +    in (lt (CP (~\<^sub>p cd)), Lt (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2886 +   (let cd = c *\<^sub>p d
  1.2887 +    in (lt (CP cd), Lt (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2888 +   (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)), Lt (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2889 +   (conj (lt (CP c)) (Eq (CP d)), Lt (Sub (Mul a t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2890 +   (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)), Lt (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2891 +   (conj (lt (CP d)) (Eq (CP c)), Lt (Sub (Mul a s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2892 +   (conj (Eq (CP c)) (Eq (CP d)), Lt r)]"
  1.2893 +
  1.2894 +lemma msubstlt_nb:
  1.2895 +  assumes lp: "islin (Lt (CNP 0 a r))"
  1.2896 +    and t: "tmbound0 t"
  1.2897 +    and s: "tmbound0 s"
  1.2898    shows "bound0 (msubstlt c t d s a r)"
  1.2899 -proof-
  1.2900 -  have th: "\<forall>x\<in> set [(let cd = c *\<^sub>p d in (lt (CP (~\<^sub>p cd)), Lt (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2901 -  (let cd = c *\<^sub>p d in (lt (CP cd), Lt (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2902 -   (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)) , Lt (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2903 -   (conj (lt (CP c)) (Eq (CP d)) , Lt (Sub (Mul a t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2904 -   (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)) , Lt (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2905 -   (conj (lt (CP d)) (Eq (CP c)) , Lt (Sub (Mul a s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2906 -   (conj (Eq (CP c)) (Eq (CP d)) , Lt r)]. bound0 (split conj x)"
  1.2907 -    using lp by (simp add: Let_def t s lt_nb )
  1.2908 -  from evaldjf_bound0[OF th] show ?thesis by (simp add: msubstlt_def)
  1.2909 +proof -
  1.2910 +  have th: "\<forall>x\<in> set
  1.2911 +  [(let cd = c *\<^sub>p d
  1.2912 +    in (lt (CP (~\<^sub>p cd)), Lt (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2913 +   (let cd = c *\<^sub>p d
  1.2914 +    in (lt (CP cd), Lt (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.2915 +   (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)), Lt (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2916 +   (conj (lt (CP c)) (Eq (CP d)), Lt (Sub (Mul a t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.2917 +   (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)), Lt (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2918 +   (conj (lt (CP d)) (Eq (CP c)), Lt (Sub (Mul a s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.2919 +   (conj (Eq (CP c)) (Eq (CP d)), Lt r)]. bound0 (split conj x)"
  1.2920 +    using lp by (simp add: Let_def t s lt_nb)
  1.2921 +  from evaldjf_bound0[OF th] show ?thesis
  1.2922 +    by (simp add: msubstlt_def)
  1.2923  qed
  1.2924  
  1.2925 -
  1.2926 -lemma msubstlt: assumes nc: "isnpoly c" and nd: "isnpoly d" and lp: "islin (Lt (CNP 0 a r))"
  1.2927 +lemma msubstlt:
  1.2928 +  assumes nc: "isnpoly c"
  1.2929 +    and nd: "isnpoly d"
  1.2930 +    and lp: "islin (Lt (CNP 0 a r))"
  1.2931    shows "Ifm vs (x#bs) (msubstlt c t d s a r) \<longleftrightarrow>
  1.2932 -  Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /2)#bs) (Lt (CNP 0 a r))" (is "?lhs = ?rhs")
  1.2933 -proof-
  1.2934 +    Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /2)#bs) (Lt (CNP 0 a r))"
  1.2935 +  (is "?lhs = ?rhs")
  1.2936 +proof -
  1.2937    let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
  1.2938    let ?N = "\<lambda>p. Ipoly vs p"
  1.2939    let ?c = "?N c"
  1.2940 @@ -2235,143 +2931,210 @@
  1.2941    let ?s = "?Nt x s"
  1.2942    let ?a = "?N a"
  1.2943    let ?r = "?Nt x r"
  1.2944 -  from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r" by simp_all
  1.2945 -  note r= tmbound0_I[OF lin(3), of vs _ bs x]
  1.2946 -  have cd_cs: "?c * ?d < 0 \<or> ?c * ?d > 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d < 0) \<or> (?c = 0 \<and> ?d > 0) \<or> (?c < 0 \<and> ?d = 0) \<or> (?c > 0 \<and> ?d = 0)" by auto
  1.2947 +  from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r"
  1.2948 +    by simp_all
  1.2949 +  note r = tmbound0_I[OF lin(3), of vs _ bs x]
  1.2950 +  have cd_cs: "?c * ?d < 0 \<or> ?c * ?d > 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d < 0) \<or> (?c = 0 \<and> ?d > 0) \<or> (?c < 0 \<and> ?d = 0) \<or> (?c > 0 \<and> ?d = 0)"
  1.2951 +    by auto
  1.2952    moreover
  1.2953 -  {assume c: "?c=0" and d: "?d=0"
  1.2954 -    hence ?thesis  using nc nd by (simp add: polyneg_norm lt r[of 0] msubstlt_def Let_def evaldjf_ex)}
  1.2955 +  {
  1.2956 +    assume c: "?c=0" and d: "?d=0"
  1.2957 +    then have ?thesis
  1.2958 +      using nc nd by (simp add: polyneg_norm lt r[of 0] msubstlt_def Let_def evaldjf_ex)
  1.2959 +  }
  1.2960    moreover
  1.2961 -  {assume dc: "?c*?d > 0"
  1.2962 -    from dc have dc': "2*?c *?d > 0" by simp
  1.2963 -    hence c:"?c \<noteq> 0" and d: "?d\<noteq> 0" by auto
  1.2964 +  {
  1.2965 +    assume dc: "?c*?d > 0"
  1.2966 +    from dc have dc': "2*?c *?d > 0"
  1.2967 +      by simp
  1.2968 +    then have c:"?c \<noteq> 0" and d: "?d \<noteq> 0"
  1.2969 +      by auto
  1.2970      from dc' have dc'': "\<not> 2*?c *?d < 0" by simp
  1.2971      from add_frac_eq[OF c d, of "- ?t" "- ?s"]
  1.2972 -    have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2*?c*?d)"
  1.2973 +    have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2 * ?c * ?d)"
  1.2974        by (simp add: field_simps)
  1.2975 -    have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Lt (CNP 0 a r))" by (simp only: th)
  1.2976 +    have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Lt (CNP 0 a r))"
  1.2977 +      by (simp only: th)
  1.2978      also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r < 0"
  1.2979        by (simp add: r[of "(- (?d * ?t) - (?c *?s)) / (2 * ?c * ?d)"])
  1.2980      also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) < 0"
  1.2981 -
  1.2982 -      using dc' dc'' mult_less_cancel_left_disj[of "2 * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r" 0] by simp
  1.2983 +      using dc' dc''
  1.2984 +        mult_less_cancel_left_disj[of "2 * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r" 0]
  1.2985 +      by simp
  1.2986      also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + 2*?c*?d*?r < 0"
  1.2987        using nonzero_mult_divide_cancel_left[of "2*?c*?d"] c d
  1.2988        by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  1.2989      finally  have ?thesis using dc c d  nc nd dc'
  1.2990 -      by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.2991 +      by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"]
  1.2992 +          msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.2993    }
  1.2994    moreover
  1.2995 -  {assume dc: "?c*?d < 0"
  1.2996 -
  1.2997 +  {
  1.2998 +    assume dc: "?c * ?d < 0"
  1.2999      from dc have dc': "2*?c *?d < 0"
  1.3000        by (simp add: mult_less_0_iff field_simps)
  1.3001 -    hence c:"?c \<noteq> 0" and d: "?d\<noteq> 0" by auto
  1.3002 +    then have c:"?c \<noteq> 0" and d: "?d \<noteq> 0"
  1.3003 +      by auto
  1.3004      from add_frac_eq[OF c d, of "- ?t" "- ?s"]
  1.3005 -    have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2*?c*?d)"
  1.3006 +    have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2 * ?c * ?d)"
  1.3007        by (simp add: field_simps)
  1.3008 -    have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Lt (CNP 0 a r))" by (simp only: th)
  1.3009 -    also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r < 0"
  1.3010 +    have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2 * ?c * ?d) # bs) (Lt (CNP 0 a r))"
  1.3011 +      by (simp only: th)
  1.3012 +    also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2 * ?c * ?d)) + ?r < 0"
  1.3013        by (simp add: r[of "(- (?d * ?t) - (?c *?s)) / (2 * ?c * ?d)"])
  1.3014 -
  1.3015 -    also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) > 0"
  1.3016 -
  1.3017 -      using dc' order_less_not_sym[OF dc'] mult_less_cancel_left_disj[of "2 * ?c * ?d" 0 "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r"] by simp
  1.3018 -    also have "\<dots> \<longleftrightarrow> ?a * ((?d * ?t + ?c* ?s )) - 2*?c*?d*?r < 0"
  1.3019 -      using nonzero_mult_divide_cancel_left[of "2*?c*?d"] c d
  1.3020 +    also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c * ?s )/ (2 * ?c * ?d)) + ?r) > 0"
  1.3021 +      using dc' order_less_not_sym[OF dc']
  1.3022 +        mult_less_cancel_left_disj[of "2 * ?c * ?d" 0 "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r"]
  1.3023 +      by simp
  1.3024 +    also have "\<dots> \<longleftrightarrow> ?a * ((?d * ?t + ?c* ?s )) - 2 * ?c * ?d * ?r < 0"
  1.3025 +      using nonzero_mult_divide_cancel_left[of "2 * ?c * ?d"] c d
  1.3026        by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  1.3027 -    finally  have ?thesis using dc c d  nc nd
  1.3028 -      by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3029 +    finally have ?thesis using dc c d nc nd
  1.3030 +      by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"]
  1.3031 +          msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3032    }
  1.3033    moreover
  1.3034 -  {assume c: "?c > 0" and d: "?d=0"
  1.3035 -    from c have c'': "2*?c > 0" by (simp add: zero_less_mult_iff)
  1.3036 -    from c have c': "2*?c \<noteq> 0" by simp
  1.3037 -    from d have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?t / (2*?c)"  by (simp add: field_simps)
  1.3038 -    have "?rhs \<longleftrightarrow> Ifm vs (- ?t / (2*?c) # bs) (Lt (CNP 0 a r))" by (simp only: th)
  1.3039 -    also have "\<dots> \<longleftrightarrow> ?a* (- ?t / (2*?c))+ ?r < 0" by (simp add: r[of "- (?t / (2*?c))"])
  1.3040 -    also have "\<dots> \<longleftrightarrow> 2*?c * (?a* (- ?t / (2*?c))+ ?r) < 0"
  1.3041 -      using c mult_less_cancel_left_disj[of "2 * ?c" "?a* (- ?t / (2*?c))+ ?r" 0] c' c'' order_less_not_sym[OF c''] by simp
  1.3042 -    also have "\<dots> \<longleftrightarrow> - ?a*?t+  2*?c *?r < 0"
  1.3043 +  {
  1.3044 +    assume c: "?c > 0" and d: "?d = 0"
  1.3045 +    from c have c'': "2*?c > 0"
  1.3046 +      by (simp add: zero_less_mult_iff)
  1.3047 +    from c have c': "2 * ?c \<noteq> 0"
  1.3048 +      by simp
  1.3049 +    from d have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?t / (2 * ?c)"
  1.3050 +      by (simp add: field_simps)
  1.3051 +    have "?rhs \<longleftrightarrow> Ifm vs (- ?t / (2 * ?c) # bs) (Lt (CNP 0 a r))"
  1.3052 +      by (simp only: th)
  1.3053 +    also have "\<dots> \<longleftrightarrow> ?a * (- ?t / (2 * ?c))+ ?r < 0"
  1.3054 +      by (simp add: r[of "- (?t / (2 * ?c))"])
  1.3055 +    also have "\<dots> \<longleftrightarrow> 2 * ?c * (?a * (- ?t / (2 * ?c))+ ?r) < 0"
  1.3056 +      using c mult_less_cancel_left_disj[of "2 * ?c" "?a* (- ?t / (2*?c))+ ?r" 0] c' c''
  1.3057 +        order_less_not_sym[OF c'']
  1.3058 +      by simp
  1.3059 +    also have "\<dots> \<longleftrightarrow> - ?a * ?t + 2 * ?c * ?r < 0"
  1.3060        using nonzero_mult_divide_cancel_left[OF c'] c
  1.3061        by (simp add: algebra_simps diff_divide_distrib less_le del: distrib_right)
  1.3062      finally have ?thesis using c d nc nd
  1.3063 -      by(simp add: r[of "- (?t / (2*?c))"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3064 +      by (simp add: r[of "- (?t / (2*?c))"] msubstlt_def Let_def evaldjf_ex field_simps
  1.3065 +          lt polyneg_norm polymul_norm)
  1.3066    }
  1.3067    moreover
  1.3068 -  {assume c: "?c < 0" and d: "?d=0"  hence c': "2*?c \<noteq> 0" by simp
  1.3069 -    from c have c'': "2*?c < 0" by (simp add: mult_less_0_iff)
  1.3070 -    from d have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?t / (2*?c)"  by (simp add: field_simps)
  1.3071 -    have "?rhs \<longleftrightarrow> Ifm vs (- ?t / (2*?c) # bs) (Lt (CNP 0 a r))" by (simp only: th)
  1.3072 -    also have "\<dots> \<longleftrightarrow> ?a* (- ?t / (2*?c))+ ?r < 0" by (simp add: r[of "- (?t / (2*?c))"])
  1.3073 -    also have "\<dots> \<longleftrightarrow> 2*?c * (?a* (- ?t / (2*?c))+ ?r) > 0"
  1.3074 -      using c order_less_not_sym[OF c''] less_imp_neq[OF c''] c'' mult_less_cancel_left_disj[of "2 * ?c" 0 "?a* (- ?t / (2*?c))+ ?r"] by simp
  1.3075 +  {
  1.3076 +    assume c: "?c < 0" and d: "?d = 0"
  1.3077 +    then have c': "2 * ?c \<noteq> 0"
  1.3078 +      by simp
  1.3079 +    from c have c'': "2 * ?c < 0"
  1.3080 +      by (simp add: mult_less_0_iff)
  1.3081 +    from d have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?t / (2 * ?c)"
  1.3082 +      by (simp add: field_simps)
  1.3083 +    have "?rhs \<longleftrightarrow> Ifm vs (- ?t / (2*?c) # bs) (Lt (CNP 0 a r))"
  1.3084 +      by (simp only: th)
  1.3085 +    also have "\<dots> \<longleftrightarrow> ?a * (- ?t / (2*?c))+ ?r < 0"
  1.3086 +      by (simp add: r[of "- (?t / (2*?c))"])
  1.3087 +    also have "\<dots> \<longleftrightarrow> 2 * ?c * (?a * (- ?t / (2 * ?c))+ ?r) > 0"
  1.3088 +      using c order_less_not_sym[OF c''] less_imp_neq[OF c''] c''
  1.3089 +        mult_less_cancel_left_disj[of "2 * ?c" 0 "?a* (- ?t / (2*?c))+ ?r"]
  1.3090 +      by simp
  1.3091      also have "\<dots> \<longleftrightarrow> ?a*?t -  2*?c *?r < 0"
  1.3092 -      using nonzero_mult_divide_cancel_left[OF c'] c order_less_not_sym[OF c''] less_imp_neq[OF c''] c''
  1.3093 -        by (simp add: algebra_simps diff_divide_distrib del:  distrib_right)
  1.3094 +      using nonzero_mult_divide_cancel_left[OF c'] c order_less_not_sym[OF c'']
  1.3095 +          less_imp_neq[OF c''] c''
  1.3096 +        by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  1.3097      finally have ?thesis using c d nc nd
  1.3098 -      by(simp add: r[of "- (?t / (2*?c))"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3099 +      by (simp add: r[of "- (?t / (2*?c))"] msubstlt_def Let_def evaldjf_ex field_simps
  1.3100 +          lt polyneg_norm polymul_norm)
  1.3101    }
  1.3102    moreover
  1.3103 -  {assume c: "?c = 0" and d: "?d>0"
  1.3104 -    from d have d'': "2*?d > 0" by (simp add: zero_less_mult_iff)
  1.3105 -    from d have d': "2*?d \<noteq> 0" by simp
  1.3106 -    from c have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?s / (2*?d)"  by (simp add: field_simps)
  1.3107 -    have "?rhs \<longleftrightarrow> Ifm vs (- ?s / (2*?d) # bs) (Lt (CNP 0 a r))" by (simp only: th)
  1.3108 -    also have "\<dots> \<longleftrightarrow> ?a* (- ?s / (2*?d))+ ?r < 0" by (simp add: r[of "- (?s / (2*?d))"])
  1.3109 -    also have "\<dots> \<longleftrightarrow> 2*?d * (?a* (- ?s / (2*?d))+ ?r) < 0"
  1.3110 -      using d mult_less_cancel_left_disj[of "2 * ?d" "?a* (- ?s / (2*?d))+ ?r" 0] d' d'' order_less_not_sym[OF d''] by simp
  1.3111 -    also have "\<dots> \<longleftrightarrow> - ?a*?s+  2*?d *?r < 0"
  1.3112 +  {
  1.3113 +    assume c: "?c = 0" and d: "?d > 0"
  1.3114 +    from d have d'': "2 * ?d > 0"
  1.3115 +      by (simp add: zero_less_mult_iff)
  1.3116 +    from d have d': "2 * ?d \<noteq> 0"
  1.3117 +      by simp
  1.3118 +    from c have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?s / (2 * ?d)"
  1.3119 +      by (simp add: field_simps)
  1.3120 +    have "?rhs \<longleftrightarrow> Ifm vs (- ?s / (2 * ?d) # bs) (Lt (CNP 0 a r))"
  1.3121 +      by (simp only: th)
  1.3122 +    also have "\<dots> \<longleftrightarrow> ?a * (- ?s / (2 * ?d))+ ?r < 0"
  1.3123 +      by (simp add: r[of "- (?s / (2 * ?d))"])
  1.3124 +    also have "\<dots> \<longleftrightarrow> 2 * ?d * (?a * (- ?s / (2 * ?d))+ ?r) < 0"
  1.3125 +      using d mult_less_cancel_left_disj[of "2 * ?d" "?a * (- ?s / (2 * ?d))+ ?r" 0] d' d''
  1.3126 +        order_less_not_sym[OF d'']
  1.3127 +      by simp
  1.3128 +    also have "\<dots> \<longleftrightarrow> - ?a * ?s+  2 * ?d * ?r < 0"
  1.3129        using nonzero_mult_divide_cancel_left[OF d'] d
  1.3130        by (simp add: algebra_simps diff_divide_distrib less_le del: distrib_right)
  1.3131      finally have ?thesis using c d nc nd
  1.3132 -      by(simp add: r[of "- (?s / (2*?d))"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3133 +      by (simp add: r[of "- (?s / (2*?d))"] msubstlt_def Let_def evaldjf_ex field_simps
  1.3134 +          lt polyneg_norm polymul_norm)
  1.3135    }
  1.3136    moreover
  1.3137 -  {assume c: "?c = 0" and d: "?d<0"  hence d': "2*?d \<noteq> 0" by simp
  1.3138 -    from d have d'': "2*?d < 0" by (simp add: mult_less_0_iff)
  1.3139 -    from c have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?s / (2*?d)"  by (simp add: field_simps)
  1.3140 -    have "?rhs \<longleftrightarrow> Ifm vs (- ?s / (2*?d) # bs) (Lt (CNP 0 a r))" by (simp only: th)
  1.3141 -    also have "\<dots> \<longleftrightarrow> ?a* (- ?s / (2*?d))+ ?r < 0" by (simp add: r[of "- (?s / (2*?d))"])
  1.3142 -    also have "\<dots> \<longleftrightarrow> 2*?d * (?a* (- ?s / (2*?d))+ ?r) > 0"
  1.3143 -      using d order_less_not_sym[OF d''] less_imp_neq[OF d''] d'' mult_less_cancel_left_disj[of "2 * ?d" 0 "?a* (- ?s / (2*?d))+ ?r"] by simp
  1.3144 -    also have "\<dots> \<longleftrightarrow> ?a*?s -  2*?d *?r < 0"
  1.3145 -      using nonzero_mult_divide_cancel_left[OF d'] d order_less_not_sym[OF d''] less_imp_neq[OF d''] d''
  1.3146 -        by (simp add: algebra_simps diff_divide_distrib del:  distrib_right)
  1.3147 +  {
  1.3148 +    assume c: "?c = 0" and d: "?d < 0"
  1.3149 +    then have d': "2 * ?d \<noteq> 0"
  1.3150 +      by simp
  1.3151 +    from d have d'': "2 * ?d < 0"
  1.3152 +      by (simp add: mult_less_0_iff)
  1.3153 +    from c have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?s / (2*?d)"
  1.3154 +      by (simp add: field_simps)
  1.3155 +    have "?rhs \<longleftrightarrow> Ifm vs (- ?s / (2 * ?d) # bs) (Lt (CNP 0 a r))"
  1.3156 +      by (simp only: th)
  1.3157 +    also have "\<dots> \<longleftrightarrow> ?a * (- ?s / (2 * ?d)) + ?r < 0"
  1.3158 +      by (simp add: r[of "- (?s / (2 * ?d))"])
  1.3159 +    also have "\<dots> \<longleftrightarrow> 2 * ?d * (?a * (- ?s / (2 * ?d)) + ?r) > 0"
  1.3160 +      using d order_less_not_sym[OF d''] less_imp_neq[OF d''] d''
  1.3161 +        mult_less_cancel_left_disj[of "2 * ?d" 0 "?a* (- ?s / (2*?d))+ ?r"]
