--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/HOL/ex/Numeral.thy Wed Aug 27 12:01:59 2008 +0200
@@ -0,0 +1,910 @@
+(* Title: HOL/ex/Numeral.thy
+ ID: $Id$
+ Author: Florian Haftmann
+
+An experimental alternative numeral representation.
+*)
+
+theory Numeral
+imports Int Inductive
+begin
+
+subsection {* The @{text num} type *}
+
+text {*
+ We construct @{text num} as a copy of strictly positive
+ natural numbers.
+*}
+
+typedef (open) num = "\<lambda>n\<Colon>nat. n > 0"
+ morphisms nat_of_num num_of_nat_abs
+ by (auto simp add: mem_def)
+
+text {*
+ A totalized abstraction function. It is not entirely clear
+ whether this is really useful.
+*}
+
+definition num_of_nat :: "nat \<Rightarrow> num" where
+ "num_of_nat n = (if n = 0 then num_of_nat_abs 1 else num_of_nat_abs n)"
+
+lemma num_cases [case_names nat, cases type: num]:
+ assumes "(\<And>n\<Colon>nat. m = num_of_nat n \<Longrightarrow> 0 < n \<Longrightarrow> P)"
+ shows P
+apply (rule num_of_nat_abs_cases)
+apply (unfold mem_def)
+using assms unfolding num_of_nat_def
+apply auto
+done
+
+lemma num_of_nat_zero: "num_of_nat 0 = num_of_nat 1"
+ by (simp add: num_of_nat_def)
+
+lemma num_of_nat_inverse: "nat_of_num (num_of_nat n) = (if n = 0 then 1 else n)"
+ apply (simp add: num_of_nat_def)
+ apply (subst num_of_nat_abs_inverse)
+ apply (auto simp add: mem_def num_of_nat_abs_inverse)
+ done
+
+lemma num_of_nat_inject:
+ "num_of_nat m = num_of_nat n \<longleftrightarrow> m = n \<or> (m = 0 \<or> m = 1) \<and> (n = 0 \<or> n = 1)"
+by (auto simp add: num_of_nat_def num_of_nat_abs_inject [unfolded mem_def])
+
+lemma split_num_all:
+ "(\<And>m. PROP P m) \<equiv> (\<And>n. PROP P (num_of_nat n))"
+proof
+ fix n
+ assume "\<And>m\<Colon>num. PROP P m"
+ then show "PROP P (num_of_nat n)" .
+next
+ fix m
+ have nat_of_num: "\<And>m. nat_of_num m \<noteq> 0"
+ using nat_of_num by (auto simp add: mem_def)
+ have nat_of_num_inverse: "\<And>m. num_of_nat (nat_of_num m) = m"
+ by (auto simp add: num_of_nat_def nat_of_num_inverse nat_of_num)
+ assume "\<And>n. PROP P (num_of_nat n)"
+ then have "PROP P (num_of_nat (nat_of_num m))" .
+ then show "PROP P m" unfolding nat_of_num_inverse .
+qed
+
+
+subsection {* Digit representation for @{typ num} *}
+
+instantiation num :: "{semiring, monoid_mult}"
+begin
+
+definition one_num :: num where
+ [code func del]: "1 = num_of_nat 1"
+
+definition plus_num :: "num \<Rightarrow> num \<Rightarrow> num" where
+ [code func del]: "m + n = num_of_nat (nat_of_num m + nat_of_num n)"
+
+definition times_num :: "num \<Rightarrow> num \<Rightarrow> num" where
+ [code func del]: "m * n = num_of_nat (nat_of_num m * nat_of_num n)"
+
+definition Dig0 :: "num \<Rightarrow> num" where
+ [code func del]: "Dig0 n = n + n"
+
+definition Dig1 :: "num \<Rightarrow> num" where
+ [code func del]: "Dig1 n = n + n + 1"
+
+instance proof
+qed (simp_all add: one_num_def plus_num_def times_num_def
+ split_num_all num_of_nat_inverse num_of_nat_zero add_ac mult_ac nat_distrib)
+
+end
+
+text {*
+ The following proofs seem horribly complicated.
+ Any room for simplification!?
