# Theory Bin

Up to index of Isabelle/ZF

theory Bin
imports Int_ZF Datatype_ZF
`(*  Title:      ZF/Bin.thy    Author:     Lawrence C Paulson, Cambridge University Computer Laboratory    Copyright   1994  University of Cambridge   The sign Pls stands for an infinite string of leading 0's.   The sign Min stands for an infinite string of leading 1's.A number can have multiple representations, namely leading 0's with signPls and leading 1's with sign Min.  See twos-compl.ML/int_of_binary forthe numerical interpretation.The representation expects that (m mod 2) is 0 or 1, even if m is negative;For instance, ~5 div 2 = ~3 and ~5 mod 2 = 1; thus ~5 = (~3)*2 + 1*)header{*Arithmetic on Binary Integers*}theory Binimports Int_ZF Datatype_ZFbeginconsts  bin :: idatatype  "bin" = Pls        | Min        | Bit ("w ∈ bin", "b ∈ bool")     (infixl "BIT" 90)consts  integ_of  :: "i=>i"  NCons     :: "[i,i]=>i"  bin_succ  :: "i=>i"  bin_pred  :: "i=>i"  bin_minus :: "i=>i"  bin_adder :: "i=>i"  bin_mult  :: "[i,i]=>i"primrec  integ_of_Pls:  "integ_of (Pls)     = \$# 0"  integ_of_Min:  "integ_of (Min)     = \$-(\$#1)"  integ_of_BIT:  "integ_of (w BIT b) = \$#b \$+ integ_of(w) \$+ integ_of(w)"    (** recall that cond(1,b,c)=b and cond(0,b,c)=0 **)primrec (*NCons adds a bit, suppressing leading 0s and 1s*)  NCons_Pls: "NCons (Pls,b)     = cond(b,Pls BIT b,Pls)"  NCons_Min: "NCons (Min,b)     = cond(b,Min,Min BIT b)"  NCons_BIT: "NCons (w BIT c,b) = w BIT c BIT b"primrec (*successor.  If a BIT, can change a 0 to a 1 without recursion.*)  bin_succ_Pls:  "bin_succ (Pls)     = Pls BIT 1"  bin_succ_Min:  "bin_succ (Min)     = Pls"  bin_succ_BIT:  "bin_succ (w BIT b) = cond(b, bin_succ(w) BIT 0, NCons(w,1))"primrec (*predecessor*)  bin_pred_Pls:  "bin_pred (Pls)     = Min"  bin_pred_Min:  "bin_pred (Min)     = Min BIT 0"  bin_pred_BIT:  "bin_pred (w BIT b) = cond(b, NCons(w,0), bin_pred(w) BIT 1)"primrec (*unary negation*)  bin_minus_Pls:    "bin_minus (Pls)       = Pls"  bin_minus_Min:    "bin_minus (Min)       = Pls BIT 1"  bin_minus_BIT:    "bin_minus (w BIT b) = cond(b, bin_pred(NCons(bin_minus(w),0)),                                bin_minus(w) BIT 0)"primrec (*sum*)  bin_adder_Pls:    "bin_adder (Pls)     = (λw∈bin. w)"  bin_adder_Min:    "bin_adder (Min)     = (λw∈bin. bin_pred(w))"  bin_adder_BIT:    "bin_adder (v BIT x) =       (λw∈bin.         bin_case (v BIT x, bin_pred(v BIT x),                   %w y. NCons(bin_adder (v) ` cond(x and y, bin_succ(w), w),                               x xor y),                   w))"(*The bin_case above replaces the following mutually recursive function:primrec  "adding (v,x,Pls)     = v BIT x"  "adding (v,x,Min)     = bin_pred(v BIT x)"  "adding (v,x,w BIT y) = NCons(bin_adder (v, cond(x and y, bin_succ(w), w)),                                x xor y)"*)definition  bin_add   :: "[i,i]=>i"  where    "bin_add(v,w) == bin_adder(v)`w"primrec  bin_mult_Pls:    "bin_mult (Pls,w)     = Pls"  bin_mult_Min:    "bin_mult (Min,w)     = bin_minus(w)"  bin_mult_BIT:    "bin_mult (v BIT b,w) = cond(b, bin_add(NCons(bin_mult(v,w),0),w),                                 