  1.3162 +      by simp
  1.3163 +    also have "\<dots> \<longleftrightarrow> ?a * ?s -  2 * ?d * ?r < 0"
  1.3164 +      using nonzero_mult_divide_cancel_left[OF d'] d order_less_not_sym[OF d'']
  1.3165 +          less_imp_neq[OF d''] d''
  1.3166 +        by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  1.3167      finally have ?thesis using c d nc nd
  1.3168 -      by(simp add: r[of "- (?s / (2*?d))"] msubstlt_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3169 +      by (simp add: r[of "- (?s / (2*?d))"] msubstlt_def Let_def evaldjf_ex field_simps
  1.3170 +          lt polyneg_norm polymul_norm)
  1.3171    }
  1.3172 -ultimately show ?thesis by blast
  1.3173 +  ultimately show ?thesis by blast
  1.3174  qed
  1.3175  
  1.3176  definition "msubstle c t d s a r =
  1.3177    evaldjf (split conj)
  1.3178 -  [(let cd = c *\<^sub>p d in (lt (CP (~\<^sub>p cd)), Le (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.3179 -  (let cd = c *\<^sub>p d in (lt (CP cd), Le (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.3180 -   (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)) , Le (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.3181 -   (conj (lt (CP c)) (Eq (CP d)) , Le (Sub (Mul a t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.3182 -   (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)) , Le (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.3183 -   (conj (lt (CP d)) (Eq (CP c)) , Le (Sub (Mul a s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.3184 -   (conj (Eq (CP c)) (Eq (CP d)) , Le r)]"
  1.3185 -
  1.3186 -lemma msubstle_nb: assumes lp: "islin (Le (CNP 0 a r))" and t: "tmbound0 t" and s: "tmbound0 s"
  1.3187 +   [(let cd = c *\<^sub>p d
  1.3188 +     in (lt (CP (~\<^sub>p cd)), Le (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.3189 +    (let cd = c *\<^sub>p d
  1.3190 +     in (lt (CP cd), Le (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.3191 +    (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)), Le (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.3192 +    (conj (lt (CP c)) (Eq (CP d)), Le (Sub (Mul a t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.3193 +    (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)), Le (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.3194 +    (conj (lt (CP d)) (Eq (CP c)), Le (Sub (Mul a s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.3195 +    (conj (Eq (CP c)) (Eq (CP d)), Le r)]"
  1.3196 +
  1.3197 +lemma msubstle_nb:
  1.3198 +  assumes lp: "islin (Le (CNP 0 a r))"
  1.3199 +    and t: "tmbound0 t"
  1.3200 +    and s: "tmbound0 s"
  1.3201    shows "bound0 (msubstle c t d s a r)"
  1.3202 -proof-
  1.3203 -  have th: "\<forall>x\<in> set [(let cd = c *\<^sub>p d in (lt (CP (~\<^sub>p cd)), Le (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.3204 -  (let cd = c *\<^sub>p d in (lt (CP cd), Le (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.3205 -   (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)) , Le (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.3206 -   (conj (lt (CP c)) (Eq (CP d)) , Le (Sub (Mul a t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.3207 -   (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)) , Le (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.3208 -   (conj (lt (CP d)) (Eq (CP c)) , Le (Sub (Mul a s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.3209 -   (conj (Eq (CP c)) (Eq (CP d)) , Le r)]. bound0 (split conj x)"
  1.3210 -    using lp by (simp add: Let_def t s lt_nb )
  1.3211 -  from evaldjf_bound0[OF th] show ?thesis by (simp add: msubstle_def)
  1.3212 +proof -
  1.3213 +  have th: "\<forall>x\<in> set
  1.3214 +   [(let cd = c *\<^sub>p d
  1.3215 +     in (lt (CP (~\<^sub>p cd)), Le (Add (Mul (~\<^sub>p a) (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.3216 +    (let cd = c *\<^sub>p d
  1.3217 +     in (lt (CP cd), Le (Sub (Mul a (Add (Mul d t) (Mul c s))) (Mul ((2)\<^sub>p *\<^sub>p cd) r)))),
  1.3218 +    (conj (lt (CP (~\<^sub>p c))) (Eq (CP d)) , Le (Add (Mul (~\<^sub>p a) t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.3219 +    (conj (lt (CP c)) (Eq (CP d)) , Le (Sub (Mul a t) (Mul ((2)\<^sub>p *\<^sub>p c) r))),
  1.3220 +    (conj (lt (CP (~\<^sub>p d))) (Eq (CP c)) , Le (Add (Mul (~\<^sub>p a) s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.3221 +    (conj (lt (CP d)) (Eq (CP c)) , Le (Sub (Mul a s) (Mul ((2)\<^sub>p *\<^sub>p d) r))),
  1.3222 +    (conj (Eq (CP c)) (Eq (CP d)) , Le r)]. bound0 (split conj x)"
  1.3223 +    using lp by (simp add: Let_def t s lt_nb)
  1.3224 +  from evaldjf_bound0[OF th] show ?thesis
  1.3225 +    by (simp add: msubstle_def)
  1.3226  qed
  1.3227  
  1.3228 -lemma msubstle: assumes nc: "isnpoly c" and nd: "isnpoly d" and lp: "islin (Le (CNP 0 a r))"
  1.3229 +lemma msubstle:
  1.3230 +  assumes nc: "isnpoly c"
  1.3231 +    and nd: "isnpoly d"
  1.3232 +    and lp: "islin (Le (CNP 0 a r))"
  1.3233    shows "Ifm vs (x#bs) (msubstle c t d s a r) \<longleftrightarrow>
  1.3234 -  Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /2)#bs) (Le (CNP 0 a r))" (is "?lhs = ?rhs")
  1.3235 -proof-
  1.3236 +    Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /2)#bs) (Le (CNP 0 a r))"
  1.3237 +  (is "?lhs = ?rhs")
  1.3238 +proof -
  1.3239    let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
  1.3240    let ?N = "\<lambda>p. Ipoly vs p"
  1.3241    let ?c = "?N c"
  1.3242 @@ -2380,269 +3143,424 @@
  1.3243    let ?s = "?Nt x s"
  1.3244    let ?a = "?N a"
  1.3245    let ?r = "?Nt x r"
  1.3246 -  from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r" by simp_all
  1.3247 -  note r= tmbound0_I[OF lin(3), of vs _ bs x]
  1.3248 -  have cd_cs: "?c * ?d < 0 \<or> ?c * ?d > 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d < 0) \<or> (?c = 0 \<and> ?d > 0) \<or> (?c < 0 \<and> ?d = 0) \<or> (?c > 0 \<and> ?d = 0)" by auto
  1.3249 +  from lp have lin:"isnpoly a" "a \<noteq> 0\<^sub>p" "tmbound0 r" "allpolys isnpoly r"
  1.3250 +    by simp_all
  1.3251 +  note r = tmbound0_I[OF lin(3), of vs _ bs x]
  1.3252 +  have cd_cs: "?c * ?d < 0 \<or> ?c * ?d > 0 \<or> (?c = 0 \<and> ?d = 0) \<or> (?c = 0 \<and> ?d < 0) \<or> (?c = 0 \<and> ?d > 0) \<or> (?c < 0 \<and> ?d = 0) \<or> (?c > 0 \<and> ?d = 0)"
  1.3253 +    by auto
  1.3254    moreover
  1.3255 -  {assume c: "?c=0" and d: "?d=0"
  1.3256 -    hence ?thesis  using nc nd by (simp add: polyneg_norm polymul_norm lt r[of 0] msubstle_def Let_def evaldjf_ex)}
  1.3257 +  {
  1.3258 +    assume c: "?c = 0" and d: "?d = 0"
  1.3259 +    then have ?thesis
  1.3260 +      using nc nd
  1.3261 +      by (simp add: polyneg_norm polymul_norm lt r[of 0] msubstle_def Let_def evaldjf_ex)
  1.3262 +  }
  1.3263    moreover
  1.3264 -  {assume dc: "?c*?d > 0"
  1.3265 -    from dc have dc': "2*?c *?d > 0" by simp
  1.3266 -    hence c:"?c \<noteq> 0" and d: "?d\<noteq> 0" by auto
  1.3267 -    from dc' have dc'': "\<not> 2*?c *?d < 0" by simp
  1.3268 +  {
  1.3269 +    assume dc: "?c * ?d > 0"
  1.3270 +    from dc have dc': "2 * ?c * ?d > 0"
  1.3271 +      by simp
  1.3272 +    then have c: "?c \<noteq> 0" and d: "?d \<noteq> 0"
  1.3273 +      by auto
  1.3274 +    from dc' have dc'': "\<not> 2 * ?c * ?d < 0"
  1.3275 +      by simp
  1.3276      from add_frac_eq[OF c d, of "- ?t" "- ?s"]
  1.3277 -    have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2*?c*?d)"
  1.3278 +    have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c * ?s )/ (2 * ?c * ?d)"
  1.3279        by (simp add: field_simps)
  1.3280 -    have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Le (CNP 0 a r))" by (simp only: th)
  1.3281 -    also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r <= 0"
  1.3282 +    have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Le (CNP 0 a r))"
  1.3283 +      by (simp only: th)
  1.3284 +    also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r \<le> 0"
  1.3285        by (simp add: r[of "(- (?d * ?t) - (?c *?s)) / (2 * ?c * ?d)"])
  1.3286 -    also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) <= 0"
  1.3287 -
  1.3288 -      using dc' dc'' mult_le_cancel_left[of "2 * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r" 0] by simp
  1.3289 -    also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + 2*?c*?d*?r <= 0"
  1.3290 +    also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) \<le> 0"
  1.3291 +      using dc' dc''
  1.3292 +        mult_le_cancel_left[of "2 * ?c * ?d" "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r" 0]
  1.3293 +      by simp
  1.3294 +    also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )) + 2*?c*?d*?r \<le> 0"
  1.3295        using nonzero_mult_divide_cancel_left[of "2*?c*?d"] c d
  1.3296        by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  1.3297      finally  have ?thesis using dc c d  nc nd dc'
  1.3298 -      by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3299 +      by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubstle_def
  1.3300 +          Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3301    }
  1.3302    moreover
  1.3303 -  {assume dc: "?c*?d < 0"
  1.3304 -
  1.3305 -    from dc have dc': "2*?c *?d < 0"
  1.3306 +  {
  1.3307 +    assume dc: "?c * ?d < 0"
  1.3308 +    from dc have dc': "2 * ?c * ?d < 0"
  1.3309        by (simp add: mult_less_0_iff field_simps add_neg_neg add_pos_pos)
  1.3310 -    hence c:"?c \<noteq> 0" and d: "?d\<noteq> 0" by auto
  1.3311 +    then have c: "?c \<noteq> 0" and d: "?d \<noteq> 0"
  1.3312 +      by auto
  1.3313      from add_frac_eq[OF c d, of "- ?t" "- ?s"]
  1.3314 -    have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2*?c*?d)"
  1.3315 +    have th: "(- ?t / ?c + - ?s / ?d)/2 = - (?d * ?t + ?c* ?s )/ (2 * ?c * ?d)"
  1.3316        by (simp add: field_simps)
  1.3317 -    have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Le (CNP 0 a r))" by (simp only: th)
  1.3318 -    also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r <= 0"
  1.3319 +    have "?rhs \<longleftrightarrow> Ifm vs (- (?d * ?t + ?c* ?s )/ (2*?c*?d) # bs) (Le (CNP 0 a r))"
  1.3320 +      by (simp only: th)
  1.3321 +    also have "\<dots> \<longleftrightarrow> ?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r \<le> 0"
  1.3322        by (simp add: r[of "(- (?d * ?t) - (?c *?s)) / (2 * ?c * ?d)"])
  1.3323 -
  1.3324 -    also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) >= 0"
  1.3325 -
  1.3326 -      using dc' order_less_not_sym[OF dc'] mult_le_cancel_left[of "2 * ?c * ?d" 0 "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r"] by simp
  1.3327 -    also have "\<dots> \<longleftrightarrow> ?a * ((?d * ?t + ?c* ?s )) - 2*?c*?d*?r <= 0"
  1.3328 -      using nonzero_mult_divide_cancel_left[of "2*?c*?d"] c d
  1.3329 +    also have "\<dots> \<longleftrightarrow> (2 * ?c * ?d) * (?a * (- (?d * ?t + ?c* ?s )/ (2*?c*?d)) + ?r) \<ge> 0"
  1.3330 +      using dc' order_less_not_sym[OF dc']
  1.3331 +        mult_le_cancel_left[of "2 * ?c * ?d" 0 "?a * (- (?d * ?t + ?c* ?s)/ (2*?c*?d)) + ?r"]
  1.3332 +      by simp
  1.3333 +    also have "\<dots> \<longleftrightarrow> ?a * ((?d * ?t + ?c* ?s )) - 2 * ?c * ?d * ?r \<le> 0"
  1.3334 +      using nonzero_mult_divide_cancel_left[of "2 * ?c * ?d"] c d
  1.3335        by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  1.3336      finally  have ?thesis using dc c d  nc nd
  1.3337 -      by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3338 +      by (simp add: r[of "(- (?d * ?t) + - (?c *?s)) / (2 * ?c * ?d)"] msubstle_def
  1.3339 +          Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3340    }
  1.3341    moreover
  1.3342 -  {assume c: "?c > 0" and d: "?d=0"
  1.3343 -    from c have c'': "2*?c > 0" by (simp add: zero_less_mult_iff)
  1.3344 -    from c have c': "2*?c \<noteq> 0" by simp
  1.3345 -    from d have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?t / (2*?c)"  by (simp add: field_simps)
  1.3346 -    have "?rhs \<longleftrightarrow> Ifm vs (- ?t / (2*?c) # bs) (Le (CNP 0 a r))" by (simp only: th)
  1.3347 -    also have "\<dots> \<longleftrightarrow> ?a* (- ?t / (2*?c))+ ?r <= 0" by (simp add: r[of "- (?t / (2*?c))"])
  1.3348 -    also have "\<dots> \<longleftrightarrow> 2*?c * (?a* (- ?t / (2*?c))+ ?r) <= 0"
  1.3349 -      using c mult_le_cancel_left[of "2 * ?c" "?a* (- ?t / (2*?c))+ ?r" 0] c' c'' order_less_not_sym[OF c''] by simp
  1.3350 -    also have "\<dots> \<longleftrightarrow> - ?a*?t+  2*?c *?r <= 0"
  1.3351 +  {
  1.3352 +    assume c: "?c > 0" and d: "?d = 0"
  1.3353 +    from c have c'': "2 * ?c > 0"
  1.3354 +      by (simp add: zero_less_mult_iff)
  1.3355 +    from c have c': "2 * ?c \<noteq> 0"
  1.3356 +      by simp
  1.3357 +    from d have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?t / (2*?c)"
  1.3358 +      by (simp add: field_simps)
  1.3359 +    have "?rhs \<longleftrightarrow> Ifm vs (- ?t / (2 * ?c) # bs) (Le (CNP 0 a r))"
  1.3360 +      by (simp only: th)
  1.3361 +    also have "\<dots> \<longleftrightarrow> ?a * (- ?t / (2 * ?c))+ ?r \<le> 0"
  1.3362 +      by (simp add: r[of "- (?t / (2 * ?c))"])
  1.3363 +    also have "\<dots> \<longleftrightarrow> 2 * ?c * (?a * (- ?t / (2 * ?c))+ ?r) \<le> 0"
  1.3364 +      using c mult_le_cancel_left[of "2 * ?c" "?a* (- ?t / (2*?c))+ ?r" 0] c' c''
  1.3365 +        order_less_not_sym[OF c'']
  1.3366 +      by simp
  1.3367 +    also have "\<dots> \<longleftrightarrow> - ?a*?t+  2*?c *?r \<le> 0"
  1.3368        using nonzero_mult_divide_cancel_left[OF c'] c
  1.3369        by (simp add: algebra_simps diff_divide_distrib less_le del: distrib_right)
  1.3370      finally have ?thesis using c d nc nd
  1.3371 -      by(simp add: r[of "- (?t / (2*?c))"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3372 +      by (simp add: r[of "- (?t / (2*?c))"] msubstle_def Let_def
  1.3373 +          evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3374    }
  1.3375    moreover
  1.3376 -  {assume c: "?c < 0" and d: "?d=0"  hence c': "2*?c \<noteq> 0" by simp
  1.3377 -    from c have c'': "2*?c < 0" by (simp add: mult_less_0_iff)
  1.3378 -    from d have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?t / (2*?c)"  by (simp add: field_simps)
  1.3379 -    have "?rhs \<longleftrightarrow> Ifm vs (- ?t / (2*?c) # bs) (Le (CNP 0 a r))" by (simp only: th)
  1.3380 -    also have "\<dots> \<longleftrightarrow> ?a* (- ?t / (2*?c))+ ?r <= 0" by (simp add: r[of "- (?t / (2*?c))"])
  1.3381 -    also have "\<dots> \<longleftrightarrow> 2*?c * (?a* (- ?t / (2*?c))+ ?r) >= 0"
  1.3382 -      using c order_less_not_sym[OF c''] less_imp_neq[OF c''] c'' mult_le_cancel_left[of "2 * ?c" 0 "?a* (- ?t / (2*?c))+ ?r"] by simp
  1.3383 -    also have "\<dots> \<longleftrightarrow> ?a*?t -  2*?c *?r <= 0"
  1.3384 -      using nonzero_mult_divide_cancel_left[OF c'] c order_less_not_sym[OF c''] less_imp_neq[OF c''] c''
  1.3385 -        by (simp add: algebra_simps diff_divide_distrib del:  distrib_right)
  1.3386 +  {
  1.3387 +    assume c: "?c < 0" and d: "?d = 0"
  1.3388 +    then have c': "2 * ?c \<noteq> 0"
  1.3389 +      by simp
  1.3390 +    from c have c'': "2 * ?c < 0"
  1.3391 +      by (simp add: mult_less_0_iff)
  1.3392 +    from d have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?t / (2*?c)"
  1.3393 +      by (simp add: field_simps)
  1.3394 +    have "?rhs \<longleftrightarrow> Ifm vs (- ?t / (2 * ?c) # bs) (Le (CNP 0 a r))"
  1.3395 +      by (simp only: th)
  1.3396 +    also have "\<dots> \<longleftrightarrow> ?a * (- ?t / (2*?c))+ ?r \<le> 0"
  1.3397 +      by (simp add: r[of "- (?t / (2*?c))"])
  1.3398 +    also have "\<dots> \<longleftrightarrow> 2 * ?c * (?a * (- ?t / (2 * ?c))+ ?r) \<ge> 0"
  1.3399 +      using c order_less_not_sym[OF c''] less_imp_neq[OF c''] c''
  1.3400 +        mult_le_cancel_left[of "2 * ?c" 0 "?a* (- ?t / (2*?c))+ ?r"]
  1.3401 +      by simp
  1.3402 +    also have "\<dots> \<longleftrightarrow> ?a * ?t - 2 * ?c * ?r \<le> 0"
  1.3403 +      using nonzero_mult_divide_cancel_left[OF c'] c order_less_not_sym[OF c'']
  1.3404 +          less_imp_neq[OF c''] c''
  1.3405 +        by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  1.3406      finally have ?thesis using c d nc nd
  1.3407 -      by(simp add: r[of "- (?t / (2*?c))"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3408 +      by (simp add: r[of "- (?t / (2*?c))"] msubstle_def Let_def
  1.3409 +          evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3410    }
  1.3411    moreover
  1.3412 -  {assume c: "?c = 0" and d: "?d>0"
  1.3413 -    from d have d'': "2*?d > 0" by (simp add: zero_less_mult_iff)
  1.3414 -    from d have d': "2*?d \<noteq> 0" by simp
  1.3415 -    from c have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?s / (2*?d)"  by (simp add: field_simps)
  1.3416 -    have "?rhs \<longleftrightarrow> Ifm vs (- ?s / (2*?d) # bs) (Le (CNP 0 a r))" by (simp only: th)
  1.3417 -    also have "\<dots> \<longleftrightarrow> ?a* (- ?s / (2*?d))+ ?r <= 0" by (simp add: r[of "- (?s / (2*?d))"])
  1.3418 -    also have "\<dots> \<longleftrightarrow> 2*?d * (?a* (- ?s / (2*?d))+ ?r) <= 0"
  1.3419 -      using d mult_le_cancel_left[of "2 * ?d" "?a* (- ?s / (2*?d))+ ?r" 0] d' d'' order_less_not_sym[OF d''] by simp
  1.3420 -    also have "\<dots> \<longleftrightarrow> - ?a*?s+  2*?d *?r <= 0"
  1.3421 +  {
  1.3422 +    assume c: "?c = 0" and d: "?d > 0"
  1.3423 +    from d have d'': "2 * ?d > 0"
  1.3424 +      by (simp add: zero_less_mult_iff)
  1.3425 +    from d have d': "2 * ?d \<noteq> 0"
  1.3426 +      by simp
  1.3427 +    from c have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?s / (2 * ?d)"
  1.3428 +      by (simp add: field_simps)
  1.3429 +    have "?rhs \<longleftrightarrow> Ifm vs (- ?s / (2 * ?d) # bs) (Le (CNP 0 a r))"
  1.3430 +      by (simp only: th)
  1.3431 +    also have "\<dots> \<longleftrightarrow> ?a * (- ?s / (2 * ?d))+ ?r \<le> 0"
  1.3432 +      by (simp add: r[of "- (?s / (2*?d))"])
  1.3433 +    also have "\<dots> \<longleftrightarrow> 2 * ?d * (?a * (- ?s / (2 * ?d)) + ?r) \<le> 0"
  1.3434 +      using d mult_le_cancel_left[of "2 * ?d" "?a* (- ?s / (2*?d))+ ?r" 0] d' d''
  1.3435 +        order_less_not_sym[OF d'']
  1.3436 +      by simp
  1.3437 +    also have "\<dots> \<longleftrightarrow> - ?a * ?s + 2 * ?d * ?r \<le> 0"