+*}
+
+lemma nat_dig_cases [case_names 0 1 dig0 dig1]:
+ fixes n :: nat
+ assumes "n = 0 \<Longrightarrow> P"
+ and "n = 1 \<Longrightarrow> P"
+ and "\<And>m. m > 0 \<Longrightarrow> n = m + m \<Longrightarrow> P"
+ and "\<And>m. m > 0 \<Longrightarrow> n = Suc (m + m) \<Longrightarrow> P"
+ shows P
+using assms proof (induct n)
+ case 0 then show ?case by simp
+next
+ case (Suc n)
+ show P proof (rule Suc.hyps)
+ assume "n = 0"
+ then have "Suc n = 1" by simp
+ then show P by (rule Suc.prems(2))
+ next
+ assume "n = 1"
+ have "1 > (0\<Colon>nat)" by simp
+ moreover from `n = 1` have "Suc n = 1 + 1" by simp
+ ultimately show P by (rule Suc.prems(3))
+ next
+ fix m
+ assume "0 < m" and "n = m + m"
+ note `0 < m`
+ moreover from `n = m + m` have "Suc n = Suc (m + m)" by simp
+ ultimately show P by (rule Suc.prems(4))
+ next
+ fix m
+ assume "0 < m" and "n = Suc (m + m)"
+ have "0 < Suc m" by simp
+ moreover from `n = Suc (m + m)` have "Suc n = Suc m + Suc m" by simp
+ ultimately show P by (rule Suc.prems(3))
+ qed
+qed
+
+lemma num_induct_raw:
+ fixes n :: nat
+ assumes not0: "n > 0"
+ assumes "P 1"
+ and "\<And>n. n > 0 \<Longrightarrow> P n \<Longrightarrow> P (n + n)"
+ and "\<And>n. n > 0 \<Longrightarrow> P n \<Longrightarrow> P (Suc (n + n))"
+ shows "P n"
+using not0 proof (induct n rule: less_induct)
+ case (less n)
+ show "P n" proof (cases n rule: nat_dig_cases)
+ case 0 then show ?thesis using less by simp
+ next
+ case 1 then show ?thesis using assms by simp
+ next
+ case (dig0 m)
+ then show ?thesis apply simp
+ apply (rule assms(3)) apply assumption
+ apply (rule less)
+ apply simp_all
+ done
+ next
+ case (dig1 m)
+ then show ?thesis apply simp
+ apply (rule assms(4)) apply assumption
+ apply (rule less)
+ apply simp_all
+ done
+ qed
+qed
+
+lemma num_of_nat_Suc: "num_of_nat (Suc n) = (if n = 0 then 1 else num_of_nat n + 1)"
+ by (cases n) (auto simp add: one_num_def plus_num_def num_of_nat_inverse)
+
+lemma num_induct [case_names 1 Suc, induct type: num]:
+ fixes P :: "num \<Rightarrow> bool"
+ assumes 1: "P 1"
+ and Suc: "\<And>n. P n \<Longrightarrow> P (n + 1)"
+ shows "P n"
+proof (cases n)
+ case (nat m) then show ?thesis by (induct m arbitrary: n)
+ (auto simp: num_of_nat_Suc intro: 1 Suc split: split_if_asm)
+qed
+
+rep_datatype "1::num" Dig0 Dig1 proof -
+ fix P m
+ assume 1: "P 1"
+ and Dig0: "\<And>m. P m \<Longrightarrow> P (Dig0 m)"
+ and Dig1: "\<And>m. P m \<Longrightarrow> P (Dig1 m)"
+ obtain n where "0 < n" and m: "m = num_of_nat n"
+ by (cases m) auto
+ from `0 < n` have "P (num_of_nat n)" proof (induct n rule: num_induct_raw)
+ case 1 from `0 < n` show ?case .
+ next
+ case 2 with 1 show ?case by (simp add: one_num_def)
+ next
+ case (3 n) then have "P (num_of_nat n)" by auto
+ then have "P (Dig0 (num_of_nat n))" by (rule Dig0)
+ with 3 show ?case by (simp add: Dig0_def plus_num_def num_of_nat_inverse)
+ next
+ case (4 n) then have "P (num_of_nat n)" by auto
+ then have "P (Dig1 (num_of_nat n))" by (rule Dig1)
+ with 4 show ?case by (simp add: Dig1_def one_num_def plus_num_def num_of_nat_inverse)
+ qed
+ with m show "P m" by simp
+next
+ fix m n
+ show "Dig0 m = Dig0 n \<longleftrightarrow> m = n"
+ apply (cases m) apply (cases n)
+ by (auto simp add: Dig0_def plus_num_def num_of_nat_inverse num_of_nat_inject)
+next
+ fix m n
+ show "Dig1 m = Dig1 n \<longleftrightarrow> m = n"
+ apply (cases m) apply (cases n)
+ by (auto simp add: Dig1_def plus_num_def num_of_nat_inverse num_of_nat_inject)
+next
+ fix n
+ show "1 \<noteq> Dig0 n"
+ apply (cases n)
+ by (auto simp add: Dig0_def one_num_def plus_num_def num_of_nat_inverse num_of_nat_inject)
+next
+ fix n
+ show "1 \<noteq> Dig1 n"
+ apply (cases n)
+ by (auto simp add: Dig1_def one_num_def plus_num_def num_of_nat_inverse num_of_nat_inject)
+next
+ fix m n
+ have "\<And>n m. n + n \<noteq> Suc (m + m)"
+ proof -
+ fix n m
+ show "n + n \<noteq> Suc (m + m)"
+ proof (induct m arbitrary: n)
+ case 0 then show ?case by (cases n) simp_all
+ next
+ case (Suc m) then show ?case by (cases n) simp_all
+ qed
+ qed
+ then show "Dig0 n \<noteq> Dig1 m"
+ apply (cases n) apply (cases m)
+ by (auto simp add: Dig0_def Dig1_def one_num_def plus_num_def num_of_nat_inverse num_of_nat_inject)
+qed
+
+text {*
+ From now on, there are two possible models for @{typ num}:
+ as positive naturals (rules @{text "num_induct"}, @{text "num_cases"})
+ and as digit representation (rules @{text "num.induct"}, @{text "num.cases"}).
