--- a/CONTRIBUTORS Thu Jun 18 09:07:30 2020 +0000
+++ b/CONTRIBUTORS Thu Jun 18 09:07:30 2020 +0000
@@ -6,6 +6,9 @@
Contributions to this Isabelle version
--------------------------------------
+* May 2020: Florian Haftmann
+ HOL-Word bases on library theory of generic bit operations.
+
Contributions to Isabelle2020
-----------------------------
--- a/NEWS Thu Jun 18 09:07:30 2020 +0000
+++ b/NEWS Thu Jun 18 09:07:30 2020 +0000
@@ -48,13 +48,18 @@
* For the natural numbers, Sup {} = 0.
+* Library theory "Bit_Operations" with generic bit operations.
+
+* Session HOL-Word: Bit operations are based on library
+theory "Bit_Operations". INCOMPATIBILITY.
+
+* Session HOL-Word: Compound operation "bin_split" simplifies by default
+into its components "drop_bit" and "take_bit". INCOMPATIBILITY.
+
* Session HOL-Word: Operations "bin_last", "bin_rest", "bin_nth",
"bintrunc" and "max_word" are now mere input abbreviations.
Minor INCOMPATIBILITY.
-* Session HOL-Word: Compound operation "bin_split" simplifies by default
-into its components "drop_bit" and "take_bit". INCOMPATIBILITY.
-
*** FOL ***
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/HOL/Library/Bit_Operations.thy Thu Jun 18 09:07:30 2020 +0000
@@ -0,0 +1,780 @@
+(* Author: Florian Haftmann, TUM
+*)
+
+section \<open>Bit operations in suitable algebraic structures\<close>
+
+theory Bit_Operations
+ imports
+ "HOL-Library.Boolean_Algebra"
+ Main
+begin
+
+subsection \<open>Bit operations\<close>
+
+class semiring_bit_operations = semiring_bit_shifts +
+ fixes "and" :: \<open>'a \<Rightarrow> 'a \<Rightarrow> 'a\<close> (infixr \<open>AND\<close> 64)
+ and or :: \<open>'a \<Rightarrow> 'a \<Rightarrow> 'a\<close> (infixr \<open>OR\<close> 59)
+ and xor :: \<open>'a \<Rightarrow> 'a \<Rightarrow> 'a\<close> (infixr \<open>XOR\<close> 59)
+ assumes bit_and_iff: \<open>\<And>n. bit (a AND b) n \<longleftrightarrow> bit a n \<and> bit b n\<close>
+ and bit_or_iff: \<open>\<And>n. bit (a OR b) n \<longleftrightarrow> bit a n \<or> bit b n\<close>
+ and bit_xor_iff: \<open>\<And>n. bit (a XOR b) n \<longleftrightarrow> bit a n \<noteq> bit b n\<close>
+begin
+
+text \<open>
+ We want the bitwise operations to bind slightly weaker
+ than \<open>+\<close> and \<open>-\<close>.
+ For the sake of code generation
+ the operations \<^const>\<open>and\<close>, \<^const>\<open>or\<close> and \<^const>\<open>xor\<close>
+ are specified as definitional class operations.
+\<close>
+
+sublocale "and": semilattice \<open>(AND)\<close>
+ by standard (auto simp add: bit_eq_iff bit_and_iff)
+
+sublocale or: semilattice_neutr \<open>(OR)\<close> 0
+ by standard (auto simp add: bit_eq_iff bit_or_iff)
+
+sublocale xor: comm_monoid \<open>(XOR)\<close> 0
+ by standard (auto simp add: bit_eq_iff bit_xor_iff)
+
+lemma even_and_iff:
+ \<open>even (a AND b) \<longleftrightarrow> even a \<or> even b\<close>
+ using bit_and_iff [of a b 0] by auto
+
+lemma even_or_iff:
+ \<open>even (a OR b) \<longleftrightarrow> even a \<and> even b\<close>
+ using bit_or_iff [of a b 0] by auto
+
+lemma even_xor_iff:
+ \<open>even (a XOR b) \<longleftrightarrow> (even a \<longleftrightarrow> even b)\<close>
+ using bit_xor_iff [of a b 0] by auto
+
+lemma zero_and_eq [simp]:
+ "0 AND a = 0"
+ by (simp add: bit_eq_iff bit_and_iff)
+
+lemma and_zero_eq [simp]:
+ "a AND 0 = 0"
+ by (simp add: bit_eq_iff bit_and_iff)
+
+lemma one_and_eq:
+ "1 AND a = a mod 2"
+ by (simp add: bit_eq_iff bit_and_iff) (auto simp add: bit_1_iff)
+
+lemma and_one_eq:
+ "a AND 1 = a mod 2"
+ using one_and_eq [of a] by (simp add: ac_simps)
+
+lemma one_or_eq:
+ "1 OR a = a + of_bool (even a)"
+ by (simp add: bit_eq_iff bit_or_iff add.commute [of _ 1] even_bit_succ_iff) (auto simp add: bit_1_iff)
+
+lemma or_one_eq:
+ "a OR 1 = a + of_bool (even a)"
+ using one_or_eq [of a] by (simp add: ac_simps)
+
+lemma one_xor_eq:
+ "1 XOR a = a + of_bool (even a) - of_bool (odd a)"
+ by (simp add: bit_eq_iff bit_xor_iff add.commute [of _ 1] even_bit_succ_iff) (auto simp add: bit_1_iff odd_bit_iff_bit_pred elim: oddE)
+
+lemma xor_one_eq:
+ "a XOR 1 = a + of_bool (even a) - of_bool (odd a)"
+ using one_xor_eq [of a] by (simp add: ac_simps)
+
+lemma take_bit_and [simp]:
+ \<open>take_bit n (a AND b) = take_bit n a AND take_bit n b\<close>
+ by (auto simp add: bit_eq_iff bit_take_bit_iff bit_and_iff)
+
+lemma take_bit_or [simp]:
+ \<open>take_bit n (a OR b) = take_bit n a OR take_bit n b\<close>
+ by (auto simp add: bit_eq_iff bit_take_bit_iff bit_or_iff)
+
+lemma take_bit_xor [simp]:
+ \<open>take_bit n (a XOR b) = take_bit n a XOR take_bit n b\<close>
+ by (auto simp add: bit_eq_iff bit_take_bit_iff bit_xor_iff)
+
+definition mask :: \<open>nat \<Rightarrow> 'a\<close>
+ where mask_eq_exp_minus_1: \<open>mask n = 2 ^ n - 1\<close>
+
+lemma bit_mask_iff:
+ \<open>bit (mask m) n \<longleftrightarrow> 2 ^ n \<noteq> 0 \<and> n < m\<close>
+ by (simp add: mask_eq_exp_minus_1 bit_mask_iff)
+
+lemma even_mask_iff:
+ \<open>even (mask n) \<longleftrightarrow> n = 0\<close>
+ using bit_mask_iff [of n 0] by auto
+
+lemma mask_0 [simp, code]:
+ \<open>mask 0 = 0\<close>
+ by (simp add: mask_eq_exp_minus_1)
+
+lemma mask_Suc_exp [code]:
+ \<open>mask (Suc n) = 2 ^ n OR mask n\<close>
+ by (rule bit_eqI)
+ (auto simp add: bit_or_iff bit_mask_iff bit_exp_iff not_less le_less_Suc_eq)
+
+lemma mask_Suc_double:
+ \<open>mask (Suc n) = 2 * mask n OR 1\<close>
+proof (rule bit_eqI)
+ fix q
+ assume \<open>2 ^ q \<noteq> 0\<close>
+ show \<open>bit (mask (Suc n)) q \<longleftrightarrow> bit (2 * mask n OR 1) q\<close>
+ by (cases q)
+ (simp_all add: even_mask_iff even_or_iff bit_or_iff bit_mask_iff bit_exp_iff bit_double_iff not_less le_less_Suc_eq bit_1_iff, auto simp add: mult_2)
+qed
+
+lemma take_bit_eq_mask [code]:
+ \<open>take_bit n a = a AND mask n\<close>
+ by (rule bit_eqI)
+ (auto simp add: bit_take_bit_iff bit_and_iff bit_mask_iff)
+
+end
+
+class ring_bit_operations = semiring_bit_operations + ring_parity +
+ fixes not :: \<open>'a \<Rightarrow> 'a\<close> (\<open>NOT\<close>)
+ assumes bit_not_iff: \<open>\<And>n. bit (NOT a) n \<longleftrightarrow> 2 ^ n \<noteq> 0 \<and> \<not> bit a n\<close>
+ assumes minus_eq_not_minus_1: \<open>- a = NOT (a - 1)\<close>
+begin
+
+text \<open>
+ For the sake of code generation \<^const>\<open>not\<close> is specified as
+ definitional class operation. Note that \<^const>\<open>not\<close> has no
+ sensible definition for unlimited but only positive bit strings
+ (type \<^typ>\<open>nat\<close>).