NCons(bin_mult(v,w),0))"syntax  "_Int"    :: "xnum_token => i"        ("_")ML_file "Tools/numeral_syntax.ML"setup Numeral_Syntax.setupdeclare bin.intros [simp,TC]lemma NCons_Pls_0: "NCons(Pls,0) = Pls"by simplemma NCons_Pls_1: "NCons(Pls,1) = Pls BIT 1"by simplemma NCons_Min_0: "NCons(Min,0) = Min BIT 0"by simplemma NCons_Min_1: "NCons(Min,1) = Min"by simplemma NCons_BIT: "NCons(w BIT x,b) = w BIT x BIT b"by (simp add: bin.case_eqns)lemmas NCons_simps [simp] =    NCons_Pls_0 NCons_Pls_1 NCons_Min_0 NCons_Min_1 NCons_BIT(** Type checking **)lemma integ_of_type [TC]: "w ∈ bin ==> integ_of(w) ∈ int"apply (induct_tac "w")apply (simp_all add: bool_into_nat)donelemma NCons_type [TC]: "[| w ∈ bin; b ∈ bool |] ==> NCons(w,b) ∈ bin"by (induct_tac "w", auto)lemma bin_succ_type [TC]: "w ∈ bin ==> bin_succ(w) ∈ bin"by (induct_tac "w", auto)lemma bin_pred_type [TC]: "w ∈ bin ==> bin_pred(w) ∈ bin"by (induct_tac "w", auto)lemma bin_minus_type [TC]: "w ∈ bin ==> bin_minus(w) ∈ bin"by (induct_tac "w", auto)(*This proof is complicated by the mutual recursion*)lemma bin_add_type [rule_format,TC]:     "v ∈ bin ==> ∀w∈bin. bin_add(v,w) ∈ bin"apply (unfold bin_add_def)apply (induct_tac "v")apply (rule_tac [3] ballI)apply (rename_tac [3] "w'")apply (induct_tac [3] "w'")apply (simp_all add: NCons_type)donelemma bin_mult_type [TC]: "[| v ∈ bin; w ∈ bin |] ==> bin_mult(v,w) ∈ bin"by (induct_tac "v", auto)subsubsection{*The Carry and Borrow Functions,            @{term bin_succ} and @{term bin_pred}*}(*NCons preserves the integer value of its argument*)lemma integ_of_NCons [simp]:     "[| w ∈ bin; b ∈ bool |] ==> integ_of(NCons(w,b)) = integ_of(w BIT b)"apply (erule bin.cases)apply (auto elim!: boolE)donelemma integ_of_succ [simp]:     "w ∈ bin ==> integ_of(bin_succ(w)) = \$#1 \$+ integ_of(w)"apply (erule bin.induct)apply (auto simp add: zadd_ac elim!: boolE)donelemma integ_of_pred [simp]:     "w ∈ bin ==> integ_of(bin_pred(w)) = \$- (\$#1) \$+ integ_of(w)"apply (erule bin.induct)apply (auto simp add: zadd_ac elim!: boolE)donesubsubsection{*@{term bin_minus}: Unary Negation of Binary Integers*}lemma integ_of_minus: "w ∈ bin ==> integ_of(bin_minus(w)) = \$- integ_of(w)"apply (erule bin.induct)apply (auto simp add: zadd_ac zminus_zadd_distrib  elim!: boolE)donesubsubsection{*@{term bin_add}: Binary Addition*}lemma bin_add_Pls [simp]: "w ∈ bin ==> bin_add(Pls,w) = w"by (unfold bin_add_def, simp)lemma bin_add_Pls_right: "w ∈ bin ==> bin_add(w,Pls) = w"apply (unfold bin_add_def)apply (erule bin.induct, auto)donelemma bin_add_Min [simp]: "w ∈ bin ==> bin_add(Min,w) = bin_pred(w)"by (unfold bin_add_def, simp)lemma bin_add_Min_right: "w ∈ bin ==> bin_add(w,Min) = bin_pred(w)"apply (unfold bin_add_def)apply (erule bin.induct, auto)donelemma bin_add_BIT_Pls [simp]: "bin_add(v BIT x,Pls) = v BIT x"by (unfold bin_add_def, simp)lemma bin_add_BIT_Min [simp]: "bin_add(v BIT x,Min) = bin_pred(v BIT x)"by (unfold bin_add_def, simp)lemma bin_add_BIT_BIT [simp]:     "[| w ∈ bin;  y ∈ bool |]      ==> bin_add(v BIT x, w BIT y) =          NCons(bin_add(v, cond(x and