author | haftmann |
Mon, 04 Nov 2019 20:38:15 +0000 | |
changeset 71042 | 400e9512f1d3 |
parent 70973 | src/HOL/ex/Word_Type.thy@a7a52ba0717d |
child 71093 | b7d481cdd54d |
permissions | -rw-r--r-- |
64015 | 1 |
(* Author: Florian Haftmann, TUM |
2 |
*) |
|
3 |
||
4 |
section \<open>Proof of concept for algebraically founded bit word types\<close> |
|
5 |
||
71042
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
6 |
theory Word |
64015 | 7 |
imports |
8 |
Main |
|
66453
cc19f7ca2ed6
session-qualified theory imports: isabelle imports -U -i -d '~~/src/Benchmarks' -a;
wenzelm
parents:
64593
diff
changeset
|
9 |
"HOL-Library.Type_Length" |
64015 | 10 |
begin |
11 |
||
70925 | 12 |
subsection \<open>Preliminaries\<close> |
13 |
||
71042
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
14 |
context ab_group_add |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
15 |
begin |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
16 |
|
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
17 |
lemma minus_diff_commute: |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
18 |
"- b - a = - a - b" |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
19 |
by (simp only: diff_conv_add_uminus add.commute) |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
20 |
|
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
21 |
end |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
22 |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
23 |
lemma take_bit_uminus: |
70171 | 24 |
"take_bit n (- (take_bit n k)) = take_bit n (- k)" for k :: int |
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
25 |
by (simp add: take_bit_eq_mod mod_minus_eq) |
64015 | 26 |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
27 |
lemma take_bit_minus: |
70171 | 28 |
"take_bit n (take_bit n k - take_bit n l) = take_bit n (k - l)" for k l :: int |
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
29 |
by (simp add: take_bit_eq_mod mod_diff_eq) |
64015 | 30 |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
31 |
lemma take_bit_nonnegative [simp]: |
70171 | 32 |
"take_bit n k \<ge> 0" for k :: int |
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
33 |
by (simp add: take_bit_eq_mod) |
64015 | 34 |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
35 |
definition signed_take_bit :: "nat \<Rightarrow> int \<Rightarrow> int" |
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
36 |
where signed_take_bit_eq_take_bit: |
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
37 |
"signed_take_bit n k = take_bit (Suc n) (k + 2 ^ n) - 2 ^ n" |
64015 | 38 |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
39 |
lemma signed_take_bit_eq_take_bit': |
70171 | 40 |
"signed_take_bit (n - Suc 0) k = take_bit n (k + 2 ^ (n - 1)) - 2 ^ (n - 1)" if "n > 0" |
41 |
using that by (simp add: signed_take_bit_eq_take_bit) |
|
71042
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
42 |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
43 |
lemma signed_take_bit_0 [simp]: |
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
44 |
"signed_take_bit 0 k = - (k mod 2)" |
64015 | 45 |
proof (cases "even k") |
46 |
case True |
|
47 |
then have "odd (k + 1)" |
|
48 |
by simp |
|
49 |
then have "(k + 1) mod 2 = 1" |
|
50 |
by (simp add: even_iff_mod_2_eq_zero) |
|
51 |
with True show ?thesis |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
52 |
by (simp add: signed_take_bit_eq_take_bit) |
64015 | 53 |
next |
54 |
case False |
|
55 |
then show ?thesis |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
56 |
by (simp add: signed_take_bit_eq_take_bit odd_iff_mod_2_eq_one) |
64015 | 57 |
qed |
58 |
||
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
59 |
lemma signed_take_bit_Suc [simp]: |
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
60 |
"signed_take_bit (Suc n) k = signed_take_bit n (k div 2) * 2 + k mod 2" |
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
61 |
by (simp add: odd_iff_mod_2_eq_one signed_take_bit_eq_take_bit algebra_simps) |