+\<close>
+
+lemma bits_minus_1_mod_2_eq [simp]:
+ \<open>(- 1) mod 2 = 1\<close>
+ by (simp add: mod_2_eq_odd)
+
+lemma not_eq_complement:
+ \<open>NOT a = - a - 1\<close>
+ using minus_eq_not_minus_1 [of \<open>a + 1\<close>] by simp
+
+lemma minus_eq_not_plus_1:
+ \<open>- a = NOT a + 1\<close>
+ using not_eq_complement [of a] by simp
+
+lemma bit_minus_iff:
+ \<open>bit (- a) n \<longleftrightarrow> 2 ^ n \<noteq> 0 \<and> \<not> bit (a - 1) n\<close>
+ by (simp add: minus_eq_not_minus_1 bit_not_iff)
+
+lemma even_not_iff [simp]:
+ "even (NOT a) \<longleftrightarrow> odd a"
+ using bit_not_iff [of a 0] by auto
+
+lemma bit_not_exp_iff:
+ \<open>bit (NOT (2 ^ m)) n \<longleftrightarrow> 2 ^ n \<noteq> 0 \<and> n \<noteq> m\<close>
+ by (auto simp add: bit_not_iff bit_exp_iff)
+
+lemma bit_minus_1_iff [simp]:
+ \<open>bit (- 1) n \<longleftrightarrow> 2 ^ n \<noteq> 0\<close>
+ by (simp add: bit_minus_iff)
+
+lemma bit_minus_exp_iff:
+ \<open>bit (- (2 ^ m)) n \<longleftrightarrow> 2 ^ n \<noteq> 0 \<and> n \<ge> m\<close>
+ oops
+
+lemma bit_minus_2_iff [simp]:
+ \<open>bit (- 2) n \<longleftrightarrow> 2 ^ n \<noteq> 0 \<and> n > 0\<close>
+ by (simp add: bit_minus_iff bit_1_iff)
+
+lemma not_one [simp]:
+ "NOT 1 = - 2"
+ by (simp add: bit_eq_iff bit_not_iff) (simp add: bit_1_iff)
+
+sublocale "and": semilattice_neutr \<open>(AND)\<close> \<open>- 1\<close>
+ apply standard
+ apply (simp add: bit_eq_iff bit_and_iff)
+ apply (auto simp add: exp_eq_0_imp_not_bit bit_exp_iff)
+ done
+
+sublocale bit: boolean_algebra \<open>(AND)\<close> \<open>(OR)\<close> NOT 0 \<open>- 1\<close>
+ rewrites \<open>bit.xor = (XOR)\<close>
+proof -
+ interpret bit: boolean_algebra \<open>(AND)\<close> \<open>(OR)\<close> NOT 0 \<open>- 1\<close>
+ apply standard
+ apply (simp_all add: bit_eq_iff bit_and_iff bit_or_iff bit_not_iff)
+ apply (auto simp add: exp_eq_0_imp_not_bit bit_exp_iff)
+ done
+ show \<open>boolean_algebra (AND) (OR) NOT 0 (- 1)\<close>
+ by standard
+ show \<open>boolean_algebra.xor (AND) (OR) NOT = (XOR)\<close>
+ apply (auto simp add: fun_eq_iff bit.xor_def bit_eq_iff bit_and_iff bit_or_iff bit_not_iff bit_xor_iff)
+ apply (simp_all add: bit_exp_iff, simp_all add: bit_def)
+ apply (metis local.bit_exp_iff local.bits_div_by_0)
+ apply (metis local.bit_exp_iff local.bits_div_by_0)
+ done
+qed
+
+lemma and_eq_not_not_or:
+ \<open>a AND b = NOT (NOT a OR NOT b)\<close>
+ by simp
+
+lemma or_eq_not_not_and:
+ \<open>a OR b = NOT (NOT a AND NOT b)\<close>
+ by simp
+
+lemma push_bit_minus:
+ \<open>push_bit n (- a) = - push_bit n a\<close>
+ by (simp add: push_bit_eq_mult)
+
+lemma take_bit_not_take_bit:
+ \<open>take_bit n (NOT (take_bit n a)) = take_bit n (NOT a)\<close>
+ by (auto simp add: bit_eq_iff bit_take_bit_iff bit_not_iff)
+
+lemma take_bit_not_iff:
+ "take_bit n (NOT a) = take_bit n (NOT b) \<longleftrightarrow> take_bit n a = take_bit n b"
+ apply (simp add: bit_eq_iff bit_not_iff bit_take_bit_iff)
+ apply (simp add: bit_exp_iff)
+ apply (use local.exp_eq_0_imp_not_bit in blast)
+ done
+
+lemma take_bit_minus_one_eq_mask:
+ \<open>take_bit n (- 1) = mask n\<close>
+ by (simp add: bit_eq_iff bit_mask_iff bit_take_bit_iff conj_commute)
+
+lemma push_bit_minus_one_eq_not_mask:
+ \<open>push_bit n (- 1) = NOT (mask n)\<close>
+proof (rule bit_eqI)
+ fix m
+ assume \<open>2 ^ m \<noteq> 0\<close>
+ show \<open>bit (push_bit n (- 1)) m \<longleftrightarrow> bit (NOT (mask n)) m\<close>
+ proof (cases \<open>n \<le> m\<close>)
+ case True
+ moreover define q where \<open>q = m - n\<close>
+ ultimately have \<open>m = n + q\<close> \<open>m - n = q\<close>
+ by simp_all
+ with \<open>2 ^ m \<noteq> 0\<close> have \<open>2 ^ n * 2 ^ q \<noteq> 0\<close>
+ by (simp add: power_add)
+ then have \<open>2 ^ q \<noteq> 0\<close>
+ using mult_not_zero by blast
+ with \<open>m - n = q\<close> show ?thesis
+ by (auto simp add: bit_not_iff bit_mask_iff bit_push_bit_iff not_less)
+ next
+ case False
+ then show ?thesis
+ by (simp add: bit_not_iff bit_mask_iff bit_push_bit_iff not_le)
+ qed
+qed
+
+definition set_bit :: \<open>nat \<Rightarrow> 'a \<Rightarrow> 'a\<close>
+ where \<open>set_bit n a = a OR 2 ^ n\<close>
+
+definition unset_bit :: \<open>nat \<Rightarrow> 'a \<Rightarrow> 'a\<close>
+ where \<open>unset_bit n a = a AND NOT (2 ^ n)\<close>
+
+definition flip_bit :: \<open>nat \<Rightarrow> 'a \<Rightarrow> 'a\<close>
+ where \<open>flip_bit n a = a XOR 2 ^ n\<close>
+
+lemma bit_set_bit_iff:
+ \<open>bit (set_bit m a) n \<longleftrightarrow> bit a n \<or> (m = n \<and> 2 ^ n \<noteq> 0)\<close>
+ by (auto simp add: set_bit_def bit_or_iff bit_exp_iff)
+
+lemma even_set_bit_iff:
+ \<open>even (set_bit m a) \<longleftrightarrow> even a \<and> m \<noteq> 0\<close>
+ using bit_set_bit_iff [of m a 0] by auto
+
+lemma bit_unset_bit_iff:
+ \<open>bit (unset_bit m a) n \<longleftrightarrow> bit a n \<and> m \<noteq> n\<close>
+ by (auto simp add: unset_bit_def bit_and_iff bit_not_iff bit_exp_iff exp_eq_0_imp_not_bit)
+
+lemma even_unset_bit_iff:
+ \<open>even (unset_bit m a) \<longleftrightarrow> even a \<or> m = 0\<close>
+ using bit_unset_bit_iff [of m a 0] by auto
+
+lemma bit_flip_bit_iff:
+ \<open>bit (flip_bit m a) n \<longleftrightarrow> (m = n \<longleftrightarrow> \<not> bit a n) \<and> 2 ^ n \<noteq> 0\<close>
+ by (auto simp add: flip_bit_def bit_xor_iff bit_exp_iff exp_eq_0_imp_not_bit)
+
+lemma even_flip_bit_iff:
+ \<open>even (flip_bit m a) \<longleftrightarrow> \<not> (even a \<longleftrightarrow> m = 0)\<close>
+ using bit_flip_bit_iff [of m a 0] by auto
+
+lemma set_bit_0 [simp]:
+ \<open>set_bit 0 a = 1 + 2 * (a div 2)\<close>
+proof (rule bit_eqI)
+ fix m
+ assume *: \<open>2 ^ m \<noteq> 0\<close>
+ then show \<open>bit (set_bit 0 a) m = bit (1 + 2 * (a div 2)) m\<close>
+ by (simp add: bit_set_bit_iff bit_double_iff even_bit_succ_iff)
+ (cases m, simp_all add: bit_Suc)
+qed
+
+lemma set_bit_Suc:
+ \<open>set_bit (Suc n) a = a mod 2 + 2 * set_bit n (a div 2)\<close>
+proof (rule bit_eqI)
+ fix m
+ assume *: \<open>2 ^ m \<noteq> 0\<close>
+ show \<open>bit (set_bit (Suc n) a) m \<longleftrightarrow> bit (a mod 2 + 2 * set_bit n (a div 2)) m\<close>
+ proof (cases m)
+ case 0
+ then show ?thesis
+ by (simp add: even_set_bit_iff)
+ next
+ case (Suc m)
+ with * have \<open>2 ^ m \<noteq> 0\<close>
+ using mult_2 by auto
+ show ?thesis
+ by (cases a rule: parity_cases)
+ (simp_all add: bit_set_bit_iff bit_double_iff even_bit_succ_iff *,
+ simp_all add: Suc \<open>2 ^ m \<noteq> 0\<close> bit_Suc)
+ qed
+qed
+
+lemma unset_bit_0 [simp]:
+ \<open>unset_bit 0 a = 2 * (a div 2)\<close>
+proof (rule bit_eqI)
+ fix m
+ assume *: \<open>2 ^ m \<noteq> 0\<close>
+ then show \<open>bit (unset_bit 0 a) m = bit (2 * (a div 2)) m\<close>
+ by (simp add: bit_unset_bit_iff bit_double_iff)
+ (cases m, simp_all add: bit_Suc)
+qed
+
+lemma unset_bit_Suc:
+ \<open>unset_bit (Suc n) a = a mod 2 + 2 * unset_bit n (a div 2)\<close>
+proof (rule bit_eqI)
+ fix m
+ assume *: \<open>2 ^ m \<noteq> 0\<close>
+ then show \<open>bit (unset_bit (Suc n) a) m \<longleftrightarrow> bit (a mod 2 + 2 * unset_bit n (a div 2)) m\<close>
+ proof (cases m)
+ case 0
+ then show ?thesis
+ by (simp add: even_unset_bit_iff)
+ next
+ case (Suc m)
+ show ?thesis
+ by (cases a rule: parity_cases)