+
+ It is not entirely clear in which context it is better to use
+ the one or the other, or whether the construction should be reversed.
+*}
+
+
+subsection {* Binary numerals *}
+
+text {*
+ We embed binary representations into a generic algebraic
+ structure using @{text of_num}
+*}
+
+ML {*
+structure DigSimps =
+ NamedThmsFun(val name = "numeral"; val description = "Simplification rules for numerals")
+*}
+
+setup DigSimps.setup
+
+class semiring_numeral = semiring + monoid_mult
+begin
+
+primrec of_num :: "num \<Rightarrow> 'a" where
+ of_num_one [numeral]: "of_num 1 = 1"
+ | "of_num (Dig0 n) = of_num n + of_num n"
+ | "of_num (Dig1 n) = of_num n + of_num n + 1"
+
+declare of_num.simps [simp del]
+
+end
+
+text {*
+ ML stuff and syntax.
+*}
+
+ML {*
+fun mk_num 1 = @{term "1::num"}
+ | mk_num k =
+ let
+ val (l, b) = Integer.div_mod k 2;
+ val bit = (if b = 0 then @{term Dig0} else @{term Dig1});
+ in bit $ (mk_num l) end;
+
+fun dest_num @{term "1::num"} = 1
+ | dest_num (@{term Dig0} $ n) = 2 * dest_num n
+ | dest_num (@{term Dig1} $ n) = 2 * dest_num n + 1;
+
+(*FIXME these have to gain proper context via morphisms phi*)
+
+fun mk_numeral T k = Const (@{const_name of_num}, @{typ num} --> T)
+ $ mk_num k
+
+fun dest_numeral (Const (@{const_name of_num}, Type ("fun", [@{typ num}, T])) $ t) =
+ (T, dest_num t)
+*}
+
+syntax
+ "_Numerals" :: "xnum \<Rightarrow> 'a" ("_")
+
+parse_translation {*
+let
+ fun num_of_int n = if n > 0 then case IntInf.quotRem (n, 2)
+ of (0, 1) => Const (@{const_name HOL.one}, dummyT)
+ | (n, 0) => Const (@{const_name Dig0}, dummyT) $ num_of_int n
+ | (n, 1) => Const (@{const_name Dig1}, dummyT) $ num_of_int n
+ else raise Match;
+ fun numeral_tr [Free (num, _)] =
+ let
+ val {leading_zeros, value, ...} = Syntax.read_xnum num;
+ val _ = leading_zeros = 0 andalso value > 0
+ orelse error ("Bad numeral: " ^ num);
+ in Const (@{const_name of_num}, @{typ num} --> dummyT) $ num_of_int value end
+ | numeral_tr ts = raise TERM ("numeral_tr", ts);
+in [("_Numerals", numeral_tr)] end
+*}
+
+typed_print_translation {*
+let
+ fun dig b n = b + 2 * n;
+ fun int_of_num' (Const (@{const_syntax Dig0}, _) $ n) =
+ dig 0 (int_of_num' n)
+ | int_of_num' (Const (@{const_syntax Dig1}, _) $ n) =
+ dig 1 (int_of_num' n)
+ | int_of_num' (Const (@{const_syntax HOL.one}, _)) = 1;
+ fun num_tr' show_sorts T [n] =
+ let
+ val k = int_of_num' n;
+ val t' = Syntax.const "_Numerals" $ Syntax.free ("#" ^ string_of_int k);
+ in case T
+ of Type ("fun", [_, T']) =>
+ if not (! show_types) andalso can Term.dest_Type T' then t'
+ else Syntax.const Syntax.constrainC $ t' $ Syntax.term_of_typ show_sorts T'
+ | T' => if T' = dummyT then t' else raise Match
+ end;
+in [(@{const_syntax of_num}, num_tr')] end
+*}
+
+
+subsection {* Numeral operations *}
+
+text {*
+ First, addition and multiplication on digits.
+*}
+
+lemma Dig_plus [numeral, simp, code]:
+ "1 + 1 = Dig0 1"
+ "1 + Dig0 m = Dig1 m"
+ "1 + Dig1 m = Dig0 (m + 1)"
+ "Dig0 n + 1 = Dig1 n"
+ "Dig0 n + Dig0 m = Dig0 (n + m)"
+ "Dig0 n + Dig1 m = Dig1 (n + m)"
+ "Dig1 n + 1 = Dig0 (n + 1)"
+ "Dig1 n + Dig0 m = Dig1 (n + m)"
+ "Dig1 n + Dig1 m = Dig0 (n + m + 1)"
+ by (simp_all add: add_ac Dig0_def Dig1_def)
+
+lemma Dig_times [numeral, simp, code]:
+ "1 * 1 = (1::num)"
+ "1 * Dig0 n = Dig0 n"
+ "1 * Dig1 n = Dig1 n"
+ "Dig0 n * 1 = Dig0 n"
+ "Dig0 n * Dig0 m = Dig0 (n * Dig0 m)"
+ "Dig0 n * Dig1 m = Dig0 (n * Dig1 m)"
+ "Dig1 n * 1 = Dig1 n"
+ "Dig1 n * Dig0 m = Dig0 (n * Dig0 m + m)"
+ "Dig1 n * Dig1 m = Dig1 (n * Dig1 m + m)"
+ by (simp_all add: left_distrib right_distrib add_ac Dig0_def Dig1_def)
+
+text {*
+ @{const of_num} is a morphism.