64015 | 62 |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
63 |
lemma signed_take_bit_of_0 [simp]: |
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
64 |
"signed_take_bit n 0 = 0" |
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
65 |
by (simp add: signed_take_bit_eq_take_bit take_bit_eq_mod) |
64015 | 66 |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
67 |
lemma signed_take_bit_of_minus_1 [simp]: |
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
68 |
"signed_take_bit n (- 1) = - 1" |
64015 | 69 |
by (induct n) simp_all |
70 |
||
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
71 |
lemma signed_take_bit_eq_iff_take_bit_eq: |
70171 | 72 |
"signed_take_bit (n - Suc 0) k = signed_take_bit (n - Suc 0) l \<longleftrightarrow> take_bit n k = take_bit n l" (is "?P \<longleftrightarrow> ?Q") |
73 |
if "n > 0" |
|
64015 | 74 |
proof - |
70171 | 75 |
from that obtain m where m: "n = Suc m" |
64015 | 76 |
by (cases n) auto |
77 |
show ?thesis |
|
71042
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
78 |
proof |
64015 | 79 |
assume ?Q |
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
80 |
have "take_bit (Suc m) (k + 2 ^ m) = |
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
81 |
take_bit (Suc m) (take_bit (Suc m) k + take_bit (Suc m) (2 ^ m))" |
67961 | 82 |
by (simp only: take_bit_add) |
64015 | 83 |
also have "\<dots> = |
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
84 |
take_bit (Suc m) (take_bit (Suc m) l + take_bit (Suc m) (2 ^ m))" |
64015 | 85 |
by (simp only: \<open>?Q\<close> m [symmetric]) |
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
86 |
also have "\<dots> = take_bit (Suc m) (l + 2 ^ m)" |
67961 | 87 |
by (simp only: take_bit_add) |
64015 | 88 |
finally show ?P |
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
89 |
by (simp only: signed_take_bit_eq_take_bit m) simp |
64015 | 90 |
next |
91 |
assume ?P |
|
70171 | 92 |
with that have "(k + 2 ^ (n - Suc 0)) mod 2 ^ n = (l + 2 ^ (n - Suc 0)) mod 2 ^ n" |
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
93 |
by (simp add: signed_take_bit_eq_take_bit' take_bit_eq_mod) |
64015 | 94 |
then have "(i + (k + 2 ^ (n - Suc 0))) mod 2 ^ n = (i + (l + 2 ^ (n - Suc 0))) mod 2 ^ n" for i |
95 |
by (metis mod_add_eq) |
|
96 |
then have "k mod 2 ^ n = l mod 2 ^ n" |
|
97 |
by (metis add_diff_cancel_right' uminus_add_conv_diff) |
|
98 |
then show ?Q |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
99 |
by (simp add: take_bit_eq_mod) |
64015 | 100 |
qed |
71042
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
101 |
qed |
64015 | 102 |
|
103 |
||
104 |
subsection \<open>Bit strings as quotient type\<close> |
|
105 |
||
106 |
subsubsection \<open>Basic properties\<close> |
|
107 |
||
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
108 |
quotient_type (overloaded) 'a word = int / "\<lambda>k l. take_bit LENGTH('a) k = take_bit LENGTH('a::len0) l" |
64015 | 109 |
by (auto intro!: equivpI reflpI sympI transpI) |
110 |
||
111 |
instantiation word :: (len0) "{semiring_numeral, comm_semiring_0, comm_ring}" |
|
112 |
begin |
|
113 |
||
114 |
lift_definition zero_word :: "'a word" |
|
115 |
is 0 |
|
116 |
. |
|
117 |
||
118 |
lift_definition one_word :: "'a word" |
|
119 |
is 1 |
|
120 |
. |
|
121 |
||
122 |
lift_definition plus_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> 'a word" |
|
123 |
is plus |
|
67961 | 124 |
by (subst take_bit_add [symmetric]) (simp add: take_bit_add) |
64015 | 125 |
|
126 |
lift_definition uminus_word :: "'a word \<Rightarrow> 'a word" |
|
127 |
is uminus |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
128 |
by (subst take_bit_uminus [symmetric]) (simp add: take_bit_uminus) |
64015 | 129 |
|
130 |
lift_definition minus_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> 'a word" |
|
131 |
is minus |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
132 |
by (subst take_bit_minus [symmetric]) (simp add: take_bit_minus) |
64015 | 133 |
|
134 |
lift_definition times_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> 'a word" |
