# HG changeset patch # User chaieb # Date 1181552760 -7200 # Node ID 6894137e854a52a53b8e0809358e64fa1058aa38 # Parent af2847a95751ecaad6b0c546a0c12a4078fc2337 A new and cleaned up Theory for QE. for Presburger arithmetic diff -r af2847a95751 -r 6894137e854a src/HOL/Presburger.thy --- a/src/HOL/Presburger.thy Mon Jun 11 11:05:59 2007 +0200 +++ b/src/HOL/Presburger.thy Mon Jun 11 11:06:00 2007 +0200 @@ -1,629 +1,191 @@ (* Title: HOL/Presburger.thy ID: $Id$ - Author: Amine Chaieb, Tobias Nipkow and Stefan Berghofer, TU Muenchen + Author: Amine Chaieb, TU Muenchen *) -header {* Presburger Arithmetic: Cooper's Algorithm *} - theory Presburger imports NatSimprocs SetInterval -uses - ("Tools/Presburger/cooper_dec.ML") - ("Tools/Presburger/cooper_proof.ML") - ("Tools/Presburger/qelim.ML") - ("Tools/Presburger/reflected_presburger.ML") - ("Tools/Presburger/reflected_cooper.ML") - ("Tools/Presburger/presburger.ML") + uses "Tools/Presburger/cooper_data" "Tools/Presburger/qelim" + "Tools/Presburger/generated_cooper.ML" + ("Tools/Presburger/cooper.ML") ("Tools/Presburger/presburger.ML") + begin - -text {* Theorem for unitifying the coeffitients of @{text x} in an existential formula*} - -theorem unity_coeff_ex: "(\x::int. P (l * x)) = (\x. l dvd (1*x+0) \ P x)" - apply (rule iffI) - apply (erule exE) - apply (rule_tac x = "l * x" in exI) - apply simp - apply (erule exE) - apply (erule conjE) - apply (erule dvdE) - apply (rule_tac x = k in exI) - apply simp - done - -lemma uminus_dvd_conv: "(d dvd (t::int)) = (-d dvd t)" -apply(unfold dvd_def) -apply(rule iffI) -apply(clarsimp) -apply(rename_tac k) -apply(rule_tac x = "-k" in exI) -apply simp -apply(clarsimp) -apply(rename_tac k) -apply(rule_tac x = "-k" in exI) -apply simp -done +setup {* Cooper_Data.setup*} -lemma uminus_dvd_conv': "(d dvd (t::int)) = (d dvd -t)" -apply(unfold dvd_def) -apply(rule iffI) -apply(clarsimp) -apply(rule_tac x = "-k" in exI) -apply simp -apply(clarsimp) -apply(rule_tac x = "-k" in exI) -apply simp -done - - - -text {*Theorems for the combination of proofs of the equality of @{text P} and @{text P_m} for integers @{text x} less than some integer @{text z}.*} - -theorem eq_minf_conjI: "\z1::int. \x. x < z1 \ (A1 x = A2 x) \ - \z2::int. \x. x < z2 \ (B1 x = B2 x) \ - \z::int. \x. x < z \ ((A1 x \ B1 x) = (A2 x \ B2 x))" - apply (erule exE)+ - apply (rule_tac x = "min z1 z2" in exI) - apply simp - done - - -theorem eq_minf_disjI: "\z1::int. \x. x < z1 \ (A1 x = A2 x) \ - \z2::int. \x. x < z2 \ (B1 x = B2 x) \ - \z::int. \x. x < z \ ((A1 x \ B1 x) = (A2 x \ B2 x))" - - apply (erule exE)+ - apply (rule_tac x = "min z1 z2" in exI) - apply simp - done - - -text {*Theorems for the combination of proofs of the equality of @{text P} and @{text P_m} for integers @{text x} greather than some integer @{text z}.*} +section{* The @{text "-\"} and @{text "+\"} Properties *} -theorem eq_pinf_conjI: "\z1::int. \x. z1 < x \ (A1 x = A2 x) \ - \z2::int. \x. z2 < x \ (B1 x = B2 x) \ - \z::int. \x. z < x \ ((A1 x \ B1 x) = (A2 x \ B2 x))" - apply (erule exE)+ - apply (rule_tac x = "max z1 z2" in exI) - apply simp - done - - -theorem eq_pinf_disjI: "\z1::int. \x. z1 < x \ (A1 x = A2 x) \ - \z2::int. \x. z2 < x \ (B1 x = B2 x) \ - \z::int. \x. z < x \ ((A1 x \ B1 x) = (A2 x \ B2 x))" - apply (erule exE)+ - apply (rule_tac x = "max z1 z2" in exI) - apply simp - done - -text {* - \medskip Theorems for the combination of proofs of the modulo @{text - D} property for @{text "P plusinfinity"} - - FIXME: This is THE SAME theorem as for the @{text minusinf} version, - but with @{text "+k.."} instead of @{text "-k.."} In the future - replace these both with only one. *} - -theorem modd_pinf_conjI: "\(x::int) k. A x = A (x+k*d) \ - \(x::int) k. B x = B (x+k*d) \ - \(x::int) (k::int). (A x \ B x) = (A (x+k*d) \ B (x+k*d))" - by simp - -theorem modd_pinf_disjI: "\(x::int) k. A x = A (x+k*d) \ - \(x::int) k. B x = B (x+k*d) \ - \(x::int) (k::int). (A x \ B x) = (A (x+k*d) \ B (x+k*d))" - by simp - -text {* - This is one of the cases where the simplifed formula is prooved to - habe some property (in relation to @{text P_m}) but we need to prove - the property for the original formula (@{text P_m}) - - FIXME: This is exaclty the same thm as for @{text minusinf}. *} - -lemma pinf_simp_eq: "ALL x. P(x) = Q(x) ==> (EX (x::int). P(x)) --> (EX (x::int). F(x)) ==> (EX (x::int). Q(x)) --> (EX (x::int). F(x)) " - by blast - - -text {* - \medskip Theorems for the combination of proofs of the modulo @{text D} - property for @{text "P minusinfinity"} *} - -theorem modd_minf_conjI: "\(x::int) k. A x = A (x-k*d) \ - \(x::int) k. B x = B (x-k*d) \ - \(x::int) (k::int). (A x \ B x) = (A (x-k*d) \ B (x-k*d))" - by simp - -theorem modd_minf_disjI: "\(x::int) k. A x = A (x-k*d) \ - \(x::int) k. B x = B (x-k*d) \ - \(x::int) (k::int). (A x \ B x) = (A (x-k*d) \ B (x-k*d))" - by simp - -text {* - This is one of the cases where the simplifed formula is prooved to - have some property (in relation to @{text P_m}) but we need to - prove the property for the original formula (@{text P_m}). *} - -lemma minf_simp_eq: "ALL x. P(x) = Q(x) ==> (EX (x::int). P(x)) --> (EX (x::int). F(x)) ==> (EX (x::int). Q(x)) --> (EX (x::int). F(x)) " - by blast - -text {* - Theorem needed for proving at runtime divide properties using the - arithmetic tactic (which knows only about modulo = 0). *} - -lemma zdvd_iff_zmod_eq_0: "(m dvd n) = (n mod m = (0::int))" - by(simp add:dvd_def zmod_eq_0_iff) +lemma minf: + "\\(z ::'a::linorder).\xz.\x + \ \z.\x Q x) = (P' x \ Q' x)" + "\\(z ::'a::linorder).\xz.\x + \ \z.\x Q x) = (P' x \ Q' x)" + "\(z ::'a::{linorder}).\x(z ::'a::{linorder}).\x t) = True" + "\(z ::'a::{linorder}).\x(z ::'a::{linorder}).\x t) = True" + "\(z ::'a::{linorder}).\x t) = False" + "\(z ::'a::{linorder}).\x t) = False" + "\z.\(x::'a::{linorder,plus,times})z.\(x::'a::{linorder,plus,times}) d dvd x + s) = (\ d dvd x + s)" + "\z.