+*}
+
+context semiring_numeral
+begin
+
+abbreviation "Num1 \<equiv> of_num 1"
+
+text {*
+ Alas, there is still the duplication of @{term 1},
+ thought the duplicated @{term 0} has disappeared.
+ We could get rid of it by replacing the constructor
+ @{term 1} in @{typ num} by two constructors
+ @{text two} and @{text three}, resulting in a further
+ blow-up. But it could be worth the effort.
+*}
+
+lemma of_num_plus_one [numeral]:
+ "of_num n + 1 = of_num (n + 1)"
+ by (rule sym, induct n) (simp_all add: Dig_plus of_num.simps add_ac)
+
+lemma of_num_one_plus [numeral]:
+ "1 + of_num n = of_num (n + 1)"
+ unfolding of_num_plus_one [symmetric] add_commute ..
+
+lemma of_num_plus [numeral]:
+ "of_num m + of_num n = of_num (m + n)"
+ by (induct n rule: num_induct)
+ (simp_all add: Dig_plus of_num_one semigroup_add_class.plus.add_assoc [symmetric, of m]
+ add_ac of_num_plus_one [symmetric])
+
+lemma of_num_times_one [numeral]:
+ "of_num n * 1 = of_num n"
+ by simp
+
+lemma of_num_one_times [numeral]:
+ "1 * of_num n = of_num n"
+ by simp
+
+lemma of_num_times [numeral]:
+ "of_num m * of_num n = of_num (m * n)"
+ by (induct n rule: num_induct)
+ (simp_all add: of_num_plus [symmetric]
+ semiring_class.plus_times.right_distrib right_distrib of_num_one)
+
+end
+
+text {*
+ Structures with a @{term 0}.
+*}
+
+context semiring_1
+begin
+
+subclass semiring_numeral ..
+
+lemma of_nat_of_num [numeral]: "of_nat (of_num n) = of_num n"
+ by (induct n)
+ (simp_all add: semiring_numeral_class.of_num.simps of_num.simps add_ac)
+
+declare of_nat_1 [numeral]
+
+lemma Dig_plus_zero [numeral]:
+ "0 + 1 = 1"
+ "0 + of_num n = of_num n"
+ "1 + 0 = 1"
+ "of_num n + 0 = of_num n"
+ by simp_all
+
+lemma Dig_times_zero [numeral]:
+ "0 * 1 = 0"
+ "0 * of_num n = 0"
+ "1 * 0 = 0"
+ "of_num n * 0 = 0"
+ by simp_all
+
+end
+
+lemma nat_of_num_of_num: "nat_of_num = of_num"
+proof
+ fix n
+ have "of_num n = nat_of_num n" apply (induct n)
+ apply (simp_all add: of_num.simps)
+ using nat_of_num
+ apply (simp_all add: one_num_def plus_num_def Dig0_def Dig1_def num_of_nat_inverse mem_def)
+ done
+ then show "nat_of_num n = of_num n" by simp
+qed
+
+text {*
+ Equality.
+*}
+
+context semiring_char_0
+begin
+
+lemma of_num_eq_iff [numeral]:
+ "of_num m = of_num n \<longleftrightarrow> m = n"
+ unfolding of_nat_of_num [symmetric] nat_of_num_of_num [symmetric]
+ of_nat_eq_iff nat_of_num_inject ..
+
+lemma of_num_eq_one_iff [numeral]:
+ "of_num n = 1 \<longleftrightarrow> n = 1"
+proof -
+ have "of_num n = of_num 1 \<longleftrightarrow> n = 1" unfolding of_num_eq_iff ..
+ then show ?thesis by (simp add: of_num_one)
+qed
+
+lemma one_eq_of_num_iff [numeral]:
+ "1 = of_num n \<longleftrightarrow> n = 1"
+ unfolding of_num_eq_one_iff [symmetric] by auto
+
+end
+
+text {*
+ Comparisons. Could be perhaps more general than here.