|
135 |
is times |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
136 |
by (auto simp add: take_bit_eq_mod intro: mod_mult_cong) |
64015 | 137 |
|
138 |
instance |
|
139 |
by standard (transfer; simp add: algebra_simps)+ |
|
140 |
||
141 |
end |
|
142 |
||
143 |
instance word :: (len) comm_ring_1 |
|
144 |
by standard (transfer; simp)+ |
|
145 |
||
70903 | 146 |
quickcheck_generator word |
147 |
constructors: |
|
148 |
"zero_class.zero :: ('a::len0) word", |
|
149 |
"numeral :: num \<Rightarrow> ('a::len0) word", |
|
150 |
"uminus :: ('a::len0) word \<Rightarrow> ('a::len0) word" |
|
151 |
||
70973 | 152 |
context |
153 |
includes lifting_syntax |
|
154 |
notes power_transfer [transfer_rule] |
|
155 |
begin |
|
156 |
||
157 |
lemma power_transfer_word [transfer_rule]: |
|
158 |
\<open>(pcr_word ===> (=) ===> pcr_word) (^) (^)\<close> |
|
159 |
by transfer_prover |
|
160 |
||
161 |
end |
|
162 |
||
64015 | 163 |
|
164 |
subsubsection \<open>Conversions\<close> |
|
165 |
||
70927 | 166 |
context |
167 |
includes lifting_syntax |
|
168 |
notes transfer_rule_numeral [transfer_rule] |
|
169 |
transfer_rule_of_nat [transfer_rule] |
|
170 |
transfer_rule_of_int [transfer_rule] |
|
171 |
begin |
|
70348
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
172 |
|
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
173 |
lemma [transfer_rule]: |
70927 | 174 |
"((=) ===> (pcr_word :: int \<Rightarrow> 'a::len word \<Rightarrow> bool)) numeral numeral" |
175 |
by transfer_prover |
|
176 |
||
177 |
lemma [transfer_rule]: |
|
178 |
"((=) ===> pcr_word) int of_nat" |
|
179 |
by transfer_prover |
|
71042
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
180 |
|
64015 | 181 |
lemma [transfer_rule]: |
70927 | 182 |
"((=) ===> pcr_word) (\<lambda>k. k) of_int" |
64015 | 183 |
proof - |
70927 | 184 |
have "((=) ===> pcr_word) of_int of_int" |
64015 | 185 |
by transfer_prover |
186 |
then show ?thesis by (simp add: id_def) |
|
187 |
qed |
|
188 |
||
70927 | 189 |
end |
190 |
||
70973 | 191 |
lemma abs_word_eq: |
192 |
"abs_word = of_int" |
|
193 |
by (rule ext) (transfer, rule) |
|
194 |
||
64015 | 195 |
context semiring_1 |
196 |
begin |
|
197 |
||
198 |
lift_definition unsigned :: "'b::len0 word \<Rightarrow> 'a" |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
199 |
is "of_nat \<circ> nat \<circ> take_bit LENGTH('b)" |
64015 | 200 |
by simp |
201 |
||
202 |
lemma unsigned_0 [simp]: |
|
203 |
"unsigned 0 = 0" |
|
204 |
by transfer simp |
|
205 |
||
206 |
end |
|
207 |
||
208 |
context semiring_char_0 |
|
209 |
begin |
|
210 |
||
211 |
lemma word_eq_iff_unsigned: |
|
212 |
"a = b \<longleftrightarrow> unsigned a = unsigned b" |
|
213 |
by safe (transfer; simp add: eq_nat_nat_iff) |
|
214 |
||
215 |
end |
|
216 |
||
70903 | 217 |
instantiation word :: (len0) equal |
218 |
begin |
|
219 |
||
220 |
definition equal_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> bool" |
|
221 |
where "equal_word a b \<longleftrightarrow> (unsigned a :: int) = unsigned b" |
|
222 |
||
223 |
instance proof |
|
224 |
fix a b :: "'a word" |
|
225 |
show "HOL.equal a b \<longleftrightarrow> a = b" |
|
226 |
using word_eq_iff_unsigned [of a b] by (auto simp add: equal_word_def) |
|
227 |
qed |
|
228 |
||
229 |
end |
|
230 |
||
64015 | 231 |
context ring_1 |
232 |
begin |
|
233 |
||
234 |
lift_definition signed :: "'b::len word \<Rightarrow> 'a" |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
235 |
is "of_int \<circ> signed_take_bit (LENGTH('b) - 1)" |
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
236 |
by (simp add: signed_take_bit_eq_iff_take_bit_eq [symmetric]) |
64015 | 237 |
|
238 |
lemma signed_0 [simp]: |
|
239 |
"signed 0 = 0" |
|
240 |
by transfer simp |
|
241 |
||
242 |
end |
|
243 |
||
244 |
lemma unsigned_of_nat [simp]: |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
245 |
"unsigned (of_nat n :: 'a word) = take_bit LENGTH('a::len) n" |
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
246 |
