wenzelm@17516: (* ID: $Id$ wenzelm@17516: Author: Bernhard Haeupler wenzelm@17516: wenzelm@17516: Proving equalities in commutative rings done "right" in Isabelle/HOL. wenzelm@17516: *) wenzelm@17516: wenzelm@17516: header {* Proving equalities in commutative rings *} wenzelm@17516: wenzelm@17516: theory Commutative_Ring wenzelm@17516: imports Main wenzelm@17516: uses ("comm_ring.ML") wenzelm@17516: begin wenzelm@17516: wenzelm@17516: text {* Syntax of multivariate polynomials (pol) and polynomial expressions. *} wenzelm@17516: wenzelm@17516: datatype 'a pol = wenzelm@17516: Pc 'a wenzelm@17516: | Pinj nat "'a pol" wenzelm@17516: | PX "'a pol" nat "'a pol" wenzelm@17516: wenzelm@17516: datatype 'a polex = wenzelm@20622: Pol "'a pol" wenzelm@17516: | Add "'a polex" "'a polex" wenzelm@17516: | Sub "'a polex" "'a polex" wenzelm@17516: | Mul "'a polex" "'a polex" wenzelm@17516: | Pow "'a polex" nat wenzelm@17516: | Neg "'a polex" wenzelm@17516: wenzelm@17516: text {* Interpretation functions for the shadow syntax. *} wenzelm@17516: wenzelm@17516: consts wenzelm@17516: Ipol :: "'a::{comm_ring,recpower} list \ 'a pol \ 'a" wenzelm@17516: Ipolex :: "'a::{comm_ring,recpower} list \ 'a polex \ 'a" wenzelm@17516: wenzelm@17516: primrec wenzelm@17516: "Ipol l (Pc c) = c" wenzelm@17516: "Ipol l (Pinj i P) = Ipol (drop i l) P" wenzelm@17516: "Ipol l (PX P x Q) = Ipol l P * (hd l)^x + Ipol (drop 1 l) Q" wenzelm@17516: wenzelm@17516: primrec wenzelm@17516: "Ipolex l (Pol P) = Ipol l P" wenzelm@17516: "Ipolex l (Add P Q) = Ipolex l P + Ipolex l Q" wenzelm@17516: "Ipolex l (Sub P Q) = Ipolex l P - Ipolex l Q" wenzelm@17516: "Ipolex l (Mul P Q) = Ipolex l P * Ipolex l Q" wenzelm@17516: "Ipolex l (Pow p n) = Ipolex l p ^ n" wenzelm@17516: "Ipolex l (Neg P) = - Ipolex l P" wenzelm@17516: wenzelm@17516: text {* Create polynomial normalized polynomials given normalized inputs. *} wenzelm@17516: wenzelm@19736: definition wenzelm@17516: mkPinj :: "nat \ 'a pol \ 'a pol" wenzelm@19736: "mkPinj x P = (case P of wenzelm@17516: Pc c \ Pc c | wenzelm@17516: Pinj y P \ Pinj (x + y) P | wenzelm@17516: PX p1 y p2 \ Pinj x P)" wenzelm@17516: wenzelm@19736: definition wenzelm@17516: mkPX :: "'a::{comm_ring,recpower} pol \ nat \ 'a pol \ 'a pol" wenzelm@19736: "mkPX P i Q = (case P of wenzelm@17516: Pc c \ (if (c = 0) then (mkPinj 1 Q) else (PX P i Q)) | wenzelm@17516: Pinj j R \ PX P i Q | wenzelm@17516: PX P2 i2 Q2 \ (if (Q2 = (Pc 0)) then (PX P2 (i+i2) Q) else (PX P i Q)) )" wenzelm@17516: wenzelm@17516: text {* Defining the basic ring operations on normalized polynomials *} wenzelm@17516: wenzelm@17516: consts wenzelm@17516: add :: "'a::{comm_ring,recpower} pol \ 'a pol \ 'a pol" wenzelm@17516: mul :: "'a::{comm_ring,recpower} pol \ 'a pol \ 'a pol" wenzelm@17516: neg :: "'a::{comm_ring,recpower} pol \ 'a pol" wenzelm@17516: sqr :: "'a::{comm_ring,recpower} pol \ 'a pol" wenzelm@17516: pow :: "'a::{comm_ring,recpower} pol \ nat \ 'a pol" wenzelm@17516: wenzelm@17516: text {* Addition *} wenzelm@17516: recdef add "measure (\(x, y). size x + size y)" wenzelm@17516: "add (Pc a, Pc b) = Pc (a + b)" wenzelm@17516: "add (Pc c, Pinj i P) = Pinj i (add (P, Pc c))" wenzelm@17516: "add (Pinj i P, Pc c) = Pinj i (add (P, Pc c))" wenzelm@17516: "add (Pc c, PX P i Q) = PX P i (add (Q, Pc c))" wenzelm@17516: "add (PX P i Q, Pc c) = PX P i (add (Q, Pc c))" wenzelm@17516: "add (Pinj x P, Pinj y Q) = wenzelm@17516: (if x=y then mkPinj x (add (P, Q)) wenzelm@17516: else (if x>y then mkPinj y (add (Pinj (x-y) P, Q)) wenzelm@17516: else mkPinj x (add (Pinj (y-x) Q, P)) ))" wenzelm@17516: "add (Pinj x P, PX Q y R) = wenzelm@17516: (if x=0 then add(P, PX Q y R) wenzelm@17516: else (if x=1 then PX Q y (add (R, P)) wenzelm@17516: else PX Q y (add (R, Pinj (x - 1) P))))" wenzelm@17516: "add (PX P x R, Pinj y Q) = wenzelm@17516: (if y=0 then add(PX P x R, Q) wenzelm@17516: else (if y=1 then PX P x (add (R, Q)) wenzelm@17516: else PX P x (add (R, Pinj (y - 1) Q))))" wenzelm@17516: "add (PX P1 x P2, PX Q1 y Q2) = wenzelm@17516: (if x=y then mkPX (add (P1, Q1)) x (add (P2, Q2)) wenzelm@17516: else (if x>y then mkPX (add (PX P1 (x-y) (Pc 0), Q1)) y (add (P2,Q2)) wenzelm@17516: else mkPX (add (PX Q1 (y-x) (Pc 0), P1)) x (add (P2,Q2)) ))" wenzelm@17516: wenzelm@17516: text {* Multiplication *} wenzelm@17516: recdef mul "measure (\(x, y). size x + size y)" wenzelm@17516: "mul (Pc a, Pc b) = Pc (a*b)" wenzelm@17516: "mul (Pc c, Pinj i P) = (if c=0 then Pc 0 else mkPinj i (mul (P, Pc c)))" wenzelm@17516: "mul (Pinj i P, Pc c) = (if c=0 then Pc 0 else mkPinj i (mul (P, Pc c)))" wenzelm@17516: "mul (Pc c, PX P i Q) = wenzelm@17516: (if c=0 then Pc 0 else mkPX (mul (P, Pc c)) i (mul (Q, Pc c)))" wenzelm@17516: "mul (PX P i Q, Pc c) = wenzelm@17516: (if c=0 then Pc 0 else mkPX (mul (P, Pc c)) i (mul (Q, Pc c)))" wenzelm@17516: "mul (Pinj x P, Pinj y Q) = wenzelm@17516: (if x=y then mkPinj x (mul (P, Q)) wenzelm@17516: else (if x>y then mkPinj y (mul (Pinj (x-y) P, Q)) wenzelm@17516: else mkPinj x (mul (Pinj (y-x) Q, P)) ))" wenzelm@17516: "mul (Pinj x P, PX Q y R) = wenzelm@17516: (if x=0 then mul(P, PX Q y R) wenzelm@17516: else (if x=1 then mkPX (mul (Pinj x P, Q)) y (mul (R, P)) wenzelm@17516: else mkPX (mul (Pinj x P, Q)) y (mul (R, Pinj (x - 1) P))))" wenzelm@17516: "mul (PX P x R, Pinj y Q) = wenzelm@17516: (if y=0 then mul(PX P x R, Q) wenzelm@17516: else (if y=1 then mkPX (mul (Pinj y Q, P)) x (mul (R, Q)) wenzelm@17516: else mkPX (mul (Pinj y Q, P)) x (mul (R, Pinj (y - 1) Q))))" wenzelm@17516: "mul (PX P1 x P2, PX Q1 y Q2) = wenzelm@17516: add (mkPX (mul (P1, Q1)) (x+y) (mul (P2, Q2)), wenzelm@17516: add (mkPX (mul (P1, mkPinj 1 Q2)) x (Pc 0), mkPX (mul (Q1, mkPinj 1 P2)) y (Pc 0)) )" wenzelm@17516: (hints simp add: mkPinj_def split: pol.split) wenzelm@17516: wenzelm@17516: text {* Negation*} wenzelm@17516: primrec wenzelm@17516: "neg (Pc c) = Pc (-c)" wenzelm@17516: "neg (Pinj i P) = Pinj i (neg P)" wenzelm@17516: "neg (PX P x Q) = PX (neg P) x (neg Q)" wenzelm@17516: wenzelm@17516: text {* Substraction *} wenzelm@19736: definition wenzelm@17516: sub :: "'a::{comm_ring,recpower} pol \ 'a pol \ 'a pol" wenzelm@19736: "sub p q = add (p, neg q)" wenzelm@17516: wenzelm@17516: text {* Square for Fast Exponentation *} wenzelm@17516: primrec wenzelm@17516: "sqr (Pc c) = Pc (c * c)" wenzelm@17516: "sqr (Pinj i P) = mkPinj i (sqr P)" wenzelm@17516: "sqr (PX A x B) = add (mkPX (sqr A) (x + x) (sqr B), wenzelm@17516: mkPX (mul (mul (Pc (1 + 1), A), mkPinj 1 B)) x (Pc 0))" wenzelm@17516: wenzelm@17516: text {* Fast Exponentation *} wenzelm@20622: lemma pow_wf: "odd n \ (n::nat) div 2 < n" by (cases n) auto wenzelm@17516: recdef pow "measure (\(x, y). y)" wenzelm@17516: "pow (p, 0) = Pc 1" wenzelm@17516: "pow (p, n) = (if even n then (pow (sqr p, n div 2)) else mul (p, pow (sqr p, n div 2)))" wenzelm@17516: (hints simp add: pow_wf) wenzelm@17516: wenzelm@17516: lemma pow_if: wenzelm@17516: "pow (p,n) = wenzelm@17516: (if n = 0 then Pc 1 else if even n then pow (sqr p, n div 2) wenzelm@17516: else mul (p, pow (sqr p, n div 2)))" wenzelm@17516: by (cases n) simp_all wenzelm@17516: wenzelm@17516: (* wenzelm@17516: lemma number_of_nat_B0: "(number_of (w BIT bit.B0) ::nat) = 2* (number_of w)" wenzelm@17516: by simp wenzelm@17516: wenzelm@17516: lemma number_of_nat_even: "even (number_of (w BIT bit.B0)::nat)" wenzelm@17516: by simp wenzelm@17516: wenzelm@17516: lemma pow_even : "pow (p, number_of(w BIT bit.B0)) = pow (sqr p, number_of w)" wenzelm@17516: ( is "pow(?p,?n) = pow (_,?n2)") wenzelm@17516: proof- wenzelm@17516: have "even ?n" by simp wenzelm@17516: hence "pow (p, ?n) = pow (sqr p, ?n div 2)" wenzelm@17516: apply simp wenzelm@17516: apply (cases "IntDef.neg (number_of w)") wenzelm@17516: apply simp wenzelm@17516: done wenzelm@17516: *) wenzelm@17516: wenzelm@17516: text {* Normalization of polynomial expressions *} wenzelm@17516: wenzelm@17516: consts norm :: "'a::{comm_ring,recpower} polex \ 'a pol" wenzelm@17516: primrec wenzelm@17516: "norm (Pol P) = P" wenzelm@17516: "norm (Add P Q) = add (norm P, norm Q)" wenzelm@17516: "norm (Sub p q) = sub (norm p) (norm q)" wenzelm@17516: "norm (Mul P Q) = mul (norm P, norm Q)" wenzelm@17516: "norm (Pow p n) = pow (norm p, n)" wenzelm@17516: "norm (Neg P) = neg (norm P)" wenzelm@17516: wenzelm@17516: text {* mkPinj preserve semantics *} wenzelm@17516: lemma mkPinj_ci: "Ipol l (mkPinj a B) = Ipol l (Pinj a B)" wenzelm@17516: by (induct B) (auto simp add: mkPinj_def ring_eq_simps) wenzelm@17516: wenzelm@17516: text {* mkPX preserves semantics *} wenzelm@17516: lemma mkPX_ci: "Ipol l (mkPX A b C) = Ipol l (PX A b C)" wenzelm@17516: by (cases A) (auto simp add: mkPX_def mkPinj_ci power_add ring_eq_simps) wenzelm@17516: wenzelm@17516: text {* Correctness theorems for the implemented operations *} wenzelm@17516: wenzelm@17516: text {* Negation *} wenzelm@20622: lemma neg_ci: "Ipol l (neg P) = -(Ipol l P)" wenzelm@20622: by (induct P arbitrary: l) auto wenzelm@17516: wenzelm@17516: text {* Addition *} wenzelm@20622: lemma add_ci: "Ipol l (add (P, Q)) = Ipol l P + Ipol l Q" wenzelm@20622: proof (induct P Q arbitrary: l rule: add.induct) wenzelm@17516: case (6 x P y Q) wenzelm@17516: show ?case wenzelm@17516: proof (rule linorder_cases) wenzelm@17516: assume "x < y" wenzelm@17516: with 6 show ?case by (simp add: mkPinj_ci ring_eq_simps) wenzelm@17516: next wenzelm@17516: assume "x = y" wenzelm@17516: with 6 show ?case by (simp add: mkPinj_ci) wenzelm@17516: next wenzelm@17516: assume "x > y" wenzelm@17516: with 6 show ?case by (simp add: mkPinj_ci ring_eq_simps) wenzelm@17516: qed wenzelm@17516: next wenzelm@17516: case (7 x P Q y R) wenzelm@17516: have "x = 0 \ x = 1 \ x > 1" by arith wenzelm@17516: moreover wenzelm@17516: { assume "x = 0" with 7 have ?case by simp } wenzelm@17516: moreover wenzelm@17516: { assume "x = 1" with 7 have ?case by (simp add: ring_eq_simps) } wenzelm@17516: moreover wenzelm@17516: { assume "x > 1" from 7 have ?case by (cases x) simp_all } wenzelm@17516: ultimately show ?case by blast wenzelm@17516: next wenzelm@17516: case (8 P x R y Q) wenzelm@17516: have "y = 0 \ y = 1 \ y > 1" by arith wenzelm@17516: moreover wenzelm@17516: { assume "y = 0" with 8 have ?case by simp } wenzelm@17516: moreover wenzelm@17516: { assume "y = 1" with 8 have ?case by simp } wenzelm@17516: moreover wenzelm@17516: { assume "y > 1" with 8 have ?case by simp } wenzelm@17516: ultimately show ?case by blast wenzelm@17516: next wenzelm@17516: case (9 P1 x P2 Q1 y Q2) wenzelm@17516: show ?case wenzelm@17516: proof (rule linorder_cases) wenzelm@17516: assume a: "x < y" hence "EX d. d + x = y" by arith wenzelm@17516: with 9 a show ?case by (auto simp add: mkPX_ci power_add ring_eq_simps) wenzelm@17516: next wenzelm@17516: assume a: "y < x" hence "EX d. d + y = x" by arith wenzelm@17516: with 9 a show ?case by (auto simp add: power_add mkPX_ci ring_eq_simps) wenzelm@17516: next wenzelm@17516: assume "x = y" wenzelm@17516: with 9 show ?case by (simp add: mkPX_ci ring_eq_simps) wenzelm@17516: qed wenzelm@17516: qed (auto simp add: ring_eq_simps) wenzelm@17516: wenzelm@17516: text {* Multiplication *} wenzelm@20622: lemma mul_ci: "Ipol l (mul (P, Q)) = Ipol l P * Ipol l Q" wenzelm@20622: by (induct P Q arbitrary: l rule: mul.induct) wenzelm@17516: (simp_all add: mkPX_ci mkPinj_ci ring_eq_simps add_ci power_add) wenzelm@17516: wenzelm@17516: text {* Substraction *} wenzelm@17516: lemma sub_ci: "Ipol l (sub p q) = Ipol l p - Ipol l q" wenzelm@17516: by (simp add: add_ci neg_ci sub_def) wenzelm@17516: wenzelm@17516: text {* Square *} wenzelm@20622: lemma sqr_ci: "Ipol ls (sqr p) = Ipol ls p * Ipol ls p" wenzelm@20622: by (induct p arbitrary: ls) wenzelm@20622: (simp_all add: add_ci mkPinj_ci mkPX_ci mul_ci ring_eq_simps power_add) wenzelm@17516: wenzelm@17516: wenzelm@17516: text {* Power *} wenzelm@20622: lemma even_pow:"even n \ pow (p, n) = pow (sqr p, n div 2)" wenzelm@20622: by (induct n) simp_all wenzelm@17516: wenzelm@20622: lemma pow_ci: "Ipol ls (pow (p, n)) = Ipol ls p ^ n" wenzelm@20622: proof (induct n arbitrary: p rule: nat_less_induct) wenzelm@17516: case (1 k) wenzelm@20622: have two: "2 = Suc (Suc 0)" by simp wenzelm@17516: show ?case wenzelm@17516: proof (cases k) wenzelm@20622: case 0 wenzelm@20622: then show ?thesis by simp wenzelm@20622: next wenzelm@17516: case (Suc l) wenzelm@17516: show ?thesis wenzelm@17516: proof cases wenzelm@20622: assume "even l" wenzelm@20622: then have "Suc l div 2 = l div 2" wenzelm@20622: by (simp add: nat_number even_nat_plus_one_div_two) wenzelm@17516: moreover wenzelm@17516: from Suc have "l < k" by simp wenzelm@20622: with 1 have "\p. Ipol ls (pow (p, l)) = Ipol ls p ^ l" by simp wenzelm@17516: moreover wenzelm@20622: note Suc `even l` even_nat_plus_one_div_two wenzelm@17516: ultimately show ?thesis by (auto simp add: mul_ci power_Suc even_pow) wenzelm@17516: next wenzelm@20622: assume "odd l" wenzelm@20622: { wenzelm@20622: fix p wenzelm@20622: have "Ipol ls (sqr p) ^ (Suc l div 2) = Ipol ls p ^ Suc l" wenzelm@20622: proof (cases l) wenzelm@20622: case 0 wenzelm@20622: with `odd l` show ?thesis by simp wenzelm@20622: next wenzelm@20622: case (Suc w) wenzelm@20622: with `odd l` have "even w" by simp wenzelm@20622: from two have two_times: "2 * (w div 2) = w" wenzelm@20622: by (simp only: even_nat_div_two_times_two [OF `even w`]) wenzelm@20622: have "Ipol ls p * Ipol ls p = Ipol ls p ^ Suc (Suc 0)" wenzelm@20622: by (simp add: power_Suc) wenzelm@20622: from this and two [symmetric] have "Ipol ls p * Ipol ls p = Ipol ls p ^ 2" wenzelm@20622: by simp wenzelm@20622: with Suc show ?thesis wenzelm@20622: by (auto simp add: power_mult[symmetric, of _ 2 _] two_times mul_ci sqr_ci) wenzelm@20622: qed wenzelm@20622: } with 1 Suc `odd l` show ?thesis by simp wenzelm@17516: qed wenzelm@17516: qed wenzelm@17516: qed wenzelm@17516: wenzelm@17516: text {* Normalization preserves semantics *} wenzelm@20622: lemma norm_ci: "Ipolex l Pe = Ipol l (norm Pe)" wenzelm@17516: by (induct Pe) (simp_all add: add_ci sub_ci mul_ci neg_ci pow_ci) wenzelm@17516: wenzelm@17516: text {* Reflection lemma: Key to the (incomplete) decision procedure *} wenzelm@17516: lemma norm_eq: wenzelm@20622: assumes "norm P1 = norm P2" wenzelm@17516: shows "Ipolex l P1 = Ipolex l P2" wenzelm@17516: proof - wenzelm@20622: from prems have "Ipol l (norm P1) = Ipol l (norm P2)" by simp wenzelm@20622: then show ?thesis by (simp only: norm_ci) wenzelm@17516: qed wenzelm@17516: wenzelm@17516: wenzelm@17516: use "comm_ring.ML" wenzelm@18708: setup CommRing.setup wenzelm@17516: wenzelm@17516: end