isabelle: src/HOL/SPARK/SPARK.thy@99b9249b3e05 (annotated)

41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	1	(* Title: HOL/SPARK/SPARK.thy
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	2	Author: Stefan Berghofer
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	3	Copyright: secunet Security Networks AG
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	4
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	5	Declaration of proof functions for SPARK/Ada verification environment.
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	6	*)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	7
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	8	theory SPARK
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	9	imports SPARK_Setup
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	10	begin
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	11
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	12	text {* Bitwise logical operators *}
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	13
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	14	spark_proof_functions
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	15	bit__and (integer, integer) : integer = "op AND"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	16	bit__or (integer, integer) : integer = "op OR"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	17	bit__xor (integer, integer) : integer = "op XOR"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	18
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	19	lemma AND_lower [simp]:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	20	fixes x :: int and y :: int
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	21	assumes "0 \<le> x"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	22	shows "0 \<le> x AND y"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	23	using assms
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	24	proof (induct x arbitrary: y rule: bin_induct)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	25	case (3 bin bit)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	26	show ?case
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	27	proof (cases y rule: bin_exhaust)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	28	case (1 bin' bit')
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	29	from 3 have "0 \<le> bin"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	30	by (simp add: Bit_def bitval_def split add: bit.split_asm)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	31	then have "0 \<le> bin AND bin'" by (rule 3)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	32	with 1 show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	33	by simp (simp add: Bit_def bitval_def split add: bit.split)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	34	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	35	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	36	case 2
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	37	then show ?case by (simp only: Min_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	38	qed simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	39
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	40	lemma OR_lower [simp]:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	41	fixes x :: int and y :: int
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	42	assumes "0 \<le> x" "0 \<le> y"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	43	shows "0 \<le> x OR y"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	44	using assms
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	45	proof (induct x arbitrary: y rule: bin_induct)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	46	case (3 bin bit)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	47	show ?case
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	48	proof (cases y rule: bin_exhaust)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	49	case (1 bin' bit')
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	50	from 3 have "0 \<le> bin"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	51	by (simp add: Bit_def bitval_def split add: bit.split_asm)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	52	moreover from 1 3 have "0 \<le> bin'"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	53	by (simp add: Bit_def bitval_def split add: bit.split_asm)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	54	ultimately have "0 \<le> bin OR bin'" by (rule 3)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	55	with 1 show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	56	by simp (simp add: Bit_def bitval_def split add: bit.split)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	57	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	58	qed simp_all
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	59
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	60	lemma XOR_lower [simp]:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	61	fixes x :: int and y :: int
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	62	assumes "0 \<le> x" "0 \<le> y"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	63	shows "0 \<le> x XOR y"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	64	using assms
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	65	proof (induct x arbitrary: y rule: bin_induct)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	66	case (3 bin bit)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	67	show ?case
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	68	proof (cases y rule: bin_exhaust)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	69	case (1 bin' bit')
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	70	from 3 have "0 \<le> bin"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	71	by (simp add: Bit_def bitval_def split add: bit.split_asm)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	72	moreover from 1 3 have "0 \<le> bin'"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	73	by (simp add: Bit_def bitval_def split add: bit.split_asm)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	74	ultimately have "0 \<le> bin XOR bin'" by (rule 3)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	75	with 1 show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	76	by simp (simp add: Bit_def bitval_def split add: bit.split)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	77	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	78	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	79	case 2
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	80	then show ?case by (simp only: Min_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	81	qed simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	82
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	83	lemma AND_upper1 [simp]:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	84	fixes x :: int and y :: int
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	85	assumes "0 \<le> x"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	86	shows "x AND y \<le> x"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	87	using assms
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	88	proof (induct x arbitrary: y rule: bin_induct)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	89	case (3 bin bit)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	90	show ?case
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	91	proof (cases y rule: bin_exhaust)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	92	case (1 bin' bit')
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	93	from 3 have "0 \<le> bin"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	94	by (simp add: Bit_def bitval_def split add: bit.split_asm)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	95	then have "bin AND bin' \<le> bin" by (rule 3)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	96	with 1 show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	97	by simp (simp add: Bit_def bitval_def split add: bit.split)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	98	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	99	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	100	case 2