+ (simp_all add: bit_unset_bit_iff bit_double_iff even_bit_succ_iff *,
+ simp_all add: Suc bit_Suc)
+ qed
+qed
+
+lemma flip_bit_0 [simp]:
+ \<open>flip_bit 0 a = of_bool (even a) + 2 * (a div 2)\<close>
+proof (rule bit_eqI)
+ fix m
+ assume *: \<open>2 ^ m \<noteq> 0\<close>
+ then show \<open>bit (flip_bit 0 a) m = bit (of_bool (even a) + 2 * (a div 2)) m\<close>
+ by (simp add: bit_flip_bit_iff bit_double_iff even_bit_succ_iff)
+ (cases m, simp_all add: bit_Suc)
+qed
+
+lemma flip_bit_Suc:
+ \<open>flip_bit (Suc n) a = a mod 2 + 2 * flip_bit n (a div 2)\<close>
+proof (rule bit_eqI)
+ fix m
+ assume *: \<open>2 ^ m \<noteq> 0\<close>
+ show \<open>bit (flip_bit (Suc n) a) m \<longleftrightarrow> bit (a mod 2 + 2 * flip_bit n (a div 2)) m\<close>
+ proof (cases m)
+ case 0
+ then show ?thesis
+ by (simp add: even_flip_bit_iff)
+ next
+ case (Suc m)
+ with * have \<open>2 ^ m \<noteq> 0\<close>
+ using mult_2 by auto
+ show ?thesis
+ by (cases a rule: parity_cases)
+ (simp_all add: bit_flip_bit_iff bit_double_iff even_bit_succ_iff,
+ simp_all add: Suc \<open>2 ^ m \<noteq> 0\<close> bit_Suc)
+ qed
+qed
+
+end
+
+
+subsection \<open>Instance \<^typ>\<open>int\<close>\<close>
+
+instantiation int :: ring_bit_operations
+begin
+
+definition not_int :: \<open>int \<Rightarrow> int\<close>
+ where \<open>not_int k = - k - 1\<close>
+
+lemma not_int_rec:
+ "NOT k = of_bool (even k) + 2 * NOT (k div 2)" for k :: int
+ by (auto simp add: not_int_def elim: oddE)
+
+lemma even_not_iff_int:
+ \<open>even (NOT k) \<longleftrightarrow> odd k\<close> for k :: int
+ by (simp add: not_int_def)
+
+lemma not_int_div_2:
+ \<open>NOT k div 2 = NOT (k div 2)\<close> for k :: int
+ by (simp add: not_int_def)
+
+lemma bit_not_int_iff:
+ \<open>bit (NOT k) n \<longleftrightarrow> \<not> bit k n\<close>
+ for k :: int
+ by (induction n arbitrary: k) (simp_all add: not_int_div_2 even_not_iff_int bit_Suc)
+
+function and_int :: \<open>int \<Rightarrow> int \<Rightarrow> int\<close>
+ where \<open>(k::int) AND l = (if k \<in> {0, - 1} \<and> l \<in> {0, - 1}
+ then - of_bool (odd k \<and> odd l)
+ else of_bool (odd k \<and> odd l) + 2 * ((k div 2) AND (l div 2)))\<close>
+ by auto
+
+termination
+ by (relation \<open>measure (\<lambda>(k, l). nat (\<bar>k\<bar> + \<bar>l\<bar>))\<close>) auto
+
+declare and_int.simps [simp del]
+
+lemma and_int_rec:
+ \<open>k AND l = of_bool (odd k \<and> odd l) + 2 * ((k div 2) AND (l div 2))\<close>
+ for k l :: int
+proof (cases \<open>k \<in> {0, - 1} \<and> l \<in> {0, - 1}\<close>)
+ case True
+ then show ?thesis
+ by auto (simp_all add: and_int.simps)
+next
+ case False
+ then show ?thesis
+ by (auto simp add: ac_simps and_int.simps [of k l])
+qed
+
+lemma bit_and_int_iff:
+ \<open>bit (k AND l) n \<longleftrightarrow> bit k n \<and> bit l n\<close> for k l :: int
+proof (induction n arbitrary: k l)
+ case 0
+ then show ?case
+ by (simp add: and_int_rec [of k l])
+next
+ case (Suc n)
+ then show ?case
+ by (simp add: and_int_rec [of k l] bit_Suc)
+qed
+
+lemma even_and_iff_int:
+ \<open>even (k AND l) \<longleftrightarrow> even k \<or> even l\<close> for k l :: int
+ using bit_and_int_iff [of k l 0] by auto
+
+definition or_int :: \<open>int \<Rightarrow> int \<Rightarrow> int\<close>
+ where \<open>k OR l = NOT (NOT k AND NOT l)\<close> for k l :: int
+
+lemma or_int_rec:
+ \<open>k OR l = of_bool (odd k \<or> odd l) + 2 * ((k div 2) OR (l div 2))\<close>
+ for k l :: int
+ using and_int_rec [of \<open>NOT k\<close> \<open>NOT l\<close>]
+ by (simp add: or_int_def even_not_iff_int not_int_div_2)
+ (simp add: not_int_def)
+
+lemma bit_or_int_iff:
+ \<open>bit (k OR l) n \<longleftrightarrow> bit k n \<or> bit l n\<close> for k l :: int
+ by (simp add: or_int_def bit_not_int_iff bit_and_int_iff)
+
+definition xor_int :: \<open>int \<Rightarrow> int \<Rightarrow> int\<close>
+ where \<open>k XOR l = k AND NOT l OR NOT k AND l\<close> for k l :: int
+
+lemma xor_int_rec:
+ \<open>k XOR l = of_bool (odd k \<noteq> odd l) + 2 * ((k div 2) XOR (l div 2))\<close>
+ for k l :: int
+ by (simp add: xor_int_def or_int_rec [of \<open>k AND NOT l\<close> \<open>NOT k AND l\<close>] even_and_iff_int even_not_iff_int)
+ (simp add: and_int_rec [of \<open>NOT k\<close> \<open>l\<close>] and_int_rec [of \<open>k\<close> \<open>NOT l\<close>] not_int_div_2)
+
+lemma bit_xor_int_iff:
+ \<open>bit (k XOR l) n \<longleftrightarrow> bit k n \<noteq> bit l n\<close> for k l :: int
+ by (auto simp add: xor_int_def bit_or_int_iff bit_and_int_iff bit_not_int_iff)
+
+instance proof
+ fix k l :: int and n :: nat
+ show \<open>- k = NOT (k - 1)\<close>
+ by (simp add: not_int_def)
+ show \<open>bit (k AND l) n \<longleftrightarrow> bit k n \<and> bit l n\<close>
+ by (fact bit_and_int_iff)
+ show \<open>bit (k OR l) n \<longleftrightarrow> bit k n \<or> bit l n\<close>
+ by (fact bit_or_int_iff)
+ show \<open>bit (k XOR l) n \<longleftrightarrow> bit k n \<noteq> bit l n\<close>
+ by (fact bit_xor_int_iff)
+qed (simp_all add: bit_not_int_iff)
+
+end
+
+lemma not_nonnegative_int_iff [simp]:
+ \<open>NOT k \<ge> 0 \<longleftrightarrow> k < 0\<close> for k :: int
+ by (simp add: not_int_def)
+
+lemma not_negative_int_iff [simp]:
+ \<open>NOT k < 0 \<longleftrightarrow> k \<ge> 0\<close> for k :: int
+ by (subst Not_eq_iff [symmetric]) (simp add: not_less not_le)
+
+lemma and_nonnegative_int_iff [simp]:
+ \<open>k AND l \<ge> 0 \<longleftrightarrow> k \<ge> 0 \<or> l \<ge> 0\<close> for k l :: int
+proof (induction k arbitrary: l rule: int_bit_induct)
+ case zero
+ then show ?case
+ by simp
+next
+ case minus
+ then show ?case
+ by simp
+next
+ case (even k)
+ then show ?case
+ using and_int_rec [of \<open>k * 2\<close> l] by (simp add: pos_imp_zdiv_nonneg_iff)
+next
+ case (odd k)
+ from odd have \<open>0 \<le> k AND l div 2 \<longleftrightarrow> 0 \<le> k \<or> 0 \<le> l div 2\<close>
+ by simp
+ then have \<open>0 \<le> (1 + k * 2) div 2 AND l div 2 \<longleftrightarrow> 0 \<le> (1 + k * 2) div 2\<or> 0 \<le> l div 2\<close>
+ by simp
+ with and_int_rec [of \<open>1 + k * 2\<close> l]
+ show ?case
+ by auto
+qed
+
+lemma and_negative_int_iff [simp]:
+ \<open>k AND l < 0 \<longleftrightarrow> k < 0 \<and> l < 0\<close> for k l :: int
+ by (subst Not_eq_iff [symmetric]) (simp add: not_less)
+
+lemma or_nonnegative_int_iff [simp]:
+ \<open>k OR l \<ge> 0 \<longleftrightarrow> k \<ge> 0 \<and> l \<ge> 0\<close> for k l :: int
+ by (simp only: or_eq_not_not_and not_nonnegative_int_iff) simp
+
+lemma or_negative_int_iff [simp]:
+ \<open>k OR l < 0 \<longleftrightarrow> k < 0 \<or> l < 0\<close> for k l :: int
+ by (subst Not_eq_iff [symmetric]) (simp add: not_less)
+
+lemma xor_nonnegative_int_iff [simp]:
+ \<open>k XOR l \<ge> 0 \<longleftrightarrow> (k \<ge> 0 \<longleftrightarrow> l \<ge> 0)\<close> for k l :: int
+ by (simp only: bit.xor_def or_nonnegative_int_iff) auto
+
+lemma xor_negative_int_iff [simp]:
+ \<open>k XOR l < 0 \<longleftrightarrow> (k < 0) \<noteq> (l < 0)\<close> for k l :: int
+ by (subst Not_eq_iff [symmetric]) (auto simp add: not_less)
+
+lemma set_bit_nonnegative_int_iff [simp]:
+ \<open>set_bit n k \<ge> 0 \<longleftrightarrow> k \<ge> 0\<close> for k :: int
+ by (simp add: set_bit_def)
+
+lemma set_bit_negative_int_iff [simp]:
+ \<open>set_bit n k < 0 \<longleftrightarrow> k < 0\<close> for k :: int