+*}
+
+lemma (in ordered_semidom) of_num_pos: "0 < of_num n"
+proof -
+ have "(0::nat) < of_num n"
+ by (induct n) (simp_all add: semiring_numeral_class.of_num.simps)
+ then have "of_nat 0 \<noteq> of_nat (of_num n)"
+ by (cases n) (simp_all only: semiring_numeral_class.of_num.simps of_nat_eq_iff)
+ then have "0 \<noteq> of_num n"
+ by (simp add: of_nat_of_num)
+ moreover have "0 \<le> of_nat (of_num n)" by simp
+ ultimately show ?thesis by (simp add: of_nat_of_num)
+qed
+
+instantiation num :: linorder
+begin
+
+definition less_eq_num :: "num \<Rightarrow> num \<Rightarrow> bool" where
+ [code func del]: "m \<le> n \<longleftrightarrow> nat_of_num m \<le> nat_of_num n"
+
+definition less_num :: "num \<Rightarrow> num \<Rightarrow> bool" where
+ [code func del]: "m < n \<longleftrightarrow> nat_of_num m < nat_of_num n"
+
+instance proof
+qed (auto simp add: less_eq_num_def less_num_def
+ split_num_all num_of_nat_inverse num_of_nat_inject split: split_if_asm)
+
+end
+
+lemma less_eq_num_code [numeral, simp, code]:
+ "(1::num) \<le> n \<longleftrightarrow> True"
+ "Dig0 m \<le> 1 \<longleftrightarrow> False"
+ "Dig1 m \<le> 1 \<longleftrightarrow> False"
+ "Dig0 m \<le> Dig0 n \<longleftrightarrow> m \<le> n"
+ "Dig0 m \<le> Dig1 n \<longleftrightarrow> m \<le> n"
+ "Dig1 m \<le> Dig1 n \<longleftrightarrow> m \<le> n"
+ "Dig1 m \<le> Dig0 n \<longleftrightarrow> m < n"
+ using of_num_pos [of n, where ?'a = nat] of_num_pos [of m, where ?'a = nat]
+ by (auto simp add: less_eq_num_def less_num_def nat_of_num_of_num of_num.simps)
+
+lemma less_num_code [numeral, simp, code]:
+ "m < (1::num) \<longleftrightarrow> False"
+ "(1::num) < 1 \<longleftrightarrow> False"
+ "1 < Dig0 n \<longleftrightarrow> True"
+ "1 < Dig1 n \<longleftrightarrow> True"
+ "Dig0 m < Dig0 n \<longleftrightarrow> m < n"
+ "Dig0 m < Dig1 n \<longleftrightarrow> m \<le> n"
+ "Dig1 m < Dig1 n \<longleftrightarrow> m < n"
+ "Dig1 m < Dig0 n \<longleftrightarrow> m < n"
+ using of_num_pos [of n, where ?'a = nat] of_num_pos [of m, where ?'a = nat]
+ by (auto simp add: less_eq_num_def less_num_def nat_of_num_of_num of_num.simps)
+
+context ordered_semidom
+begin
+
+lemma of_num_less_eq_iff [numeral]: "of_num m \<le> of_num n \<longleftrightarrow> m \<le> n"
+proof -
+ have "of_nat (of_num m) \<le> of_nat (of_num n) \<longleftrightarrow> m \<le> n"
+ unfolding less_eq_num_def nat_of_num_of_num of_nat_le_iff ..
+ then show ?thesis by (simp add: of_nat_of_num)
+qed
+
+lemma of_num_less_eq_one_iff [numeral]: "of_num n \<le> 1 \<longleftrightarrow> n = 1"
+proof -
+ have "of_num n \<le> of_num 1 \<longleftrightarrow> n = 1"
+ by (cases n) (simp_all add: of_num_less_eq_iff)
+ then show ?thesis by (simp add: of_num_one)
+qed
+
+lemma one_less_eq_of_num_iff [numeral]: "1 \<le> of_num n"
+proof -
+ have "of_num 1 \<le> of_num n"
+ by (cases n) (simp_all add: of_num_less_eq_iff)
+ then show ?thesis by (simp add: of_num_one)
+qed
+
+lemma of_num_less_iff [numeral]: "of_num m < of_num n \<longleftrightarrow> m < n"
+proof -
+ have "of_nat (of_num m) < of_nat (of_num n) \<longleftrightarrow> m < n"
+ unfolding less_num_def nat_of_num_of_num of_nat_less_iff ..
+ then show ?thesis by (simp add: of_nat_of_num)
+qed
+
+lemma of_num_less_one_iff [numeral]: "\<not> of_num n < 1"
+proof -
+ have "\<not> of_num n < of_num 1"
+ by (cases n) (simp_all add: of_num_less_iff)
+ then show ?thesis by (simp add: of_num_one)
+qed
+
+lemma one_less_of_num_iff [numeral]: "1 < of_num n \<longleftrightarrow> n \<noteq> 1"
+proof -
+ have "of_num 1 < of_num n \<longleftrightarrow> n \<noteq> 1"
+ by (cases n) (simp_all add: of_num_less_iff)
+ then show ?thesis by (simp add: of_num_one)
+qed
+
+end
+
+text {*
+ Structures with subtraction @{term "op -"}.