\x ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a - j)) --> P1(x) --> P1(x + d)) -==> -(ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a - j)) --> P2(x) --> P2(x + d)) -==> -(ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a - j)) -->(P1(x) \ P2(x)) --> (P1(x + d) \ P2(x + d))) " - by blast - - -lemma not_ast_p_conjI: "(ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a- j)) --> P1(x) --> P1(x + d)) -==> -(ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a - j)) --> P2(x) --> P2(x + d)) -==> -(ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a - j)) -->(P1(x) \ P2(x)) --> (P1(x + d) -\ P2(x + d))) " - by blast - -lemma not_ast_p_Q_elim: " -(ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a - j)) -->P(x) --> P(x + d)) -==> ( P = Q ) -==> (ALL x. ~(EX (j::int) : {1..d}. EX (a::int) : A. P(a - j)) -->P(x) --> P(x + d))" - by blast - -text {* - \medskip Theorems used for the combination of proof for the - backwards direction of Cooper's Theorem. They rely exclusively on - Predicate calculus.*} - -lemma not_bst_p_disjI: "(ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) --> P1(x) --> P1(x - d)) -==> -(ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) --> P2(x) --> P2(x - d)) -==> -(ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) -->(P1(x) \ P2(x)) --> (P1(x - d) -\ P2(x-d))) " - by blast - -lemma not_bst_p_conjI: "(ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) --> P1(x) --> P1(x - d)) -==> -(ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) --> P2(x) --> P2(x - d)) -==> -(ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) -->(P1(x) \ P2(x)) --> (P1(x - d) -\ P2(x-d))) " - by blast - -lemma not_bst_p_Q_elim: " -(ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) -->P(x) --> P(x - d)) -==> ( P = Q ) -==> (ALL x. ~(EX (j::int) : {1..d}. EX (b::int) : B. P(b+j)) -->P(x) --> P(x - d))" - by blast - -text {* \medskip This is the first direction of Cooper's Theorem. *} -lemma cooper_thm: "(R --> (EX x::int. P x)) ==> (Q -->(EX x::int. P x )) ==> ((R|Q) --> (EX x::int. P x )) " - by blast - -text {* - \medskip The full Cooper's Theorem in its equivalence Form. Given - the premises it is trivial too, it relies exclusively on prediacte calculus.*} -lemma cooper_eq_thm: "(R --> (EX x::int. P x)) ==> (Q -->(EX x::int. P x )) ==> ((~Q) ---> (EX x::int. P x ) --> R) ==> (EX x::int. P x) = R|Q " - by blast - -text {* - \medskip Some of the atomic theorems generated each time the atom - does not depend on @{text x}, they are trivial.*} - -lemma fm_eq_minf: "EX z::int. ALL x. x < z --> (P = P) " - by blast - -lemma fm_modd_minf: "ALL (x::int). ALL (k::int). (P = P)" - by blast +lemma pinf: + "\\(z ::'a::linorder).\x>z. P x = P' x; \z.\x>z. Q x = Q' x\ + \ \z.\x>z. (P x \ Q x) = (P' x \ Q' x)" + "\\(z ::'a::linorder).\x>z. P x = P' x; \z.\x>z. Q x = Q' x\ + \ \z.\x>z. (P x \ Q x) = (P' x \ Q' x)" + "\(z ::'a::{linorder}).\x>z.(x = t) = False" + "\(z ::'a::{linorder}).\x>z.(x \ t) = True" + "\(z ::'a::{linorder}).\x>z.(x < t) = False" + "\(z ::'a::{linorder}).\x>z.(x \ t) = False" + "\(z ::'a::{linorder}).\x>z.(x > t) = True" + "\(z ::'a::{linorder}).\x>z.(x \ t) = True" + "\z.\(x::'a::{linorder,plus,times})>z. (d dvd x + s) = (d dvd x + s)" + "\z.\(x::'a::{linorder,plus,times})>z. (\ d dvd x + s) = (\ d dvd x + s)" + "\z.\x>z. F = F" + by ((erule exE, erule exE,rule_tac x="max z za" in exI,simp)+,(rule_tac x="t" in exI,fastsimp)+) simp_all -lemma not_bst_p_fm: "ALL (x::int). Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) --> fm --> fm" - by blast - -lemma fm_eq_pinf: "EX z::int. ALL x. z < x --> (P = P) " - by blast - -text {* The next two thms are the same as the @{text minusinf} version. *} - -lemma fm_modd_pinf: "ALL (x::int). ALL (k::int). (P = P)" - by blast - -lemma not_ast_p_fm: "ALL (x::int). Q(x::int) \ ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a - j)) --> fm --> fm" - by blast - -text {* Theorems to be deleted from simpset when proving simplified formulaes. *} - -lemma P_eqtrue: "(P=True) = P" - by iprover - -lemma P_eqfalse: "(P=False) = (~P)" - by iprover - -text {* - \medskip Theorems for the generation of the bachwards direction of - Cooper's Theorem. - - These are the 6 interesting atomic cases which have to be proved relying on the - properties of B-set and the arithmetic and contradiction proofs. *} - -lemma not_bst_p_lt: "0 < (d::int) ==> - ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) --> ( 0 < -x + a) --> (0 < -(x - d) + a )" - by arith - -lemma not_bst_p_gt: "\ (g::int) \ B; g = -a \ \ - ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) --> (0 < (x) + a) --> ( 0 < (x - d) + a)" -apply clarsimp -apply(rule ccontr) -apply(drule_tac x = "x+a" in bspec) -apply(simp add:atLeastAtMost_iff) -apply(drule_tac x = "-a" in bspec) -apply assumption -apply(simp) -done - -lemma not_bst_p_eq: "\ 0 < d; (g::int) \ B; g = -a - 1 \ \ - ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) --> (0 = x + a) --> (0 = (x - d) + a )" -apply clarsimp -apply(subgoal_tac "x = -a") - prefer 2 apply arith -apply(drule_tac x = "1" in bspec) -apply(simp add:atLeastAtMost_iff) -apply(drule_tac x = "-a- 1" in bspec) -apply assumption -apply(simp) -done - - -lemma not_bst_p_ne: "\ 0 < d; (g::int) \ B; g = -a \ \ - ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) --> ~(0 = x + a) --> ~(0 = (x - d) + a)" -apply clarsimp -apply(subgoal_tac "x = -a+d") - prefer 2 apply arith -apply(drule_tac x = "d" in bspec) -apply(simp add:atLeastAtMost_iff) -apply(drule_tac x = "-a" in bspec) -apply assumption -apply(simp) -done - - -lemma not_bst_p_dvd: "(d1::int) dvd d ==> - ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) --> d1 dvd (x + a) --> d1 dvd ((x - d) + a )" -apply(clarsimp simp add:dvd_def) -apply(rename_tac m) -apply(rule_tac x = "m - k" in exI) -apply(simp add:int_distrib) -done +lemma inf_period: + "\\x k. P x = P (x - k*D); \x k. Q x = Q (x - k*D)\ + \ \x k. (P x \ Q x) = (P (x - k*D) \ Q (x - k*D))" + "\\x k. P x = P (x - k*D); \x k. Q x = Q (x - k*D)\ + \ \x k. (P x \ Q x) = (P (x - k*D) \ Q (x - k*D))" + "(d::'a::{comm_ring}) dvd D \ \x k. (d dvd x + t) = (d dvd (x - k*D) + t)" + "(d::'a::{comm_ring}) dvd D \ \x k. (\d dvd x + t) = (\d dvd (x - k*D) + t)" + "\x k. F = F" +by simp_all + (clarsimp simp add: dvd_def, rule iffI, clarsimp,rule_tac x = "kb - ka*k" in exI, + simp add: ring_eq_simps, clarsimp,rule_tac x = "kb + ka*k" in exI,simp add: ring_eq_simps)+ -lemma not_bst_p_ndvd: "(d1::int) dvd d ==> - ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (b::int) : B. Q(b+j)) --> ~(d1 dvd (x + a)) --> ~(d1 dvd ((x - d) + a ))" -apply(clarsimp simp add:dvd_def) -apply(rename_tac m) -apply(erule_tac x = "m + k" in allE) -apply(simp add:int_distrib) -done - -text {* - \medskip Theorems for the generation of the bachwards direction of - Cooper's Theorem. - - These are the 6 interesting atomic cases which have to be proved - relying on the properties of A-set ant the arithmetic and - contradiction proofs. *} - -lemma not_ast_p_gt: "0 < (d::int) ==> - ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a - j)) --> ( 0 < x + t) --> (0 < (x + d) + t )" - by arith - -lemma not_ast_p_lt: "\0 < d ;(t::int) \ A \ \ - ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a - j)) --> (0 < -x + t) --> ( 0 < -(x + d) + t)" - apply clarsimp - apply (rule ccontr) - apply (drule_tac x = "t-x" in bspec) - apply simp - apply (drule_tac x = "t" in bspec) - apply assumption - apply simp - done - -lemma not_ast_p_eq: "\ 0 < d; (g::int) \ A; g = -t + 1 \ \ - ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a - j)) --> (0 = x + t) --> (0 = (x + d) + t )" - apply clarsimp - apply (drule_tac x="1" in bspec) - apply simp - apply (drule_tac x="- t + 1" in bspec) - apply assumption - apply(subgoal_tac "x = -t") - prefer 2 apply arith - apply simp - done - -lemma not_ast_p_ne: "\ 0 < d; (g::int) \ A; g = -t \ \ - ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a - j)) --> ~(0 = x + t) --> ~(0 = (x + d) + t)" - apply clarsimp - apply (subgoal_tac "x = -t-d") - prefer 2 apply arith - apply (drule_tac x = "d" in bspec) - apply simp - apply (drule_tac x = "-t" in bspec) - apply assumption - apply simp - done - -lemma not_ast_p_dvd: "(d1::int) dvd d ==> - ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a - j)) --> d1 dvd (x + t) --> d1 dvd ((x + d) + t )" - apply(clarsimp simp add:dvd_def) - apply(rename_tac m) - apply(rule_tac x = "m + k" in exI) - apply(simp add:int_distrib) - done - -lemma not_ast_p_ndvd: "(d1::int) dvd d ==> - ALL x. Q(x::int) \ ~(EX (j::int) : {1..d}. EX (a::int) : A. Q(a - j)) --> ~(d1 dvd (x + t)) --> ~(d1 dvd ((x + d) + t ))" - apply(clarsimp simp add:dvd_def) - apply(rename_tac m) - apply(erule_tac x = "m - k" in allE) - apply(simp add:int_distrib) - done - -text {* - \medskip These are the atomic cases for the proof generation for the - modulo @{text D} property for @{text "P plusinfinity"} - - They are fully based on arithmetics. *} - -lemma dvd_modd_pinf: "((d::int) dvd d1) ==> - (ALL (x::int). ALL (k::int). (((d::int) dvd (x + t)) = (d dvd (x+k*d1 + t))))" - apply(clarsimp simp add:dvd_def) - apply(rule iffI) - apply(clarsimp) - apply(rename_tac n m) - apply(rule_tac x = "m + n*k" in exI) - apply(simp add:int_distrib) - apply(clarsimp) - apply(rename_tac n m) - apply(rule_tac x = "m - n*k" in exI) - apply(simp add:int_distrib mult_ac) - done - -lemma not_dvd_modd_pinf: "((d::int) dvd d1) ==> - (ALL (x::int). ALL k. (~((d::int) dvd (x + t))) = (~(d dvd (x+k*d1 + t))))" - apply(clarsimp simp add:dvd_def) - apply(rule iffI) - apply(clarsimp) - apply(rename_tac n m) - apply(erule_tac x = "m - n*k" in allE) - apply(simp add:int_distrib mult_ac) - apply(clarsimp) - apply(rename_tac n m) - apply(erule_tac x = "m + n*k" in allE) - apply(simp add:int_distrib mult_ac) - done - -text {* - \medskip These are the atomic cases for the proof generation for the - equivalence of @{text P} and @{text "P plusinfinity"} for integers - @{text x} greater than some integer @{text z}. - - They are fully based on arithmetics. *} - -lemma eq_eq_pinf: "EX z::int. ALL x. z < x --> (( 0 = x +t ) = False )" - apply(rule_tac x = "-t" in exI) - apply simp - done - -lemma neq_eq_pinf: "EX z::int. ALL x. z < x --> ((~( 0 = x +t )) = True )" - apply(rule_tac x = "-t" in exI) - apply simp - done - -lemma le_eq_pinf: "EX z::int. ALL x. z < x --> ( 0 < x +t = True )" - apply(rule_tac x = "-t" in exI) - apply simp - done - -lemma len_eq_pinf: "EX z::int. ALL x. z < x --> (0 < -x +t = False )" - apply(rule_tac x = "t" in exI) - apply simp - done - -lemma dvd_eq_pinf: "EX z::int. ALL x. z < x --> ((d dvd (x + t)) = (d dvd (x + t))) " - by simp - -lemma not_dvd_eq_pinf: "EX z::int. ALL x. z < x --> ((~(d dvd (x + t))) = (~(d dvd (x + t)))) " - by simp - -text {* - \medskip These are the atomic cases for the proof generation for the - modulo @{text D} property for @{text "P minusinfinity"}. - - They are fully based on arithmetics. *} +section{* The A and B sets *} +lemma bset: + "\\x.(\j \ {1 .. D}. \b\B. x \ b + j)\ P x \ P(x - D) ; + \x.(\j\{1 .. D}. \b\B. x \ b + j)\ Q x \ Q(x - D)\ \ + \x.(\j\{1 .. D}. \b\B. x \ b + j) \ (P x \ Q x) \ (P(x - D) \ Q (x - D))" + "\\x.(\j\{1 .. D}. \b\B. x \ b + j)\ P x \ P(x - D) ; + \x.(\j\{1 .. D}. \b\B. x \ b + j)\ Q x \ Q(x - D)\ \ + \x.(\j\{1 .. D}. \b\B. x \ b + j)\ (P x \ Q x) \ (P(x - D) \ Q (x - D))" + "\D>0; t - 1\ B\ \ (\x.(\j\{1 .. D}. \b\B. x \ b + j)\ (x = t) \ (x - D = t))" + "\D>0 ; t \ B\ \(\(x::int).(\j\{1 .. D}. \b\B. x \ b + j)\ (x \ t) \ (x - D \ t))" + "D>0 \ (\(x::int).(\j\{1 .. D}. \b\B. x \ b + j)\ (x < t) \ (x - D < t))" + "D>0 \ (\(x::int).(\j\{1 .. D}. \b\B. x \ b + j)\ (x \ t) \ (x - D \ t))" + "\D>0 ; t \ B\ \(\(x::int).(\j\{1 .. D}. \b\B. x \ b + j)\ (x > t) \ (x - D > t))" + "\D>0 ; t - 1 \ B\ \(\(x::int).(\j\{1 .. D}. \b\B. x \ b + j)\ (x \ t) \ (x - D \ t))" + "d dvd D \(\(x::int).(\j\{1 .. D}. \b\B. x \ b + j)\ (d dvd x+t) \ (d dvd (x - D) + t))" + "d dvd D \(\(x::int).(\j\{1 .. D}. \b\B. x \ b + j)\ (\d dvd x+t) \ (\ d dvd (x - D) + t))" + "\x.(\j\{1 .. D}. \b\B. x \ b + j) \ F \ F" +proof (blast, blast) + assume dp: "D > 0" and tB: "t - 1\ B" + show "(\x.(\j\{1 .. D}. \b\B. x \ b + j)\ (x = t) \ (x - D = t))" + apply (rule allI, rule impI,erule ballE[where x="1"],erule ballE[where x="t - 1"]) + using dp tB by simp_all +next + assume dp: "D > 0" and tB: "t \ B" + show "(\x.