by transfer (simp add: nat_eq_iff take_bit_eq_mod zmod_int) |
64015 | 247 |
|
248 |
lemma of_nat_unsigned [simp]: |
|
249 |
"of_nat (unsigned a) = a" |
|
250 |
by transfer simp |
|
251 |
||
252 |
lemma of_int_unsigned [simp]: |
|
253 |
"of_int (unsigned a) = a" |
|
254 |
by transfer simp |
|
255 |
||
70973 | 256 |
lemma unsigned_nat_less: |
257 |
\<open>unsigned a < (2 ^ LENGTH('a) :: nat)\<close> for a :: \<open>'a::len0 word\<close> |
|
258 |
by transfer (simp add: take_bit_eq_mod) |
|
259 |
||
260 |
lemma unsigned_int_less: |
|
261 |
\<open>unsigned a < (2 ^ LENGTH('a) :: int)\<close> for a :: \<open>'a::len0 word\<close> |
|
262 |
by transfer (simp add: take_bit_eq_mod) |
|
263 |
||
64015 | 264 |
context ring_char_0 |
265 |
begin |
|
266 |
||
267 |
lemma word_eq_iff_signed: |
|
268 |
"a = b \<longleftrightarrow> signed a = signed b" |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
269 |
by safe (transfer; auto simp add: signed_take_bit_eq_iff_take_bit_eq) |
64015 | 270 |
|
271 |
end |
|
272 |
||
273 |
lemma signed_of_int [simp]: |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
274 |
"signed (of_int k :: 'a word) = signed_take_bit (LENGTH('a::len) - 1) k" |
64015 | 275 |
by transfer simp |
276 |
||
277 |
lemma of_int_signed [simp]: |
|
278 |
"of_int (signed a) = a" |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
279 |
by transfer (simp add: signed_take_bit_eq_take_bit take_bit_eq_mod mod_simps) |
64015 | 280 |
|
281 |
||
282 |
subsubsection \<open>Properties\<close> |
|
283 |
||
70973 | 284 |
lemma length_cases: |
285 |
obtains (triv) "LENGTH('a::len) = 1" "take_bit LENGTH('a) 2 = (0 :: int)" |
|
286 |
| (take_bit_2) "take_bit LENGTH('a) 2 = (2 :: int)" |
|
287 |
proof (cases "LENGTH('a) \<ge> 2") |
|
288 |
case False |
|
289 |
then have "LENGTH('a) = 1" |
|
290 |
by (auto simp add: not_le dest: less_2_cases) |
|
291 |
then have "take_bit LENGTH('a) 2 = (0 :: int)" |
|
292 |
by simp |
|
293 |
with \<open>LENGTH('a) = 1\<close> triv show ?thesis |
|
294 |
by simp |
|
295 |
next |
|
296 |
case True |
|
297 |
then obtain n where "LENGTH('a) = Suc (Suc n)" |
|
298 |
by (auto dest: le_Suc_ex) |
|
299 |
then have "take_bit LENGTH('a) 2 = (2 :: int)" |
|
300 |
by simp |
|
301 |
with take_bit_2 show ?thesis |
|
302 |
by simp |
|
303 |
qed |
|
304 |
||
64015 | 305 |
|
306 |
subsubsection \<open>Division\<close> |
|
307 |
||
308 |
instantiation word :: (len0) modulo |
|
309 |
begin |
|
310 |
||
311 |
lift_definition divide_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> 'a word" |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
312 |
is "\<lambda>a b. take_bit LENGTH('a) a div take_bit LENGTH('a) b" |
64015 | 313 |
by simp |
314 |
||
315 |
lift_definition modulo_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> 'a word" |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
316 |
is "\<lambda>a b. take_bit LENGTH('a) a mod take_bit LENGTH('a) b" |
64015 | 317 |
by simp |
318 |
||
319 |
instance .. |
|
320 |
||
321 |
end |
|
322 |
||
70973 | 323 |
lemma zero_word_div_eq [simp]: |
324 |
\<open>0 div a = 0\<close> for a :: \<open>'a::len0 word\<close> |
|
325 |
by transfer simp |
|
326 |
||
327 |
lemma div_zero_word_eq [simp]: |
|
328 |
\<open>a div 0 = 0\<close> for a :: \<open>'a::len0 word\<close> |
|
329 |
by transfer simp |
|
330 |
||
70927 | 331 |
context |
332 |
includes lifting_syntax |
|
333 |
begin |
|
334 |
||
70348
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
335 |
lemma [transfer_rule]: |
70927 | 336 |
"(pcr_word ===> (\<longleftrightarrow>)) even ((dvd) 2 :: 'a::len word \<Rightarrow> bool)" |
70348
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
337 |
proof - |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
338 |
have even_word_unfold: "even k \<longleftrightarrow> (\<exists>l. take_bit LENGTH('a) k = take_bit LENGTH('a) (2 * l))" (is "?P \<longleftrightarrow> ?Q") |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
339 |
for k :: int |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
340 |