y, bin_succ(w), w)), x xor y)"by (unfold bin_add_def, simp)lemma integ_of_add [rule_format]:     "v ∈ bin ==>          ∀w∈bin. integ_of(bin_add(v,w)) = integ_of(v) \$+ integ_of(w)"apply (erule bin.induct, simp, simp)apply (rule ballI)apply (induct_tac "wa")apply (auto simp add: zadd_ac elim!: boolE)done(*Subtraction*)lemma diff_integ_of_eq:     "[| v ∈ bin;  w ∈ bin |]      ==> integ_of(v) \$- integ_of(w) = integ_of(bin_add (v, bin_minus(w)))"apply (unfold zdiff_def)apply (simp add: integ_of_add integ_of_minus)donesubsubsection{*@{term bin_mult}: Binary Multiplication*}lemma integ_of_mult:     "[| v ∈ bin;  w ∈ bin |]      ==> integ_of(bin_mult(v,w)) = integ_of(v) \$* integ_of(w)"apply (induct_tac "v", simp)apply (simp add: integ_of_minus)apply (auto simp add: zadd_ac integ_of_add zadd_zmult_distrib  elim!: boolE)donesubsection{*Computations*}(** extra rules for bin_succ, bin_pred **)lemma bin_succ_1: "bin_succ(w BIT 1) = bin_succ(w) BIT 0"by simplemma bin_succ_0: "bin_succ(w BIT 0) = NCons(w,1)"by simplemma bin_pred_1: "bin_pred(w BIT 1) = NCons(w,0)"by simplemma bin_pred_0: "bin_pred(w BIT 0) = bin_pred(w) BIT 1"by simp(** extra rules for bin_minus **)lemma bin_minus_1: "bin_minus(w BIT 1) = bin_pred(NCons(bin_minus(w), 0))"by simplemma bin_minus_0: "bin_minus(w BIT 0) = bin_minus(w) BIT 0"by simp(** extra rules for bin_add **)lemma bin_add_BIT_11: "w ∈ bin ==> bin_add(v BIT 1, w BIT 1) =                     NCons(bin_add(v, bin_succ(w)), 0)"by simplemma bin_add_BIT_10: "w ∈ bin ==> bin_add(v BIT 1, w BIT 0) =                     NCons(bin_add(v,w), 1)"by simplemma bin_add_BIT_0: "[| w ∈ bin;  y ∈ bool |]      ==> bin_add(v BIT 0, w BIT y) = NCons(bin_add(v,w), y)"by simp(** extra rules for bin_mult **)lemma bin_mult_1: "bin_mult(v BIT 1, w) = bin_add(NCons(bin_mult(v,w),0), w)"by simplemma bin_mult_0: "bin_mult(v BIT 0, w) = NCons(bin_mult(v,w),0)"by simp(** Simplification rules with integer constants **)lemma int_of_0: "\$#0 = #0"by simplemma int_of_succ: "\$# succ(n) = #1 \$+ \$#n"by (simp add: int_of_add [symmetric] natify_succ)lemma zminus_0 [simp]: "\$- #0 = #0"by simplemma zadd_0_intify [simp]: "#0 \$+ z = intify(z)"by simplemma zadd_0_right_intify [simp]: "z \$+ #0 = intify(z)"by simplemma zmult_1_intify [simp]: "#1 \$* z = intify(z)"by simplemma zmult_1_right_intify [simp]: "z \$* #1 = intify(z)"by (subst zmult_commute, simp)lemma zmult_0 [simp]: "#0 \$* z = #0"by simplemma zmult_0_right [simp]: "z \$* #0 = #0"by (subst zmult_commute, simp)lemma zmult_minus1 [simp]: "#-1 \$* z = \$-z"by (simp add: zcompare_rls)lemma zmult_minus1_right [simp]: "z \$* #-1 = \$-z"apply (subst zmult_commute)apply (rule zmult_minus1)donesubsection{*Simplification Rules for Comparison of Binary Numbers*}text{*Thanks to Norbert Voelker*}(** Equals (=) **)lemma eq_integ_of_eq:     "[| v ∈ bin;  w ∈ bin |]      ==> ((integ_of(v)) = integ_of(w)) <->          iszero (integ_of (bin_add (v, bin_minus(w))))"apply (unfold iszero_def)apply (simp add: zcompare_rls integ_of_add integ_of_minus)donelemma iszero_integ_of_Pls: "iszero (integ_of(Pls))"by (unfold iszero_def, simp)lemma