  1.3438        using nonzero_mult_divide_cancel_left[OF d'] d
  1.3439        by (simp add: algebra_simps diff_divide_distrib less_le del: distrib_right)
  1.3440      finally have ?thesis using c d nc nd
  1.3441 -      by(simp add: r[of "- (?s / (2*?d))"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3442 +      by (simp add: r[of "- (?s / (2*?d))"] msubstle_def Let_def
  1.3443 +          evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3444    }
  1.3445    moreover
  1.3446 -  {assume c: "?c = 0" and d: "?d<0"  hence d': "2*?d \<noteq> 0" by simp
  1.3447 -    from d have d'': "2*?d < 0" by (simp add: mult_less_0_iff)
  1.3448 -    from c have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?s / (2*?d)"  by (simp add: field_simps)
  1.3449 -    have "?rhs \<longleftrightarrow> Ifm vs (- ?s / (2*?d) # bs) (Le (CNP 0 a r))" by (simp only: th)
  1.3450 -    also have "\<dots> \<longleftrightarrow> ?a* (- ?s / (2*?d))+ ?r <= 0" by (simp add: r[of "- (?s / (2*?d))"])
  1.3451 -    also have "\<dots> \<longleftrightarrow> 2*?d * (?a* (- ?s / (2*?d))+ ?r) >= 0"
  1.3452 -      using d order_less_not_sym[OF d''] less_imp_neq[OF d''] d'' mult_le_cancel_left[of "2 * ?d" 0 "?a* (- ?s / (2*?d))+ ?r"] by simp
  1.3453 -    also have "\<dots> \<longleftrightarrow> ?a*?s -  2*?d *?r <= 0"
  1.3454 -      using nonzero_mult_divide_cancel_left[OF d'] d order_less_not_sym[OF d''] less_imp_neq[OF d''] d''
  1.3455 -        by (simp add: algebra_simps diff_divide_distrib del:  distrib_right)
  1.3456 +  {
  1.3457 +    assume c: "?c = 0" and d: "?d < 0"
  1.3458 +    then have d': "2 * ?d \<noteq> 0"
  1.3459 +      by simp
  1.3460 +    from d have d'': "2 * ?d < 0"
  1.3461 +      by (simp add: mult_less_0_iff)
  1.3462 +    from c have th: "(- ?t / ?c + - ?s / ?d)/2 = - ?s / (2*?d)"
  1.3463 +      by (simp add: field_simps)
  1.3464 +    have "?rhs \<longleftrightarrow> Ifm vs (- ?s / (2*?d) # bs) (Le (CNP 0 a r))"
  1.3465 +      by (simp only: th)
  1.3466 +    also have "\<dots> \<longleftrightarrow> ?a* (- ?s / (2*?d))+ ?r \<le> 0"
  1.3467 +      by (simp add: r[of "- (?s / (2*?d))"])
  1.3468 +    also have "\<dots> \<longleftrightarrow> 2*?d * (?a* (- ?s / (2*?d))+ ?r) \<ge> 0"
  1.3469 +      using d order_less_not_sym[OF d''] less_imp_neq[OF d''] d''
  1.3470 +        mult_le_cancel_left[of "2 * ?d" 0 "?a* (- ?s / (2*?d))+ ?r"]
  1.3471 +      by simp
  1.3472 +    also have "\<dots> \<longleftrightarrow> ?a * ?s -  2 * ?d * ?r \<le> 0"
  1.3473 +      using nonzero_mult_divide_cancel_left[OF d'] d order_less_not_sym[OF d'']
  1.3474 +          less_imp_neq[OF d''] d''
  1.3475 +        by (simp add: algebra_simps diff_divide_distrib del: distrib_right)
  1.3476      finally have ?thesis using c d nc nd
  1.3477 -      by(simp add: r[of "- (?s / (2*?d))"] msubstle_def Let_def evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3478 +      by (simp add: r[of "- (?s / (2*?d))"] msubstle_def Let_def
  1.3479 +          evaldjf_ex field_simps lt polyneg_norm polymul_norm)
  1.3480    }
  1.3481 -ultimately show ?thesis by blast
  1.3482 +  ultimately show ?thesis by blast
  1.3483  qed
  1.3484  
  1.3485 -
  1.3486 -fun msubst :: "fm \<Rightarrow> (poly \<times> tm) \<times> (poly \<times> tm) \<Rightarrow> fm" where
  1.3487 -  "msubst (And p q) ((c,t), (d,s)) = conj (msubst p ((c,t),(d,s))) (msubst q ((c,t),(d,s)))"
  1.3488 -| "msubst (Or p q) ((c,t), (d,s)) = disj (msubst p ((c,t),(d,s))) (msubst q ((c,t), (d,s)))"
  1.3489 -| "msubst (Eq (CNP 0 a r)) ((c,t),(d,s)) = msubsteq c t d s a r"
  1.3490 -| "msubst (NEq (CNP 0 a r)) ((c,t),(d,s)) = msubstneq c t d s a r"
  1.3491 -| "msubst (Lt (CNP 0 a r)) ((c,t),(d,s)) = msubstlt c t d s a r"
  1.3492 -| "msubst (Le (CNP 0 a r)) ((c,t),(d,s)) = msubstle c t d s a r"
  1.3493 -| "msubst p ((c,t),(d,s)) = p"
  1.3494 -
  1.3495 -lemma msubst_I: assumes lp: "islin p" and nc: "isnpoly c" and nd: "isnpoly d"
  1.3496 -  shows "Ifm vs (x#bs) (msubst p ((c,t),(d,s))) = Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /2)#bs) p"
  1.3497 -  using lp by (induct p rule: islin.induct)
  1.3498 +fun msubst :: "fm \<Rightarrow> (poly \<times> tm) \<times> (poly \<times> tm) \<Rightarrow> fm"
  1.3499 +where
  1.3500 +  "msubst (And p q) ((c, t), (d, s)) = conj (msubst p ((c,t),(d,s))) (msubst q ((c, t), (d, s)))"
  1.3501 +| "msubst (Or p q) ((c, t), (d, s)) = disj (msubst p ((c,t),(d,s))) (msubst q ((c, t), (d, s)))"
  1.3502 +| "msubst (Eq (CNP 0 a r)) ((c, t), (d, s)) = msubsteq c t d s a r"
  1.3503 +| "msubst (NEq (CNP 0 a r)) ((c, t), (d, s)) = msubstneq c t d s a r"
  1.3504 +| "msubst (Lt (CNP 0 a r)) ((c, t), (d, s)) = msubstlt c t d s a r"
  1.3505 +| "msubst (Le (CNP 0 a r)) ((c, t), (d, s)) = msubstle c t d s a r"
  1.3506 +| "msubst p ((c, t), (d, s)) = p"
  1.3507 +
  1.3508 +lemma msubst_I:
  1.3509 +  assumes lp: "islin p"
  1.3510 +    and nc: "isnpoly c"
  1.3511 +    and nd: "isnpoly d"
  1.3512 +  shows "Ifm vs (x#bs) (msubst p ((c,t),(d,s))) =
  1.3513 +    Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs c + - Itm vs (x#bs) s / Ipoly vs d) /2)#bs) p"
  1.3514 +  using lp
  1.3515 +  by (induct p rule: islin.induct)
  1.3516      (auto simp add: tmbound0_I
  1.3517 -    [where b = "(- (Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>) - (Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>)) / 2"
  1.3518 -      and b' = x and bs = bs and vs = vs]
  1.3519 -    msubsteq msubstneq msubstlt [OF nc nd] msubstle [OF nc nd])
  1.3520 -
  1.3521 -lemma msubst_nb: assumes lp: "islin p" and t: "tmbound0 t" and s: "tmbound0 s"
  1.3522 +      [where b = "(- (Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>) - (Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>)) / 2"
  1.3523 +        and b' = x and bs = bs and vs = vs]
  1.3524 +      msubsteq msubstneq msubstlt [OF nc nd] msubstle [OF nc nd])
  1.3525 +
  1.3526 +lemma msubst_nb:
  1.3527 +  assumes lp: "islin p"
  1.3528 +    and t: "tmbound0 t"
  1.3529 +    and s: "tmbound0 s"
  1.3530    shows "bound0 (msubst p ((c,t),(d,s)))"
  1.3531    using lp t s
  1.3532    by (induct p rule: islin.induct, auto simp add: msubsteq_nb msubstneq_nb msubstlt_nb msubstle_nb)
  1.3533  
  1.3534  lemma fr_eq_msubst:
  1.3535    assumes lp: "islin p"
  1.3536 -  shows "(\<exists>x. Ifm vs (x#bs) p) = ((Ifm vs (x#bs) (minusinf p)) \<or> (Ifm vs (x#bs) (plusinf p)) \<or> (\<exists>(c,t) \<in> set (uset p). \<exists>(d,s) \<in> set (uset p). Ifm vs (x#bs) (msubst p ((c,t),(d,s)))))"
  1.3537 +  shows "(\<exists>x. Ifm vs (x#bs) p) \<longleftrightarrow>
  1.3538 +    (Ifm vs (x#bs) (minusinf p) \<or>
  1.3539 +     Ifm vs (x#bs) (plusinf p) \<or>
  1.3540 +     (\<exists>(c, t) \<in> set (uset p). \<exists>(d, s) \<in> set (uset p).
  1.3541 +      Ifm vs (x#bs) (msubst p ((c, t), (d, s)))))"
  1.3542    (is "(\<exists>x. ?I x p) = (?M \<or> ?P \<or> ?F)" is "?E = ?D")
  1.3543 -proof-
  1.3544 -from uset_l[OF lp] have th: "\<forall>(c, s)\<in>set (uset p). isnpoly c \<and> tmbound0 s" by blast
  1.3545 -{fix c t d s assume ctU: "(c,t) \<in>set (uset p)" and dsU: "(d,s) \<in>set (uset p)"
  1.3546 -  and pts: "Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p"
  1.3547 -  from th[rule_format, OF ctU] th[rule_format, OF dsU] have norm:"isnpoly c" "isnpoly d" by simp_all
  1.3548 -  from msubst_I[OF lp norm, of vs x bs t s] pts
  1.3549 -  have "Ifm vs (x # bs) (msubst p ((c, t), d, s))" ..}
  1.3550 -moreover
  1.3551 -{fix c t d s assume ctU: "(c,t) \<in>set (uset p)" and dsU: "(d,s) \<in>set (uset p)"
  1.3552 -  and pts: "Ifm vs (x # bs) (msubst p ((c, t), d, s))"
  1.3553 -  from th[rule_format, OF ctU] th[rule_format, OF dsU] have norm:"isnpoly c" "isnpoly d" by simp_all
  1.3554 -  from msubst_I[OF lp norm, of vs x bs t s] pts
  1.3555 -  have "Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p" ..}
  1.3556 -ultimately have th': "(\<exists>(c,t) \<in> set (uset p). \<exists>(d,s) \<in> set (uset p). Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p) \<longleftrightarrow> ?F" by blast
  1.3557 -from fr_eq[OF lp, of vs bs x, simplified th'] show ?thesis .
  1.3558 +proof -
  1.3559 +  from uset_l[OF lp]
  1.3560 +  have th: "\<forall>(c, s)\<in>set (uset p). isnpoly c \<and> tmbound0 s"
  1.3561 +    by blast
  1.3562 +  {
  1.3563 +    fix c t d s
  1.3564 +    assume ctU: "(c, t) \<in>set (uset p)"
  1.3565 +      and dsU: "(d,s) \<in>set (uset p)"
  1.3566 +      and pts: "Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p"
  1.3567 +    from th[rule_format, OF ctU] th[rule_format, OF dsU] have norm:"isnpoly c" "isnpoly d"
  1.3568 +      by simp_all
  1.3569 +    from msubst_I[OF lp norm, of vs x bs t s] pts
  1.3570 +    have "Ifm vs (x # bs) (msubst p ((c, t), d, s))" ..
  1.3571 +  }
  1.3572 +  moreover
  1.3573 +  {
  1.3574 +    fix c t d s
  1.3575 +    assume ctU: "(c, t) \<in> set (uset p)"
  1.3576 +      and dsU: "(d,s) \<in>set (uset p)"
  1.3577 +      and pts: "Ifm vs (x # bs) (msubst p ((c, t), d, s))"
  1.3578 +    from th[rule_format, OF ctU] th[rule_format, OF dsU] have norm:"isnpoly c" "isnpoly d"
  1.3579 +      by simp_all
  1.3580 +    from msubst_I[OF lp norm, of vs x bs t s] pts
  1.3581 +    have "Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p" ..
  1.3582 +  }
  1.3583 +  ultimately have th': "(\<exists>(c, t) \<in> set (uset p). \<exists>(d, s) \<in> set (uset p).
  1.3584 +      Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p) \<longleftrightarrow> ?F"
  1.3585 +    by blast
  1.3586 +  from fr_eq[OF lp, of vs bs x, simplified th'] show ?thesis .
  1.3587  qed
  1.3588  
  1.3589 -lemma simpfm_lin:   assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1.3590 +lemma simpfm_lin:
  1.3591 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1.3592    shows "qfree p \<Longrightarrow> islin (simpfm p)"
  1.3593 -  by (induct p rule: simpfm.induct, auto simp add: conj_lin disj_lin)
  1.3594 -
  1.3595 -definition
  1.3596 -  "ferrack p \<equiv> let q = simpfm p ; mp = minusinf q ; pp = plusinf q
  1.3597 -  in if (mp = T \<or> pp = T) then T
  1.3598 -     else (let U = alluopairs (remdups (uset  q))
  1.3599 -           in decr0 (disj mp (disj pp (evaldjf (simpfm o (msubst q)) U ))))"
  1.3600 +  by (induct p rule: simpfm.induct) (auto simp add: conj_lin disj_lin)
  1.3601 +
  1.3602 +definition "ferrack p \<equiv>
  1.3603 +  let
  1.3604 +    q = simpfm p;
  1.3605 +    mp = minusinf q;
  1.3606 +    pp = plusinf q
  1.3607 +  in
  1.3608 +    if (mp = T \<or> pp = T) then T
  1.3609 +    else
  1.3610 +     (let U = alluopairs (remdups (uset  q))
  1.3611 +      in decr0 (disj mp (disj pp (evaldjf (simpfm o (msubst q)) U ))))"
  1.3612  
  1.3613  lemma ferrack:
  1.3614    assumes qf: "qfree p"
  1.3615 -  shows "qfree (ferrack p) \<and> ((Ifm vs bs (ferrack p)) = (Ifm vs bs (E p)))"
  1.3616 -  (is "_ \<and> (?rhs = ?lhs)")
  1.3617 -proof-
  1.3618 -  let ?I = "\<lambda> x p. Ifm vs (x#bs) p"
  1.3619 -  let ?N = "\<lambda> t. Ipoly vs t"
  1.3620 +  shows "qfree (ferrack p) \<and> Ifm vs bs (ferrack p) = Ifm vs bs (E p)"
  1.3621 +  (is "_ \<and> ?rhs = ?lhs")
  1.3622 +proof -
  1.3623 +  let ?I = "\<lambda>x p. Ifm vs (x#bs) p"
  1.3624 +  let ?N = "\<lambda>t. Ipoly vs t"
  1.3625    let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
  1.3626    let ?q = "simpfm p"
  1.3627    let ?U = "remdups(uset ?q)"
  1.3628    let ?Up = "alluopairs ?U"
  1.3629    let ?mp = "minusinf ?q"
  1.3630    let ?pp = "plusinf ?q"
  1.3631 +  fix x
  1.3632    let ?I = "\<lambda>p. Ifm vs (x#bs) p"
  1.3633    from simpfm_lin[OF qf] simpfm_qf[OF qf] have lq: "islin ?q" and q_qf: "qfree ?q" .
  1.3634    from minusinf_nb[OF lq] plusinf_nb[OF lq] have mp_nb: "bound0 ?mp" and pp_nb: "bound0 ?pp" .
  1.3635    from bound0_qf[OF mp_nb] bound0_qf[OF pp_nb] have mp_qf: "qfree ?mp" and pp_qf: "qfree ?pp" .
  1.3636    from uset_l[OF lq] have U_l: "\<forall>(c, s)\<in>set ?U. isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s"
  1.3637      by simp
  1.3638 -  {fix c t d s assume ctU: "(c,t) \<in> set ?U" and dsU: "(d,s) \<in> set ?U"
  1.3639 -    from U_l ctU dsU have norm: "isnpoly c" "isnpoly d" by auto
  1.3640 +  {
  1.3641 +    fix c t d s
  1.3642 +    assume ctU: "(c, t) \<in> set ?U"
  1.3643 +      and dsU: "(d,s) \<in> set ?U"
  1.3644 +    from U_l ctU dsU have norm: "isnpoly c" "isnpoly d"
  1.3645 +      by auto
  1.3646      from msubst_I[OF lq norm, of vs x bs t s] msubst_I[OF lq norm(2,1), of vs x bs s t]
  1.3647 -    have "?I (msubst ?q ((c,t),(d,s))) = ?I (msubst ?q ((d,s),(c,t)))" by (simp add: field_simps)}
  1.3648 -  hence th0: "\<forall>x \<in> set ?U. \<forall>y \<in> set ?U. ?I (msubst ?q (x, y)) \<longleftrightarrow> ?I (msubst ?q (y, x))" by clarsimp
  1.3649 -  {fix x assume xUp: "x \<in> set ?Up"
  1.3650 -    then  obtain c t d s where ctU: "(c,t) \<in> set ?U" and dsU: "(d,s) \<in> set ?U"
  1.3651 -      and x: "x = ((c,t),(d,s))" using alluopairs_set1[of ?U] by auto
  1.3652 +    have "?I (msubst ?q ((c,t),(d,s))) = ?I (msubst ?q ((d,s),(c,t)))"
  1.3653 +      by (simp add: field_simps)
  1.3654 +  }
  1.3655 +  then have th0: "\<forall>x \<in> set ?U. \<forall>y \<in> set ?U. ?I (msubst ?q (x, y)) \<longleftrightarrow> ?I (msubst ?q (y, x))"
  1.3656 +    by auto
  1.3657 +  {
  1.3658 +    fix x
  1.3659 +    assume xUp: "x \<in> set ?Up"
  1.3660 +    then obtain c t d s
  1.3661 +      where ctU: "(c, t) \<in> set ?U"
  1.3662 +        and dsU: "(d,s) \<in> set ?U"
  1.3663 +        and x: "x = ((c, t),(d, s))"
  1.3664 +      using alluopairs_set1[of ?U] by auto
  1.3665      from U_l[rule_format, OF ctU] U_l[rule_format, OF dsU]
  1.3666      have nbs: "tmbound0 t" "tmbound0 s" by simp_all
  1.3667      from simpfm_bound0[OF msubst_nb[OF lq nbs, of c d]]
  1.3668 -    have "bound0 ((simpfm o (msubst (simpfm p))) x)" using x by simp}
  1.3669 +    have "bound0 ((simpfm o (msubst (simpfm p))) x)"
  1.3670 +      using x by simp
  1.3671 +  }
  1.3672    with evaldjf_bound0[of ?Up "(simpfm o (msubst (simpfm p)))"]
  1.3673    have "bound0 (evaldjf (simpfm o (msubst (simpfm p))) ?Up)" by blast
  1.3674    with mp_nb pp_nb
  1.3675 -  have th1: "bound0 (disj ?mp (disj ?pp (evaldjf (simpfm o (msubst ?q)) ?Up )))" by simp
  1.3676 -  from decr0_qf[OF th1] have thqf: "qfree (ferrack p)" by (simp add: ferrack_def Let_def)
  1.3677 -  have "?lhs \<longleftrightarrow> (\<exists>x. Ifm vs (x#bs) ?q)" by simp
  1.3678 -  also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> (\<exists>(c, t)\<in>set ?U. \<exists>(d, s)\<in>set ?U. ?I (msubst (simpfm p) ((c, t), d, s)))" using fr_eq_msubst[OF lq, of vs bs x] by simp
  1.3679 -  also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> (\<exists>(x,y) \<in> set ?Up. ?I ((simpfm o (msubst ?q)) (x,y)))" using alluopairs_bex[OF th0] by simp
  1.3680 -  also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (evaldjf (simpfm o (msubst ?q)) ?Up)"
  1.3681 +  have th1: "bound0 (disj ?mp (disj ?pp (evaldjf (simpfm o (msubst ?q)) ?Up )))"
  1.3682 +    by simp
  1.3683 +  from decr0_qf[OF th1] have thqf: "qfree (ferrack p)"
  1.3684 +    by (simp add: ferrack_def Let_def)
  1.3685 +  have "?lhs \<longleftrightarrow> (\<exists>x. Ifm vs (x#bs) ?q)"
  1.3686 +    by simp
  1.3687 +  also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or>
  1.3688 +      (\<exists>(c, t)\<in>set ?U. \<exists>(d, s)\<in>set ?U. ?I (msubst (simpfm p) ((c, t), d, s)))"
  1.3689 +    using fr_eq_msubst[OF lq, of vs bs x] by simp
  1.3690 +  also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or>
  1.3691 +      (\<exists>(x, y) \<in> set ?Up. ?I ((simpfm \<circ> msubst ?q) (x, y)))"
  1.3692 +    using alluopairs_bex[OF th0] by simp
  1.3693 +  also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (evaldjf (simpfm \<circ> msubst ?q) ?Up)"
  1.3694      by (simp add: evaldjf_ex)
  1.3695 -  also have "\<dots> \<longleftrightarrow> ?I (disj ?mp (disj ?pp (evaldjf (simpfm o (msubst ?q)) ?Up)))" by simp
  1.3696 -  also have "\<dots> \<longleftrightarrow> ?rhs" using decr0[OF th1, of vs x bs]
  1.3697 +  also have "\<dots> \<longleftrightarrow> ?I (disj ?mp (disj ?pp (evaldjf (simpfm \<circ> msubst ?q) ?Up)))"
  1.3698 +    by simp
  1.3699 +  also have "\<dots> \<longleftrightarrow> ?rhs"
  1.3700 +    using decr0[OF th1, of vs x bs]
  1.3701      apply (simp add: ferrack_def Let_def)
  1.3702 -    by (cases "?mp = T \<or> ?pp = T", auto)
  1.3703 -  finally show ?thesis using thqf by blast
  1.3704 +    apply (cases "?mp = T \<or> ?pp = T")
  1.3705 +    apply auto
  1.3706 +    done
  1.3707 +  finally show ?thesis
  1.3708 +    using thqf by blast
  1.3709  qed
  1.3710  
  1.3711  definition "frpar p = simpfm (qelim p ferrack)"
  1.3712 +
  1.3713  lemma frpar: "qfree (frpar p) \<and> (Ifm vs bs (frpar p) \<longleftrightarrow> Ifm vs bs p)"
  1.3714 -proof-
  1.3715 -  from ferrack have th: "\<forall>bs p. qfree p \<longrightarrow> qfree (ferrack p) \<and> Ifm vs bs (ferrack p) = Ifm vs bs (E p)" by blast
  1.3716 -  from qelim[OF th, of p bs] show ?thesis  unfolding frpar_def by auto
  1.3717 +proof -
  1.3718 +  from ferrack
  1.3719 +  have th: "\<forall>bs p. qfree p \<longrightarrow> qfree (ferrack p) \<and> Ifm vs bs (ferrack p) = Ifm vs bs (E p)"
  1.3720 +    by blast
  1.3721 +  from qelim[OF th, of p bs] show ?thesis
  1.3722 +    unfolding frpar_def by auto
  1.3723  qed
  1.3724  
  1.3725  
  1.3726 -section{* Second implemenation: Case splits not local *}
  1.3727 -
  1.3728 -lemma fr_eq2:  assumes lp: "islin p"
  1.3729 +section {* Second implemenation: Case splits not local *}
  1.3730 +
  1.3731 +lemma fr_eq2:
  1.3732 +  assumes lp: "islin p"
  1.3733    shows "(\<exists>x. Ifm vs (x#bs) p) \<longleftrightarrow>
  1.3734 -   ((Ifm vs (x#bs) (minusinf p)) \<or> (Ifm vs (x#bs) (plusinf p)) \<or>
  1.3735 -    (Ifm vs (0#bs) p) \<or>
  1.3736 -    (\<exists>(n,t) \<in> set (uset p). Ipoly vs n \<noteq> 0 \<and> Ifm vs ((- Itm vs (x#bs) t /  (Ipoly vs n * 2))#bs) p) \<or>
  1.3737 -    (\<exists>(n,t) \<in> set (uset p). \<exists>(m,s) \<in> set (uset p). Ipoly vs n \<noteq> 0 \<and> Ipoly vs m \<noteq> 0 \<and> Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs n + - Itm vs (x#bs) s / Ipoly vs m) /2)#bs) p))"
  1.3738 +   (Ifm vs (x#bs) (minusinf p) \<or>
  1.3739 +    Ifm vs (x#bs) (plusinf p) \<or>
  1.3740 +    Ifm vs (0#bs) p \<or>
  1.3741 +    (\<exists>(n, t) \<in> set (uset p).