proof |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
341 |
assume ?P |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
342 |
then show ?Q |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
343 |
by auto |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
344 |
next |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
345 |
assume ?Q |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
346 |
then obtain l where "take_bit LENGTH('a) k = take_bit LENGTH('a) (2 * l)" .. |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
347 |
then have "even (take_bit LENGTH('a) k)" |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
348 |
by simp |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
349 |
then show ?P |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
350 |
by simp |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
351 |
qed |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
352 |
show ?thesis by (simp only: even_word_unfold [abs_def] dvd_def [where ?'a = "'a word", abs_def]) |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
353 |
transfer_prover |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
354 |
qed |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
355 |
|
70927 | 356 |
end |
357 |
||
70348
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
358 |
instance word :: (len) semiring_modulo |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
359 |
proof |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
360 |
show "a div b * b + a mod b = a" for a b :: "'a word" |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
361 |
proof transfer |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
362 |
fix k l :: int |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
363 |
define r :: int where "r = 2 ^ LENGTH('a)" |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
364 |
then have r: "take_bit LENGTH('a) k = k mod r" for k |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
365 |
by (simp add: take_bit_eq_mod) |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
366 |
have "k mod r = ((k mod r) div (l mod r) * (l mod r) |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
367 |
+ (k mod r) mod (l mod r)) mod r" |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
368 |
by (simp add: div_mult_mod_eq) |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
369 |
also have "... = (((k mod r) div (l mod r) * (l mod r)) mod r |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
370 |
+ (k mod r) mod (l mod r)) mod r" |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
371 |
by (simp add: mod_add_left_eq) |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
372 |
also have "... = (((k mod r) div (l mod r) * l) mod r |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
373 |
+ (k mod r) mod (l mod r)) mod r" |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
374 |
by (simp add: mod_mult_right_eq) |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
375 |
finally have "k mod r = ((k mod r) div (l mod r) * l |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
376 |
+ (k mod r) mod (l mod r)) mod r" |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
377 |
by (simp add: mod_simps) |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
378 |
with r show "take_bit LENGTH('a) (take_bit LENGTH('a) k div take_bit LENGTH('a) l * l |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
379 |
+ take_bit LENGTH('a) k mod take_bit LENGTH('a) l) = take_bit LENGTH('a) k" |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
380 |
by simp |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
381 |
qed |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
382 |
qed |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
383 |
|
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
384 |
instance word :: (len) semiring_parity |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
385 |
proof |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
386 |
show "\<not> 2 dvd (1::'a word)" |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