+*}
+
+text {* A decrement function *}
+
+primrec dec :: "num \<Rightarrow> num" where
+ "dec 1 = 1"
+ | "dec (Dig0 n) = (case n of 1 \<Rightarrow> 1 | _ \<Rightarrow> Dig1 (dec n))"
+ | "dec (Dig1 n) = Dig0 n"
+
+declare dec.simps [simp del, code del]
+
+lemma Dig_dec [numeral, simp, code]:
+ "dec 1 = 1"
+ "dec (Dig0 1) = 1"
+ "dec (Dig0 (Dig0 n)) = Dig1 (dec (Dig0 n))"
+ "dec (Dig0 (Dig1 n)) = Dig1 (Dig0 n)"
+ "dec (Dig1 n) = Dig0 n"
+ by (simp_all add: dec.simps)
+
+lemma Dig_dec_plus_one:
+ "dec n + 1 = (if n = 1 then Dig0 1 else n)"
+ by (induct n)
+ (auto simp add: Dig_plus dec.simps,
+ auto simp add: Dig_plus split: num.splits)
+
+lemma Dig_one_plus_dec:
+ "1 + dec n = (if n = 1 then Dig0 1 else n)"
+ unfolding add_commute [of 1] Dig_dec_plus_one ..
+
+class semiring_minus = semiring + minus + zero +
+ assumes minus_inverts_plus1: "a + b = c \<Longrightarrow> c - b = a"
+ assumes minus_minus_zero_inverts_plus1: "a + b = c \<Longrightarrow> b - c = 0 - a"
+begin
+
+lemma minus_inverts_plus2: "a + b = c \<Longrightarrow> c - a = b"
+ by (simp add: add_ac minus_inverts_plus1 [of b a])
+
+lemma minus_minus_zero_inverts_plus2: "a + b = c \<Longrightarrow> a - c = 0 - b"
+ by (simp add: add_ac minus_minus_zero_inverts_plus1 [of b a])
+
+end
+
+class semiring_1_minus = semiring_1 + semiring_minus
+begin
+
+lemma Dig_of_num_pos:
+ assumes "k + n = m"
+ shows "of_num m - of_num n = of_num k"
+ using assms by (simp add: of_num_plus minus_inverts_plus1)
+
+lemma Dig_of_num_zero:
+ shows "of_num n - of_num n = 0"
+ by (rule minus_inverts_plus1) simp
+
+lemma Dig_of_num_neg:
+ assumes "k + m = n"
+ shows "of_num m - of_num n = 0 - of_num k"
+ by (rule minus_minus_zero_inverts_plus1) (simp add: of_num_plus assms)
+
+lemmas Dig_plus_eval =
+ of_num_plus of_num_eq_iff Dig_plus refl [of "1::num", THEN eqTrueI] num.inject
+
+simproc_setup numeral_minus ("of_num m - of_num n") = {*
+ let
+ (*TODO proper implicit use of morphism via pattern antiquotations*)
+ fun cdest_of_num ct = (snd o split_last o snd o Drule.strip_comb) ct;
+ fun cdest_minus ct = case (rev o snd o Drule.strip_comb) ct of [n, m] => (m, n);
+ fun attach_num ct = (dest_num (Thm.term_of ct), ct);
+ fun cdifference t = (pairself (attach_num o cdest_of_num) o cdest_minus) t;
+ val simplify = MetaSimplifier.rewrite false (map mk_meta_eq @{thms Dig_plus_eval});
+ fun cert ck cl cj = @{thm eqTrueE} OF [@{thm meta_eq_to_obj_eq} OF [simplify (Drule.list_comb (@{cterm "op = :: num \<Rightarrow> _"},
+ [Drule.list_comb (@{cterm "op + :: num \<Rightarrow> _"}, [ck, cl]), cj]))]];
+ in fn phi => fn _ => fn ct => case try cdifference ct
+ of NONE => (NONE)
+ | SOME ((k, ck), (l, cl)) => SOME (let val j = k - l in if j = 0
+ then MetaSimplifier.rewrite false [mk_meta_eq (Morphism.thm phi @{thm Dig_of_num_zero})] ct
+ else mk_meta_eq (let
+ val cj = Thm.cterm_of (Thm.theory_of_cterm ct) (mk_num (abs j));
+ in
+ (if j > 0 then (Morphism.thm phi @{thm Dig_of_num_pos}) OF [cert cj cl ck]
+ else (Morphism.thm phi @{thm Dig_of_num_neg}) OF [cert cj ck cl])
+ end) end)
+ end
+*}
+
+lemma Dig_of_num_minus_zero [numeral]:
+ "of_num n - 0 = of_num n"
+ by (simp add: minus_inverts_plus1)
+
+lemma Dig_one_minus_zero [numeral]:
+ "1 - 0 = 1"
+ by (simp add: minus_inverts_plus1)
+
+lemma Dig_one_minus_one [numeral]:
+ "1 - 1 = 0"
+ by (simp add: minus_inverts_plus1)
+
+lemma Dig_of_num_minus_one [numeral]:
+ "of_num (Dig0 n) - 1 = of_num (dec (Dig0 n))"
+ "of_num (Dig1 n) - 1 = of_num (Dig0 n)"
+ by (auto intro: minus_inverts_plus1 simp add: Dig_dec_plus_one of_num.simps of_num_plus_one)