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	101	then show ?case by (simp only: Min_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	102	qed simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	103
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	104	lemmas AND_upper1' [simp] = order_trans [OF AND_upper1]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	105	lemmas AND_upper1'' [simp] = order_le_less_trans [OF AND_upper1]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	106
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	107	lemma AND_upper2 [simp]:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	108	fixes x :: int and y :: int
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	109	assumes "0 \<le> y"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	110	shows "x AND y \<le> y"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	111	using assms
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	112	proof (induct y arbitrary: x rule: bin_induct)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	113	case (3 bin bit)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	114	show ?case
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	115	proof (cases x rule: bin_exhaust)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	116	case (1 bin' bit')
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	117	from 3 have "0 \<le> bin"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	118	by (simp add: Bit_def bitval_def split add: bit.split_asm)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	119	then have "bin' AND bin \<le> bin" by (rule 3)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	120	with 1 show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	121	by simp (simp add: Bit_def bitval_def split add: bit.split)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	122	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	123	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	124	case 2
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	125	then show ?case by (simp only: Min_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	126	qed simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	127
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	128	lemmas AND_upper2' [simp] = order_trans [OF AND_upper2]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	129	lemmas AND_upper2'' [simp] = order_le_less_trans [OF AND_upper2]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	130
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	131	lemma OR_upper:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	132	fixes x :: int and y :: int
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	133	assumes "0 \<le> x" "x < 2 ^ n" "y < 2 ^ n"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	134	shows "x OR y < 2 ^ n"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	135	using assms
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	136	proof (induct x arbitrary: y n rule: bin_induct)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	137	case (3 bin bit)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	138	show ?case
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	139	proof (cases y rule: bin_exhaust)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	140	case (1 bin' bit')
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	141	show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	142	proof (cases n)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	143	case 0
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	144	with 3 have "bin BIT bit = 0" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	145	then have "bin = 0" "bit = 0"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	146	by (auto simp add: Bit_def bitval_def split add: bit.split_asm) arith
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	147	then show ?thesis using 0 1 `y < 2 ^ n`
47108 2a1953f0d20d merged fork with new numeral representation (see NEWS) huffman parents: 41561 diff changeset	148	by simp
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	149	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	150	case (Suc m)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	151	from 3 have "0 \<le> bin"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	152	by (simp add: Bit_def bitval_def split add: bit.split_asm)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	153	moreover from 3 Suc have "bin < 2 ^ m"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	154	by (simp add: Bit_def bitval_def split add: bit.split_asm)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	155	moreover from 1 3 Suc have "bin' < 2 ^ m"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	156	by (simp add: Bit_def bitval_def split add: bit.split_asm)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	157	ultimately have "bin OR bin' < 2 ^ m" by (rule 3)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	158	with 1 Suc show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	159	by simp (simp add: Bit_def bitval_def split add: bit.split)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	160	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	161	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	162	qed simp_all
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	163
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	164	lemmas [simp] =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	165	OR_upper [of _ 8, simplified zle_diff1_eq [symmetric], simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	166	OR_upper [of _ 8, simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	167	OR_upper [of _ 16, simplified zle_diff1_eq [symmetric], simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	168	OR_upper [of _ 16, simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	169	OR_upper [of _ 32, simplified zle_diff1_eq [symmetric], simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	170	OR_upper [of _ 32, simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	171	OR_upper [of _ 64, simplified zle_diff1_eq [symmetric], simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	172	OR_upper [of _ 64, simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	173
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	174	lemma XOR_upper:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	175	fixes x :: int and y :: int
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	176	assumes "0 \<le> x" "x < 2 ^ n" "y < 2 ^ n"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	177	shows "x XOR y < 2 ^ n"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	178	using assms
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	179	proof (induct x arbitrary: y n rule: bin_induct)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	180	case (3 bin bit)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	181	show ?case
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	182	proof (cases y rule: bin_exhaust)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	183	case (1 bin' bit')
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	184	show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	185	proof (cases n)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	186	case 0
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	187	with 3 have "bin BIT bit = 0" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	188	then have "bin = 0" "bit = 0"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	189	by (auto simp add: Bit_def bitval_def split add: bit.split_asm) arith
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	190	then show ?thesis using 0 1 `y < 2 ^ n`
47108 2a1953f0d20d merged fork with new numeral representation (see NEWS) huffman parents: 41561 diff changeset	191	by simp