387 |
by transfer simp |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
388 |
show even_iff_mod_2_eq_0: "2 dvd a \<longleftrightarrow> a mod 2 = 0" |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
389 |
for a :: "'a word" |
70973 | 390 |
by (transfer; cases rule: length_cases [where ?'a = 'a]) (simp_all add: mod_2_eq_odd) |
70348
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
391 |
show "\<not> 2 dvd a \<longleftrightarrow> a mod 2 = 1" |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
392 |
for a :: "'a word" |
70973 | 393 |
by (transfer; cases rule: length_cases [where ?'a = 'a]) (simp_all add: mod_2_eq_odd) |
70348
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
394 |
qed |
bde161c740ca
more theorems for proof of concept for word type
haftmann
parents:
70171
diff
changeset
|
395 |
|
64015 | 396 |
|
397 |
subsubsection \<open>Orderings\<close> |
|
398 |
||
399 |
instantiation word :: (len0) linorder |
|
400 |
begin |
|
401 |
||
402 |
lift_definition less_eq_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> bool" |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
403 |
is "\<lambda>a b. take_bit LENGTH('a) a \<le> take_bit LENGTH('a) b" |
64015 | 404 |
by simp |
405 |
||
406 |
lift_definition less_word :: "'a word \<Rightarrow> 'a word \<Rightarrow> bool" |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
407 |
is "\<lambda>a b. take_bit LENGTH('a) a < take_bit LENGTH('a) b" |
64015 | 408 |
by simp |
409 |
||
410 |
instance |
|
411 |
by standard (transfer; auto)+ |
|
412 |
||
413 |
end |
|
414 |
||
415 |
context linordered_semidom |
|
416 |
begin |
|
417 |
||
418 |
lemma word_less_eq_iff_unsigned: |
|
419 |
"a \<le> b \<longleftrightarrow> unsigned a \<le> unsigned b" |
|
420 |
by (transfer fixing: less_eq) (simp add: nat_le_eq_zle) |
|
421 |
||
422 |
lemma word_less_iff_unsigned: |
|
423 |
"a < b \<longleftrightarrow> unsigned a < unsigned b" |
|
67907
02a14c1cb917
prefer convention to place operation name before type name
haftmann
parents:
67816
diff
changeset
|
424 |
by (transfer fixing: less) (auto dest: preorder_class.le_less_trans [OF take_bit_nonnegative]) |
64015 | 425 |
|
426 |
end |
|
427 |
||
70973 | 428 |
lemma word_greater_zero_iff: |
429 |
\<open>a > 0 \<longleftrightarrow> a \<noteq> 0\<close> for a :: \<open>'a::len0 word\<close> |
|
430 |
by transfer (simp add: less_le) |
|
431 |
||
432 |
lemma of_nat_word_eq_iff: |
|
433 |
\<open>of_nat m = (of_nat n :: 'a::len word) \<longleftrightarrow> take_bit LENGTH('a) m = take_bit LENGTH('a) n\<close> |
|
434 |
by transfer (simp add: take_bit_of_nat) |
|
435 |
||
436 |
lemma of_nat_word_less_eq_iff: |
|
437 |
\<open>of_nat m \<le> (of_nat n :: 'a::len word) \<longleftrightarrow> take_bit LENGTH('a) m \<le> take_bit LENGTH('a) n\<close> |
|
438 |
by transfer (simp add: take_bit_of_nat) |
|
439 |
||
440 |
lemma of_nat_word_less_iff: |
|
441 |
\<open>of_nat m < (of_nat n :: 'a::len word) \<longleftrightarrow> take_bit LENGTH('a) m < take_bit LENGTH('a) n\<close> |
|
442 |
by transfer (simp add: take_bit_of_nat) |
|
443 |
||
444 |
lemma of_nat_word_eq_0_iff: |
|
445 |
\<open>of_nat n = (0 :: 'a::len word) \<longleftrightarrow> 2 ^ LENGTH('a) dvd n\<close> |
|
446 |
using of_nat_word_eq_iff [where ?'a = 'a, of n 0] by (simp add: take_bit_eq_0_iff) |
|
447 |
||
448 |
lemma of_int_word_eq_iff: |
|
449 |
\<open>of_int k = (of_int l :: 'a::len word) \<longleftrightarrow> take_bit LENGTH('a) k = take_bit LENGTH('a) l\<close> |
|
450 |
by transfer rule |
|
451 |
||
452 |
lemma of_int_word_less_eq_iff: |
|
453 |
\<open>of_int k \<le> (of_int l :: 'a::len word) \<longleftrightarrow> take_bit LENGTH('a) k \<le> take_bit LENGTH('a) l\<close> |
|
454 |
by transfer rule |
|
455 |
||
456 |
lemma of_int_word_less_iff: |
|
457 |
\<open>of_int k < (of_int l :: 'a::len word) \<longleftrightarrow> take_bit LENGTH('a) k < take_bit LENGTH('a) l\<close> |
|
458 |
by transfer rule |
|
459 |
||
460 |
lemma of_int_word_eq_0_iff: |
|
461 |