(\j\{1 .. D}. \b\B. x \ b + j)\ (x \ t) \ (x - D \ t))" + apply (rule allI, rule impI,erule ballE[where x="D"],erule ballE[where x="t"]) + using dp tB by simp_all +next + assume dp: "D > 0" thus "(\x.(\j\{1 .. D}. \b\B. x \ b + j)\ (x < t) \ (x - D < t))" by arith +next + assume dp: "D > 0" thus "\x.(\j\{1 .. D}. \b\B. x \ b + j)\ (x \ t) \ (x - D \ t)" by arith +next + assume dp: "D > 0" and tB:"t \ B" + {fix x assume nob: "\j\{1 .. D}. \b\B. x \ b + j" and g: "x > t" and ng: "\ (x - D) > t" + hence "x -t \ D" and "1 \ x - t" by simp+ + hence "\j \ {1 .. D}. x - t = j" by auto + hence "\j \ {1 .. D}. x = t + j" by (simp add: ring_eq_simps) + with nob tB have "False" by simp} + thus "\x.(\j\{1 .. D}. \b\B. x \ b + j)\ (x > t) \ (x - D > t)" by blast +next + assume dp: "D > 0" and tB:"t - 1\ B" + {fix x assume nob: "\j\{1 .. D}. \b\B. x \ b + j" and g: "x \ t" and ng: "\ (x - D) \ t" + hence "x - (t - 1) \ D" and "1 \ x - (t - 1)" by simp+ + hence "\j \ {1 .. D}. x - (t - 1) = j" by auto + hence "\j \ {1 .. D}. x = (t - 1) + j" by (simp add: ring_eq_simps) + with nob tB have "False" by simp} + thus "\x.(\j\{1 .. D}. \b\B. x \ b + j)\ (x \ t) \ (x - D \ t)" by blast +next + assume d: "d dvd D" + {fix x assume H: "d dvd x + t" with d have "d dvd (x - D) + t" + by (clarsimp simp add: dvd_def,rule_tac x= "ka - k" in exI,simp add: ring_eq_simps)} + thus "\(x::int).(\j\{1 .. D}. \b\B. x \ b + j)\ (d dvd x+t) \ (d dvd (x - D) + t)" by simp +next + assume d: "d dvd D" + {fix x assume H: "\(d dvd x + t)" with d have "\d dvd (x - D) + t" + by (clarsimp simp add: dvd_def,erule_tac x= "ka + k" in allE,simp add: ring_eq_simps)} + thus "\(x::int).(\j\{1 .. D}. \b\B. x \ b + j)\ (\d dvd x+t) \ (\d dvd (x - D) + t)" by auto +qed blast -lemma dvd_modd_minf: "((d::int) dvd d1) ==> - (ALL (x::int). ALL (k::int). (((d::int) dvd (x + t)) = (d dvd (x-k*d1 + t))))" -apply(clarsimp simp add:dvd_def) -apply(rule iffI) -apply(clarsimp) -apply(rename_tac n m) -apply(rule_tac x = "m - n*k" in exI) -apply(simp add:int_distrib) -apply(clarsimp) -apply(rename_tac n m) -apply(rule_tac x = "m + n*k" in exI) -apply(simp add:int_distrib mult_ac) -done - - -lemma not_dvd_modd_minf: "((d::int) dvd d1) ==> - (ALL (x::int). ALL k. (~((d::int) dvd (x + t))) = (~(d dvd (x-k*d1 + t))))" -apply(clarsimp simp add:dvd_def) -apply(rule iffI) -apply(clarsimp) -apply(rename_tac n m) -apply(erule_tac x = "m + n*k" in allE) -apply(simp add:int_distrib mult_ac) -apply(clarsimp) -apply(rename_tac n m) -apply(erule_tac x = "m - n*k" in allE) -apply(simp add:int_distrib mult_ac) -done - -text {* - \medskip These are the atomic cases for the proof generation for the - equivalence of @{text P} and @{text "P minusinfinity"} for integers - @{text x} less than some integer @{text z}. - - They are fully based on arithmetics. *} - -lemma eq_eq_minf: "EX z::int. ALL x. x < z --> (( 0 = x +t ) = False )" -apply(rule_tac x = "-t" in exI) -apply simp -done - -lemma neq_eq_minf: "EX z::int. ALL x. x < z --> ((~( 0 = x +t )) = True )" -apply(rule_tac x = "-t" in exI) -apply simp -done - -lemma le_eq_minf: "EX z::int. ALL x. x < z --> ( 0 < x +t = False )" -apply(rule_tac x = "-t" in exI) -apply simp -done - - -lemma len_eq_minf: "EX z::int. ALL x. x < z --> (0 < -x +t = True )" -apply(rule_tac x = "t" in exI) -apply simp -done - -lemma dvd_eq_minf: "EX z::int. ALL x. x < z --> ((d dvd (x + t)) = (d dvd (x + t))) " - by simp - -lemma not_dvd_eq_minf: "EX z::int. ALL x. x < z --> ((~(d dvd (x + t))) = (~(d dvd (x + t)))) " - by simp - -text {* - \medskip This Theorem combines whithnesses about @{text "P - minusinfinity"} to show one component of the equivalence proof for - Cooper's Theorem. - - FIXME: remove once they are part of the distribution. *} +lemma aset: + "\\x.(\j\{1 .. D}. \b\A. x \ b - j)\ P x \ P(x + D) ; + \x.(\j\{1 .. D}. \b\A. x \ b - j)\ Q x \ Q(x + D)\ \ + \x.(\j\{1 .. D}. \b\A. x \ b - j) \ (P x \ Q x) \ (P(x + D) \ Q (x + D))" + "\\x.(\j\{1 .. D}. \b\A. x \ b - j)\ P x \ P(x + D) ; + \x.(\j\{1 .. D}. \b\A. x \ b - j)\ Q x \ Q(x + D)\ \ + \x.(\j\{1 .. D}. \b\A. x \ b - j)\ (P x \ Q x) \ (P(x + D) \ Q (x + D))" + "\D>0; t + 1\ A\ \ (\x.(\j\{1 .. D}. \b\A. x \ b - j)\ (x = t) \ (x + D = t))" + "\D>0 ; t \ A\ \(\(x::int).(\j\{1 .. D}. \b\A. x \ b - j)\ (x \ t) \ (x + D \ t))" + "\D>0; t\ A\ \(\(x::int). (\j\{1 .. D}. \b\A. x \ b - j)\ (x < t) \ (x + D < t))" + "\D>0; t + 1 \ A\ \ (\(x::int).(\j\{1 .. D}. \b\A. x \ b - j)\ (x \ t) \ (x + D \ t))" + "D>0 \(\(x::int).(\j\{1 .. D}. \b\A. x \ b - j)\ (x > t) \ (x + D > t))" + "D>0 \(\(x::int).(\j\{1 .. D}. \b\A. x \ b - j)\ (x \ t) \ (x + D \ t))" + "d dvd D \(\(x::int).(\j\{1 .. D}. \b\A. x \ b - j)\ (d dvd x+t) \ (d dvd (x + D) + t))" + "d dvd D \(\(x::int).(\j\{1 .. D}. \b\A. x \ b - j)\ (\d dvd x+t) \ (\ d dvd (x + D) + t))" + "\x.(\j\{1 .. D}. \b\A. x \ b - j) \ F \ F" +proof (blast, blast) + assume dp: "D > 0" and tA: "t + 1 \ A" + show "(\x.(\j\{1 .. D}. \b\A. x \ b - j)\ (x = t) \ (x + D = t))" + apply (rule allI, rule impI,erule ballE[where x="1"],erule ballE[where x="t + 1"]) + using dp tA by simp_all +next + assume dp: "D > 0" and tA: "t \ A" + show "(\x.(\j\{1 .. D}. \b\A. x \ b - j)\ (x \ t) \ (x + D \ t))" + apply (rule allI, rule impI,erule ballE[where x="D"],erule ballE[where x="t"]) + using dp tA by simp_all +next + assume dp: "D > 0" thus "(\x.(\j\{1 .. D}. \b\A. x \ b - j)\ (x > t) \ (x + D > t))" by arith +next + assume dp: "D > 0" thus "\x.(\j\{1 .. D}. \b\A. x \ b - j)\ (x \ t) \ (x + D \ t)" by arith +next + assume dp: "D > 0" and tA:"t \ A" + {fix x assume nob: "\j\{1 .. D}. \b\A. x \ b - j" and g: "x < t" and ng: "\ (x + D) < t" + hence "t - x \ D" and "1 \ t - x" by simp+ + hence "\j \ {1 .. D}. t - x = j" by auto + hence "\j \ {1 .. D}. x = t - j" by (auto simp add: ring_eq_simps) + with nob tA have "False" by simp} + thus "\x.