+ by (simp add: set_bit_def)
+
+lemma unset_bit_nonnegative_int_iff [simp]:
+ \<open>unset_bit n k \<ge> 0 \<longleftrightarrow> k \<ge> 0\<close> for k :: int
+ by (simp add: unset_bit_def)
+
+lemma unset_bit_negative_int_iff [simp]:
+ \<open>unset_bit n k < 0 \<longleftrightarrow> k < 0\<close> for k :: int
+ by (simp add: unset_bit_def)
+
+lemma flip_bit_nonnegative_int_iff [simp]:
+ \<open>flip_bit n k \<ge> 0 \<longleftrightarrow> k \<ge> 0\<close> for k :: int
+ by (simp add: flip_bit_def)
+
+lemma flip_bit_negative_int_iff [simp]:
+ \<open>flip_bit n k < 0 \<longleftrightarrow> k < 0\<close> for k :: int
+ by (simp add: flip_bit_def)
+
+
+subsection \<open>Instance \<^typ>\<open>nat\<close>\<close>
+
+instantiation nat :: semiring_bit_operations
+begin
+
+definition and_nat :: \<open>nat \<Rightarrow> nat \<Rightarrow> nat\<close>
+ where \<open>m AND n = nat (int m AND int n)\<close> for m n :: nat
+
+definition or_nat :: \<open>nat \<Rightarrow> nat \<Rightarrow> nat\<close>
+ where \<open>m OR n = nat (int m OR int n)\<close> for m n :: nat
+
+definition xor_nat :: \<open>nat \<Rightarrow> nat \<Rightarrow> nat\<close>
+ where \<open>m XOR n = nat (int m XOR int n)\<close> for m n :: nat
+
+instance proof
+ fix m n q :: nat
+ show \<open>bit (m AND n) q \<longleftrightarrow> bit m q \<and> bit n q\<close>
+ by (auto simp add: and_nat_def bit_and_iff less_le bit_eq_iff)
+ show \<open>bit (m OR n) q \<longleftrightarrow> bit m q \<or> bit n q\<close>
+ by (auto simp add: or_nat_def bit_or_iff less_le bit_eq_iff)
+ show \<open>bit (m XOR n) q \<longleftrightarrow> bit m q \<noteq> bit n q\<close>
+ by (auto simp add: xor_nat_def bit_xor_iff less_le bit_eq_iff)
+qed
+
+end
+
+lemma and_nat_rec:
+ \<open>m AND n = of_bool (odd m \<and> odd n) + 2 * ((m div 2) AND (n div 2))\<close> for m n :: nat
+ by (simp add: and_nat_def and_int_rec [of \<open>int m\<close> \<open>int n\<close>] zdiv_int nat_add_distrib nat_mult_distrib)
+
+lemma or_nat_rec:
+ \<open>m OR n = of_bool (odd m \<or> odd n) + 2 * ((m div 2) OR (n div 2))\<close> for m n :: nat
+ by (simp add: or_nat_def or_int_rec [of \<open>int m\<close> \<open>int n\<close>] zdiv_int nat_add_distrib nat_mult_distrib)
+
+lemma xor_nat_rec:
+ \<open>m XOR n = of_bool (odd m \<noteq> odd n) + 2 * ((m div 2) XOR (n div 2))\<close> for m n :: nat
+ by (simp add: xor_nat_def xor_int_rec [of \<open>int m\<close> \<open>int n\<close>] zdiv_int nat_add_distrib nat_mult_distrib)
+
+lemma Suc_0_and_eq [simp]:
+ \<open>Suc 0 AND n = n mod 2\<close>
+ using one_and_eq [of n] by simp
+
+lemma and_Suc_0_eq [simp]:
+ \<open>n AND Suc 0 = n mod 2\<close>
+ using and_one_eq [of n] by simp
+
+lemma Suc_0_or_eq:
+ \<open>Suc 0 OR n = n + of_bool (even n)\<close>
+ using one_or_eq [of n] by simp
+
+lemma or_Suc_0_eq:
+ \<open>n OR Suc 0 = n + of_bool (even n)\<close>
+ using or_one_eq [of n] by simp
+
+lemma Suc_0_xor_eq:
+ \<open>Suc 0 XOR n = n + of_bool (even n) - of_bool (odd n)\<close>
+ using one_xor_eq [of n] by simp
+
+lemma xor_Suc_0_eq:
+ \<open>n XOR Suc 0 = n + of_bool (even n) - of_bool (odd n)\<close>
+ using xor_one_eq [of n] by simp
+
+
+subsection \<open>Instances for \<^typ>\<open>integer\<close> and \<^typ>\<open>natural\<close>\<close>
+
+unbundle integer.lifting natural.lifting
+
+context
+ includes lifting_syntax
+begin
+
+lemma transfer_rule_bit_integer [transfer_rule]:
+ \<open>((pcr_integer :: int \<Rightarrow> integer \<Rightarrow> bool) ===> (=)) bit bit\<close>
+ by (unfold bit_def) transfer_prover
+
+lemma transfer_rule_bit_natural [transfer_rule]:
+ \<open>((pcr_natural :: nat \<Rightarrow> natural \<Rightarrow> bool) ===> (=)) bit bit\<close>
+ by (unfold bit_def) transfer_prover
+
+end
+
+instantiation integer :: ring_bit_operations
+begin
+
+lift_definition not_integer :: \<open>integer \<Rightarrow> integer\<close>
+ is not .
+
+lift_definition and_integer :: \<open>integer \<Rightarrow> integer \<Rightarrow> integer\<close>
+ is \<open>and\<close> .
+
+lift_definition or_integer :: \<open>integer \<Rightarrow> integer \<Rightarrow> integer\<close>
+ is or .
+
+lift_definition xor_integer :: \<open>integer \<Rightarrow> integer \<Rightarrow> integer\<close>
+ is xor .
+
+instance proof
+ fix k l :: \<open>integer\<close> and n :: nat
+ show \<open>- k = NOT (k - 1)\<close>
+ by transfer (simp add: minus_eq_not_minus_1)
+ show \<open>bit (NOT k) n \<longleftrightarrow> (2 :: integer) ^ n \<noteq> 0 \<and> \<not> bit k n\<close>
+ by transfer (fact bit_not_iff)
+ show \<open>bit (k AND l) n \<longleftrightarrow> bit k n \<and> bit l n\<close>
+ by transfer (fact bit_and_iff)
+ show \<open>bit (k OR l) n \<longleftrightarrow> bit k n \<or> bit l n\<close>
+ by transfer (fact bit_or_iff)
+ show \<open>bit (k XOR l) n \<longleftrightarrow> bit k n \<noteq> bit l n\<close>
+ by transfer (fact bit_xor_iff)
+qed
+
+end
+
+instantiation natural :: semiring_bit_operations
+begin
+
+lift_definition and_natural :: \<open>natural \<Rightarrow> natural \<Rightarrow> natural\<close>
+ is \<open>and\<close> .
+
+lift_definition or_natural :: \<open>natural \<Rightarrow> natural \<Rightarrow> natural\<close>
+ is or .
+
+lift_definition xor_natural :: \<open>natural \<Rightarrow> natural \<Rightarrow> natural\<close>
+ is xor .
+
+instance proof
+ fix m n :: \<open>natural\<close> and q :: nat
+ show \<open>bit (m AND n) q \<longleftrightarrow> bit m q \<and> bit n q\<close>
+ by transfer (fact bit_and_iff)
+ show \<open>bit (m OR n) q \<longleftrightarrow> bit m q \<or> bit n q\<close>
+ by transfer (fact bit_or_iff)
+ show \<open>bit (m XOR n) q \<longleftrightarrow> bit m q \<noteq> bit n q\<close>
+ by transfer (fact bit_xor_iff)
+qed
+
+end
+
+lifting_update integer.lifting
+lifting_forget integer.lifting
+
+lifting_update natural.lifting
+lifting_forget natural.lifting
+
+
+subsection \<open>Key ideas of bit operations\<close>
+
+text \<open>
+ When formalizing bit operations, it is tempting to represent
+ bit values as explicit lists over a binary type. This however
+ is a bad idea, mainly due to the inherent ambiguities in
+ representation concerning repeating leading bits.
+
+ Hence this approach avoids such explicit lists altogether
+ following an algebraic path:
+
+ \<^item> Bit values are represented by numeric types: idealized
+ unbounded bit values can be represented by type \<^typ>\<open>int\<close>,
+ bounded bit values by quotient types over \<^typ>\<open>int\<close>.
+
+ \<^item> (A special case are idealized unbounded bit values ending
+ in @{term [source] 0} which can be represented by type \<^typ>\<open>nat\<close> but
+ only support a restricted set of operations).
+
+ \<^item> From this idea follows that
+
+ \<^item> multiplication by \<^term>\<open>2 :: int\<close> is a bit shift to the left and
+
+ \<^item> division by \<^term>\<open>2 :: int\<close> is a bit shift to the right.
+
+ \<^item> Concerning bounded bit values, iterated shifts to the left
+ may result in eliminating all bits by shifting them all
+ beyond the boundary. The property \<^prop>\<open>(2 :: int) ^ n \<noteq> 0\<close>
+ represents that \<^term>\<open>n\<close> is \<^emph>\<open>not\<close> beyond that boundary.
+
+ \<^item> The projection on a single bit is then @{thm bit_def [where ?'a = int, no_vars]}.