\<open>of_int k = (0 :: 'a::len word) \<longleftrightarrow> 2 ^ LENGTH('a) dvd k\<close> |
|
462 |
using of_int_word_eq_iff [where ?'a = 'a, of k 0] by (simp add: take_bit_eq_0_iff) |
|
463 |
||
464 |
||
465 |
subsection \<open>Bit structure on \<^typ>\<open>'a word\<close>\<close> |
|
466 |
||
467 |
lemma word_bit_induct [case_names zero even odd]: |
|
468 |
\<open>P a\<close> if word_zero: \<open>P 0\<close> |
|
469 |
and word_even: \<open>\<And>a. P a \<Longrightarrow> 0 < a \<Longrightarrow> a < 2 ^ (LENGTH('a) - 1) \<Longrightarrow> P (2 * a)\<close> |
|
470 |
and word_odd: \<open>\<And>a. P a \<Longrightarrow> a < 2 ^ (LENGTH('a) - 1) \<Longrightarrow> P (1 + 2 * a)\<close> |
|
471 |
for P and a :: \<open>'a::len word\<close> |
|
472 |
proof - |
|
473 |
define m :: nat where \<open>m = LENGTH('a) - 1\<close> |
|
474 |
then have l: \<open>LENGTH('a) = Suc m\<close> |
|
475 |
by simp |
|
476 |
define n :: nat where \<open>n = unsigned a\<close> |
|
477 |
then have \<open>n < 2 ^ LENGTH('a)\<close> |
|
478 |
by (simp add: unsigned_nat_less) |
|
479 |
then have \<open>n < 2 * 2 ^ m\<close> |
|
480 |
by (simp add: l) |
|
481 |
then have \<open>P (of_nat n)\<close> |
|
482 |
proof (induction n rule: nat_bit_induct) |
|
483 |
case zero |
|
484 |
show ?case |
|
485 |
by simp (rule word_zero) |
|
486 |
next |
|
487 |
case (even n) |
|
488 |
then have \<open>n < 2 ^ m\<close> |
|
489 |
by simp |
|
490 |
with even.IH have \<open>P (of_nat n)\<close> |
|
491 |
by simp |
|
492 |
moreover from \<open>n < 2 ^ m\<close> even.hyps have \<open>0 < (of_nat n :: 'a word)\<close> |
|
493 |
by (auto simp add: word_greater_zero_iff of_nat_word_eq_0_iff l) |
|
494 |
moreover from \<open>n < 2 ^ m\<close> have \<open>(of_nat n :: 'a word) < 2 ^ (LENGTH('a) - 1)\<close> |
|
495 |
using of_nat_word_less_iff [where ?'a = 'a, of n \<open>2 ^ m\<close>] |
|
496 |
by (cases \<open>m = 0\<close>) (simp_all add: not_less take_bit_eq_self ac_simps l) |
|
497 |
ultimately have \<open>P (2 * of_nat n)\<close> |
|
498 |
by (rule word_even) |
|
499 |
then show ?case |
|
500 |
by simp |
|
501 |
next |
|
502 |
case (odd n) |
|
503 |
then have \<open>Suc n \<le> 2 ^ m\<close> |
|
504 |
by simp |
|
505 |
with odd.IH have \<open>P (of_nat n)\<close> |
|
506 |
by simp |
|
507 |
moreover from \<open>Suc n \<le> 2 ^ m\<close> have \<open>(of_nat n :: 'a word) < 2 ^ (LENGTH('a) - 1)\<close> |
|
508 |
using of_nat_word_less_iff [where ?'a = 'a, of n \<open>2 ^ m\<close>] |
|
509 |
by (cases \<open>m = 0\<close>) (simp_all add: not_less take_bit_eq_self ac_simps l) |
|
510 |
ultimately have \<open>P (1 + 2 * of_nat n)\<close> |
|
511 |
by (rule word_odd) |
|
512 |
then show ?case |
|
513 |
by simp |
|
514 |
qed |
|
515 |
then show ?thesis |
|
516 |
by (simp add: n_def) |
|
517 |
qed |
|
518 |
||
71042
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
519 |
lemma bit_word_half_eq: |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
520 |
\<open>(of_bool b + a * 2) div 2 = a\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
521 |
if \<open>a < 2 ^ (LENGTH('a) - Suc 0)\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
522 |
for a :: \<open>'a::len word\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
523 |
proof (cases rule: length_cases [where ?'a = 'a]) |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
524 |
case triv |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
525 |
have \<open>of_bool (odd k) < (1 :: int) \<longleftrightarrow> even k\<close> for k :: int |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
526 |
by auto |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
527 |
with triv that show ?thesis |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
528 |
by (auto; transfer) simp_all |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
529 |
next |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
530 |
case take_bit_2 |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
531 |
obtain n where length: \<open>LENGTH('a) = Suc n\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