+
+lemma Dig_one_minus_of_num [numeral]:
+ "1 - of_num (Dig0 n) = 0 - of_num (dec (Dig0 n))"
+ "1 - of_num (Dig1 n) = 0 - of_num (Dig0 n)"
+ by (auto intro: minus_minus_zero_inverts_plus1 simp add: Dig_dec_plus_one of_num.simps of_num_plus_one)
+
+end
+
+context ring_1
+begin
+
+subclass semiring_1_minus
+ by unfold_locales (simp_all add: ring_simps)
+
+lemma Dig_zero_minus_of_num [numeral]:
+ "0 - of_num n = - of_num n"
+ by simp
+
+lemma Dig_zero_minus_one [numeral]:
+ "0 - 1 = - 1"
+ by simp
+
+lemma Dig_uminus_uminus [numeral]:
+ "- (- of_num n) = of_num n"
+ by simp
+
+lemma Dig_plus_uminus [numeral]:
+ "of_num m + - of_num n = of_num m - of_num n"
+ "- of_num m + of_num n = of_num n - of_num m"
+ "- of_num m + - of_num n = - (of_num m + of_num n)"
+ "of_num m - - of_num n = of_num m + of_num n"
+ "- of_num m - of_num n = - (of_num m + of_num n)"
+ "- of_num m - - of_num n = of_num n - of_num m"
+ by (simp_all add: diff_minus add_commute)
+
+lemma Dig_times_uminus [numeral]:
+ "- of_num n * of_num m = - (of_num n * of_num m)"
+ "of_num n * - of_num m = - (of_num n * of_num m)"
+ "- of_num n * - of_num m = of_num n * of_num m"
+ by (simp_all add: minus_mult_left [symmetric] minus_mult_right [symmetric])
+
+lemma of_int_of_num [numeral]: "of_int (of_num n) = of_num n"
+by (induct n)
+ (simp_all only: of_num.simps semiring_numeral_class.of_num.simps of_int_add, simp_all)
+
+declare of_int_1 [numeral]
+
+end
+
+text {*
+ Greetings to @{typ nat}.
+*}
+
+instance nat :: semiring_1_minus proof qed simp_all
+
+lemma Suc_of_num [numeral]: "Suc (of_num n) = of_num (n + 1)"
+ unfolding of_num_plus_one [symmetric] by simp
+
+lemma nat_number:
+ "1 = Suc 0"
+ "of_num 1 = Suc 0"
+ "of_num (Dig0 n) = Suc (of_num (dec (Dig0 n)))"
+ "of_num (Dig1 n) = Suc (of_num (Dig0 n))"
+ by (simp_all add: of_num.simps Dig_dec_plus_one Suc_of_num)
+
+declare diff_0_eq_0 [numeral]
+
+
+subsection {* Code generator setup for @{typ int} *}
+
+definition Pls :: "num \<Rightarrow> int" where
+ [simp, code post]: "Pls n = of_num n"
+
+definition Mns :: "num \<Rightarrow> int" where
+ [simp, code post]: "Mns n = - of_num n"
+
+code_datatype "0::int" Pls Mns
+
+lemmas [code inline] = Pls_def [symmetric] Mns_def [symmetric]
+
+definition sub :: "num \<Rightarrow> num \<Rightarrow> int" where
+ [simp, code func del]: "sub m n = (of_num m - of_num n)"
+
+definition dup :: "int \<Rightarrow> int" where
+ [code func del]: "dup k = 2 * k"
+
+lemma Dig_sub [code]:
+ "sub 1 1 = 0"
+ "sub (Dig0 m) 1 = of_num (dec (Dig0 m))"
+ "sub (Dig1 m) 1 = of_num (Dig0 m)"
+ "sub 1 (Dig0 n) = - of_num (dec (Dig0 n))"
+ "sub 1 (Dig1 n) = - of_num (Dig0 n)"
+ "sub (Dig0 m) (Dig0 n) = dup (sub m n)"
+ "sub (Dig1 m) (Dig1 n) = dup (sub m n)"
+ "sub (Dig1 m) (Dig0 n) = dup (sub m n) + 1"
+ "sub (Dig0 m) (Dig1 n) = dup (sub m n) - 1"
+ apply (simp_all add: dup_def ring_simps)
+ apply (simp_all add: of_num_plus Dig_one_plus_dec)[4]
+ apply (simp_all add: of_num.simps)
+ done
+
+lemma dup_code [code]:
+ "dup 0 = 0"
+ "dup (Pls n) = Pls (Dig0 n)"
+ "dup (Mns n) = Mns (Dig0 n)"
+ by (simp_all add: dup_def of_num.simps)
+
+lemma [code func, code func del]:
+ "(1 :: int) = 1"
+ "(op + :: int \<Rightarrow> int \<Rightarrow> int) = op +"
+ "(uminus :: int \<Rightarrow> int) = uminus"
+ "(op - :: int \<Rightarrow> int \<Rightarrow> int) = op -"
+ "(op * :: int \<Rightarrow> int \<Rightarrow> int) = op *"
+ "(op = :: int \<Rightarrow> int \<Rightarrow> bool) = op ="
+ "(op \<le> :: int \<Rightarrow> int \<Rightarrow> bool) = op \<le>"