  1.3742 +      Ipoly vs n \<noteq> 0 \<and> Ifm vs ((- Itm vs (x#bs) t /  (Ipoly vs n * 2))#bs) p) \<or>
  1.3743 +      (\<exists>(n, t) \<in> set (uset p). \<exists>(m, s) \<in> set (uset p).
  1.3744 +        Ipoly vs n \<noteq> 0 \<and>
  1.3745 +        Ipoly vs m \<noteq> 0 \<and>
  1.3746 +        Ifm vs (((- Itm vs (x#bs) t /  Ipoly vs n + - Itm vs (x#bs) s / Ipoly vs m) /2)#bs) p))"
  1.3747    (is "(\<exists>x. ?I x p) = (?M \<or> ?P \<or> ?Z \<or> ?U \<or> ?F)" is "?E = ?D")
  1.3748  proof
  1.3749    assume px: "\<exists>x. ?I x p"
  1.3750    have "?M \<or> ?P \<or> (\<not> ?M \<and> \<not> ?P)" by blast
  1.3751 -  moreover {assume "?M \<or> ?P" hence "?D" by blast}
  1.3752 -  moreover {assume nmi: "\<not> ?M" and npi: "\<not> ?P"
  1.3753 +  moreover {
  1.3754 +    assume "?M \<or> ?P"
  1.3755 +    then have "?D" by blast
  1.3756 +  }
  1.3757 +  moreover {
  1.3758 +    assume nmi: "\<not> ?M"
  1.3759 +      and npi: "\<not> ?P"
  1.3760      from inf_uset[OF lp nmi npi, OF px]
  1.3761 -    obtain c t d s where ct: "(c,t) \<in> set (uset p)" "(d,s) \<in> set (uset p)" "?I ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / ((1\<Colon>'a) + (1\<Colon>'a))) p"
  1.3762 +    obtain c t d s where ct:
  1.3763 +      "(c, t) \<in> set (uset p)"
  1.3764 +      "(d, s) \<in> set (uset p)"
  1.3765 +      "?I ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / (1 + 1)) p"
  1.3766        by auto
  1.3767      let ?c = "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
  1.3768      let ?d = "\<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>"
  1.3769      let ?s = "Itm vs (x # bs) s"
  1.3770      let ?t = "Itm vs (x # bs) t"
  1.3771      have eq2: "\<And>(x::'a). x + x = 2 * x"
  1.3772 -      by  (simp add: field_simps)
  1.3773 -    {assume "?c = 0 \<and> ?d = 0"
  1.3774 -      with ct have ?D by simp}
  1.3775 +      by (simp add: field_simps)
  1.3776 +    {
  1.3777 +      assume "?c = 0 \<and> ?d = 0"
  1.3778 +      with ct have ?D by simp
  1.3779 +    }
  1.3780      moreover
  1.3781 -    {assume z: "?c = 0" "?d \<noteq> 0"
  1.3782 -      from z have ?D using ct by auto}
  1.3783 +    {
  1.3784 +      assume z: "?c = 0" "?d \<noteq> 0"
  1.3785 +      from z have ?D using ct by auto
  1.3786 +    }
  1.3787      moreover
  1.3788 -    {assume z: "?c \<noteq> 0" "?d = 0"
  1.3789 -      with ct have ?D by auto }
  1.3790 +    {
  1.3791 +      assume z: "?c \<noteq> 0" "?d = 0"
  1.3792 +      with ct have ?D by auto
  1.3793 +    }
  1.3794      moreover
  1.3795 -    {assume z: "?c \<noteq> 0" "?d \<noteq> 0"
  1.3796 +    {
  1.3797 +      assume z: "?c \<noteq> 0" "?d \<noteq> 0"
  1.3798        from z have ?F using ct
  1.3799 -        apply - apply (rule bexI[where x = "(c,t)"], simp_all)
  1.3800 -        by (rule bexI[where x = "(d,s)"], simp_all)
  1.3801 -      hence ?D by blast}
  1.3802 -    ultimately have ?D by auto}
  1.3803 +        apply -
  1.3804 +        apply (rule bexI[where x = "(c,t)"])
  1.3805 +        apply simp_all
  1.3806 +        apply (rule bexI[where x = "(d,s)"])
  1.3807 +        apply simp_all
  1.3808 +        done
  1.3809 +      then have ?D by blast
  1.3810 +    }
  1.3811 +    ultimately have ?D by auto
  1.3812 +  }
  1.3813    ultimately show "?D" by blast
  1.3814  next
  1.3815    assume "?D"
  1.3816 -  moreover {assume m:"?M" from minusinf_ex[OF lp m] have "?E" .}
  1.3817 -  moreover {assume p: "?P" from plusinf_ex[OF lp p] have "?E" . }
  1.3818 -  moreover {assume f:"?F" hence "?E" by blast}
  1.3819 +  moreover {
  1.3820 +    assume m: "?M"
  1.3821 +    from minusinf_ex[OF lp m] have "?E" .
  1.3822 +  }
  1.3823 +  moreover {
  1.3824 +    assume p: "?P"
  1.3825 +    from plusinf_ex[OF lp p] have "?E" .
  1.3826 +  }
  1.3827 +  moreover {
  1.3828 +    assume f:"?F"
  1.3829 +    then have "?E" by blast
  1.3830 +  }
  1.3831    ultimately show "?E" by blast
  1.3832  qed
  1.3833  
  1.3834 @@ -2653,36 +3571,47 @@
  1.3835  definition "msubstleneg c t a b = Le (Neg (Add (Mul a t) (Mul c b)))"
  1.3836  
  1.3837  lemma msubsteq2:
  1.3838 -  assumes nz: "Ipoly vs c \<noteq> 0" and l: "islin (Eq (CNP 0 a b))"
  1.3839 -  shows "Ifm vs (x#bs) (msubsteq2 c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Eq (CNP 0 a b))" (is "?lhs = ?rhs")
  1.3840 -  using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
  1.3841 +  assumes nz: "Ipoly vs c \<noteq> 0"
  1.3842 +    and l: "islin (Eq (CNP 0 a b))"
  1.3843 +  shows "Ifm vs (x#bs) (msubsteq2 c t a b) =
  1.3844 +    Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Eq (CNP 0 a b))"
  1.3845 +  using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>", symmetric]
  1.3846    by (simp add: msubsteq2_def field_simps)
  1.3847  
  1.3848  lemma msubstltpos:
  1.3849 -  assumes nz: "Ipoly vs c > 0" and l: "islin (Lt (CNP 0 a b))"
  1.3850 -  shows "Ifm vs (x#bs) (msubstltpos c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Lt (CNP 0 a b))" (is "?lhs = ?rhs")
  1.3851 -  using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
  1.3852 +  assumes nz: "Ipoly vs c > 0"
  1.3853 +    and l: "islin (Lt (CNP 0 a b))"
  1.3854 +  shows "Ifm vs (x#bs) (msubstltpos c t a b) =
  1.3855 +    Ifm vs (((Itm vs (x#bs) t / Ipoly vs c ))#bs) (Lt (CNP 0 a b))"
  1.3856 +  using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>", symmetric]
  1.3857    by (simp add: msubstltpos_def field_simps)
  1.3858  
  1.3859  lemma msubstlepos:
  1.3860 -  assumes nz: "Ipoly vs c > 0" and l: "islin (Le (CNP 0 a b))"
  1.3861 -  shows "Ifm vs (x#bs) (msubstlepos c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Le (CNP 0 a b))" (is "?lhs = ?rhs")
  1.3862 -  using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
  1.3863 +  assumes nz: "Ipoly vs c > 0"
  1.3864 +    and l: "islin (Le (CNP 0 a b))"
  1.3865 +  shows "Ifm vs (x#bs) (msubstlepos c t a b) =
  1.3866 +    Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Le (CNP 0 a b))"
  1.3867 +  using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>", symmetric]
  1.3868    by (simp add: msubstlepos_def field_simps)
  1.3869  
  1.3870  lemma msubstltneg:
  1.3871 -  assumes nz: "Ipoly vs c < 0" and l: "islin (Lt (CNP 0 a b))"
  1.3872 -  shows "Ifm vs (x#bs) (msubstltneg c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Lt (CNP 0 a b))" (is "?lhs = ?rhs")
  1.3873 -  using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
  1.3874 +  assumes nz: "Ipoly vs c < 0"
  1.3875 +    and l: "islin (Lt (CNP 0 a b))"
  1.3876 +  shows "Ifm vs (x#bs) (msubstltneg c t a b) =
  1.3877 +    Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Lt (CNP 0 a b))"
  1.3878 +  using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>", symmetric]
  1.3879    by (simp add: msubstltneg_def field_simps del: minus_add_distrib)
  1.3880  
  1.3881  lemma msubstleneg:
  1.3882 -  assumes nz: "Ipoly vs c < 0" and l: "islin (Le (CNP 0 a b))"
  1.3883 -  shows "Ifm vs (x#bs) (msubstleneg c t a b) = Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Le (CNP 0 a b))" (is "?lhs = ?rhs")
  1.3884 -  using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" , symmetric]
  1.3885 +  assumes nz: "Ipoly vs c < 0"
  1.3886 +    and l: "islin (Le (CNP 0 a b))"
  1.3887 +  shows "Ifm vs (x#bs) (msubstleneg c t a b) =
  1.3888 +    Ifm vs (((Itm vs (x#bs) t /  Ipoly vs c ))#bs) (Le (CNP 0 a b))"
  1.3889 +  using nz l tmbound0_I[of b vs x bs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>", symmetric]
  1.3890    by (simp add: msubstleneg_def field_simps del: minus_add_distrib)
  1.3891  
  1.3892 -fun msubstpos :: "fm \<Rightarrow> poly \<Rightarrow> tm \<Rightarrow> fm" where
  1.3893 +fun msubstpos :: "fm \<Rightarrow> poly \<Rightarrow> tm \<Rightarrow> fm"
  1.3894 +where
  1.3895    "msubstpos (And p q) c t = And (msubstpos p c t) (msubstpos q c t)"
  1.3896  | "msubstpos (Or p q) c t = Or (msubstpos p c t) (msubstpos q c t)"
  1.3897  | "msubstpos (Eq (CNP 0 a r)) c t = msubsteq2 c t a r"
  1.3898 @@ -2692,12 +3621,18 @@
  1.3899  | "msubstpos p c t = p"
  1.3900  
  1.3901  lemma msubstpos_I:
  1.3902 -  assumes lp: "islin p" and pos: "Ipoly vs c > 0"
  1.3903 -  shows "Ifm vs (x#bs) (msubstpos p c t) = Ifm vs (Itm vs (x#bs) t /  Ipoly vs c #bs) p"
  1.3904 +  assumes lp: "islin p"
  1.3905 +    and pos: "Ipoly vs c > 0"
  1.3906 +  shows "Ifm vs (x#bs) (msubstpos p c t) =
  1.3907 +    Ifm vs (Itm vs (x#bs) t /  Ipoly vs c #bs) p"
  1.3908    using lp pos
  1.3909 -  by (induct p rule: islin.induct, auto simp add: msubsteq2 msubstltpos[OF pos] msubstlepos[OF pos] tmbound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] bound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] field_simps)
  1.3910 -
  1.3911 -fun msubstneg :: "fm \<Rightarrow> poly \<Rightarrow> tm \<Rightarrow> fm" where
  1.3912 +  by (induct p rule: islin.induct)
  1.3913 +    (auto simp add: msubsteq2 msubstltpos[OF pos] msubstlepos[OF pos]
  1.3914 +      tmbound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x]
  1.3915 +      bound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] field_simps)
  1.3916 +
  1.3917 +fun msubstneg :: "fm \<Rightarrow> poly \<Rightarrow> tm \<Rightarrow> fm"
  1.3918 +where
  1.3919    "msubstneg (And p q) c t = And (msubstneg p c t) (msubstneg q c t)"
  1.3920  | "msubstneg (Or p q) c t = Or (msubstneg p c t) (msubstneg q c t)"
  1.3921  | "msubstneg (Eq (CNP 0 a r)) c t = msubsteq2 c t a r"
  1.3922 @@ -2707,33 +3642,46 @@
  1.3923  | "msubstneg p c t = p"
  1.3924  
  1.3925  lemma msubstneg_I:
  1.3926 -  assumes lp: "islin p" and pos: "Ipoly vs c < 0"
  1.3927 +  assumes lp: "islin p"
  1.3928 +    and pos: "Ipoly vs c < 0"
  1.3929    shows "Ifm vs (x#bs) (msubstneg p c t) = Ifm vs (Itm vs (x#bs) t /  Ipoly vs c #bs) p"
  1.3930    using lp pos
  1.3931 -  by (induct p rule: islin.induct, auto simp add: msubsteq2 msubstltneg[OF pos] msubstleneg[OF pos] tmbound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] bound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] field_simps)
  1.3932 -
  1.3933 -
  1.3934 -definition "msubst2 p c t = disj (conj (lt (CP (polyneg c))) (simpfm (msubstpos p c t))) (conj (lt (CP c)) (simpfm (msubstneg p c t)))"
  1.3935 -
  1.3936 -lemma msubst2: assumes lp: "islin p" and nc: "isnpoly c" and nz: "Ipoly vs c \<noteq> 0"
  1.3937 +  by (induct p rule: islin.induct)
  1.3938 +    (auto simp add: msubsteq2 msubstltneg[OF pos] msubstleneg[OF pos]
  1.3939 +      tmbound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x]
  1.3940 +      bound0_I[of _ vs "Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup>" bs x] field_simps)
  1.3941 +
  1.3942 +definition
  1.3943 +  "msubst2 p c t =
  1.3944 +    disj
  1.3945 +      (conj (lt (CP (polyneg c))) (simpfm (msubstpos p c t)))
  1.3946 +      (conj (lt (CP c)) (simpfm (msubstneg p c t)))"
  1.3947 +
  1.3948 +lemma msubst2:
  1.3949 +  assumes lp: "islin p"
  1.3950 +    and nc: "isnpoly c"
  1.3951 +    and nz: "Ipoly vs c \<noteq> 0"
  1.3952    shows "Ifm vs (x#bs) (msubst2 p c t) = Ifm vs (Itm vs (x#bs) t /  Ipoly vs c #bs) p"
  1.3953 -proof-
  1.3954 +proof -
  1.3955    let ?c = "Ipoly vs c"
  1.3956    from nc have anc: "allpolys isnpoly (CP c)" "allpolys isnpoly (CP (~\<^sub>p c))"
  1.3957      by (simp_all add: polyneg_norm)
  1.3958    from nz have "?c > 0 \<or> ?c < 0" by arith
  1.3959    moreover
  1.3960 -  {assume c: "?c < 0"
  1.3961 +  {
  1.3962 +    assume c: "?c < 0"
  1.3963      from c msubstneg_I[OF lp c, of x bs t] lt[OF anc(1), of vs "x#bs"] lt[OF anc(2), of vs "x#bs"]
  1.3964 -    have ?thesis by (auto simp add: msubst2_def)}
  1.3965 +    have ?thesis by (auto simp add: msubst2_def)
  1.3966 +  }
  1.3967    moreover
  1.3968 -  {assume c: "?c > 0"
  1.3969 +  {
  1.3970 +    assume c: "?c > 0"
  1.3971      from c msubstpos_I[OF lp c, of x bs t] lt[OF anc(1), of vs "x#bs"] lt[OF anc(2), of vs "x#bs"]
  1.3972 -    have ?thesis by (auto simp add: msubst2_def)}
  1.3973 +    have ?thesis by (auto simp add: msubst2_def)
  1.3974 +  }
  1.3975    ultimately show ?thesis by blast
  1.3976  qed
  1.3977  
  1.3978 -term msubsteq2
  1.3979  lemma msubsteq2_nb: "tmbound0 t \<Longrightarrow> islin (Eq (CNP 0 a r)) \<Longrightarrow> bound0 (msubsteq2 c t a r)"
  1.3980    by (simp add: msubsteq2_def)
  1.3981  
  1.3982 @@ -2747,20 +3695,30 @@
  1.3983  lemma msubstleneg_nb: "tmbound0 t \<Longrightarrow> islin (Le (CNP 0 a r)) \<Longrightarrow> bound0 (msubstleneg c t a r)"
  1.3984    by (simp add: msubstleneg_def)
  1.3985  
  1.3986 -lemma msubstpos_nb: assumes lp: "islin p" and tnb: "tmbound0 t"
  1.3987 +lemma msubstpos_nb:
  1.3988 +  assumes lp: "islin p"
  1.3989 +    and tnb: "tmbound0 t"
  1.3990    shows "bound0 (msubstpos p c t)"
  1.3991 -using lp tnb
  1.3992 -by (induct p c t rule: msubstpos.induct, auto simp add: msubsteq2_nb msubstltpos_nb msubstlepos_nb)
  1.3993 -
  1.3994 -lemma msubstneg_nb: assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})" and lp: "islin p" and tnb: "tmbound0 t"
  1.3995 +  using lp tnb
  1.3996 +  by (induct p c t rule: msubstpos.induct)
  1.3997 +    (auto simp add: msubsteq2_nb msubstltpos_nb msubstlepos_nb)
  1.3998 +
  1.3999 +lemma msubstneg_nb:
  1.4000 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1.4001 +    and lp: "islin p"
  1.4002 +    and tnb: "tmbound0 t"
  1.4003    shows "bound0 (msubstneg p c t)"
  1.4004 -using lp tnb
  1.4005 -by (induct p c t rule: msubstneg.induct, auto simp add: msubsteq2_nb msubstltneg_nb msubstleneg_nb)
  1.4006 -
  1.4007 -lemma msubst2_nb: assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})" and lp: "islin p" and tnb: "tmbound0 t"
  1.4008 +  using lp tnb
  1.4009 +  by (induct p c t rule: msubstneg.induct)
  1.4010 +    (auto simp add: msubsteq2_nb msubstltneg_nb msubstleneg_nb)
  1.4011 +
  1.4012 +lemma msubst2_nb:
  1.4013 +  assumes "SORT_CONSTRAINT('a::{field_char_0, field_inverse_zero})"
  1.4014 +    and lp: "islin p"
  1.4015 +    and tnb: "tmbound0 t"
  1.4016    shows "bound0 (msubst2 p c t)"
  1.4017 -using lp tnb
  1.4018 -by (simp add: msubst2_def msubstneg_nb msubstpos_nb lt_nb simpfm_bound0)
  1.4019 +  using lp tnb
  1.4020 +  by (simp add: msubst2_def msubstneg_nb msubstpos_nb lt_nb simpfm_bound0)
  1.4021  
  1.4022  lemma mult_minus2_left: "-2 * (x::'a::comm_ring_1) = - (2 * x)"
  1.4023    by simp
  1.4024 @@ -2769,58 +3727,104 @@
  1.4025    by simp
  1.4026  
  1.4027  lemma islin_qf: "islin p \<Longrightarrow> qfree p"
  1.4028 -  by (induct p rule: islin.induct, auto simp add: bound0_qf)
  1.4029 +  by (induct p rule: islin.induct) (auto simp add: bound0_qf)
  1.4030 +
  1.4031  lemma fr_eq_msubst2:
  1.4032    assumes lp: "islin p"
  1.4033 -  shows "(\<exists>x. Ifm vs (x#bs) p) \<longleftrightarrow> ((Ifm vs (x#bs) (minusinf p)) \<or> (Ifm vs (x#bs) (plusinf p)) \<or> Ifm vs (x#bs) (subst0 (CP 0\<^sub>p) p) \<or> (\<exists>(n, t)\<in>set (uset p). Ifm vs (x# bs) (msubst2 p (n *\<^sub>p (C (-2,1))) t)) \<or> (\<exists>(c,t) \<in> set (uset p). \<exists>(d,s) \<in> set (uset p). Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))))"
  1.4034 +  shows "(\<exists>x. Ifm vs (x#bs) p) \<longleftrightarrow>
  1.4035 +    ((Ifm vs (x#bs) (minusinf p)) \<or>
  1.4036 +     (Ifm vs (x#bs) (plusinf p)) \<or>
  1.4037 +     Ifm vs (x#bs) (subst0 (CP 0\<^sub>p) p) \<or>
  1.4038 +     (\<exists>(n, t) \<in> set (uset p).
  1.4039 +      Ifm vs (x# bs) (msubst2 p (n *\<^sub>p (C (-2,1))) t)) \<or>
  1.4040 +      (\<exists>(c, t) \<in> set (uset p). \<exists>(d, s) \<in> set (uset p).
  1.4041 +        Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))))"
  1.4042    (is "(\<exists>x. ?I x p) = (?M \<or> ?P \<or> ?Pz \<or> ?PU \<or> ?F)" is "?E = ?D")
  1.4043 -proof-
  1.4044 -  from uset_l[OF lp] have th: "\<forall>(c, s)\<in>set (uset p). isnpoly c \<and> tmbound0 s" by blast
  1.4045 +proof -
  1.4046 +  from uset_l[OF lp] have th: "\<forall>(c, s)\<in>set (uset p). isnpoly c \<and> tmbound0 s"
  1.4047 +    by blast
  1.4048    let ?I = "\<lambda>p. Ifm vs (x#bs) p"
  1.4049 -  have n2: "isnpoly (C (-2,1))" by (simp add: isnpoly_def)
  1.4050 +  have n2: "isnpoly (C (-2,1))"
  1.4051 +    by (simp add: isnpoly_def)
  1.4052    note eq0 = subst0[OF islin_qf[OF lp], of vs x bs "CP 0\<^sub>p", simplified]
  1.4053  
  1.4054 -  have eq1: "(\<exists>(n, t)\<in>set (uset p). ?I (msubst2 p (n *\<^sub>p (C (-2,1))) t)) \<longleftrightarrow> (\<exists>(n, t)\<in>set (uset p). \<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> Ifm vs (- Itm vs (x # bs) t / (\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> * 2) # bs) p)"
  1.4055 -  proof-
  1.4056 -    {fix n t assume H: "(n, t)\<in>set (uset p)" "?I(msubst2 p (n *\<^sub>p C (-2, 1)) t)"
  1.4057 -      from H(1) th have "isnpoly n" by blast
  1.4058 -      hence nn: "isnpoly (n *\<^sub>p (C (-2,1)))" by (simp_all add: polymul_norm n2)
  1.4059 +  have eq1: "(\<exists>(n, t) \<in> set (uset p). ?I (msubst2 p (n *\<^sub>p (C (-2,1))) t)) \<longleftrightarrow>
  1.4060 +    (\<exists>(n, t) \<in> set (uset p).