532 |
by (cases \<open>LENGTH('a)\<close>) simp_all |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
533 |
show ?thesis proof (cases b) |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
534 |
case False |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
535 |
moreover have \<open>a * 2 div 2 = a\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
536 |
using that proof transfer |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
537 |
fix k :: int |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
538 |
from length have \<open>k * 2 mod 2 ^ LENGTH('a) = (k mod 2 ^ n) * 2\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
539 |
by simp |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
540 |
moreover assume \<open>take_bit LENGTH('a) k < take_bit LENGTH('a) (2 ^ (LENGTH('a) - Suc 0))\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
541 |
with \<open>LENGTH('a) = Suc n\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
542 |
have \<open>k mod 2 ^ LENGTH('a) = k mod 2 ^ n\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
543 |
by (simp add: take_bit_eq_mod divmod_digit_0) |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
544 |
ultimately have \<open>take_bit LENGTH('a) (k * 2) = take_bit LENGTH('a) k * 2\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
545 |
by (simp add: take_bit_eq_mod) |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
546 |
with take_bit_2 show \<open>take_bit LENGTH('a) (take_bit LENGTH('a) (k * 2) div take_bit LENGTH('a) 2) |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
547 |
= take_bit LENGTH('a) k\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
548 |
by simp |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
549 |
qed |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
550 |
ultimately show ?thesis |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
551 |
by simp |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
552 |
next |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
553 |
case True |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
554 |
moreover have \<open>(1 + a * 2) div 2 = a\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
555 |
using that proof transfer |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
556 |
fix k :: int |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
557 |
from length have \<open>(1 + k * 2) mod 2 ^ LENGTH('a) = 1 + (k mod 2 ^ n) * 2\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
558 |
using pos_zmod_mult_2 [of \<open>2 ^ n\<close> k] by (simp add: ac_simps) |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
559 |
moreover assume \<open>take_bit LENGTH('a) k < take_bit LENGTH('a) (2 ^ (LENGTH('a) - Suc 0))\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
560 |
with \<open>LENGTH('a) = Suc n\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
561 |
have \<open>k mod 2 ^ LENGTH('a) = k mod 2 ^ n\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
562 |
by (simp add: take_bit_eq_mod divmod_digit_0) |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
563 |
ultimately have \<open>take_bit LENGTH('a) (1 + k * 2) = 1 + take_bit LENGTH('a) k * 2\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
564 |
by (simp add: take_bit_eq_mod) |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
565 |
with take_bit_2 show \<open>take_bit LENGTH('a) (take_bit LENGTH('a) (1 + k * 2) div take_bit LENGTH('a) 2) |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
566 |
= take_bit LENGTH('a) k\<close> |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
567 |
by simp |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
568 |
qed |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
569 |
ultimately show ?thesis |
400e9512f1d3
proof-of-concept theory for bit operations without a constructivistic representation and a minimal common logical foundation
haftmann
parents:
70973
diff
changeset
|
570 |
by simp |
70925 | 571 |
qed |
572 |
qed |
|
573 |
||
574 |
end |