(\j\{1 .. D}. \b\A. x \ b - j)\ (x < t) \ (x + D < t)" by blast +next + assume dp: "D > 0" and tA:"t + 1\ A" + {fix x assume nob: "\j\{1 .. D}. \b\A. x \ b - j" and g: "x \ t" and ng: "\ (x + D) \ t" + hence "(t + 1) - x \ D" and "1 \ (t + 1) - x" by (simp_all add: ring_eq_simps) + hence "\j \ {1 .. D}. (t + 1) - x = j" by auto + hence "\j \ {1 .. D}. x = (t + 1) - j" by (auto simp add: ring_eq_simps) + with nob tA have "False" by simp} + thus "\x.(\j\{1 .. D}. \b\A. x \ b - j)\ (x \ t) \ (x + D \ t)" by blast +next + assume d: "d dvd D" + {fix x assume H: "d dvd x + t" with d have "d dvd (x + D) + t" + by (clarsimp simp add: dvd_def,rule_tac x= "ka + k" in exI,simp add: ring_eq_simps)} + thus "\(x::int).(\j\{1 .. D}. \b\A. x \ b - j)\ (d dvd x+t) \ (d dvd (x + D) + t)" by simp +next + assume d: "d dvd D" + {fix x assume H: "\(d dvd x + t)" with d have "\d dvd (x + D) + t" + by (clarsimp simp add: dvd_def,erule_tac x= "ka - k" in allE,simp add: ring_eq_simps)} + thus "\(x::int).(\j\{1 .. D}. \b\A. x \ b - j)\ (\d dvd x+t) \ (\d dvd (x + D) + t)" by auto +qed blast -theorem int_ge_induct[consumes 1,case_names base step]: - assumes ge: "k \ (i::int)" and - base: "P(k)" and - step: "\i. \k \ i; P i\ \ P(i+1)" - shows "P i" -proof - - { fix n have "\i::int. n = nat(i-k) \ k <= i \ P i" - proof (induct n) - case 0 - hence "i = k" by arith - thus "P i" using base by simp - next - case (Suc n) - hence "n = nat((i - 1) - k)" by arith - moreover - have ki1: "k \ i - 1" using Suc.prems by arith - ultimately - have "P(i - 1)" by(rule Suc.hyps) - from step[OF ki1 this] show ?case by simp - qed - } - from this ge show ?thesis by fast -qed - -theorem int_gr_induct[consumes 1,case_names base step]: - assumes gr: "k < (i::int)" and - base: "P(k+1)" and - step: "\i. \k < i; P i\ \ P(i+1)" - shows "P i" -apply(rule int_ge_induct[of "k + 1"]) - using gr apply arith - apply(rule base) -apply(rule step) - apply simp+ -done - -lemma decr_lemma: "0 < (d::int) \ x - (abs(x-z)+1) * d < z" -apply(induct rule: int_gr_induct) - apply simp -apply (simp add:int_distrib) -done - -lemma incr_lemma: "0 < (d::int) \ z < x + (abs(x-z)+1) * d" -apply(induct rule: int_gr_induct) - apply simp -apply (simp add:int_distrib) -done +section{* Cooper's Theorem @{text "-\"} and @{text "+\"} Version *} -lemma minusinfinity: - assumes "0 < d" and - P1eqP1: "ALL x k. P1 x = P1(x - k*d)" and - ePeqP1: "EX z::int. ALL x. x < z \ (P x = P1 x)" - shows "(EX x. P1 x) \ (EX x. P x)" -proof - assume eP1: "EX x. P1 x" - then obtain x where P1: "P1 x" .. - from ePeqP1 obtain z where P1eqP: "ALL x. x < z \ (P x = P1 x)" .. - let ?w = "x - (abs(x-z)+1) * d" - show "EX x. P x" - proof - have w: "?w < z" by(rule decr_lemma) - have "P1 x = P1 ?w" using P1eqP1 by blast - also have "\ = P(?w)" using w P1eqP by blast - finally show "P ?w" using P1 by blast - qed -qed - -text {* - \medskip This Theorem combines whithnesses about @{text "P - minusinfinity"} to show one component of the equivalence proof for - Cooper's Theorem. *} - -lemma plusinfinity: - assumes "0 < d" and - P1eqP1: "ALL (x::int) (k::int). P1 x = P1 (x + k * d)" and - ePeqP1: "EX z::int. ALL x. z < x --> (P x = P1 x)" - shows "(EX x::int. P1 x) --> (EX x::int. P x)" -proof - assume eP1: "EX x. P1 x" - then obtain x where P1: "P1 x" .. - from ePeqP1 obtain z where P1eqP: "ALL x. z < x \ (P x = P1 x)" .. - let ?w = "x + (abs(x-z)+1) * d" - show "EX x. P x" - proof - have w: "z < ?w" by(rule incr_lemma) - have "P1 x = P1 ?w" using P1eqP1 by blast - also have "\ = P(?w)" using w P1eqP by blast - finally show "P ?w" using P1 by blast - qed -qed - -text {* - \medskip Theorem for periodic function on discrete sets. *} - -lemma minf_vee: +subsection{* First some trivial facts about periodic sets or predicates *} +lemma periodic_finite_ex: assumes dpos: "(0::int) < d" and modd: "ALL x k. P x = P(x - k*d)" shows "(EX x. P x) = (EX j : {1..d}. P j)" (is "?LHS = ?RHS") proof assume ?LHS then obtain x where P: "P x" .. - have "x mod d = x - (x div d)*d" - by(simp add:zmod_zdiv_equality mult_ac eq_diff_eq) + have "x mod d = x - (x div d)*d" by(simp add:zmod_zdiv_equality mult_ac eq_diff_eq) hence Pmod: "P x = P(x mod d)" using modd by simp show ?RHS proof (cases) @@ -644,425 +206,245 @@ qed ultimately show ?RHS .. qed -next - assume ?RHS thus ?LHS by blast -qed +qed auto -text {* - \medskip Theorem for periodic function on discrete sets. *} +subsection{* The @{text "-\"} Version*} + +lemma decr_lemma: "0 < (d::int) \ x - (abs(x-z)+1) * d < z" +by(induct rule: int_gr_induct,simp_all add:int_distrib) -lemma pinf_vee: - assumes dpos: "0 < (d::int)" and modd: "ALL (x::int) (k::int). P x = P (x+k*d)" - shows "(EX x::int. P x) = (EX (j::int) : {1..d} . P j)" - (is "?LHS = ?RHS") -proof - assume ?LHS - then obtain x where P: "P x" .. - have "x mod d = x + (-(x div d))*d" - by(simp add:zmod_zdiv_equality mult_ac eq_diff_eq) - hence Pmod: "P x = P(x mod d)" using modd by (simp only:) - show ?RHS - proof (cases) - assume "x mod d = 0" - hence "P 0" using P Pmod by simp - moreover have "P 0 = P(0 + 1*d)" using modd by blast - ultimately have "P d" by simp - moreover have "d : {1..d}" using dpos by(simp add:atLeastAtMost_iff) - ultimately show ?RHS .. - next - assume not0: "x mod d \ 0" - have "P(x mod d)" using dpos P Pmod by(simp add:pos_mod_sign pos_mod_bound) - moreover have "x mod d : {1..d}" - proof - - have "0 \ x mod d" by(rule pos_mod_sign) - moreover have "x mod d < d" by(rule pos_mod_bound) - ultimately show ?thesis using not0 by(simp add:atLeastAtMost_iff) - qed - ultimately show ?RHS .. - qed -next - assume ?RHS thus ?LHS by blast +lemma incr_lemma: "0 < (d::int) \ z < x + (abs(x-z)+1) * d" +by(induct rule: int_gr_induct, simp_all add:int_distrib) + +theorem int_induct[case_names base step1 step2]: + assumes + base: "P(k::int)" and step1: "\i. \k \ i; P i\ \ P(i+1)" and + step2: "\i. \k \ i; P i\ \ P(i - 1)" + shows "P i" +proof - + have "i \ k \ i\ k" by arith + thus ?thesis using prems int_ge_induct[where P="P" and k="k" and i="i"] int_le_induct[where P="P" and k="k" and i="i"] by blast qed lemma decr_mult_lemma: - assumes dpos: "(0::int) < d" and - minus: "ALL x::int. P x \ P(x - d)" and - knneg: "0 <= k" + assumes dpos: "(0::int) < d" and minus: "\x. P x \ P(x - d)" and