  1.4061 +      \<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and>
  1.4062 +      Ifm vs (- Itm vs (x # bs) t / (\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> * 2) # bs) p)"
  1.4063 +  proof -
  1.4064 +    {
  1.4065 +      fix n t
  1.4066 +      assume H: "(n, t) \<in> set (uset p)" "?I(msubst2 p (n *\<^sub>p C (-2, 1)) t)"
  1.4067 +      from H(1) th have "isnpoly n"
  1.4068 +        by blast
  1.4069 +      then have nn: "isnpoly (n *\<^sub>p (C (-2,1)))"
  1.4070 +        by (simp_all add: polymul_norm n2)
  1.4071        have nn': "allpolys isnpoly (CP (~\<^sub>p (n *\<^sub>p C (-2, 1))))"
  1.4072          by (simp add: polyneg_norm nn)
  1.4073 -      hence nn2: "\<lparr>n *\<^sub>p(C (-2,1)) \<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>n \<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" using H(2) nn' nn
  1.4074 +      then have nn2: "\<lparr>n *\<^sub>p(C (-2,1)) \<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>n \<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  1.4075 +        using H(2) nn' nn
  1.4076          by (auto simp add: msubst2_def lt zero_less_mult_iff mult_less_0_iff)
  1.4077        from msubst2[OF lp nn nn2(1), of x bs t]
  1.4078        have "\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> Ifm vs (- Itm vs (x # bs) t / (\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> * 2) # bs) p"
  1.4079 -        using H(2) nn2 by (simp add: mult_minus2_right)}
  1.4080 +        using H(2) nn2 by (simp add: mult_minus2_right)
  1.4081 +    }
  1.4082      moreover
  1.4083 -    {fix n t assume H: "(n, t)\<in>set (uset p)" "\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "Ifm vs (- Itm vs (x # bs) t / (\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> * 2) # bs) p"
  1.4084 -      from H(1) th have "isnpoly n" by blast
  1.4085 -      hence nn: "isnpoly (n *\<^sub>p (C (-2,1)))" "\<lparr>n *\<^sub>p(C (-2,1)) \<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  1.4086 +    {
  1.4087 +      fix n t
  1.4088 +      assume H:
  1.4089 +        "(n, t) \<in> set (uset p)" "\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  1.4090 +        "Ifm vs (- Itm vs (x # bs) t / (\<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> * 2) # bs) p"
  1.4091 +      from H(1) th have "isnpoly n"
  1.4092 +        by blast
  1.4093 +      then have nn: "isnpoly (n *\<^sub>p (C (-2,1)))" "\<lparr>n *\<^sub>p(C (-2,1)) \<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  1.4094          using H(2) by (simp_all add: polymul_norm n2)
  1.4095 -      from msubst2[OF lp nn, of x bs t] have "?I (msubst2 p (n *\<^sub>p (C (-2,1))) t)" using H(2,3) by (simp add: mult_minus2_right)}
  1.4096 +      from msubst2[OF lp nn, of x bs t] have "?I (msubst2 p (n *\<^sub>p (C (-2,1))) t)"
  1.4097 +        using H(2,3) by (simp add: mult_minus2_right)
  1.4098 +    }
  1.4099      ultimately show ?thesis by blast
  1.4100    qed
  1.4101 -  have eq2: "(\<exists>(c,t) \<in> set (uset p). \<exists>(d,s) \<in> set (uset p). Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))) \<longleftrightarrow> (\<exists>(n, t)\<in>set (uset p).
  1.4102 -     \<exists>(m, s)\<in>set (uset p). \<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> \<lparr>m\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> Ifm vs ((- Itm vs (x # bs) t / \<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>m\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p)"
  1.4103 -  proof-
  1.4104 -    {fix c t d s assume H: "(c,t) \<in> set (uset p)" "(d,s) \<in> set (uset p)"
  1.4105 -     "Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))"
  1.4106 -      from H(1,2) th have "isnpoly c" "isnpoly d" by blast+
  1.4107 -      hence nn: "isnpoly (C (-2, 1) *\<^sub>p c*\<^sub>p d)"
  1.4108 +  have eq2: "(\<exists>(c, t) \<in> set (uset p). \<exists>(d, s) \<in> set (uset p).
  1.4109 +      Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))) \<longleftrightarrow>
  1.4110 +    (\<exists>(n, t)\<in>set (uset p). \<exists>(m, s)\<in>set (uset p).
  1.4111 +      \<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and>
  1.4112 +      \<lparr>m\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and>
  1.4113 +      Ifm vs ((- Itm vs (x # bs) t / \<lparr>n\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>m\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p)"
  1.4114 +  proof -
  1.4115 +    {
  1.4116 +      fix c t d s
  1.4117 +      assume H:
  1.4118 +        "(c,t) \<in> set (uset p)" "(d,s) \<in> set (uset p)"
  1.4119 +        "Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))"
  1.4120 +      from H(1,2) th have "isnpoly c" "isnpoly d"
  1.4121 +        by blast+
  1.4122 +      then have nn: "isnpoly (C (-2, 1) *\<^sub>p c*\<^sub>p d)"
  1.4123          by (simp_all add: polymul_norm n2)
  1.4124 -      have stupid: "allpolys isnpoly (CP (~\<^sub>p (C (-2, 1) *\<^sub>p c *\<^sub>p d)))" "allpolys isnpoly (CP ((C (-2, 1) *\<^sub>p c *\<^sub>p d)))"
  1.4125 +      have stupid:
  1.4126 +          "allpolys isnpoly (CP (~\<^sub>p (C (-2, 1) *\<^sub>p c *\<^sub>p d)))"
  1.4127 +          "allpolys isnpoly (CP ((C (-2, 1) *\<^sub>p c *\<^sub>p d)))"
  1.4128          by (simp_all add: polyneg_norm nn)
  1.4129        have nn': "\<lparr>(C (-2, 1) *\<^sub>p c*\<^sub>p d)\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  1.4130 -        using H(3) by (auto simp add: msubst2_def lt[OF stupid(1)]  lt[OF stupid(2)] zero_less_mult_iff mult_less_0_iff)
  1.4131 +        using H(3)
  1.4132 +        by (auto simp add: msubst2_def lt[OF stupid(1)]
  1.4133 +            lt[OF stupid(2)] zero_less_mult_iff mult_less_0_iff)
  1.4134        from msubst2[OF lp nn nn'(1), of x bs ] H(3) nn'
  1.4135 -      have "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p"
  1.4136 +      have "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and> \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0 \<and>
  1.4137 +          Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p"
  1.4138          by (simp add: add_divide_distrib diff_divide_distrib mult_minus2_left mult_commute)
  1.4139      }
  1.4140      moreover
  1.4141 -    {fix c t d s assume H: "(c,t) \<in> set (uset p)" "(d,s) \<in> set (uset p)"
  1.4142 -      "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p"
  1.4143 -     from H(1,2) th have "isnpoly c" "isnpoly d" by blast+
  1.4144 -      hence nn: "isnpoly (C (-2, 1) *\<^sub>p c*\<^sub>p d)" "\<lparr>(C (-2, 1) *\<^sub>p c*\<^sub>p d)\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  1.4145 +    {
  1.4146 +      fix c t d s
  1.4147 +      assume H:
  1.4148 +        "(c, t) \<in> set (uset p)"
  1.4149 +        "(d, s) \<in> set (uset p)"
  1.4150 +        "\<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  1.4151 +        "\<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  1.4152 +        "Ifm vs ((- Itm vs (x # bs) t / \<lparr>c\<rparr>\<^sub>p\<^bsup>vs\<^esup> + - Itm vs (x # bs) s / \<lparr>d\<rparr>\<^sub>p\<^bsup>vs\<^esup>) / 2 # bs) p"
  1.4153 +      from H(1,2) th have "isnpoly c" "isnpoly d"
  1.4154 +        by blast+
  1.4155 +      then have nn: "isnpoly (C (-2, 1) *\<^sub>p c*\<^sub>p d)" "\<lparr>(C (-2, 1) *\<^sub>p c*\<^sub>p d)\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  1.4156          using H(3,4) by (simp_all add: polymul_norm n2)
  1.4157        from msubst2[OF lp nn, of x bs ] H(3,4,5)
  1.4158        have "Ifm vs (x#bs) (msubst2 p (C (-2, 1) *\<^sub>p c*\<^sub>p d) (Add (Mul d t) (Mul c s)))"
  1.4159 @@ -2833,20 +3837,34 @@
  1.4160  qed
  1.4161  
  1.4162  definition
  1.4163 -"ferrack2 p \<equiv> let q = simpfm p ; mp = minusinf q ; pp = plusinf q
  1.4164 - in if (mp = T \<or> pp = T) then T
  1.4165 -  else (let U = remdups (uset  q)
  1.4166 -    in decr0 (list_disj [mp, pp, simpfm (subst0 (CP 0\<^sub>p) q), evaldjf (\<lambda>(c,t). msubst2 q (c *\<^sub>p C (-2, 1)) t) U,
  1.4167 -   evaldjf (\<lambda>((b,a),(d,c)). msubst2 q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) (alluopairs U)]))"
  1.4168 +  "ferrack2 p \<equiv>
  1.4169 +    let
  1.4170 +      q = simpfm p;
  1.4171 +      mp = minusinf q;
  1.4172 +      pp = plusinf q
  1.4173 +    in
  1.4174 +      if (mp = T \<or> pp = T) then T
  1.4175 +      else
  1.4176 +       (let U = remdups (uset  q)
  1.4177 +        in
  1.4178 +          decr0
  1.4179 +            (list_disj
  1.4180 +              [mp,
  1.4181 +               pp,
  1.4182 +               simpfm (subst0 (CP 0\<^sub>p) q),
  1.4183 +               evaldjf (\<lambda>(c, t). msubst2 q (c *\<^sub>p C (-2, 1)) t) U,
  1.4184 +               evaldjf (\<lambda>((b, a),(d, c)).
  1.4185 +                msubst2 q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) (alluopairs U)]))"
  1.4186  
  1.4187  definition "frpar2 p = simpfm (qelim (prep p) ferrack2)"
  1.4188  
  1.4189 -lemma ferrack2: assumes qf: "qfree p"
  1.4190 -  shows "qfree (ferrack2 p) \<and> ((Ifm vs bs (ferrack2 p)) = (Ifm vs bs (E p)))"
  1.4191 +lemma ferrack2:
  1.4192 +  assumes qf: "qfree p"
  1.4193 +  shows "qfree (ferrack2 p) \<and> Ifm vs bs (ferrack2 p) = Ifm vs bs (E p)"
  1.4194    (is "_ \<and> (?rhs = ?lhs)")
  1.4195 -proof-
  1.4196 -  let ?J = "\<lambda> x p. Ifm vs (x#bs) p"
  1.4197 -  let ?N = "\<lambda> t. Ipoly vs t"
  1.4198 +proof -
  1.4199 +  let ?J = "\<lambda>x p. Ifm vs (x#bs) p"
  1.4200 +  let ?N = "\<lambda>t. Ipoly vs t"
  1.4201    let ?Nt = "\<lambda>x t. Itm vs (x#bs) t"
  1.4202    let ?q = "simpfm p"
  1.4203    let ?qz = "subst0 (CP 0\<^sub>p) ?q"
  1.4204 @@ -2854,68 +3872,109 @@
  1.4205    let ?Up = "alluopairs ?U"
  1.4206    let ?mp = "minusinf ?q"
  1.4207    let ?pp = "plusinf ?q"
  1.4208 +  fix x
  1.4209    let ?I = "\<lambda>p. Ifm vs (x#bs) p"
  1.4210    from simpfm_lin[OF qf] simpfm_qf[OF qf] have lq: "islin ?q" and q_qf: "qfree ?q" .
  1.4211    from minusinf_nb[OF lq] plusinf_nb[OF lq] have mp_nb: "bound0 ?mp" and pp_nb: "bound0 ?pp" .
  1.4212    from bound0_qf[OF mp_nb] bound0_qf[OF pp_nb] have mp_qf: "qfree ?mp" and pp_qf: "qfree ?pp" .
  1.4213 -  from uset_l[OF lq] have U_l: "\<forall>(c, s)\<in>set ?U. isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s"
  1.4214 +  from uset_l[OF lq]
  1.4215 +  have U_l: "\<forall>(c, s)\<in>set ?U. isnpoly c \<and> c \<noteq> 0\<^sub>p \<and> tmbound0 s \<and> allpolys isnpoly s"
  1.4216      by simp
  1.4217    have bnd0: "\<forall>x \<in> set ?U. bound0 ((\<lambda>(c,t). msubst2 ?q (c *\<^sub>p C (-2, 1)) t) x)"
  1.4218 -  proof-
  1.4219 -    {fix c t assume ct: "(c,t) \<in> set ?U"
  1.4220 -      hence tnb: "tmbound0 t" using U_l by blast
  1.4221 +  proof -
  1.4222 +    {
  1.4223 +      fix c t
  1.4224 +      assume ct: "(c, t) \<in> set ?U"
  1.4225 +      then have tnb: "tmbound0 t"
  1.4226 +        using U_l by blast
  1.4227        from msubst2_nb[OF lq tnb]
  1.4228 -      have "bound0 ((\<lambda>(c,t). msubst2 ?q (c *\<^sub>p C (-2, 1)) t) (c,t))" by simp}
  1.4229 -    thus ?thesis by auto
  1.4230 +      have "bound0 ((\<lambda>(c,t). msubst2 ?q (c *\<^sub>p C (-2, 1)) t) (c,t))" by simp
  1.4231 +    }
  1.4232 +    then show ?thesis by auto
  1.4233    qed
  1.4234 -  have bnd1: "\<forall>x \<in> set ?Up. bound0 ((\<lambda>((b,a),(d,c)). msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) x)"
  1.4235 -  proof-
  1.4236 -    {fix b a d c assume badc: "((b,a),(d,c)) \<in> set ?Up"
  1.4237 +  have bnd1: "\<forall>x \<in> set ?Up. bound0 ((\<lambda>((b, a), (d, c)).
  1.4238 +    msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) x)"
  1.4239 +  proof -
  1.4240 +    {
  1.4241 +      fix b a d c
  1.4242 +      assume badc: "((b,a),(d,c)) \<in> set ?Up"
  1.4243        from badc U_l alluopairs_set1[of ?U]
  1.4244 -      have nb: "tmbound0 (Add (Mul d a) (Mul b c))" by auto
  1.4245 -      from msubst2_nb[OF lq nb] have "bound0 ((\<lambda>((b,a),(d,c)). msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) ((b,a),(d,c)))" by simp}
  1.4246 -    thus ?thesis by auto
  1.4247 +      have nb: "tmbound0 (Add (Mul d a) (Mul b c))"
  1.4248 +        by auto
  1.4249 +      from msubst2_nb[OF lq nb]
  1.4250 +      have "bound0 ((\<lambda>((b, a),(d, c)).
  1.4251 +          msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) ((b,a),(d,c)))"
  1.4252 +        by simp
  1.4253 +    }
  1.4254 +    then show ?thesis by auto
  1.4255    qed
  1.4256 -  have stupid: "bound0 F" by simp
  1.4257 -  let ?R = "list_disj [?mp, ?pp, simpfm (subst0 (CP 0\<^sub>p) ?q), evaldjf (\<lambda>(c,t). msubst2 ?q (c *\<^sub>p C (-2, 1)) t) ?U,
  1.4258 -   evaldjf (\<lambda>((b,a),(d,c)). msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) (alluopairs ?U)]"
  1.4259 -  from subst0_nb[of "CP 0\<^sub>p" ?q] q_qf evaldjf_bound0[OF bnd1] evaldjf_bound0[OF bnd0] mp_nb pp_nb stupid
  1.4260 -  have nb: "bound0 ?R "
  1.4261 +  have stupid: "bound0 F"
  1.4262 +    by simp
  1.4263 +  let ?R =
  1.4264 +    "list_disj
  1.4265 +     [?mp,
  1.4266 +      ?pp,
  1.4267 +      simpfm (subst0 (CP 0\<^sub>p) ?q),
  1.4268 +      evaldjf (\<lambda>(c,t). msubst2 ?q (c *\<^sub>p C (-2, 1)) t) ?U,
  1.4269 +      evaldjf (\<lambda>((b,a),(d,c)).
  1.4270 +        msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) (alluopairs ?U)]"
  1.4271 +  from subst0_nb[of "CP 0\<^sub>p" ?q] q_qf
  1.4272 +    evaldjf_bound0[OF bnd1] evaldjf_bound0[OF bnd0] mp_nb pp_nb stupid
  1.4273 +  have nb: "bound0 ?R"
  1.4274      by (simp add: list_disj_def simpfm_bound0)
  1.4275 -  let ?s = "\<lambda>((b,a),(d,c)). msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))"
  1.4276 -
  1.4277 -  {fix b a d c assume baU: "(b,a) \<in> set ?U" and dcU: "(d,c) \<in> set ?U"
  1.4278 +  let ?s = "\<lambda>((b, a),(d, c)). msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))"
  1.4279 +
  1.4280 +  {
  1.4281 +    fix b a d c
  1.4282 +    assume baU: "(b,a) \<in> set ?U" and dcU: "(d,c) \<in> set ?U"
  1.4283      from U_l baU dcU have norm: "isnpoly b" "isnpoly d" "isnpoly (C (-2, 1))"
  1.4284        by auto (simp add: isnpoly_def)
  1.4285      have norm2: "isnpoly (C (-2, 1) *\<^sub>p b*\<^sub>p d)" "isnpoly (C (-2, 1) *\<^sub>p d*\<^sub>p b)"
  1.4286        using norm by (simp_all add: polymul_norm)
  1.4287 -    have stupid: "allpolys isnpoly (CP (C (-2, 1) *\<^sub>p b*\<^sub>p d))" "allpolys isnpoly (CP (C (-2, 1) *\<^sub>p d*\<^sub>p b))" "allpolys isnpoly (CP (~\<^sub>p(C (-2, 1) *\<^sub>p b*\<^sub>p d)))" "allpolys isnpoly (CP (~\<^sub>p(C (-2, 1) *\<^sub>p d*\<^sub>p b)))"
  1.4288 +    have stupid:
  1.4289 +        "allpolys isnpoly (CP (C (-2, 1) *\<^sub>p b *\<^sub>p d))"
  1.4290 +        "allpolys isnpoly (CP (C (-2, 1) *\<^sub>p d *\<^sub>p b))"
  1.4291 +        "allpolys isnpoly (CP (~\<^sub>p(C (-2, 1) *\<^sub>p b *\<^sub>p d)))"
  1.4292 +        "allpolys isnpoly (CP (~\<^sub>p(C (-2, 1) *\<^sub>p d*\<^sub>p b)))"
  1.4293        by (simp_all add: polyneg_norm norm2)
  1.4294 -    have "?I (msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) = ?I (msubst2 ?q (C (-2, 1) *\<^sub>p d*\<^sub>p b) (Add (Mul b c) (Mul d a)))" (is "?lhs \<longleftrightarrow> ?rhs")
  1.4295 +    have "?I (msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))) =
  1.4296 +        ?I (msubst2 ?q (C (-2, 1) *\<^sub>p d*\<^sub>p b) (Add (Mul b c) (Mul d a)))"
  1.4297 +      (is "?lhs \<longleftrightarrow> ?rhs")
  1.4298      proof
  1.4299        assume H: ?lhs
  1.4300 -      hence z: "\<lparr>C (-2, 1) *\<^sub>p b *\<^sub>p d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>C (-2, 1) *\<^sub>p d *\<^sub>p b\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  1.4301 -        by (auto simp add: msubst2_def lt[OF stupid(3)] lt[OF stupid(1)] mult_less_0_iff zero_less_mult_iff)
  1.4302 -      from msubst2[OF lq norm2(1) z(1), of x bs]
  1.4303 -        msubst2[OF lq norm2(2) z(2), of x bs] H
  1.4304 -      show ?rhs by (simp add: field_simps)
  1.4305 +      then have z: "\<lparr>C (-2, 1) *\<^sub>p b *\<^sub>p d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>C (-2, 1) *\<^sub>p d *\<^sub>p b\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  1.4306 +        by (auto simp add: msubst2_def lt[OF stupid(3)] lt[OF stupid(1)]
  1.4307 +            mult_less_0_iff zero_less_mult_iff)
  1.4308 +      from msubst2[OF lq norm2(1) z(1), of x bs] msubst2[OF lq norm2(2) z(2), of x bs] H
  1.4309 +      show ?rhs
  1.4310 +        by (simp add: field_simps)
  1.4311      next
  1.4312        assume H: ?rhs
  1.4313 -      hence z: "\<lparr>C (-2, 1) *\<^sub>p b *\<^sub>p d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>C (-2, 1) *\<^sub>p d *\<^sub>p b\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  1.4314 -        by (auto simp add: msubst2_def lt[OF stupid(4)] lt[OF stupid(2)] mult_less_0_iff zero_less_mult_iff)
  1.4315 -      from msubst2[OF lq norm2(1) z(1), of x bs]
  1.4316 -        msubst2[OF lq norm2(2) z(2), of x bs] H
  1.4317 -      show ?lhs by (simp add: field_simps)
  1.4318 -    qed}
  1.4319 -  hence th0: "\<forall>x \<in> set ?U. \<forall>y \<in> set ?U. ?I (?s (x, y)) \<longleftrightarrow> ?I (?s (y, x))"
  1.4320 -    by clarsimp
  1.4321 -
  1.4322 -  have "?lhs \<longleftrightarrow> (\<exists>x. Ifm vs (x#bs) ?q)" by simp
  1.4323 -  also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (subst0 (CP 0\<^sub>p) ?q) \<or> (\<exists>(n,t) \<in> set ?U. ?I (msubst2 ?q (n *\<^sub>p C (-2, 1)) t)) \<or> (\<exists>(b, a)\<in>set ?U. \<exists>(d, c)\<in>set ?U. ?I (msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))))"
  1.4324 +      then have z: "\<lparr>C (-2, 1) *\<^sub>p b *\<^sub>p d\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0" "\<lparr>C (-2, 1) *\<^sub>p d *\<^sub>p b\<rparr>\<^sub>p\<^bsup>vs\<^esup> \<noteq> 0"
  1.4325 +        by (auto simp add: msubst2_def lt[OF stupid(4)] lt[OF stupid(2)]
  1.4326 +            mult_less_0_iff zero_less_mult_iff)
  1.4327 +      from msubst2[OF lq norm2(1) z(1), of x bs] msubst2[OF lq norm2(2) z(2), of x bs] H
  1.4328 +      show ?lhs
  1.4329 +        by (simp add: field_simps)
  1.4330 +    qed
  1.4331 +  }
  1.4332 +  then have th0: "\<forall>x \<in> set ?U. \<forall>y \<in> set ?U. ?I (?s (x, y)) \<longleftrightarrow> ?I (?s (y, x))"
  1.4333 +    by auto
  1.4334 +
  1.4335 +  have "?lhs \<longleftrightarrow> (\<exists>x. Ifm vs (x#bs) ?q)"
  1.4336 +    by simp
  1.4337 +  also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (subst0 (CP 0\<^sub>p) ?q) \<or>
  1.4338 +      (\<exists>(n, t) \<in> set ?U. ?I (msubst2 ?q (n *\<^sub>p C (-2, 1)) t)) \<or>
  1.4339 +      (\<exists>(b, a) \<in> set ?U. \<exists>(d, c) \<in> set ?U.