+
+ \<^item> This leads to the most fundamental properties of bit values:
+
+ \<^item> Equality rule: @{thm bit_eqI [where ?'a = int, no_vars]}
+
+ \<^item> Induction rule: @{thm bits_induct [where ?'a = int, no_vars]}
+
+ \<^item> Typical operations are characterized as follows:
+
+ \<^item> Singleton \<^term>\<open>n\<close>th bit: \<^term>\<open>(2 :: int) ^ n\<close>
+
+ \<^item> Bit mask upto bit \<^term>\<open>n\<close>: @{thm mask_eq_exp_minus_1 [where ?'a = int, no_vars]}
+
+ \<^item> Left shift: @{thm push_bit_eq_mult [where ?'a = int, no_vars]}
+
+ \<^item> Right shift: @{thm drop_bit_eq_div [where ?'a = int, no_vars]}
+
+ \<^item> Truncation: @{thm take_bit_eq_mod [where ?'a = int, no_vars]}
+
+ \<^item> Negation: @{thm bit_not_iff [where ?'a = int, no_vars]}
+
+ \<^item> And: @{thm bit_and_iff [where ?'a = int, no_vars]}
+
+ \<^item> Or: @{thm bit_or_iff [where ?'a = int, no_vars]}
+
+ \<^item> Xor: @{thm bit_xor_iff [where ?'a = int, no_vars]}
+
+ \<^item> Set a single bit: @{thm set_bit_def [where ?'a = int, no_vars]}
+
+ \<^item> Unset a single bit: @{thm unset_bit_def [where ?'a = int, no_vars]}
+
+ \<^item> Flip a single bit: @{thm flip_bit_def [where ?'a = int, no_vars]}
+\<close>
+
+end
--- a/src/HOL/Library/Library.thy Thu Jun 18 09:07:30 2020 +0000
+++ b/src/HOL/Library/Library.thy Thu Jun 18 09:07:30 2020 +0000
@@ -1,9 +1,10 @@
-(*<*)
+ (*<*)
theory Library
imports
AList
Adhoc_Overloading
BigO
+ Bit_Operations
BNF_Axiomatization
BNF_Corec
Boolean_Algebra
--- a/src/HOL/ex/Bit_Operations.thy Thu Jun 18 09:07:30 2020 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,780 +0,0 @@
-(* Author: Florian Haftmann, TUM
-*)
-
-section \<open>Proof of concept for purely algebraically founded lists of bits\<close>
-
-theory Bit_Operations
- imports
- "HOL-Library.Boolean_Algebra"
- Main
-begin
-
-subsection \<open>Bit operations in suitable algebraic structures\<close>
-
-class semiring_bit_operations = semiring_bit_shifts +
- fixes "and" :: \<open>'a \<Rightarrow> 'a \<Rightarrow> 'a\<close> (infixr \<open>AND\<close> 64)
- and or :: \<open>'a \<Rightarrow> 'a \<Rightarrow> 'a\<close> (infixr \<open>OR\<close> 59)
- and xor :: \<open>'a \<Rightarrow> 'a \<Rightarrow> 'a\<close> (infixr \<open>XOR\<close> 59)
- assumes bit_and_iff: \<open>\<And>n. bit (a AND b) n \<longleftrightarrow> bit a n \<and> bit b n\<close>
- and bit_or_iff: \<open>\<And>n. bit (a OR b) n \<longleftrightarrow> bit a n \<or> bit b n\<close>
- and bit_xor_iff: \<open>\<And>n. bit (a XOR b) n \<longleftrightarrow> bit a n \<noteq> bit b n\<close>
-begin
-
-text \<open>
- We want the bitwise operations to bind slightly weaker
- than \<open>+\<close> and \<open>-\<close>.
- For the sake of code generation
- the operations \<^const>\<open>and\<close>, \<^const>\<open>or\<close> and \<^const>\<open>xor\<close>
- are specified as definitional class operations.
-\<close>
-
-sublocale "and": semilattice \<open>(AND)\<close>
- by standard (auto simp add: bit_eq_iff bit_and_iff)
-
-sublocale or: semilattice_neutr \<open>(OR)\<close> 0
- by standard (auto simp add: bit_eq_iff bit_or_iff)
-
-sublocale xor: comm_monoid \<open>(XOR)\<close> 0
- by standard (auto simp add: bit_eq_iff bit_xor_iff)
-
-lemma even_and_iff:
- \<open>even (a AND b) \<longleftrightarrow> even a \<or> even b\<close>
- using bit_and_iff [of a b 0] by auto
-
-lemma even_or_iff:
- \<open>even (a OR b) \<longleftrightarrow> even a \<and> even b\<close>
- using bit_or_iff [of a b 0] by auto
-
-lemma even_xor_iff:
- \<open>even (a XOR b) \<longleftrightarrow> (even a \<longleftrightarrow> even b)\<close>
- using bit_xor_iff [of a b 0] by auto
-
-lemma zero_and_eq [simp]:
- "0 AND a = 0"
- by (simp add: bit_eq_iff bit_and_iff)
-
-lemma and_zero_eq [simp]:
- "a AND 0 = 0"
- by (simp add: bit_eq_iff bit_and_iff)
-
-lemma one_and_eq:
- "1 AND a = a mod 2"
- by (simp add: bit_eq_iff bit_and_iff) (auto simp add: bit_1_iff)
-
-lemma and_one_eq:
- "a AND 1 = a mod 2"
- using one_and_eq [of a] by (simp add: ac_simps)
-
-lemma one_or_eq:
- "1 OR a = a + of_bool (even a)"
- by (simp add: bit_eq_iff bit_or_iff add.commute [of _ 1] even_bit_succ_iff) (auto simp add: bit_1_iff)
-
-lemma or_one_eq:
- "a OR 1 = a + of_bool (even a)"
- using one_or_eq [of a] by (simp add: ac_simps)
-
-lemma one_xor_eq:
- "1 XOR a = a + of_bool (even a) - of_bool (odd a)"
- by (simp add: bit_eq_iff bit_xor_iff add.commute [of _ 1] even_bit_succ_iff) (auto simp add: bit_1_iff odd_bit_iff_bit_pred elim: oddE)
-
-lemma xor_one_eq:
- "a XOR 1 = a + of_bool (even a) - of_bool (odd a)"
- using one_xor_eq [of a] by (simp add: ac_simps)
-
-lemma take_bit_and [simp]:
- \<open>take_bit n (a AND b) = take_bit n a AND take_bit n b\<close>
- by (auto simp add: bit_eq_iff bit_take_bit_iff bit_and_iff)
-
-lemma take_bit_or [simp]:
- \<open>take_bit n (a OR b) = take_bit n a OR take_bit n b\<close>
- by (auto simp add: bit_eq_iff bit_take_bit_iff bit_or_iff)
-
-lemma take_bit_xor [simp]:
- \<open>take_bit n (a XOR b) = take_bit n a XOR take_bit n b\<close>
- by (auto simp add: bit_eq_iff bit_take_bit_iff bit_xor_iff)
-
-definition mask :: \<open>nat \<Rightarrow> 'a\<close>
- where mask_eq_exp_minus_1: \<open>mask n = 2 ^ n - 1\<close>
-
-lemma bit_mask_iff:
- \<open>bit (mask m) n \<longleftrightarrow> 2 ^ n \<noteq> 0 \<and> n < m\<close>
- by (simp add: mask_eq_exp_minus_1 bit_mask_iff)
-
-lemma even_mask_iff:
- \<open>even (mask n) \<longleftrightarrow> n = 0\<close>
- using bit_mask_iff [of n 0] by auto
-
-lemma mask_0 [simp, code]:
- \<open>mask 0 = 0\<close>
- by (simp add: mask_eq_exp_minus_1)
-
-lemma mask_Suc_exp [code]:
- \<open>mask (Suc n) = 2 ^ n OR mask n\<close>
- by (rule bit_eqI)
- (auto simp add: bit_or_iff bit_mask_iff bit_exp_iff not_less le_less_Suc_eq)
-
-lemma mask_Suc_double:
- \<open>mask (Suc n) = 2 * mask n OR 1\<close>
-proof (rule bit_eqI)
- fix q
- assume \<open>2 ^ q \<noteq> 0\<close>
- show \<open>bit (mask (Suc n)) q \<longleftrightarrow> bit (2 * mask n OR 1) q\<close>
- by (cases q)
- (simp_all add: even_mask_iff even_or_iff bit_or_iff bit_mask_iff bit_exp_iff bit_double_iff not_less le_less_Suc_eq bit_1_iff, auto simp add: mult_2)
-qed
-
-lemma take_bit_eq_mask [code]:
- \<open>take_bit n a = a AND mask n\<close>
- by (rule bit_eqI)
- (auto simp add: bit_take_bit_iff bit_and_iff bit_mask_iff)
-
-end
-
-class ring_bit_operations = semiring_bit_operations + ring_parity +
- fixes not :: \<open>'a \<Rightarrow> 'a\<close> (\<open>NOT\<close>)
- assumes bit_not_iff: \<open>\<And>n. bit (NOT a) n \<longleftrightarrow> 2 ^ n \<noteq> 0 \<and> \<not> bit a n\<close>
- assumes minus_eq_not_minus_1: \<open>- a = NOT (a - 1)\<close>
-begin
-
-text \<open>
- For the sake of code generation \<^const>\<open>not\<close> is specified as
- definitional class operation. Note that \<^const>\<open>not\<close> has no
- sensible definition for unlimited but only positive bit strings
- (type \<^typ>\<open>nat\<close>).