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	192	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	193	case (Suc m)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	194	from 3 have "0 \<le> bin"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	195	by (simp add: Bit_def bitval_def split add: bit.split_asm)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	196	moreover from 3 Suc have "bin < 2 ^ m"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	197	by (simp add: Bit_def bitval_def split add: bit.split_asm)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	198	moreover from 1 3 Suc have "bin' < 2 ^ m"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	199	by (simp add: Bit_def bitval_def split add: bit.split_asm)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	200	ultimately have "bin XOR bin' < 2 ^ m" by (rule 3)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	201	with 1 Suc show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	202	by simp (simp add: Bit_def bitval_def split add: bit.split)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	203	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	204	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	205	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	206	case 2
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	207	then show ?case by (simp only: Min_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	208	qed simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	209
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	210	lemmas [simp] =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	211	XOR_upper [of _ 8, simplified zle_diff1_eq [symmetric], simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	212	XOR_upper [of _ 8, simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	213	XOR_upper [of _ 16, simplified zle_diff1_eq [symmetric], simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	214	XOR_upper [of _ 16, simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	215	XOR_upper [of _ 32, simplified zle_diff1_eq [symmetric], simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	216	XOR_upper [of _ 32, simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	217	XOR_upper [of _ 64, simplified zle_diff1_eq [symmetric], simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	218	XOR_upper [of _ 64, simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	219
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	220	lemma bit_not_spark_eq:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	221	"NOT (word_of_int x :: ('a::len0) word) =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	222	word_of_int (2 ^ len_of TYPE('a) - 1 - x)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	223	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	224	have "word_of_int x + NOT (word_of_int x) =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	225	word_of_int x + (word_of_int (2 ^ len_of TYPE('a) - 1 - x)::'a word)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	226	by (simp only: bwsimps bin_add_not Min_def)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	227	(simp add: word_of_int_hom_syms word_of_int_2p_len)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	228	then show ?thesis by (rule add_left_imp_eq)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	229	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	230
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	231	lemmas [simp] =
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	232	bit_not_spark_eq [where 'a=8, simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	233	bit_not_spark_eq [where 'a=16, simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	234	bit_not_spark_eq [where 'a=32, simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	235	bit_not_spark_eq [where 'a=64, simplified]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	236
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	237	lemma power_BIT: "2 ^ (Suc n) - 1 = (2 ^ n - 1) BIT 1"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	238	unfolding Bit_B1
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	239	by (induct n) simp_all
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	240
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	241	lemma mod_BIT:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	242	"bin BIT bit mod 2 ^ Suc n = (bin mod 2 ^ n) BIT bit"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	243	proof -
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	244	have "bin mod 2 ^ n < 2 ^ n" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	245	then have "bin mod 2 ^ n \<le> 2 ^ n - 1" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	246	then have "2 * (bin mod 2 ^ n) \<le> 2 * (2 ^ n - 1)"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	247	by (rule mult_left_mono) simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	248	then have "2 * (bin mod 2 ^ n) + 1 < 2 * 2 ^ n" by simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	249	then show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	250	by (auto simp add: Bit_def bitval_def mod_mult_mult1 mod_add_left_eq [of "2 * bin"]
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	251	mod_pos_pos_trivial split add: bit.split)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	252	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	253
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	254	lemma AND_mod:
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	255	fixes x :: int
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	256	shows "x AND 2 ^ n - 1 = x mod 2 ^ n"
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	257	proof (induct x arbitrary: n rule: bin_induct)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	258	case 1
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	259	then show ?case
47108 2a1953f0d20d merged fork with new numeral representation (see NEWS) huffman parents: 41561 diff changeset	260	by simp
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	261	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	262	case 2
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	263	then show ?case
47108 2a1953f0d20d merged fork with new numeral representation (see NEWS) huffman parents: 41561 diff changeset	264	by (simp, simp add: m1mod2k)
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	265	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	266	case (3 bin bit)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	267	show ?case
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	268	proof (cases n)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	269	case 0
47108 2a1953f0d20d merged fork with new numeral representation (see NEWS) huffman parents: 41561 diff changeset	270	then show ?thesis by (simp add: int_and_extra_simps)
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	271	next
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	272	case (Suc m)
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	273	with 3 show ?thesis
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	274	by (simp only: power_BIT mod_BIT int_and_Bits) simp
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	275	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	276	qed
d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	277
50788 fec14e8fefb8 Added proof function declarations for min and max berghofe parents: 47108 diff changeset	278
fec14e8fefb8 Added proof function declarations for min and max berghofe parents: 47108 diff changeset	279	text {* Minimum and maximum *}
fec14e8fefb8 Added proof function declarations for min and max berghofe parents: 47108 diff changeset	280
fec14e8fefb8 Added proof function declarations for min and max berghofe parents: 47108 diff changeset	281	spark_proof_functions
fec14e8fefb8 Added proof function declarations for min and max berghofe parents: 47108 diff changeset	282	integer__min = "min :: int \<Rightarrow> int \<Rightarrow> int"
fec14e8fefb8 Added proof function declarations for min and max berghofe parents: 47108 diff changeset	283	integer__max = "max :: int \<Rightarrow> int \<Rightarrow> int"
fec14e8fefb8 Added proof function declarations for min and max berghofe parents: 47108 diff changeset	284
41561 d1318f3c86ba Added new SPARK verification environment. berghofe parents: diff changeset	285	end

author	wenzelm
	Thu, 28 Nov 2013 12:54:39 +0100
changeset 54649	99b9249b3e05
parent 50788	fec14e8fefb8
child 54427	783861a66a60
permissions	-rw-r--r--