  1.4340 +        ?I (msubst2 ?q (C (-2, 1) *\<^sub>p b*\<^sub>p d) (Add (Mul d a) (Mul b c))))"
  1.4341      using fr_eq_msubst2[OF lq, of vs bs x] by simp
  1.4342 -  also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (subst0 (CP 0\<^sub>p) ?q) \<or> (\<exists>(n,t) \<in> set ?U. ?I (msubst2 ?q (n *\<^sub>p C (-2, 1)) t)) \<or> (\<exists>x\<in>set ?U. \<exists>y \<in>set ?U. ?I (?s (x,y)))"
  1.4343 +  also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (subst0 (CP 0\<^sub>p) ?q) \<or>
  1.4344 +      (\<exists>(n, t) \<in> set ?U. ?I (msubst2 ?q (n *\<^sub>p C (-2, 1)) t)) \<or>
  1.4345 +      (\<exists>x \<in> set ?U. \<exists>y \<in>set ?U. ?I (?s (x, y)))"
  1.4346      by (simp add: split_def)
  1.4347 -  also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (subst0 (CP 0\<^sub>p) ?q) \<or> (\<exists>(n,t) \<in> set ?U. ?I (msubst2 ?q (n *\<^sub>p C (-2, 1)) t)) \<or> (\<exists>(x,y) \<in> set ?Up. ?I (?s (x,y)))"
  1.4348 +  also have "\<dots> \<longleftrightarrow> ?I ?mp \<or> ?I ?pp \<or> ?I (subst0 (CP 0\<^sub>p) ?q) \<or>
  1.4349 +      (\<exists>(n, t) \<in> set ?U. ?I (msubst2 ?q (n *\<^sub>p C (-2, 1)) t)) \<or>
  1.4350 +      (\<exists>(x, y) \<in> set ?Up. ?I (?s (x, y)))"
  1.4351      using alluopairs_bex[OF th0] by simp
  1.4352    also have "\<dots> \<longleftrightarrow> ?I ?R"
  1.4353      by (simp add: list_disj_def evaldjf_ex split_def)
  1.4354 @@ -2925,9 +3984,10 @@
  1.4355      apply (simp add: list_disj_def)
  1.4356      apply (cases "?pp = T")
  1.4357      apply (simp add: list_disj_def)
  1.4358 -    by (simp_all add: Let_def decr0[OF nb])
  1.4359 +    apply (simp_all add: Let_def decr0[OF nb])
  1.4360 +    done
  1.4361    finally show ?thesis using decr0_qf[OF nb]
  1.4362 -    by (simp  add: ferrack2_def Let_def)
  1.4363 +    by (simp add: ferrack2_def Let_def)
  1.4364  qed
  1.4365  
  1.4366  lemma frpar2: "qfree (frpar2 p) \<and> (Ifm vs bs (frpar2 p) \<longleftrightarrow> Ifm vs bs p)"
  1.4367 @@ -2936,7 +3996,8 @@
  1.4368    have th: "\<forall>bs p. qfree p \<longrightarrow> qfree (ferrack2 p) \<and> Ifm vs bs (ferrack2 p) = Ifm vs bs (E p)"
  1.4369      by blast
  1.4370    from qelim[OF th, of "prep p" bs]
  1.4371 -  show ?thesis unfolding frpar2_def by (auto simp add: prep)
  1.4372 +  show ?thesis
  1.4373 +    unfolding frpar2_def by (auto simp add: prep)
  1.4374  qed
  1.4375  
  1.4376  oracle frpar_oracle = {*
  1.4377 @@ -2962,31 +4023,47 @@
  1.4378      val k = find_index (fn t' => t aconv t') ts;
  1.4379    in if k < 0 then raise General.Subscript else k end;
  1.4380  
  1.4381 -fun num_of_term ps (Const (@{const_name Groups.uminus}, _) $ t) = @{code poly.Neg} (num_of_term ps t)
  1.4382 -  | num_of_term ps (Const (@{const_name Groups.plus}, _) $ a $ b) = @{code poly.Add} (num_of_term ps a, num_of_term ps b)
  1.4383 -  | num_of_term ps (Const (@{const_name Groups.minus}, _) $ a $ b) = @{code poly.Sub} (num_of_term ps a, num_of_term ps b)
  1.4384 -  | num_of_term ps (Const (@{const_name Groups.times}, _) $ a $ b) = @{code poly.Mul} (num_of_term ps a, num_of_term ps b)
  1.4385 -  | num_of_term ps (Const (@{const_name Power.power}, _) $ a $ n) = @{code poly.Pw} (num_of_term ps a, @{code nat_of_integer} (dest_nat n))
  1.4386 -  | num_of_term ps (Const (@{const_name Fields.divide}, _) $ a $ b) = mk_C (dest_num a, dest_num b)
  1.4387 -  | num_of_term ps t = (case try_dest_num t
  1.4388 -     of SOME k => mk_C (k, 1)
  1.4389 +fun num_of_term ps (Const (@{const_name Groups.uminus}, _) $ t) =
  1.4390 +      @{code poly.Neg} (num_of_term ps t)
  1.4391 +  | num_of_term ps (Const (@{const_name Groups.plus}, _) $ a $ b) =
  1.4392 +      @{code poly.Add} (num_of_term ps a, num_of_term ps b)
  1.4393 +  | num_of_term ps (Const (@{const_name Groups.minus}, _) $ a $ b) =
  1.4394 +      @{code poly.Sub} (num_of_term ps a, num_of_term ps b)
  1.4395 +  | num_of_term ps (Const (@{const_name Groups.times}, _) $ a $ b) =
  1.4396 +      @{code poly.Mul} (num_of_term ps a, num_of_term ps b)
  1.4397 +  | num_of_term ps (Const (@{const_name Power.power}, _) $ a $ n) =
  1.4398 +      @{code poly.Pw} (num_of_term ps a, @{code nat_of_integer} (dest_nat n))
  1.4399 +  | num_of_term ps (Const (@{const_name Fields.divide}, _) $ a $ b) =
  1.4400 +      mk_C (dest_num a, dest_num b)
  1.4401 +  | num_of_term ps t =
  1.4402 +      (case try_dest_num t of
  1.4403 +        SOME k => mk_C (k, 1)
  1.4404        | NONE => mk_poly_Bound (the_index ps t));
  1.4405  
  1.4406 -fun tm_of_term fs ps (Const(@{const_name Groups.uminus}, _) $ t) = @{code Neg} (tm_of_term fs ps t)
  1.4407 -  | tm_of_term fs ps (Const(@{const_name Groups.plus}, _) $ a $ b) = @{code Add} (tm_of_term fs ps a, tm_of_term fs ps b)
  1.4408 -  | tm_of_term fs ps (Const(@{const_name Groups.minus}, _) $ a $ b) = @{code Sub} (tm_of_term fs ps a, tm_of_term fs ps b)
  1.4409 -  | tm_of_term fs ps (Const(@{const_name Groups.times}, _) $ a $ b) = @{code Mul} (num_of_term ps a, tm_of_term fs ps b)
  1.4410 +fun tm_of_term fs ps (Const(@{const_name Groups.uminus}, _) $ t) =
  1.4411 +      @{code Neg} (tm_of_term fs ps t)
  1.4412 +  | tm_of_term fs ps (Const(@{const_name Groups.plus}, _) $ a $ b) =
  1.4413 +      @{code Add} (tm_of_term fs ps a, tm_of_term fs ps b)
  1.4414 +  | tm_of_term fs ps (Const(@{const_name Groups.minus}, _) $ a $ b) =
  1.4415 +      @{code Sub} (tm_of_term fs ps a, tm_of_term fs ps b)
  1.4416 +  | tm_of_term fs ps (Const(@{const_name Groups.times}, _) $ a $ b) =
  1.4417 +      @{code Mul} (num_of_term ps a, tm_of_term fs ps b)
  1.4418    | tm_of_term fs ps t = (@{code CP} (num_of_term ps t)
  1.4419        handle TERM _ => mk_Bound (the_index fs t)
  1.4420 -           | General.Subscript => mk_Bound (the_index fs t));
  1.4421 +        | General.Subscript => mk_Bound (the_index fs t));
  1.4422  
  1.4423  fun fm_of_term fs ps @{term True} = @{code T}
  1.4424    | fm_of_term fs ps @{term False} = @{code F}
  1.4425 -  | fm_of_term fs ps (Const (@{const_name Not}, _) $ p) = @{code NOT} (fm_of_term fs ps p)
  1.4426 -  | fm_of_term fs ps (Const (@{const_name HOL.conj}, _) $ p $ q) = @{code And} (fm_of_term fs ps p, fm_of_term fs ps q)
  1.4427 -  | fm_of_term fs ps (Const (@{const_name HOL.disj}, _) $ p $ q) = @{code Or} (fm_of_term fs ps p, fm_of_term fs ps q)
  1.4428 -  | fm_of_term fs ps (Const (@{const_name HOL.implies}, _) $ p $ q) = @{code Imp} (fm_of_term fs ps p, fm_of_term fs ps q)
  1.4429 -  | fm_of_term fs ps (@{term HOL.iff} $ p $ q) = @{code Iff} (fm_of_term fs ps p, fm_of_term fs ps q)
  1.4430 +  | fm_of_term fs ps (Const (@{const_name Not}, _) $ p) =
  1.4431 +      @{code NOT} (fm_of_term fs ps p)
  1.4432 +  | fm_of_term fs ps (Const (@{const_name HOL.conj}, _) $ p $ q) =
  1.4433 +      @{code And} (fm_of_term fs ps p, fm_of_term fs ps q)
  1.4434 +  | fm_of_term fs ps (Const (@{const_name HOL.disj}, _) $ p $ q) =
  1.4435 +      @{code Or} (fm_of_term fs ps p, fm_of_term fs ps q)
  1.4436 +  | fm_of_term fs ps (Const (@{const_name HOL.implies}, _) $ p $ q) =
  1.4437 +      @{code Imp} (fm_of_term fs ps p, fm_of_term fs ps q)
  1.4438 +  | fm_of_term fs ps (@{term HOL.iff} $ p $ q) =
  1.4439 +      @{code Iff} (fm_of_term fs ps p, fm_of_term fs ps q)
  1.4440    | fm_of_term fs ps (Const (@{const_name HOL.eq}, T) $ p $ q) =
  1.4441        @{code Eq} (@{code Sub} (tm_of_term fs ps p, tm_of_term fs ps q))
  1.4442    | fm_of_term fs ps (Const (@{const_name Orderings.less}, _) $ p $ q) =
  1.4443 @@ -3009,38 +4086,62 @@
  1.4444        in
  1.4445          (if d = 1 then HOLogic.mk_number T c
  1.4446          else if d = 0 then Const (@{const_name Groups.zero}, T)
  1.4447 -        else Const (@{const_name Fields.divide}, binopT T) $ HOLogic.mk_number T c $ HOLogic.mk_number T d)
  1.4448 +        else
  1.4449 +          Const (@{const_name Fields.divide}, binopT T) $
  1.4450 +            HOLogic.mk_number T c $ HOLogic.mk_number T d)
  1.4451        end
  1.4452    | term_of_num T ps (@{code poly.Bound} i) = nth ps (@{code integer_of_nat} i)
  1.4453 -  | term_of_num T ps (@{code poly.Add} (a, b)) = Const (@{const_name Groups.plus}, binopT T) $ term_of_num T ps a $ term_of_num T ps b
  1.4454 -  | term_of_num T ps (@{code poly.Mul} (a, b)) = Const (@{const_name Groups.times}, binopT T) $ term_of_num T ps a $ term_of_num T ps b
  1.4455 -  | term_of_num T ps (@{code poly.Sub} (a, b)) = Const (@{const_name Groups.minus}, binopT T) $ term_of_num T ps a $ term_of_num T ps b
  1.4456 -  | term_of_num T ps (@{code poly.Neg} a) = Const (@{const_name Groups.uminus}, T --> T) $ term_of_num T ps a
  1.4457 -  | term_of_num T ps (@{code poly.Pw} (a, n)) = Const (@{const_name Power.power},
  1.4458 -      T --> @{typ nat} --> T) $ term_of_num T ps a $ HOLogic.mk_number HOLogic.natT (@{code integer_of_nat} n)
  1.4459 +  | term_of_num T ps (@{code poly.Add} (a, b)) =
  1.4460 +      Const (@{const_name Groups.plus}, binopT T) $ term_of_num T ps a $ term_of_num T ps b
  1.4461 +  | term_of_num T ps (@{code poly.Mul} (a, b)) =
  1.4462 +      Const (@{const_name Groups.times}, binopT T) $ term_of_num T ps a $ term_of_num T ps b
  1.4463 +  | term_of_num T ps (@{code poly.Sub} (a, b)) =
  1.4464 +      Const (@{const_name Groups.minus}, binopT T) $ term_of_num T ps a $ term_of_num T ps b
  1.4465 +  | term_of_num T ps (@{code poly.Neg} a) =
  1.4466 +      Const (@{const_name Groups.uminus}, T --> T) $ term_of_num T ps a
  1.4467 +  | term_of_num T ps (@{code poly.Pw} (a, n)) =
  1.4468 +      Const (@{const_name Power.power}, T --> @{typ nat} --> T) $
  1.4469 +        term_of_num T ps a $ HOLogic.mk_number HOLogic.natT (@{code integer_of_nat} n)
  1.4470    | term_of_num T ps (@{code poly.CN} (c, n, p)) =
  1.4471        term_of_num T ps (@{code poly.Add} (c, @{code poly.Mul} (@{code poly.Bound} n, p)));
  1.4472  
  1.4473  fun term_of_tm T fs ps (@{code CP} p) = term_of_num T ps p
  1.4474    | term_of_tm T fs ps (@{code Bound} i) = nth fs (@{code integer_of_nat} i)
  1.4475 -  | term_of_tm T fs ps (@{code Add} (a, b)) = Const (@{const_name Groups.plus}, binopT T) $ term_of_tm T fs ps a $ term_of_tm T fs ps b
  1.4476 -  | term_of_tm T fs ps (@{code Mul} (a, b)) = Const (@{const_name Groups.times}, binopT T) $ term_of_num T ps a $ term_of_tm T fs ps b
  1.4477 -  | term_of_tm T fs ps (@{code Sub} (a, b)) = Const (@{const_name Groups.minus}, binopT T) $ term_of_tm T fs ps a $ term_of_tm T fs ps b
  1.4478 -  | term_of_tm T fs ps (@{code Neg} a) = Const (@{const_name Groups.uminus}, T --> T) $ term_of_tm T fs ps a
  1.4479 -  | term_of_tm T fs ps (@{code CNP} (n, c, p)) = term_of_tm T fs ps
  1.4480 -     (@{code Add} (@{code Mul} (c, @{code Bound} n), p));
  1.4481 +  | term_of_tm T fs ps (@{code Add} (a, b)) =
  1.4482 +      Const (@{const_name Groups.plus}, binopT T) $ term_of_tm T fs ps a $ term_of_tm T fs ps b
  1.4483 +  | term_of_tm T fs ps (@{code Mul} (a, b)) =
  1.4484 +      Const (@{const_name Groups.times}, binopT T) $ term_of_num T ps a $ term_of_tm T fs ps b
  1.4485 +  | term_of_tm T fs ps (@{code Sub} (a, b)) =
  1.4486 +      Const (@{const_name Groups.minus}, binopT T) $ term_of_tm T fs ps a $ term_of_tm T fs ps b
  1.4487 +  | term_of_tm T fs ps (@{code Neg} a) =
  1.4488 +      Const (@{const_name Groups.uminus}, T --> T) $ term_of_tm T fs ps a
  1.4489 +  | term_of_tm T fs ps (@{code CNP} (n, c, p)) =
  1.4490 +      term_of_tm T fs ps (@{code Add} (@{code Mul} (c, @{code Bound} n), p));
  1.4491  
  1.4492  fun term_of_fm T fs ps @{code T} = @{term True}
  1.4493    | term_of_fm T fs ps @{code F} = @{term False}
  1.4494    | term_of_fm T fs ps (@{code NOT} p) = @{term Not} $ term_of_fm T fs ps p
  1.4495 -  | term_of_fm T fs ps (@{code And} (p, q)) = @{term HOL.conj} $ term_of_fm T fs ps p $ term_of_fm T fs ps q
  1.4496 -  | term_of_fm T fs ps (@{code Or} (p, q)) = @{term HOL.disj} $ term_of_fm T fs ps p $ term_of_fm T fs ps q
  1.4497 -  | term_of_fm T fs ps (@{code Imp} (p, q)) = @{term HOL.implies} $ term_of_fm T fs ps p $ term_of_fm T fs ps q
  1.4498 -  | term_of_fm T fs ps (@{code Iff} (p, q)) = @{term HOL.iff} $ term_of_fm T fs ps p $ term_of_fm T fs ps q
  1.4499 -  | term_of_fm T fs ps (@{code Lt} p) = Const (@{const_name Orderings.less}, relT T) $ term_of_tm T fs ps p $ Const (@{const_name Groups.zero}, T)
  1.4500 -  | term_of_fm T fs ps (@{code Le} p) = Const (@{const_name Orderings.less_eq}, relT T) $ term_of_tm T fs ps p $ Const (@{const_name Groups.zero}, T)
  1.4501 -  | term_of_fm T fs ps (@{code Eq} p) = Const (@{const_name HOL.eq}, relT T) $ term_of_tm T fs ps p $ Const (@{const_name Groups.zero}, T)
  1.4502 -  | term_of_fm T fs ps (@{code NEq} p) = @{term Not} $ (Const (@{const_name HOL.eq}, relT T) $ term_of_tm T fs ps p $ Const (@{const_name Groups.zero}, T))
  1.4503 +  | term_of_fm T fs ps (@{code And} (p, q)) =
  1.4504 +      @{term HOL.conj} $ term_of_fm T fs ps p $ term_of_fm T fs ps q
  1.4505 +  | term_of_fm T fs ps (@{code Or} (p, q)) =
  1.4506 +      @{term HOL.disj} $ term_of_fm T fs ps p $ term_of_fm T fs ps q
  1.4507 +  | term_of_fm T fs ps (@{code Imp} (p, q)) =
  1.4508 +      @{term HOL.implies} $ term_of_fm T fs ps p $ term_of_fm T fs ps q
  1.4509 +  | term_of_fm T fs ps (@{code Iff} (p, q)) =
  1.4510 +      @{term HOL.iff} $ term_of_fm T fs ps p $ term_of_fm T fs ps q
  1.4511 +  | term_of_fm T fs ps (@{code Lt} p) =
  1.4512 +      Const (@{const_name Orderings.less}, relT T) $
  1.4513 +        term_of_tm T fs ps p $ Const (@{const_name Groups.zero}, T)
  1.4514 +  | term_of_fm T fs ps (@{code Le} p) =
  1.4515 +      Const (@{const_name Orderings.less_eq}, relT T) $
  1.4516 +        term_of_tm T fs ps p $ Const (@{const_name Groups.zero}, T)
  1.4517 +  | term_of_fm T fs ps (@{code Eq} p) =
  1.4518 +      Const (@{const_name HOL.eq}, relT T) $
  1.4519 +        term_of_tm T fs ps p $ Const (@{const_name Groups.zero}, T)
  1.4520 +  | term_of_fm T fs ps (@{code NEq} p) =
  1.4521 +      @{term Not} $
  1.4522 +        (Const (@{const_name HOL.eq}, relT T) $
  1.4523 +          term_of_tm T fs ps p $ Const (@{const_name Groups.zero}, T))
  1.4524    | term_of_fm T fs ps _ = error "term_of_fm: quantifiers";
  1.4525  
  1.4526  fun frpar_procedure alternative T ps fm =
  1.4527 @@ -3049,9 +4150,7 @@
  1.4528      val fs = subtract (op aconv) (map Free (Term.add_frees fm [])) ps;
  1.4529      val eval = term_of_fm T fs ps o frpar o fm_of_term fs ps;
  1.4530      val t = HOLogic.dest_Trueprop fm;
  1.4531 -  in
  1.4532 -    (HOLogic.mk_Trueprop o HOLogic.mk_eq) (t, eval t)
  1.4533 -  end;
  1.4534 +  in HOLogic.mk_Trueprop (HOLogic.mk_eq (t, eval t)) end;
  1.4535  
  1.4536  in
  1.4537  
  1.4538 @@ -3070,21 +4169,21 @@
  1.4539    Object_Logic.full_atomize_tac ctxt
  1.4540    THEN' CSUBGOAL (fn (g, i) =>
  1.4541      let
  1.4542 -      val th = frpar_oracle (ctxt, alternative, T, ps, g)
  1.4543 +      val th = frpar_oracle (ctxt, alternative, T, ps, g);
  1.4544      in rtac (th RS iffD2) i end);
  1.4545  
  1.4546  fun method alternative =
  1.4547    let
  1.4548 -    fun keyword k = Scan.lift (Args.$$$ k -- Args.colon) >> K ()
  1.4549 -    val parsN = "pars"
  1.4550 -    val typN = "type"
  1.4551 -    val any_keyword = keyword parsN || keyword typN
  1.4552 -    val terms = Scan.repeat (Scan.unless any_keyword Args.term)
  1.4553 -    val typ = Scan.unless any_keyword Args.typ
  1.4554 +    fun keyword k = Scan.lift (Args.$$$ k -- Args.colon) >> K ();
  1.4555 +    val parsN = "pars";
  1.4556 +    val typN = "type";
  1.4557 +    val any_keyword = keyword parsN || keyword typN;
  1.4558 +    val terms = Scan.repeat (Scan.unless any_keyword Args.term);
  1.4559 +    val typ = Scan.unless any_keyword Args.typ;
  1.4560    in