knneg: "0 <= k" shows "ALL x. P x \ P(x - k*d)" using knneg proof (induct rule:int_ge_induct) case base thus ?case by simp next case (step i) - show ?case - proof - fix x + {fix x have "P x \ P (x - i * d)" using step.hyps by blast - also have "\ \ P(x - (i + 1) * d)" - using minus[THEN spec, of "x - i * d"] + also have "\ \ P(x - (i + 1) * d)" using minus[THEN spec, of "x - i * d"] by (simp add:int_distrib OrderedGroup.diff_diff_eq[symmetric]) - ultimately show "P x \ P(x - (i + 1) * d)" by blast - qed + ultimately have "P x \ P(x - (i + 1) * d)" by blast} + thus ?case .. +qed + +lemma minusinfinity: + assumes "0 < d" and + P1eqP1: "ALL x k. P1 x = P1(x - k*d)" and ePeqP1: "EX z::int. ALL x. x < z \ (P x = P1 x)" + shows "(EX x. P1 x) \ (EX x. P x)" +proof + assume eP1: "EX x. P1 x" + then obtain x where P1: "P1 x" .. + from ePeqP1 obtain z where P1eqP: "ALL x. x < z \ (P x = P1 x)" .. + let ?w = "x - (abs(x-z)+1) * d" + have w: "?w < z" by(rule decr_lemma) + have "P1 x = P1 ?w" using P1eqP1 by blast + also have "\ = P(?w)" using w P1eqP by blast + finally have "P ?w" using P1 by blast + thus "EX x. P x" .. +qed + +lemma cpmi: + assumes dp: "0 < D" and p1:"\z. \ x< z. P x = P' x" + and nb:"\x.(\ j\ {1..D}. \(b::int) \ B. x \ b+j) --> P (x) --> P (x - D)" + and pd: "\ x k. P' x = P' (x-k*D)" + shows "(\x. P x) = ((\ j\ {1..D} . P' j) | (\ j \ {1..D}.\ b\ B. P (b+j)))" + (is "?L = (?R1 \ ?R2)") +proof- + {assume "?R2" hence "?L" by blast} + moreover + {assume H:"?R1" hence "?L" using minusinfinity[OF dp pd p1] periodic_finite_ex[OF dp pd] by simp} + moreover + { fix x + assume P: "P x" and H: "\ ?R2" + {fix y assume "\ (\j\{1..D}. \b\B. P (b + j))" and P: "P y" + hence "~(EX (j::int) : {1..D}. EX (b::int) : B. y = b+j)" by auto + with nb P have "P (y - D)" by auto } + hence "ALL x.~(EX (j::int) : {1..D}. EX (b::int) : B. P(b+j)) --> P (x) --> P (x - D)" by blast + with H P have th: " \x. P x \ P (x - D)" by auto + from p1 obtain z where z: "ALL x. x < z --> (P x = P' x)" by blast + let ?y = "x - (\x - z\ + 1)*D" + have zp: "0 <= (\x - z\ + 1)" by arith + from dp have yz: "?y < z" using decr_lemma[OF dp] by simp + from z[rule_format, OF yz] decr_mult_lemma[OF dp th zp, rule_format, OF P] have th2: " P' ?y" by auto + with periodic_finite_ex[OF dp pd] + have "?R1" by blast} + ultimately show ?thesis by blast +qed + +subsection {* The @{text "+\"} Version*} + +lemma plusinfinity: + assumes "(0::int) < d" and + P1eqP1: "\x k. P' x = P'(x - k*d)" and ePeqP1: "\ z. \ x>z. P x = P' x" + shows "(\ x. P' x) \ (\ x. P x)" +proof + assume eP1: "EX x. P' x" + then obtain x where P1: "P' x" .. + from ePeqP1 obtain z where P1eqP: "\x>z. P x = P' x" .. + let ?w' = "x + (abs(x-z)+1) * d" + let ?w = "x - (-(abs(x-z) + 1))*d" + have ww'[simp]: "?w = ?w'" by (simp add: ring_eq_simps) + have w: "?w > z" by(simp only: ww', rule incr_lemma) + hence "P' x = P' ?w" using P1eqP1 by blast + also have "\ = P(?w)" using w P1eqP by blast + finally have "P ?w" using P1 by blast + thus "EX x. P x" .. qed lemma incr_mult_lemma: - assumes dpos: "(0::int) < d" and - plus: "ALL x::int. P x \ P(x + d)" and - knneg: "0 <= k" + assumes dpos: "(0::int) < d" and plus: "ALL x::int. P x \ P(x + d)" and knneg: "0 <= k" shows "ALL x. P x \ P(x + k*d)" using knneg proof (induct rule:int_ge_induct) case base thus ?case by simp next case (step i) - show ?case - proof - fix x + {fix x have "P x \ P (x + i * d)" using step.hyps by blast - also have "\ \ P(x + (i + 1) * d)" - using plus[THEN spec, of "x + i * d"] + also have "\ \ P(x + (i + 1) * d)" using plus[THEN spec, of "x + i * d"] by (simp add:int_distrib zadd_ac) - ultimately show "P x \ P(x + (i + 1) * d)" by blast - qed + ultimately have "P x \ P(x + (i + 1) * d)" by blast} + thus ?case .. qed -lemma cpmi_eq: "0 < D \ (EX z::int. ALL x. x < z --> (P x = P1 x)) -==> ALL x.~(EX (j::int) : {1..D}. EX (b::int) : B. P(b+j)) --> P (x) --> P (x - D) -==> (ALL (x::int). ALL (k::int). ((P1 x)= (P1 (x-k*D)))) -==> (EX (x::int). P(x)) = ((EX (j::int) : {1..D} . (P1(j))) | (EX (j::int) : {1..D}. EX (b::int) : B. P (b+j)))" -apply(rule iffI) -prefer 2 -apply(drule minusinfinity) -apply assumption+ -apply(fastsimp) -apply clarsimp -apply(subgoal_tac "!!k. 0<=k \ !x. P x \ P (x - k*D)") -apply(frule_tac x = x and z=z in decr_lemma) -apply(subgoal_tac "P1(x - (\x - z\ + 1) * D)") -prefer 2 -apply(subgoal_tac "0 <= (\x - z\ + 1)") -prefer 2 apply arith - apply fastsimp -apply(drule (1) minf_vee) -apply blast -apply(blast dest:decr_mult_lemma) -done - -text {* Cooper Theorem, plus infinity version. *} -lemma cppi_eq: "0 < D \ (EX z::int. ALL x. z < x --> (P x = P1 x)) -==> ALL x.~(EX (j::int) : {1..D}. EX (a::int) : A. P(a - j)) --> P (x) --> P (x + D) -==> (ALL (x::int). ALL (k::int). ((P1 x)= (P1 (x+k*D)))) -==> (EX (x::int). P(x)) = ((EX (j::int) : {1..D} . (P1(j))) | (EX (j::int) : {1..D}. EX (a::int) : A. P (a - j)))" - apply(rule iffI) - prefer 2 - apply(drule plusinfinity) - apply assumption+ - apply(fastsimp) - apply clarsimp - apply(subgoal_tac "!!k. 0<=k \ !x. P x \ P (x + k*D)") - apply(frule_tac x = x and z=z in incr_lemma) - apply(subgoal_tac "P1(x + (\x - z\ + 1) * D)") - prefer 2 - apply(subgoal_tac "0 <= (\x - z\ + 1)") - prefer 2 apply arith - apply fastsimp - apply(drule (1) pinf_vee) - apply blast - apply(blast dest:incr_mult_lemma) - done - - -text {* - \bigskip Theorems for the quantifier elminination Functions. *} - -lemma qe_ex_conj: "(EX (x::int). A x) = R - ==> (EX (x::int). P x) = (Q & (EX x::int. A x)) - ==> (EX (x::int). P x) = (Q & R)" -by blast - -lemma qe_ex_nconj: "(EX (x::int). P x) = (True & Q) - ==> (EX (x::int). P x) = Q" -by blast - -lemma qe_conjI: "P1 = P2 ==> Q1 = Q2 ==> (P1 & Q1) = (P2 & Q2)" -by blast - -lemma qe_disjI: "P1 = P2 ==> Q1 = Q2 ==> (P1 | Q1) = (P2 | Q2)" -by blast - -lemma qe_impI: "P1 = P2 ==> Q1 = Q2 ==> (P1 --> Q1) = (P2 --> Q2)" -by blast - -lemma qe_eqI: "P1 = P2 ==> Q1 = Q2 ==> (P1 = Q1) = (P2 = Q2)" -by blast - -lemma qe_Not: "P = Q ==> (~P) = (~Q)" -by blast - -lemma qe_ALL: "(EX x. ~P x) = R ==> (ALL x. P x) = (~R)" -by blast - -text {* \bigskip Theorems for proving NNF *} - -lemma nnf_im: "((~P) = P1) ==> (Q=Q1) ==> ((P --> Q) = (P1 | Q1))" -by blast - -lemma nnf_eq: "((P & Q) = (P1 & Q1)) ==> (((~P) & (~Q)) = (P2 & Q2)) ==> ((P = Q) = ((P1 & Q1)|(P2 & Q2)))" -by blast - -lemma nnf_nn: "(P = Q) ==> ((~~P) = Q)" - by blast -lemma nnf_ncj: "((~P) = P1) ==> ((~Q) = Q1) ==> ((~(P & Q)) = (P1 | Q1))" -by blast - -lemma nnf_ndj: "((~P) = P1) ==> ((~Q) = Q1) ==> ((~(P | Q)) = (P1 & Q1))" -by blast -lemma nnf_nim: "(P = P1) ==> ((~Q) = Q1) ==> ((~(P --> Q)) = (P1 & Q1))" -by blast -lemma nnf_neq: "((P & (~Q)) = (P1 & Q1)) ==> (((~P) & Q) = (P2 & Q2)) ==> ((~(P = Q)) = ((P1 & Q1)|(P2 & Q2)))" -by blast -lemma nnf_sdj: "((A & (~B)) = (A1 & B1)) ==> ((C & (~D)) = (C1 & D1)) ==> (A = (~C)) ==> ((~((A & B) | (C & D))) = ((A1 & B1) | (C1 & D1)))" -by blast - - -lemma qe_exI2: "A = B ==> (EX (x::int). A(x)) = (EX (x::int). B(x))" - by simp - -lemma qe_exI: "(!!x::int. A x = B x) ==> (EX (x::int). A(x)) = (EX (x::int). B(x))" - by iprover - -lemma qe_ALLI: "(!!x::int. A x = B x) ==> (ALL (x::int). A(x)) = (ALL (x::int). B(x))" - by iprover - -lemma cp_expand: "(EX (x::int). P (x)) = (EX (j::int) : {1..d}. EX (b::int) : B. (P1 (j) | P(b+j))) -==>(EX (x::int). P (x)) = (EX (j::int) : {1..d}. EX (b::int) : B. (P1 (j) | P(b+j))) " -by blast - -lemma cppi_expand: "(EX (x::int). P (x)) = (EX (j::int) : {1..d}. EX (a::int) : A. (P1 (j) | P(a - j))) -==>(EX (x::int). P (x)) = (EX (j::int) : {1..d}. EX (a::int) : A. (P1 (j) | P(a - j))) " -by blast - +lemma cppi: + assumes dp: "0 < D" and p1:"\z. \ x> z. P x = P' x" + and nb:"\x.(\ j\ {1..D}. \(b::int) \ A. x \ b - j) --> P (x) --> P (x + D)" + and pd: "\ x k. P' x= P' (x-k*D)" + shows "(\x. P x) = ((\ j\ {1..D} . P' j) | (\ j \ {1..D}.\ b\ A. P (b - j)))" (is "?L = (?R1 \ ?R2)") +proof- + {assume "?R2" hence "?L" by blast} + moreover + {assume H:"?R1" hence "?L" using plusinfinity[OF dp pd p1] periodic_finite_ex[OF dp pd] by simp} + moreover + { fix x + assume P: "P x" and H: "\ ?R2" + {fix y assume "\ (\j\{1..D}. \b\A. P (b - j))" and P: "P y" + hence "~(EX (j::int) : {1..D}. EX (b::int) : A. y = b - j)" by auto + with nb P have "P (y + D)" by auto } + hence "ALL x.~(EX (j::int) : {1..D}. EX (b::int) : A. P(b-j)) --> P (x) --> P (x + D)" by blast + with H P have th: " \x. P x \ P (x + D)" by auto + from p1 obtain z where z: "ALL x. x > z --> (P x = P' x)" by blast + let ?y = "x + (\x - z\ + 1)*D" + have zp: "0 <= (\x - z\ + 1)" by arith + from dp have yz: "?y > z" using incr_lemma[OF dp] by simp + from z[rule_format, OF yz] incr_mult_lemma[OF dp th zp, rule_format, OF P] have th2: " P' ?y" by auto + with periodic_finite_ex[OF dp pd] + have "?R1" by blast} + ultimately show ?thesis by blast +qed lemma simp_from_to: "{i..j::int} = (if j < i then {} else insert i {i+1..j})" apply(simp add:atLeastAtMost_def atLeast_def atMost_def) apply(fastsimp) done -text {* \bigskip Theorems required for the @{text adjustcoeffitienteq} *} - -lemma ac_dvd_eq: assumes not0: "0 ~= (k::int)" -shows "((m::int) dvd (c*n+t)) = (k*m dvd ((k*c)*n+(k*t)))" (is "?P = ?Q") -proof - assume ?P - thus ?Q - apply(simp add:dvd_def) - apply clarify - apply(rename_tac d) - apply(drule_tac f = "op * k" in arg_cong) - apply(simp only:int_distrib) - apply(rule_tac x = "d" in exI) - apply(simp only:mult_ac) - done -next - assume ?Q - then obtain d where "k * c * n + k * t = (k*m)*d" by(fastsimp simp:dvd_def) - hence "(c * n + t) * k = (m*d) * k" by(simp add:int_distrib mult_ac) - hence "((c * n + t) * k) div k = ((m*d) * k) div k" by(rule arg_cong[of _ _ "%t. t div k"]) - hence "c*n+t = m*d" by(simp add: zdiv_zmult_self1[OF not0[symmetric]]) - thus ?P by(simp add:dvd_def) -qed - -lemma ac_lt_eq: assumes gr0: "0 < (k::int)" -shows "((m::int) < (c*n+t)) = (k*m <((k*c)*n+(k*t)))" (is "?P = ?Q") -proof - assume P: ?P - show ?Q using zmult_zless_mono2[OF P gr0] by(simp add: int_distrib mult_ac) -next - assume ?Q - hence "0 < k*(c*n + t - m)" by(simp add: int_distrib mult_ac) - with gr0 have "0 < (c*n + t - m)" by(simp add: zero_less_mult_iff) - thus ?P by(simp) -qed +theorem unity_coeff_ex: "(\(x::'a::{semiring_0}). P (l * x)) \ (\x. l dvd (x + 0) \ P x)" + apply (rule eq_reflection[symmetric]) + apply (rule iffI) + defer + apply (erule exE) + apply (rule_tac x = "l * x" in exI) + apply (simp add: dvd_def) + apply (rule_tac x="x" in exI, simp) + apply (erule exE) + apply (erule conjE) + apply (erule dvdE) + apply (rule_tac x = k in exI) + apply simp + done -lemma ac_eq_eq : assumes not0: "0 ~= (k::int)" shows "((m::int) = (c*n+t)) = (k*m =((k*c)*n+(k*t)) )" (is "?P = ?Q") -proof - assume ?P - thus ?Q - apply(drule_tac f = "op * k" in arg_cong) - apply(simp only:int_distrib) - done -next - assume ?Q - hence "m * k = (c*n + t) * k" by(simp add:int_distrib mult_ac) - hence "((m) * k) div k = ((c*n + t) * k) div k" by(rule arg_cong[of _ _ "%t. t div k"]) - thus ?P by(simp add: zdiv_zmult_self1[OF not0[symmetric]]) -qed +lemma zdvd_mono: assumes not0: "(k::int) \ 0" +shows "((m::int) dvd t) \ (k*m dvd k*t)" + using not0 by (simp add: dvd_def) -lemma ac_pi_eq: assumes gr0: "0 < (k::int)" shows "(~((0::int) < (c*n + t))) = (0 < ((-k)*c)*n + ((-k)*t + k))" -proof - - have "(~ (0::int) < (c*n + t)) = (0<1-(c*n + t))" by arith - also have "(1-(c*n + t)) = (-1*c)*n + (-t+1)" by(simp add: int_distrib mult_ac) - also have "0<(-1*c)*n + (-t+1) = (0 < (k*(-1*c)*n) + (k*(-t+1)))" by(rule ac_lt_eq[of _ 0,OF gr0,simplified]) - also have "(k*(-1*c)*n) + (k*(-t+1)) = ((-k)*c)*n + ((-k)*t + k)" by(simp add: int_distrib mult_ac) - finally show ?thesis . -qed - -lemma binminus_uminus_conv: "(a::int) - b = a + (-b)" -by arith +lemma all_not_ex: "(ALL x. P x) = (~ (EX x. ~ P x ))" +by blast -lemma linearize_dvd: "(t::int) = t1 ==> (d dvd t) = (d dvd t1)" -by simp - -lemma lf_lt: "(l::int) = ll ==> (r::int) = lr ==> (l < r) =(ll < lr)" -by simp - -lemma lf_eq: "(l::int) = ll ==> (r::int) = lr ==> (l = r) =(ll = lr)" -by simp - -lemma lf_dvd: "(l::int) = ll ==> (r::int) = lr ==> (l dvd r) =(ll dvd lr)" -by simp - +lemma uminus_dvd_conv: "(d dvd (t::int)) \ (-d