+ "(op < :: int \<Rightarrow> int \<Rightarrow> bool) = op <"
+ by rule+
+
+lemma one_int_code [code]:
+ "1 = Pls 1"
+ by (simp add: of_num_one)
+
+lemma plus_int_code [code]:
+ "k + 0 = (k::int)"
+ "0 + l = (l::int)"
+ "Pls m + Pls n = Pls (m + n)"
+ "Pls m - Pls n = sub m n"
+ "Mns m + Mns n = Mns (m + n)"
+ "Mns m - Mns n = sub n m"
+ by (simp_all add: of_num_plus [symmetric])
+
+lemma uminus_int_code [code]:
+ "uminus 0 = (0::int)"
+ "uminus (Pls m) = Mns m"
+ "uminus (Mns m) = Pls m"
+ by simp_all
+
+lemma minus_int_code [code]:
+ "k - 0 = (k::int)"
+ "0 - l = uminus (l::int)"
+ "Pls m - Pls n = sub m n"
+ "Pls m - Mns n = Pls (m + n)"
+ "Mns m - Pls n = Mns (m + n)"
+ "Mns m - Mns n = sub n m"
+ by (simp_all add: of_num_plus [symmetric])
+
+lemma times_int_code [code]:
+ "k * 0 = (0::int)"
+ "0 * l = (0::int)"
+ "Pls m * Pls n = Pls (m * n)"
+ "Pls m * Mns n = Mns (m * n)"
+ "Mns m * Pls n = Mns (m * n)"
+ "Mns m * Mns n = Pls (m * n)"
+ by (simp_all add: of_num_times [symmetric])
+
+lemma eq_int_code [code]:
+ "0 = (0::int) \<longleftrightarrow> True"
+ "0 = Pls l \<longleftrightarrow> False"
+ "0 = Mns l \<longleftrightarrow> False"
+ "Pls k = 0 \<longleftrightarrow> False"
+ "Pls k = Pls l \<longleftrightarrow> k = l"
+ "Pls k = Mns l \<longleftrightarrow> False"
+ "Mns k = 0 \<longleftrightarrow> False"
+ "Mns k = Pls l \<longleftrightarrow> False"
+ "Mns k = Mns l \<longleftrightarrow> k = l"
+ using of_num_pos [of l, where ?'a = int] of_num_pos [of k, where ?'a = int]
+ by (simp_all add: of_num_eq_iff)
+
+lemma less_eq_int_code [code]:
+ "0 \<le> (0::int) \<longleftrightarrow> True"
+ "0 \<le> Pls l \<longleftrightarrow> True"
+ "0 \<le> Mns l \<longleftrightarrow> False"
+ "Pls k \<le> 0 \<longleftrightarrow> False"
+ "Pls k \<le> Pls l \<longleftrightarrow> k \<le> l"
+ "Pls k \<le> Mns l \<longleftrightarrow> False"
+ "Mns k \<le> 0 \<longleftrightarrow> True"
+ "Mns k \<le> Pls l \<longleftrightarrow> True"
+ "Mns k \<le> Mns l \<longleftrightarrow> l \<le> k"
+ using of_num_pos [of l, where ?'a = int] of_num_pos [of k, where ?'a = int]
+ by (simp_all add: of_num_less_eq_iff)
+
+lemma less_int_code [code]:
+ "0 < (0::int) \<longleftrightarrow> False"
+ "0 < Pls l \<longleftrightarrow> True"
+ "0 < Mns l \<longleftrightarrow> False"
+ "Pls k < 0 \<longleftrightarrow> False"
+ "Pls k < Pls l \<longleftrightarrow> k < l"
+ "Pls k < Mns l \<longleftrightarrow> False"
+ "Mns k < 0 \<longleftrightarrow> True"
+ "Mns k < Pls l \<longleftrightarrow> True"
+ "Mns k < Mns l \<longleftrightarrow> l < k"
+ using of_num_pos [of l, where ?'a = int] of_num_pos [of k, where ?'a = int]
+ by (simp_all add: of_num_less_iff)
+
+lemma [code inline del]: "(0::int) \<equiv> Numeral0" by simp
+lemma [code inline del]: "(1::int) \<equiv> Numeral1" by simp
+declare zero_is_num_zero [code inline del]
+declare one_is_num_one [code inline del]
+
+hide (open) const sub dup
+
+
+subsection {* Numeral equations as default simplification rules *}
+
+text {* TODO. Be more precise here with respect to subsumed facts. *}
+declare (in semiring_numeral) numeral [simp]
+declare (in semiring_1) numeral [simp]
+declare (in semiring_char_0) numeral [simp]
+declare (in ring_1) numeral [simp]
+thm numeral
+
+
+text {* Toy examples *}
+
+definition "bar \<longleftrightarrow> #4 * #2 + #7 = (#8 :: nat) \<and> #4 * #2 + #7 \<ge> (#8 :: int) - #3"
+code_thms bar
+export_code bar in Haskell file -
+export_code bar in OCaml module_name Foo file -
+ML {* @{code bar} *}
+
+end