  1.4561      (keyword typN |-- typ) -- (keyword parsN |-- terms) >>
  1.4562        (fn (T, ps) => fn ctxt => SIMPLE_METHOD' (tactic ctxt alternative T ps))
  1.4563 -  end
  1.4564 +  end;
  1.4565  
  1.4566  end;
  1.4567  *}
  1.4568 @@ -3097,19 +4196,19 @@
  1.4569    Parametric_Ferrante_Rackoff.method true
  1.4570  *} "parametric QE for linear Arithmetic over fields, Version 2"
  1.4571  
  1.4572 -lemma "\<exists>(x::'a::{linordered_field_inverse_zero}). y \<noteq> -1 \<longrightarrow> (y + 1)*x < 0"
  1.4573 -  apply (frpar type: "'a::{linordered_field_inverse_zero}" pars: "y::'a::{linordered_field_inverse_zero}")
  1.4574 +lemma "\<exists>(x::'a::{linordered_field_inverse_zero}). y \<noteq> -1 \<longrightarrow> (y + 1) * x < 0"
  1.4575 +  apply (frpar type: 'a pars: y)
  1.4576    apply (simp add: field_simps)
  1.4577    apply (rule spec[where x=y])
  1.4578 -  apply (frpar type: "'a::{linordered_field_inverse_zero}" pars: "z::'a::{linordered_field_inverse_zero}")
  1.4579 +  apply (frpar type: 'a pars: "z::'a")
  1.4580    apply simp
  1.4581    done
  1.4582  
  1.4583  lemma "\<exists>(x::'a::{linordered_field_inverse_zero}). y \<noteq> -1 \<longrightarrow> (y + 1)*x < 0"
  1.4584 -  apply (frpar2 type: "'a::{linordered_field_inverse_zero}" pars: "y::'a::{linordered_field_inverse_zero}")
  1.4585 +  apply (frpar2 type: 'a pars: y)
  1.4586    apply (simp add: field_simps)
  1.4587    apply (rule spec[where x=y])
  1.4588 -  apply (frpar2 type: "'a::{linordered_field_inverse_zero}" pars: "z::'a::{linordered_field_inverse_zero}")
  1.4589 +  apply (frpar2 type: 'a pars: "z::'a")
  1.4590    apply simp
  1.4591    done
  1.4592  
     2.1 --- a/src/HOL/Tools/Datatype/datatype_data.ML	Wed Feb 26 16:48:15 2014 +0100
     2.2 +++ b/src/HOL/Tools/Datatype/datatype_data.ML	Wed Feb 26 17:14:23 2014 +0100
     2.3 @@ -247,7 +247,7 @@
     2.4                map pretty_typ_bracket tys));
     2.5          val pretty_datatype =
     2.6            Pretty.block
     2.7 -           (Pretty.command "datatype" :: Pretty.brk 1 ::
     2.8 +           (Pretty.keyword1 "datatype" :: Pretty.brk 1 ::
     2.9              Syntax.pretty_typ ctxt ty ::
    2.10              Pretty.str " =" :: Pretty.brk 1 ::
    2.11              flat (separate [Pretty.brk 1, Pretty.str "| "] (map (single o pretty_constr) cos)));
     3.1 --- a/src/HOL/Tools/try0.ML	Wed Feb 26 16:48:15 2014 +0100
     3.2 +++ b/src/HOL/Tools/try0.ML	Wed Feb 26 17:14:23 2014 +0100
     3.3 @@ -60,7 +60,7 @@
     3.4    #> Method.check_source ctxt
     3.5    #> Method.the_method ctxt
     3.6    #> Method.Basic
     3.7 -  #> curry Method.Select_Goals 1
     3.8 +  #> (fn m => Method.Select_Goals (Method.no_combinator_info, 1, m))
     3.9    #> Proof.refine;
    3.10  
    3.11  fun add_attr_text (NONE, _) s = s
     4.1 --- a/src/Pure/General/pretty.ML	Wed Feb 26 16:48:15 2014 +0100
     4.2 +++ b/src/Pure/General/pretty.ML	Wed Feb 26 17:14:23 2014 +0100
     4.3 @@ -40,8 +40,9 @@
     4.4    val marks_str: Markup.T list * string -> T
     4.5    val item: T list -> T
     4.6    val text_fold: T list -> T
     4.7 -  val command: string -> T
     4.8 -  val keyword: string -> T
     4.9 +  val keyword1: string -> T
    4.10 +  val keyword2: string -> T
    4.11 +  val keyword3: string -> T
    4.12    val text: string -> T list
    4.13    val paragraph: T list -> T
    4.14    val para: string -> T
    4.15 @@ -163,8 +164,9 @@
    4.16  val item = markup Markup.item;
    4.17  val text_fold = markup Markup.text_fold;
    4.18  
    4.19 -fun command name = mark_str (Markup.keyword1, name);
    4.20 -fun keyword name = mark_str (Markup.keyword2, name);
    4.21 +fun keyword1 name = mark_str (Markup.keyword1, name);
    4.22 +fun keyword2 name = mark_str (Markup.keyword2, name);
    4.23 +fun keyword3 name = mark_str (Markup.keyword3, name);
    4.24  
    4.25  val text = breaks o map str o Symbol.explode_words;
    4.26  val paragraph = markup Markup.paragraph;
     5.1 --- a/src/Pure/Isar/bundle.ML	Wed Feb 26 16:48:15 2014 +0100
     5.2 +++ b/src/Pure/Isar/bundle.ML	Wed Feb 26 17:14:23 2014 +0100
     5.3 @@ -133,7 +133,7 @@
     5.4            (Pretty.breaks (map prt_thm ths)) :: Attrib.pretty_attribs ctxt atts;
     5.5  
     5.6      fun prt_bundle (name, bundle) =
     5.7 -      Pretty.block (Pretty.command "bundle" :: Pretty.str " " :: Pretty.mark_str name ::
     5.8 +      Pretty.block (Pretty.keyword1 "bundle" :: Pretty.str " " :: Pretty.mark_str name ::
     5.9          Pretty.breaks (Pretty.str " =" :: maps prt_fact bundle));
    5.10    in
    5.11      map prt_bundle (Name_Space.extern_table ctxt (get_bundles ctxt))
     6.1 --- a/src/Pure/Isar/class.ML	Wed Feb 26 16:48:15 2014 +0100
     6.2 +++ b/src/Pure/Isar/class.ML	Wed Feb 26 17:14:23 2014 +0100
     6.3 @@ -187,7 +187,7 @@
     6.4  
     6.5      fun prt_entry class =
     6.6        Pretty.block
     6.7 -        ([Pretty.command "class", Pretty.brk 1,
     6.8 +        ([Pretty.keyword1 "class", Pretty.brk 1,
     6.9            Name_Space.pretty ctxt class_space class, Pretty.str ":", Pretty.fbrk,
    6.10            Pretty.block [Pretty.str "supersort: ", prt_supersort class]] @
    6.11            (case try (Axclass.get_info thy) class of
    6.12 @@ -530,7 +530,7 @@
    6.13        Pretty.block (Pretty.breaks
    6.14          [Pretty.str v, Pretty.str "==", Proof_Context.pretty_const lthy c,
    6.15            Pretty.str "::", Syntax.pretty_typ lthy ty]);
    6.16 -  in Pretty.command "instantiation" :: map pr_arity tycos @ map pr_param params end;
    6.17 +  in Pretty.keyword1 "instantiation" :: map pr_arity tycos @ map pr_param params end;
    6.18  
    6.19  fun conclude lthy =
    6.20    let
     7.1 --- a/src/Pure/Isar/element.ML	Wed Feb 26 16:48:15 2014 +0100
     7.2 +++ b/src/Pure/Isar/element.ML	Wed Feb 26 17:14:23 2014 +0100
     7.3 @@ -113,8 +113,8 @@
     7.4  
     7.5  fun pretty_items _ _ [] = []
     7.6    | pretty_items keyword sep (x :: ys) =
     7.7 -      Pretty.block [Pretty.keyword keyword, Pretty.brk 1, x] ::
     7.8 -        map (fn y => Pretty.block [Pretty.str "  ", Pretty.keyword sep, Pretty.brk 1, y]) ys;
     7.9 +      Pretty.block [Pretty.keyword2 keyword, Pretty.brk 1, x] ::
    7.10 +        map (fn y => Pretty.block [Pretty.str "  ", Pretty.keyword2 sep, Pretty.brk 1, y]) ys;
    7.11  
    7.12  fun pretty_name_atts ctxt (b, atts) sep =
    7.13    if Attrib.is_empty_binding (b, atts) then []
    7.14 @@ -129,7 +129,7 @@
    7.15    let
    7.16      val prt_typ = Pretty.quote o Syntax.pretty_typ ctxt;
    7.17      val prt_term = Pretty.quote o Syntax.pretty_term ctxt;
    7.18 -    val prt_terms = separate (Pretty.keyword "and") o map prt_term;
    7.19 +    val prt_terms = separate (Pretty.keyword2 "and") o map prt_term;
    7.20      val prt_name_atts = pretty_name_atts ctxt;
    7.21  
    7.22      fun prt_show (a, ts) =
    7.23 @@ -138,11 +138,11 @@
    7.24      fun prt_var (x, SOME T) = Pretty.block
    7.25            [Pretty.str (Binding.name_of x ^ " ::"), Pretty.brk 1, prt_typ T]
    7.26        | prt_var (x, NONE) = Pretty.str (Binding.name_of x);
    7.27 -    val prt_vars = separate (Pretty.keyword "and") o map prt_var;
    7.28 +    val prt_vars = separate (Pretty.keyword2 "and") o map prt_var;
    7.29  
    7.30      fun prt_obtain (_, ([], ts)) = Pretty.block (Pretty.breaks (prt_terms ts))
    7.31        | prt_obtain (_, (xs, ts)) = Pretty.block (Pretty.breaks
    7.32 -          (prt_vars xs @ [Pretty.keyword "where"] @ prt_terms ts));
    7.33 +          (prt_vars xs @ [Pretty.keyword2 "where"] @ prt_terms ts));
    7.34    in
    7.35      fn Shows shows => pretty_items "shows" "and" (map prt_show shows)
    7.36       | Obtains obtains => pretty_items "obtains" "|" (map prt_obtain obtains)
    7.37 @@ -204,9 +204,9 @@
    7.38  fun thm_name kind th prts =
    7.39    let val head =
    7.40      if Thm.has_name_hint th then
    7.41 -      Pretty.block [Pretty.command kind,
    7.42 +      Pretty.block [Pretty.keyword1 kind,
    7.43          Pretty.brk 1, Pretty.str (Long_Name.base_name (Thm.get_name_hint th) ^ ":")]
    7.44 -    else Pretty.command kind
    7.45 +    else Pretty.keyword1 kind
    7.46    in Pretty.block (Pretty.fbreaks (head :: prts)) end;
    7.47  
    7.48  fun obtain prop ctxt =
     8.1 --- a/src/Pure/Isar/isar_syn.ML	Wed Feb 26 16:48:15 2014 +0100
     8.2 +++ b/src/Pure/Isar/isar_syn.ML	Wed Feb 26 17:14:23 2014 +0100
     8.3 @@ -620,11 +620,11 @@
     8.4  
     8.5  val _ =
     8.6    Outer_Syntax.command @{command_spec "qed"} "conclude proof"
     8.7 -    (Scan.option Method.parse >> Isar_Cmd.qed);
     8.8 +    (Scan.option Method.parse_report >> Isar_Cmd.qed);
     8.9  
    8.10  val _ =
    8.11    Outer_Syntax.command @{command_spec "by"} "terminal backward proof"
    8.12 -    (Method.parse -- Scan.option Method.parse >> Isar_Cmd.terminal_proof);
    8.13 +    (Method.parse_report -- Scan.option Method.parse_report >> Isar_Cmd.terminal_proof);
    8.14  
    8.15  val _ =
    8.16    Outer_Syntax.command @{command_spec ".."} "default proof"
    8.17 @@ -659,15 +659,15 @@
    8.18  
    8.19  val _ =
    8.20    Outer_Syntax.command @{command_spec "apply"} "initial refinement step (unstructured)"
    8.21 -    (Method.parse >> (Toplevel.print oo (Toplevel.proofs o Proof.apply_results)));
    8.22 +    (Method.parse_report >> (Toplevel.print oo (Toplevel.proofs o Proof.apply_results)));
    8.23  
    8.24  val _ =
    8.25    Outer_Syntax.command @{command_spec "apply_end"} "terminal refinement step (unstructured)"
    8.26 -    (Method.parse >> (Toplevel.print oo (Toplevel.proofs o Proof.apply_end_results)));
    8.27 +    (Method.parse_report >> (Toplevel.print oo (Toplevel.proofs o Proof.apply_end_results)));
    8.28  
    8.29  val _ =
    8.30    Outer_Syntax.command @{command_spec "proof"} "backward proof step"
    8.31 -    (Scan.option Method.parse >> (fn m => Toplevel.print o
    8.32 +    (Scan.option Method.parse_report >> (fn m => Toplevel.print o
    8.33        Toplevel.actual_proof (Proof_Node.applys (Proof.proof_results m)) o
    8.34        Toplevel.skip_proof (fn i => i + 1)));
    8.35  
     9.1 --- a/src/Pure/Isar/locale.ML	Wed Feb 26 16:48:15 2014 +0100
     9.2 +++ b/src/Pure/Isar/locale.ML	Wed Feb 26 17:14:23 2014 +0100
     9.3 @@ -647,7 +647,7 @@
     9.4        |> snd |> rev;
     9.5    in
     9.6      Pretty.block
     9.7 -      (Pretty.command "locale" :: Pretty.brk 1 :: pretty_name locale_ctxt name ::
     9.8 +      (Pretty.keyword1 "locale" :: Pretty.brk 1 :: pretty_name locale_ctxt name ::
     9.9          maps (fn elem => [Pretty.fbrk, Pretty.chunks (Element.pretty_ctxt locale_ctxt elem)]) elems)
    9.10    end;
    9.11  
    10.1 --- a/src/Pure/Isar/method.ML	Wed Feb 26 16:48:15 2014 +0100
    10.2 +++ b/src/Pure/Isar/method.ML	Wed Feb 26 17:14:23 2014 +0100
    10.3 @@ -45,14 +45,16 @@
    10.4    val tactic: string * Position.T -> Proof.context -> method
    10.5    val raw_tactic: string * Position.T -> Proof.context -> method
    10.6    type src = Args.src
    10.7 +  type combinator_info
    10.8 +  val no_combinator_info: combinator_info
    10.9    datatype text =
   10.10      Source of src |
   10.11      Basic of Proof.context -> method |
   10.12 -    Then of text list |
   10.13 -    Orelse of text list |
   10.14 -    Try of text |
   10.15 -    Repeat1 of text |
   10.16 -    Select_Goals of int * text
   10.17 +    Then of combinator_info * text list |
   10.18 +    Orelse of combinator_info * text list |
   10.19 +    Try of combinator_info * text |
   10.20 +    Repeat1 of combinator_info * text |
   10.21 +    Select_Goals of combinator_info * int * text
   10.22    val primitive_text: (Proof.context -> thm -> thm) -> text
   10.23    val succeed_text: text
   10.24    val default_text: text
   10.25 @@ -72,9 +74,11 @@
   10.26    val section: modifier parser list -> thm list context_parser
   10.27    val sections: modifier parser list -> thm list list context_parser
   10.28    type text_range = text * Position.range
   10.29 -  val parse: text_range parser
   10.30    val text: text_range option -> text option
   10.31    val position: text_range option -> Position.T
   10.32 +  val parse: text_range parser
   10.33 +  val parse_report: text_range parser
   10.34 +  val parse_context_report: text_range context_parser
   10.35  end;
   10.36  
   10.37  structure Method: METHOD =
   10.38 @@ -281,14 +285,31 @@
   10.39  
   10.40  type src = Args.src;
   10.41  
   10.42 +datatype combinator_info = Combinator_Info of {keywords: Position.T list};
   10.43 +fun combinator_info keywords = Combinator_Info {keywords = keywords};
   10.44 +val no_combinator_info = combinator_info [];
   10.45 +
   10.46  datatype text =
   10.47    Source of src |
   10.48    Basic of Proof.context -> method |
   10.49 -  Then of text list |
   10.50 -  Orelse of text list |
   10.51 -  Try of text |
   10.52 -  Repeat1 of text |
   10.53 -  Select_Goals of int * text;
   10.54 +  Then of combinator_info * text list |
   10.55 +  Orelse of combinator_info * text list |
   10.56 +  Try of combinator_info * text |
   10.57 +  Repeat1 of combinator_info * text |
   10.58 +  Select_Goals of combinator_info * int * text;
   10.59 +
   10.60 +fun keyword_positions (Source _) = []
   10.61 +  | keyword_positions (Basic _) = []
   10.62 +  | keyword_positions (Then (Combinator_Info {keywords}, texts)) =
   10.63 +      keywords @ maps keyword_positions texts
   10.64 +  | keyword_positions (Orelse (Combinator_Info {keywords}, texts)) =
   10.65 +      keywords @ maps keyword_positions texts
   10.66 +  | keyword_positions (Try (Combinator_Info {keywords}, text)) =
   10.67 +      keywords @ keyword_positions text
   10.68 +  | keyword_positions (Repeat1 (Combinator_Info {keywords}, text)) =
   10.69 +      keywords @ keyword_positions text
   10.70 +  | keyword_positions (Select_Goals (Combinator_Info {keywords}, _, text)) =
   10.71 +      keywords @ keyword_positions text;
   10.72  
   10.73  fun primitive_text r = Basic (SIMPLE_METHOD o PRIMITIVE o r);
   10.74  val succeed_text = Basic (K succeed);
   10.75 @@ -298,7 +319,7 @@
   10.76  fun sorry_text int = Basic (fn ctxt => cheating ctxt int);
   10.77  
   10.78  fun finish_text (NONE, immed) = Basic (finish immed)
   10.79 -  | finish_text (SOME txt, immed) = Then [txt, Basic (finish immed)];
   10.80 +  | finish_text (SOME txt, immed) = Then (no_combinator_info, [txt, Basic (finish immed)]);
   10.81  
   10.82  
   10.83  (* method definitions *)
   10.84 @@ -396,6 +417,20 @@
   10.85    (fn (n, ths) => fn ctxt => meth ctxt n ths);
   10.86  
   10.87  
   10.88 +(* text range *)
   10.89 +
   10.90 +type text_range = text * Position.range;
   10.91 +
   10.92 +fun reports (text, (pos, _)) =
   10.93 +  (pos, Markup.language_method) :: map (rpair Markup.keyword3) (keyword_positions text);
   10.94 +
   10.95 +fun text NONE = NONE
   10.96 +  | text (SOME (txt, _)) = SOME txt;
   10.97 +
   10.98 +fun position NONE = Position.none
   10.99 +  | position (SOME (_, (pos, _))) = pos;
  10.100 +
  10.101 +
  10.102  (* outer parser *)
  10.103  
  10.104  fun is_symid_meth s =
  10.105 @@ -409,34 +444,37 @@
  10.106      Source (Args.src (("cartouche", [tok]), Token.pos_of tok))) ||
  10.107    Parse.$$$ "(" |-- Parse.!!! (meth0 --| Parse.$$$ ")")) x
  10.108  and meth3 x =
  10.109 - (meth4 --| Parse.$$$ "?" >> Try ||
  10.110 -  meth4 --| Parse.$$$ "+" >> Repeat1 ||
  10.111 -  meth4 -- (Parse.$$$ "[" |-- Scan.optional Parse.nat 1 --| Parse.$$$ "]")
  10.112 -    >> (Select_Goals o swap) ||
  10.113 + (meth4 -- Parse.position (Parse.$$$ "?")