dvd t)" "(d dvd (t::int)) \ (d dvd -t)" + by simp_all text {* \bigskip Theorems for transforming predicates on nat to predicates on @{text int}*} - -theorem all_nat: "(\x::nat. P x) = (\x::int. 0 <= x \ P (nat x))" +lemma all_nat: "(\x::nat. P x) = (\x::int. 0 <= x \ P (nat x))" by (simp split add: split_nat) +lemma ex_nat: "(\x::nat. P x) = (\x::int. 0 <= x \ P (nat x))" + by (auto split add: split_nat) +(rule_tac x = "nat x" in exI,erule_tac x = "nat x" in allE, simp) -theorem zdiff_int_split: "P (int (x - y)) = +lemma zdiff_int_split: "P (int (x - y)) = ((y \ x \ P (int x - int y)) \ (x < y \ P 0))" - apply (case_tac "y \ x") - apply (simp_all add: zdiff_int) + by (case_tac "y \ x",simp_all add: zdiff_int) + +lemma zdvd_int: "(x dvd y) = (int x dvd int y)" + apply (simp only: dvd_def ex_nat int_int_eq [symmetric] zmult_int [symmetric] + nat_0_le cong add: conj_cong) + apply (rule iffI) + apply iprover + apply (erule exE) + apply (case_tac "x=0") + apply (rule_tac x=0 in exI) + apply simp + apply (case_tac "0 \ k") + apply iprover + apply (simp add: linorder_not_le) + apply (drule mult_strict_left_mono_neg [OF iffD2 [OF zero_less_int_conv]]) + apply assumption + apply (simp add: mult_ac) done - -theorem number_of1: "(0::int) <= number_of n \ (0::int) <= number_of (n BIT b)" - by simp - -theorem number_of2: "(0::int) <= Numeral0" by simp - -theorem Suc_plus1: "Suc n = n + 1" by simp +lemma number_of1: "(0::int) <= number_of n \ (0::int) <= number_of (n BIT b)" by simp +lemma number_of2: "(0::int) <= Numeral0" by simp +lemma Suc_plus1: "Suc n = n + 1" by simp text {* \medskip Specific instances of congruence rules, to prevent simplifier from looping. *} -theorem imp_le_cong: "(0 <= x \ P = P') \ (0 <= (x::int) \ P) = (0 <= x \ P')" - by simp - -theorem conj_le_cong: "(0 <= x \ P = P') \ (0 <= (x::int) \ P) = (0 <= x \ P')" - by (simp cong: conj_cong) - - (* Theorems used in presburger.ML for the computation simpset*) - (* FIXME: They are present in Float.thy, so may be Float.thy should be lightened.*) +theorem imp_le_cong: "(0 <= x \ P = P') \ (0 <= (x::int) \ P) = (0 <= x \ P')" by simp -lemma lift_bool: "x \ x=True" - by simp - -lemma nlift_bool: "~x \ x=False" - by simp - -lemma not_false_eq_true: "(~ False) = True" by simp - -lemma not_true_eq_false: "(~ True) = False" by simp - - +theorem conj_le_cong: "(0 <= x \ P = P') \ (0 <= (x::int) \ P) = (0 <= x \ P')" + by (simp cong: conj_cong) lemma int_eq_number_of_eq: "(((number_of v)::int) = (number_of w)) = iszero ((number_of (v + (uminus w)))::int)" by simp -lemma int_iszero_number_of_Pls: "iszero (Numeral0::int)" - by (simp only: iszero_number_of_Pls) -lemma int_nonzero_number_of_Min: "~(iszero ((-1)::int))" - by simp - -lemma int_iszero_number_of_0: "iszero ((number_of (w BIT bit.B0))::int) = iszero ((number_of w)::int)" - by simp - -lemma int_iszero_number_of_1: "\ iszero ((number_of (w BIT bit.B1))::int)" - by simp - -lemma int_less_number_of_eq_neg: "(((number_of x)::int) < number_of y) = neg ((number_of (x + (uminus y)))::int)" - by simp - -lemma int_not_neg_number_of_Pls: "\ (neg (Numeral0::int))" - by simp - -lemma int_neg_number_of_Min: "neg (-1::int)" - by simp - -lemma int_neg_number_of_BIT: "neg ((number_of (w BIT x))::int) = neg ((number_of w)::int)" - by simp - -lemma int_le_number_of_eq: "(((number_of x)::int) \ number_of y) = (\ neg ((number_of (y + (uminus x)))::int))" - by simp -lemma int_number_of_add_sym: "((number_of v)::int) + number_of w = number_of (v + w)" - by simp - -lemma int_number_of_diff_sym: - "((number_of v)::int) - number_of w = number_of (v + (uminus w))" - by simp - -lemma int_number_of_mult_sym: - "((number_of v)::int) * number_of w = number_of (v * w)" - by simp - -lemma int_number_of_minus_sym: "- ((number_of v)::int) = number_of (uminus v)" - by simp -lemma add_left_zero: "0 + a = (a::'a::comm_monoid_add)" - by simp -lemma add_right_zero: "a + 0 = (a::'a::comm_monoid_add)" - by simp - -lemma mult_left_one: "1 * a = (a::'a::semiring_1)" - by simp - -lemma mult_right_one: "a * 1 = (a::'a::semiring_1)" - by simp - -lemma int_pow_0: "(a::int)^(Numeral0) = 1" - by simp - -lemma int_pow_1: "(a::int)^(Numeral1) = a" - by simp - -lemma zero_eq_Numeral0_nring: "(0::'a::number_ring) = Numeral0" - by simp - -lemma one_eq_Numeral1_nring: "(1::'a::number_ring) = Numeral1" - by simp +use "Tools/Presburger/cooper.ML" +oracle linzqe_oracle ("term") = Coopereif.cooper_oracle -lemma zero_eq_Numeral0_nat: "(0::nat) = Numeral0" - by simp - -lemma one_eq_Numeral1_nat: "(1::nat) = Numeral1" - by simp - -lemma zpower_Pls: "(z::int)^Numeral0 = Numeral1" - by simp - -lemma zpower_Min: "(z::int)^((-1)::nat) = Numeral1" -proof - - have 1:"((-1)::nat) = 0" - by simp - show ?thesis by (simp add: 1) -qed - -use "Tools/Presburger/cooper_dec.ML" -use "Tools/Presburger/reflected_presburger.ML" -use "Tools/Presburger/reflected_cooper.ML" -oracle - presburger_oracle ("term") = ReflectedCooper.presburger_oracle - -use "Tools/Presburger/cooper_proof.ML" -use "Tools/Presburger/qelim.ML" use "Tools/Presburger/presburger.ML" -setup "Presburger.setup" - +setup {* + arith_tactic_add + (mk_arith_tactic "presburger" (fn i => fn st => + (warning "Trying Presburger arithmetic ..."; + Presburger.cooper_tac true ((ProofContext.init o theory_of_thm) st) i st))) + (* FIXME!!!!!!! get the right context!!*) +*} +method_setup presburger = {* Method.simple_args (Scan.optional (Args.$$$ "elim" >> K false) true) + (fn q => fn ctxt => Method.SIMPLE_METHOD' (Presburger.cooper_tac q ctxt))*} "" +(* +method_setup presburger = {* + Method.ctxt_args (Method.SIMPLE_METHOD' o (Presburger.cooper_tac true)) +*} "" +*) subsection {* Code generator setup *} - text {* Presburger arithmetic is convenient to prove some of the following code lemmas on integer numerals: @@ -1243,7 +625,6 @@ "(number_of k \ int) < number_of l \ k < l" unfolding number_of_is_id .. - lemmas pred_succ_numeral_code [code func] = arith_simps(5-12) @@ -1277,4 +658,4 @@ less_Bit0_Min less_Bit1_Min less_Bit_Bit0 less_Bit1_Bit less_Bit0_Bit1 less_number_of -end +end \ No newline at end of file