-\<close>
-
-lemma bits_minus_1_mod_2_eq [simp]:
- \<open>(- 1) mod 2 = 1\<close>
- by (simp add: mod_2_eq_odd)
-
-lemma not_eq_complement:
- \<open>NOT a = - a - 1\<close>
- using minus_eq_not_minus_1 [of \<open>a + 1\<close>] by simp
-
-lemma minus_eq_not_plus_1:
- \<open>- a = NOT a + 1\<close>
- using not_eq_complement [of a] by simp
-
-lemma bit_minus_iff:
- \<open>bit (- a) n \<longleftrightarrow> 2 ^ n \<noteq> 0 \<and> \<not> bit (a - 1) n\<close>
- by (simp add: minus_eq_not_minus_1 bit_not_iff)
-
-lemma even_not_iff [simp]:
- "even (NOT a) \<longleftrightarrow> odd a"
- using bit_not_iff [of a 0] by auto
-
-lemma bit_not_exp_iff:
- \<open>bit (NOT (2 ^ m)) n \<longleftrightarrow> 2 ^ n \<noteq> 0 \<and> n \<noteq> m\<close>
- by (auto simp add: bit_not_iff bit_exp_iff)
-
-lemma bit_minus_1_iff [simp]:
- \<open>bit (- 1) n \<longleftrightarrow> 2 ^ n \<noteq> 0\<close>
- by (simp add: bit_minus_iff)
-
-lemma bit_minus_exp_iff:
- \<open>bit (- (2 ^ m)) n \<longleftrightarrow> 2 ^ n \<noteq> 0 \<and> n \<ge> m\<close>
- oops
-
-lemma bit_minus_2_iff [simp]:
- \<open>bit (- 2) n \<longleftrightarrow> 2 ^ n \<noteq> 0 \<and> n > 0\<close>
- by (simp add: bit_minus_iff bit_1_iff)
-
-lemma not_one [simp]:
- "NOT 1 = - 2"
- by (simp add: bit_eq_iff bit_not_iff) (simp add: bit_1_iff)
-
-sublocale "and": semilattice_neutr \<open>(AND)\<close> \<open>- 1\<close>
- apply standard
- apply (simp add: bit_eq_iff bit_and_iff)
- apply (auto simp add: exp_eq_0_imp_not_bit bit_exp_iff)
- done
-
-sublocale bit: boolean_algebra \<open>(AND)\<close> \<open>(OR)\<close> NOT 0 \<open>- 1\<close>
- rewrites \<open>bit.xor = (XOR)\<close>
-proof -
- interpret bit: boolean_algebra \<open>(AND)\<close> \<open>(OR)\<close> NOT 0 \<open>- 1\<close>
- apply standard
- apply (simp_all add: bit_eq_iff bit_and_iff bit_or_iff bit_not_iff)
- apply (auto simp add: exp_eq_0_imp_not_bit bit_exp_iff)
- done
- show \<open>boolean_algebra (AND) (OR) NOT 0 (- 1)\<close>
- by standard
- show \<open>boolean_algebra.xor (AND) (OR) NOT = (XOR)\<close>
- apply (auto simp add: fun_eq_iff bit.xor_def bit_eq_iff bit_and_iff bit_or_iff bit_not_iff bit_xor_iff)
- apply (simp_all add: bit_exp_iff, simp_all add: bit_def)
- apply (metis local.bit_exp_iff local.bits_div_by_0)
- apply (metis local.bit_exp_iff local.bits_div_by_0)
- done
-qed
-
-lemma and_eq_not_not_or:
- \<open>a AND b = NOT (NOT a OR NOT b)\<close>
- by simp
-
-lemma or_eq_not_not_and:
- \<open>a OR b = NOT (NOT a AND NOT b)\<close>
- by simp
-
-lemma push_bit_minus:
- \<open>push_bit n (- a) = - push_bit n a\<close>
- by (simp add: push_bit_eq_mult)
-
-lemma take_bit_not_take_bit:
- \<open>take_bit n (NOT (take_bit n a)) = take_bit n (NOT a)\<close>
- by (auto simp add: bit_eq_iff bit_take_bit_iff bit_not_iff)
-
-lemma take_bit_not_iff:
- "take_bit n (NOT a) = take_bit n (NOT b) \<longleftrightarrow> take_bit n a = take_bit n b"
- apply (simp add: bit_eq_iff bit_not_iff bit_take_bit_iff)
- apply (simp add: bit_exp_iff)
- apply (use local.exp_eq_0_imp_not_bit in blast)
- done
-
-lemma take_bit_minus_one_eq_mask:
- \<open>take_bit n (- 1) = mask n\<close>
- by (simp add: bit_eq_iff bit_mask_iff bit_take_bit_iff conj_commute)
-
-lemma push_bit_minus_one_eq_not_mask:
- \<open>push_bit n (- 1) = NOT (mask n)\<close>
-proof (rule bit_eqI)
- fix m
- assume \<open>2 ^ m \<noteq> 0\<close>
- show \<open>bit (push_bit n (- 1)) m \<longleftrightarrow> bit (NOT (mask n)) m\<close>
- proof (cases \<open>n \<le> m\<close>)
- case True
- moreover define q where \<open>q = m - n\<close>
- ultimately have \<open>m = n + q\<close> \<open>m - n = q\<close>
- by simp_all
- with \<open>2 ^ m \<noteq> 0\<close> have \<open>2 ^ n * 2 ^ q \<noteq> 0\<close>
- by (simp add: power_add)
- then have \<open>2 ^ q \<noteq> 0\<close>
- using mult_not_zero by blast
- with \<open>m - n = q\<close> show ?thesis
- by (auto simp add: bit_not_iff bit_mask_iff bit_push_bit_iff not_less)
- next
- case False
- then show ?thesis
- by (simp add: bit_not_iff bit_mask_iff bit_push_bit_iff not_le)
- qed
-qed
-
-definition set_bit :: \<open>nat \<Rightarrow> 'a \<Rightarrow> 'a\<close>
- where \<open>set_bit n a = a OR 2 ^ n\<close>
-
-definition unset_bit :: \<open>nat \<Rightarrow> 'a \<Rightarrow> 'a\<close>
- where \<open>unset_bit n a = a AND NOT (2 ^ n)\<close>
-
-definition flip_bit :: \<open>nat \<Rightarrow> 'a \<Rightarrow> 'a\<close>
- where \<open>flip_bit n a = a XOR 2 ^ n\<close>
-
-lemma bit_set_bit_iff:
- \<open>bit (set_bit m a) n \<longleftrightarrow> bit a n \<or> (m = n \<and> 2 ^ n \<noteq> 0)\<close>
- by (auto simp add: set_bit_def bit_or_iff bit_exp_iff)
-
-lemma even_set_bit_iff:
- \<open>even (set_bit m a) \<longleftrightarrow> even a \<and> m \<noteq> 0\<close>
- using bit_set_bit_iff [of m a 0] by auto
-
-lemma bit_unset_bit_iff:
- \<open>bit (unset_bit m a) n \<longleftrightarrow> bit a n \<and> m \<noteq> n\<close>
- by (auto simp add: unset_bit_def bit_and_iff bit_not_iff bit_exp_iff exp_eq_0_imp_not_bit)
-
-lemma even_unset_bit_iff:
- \<open>even (unset_bit m a) \<longleftrightarrow> even a \<or> m = 0\<close>
- using bit_unset_bit_iff [of m a 0] by auto
-
-lemma bit_flip_bit_iff:
- \<open>bit (flip_bit m a) n \<longleftrightarrow> (m = n \<longleftrightarrow> \<not> bit a n) \<and> 2 ^ n \<noteq> 0\<close>
- by (auto simp add: flip_bit_def bit_xor_iff bit_exp_iff exp_eq_0_imp_not_bit)
-
-lemma even_flip_bit_iff:
- \<open>even (flip_bit m a) \<longleftrightarrow> \<not> (even a \<longleftrightarrow> m = 0)\<close>
- using bit_flip_bit_iff [of m a 0] by auto
-
-lemma set_bit_0 [simp]:
- \<open>set_bit 0 a = 1 + 2 * (a div 2)\<close>
-proof (rule bit_eqI)
- fix m
- assume *: \<open>2 ^ m \<noteq> 0\<close>
- then show \<open>bit (set_bit 0 a) m = bit (1 + 2 * (a div 2)) m\<close>
- by (simp add: bit_set_bit_iff bit_double_iff even_bit_succ_iff)
- (cases m, simp_all add: bit_Suc)
-qed
-
-lemma set_bit_Suc:
- \<open>set_bit (Suc n) a = a mod 2 + 2 * set_bit n (a div 2)\<close>
-proof (rule bit_eqI)
- fix m
- assume *: \<open>2 ^ m \<noteq> 0\<close>
- show \<open>bit (set_bit (Suc n) a) m \<longleftrightarrow> bit (a mod 2 + 2 * set_bit n (a div 2)) m\<close>
- proof (cases m)
- case 0
- then show ?thesis
- by (simp add: even_set_bit_iff)
- next
- case (Suc m)
- with * have \<open>2 ^ m \<noteq> 0\<close>
- using mult_2 by auto
- show ?thesis
- by (cases a rule: parity_cases)
- (simp_all add: bit_set_bit_iff bit_double_iff even_bit_succ_iff *,
- simp_all add: Suc \<open>2 ^ m \<noteq> 0\<close> bit_Suc)
- qed
-qed
-
-lemma unset_bit_0 [simp]:
- \<open>unset_bit 0 a = 2 * (a div 2)\<close>
-proof (rule bit_eqI)
- fix m
- assume *: \<open>2 ^ m \<noteq> 0\<close>
- then show \<open>bit (unset_bit 0 a) m = bit (2 * (a div 2)) m\<close>
- by (simp add: bit_unset_bit_iff bit_double_iff)
- (cases m, simp_all add: bit_Suc)
-qed
-
-lemma unset_bit_Suc:
- \<open>unset_bit (Suc n) a = a mod 2 + 2 * unset_bit n (a div 2)\<close>
-proof (rule bit_eqI)
- fix m
- assume *: \<open>2 ^ m \<noteq> 0\<close>
- then show \<open>bit (unset_bit (Suc n) a) m \<longleftrightarrow> bit (a mod 2 + 2 * unset_bit n (a div 2)) m\<close>
- proof (cases m)
- case 0
- then show ?thesis
- by (simp add: even_unset_bit_iff)
- next
- case (Suc m)
- show ?thesis
- by (cases a rule: parity_cases)
- (simp_all add: bit_unset_bit_iff bit_double_iff even_bit_succ_iff *,
- simp_all add: Suc bit_Suc)
- qed
-qed
-
-lemma flip_bit_0 [simp]:
- \<open>flip_bit 0 a = of_bool (even a) + 2 * (a div 2)\<close>
-proof (rule bit_eqI)
- fix m
- assume *: \<open>2 ^ m \<noteq> 0\<close>
- then show \<open>bit (flip_bit 0 a) m = bit (of_bool (even a) + 2 * (a div 2)) m\<close>
- by (simp add: bit_flip_bit_iff bit_double_iff even_bit_succ_iff)
- (cases m, simp_all add: bit_Suc)
-qed
-
-lemma flip_bit_Suc:
- \<open>flip_bit (Suc n) a = a mod 2 + 2 * flip_bit n (a div 2)\<close>
-proof (rule bit_eqI)
- fix m
- assume *: \<open>2 ^ m \<noteq> 0\<close>
- show \<open>bit (flip_bit (Suc n) a) m \<longleftrightarrow> bit (a mod 2 + 2 * flip_bit n (a div 2)) m\<close>
- proof (cases m)
- case 0
- then show ?thesis
- by (simp add: even_flip_bit_iff)
- next
- case (Suc m)
- with * have \<open>2 ^ m \<noteq> 0\<close>
- using mult_2 by auto
- show ?thesis
- by (cases a rule: parity_cases)
- (simp_all add: bit_flip_bit_iff bit_double_iff even_bit_succ_iff,
- simp_all add: Suc \<open>2 ^ m \<noteq> 0\<close> bit_Suc)
- qed
-qed
-
-end
-
-
-subsubsection \<open>Instance \<^typ>\<open>int\<close>\<close>
-
-instantiation int :: ring_bit_operations
-begin
-
-definition not_int :: \<open>int \<Rightarrow> int\<close>
- where \<open>not_int k = - k - 1\<close>
-
-lemma not_int_rec:
- "NOT k = of_bool (even k) + 2 * NOT (k div 2)" for k :: int
- by (auto simp add: not_int_def elim: oddE)
-
-lemma even_not_iff_int:
- \<open>even (NOT k) \<longleftrightarrow> odd k\<close> for k :: int
- by (simp add: not_int_def)
-
-lemma not_int_div_2:
- \<open>NOT k div 2 = NOT (k div 2)\<close> for k :: int
- by (simp add: not_int_def)
-
-lemma bit_not_int_iff:
- \<open>bit (NOT k) n \<longleftrightarrow> \<not> bit k n\<close>
- for k :: int
- by (induction n arbitrary: k) (simp_all add: not_int_div_2 even_not_iff_int bit_Suc)
-
-function and_int :: \<open>int \<Rightarrow> int \<Rightarrow> int\<close>
- where \<open>(k::int) AND l = (if k \<in> {0, - 1} \<and> l \<in> {0, - 1}
- then - of_bool (odd k \<and> odd l)
- else of_bool (odd k \<and> odd l) + 2 * ((k div 2) AND (l div 2)))\<close>
- by auto
-
-termination
- by (relation \<open>measure (\<lambda>(k, l). nat (\<bar>k\<bar> + \<bar>l\<bar>))\<close>) auto
-
-declare and_int.simps [simp del]
-
-lemma and_int_rec:
- \<open>k AND l = of_bool (odd k \<and> odd l) + 2 * ((k div 2) AND (l div 2))\<close>
- for k l :: int
-proof (cases \<open>k \<in> {0, - 1} \<and> l \<in> {0, - 1}\<close>)
- case True
- then show ?thesis
- by auto (simp_all add: and_int.simps)
-next
- case False
- then show ?thesis
- by (auto simp add: ac_simps and_int.simps [of k l])
-qed
-
-lemma bit_and_int_iff:
- \<open>bit (k AND l) n \<longleftrightarrow> bit k n \<and> bit l n\<close> for k l :: int
-proof (induction n arbitrary: k l)
- case 0
- then show ?case
- by (simp add: and_int_rec [of k l])
-next
- case (Suc n)
- then show ?case
- by (simp add: and_int_rec [of k l] bit_Suc)
-qed
-
-lemma even_and_iff_int:
- \<open>even (k AND l) \<longleftrightarrow> even k \<or> even l\<close> for k l :: int
- using bit_and_int_iff [of k l 0] by auto
-
-definition or_int :: \<open>int \<Rightarrow> int \<Rightarrow> int\<close>
- where \<open>k OR l = NOT (NOT k AND NOT l)\<close> for k l :: int
-
-lemma or_int_rec:
- \<open>k OR l = of_bool (odd k \<or> odd l) + 2 * ((k div 2) OR (l div 2))\<close>
- for k l :: int
- using and_int_rec [of \<open>NOT k\<close> \<open>NOT l\<close>]
- by (simp add: or_int_def even_not_iff_int not_int_div_2)
- (simp add: not_int_def)
-
-lemma bit_or_int_iff:
- \<open>bit (k OR l) n \<longleftrightarrow> bit k n \<or> bit l n\<close> for k l :: int
- by (simp add: or_int_def bit_not_int_iff bit_and_int_iff)
-
-definition xor_int :: \<open>int \<Rightarrow> int \<Rightarrow> int\<close>
- where \<open>k XOR l = k AND NOT l OR NOT k AND l\<close> for k l :: int
-
-lemma xor_int_rec:
- \<open>k XOR l = of_bool (odd k \<noteq> odd l) + 2 * ((k div 2) XOR (l div 2))\<close>
- for k l :: int
- by (simp add: xor_int_def or_int_rec [of \<open>k AND NOT l\<close> \<open>NOT k AND l\<close>] even_and_iff_int even_not_iff_int)
- (simp add: and_int_rec [of \<open>NOT k\<close> \<open>l\<close>] and_int_rec [of \<open>k\<close> \<open>NOT l\<close>] not_int_div_2)
-
-lemma bit_xor_int_iff:
- \<open>bit (k XOR l) n \<longleftrightarrow> bit k n \<noteq> bit l n\<close> for k l :: int
- by (auto simp add: xor_int_def bit_or_int_iff bit_and_int_iff bit_not_int_iff)
-
-instance proof
- fix k l :: int and n :: nat
- show \<open>- k = NOT (k - 1)\<close>
- by (simp add: not_int_def)
- show \<open>bit (k AND l) n \<longleftrightarrow> bit k n \<and> bit l n\<close>
- by (fact bit_and_int_iff)
- show \<open>bit (k OR l) n \<longleftrightarrow> bit k n \<or> bit l n\<close>
- by (fact bit_or_int_iff)
- show \<open>bit (k XOR l) n \<longleftrightarrow> bit k n \<noteq> bit l n\<close>
- by (fact bit_xor_int_iff)
-qed (simp_all add: bit_not_int_iff)
-
-end
-
-lemma not_nonnegative_int_iff [simp]:
- \<open>NOT k \<ge> 0 \<longleftrightarrow> k < 0\<close> for k :: int
- by (simp add: not_int_def)
-
-lemma not_negative_int_iff [simp]:
- \<open>NOT k < 0 \<longleftrightarrow> k \<ge> 0\<close> for k :: int
- by (subst Not_eq_iff [symmetric]) (simp add: not_less not_le)
-
-lemma and_nonnegative_int_iff [simp]:
- \<open>k AND l \<ge> 0 \<longleftrightarrow> k \<ge> 0 \<or> l \<ge> 0\<close> for k l :: int
-proof (induction k arbitrary: l rule: int_bit_induct)
- case zero
- then show ?case
- by simp
-next
- case minus
- then show ?case
- by simp
-next
- case (even k)
- then show ?case
- using and_int_rec [of \<open>k * 2\<close> l] by (simp add: pos_imp_zdiv_nonneg_iff)
-next
- case (odd k)
- from odd have \<open>0 \<le> k AND l div 2 \<longleftrightarrow> 0 \<le> k \<or> 0 \<le> l div 2\<close>
- by simp
- then have \<open>0 \<le> (1 + k * 2) div 2 AND l div 2 \<longleftrightarrow> 0 \<le> (1 + k * 2) div 2\<or> 0 \<le> l div 2\<close>
- by simp
- with and_int_rec [of \<open>1 + k * 2\<close> l]
- show ?case
- by auto
-qed
-
-lemma and_negative_int_iff [simp]:
- \<open>k AND l < 0 \<longleftrightarrow> k < 0 \<and> l < 0\<close> for k l :: int
- by (subst Not_eq_iff [symmetric]) (simp add: not_less)
-
-lemma or_nonnegative_int_iff [simp]:
- \<open>k OR l \<ge> 0 \<longleftrightarrow> k \<ge> 0 \<and> l \<ge> 0\<close> for k l :: int
- by (simp only: or_eq_not_not_and not_nonnegative_int_iff) simp
-
-lemma or_negative_int_iff [simp]:
- \<open>k OR l < 0 \<longleftrightarrow> k < 0 \<or> l < 0\<close> for k l :: int
- by (subst Not_eq_iff [symmetric]) (simp add: not_less)
-
-lemma xor_nonnegative_int_iff [simp]:
- \<open>k XOR l \<ge> 0 \<longleftrightarrow> (k \<ge> 0 \<longleftrightarrow> l \<ge> 0)\<close> for k l :: int
- by (simp only: bit.xor_def or_nonnegative_int_iff) auto
-
-lemma xor_negative_int_iff [simp]:
- \<open>k XOR l < 0 \<longleftrightarrow> (k < 0) \<noteq> (l < 0)\<close> for k l :: int
- by (subst Not_eq_iff [symmetric]) (auto simp add: not_less)
-
-lemma set_bit_nonnegative_int_iff [simp]:
- \<open>set_bit n k \<ge> 0 \<longleftrightarrow> k \<ge> 0\<close> for k :: int
- by (simp add: set_bit_def)
-
-lemma set_bit_negative_int_iff [simp]:
- \<open>set_bit n k < 0 \<longleftrightarrow> k < 0\<close> for k :: int
- by (simp add: set_bit_def)
-
-lemma unset_bit_nonnegative_int_iff [simp]:
- \<open>unset_bit n k \<ge> 0 \<longleftrightarrow> k \<ge> 0\<close> for k :: int
- by (simp add: unset_bit_def)
-
-lemma unset_bit_negative_int_iff [simp]:
- \<open>unset_bit n k < 0 \<longleftrightarrow> k < 0\<close> for k :: int
- by (simp add: unset_bit_def)
-
-lemma flip_bit_nonnegative_int_iff [simp]:
- \<open>flip_bit n k \<ge> 0 \<longleftrightarrow> k \<ge> 0\<close> for k :: int
- by (simp add: flip_bit_def)
-
-lemma flip_bit_negative_int_iff [simp]:
- \<open>flip_bit n k < 0 \<longleftrightarrow> k < 0\<close> for k :: int
- by (simp add: flip_bit_def)
-
-
-subsubsection \<open>Instance \<^typ>\<open>nat\<close>\<close>
-
-instantiation nat :: semiring_bit_operations
-begin
-
-definition and_nat :: \<open>nat \<Rightarrow> nat \<Rightarrow> nat\<close>
- where \<open>m AND n = nat (int m AND int n)\<close> for m n :: nat
-
-definition or_nat :: \<open>nat \<Rightarrow> nat \<Rightarrow> nat\<close>