  10.114 +    >> (fn (m, (_, pos)) => Try (combinator_info [pos], m)) ||
  10.115 +  meth4 -- Parse.position (Parse.$$$ "+")
  10.116 +    >> (fn (m, (_, pos)) => Repeat1 (combinator_info [pos], m)) ||
  10.117 +  meth4 --
  10.118 +    (Parse.position (Parse.$$$ "[") -- Scan.optional Parse.nat 1 -- Parse.position (Parse.$$$ "]"))
  10.119 +    >> (fn (m, (((_, pos1), n), (_, pos2))) =>
  10.120 +        Select_Goals (combinator_info [pos1, pos2], n, m)) ||
  10.121    meth4) x
  10.122  and meth2 x =
  10.123   (Parse.position (Parse.xname -- Args.parse1 is_symid_meth) >> (Source o Args.src) ||
  10.124    meth3) x
  10.125 -and meth1 x = (Parse.enum1 "," meth2 >> (fn [m] => m | ms => Then ms)) x
  10.126 -and meth0 x = (Parse.enum1 "|" meth1 >> (fn [m] => m | ms => Orelse ms)) x;
  10.127 +and meth1 x =
  10.128 +  (Parse.enum1_positions "," meth2
  10.129 +    >> (fn ([m], _) => m | (ms, ps) => Then (combinator_info ps, ms))) x
  10.130 +and meth0 x =
  10.131 +  (Parse.enum1_positions "|" meth1
  10.132 +    >> (fn ([m], _) => m | (ms, ps) => Orelse (combinator_info ps, ms))) x;
  10.133  
  10.134  in
  10.135  
  10.136  val parse =
  10.137    Scan.trace meth3 >> (fn (m, toks) => (m, Token.range_of toks));
  10.138  
  10.139 -end;
  10.140 -
  10.141 -
  10.142 -(* text position *)
  10.143 +(*parse with observable effect!*)
  10.144 +val parse_report = parse >> (tap (Position.reports o reports));
  10.145 +val parse_context_report =
  10.146 +  Args.context -- Scan.lift parse >>
  10.147 +    (fn (ctxt, text_range) => (Context_Position.reports ctxt (reports text_range); text_range));
  10.148  
  10.149 -type text_range = text * Position.range;
  10.150 -
  10.151 -fun text NONE = NONE
  10.152 -  | text (SOME (txt, _)) = SOME txt;
  10.153 -
  10.154 -fun position NONE = Position.none
  10.155 -  | position (SOME (_, (pos, _))) = pos;
  10.156 +end;
  10.157  
  10.158  
  10.159  (* theory setup *)
    11.1 --- a/src/Pure/Isar/named_target.ML	Wed Feb 26 16:48:15 2014 +0100
    11.2 +++ b/src/Pure/Isar/named_target.ML	Wed Feb 26 17:14:23 2014 +0100
    11.3 @@ -139,7 +139,7 @@
    11.4  fun pretty (Target {target, is_locale, is_class, ...}) ctxt =
    11.5    let
    11.6      val target_name =
    11.7 -      [Pretty.command (if is_class then "class" else "locale"), Pretty.brk 1,
    11.8 +      [Pretty.keyword1 (if is_class then "class" else "locale"), Pretty.brk 1,
    11.9          Locale.pretty_name ctxt target];
   11.10      val fixes =
   11.11        map (fn (x, T) => (Binding.name x, SOME T, NoSyn))
   11.12 @@ -156,7 +156,7 @@
   11.13        else [Pretty.block (Pretty.fbreaks (Pretty.block (target_name @ [Pretty.str " ="]) ::
   11.14          map (Pretty.chunks o Element.pretty_ctxt ctxt) elems))];
   11.15    in
   11.16 -    Pretty.block [Pretty.command "theory", Pretty.brk 1,
   11.17 +    Pretty.block [Pretty.keyword1 "theory", Pretty.brk 1,
   11.18        Pretty.str (Context.theory_name (Proof_Context.theory_of ctxt))] :: body_elems
   11.19    end;
   11.20  
    12.1 --- a/src/Pure/Isar/overloading.ML	Wed Feb 26 16:48:15 2014 +0100
    12.2 +++ b/src/Pure/Isar/overloading.ML	Wed Feb 26 17:14:23 2014 +0100
    12.3 @@ -173,7 +173,7 @@
    12.4        Pretty.block (Pretty.breaks
    12.5          [Pretty.str v, Pretty.str "==", Proof_Context.pretty_const lthy c,
    12.6            Pretty.str "::", Syntax.pretty_typ lthy ty]);
    12.7 -  in Pretty.command "overloading" :: map pr_operation overloading end;
    12.8 +  in Pretty.keyword1 "overloading" :: map pr_operation overloading end;
    12.9  
   12.10  fun conclude lthy =
   12.11    let
    13.1 --- a/src/Pure/Isar/parse.ML	Wed Feb 26 16:48:15 2014 +0100
    13.2 +++ b/src/Pure/Isar/parse.ML	Wed Feb 26 17:14:23 2014 +0100
    13.3 @@ -52,6 +52,8 @@
    13.4    val nat: int parser
    13.5    val int: int parser
    13.6    val real: real parser
    13.7 +  val enum_positions: string -> 'a parser -> ('a list * Position.T list) parser
    13.8 +  val enum1_positions: string -> 'a parser -> ('a list * Position.T list) parser
    13.9    val enum: string -> 'a parser -> 'a list parser
   13.10    val enum1: string -> 'a parser -> 'a list parser
   13.11    val and_list: 'a parser -> 'a list parser
   13.12 @@ -230,6 +232,12 @@
   13.13  
   13.14  (* enumerations *)
   13.15  
   13.16 +fun enum1_positions sep scan =
   13.17 +  scan -- Scan.repeat (position ($$$ sep) -- !!! scan) >>
   13.18 +    (fn (x, ys) => (x :: map #2 ys, map (#2 o #1) ys));
   13.19 +fun enum_positions sep scan =
   13.20 +  enum1_positions sep scan || Scan.succeed ([], []);
   13.21 +
   13.22  fun enum1 sep scan = scan ::: Scan.repeat ($$$ sep |-- !!! scan);
   13.23  fun enum sep scan = enum1 sep scan || Scan.succeed [];
   13.24  
    14.1 --- a/src/Pure/Isar/proof.ML	Wed Feb 26 16:48:15 2014 +0100
    14.2 +++ b/src/Pure/Isar/proof.ML	Wed Feb 26 17:14:23 2014 +0100
    14.3 @@ -423,11 +423,11 @@
    14.4      fun eval (Method.Basic m) = apply_method current_context m
    14.5        | eval (Method.Source src) =
    14.6            apply_method current_context (Method.the_method ctxt (Method.check_source ctxt src))
    14.7 -      | eval (Method.Then txts) = Seq.EVERY (map eval txts)
    14.8 -      | eval (Method.Orelse txts) = Seq.FIRST (map eval txts)
    14.9 -      | eval (Method.Try txt) = Seq.TRY (eval txt)
   14.10 -      | eval (Method.Repeat1 txt) = Seq.REPEAT1 (eval txt)
   14.11 -      | eval (Method.Select_Goals (n, txt)) = select_goals n (eval txt);
   14.12 +      | eval (Method.Then (_, txts)) = Seq.EVERY (map eval txts)
   14.13 +      | eval (Method.Orelse (_, txts)) = Seq.FIRST (map eval txts)
   14.14 +      | eval (Method.Try (_, txt)) = Seq.TRY (eval txt)
   14.15 +      | eval (Method.Repeat1 (_, txt)) = Seq.REPEAT1 (eval txt)
   14.16 +      | eval (Method.Select_Goals (_, n, txt)) = select_goals n (eval txt);
   14.17    in eval text state end;
   14.18  
   14.19  in
    15.1 --- a/src/Pure/Isar/proof_display.ML	Wed Feb 26 16:48:15 2014 +0100
    15.2 +++ b/src/Pure/Isar/proof_display.ML	Wed Feb 26 17:14:23 2014 +0100
    15.3 @@ -100,7 +100,7 @@
    15.4  in
    15.5  
    15.6  fun pretty_goal_header goal =
    15.7 -  Pretty.block ([Pretty.command "goal"] @ subgoals (Thm.nprems_of goal) @ [Pretty.str ":"]);
    15.8 +  Pretty.block ([Pretty.keyword1 "goal"] @ subgoals (Thm.nprems_of goal) @ [Pretty.str ":"]);
    15.9  
   15.10  end;
   15.11  
   15.12 @@ -113,7 +113,7 @@
   15.13  fun pretty_goal_facts ctxt s ths =
   15.14    (Pretty.block o Pretty.fbreaks)
   15.15      [if s = "" then Pretty.str "this:"
   15.16 -     else Pretty.block [Pretty.command s, Pretty.brk 1, Pretty.str "this:"],
   15.17 +     else Pretty.block [Pretty.keyword1 s, Pretty.brk 1, Pretty.str "this:"],
   15.18       Proof_Context.pretty_fact ctxt ("", ths)];
   15.19  
   15.20  
   15.21 @@ -135,13 +135,13 @@
   15.22  
   15.23  local
   15.24  
   15.25 -fun pretty_fact_name (kind, "") = Pretty.command kind
   15.26 +fun pretty_fact_name (kind, "") = Pretty.keyword1 kind
   15.27    | pretty_fact_name (kind, name) =
   15.28 -      Pretty.block [Pretty.command kind, Pretty.brk 1,
   15.29 +      Pretty.block [Pretty.keyword1 kind, Pretty.brk 1,
   15.30          Pretty.str (Long_Name.base_name name), Pretty.str ":"];
   15.31  
   15.32  fun pretty_facts ctxt =
   15.33 -  flat o (separate [Pretty.fbrk, Pretty.keyword "and", Pretty.str " "]) o
   15.34 +  flat o (separate [Pretty.fbrk, Pretty.keyword2 "and", Pretty.str " "]) o
   15.35      map (single o Proof_Context.pretty_fact ctxt);
   15.36  
   15.37  in
   15.38 @@ -150,7 +150,7 @@
   15.39    if not do_print orelse kind = "" then ()
   15.40    else if name = "" then
   15.41      (Pretty.writeln o Pretty.mark markup)
   15.42 -      (Pretty.block (Pretty.command kind :: Pretty.brk 1 :: pretty_facts ctxt facts))
   15.43 +      (Pretty.block (Pretty.keyword1 kind :: Pretty.brk 1 :: pretty_facts ctxt facts))
   15.44    else
   15.45      (Pretty.writeln o Pretty.mark markup)
   15.46        (case facts of
    16.1 --- a/src/Pure/ML/ml_thms.ML	Wed Feb 26 16:48:15 2014 +0100
    16.2 +++ b/src/Pure/ML/ml_thms.ML	Wed Feb 26 17:14:23 2014 +0100
    16.3 @@ -86,24 +86,21 @@
    16.4  val and_ = Args.$$$ "and";
    16.5  val by = Args.$$$ "by";
    16.6  val goal = Scan.unless (by || and_) Args.name_inner_syntax;
    16.7 -val goals1 = Scan.repeat1 goal;
    16.8  
    16.9  val _ = Theory.setup
   16.10    (ML_Context.add_antiq @{binding lemma}
   16.11      (Scan.depend (fn context =>
   16.12 -      Args.mode "open" -- goals1 -- Scan.repeat (Parse.position and_ -- Parse.!!! goals1) --
   16.13 -      (Parse.position by -- (Method.parse -- Scan.option Method.parse)) >>
   16.14 -        (fn (((is_open, raw_props), and_propss), ((_, by_pos), methods)) =>
   16.15 +      Args.mode "open" -- Parse.enum1_positions "and" (Scan.repeat1 goal) --
   16.16 +      (Parse.position by --
   16.17 +        Scan.pass context (Method.parse_context_report -- Scan.option Method.parse_context_report))
   16.18 +     >> (fn ((is_open, (raw_propss, and_positions)), ((_, by_pos), methods)) =>
   16.19            let
   16.20              val ctxt = Context.proof_of context;
   16.21  
   16.22 -            val reports =
   16.23 -              (by_pos, Markup.keyword1) ::
   16.24 -                map (fn ((_, and_pos), _) => (and_pos, Markup.keyword2)) and_propss;
   16.25 +            val reports = (by_pos, Markup.keyword1) :: map (rpair Markup.keyword2) and_positions;
   16.26              val _ = Context_Position.reports ctxt reports;
   16.27  
   16.28 -            val propss =
   16.29 -              burrow (map (rpair []) o Syntax.read_props ctxt) (raw_props :: map #2 and_propss);
   16.30 +            val propss = burrow (map (rpair []) o Syntax.read_props ctxt) raw_propss;
   16.31              val prep_result = Goal.norm_result ctxt #> not is_open ? Thm.close_derivation;
   16.32              fun after_qed res goal_ctxt =
   16.33                Proof_Context.put_thms false (Auto_Bind.thisN,
    17.1 --- a/src/Pure/PIDE/markup.ML	Wed Feb 26 16:48:15 2014 +0100
    17.2 +++ b/src/Pure/PIDE/markup.ML	Wed Feb 26 17:14:23 2014 +0100
    17.3 @@ -23,6 +23,7 @@
    17.4    val symbolsN: string
    17.5    val languageN: string
    17.6    val language: {name: string, symbols: bool, antiquotes: bool} -> T
    17.7 +  val language_method: T
    17.8    val language_sort: T
    17.9    val language_type: T
   17.10    val language_term: T
   17.11 @@ -108,6 +109,7 @@
   17.12    val tokenN: string val token: Properties.T -> T
   17.13    val keyword1N: string val keyword1: T
   17.14    val keyword2N: string val keyword2: T
   17.15 +  val keyword3N: string val keyword3: T
   17.16    val elapsedN: string
   17.17    val cpuN: string
   17.18    val gcN: string
   17.19 @@ -257,6 +259,7 @@
   17.20    (languageN,
   17.21      [(nameN, name), (symbolsN, print_bool symbols), (antiquotesN, print_bool antiquotes)]);
   17.22  
   17.23 +val language_method = language {name = "method", symbols = true, antiquotes = false};
   17.24  val language_sort = language {name = "sort", symbols = true, antiquotes = false};
   17.25  val language_type = language {name = "type", symbols = true, antiquotes = false};
   17.26  val language_term = language {name = "term", symbols = true, antiquotes = false};
   17.27 @@ -398,6 +401,7 @@
   17.28  val (commandN, command) = markup_elem "command";
   17.29  val (keyword1N, keyword1) = markup_elem "keyword1";
   17.30  val (keyword2N, keyword2) = markup_elem "keyword2";
   17.31 +val (keyword3N, keyword3) = markup_elem "keyword3";
   17.32  val (operatorN, operator) = markup_elem "operator";
   17.33  val (stringN, string) = markup_elem "string";
   17.34  val (altstringN, altstring) = markup_elem "altstring";
    18.1 --- a/src/Pure/PIDE/markup.scala	Wed Feb 26 16:48:15 2014 +0100
    18.2 +++ b/src/Pure/PIDE/markup.scala	Wed Feb 26 17:14:23 2014 +0100
    18.3 @@ -210,9 +210,9 @@
    18.4    /* outer syntax */
    18.5  
    18.6    val COMMAND = "command"
    18.7 -
    18.8    val KEYWORD1 = "keyword1"
    18.9    val KEYWORD2 = "keyword2"
   18.10 +  val KEYWORD3 = "keyword3"
   18.11    val OPERATOR = "operator"
   18.12    val STRING = "string"
   18.13    val ALTSTRING = "altstring"
    19.1 --- a/src/Pure/Pure.thy	Wed Feb 26 16:48:15 2014 +0100
    19.2 +++ b/src/Pure/Pure.thy	Wed Feb 26 17:14:23 2014 +0100
    19.3 @@ -33,8 +33,9 @@
    19.4    and "ML" :: thy_decl % "ML"
    19.5    and "ML_prf" :: prf_decl % "proof"  (* FIXME % "ML" ?? *)
    19.6    and "ML_val" "ML_command" :: diag % "ML"
    19.7 +  and "simproc_setup" :: thy_decl % "ML" == ""
    19.8    and "setup" "local_setup" "attribute_setup" "method_setup"
    19.9 -    "declaration" "syntax_declaration" "simproc_setup"
   19.10 +    "declaration" "syntax_declaration"
   19.11      "parse_ast_translation" "parse_translation" "print_translation"
   19.12      "typed_print_translation" "print_ast_translation" "oracle" :: thy_decl % "ML"
   19.13    and "bundle" :: thy_decl
    20.1 --- a/src/Pure/Syntax/mixfix.ML	Wed Feb 26 16:48:15 2014 +0100
    20.2 +++ b/src/Pure/Syntax/mixfix.ML	Wed Feb 26 17:14:23 2014 +0100
    20.3 @@ -50,7 +50,7 @@
    20.4  local
    20.5  
    20.6  val quoted = Pretty.quote o Pretty.str;
    20.7 -val keyword = Pretty.keyword;
    20.8 +val keyword = Pretty.keyword2;
    20.9  val parens = Pretty.enclose "(" ")";
   20.10  val brackets = Pretty.enclose "[" "]";
   20.11  val int = Pretty.str o string_of_int;
    21.1 --- a/src/Pure/Thy/thy_output.ML	Wed Feb 26 16:48:15 2014 +0100
    21.2 +++ b/src/Pure/Thy/thy_output.ML	Wed Feb 26 17:14:23 2014 +0100
    21.3 @@ -616,8 +616,9 @@
    21.4  val _ = Theory.setup
    21.5    (antiquotation (Binding.name "lemma")
    21.6      (Args.prop --
    21.7 -      Scan.lift (Parse.position (Args.$$$ "by") -- (Method.parse -- Scan.option Method.parse)))
    21.8 -    (fn {source, context = ctxt, ...} => fn (prop, ((_, by_pos), methods)) =>
    21.9 +      Scan.lift (Parse.position (Args.$$$ "by")) --
   21.10 +      (Method.parse_context_report -- Scan.option Method.parse_context_report))
   21.11 +    (fn {source, context = ctxt, ...} => fn ((prop, (_, by_pos)), methods) =>
   21.12        let
   21.13          val prop_src =
   21.14            (case Args.dest_src source of ((a, arg :: _), pos) => Args.src ((a, [arg]), pos));
    22.1 --- a/src/Tools/jEdit/src/completion_popup.scala	Wed Feb 26 16:48:15 2014 +0100
    22.2 +++ b/src/Tools/jEdit/src/completion_popup.scala	Wed Feb 26 17:14:23 2014 +0100
    22.3 @@ -92,6 +92,16 @@
    22.4        }
    22.5  
    22.6  
    22.7 +    /* caret */
    22.8 +
    22.9 +    def before_caret_range(rendering: Rendering): Text.Range =
   22.10 +    {
   22.11 +      val snapshot = rendering.snapshot
   22.12 +      val former_caret = snapshot.revert(text_area.getCaretPosition)
   22.13 +      snapshot.convert(Text.Range(former_caret - 1, former_caret))
   22.14 +    }
   22.15 +
   22.16 +
   22.17      /* rendering */
   22.18  
   22.19      def rendering(rendering: Rendering, line_range: Text.Range): Option[Text.Info[Color]] =
   22.20 @@ -100,10 +110,8 @@
   22.21          case Some(range) => range.try_restrict(line_range)
   22.22          case None =>
   22.23            val buffer = text_area.getBuffer
   22.24 -          val caret = text_area.getCaretPosition
   22.25 -
   22.26 -          if (line_range.contains(caret)) {
   22.27 -            JEdit_Lib.stretch_point_range(buffer, caret).try_restrict(line_range) match {
   22.28 +          if (line_range.contains(text_area.getCaretPosition)) {
   22.29 +            before_caret_range(rendering).try_restrict(line_range) match {
   22.30                case Some(range) if !range.is_singularity =>
   22.31                  rendering.completion_names(range) match {
   22.32                    case Some(names) => Some(names.range)
   22.33 @@ -144,7 +152,7 @@
   22.34            val context =
   22.35              (opt_rendering orElse PIDE.document_view(text_area).map(_.get_rendering()) match {
   22.36                case Some(rendering) =>
   22.37 -                rendering.language_context(JEdit_Lib.stretch_point_range(buffer, caret))
   22.38 +                rendering.language_context(before_caret_range(rendering))
   22.39                case None => None
   22.40              }) getOrElse syntax.language_context
   22.41  
   22.42 @@ -182,7 +190,6 @@
   22.43        val layered = view.getLayeredPane
   22.44        val buffer = text_area.getBuffer
   22.45        val painter = text_area.getPainter
   22.46 -      val caret = text_area.getCaretPosition
   22.47  
   22.48        val history = PIDE.completion_history.value
   22.49        val decode = Isabelle_Encoding.is_active(buffer)
   22.50 @@ -224,7 +231,7 @@
   22.51            PIDE.document_view(text_area) match {
   22.52              case Some(doc_view) =>
   22.53                val rendering = doc_view.get_rendering()
   22.54 -              rendering.completion_names(JEdit_Lib.stretch_point_range(buffer, caret)) match {
   22.55 +              rendering.completion_names(before_caret_range(rendering)) match {
   22.56                  case None => None
   22.57                  case Some(names) =>
   22.58                    JEdit_Lib.try_get_text(buffer, names.range) match {
    23.1 --- a/src/Tools/jEdit/src/jedit_lib.scala	Wed Feb 26 16:48:15 2014 +0100
    23.2 +++ b/src/Tools/jEdit/src/jedit_lib.scala	Wed Feb 26 17:14:23 2014 +0100
    23.3 @@ -178,16 +178,6 @@
    23.4        catch { case _: ArrayIndexOutOfBoundsException => Text.Range(offset, offset + 1) }
    23.5      }
    23.6  
    23.7 -  def stretch_point_range(buffer: JEditBuffer, offset: Text.Offset): Text.Range =
    23.8 -  {
    23.9 -    val range = point_range(buffer, offset)
   23.10 -    val left = point_range(buffer, range.start - 1)
   23.11 -    val right = point_range(buffer, range.stop)
   23.12 -    val range1 = range.try_join(left) getOrElse range
   23.13 -    val range2 = range1.try_join(right) getOrElse range1
   23.14 -    range2
   23.15 -  }
   23.16 -
   23.17  
   23.18    /* visible text range */
   23.19  
    24.1 --- a/src/Tools/jEdit/src/rendering.scala	Wed Feb 26 16:48:15 2014 +0100
    24.2 +++ b/src/Tools/jEdit/src/rendering.scala	Wed Feb 26 17:14:23 2014 +0100
    24.3 @@ -682,6 +682,7 @@
    24.4    private lazy val text_colors: Map[String, Color] = Map(
    24.5        Markup.KEYWORD1 -> keyword1_color,
    24.6        Markup.KEYWORD2 -> keyword2_color,
    24.7 +      Markup.KEYWORD3 -> keyword3_color,
    24.8        Markup.STRING -> Color.BLACK,
    24.9        Markup.ALTSTRING -> Color.BLACK,
   24.10        Markup.VERBATIM -> Color.BLACK,
    25.1 --- a/src/Tools/jEdit/src/rich_text_area.scala	Wed Feb 26 16:48:15 2014 +0100
    25.2 +++ b/src/Tools/jEdit/src/rich_text_area.scala	Wed Feb 26 17:14:23 2014 +0100
    25.3 @@ -295,6 +295,9 @@
    25.4  
    25.5    /* text */
    25.6  
    25.7 +  private def caret_enabled: Boolean =
    25.8 +    caret_visible && (!text_area.hasFocus || text_area.isCaretVisible)
    25.9 +
   25.10    private def caret_color(rendering: Rendering): Color =
   25.11    {
   25.12      if (text_area.isCaretVisible)
   25.13 @@ -310,7 +313,7 @@
   25.14      val font_context = painter.getFontRenderContext
   25.15  
   25.16      val caret_range =
   25.17 -      if (caret_visible) JEdit_Lib.point_range(buffer, text_area.getCaretPosition)
   25.18 +      if (caret_enabled) JEdit_Lib.point_range(buffer, text_area.getCaretPosition)
   25.19        else Text.Range(-1)
   25.20  
   25.21      var w = 0.0f
   25.22 @@ -526,7 +529,7 @@
   25.23        robust_rendering { rendering =>
   25.24          if (caret_visible) {
   25.25            val caret = text_area.getCaretPosition
   25.26 -          if (start <= caret && caret == end - 1) {
   25.27 +          if (caret_enabled && start <= caret && caret == end - 1) {
   25.28              val painter = text_area.getPainter
   25.29              val fm = painter.getFontMetrics
   25.30              val metric = JEdit_Lib.pretty_metric(painter)
    26.1 --- a/src/Tools/subtyping.ML	Wed Feb 26 16:48:15 2014 +0100
    26.2 +++ b/src/Tools/subtyping.ML	Wed Feb 26 17:14:23 2014 +0100
    26.3 @@ -1070,7 +1070,7 @@
    26.4          Pretty.str "<:", Pretty.brk 1,
    26.5          Syntax.pretty_typ ctxt (Type (b, Us)), Pretty.brk 3,
    26.6          Pretty.block
    26.7 -         [Pretty.keyword "using", Pretty.brk 1,
    26.8 +         [Pretty.keyword2 "using", Pretty.brk 1,
    26.9            Pretty.quote (Syntax.pretty_term ctxt t)]]];
   26.10  
   26.11      val type_space = Proof_Context.type_space ctxt;