- where \<open>m OR n = nat (int m OR int n)\<close> for m n :: nat
-
-definition xor_nat :: \<open>nat \<Rightarrow> nat \<Rightarrow> nat\<close>
- where \<open>m XOR n = nat (int m XOR int n)\<close> for m n :: nat
-
-instance proof
- fix m n q :: nat
- show \<open>bit (m AND n) q \<longleftrightarrow> bit m q \<and> bit n q\<close>
- by (auto simp add: and_nat_def bit_and_iff less_le bit_eq_iff)
- show \<open>bit (m OR n) q \<longleftrightarrow> bit m q \<or> bit n q\<close>
- by (auto simp add: or_nat_def bit_or_iff less_le bit_eq_iff)
- show \<open>bit (m XOR n) q \<longleftrightarrow> bit m q \<noteq> bit n q\<close>
- by (auto simp add: xor_nat_def bit_xor_iff less_le bit_eq_iff)
-qed
-
-end
-
-lemma and_nat_rec:
- \<open>m AND n = of_bool (odd m \<and> odd n) + 2 * ((m div 2) AND (n div 2))\<close> for m n :: nat
- by (simp add: and_nat_def and_int_rec [of \<open>int m\<close> \<open>int n\<close>] zdiv_int nat_add_distrib nat_mult_distrib)
-
-lemma or_nat_rec:
- \<open>m OR n = of_bool (odd m \<or> odd n) + 2 * ((m div 2) OR (n div 2))\<close> for m n :: nat
- by (simp add: or_nat_def or_int_rec [of \<open>int m\<close> \<open>int n\<close>] zdiv_int nat_add_distrib nat_mult_distrib)
-
-lemma xor_nat_rec:
- \<open>m XOR n = of_bool (odd m \<noteq> odd n) + 2 * ((m div 2) XOR (n div 2))\<close> for m n :: nat
- by (simp add: xor_nat_def xor_int_rec [of \<open>int m\<close> \<open>int n\<close>] zdiv_int nat_add_distrib nat_mult_distrib)
-
-lemma Suc_0_and_eq [simp]:
- \<open>Suc 0 AND n = n mod 2\<close>
- using one_and_eq [of n] by simp
-
-lemma and_Suc_0_eq [simp]:
- \<open>n AND Suc 0 = n mod 2\<close>
- using and_one_eq [of n] by simp
-
-lemma Suc_0_or_eq:
- \<open>Suc 0 OR n = n + of_bool (even n)\<close>
- using one_or_eq [of n] by simp
-
-lemma or_Suc_0_eq:
- \<open>n OR Suc 0 = n + of_bool (even n)\<close>
- using or_one_eq [of n] by simp
-
-lemma Suc_0_xor_eq:
- \<open>Suc 0 XOR n = n + of_bool (even n) - of_bool (odd n)\<close>
- using one_xor_eq [of n] by simp
-
-lemma xor_Suc_0_eq:
- \<open>n XOR Suc 0 = n + of_bool (even n) - of_bool (odd n)\<close>
- using xor_one_eq [of n] by simp
-
-
-subsubsection \<open>Instances for \<^typ>\<open>integer\<close> and \<^typ>\<open>natural\<close>\<close>
-
-unbundle integer.lifting natural.lifting
-
-context
- includes lifting_syntax
-begin
-
-lemma transfer_rule_bit_integer [transfer_rule]:
- \<open>((pcr_integer :: int \<Rightarrow> integer \<Rightarrow> bool) ===> (=)) bit bit\<close>
- by (unfold bit_def) transfer_prover
-
-lemma transfer_rule_bit_natural [transfer_rule]:
- \<open>((pcr_natural :: nat \<Rightarrow> natural \<Rightarrow> bool) ===> (=)) bit bit\<close>
- by (unfold bit_def) transfer_prover
-
-end
-
-instantiation integer :: ring_bit_operations
-begin
-
-lift_definition not_integer :: \<open>integer \<Rightarrow> integer\<close>
- is not .
-
-lift_definition and_integer :: \<open>integer \<Rightarrow> integer \<Rightarrow> integer\<close>
- is \<open>and\<close> .
-
-lift_definition or_integer :: \<open>integer \<Rightarrow> integer \<Rightarrow> integer\<close>
- is or .
-
-lift_definition xor_integer :: \<open>integer \<Rightarrow> integer \<Rightarrow> integer\<close>
- is xor .
-
-instance proof
- fix k l :: \<open>integer\<close> and n :: nat
- show \<open>- k = NOT (k - 1)\<close>
- by transfer (simp add: minus_eq_not_minus_1)
- show \<open>bit (NOT k) n \<longleftrightarrow> (2 :: integer) ^ n \<noteq> 0 \<and> \<not> bit k n\<close>
- by transfer (fact bit_not_iff)
- show \<open>bit (k AND l) n \<longleftrightarrow> bit k n \<and> bit l n\<close>
- by transfer (fact bit_and_iff)
- show \<open>bit (k OR l) n \<longleftrightarrow> bit k n \<or> bit l n\<close>
- by transfer (fact bit_or_iff)
- show \<open>bit (k XOR l) n \<longleftrightarrow> bit k n \<noteq> bit l n\<close>
- by transfer (fact bit_xor_iff)
-qed
-
-end
-
-instantiation natural :: semiring_bit_operations
-begin
-
-lift_definition and_natural :: \<open>natural \<Rightarrow> natural \<Rightarrow> natural\<close>
- is \<open>and\<close> .
-
-lift_definition or_natural :: \<open>natural \<Rightarrow> natural \<Rightarrow> natural\<close>
- is or .
-
-lift_definition xor_natural :: \<open>natural \<Rightarrow> natural \<Rightarrow> natural\<close>
- is xor .
-
-instance proof
- fix m n :: \<open>natural\<close> and q :: nat
- show \<open>bit (m AND n) q \<longleftrightarrow> bit m q \<and> bit n q\<close>
- by transfer (fact bit_and_iff)
- show \<open>bit (m OR n) q \<longleftrightarrow> bit m q \<or> bit n q\<close>
- by transfer (fact bit_or_iff)
- show \<open>bit (m XOR n) q \<longleftrightarrow> bit m q \<noteq> bit n q\<close>
- by transfer (fact bit_xor_iff)
-qed
-
-end
-
-lifting_update integer.lifting
-lifting_forget integer.lifting
-
-lifting_update natural.lifting
-lifting_forget natural.lifting
-
-
-subsection \<open>Key ideas of bit operations\<close>
-
-text \<open>
- When formalizing bit operations, it is tempting to represent
- bit values as explicit lists over a binary type. This however
- is a bad idea, mainly due to the inherent ambiguities in
- representation concerning repeating leading bits.
-
- Hence this approach avoids such explicit lists altogether
- following an algebraic path:
-
- \<^item> Bit values are represented by numeric types: idealized
- unbounded bit values can be represented by type \<^typ>\<open>int\<close>,
- bounded bit values by quotient types over \<^typ>\<open>int\<close>.
-
- \<^item> (A special case are idealized unbounded bit values ending
- in @{term [source] 0} which can be represented by type \<^typ>\<open>nat\<close> but
- only support a restricted set of operations).
-
- \<^item> From this idea follows that
-
- \<^item> multiplication by \<^term>\<open>2 :: int\<close> is a bit shift to the left and
-
- \<^item> division by \<^term>\<open>2 :: int\<close> is a bit shift to the right.
-
- \<^item> Concerning bounded bit values, iterated shifts to the left
- may result in eliminating all bits by shifting them all
- beyond the boundary. The property \<^prop>\<open>(2 :: int) ^ n \<noteq> 0\<close>
- represents that \<^term>\<open>n\<close> is \<^emph>\<open>not\<close> beyond that boundary.
-
- \<^item> The projection on a single bit is then @{thm bit_def [where ?'a = int, no_vars]}.
-
- \<^item> This leads to the most fundamental properties of bit values:
-
- \<^item> Equality rule: @{thm bit_eqI [where ?'a = int, no_vars]}
-
- \<^item> Induction rule: @{thm bits_induct [where ?'a = int, no_vars]}
-
- \<^item> Typical operations are characterized as follows:
-
- \<^item> Singleton \<^term>\<open>n\<close>th bit: \<^term>\<open>(2 :: int) ^ n\<close>
-
- \<^item> Bit mask upto bit \<^term>\<open>n\<close>: @{thm mask_eq_exp_minus_1 [where ?'a = int, no_vars]}}
-
- \<^item> Left shift: @{thm push_bit_eq_mult [where ?'a = int, no_vars]}
-
- \<^item> Right shift: @{thm drop_bit_eq_div [where ?'a = int, no_vars]}
-
- \<^item> Truncation: @{thm take_bit_eq_mod [where ?'a = int, no_vars]}
-
- \<^item> Negation: @{thm bit_not_iff [where ?'a = int, no_vars]}
-
- \<^item> And: @{thm bit_and_iff [where ?'a = int, no_vars]}
-
- \<^item> Or: @{thm bit_or_iff [where ?'a = int, no_vars]}
-
- \<^item> Xor: @{thm bit_xor_iff [where ?'a = int, no_vars]}
-
- \<^item> Set a single bit: @{thm set_bit_def [where ?'a = int, no_vars]}
-
- \<^item> Unset a single bit: @{thm unset_bit_def [where ?'a = int, no_vars]}
-
- \<^item> Flip a single bit: @{thm flip_bit_def [where ?'a = int, no_vars]}
-\<close>
-
-end
--- a/src/HOL/ex/Word.thy Thu Jun 18 09:07:30 2020 +0000
+++ b/src/HOL/ex/Word.thy Thu Jun 18 09:07:30 2020 +0000
@@ -7,7 +7,7 @@
imports
Main
"HOL-Library.Type_Length"
- "HOL-ex.Bit_Operations"
+ "HOL-Library.Bit_Operations"
begin
subsection \<open>Preliminaries\<close>