nonzero_integ_of_Min: "~ iszero (integ_of(Min))"apply (unfold iszero_def)apply (simp add: zminus_equation)donelemma iszero_integ_of_BIT:     "[| w ∈ bin; x ∈ bool |]      ==> iszero (integ_of (w BIT x)) <-> (x=0 & iszero (integ_of(w)))"apply (unfold iszero_def, simp)apply (subgoal_tac "integ_of (w) ∈ int")apply typecheckapply (drule int_cases)apply (safe elim!: boolE)apply (simp_all (asm_lr) add: zcompare_rls zminus_zadd_distrib [symmetric]                     int_of_add [symmetric])donelemma iszero_integ_of_0:     "w ∈ bin ==> iszero (integ_of (w BIT 0)) <-> iszero (integ_of(w))"by (simp only: iszero_integ_of_BIT, blast)lemma iszero_integ_of_1: "w ∈ bin ==> ~ iszero (integ_of (w BIT 1))"by (simp only: iszero_integ_of_BIT, blast)(** Less-than (<) **)lemma less_integ_of_eq_neg:     "[| v ∈ bin;  w ∈ bin |]      ==> integ_of(v) \$< integ_of(w)          <-> znegative (integ_of (bin_add (v, bin_minus(w))))"apply (unfold zless_def zdiff_def)apply (simp add: integ_of_minus integ_of_add)donelemma not_neg_integ_of_Pls: "~ znegative (integ_of(Pls))"by simplemma neg_integ_of_Min: "znegative (integ_of(Min))"by simplemma neg_integ_of_BIT:     "[| w ∈ bin; x ∈ bool |]      ==> znegative (integ_of (w BIT x)) <-> znegative (integ_of(w))"apply simpapply (subgoal_tac "integ_of (w) ∈ int")apply typecheckapply (drule int_cases)apply (auto elim!: boolE simp add: int_of_add [symmetric]  zcompare_rls)apply (simp_all add: zminus_zadd_distrib [symmetric] zdiff_def                     int_of_add [symmetric])apply (subgoal_tac "\$#1 \$- \$# succ (succ (n #+ n)) = \$- \$# succ (n #+ n) ") apply (simp add: zdiff_def)apply (simp add: equation_zminus int_of_diff [symmetric])done(** Less-than-or-equals (<=) **)lemma le_integ_of_eq_not_less:     "(integ_of(x) \$<= (integ_of(w))) <-> ~ (integ_of(w) \$< (integ_of(x)))"by (simp add: not_zless_iff_zle [THEN iff_sym])(*Delete the original rewrites, with their clumsy conditional expressions*)declare bin_succ_BIT [simp del]        bin_pred_BIT [simp del]        bin_minus_BIT [simp del]        NCons_Pls [simp del]        NCons_Min [simp del]        bin_adder_BIT [simp del]        bin_mult_BIT [simp del](*Hide the binary representation of integer constants*)declare integ_of_Pls [simp del] integ_of_Min [simp del] integ_of_BIT [simp del]lemmas bin_arith_extra_simps =     integ_of_add [symmetric]     integ_of_minus [symmetric]     integ_of_mult [symmetric]     bin_succ_1 bin_succ_0     bin_pred_1 bin_pred_0     bin_minus_1 bin_minus_0     bin_add_Pls_right bin_add_Min_right     bin_add_BIT_0 bin_add_BIT_10 bin_add_BIT_11     diff_integ_of_eq     bin_mult_1 bin_mult_0 NCons_simps(*For making a minimal simpset, one must include these default simprules  of thy.  Also include simp_thms, or at least (~False)=True*)lemmas bin_arith_simps =     bin_pred_Pls bin_pred_Min     bin_succ_Pls bin_succ_Min     bin_add_Pls bin_add_Min     bin_minus_Pls bin_minus_Min     bin_mult_Pls bin_mult_Min     bin_arith_extra_simps(*Simplification of relational operations*)lemmas bin_rel_simps =     eq_integ_of_eq iszero_integ_of_Pls nonzero_integ_of_Min     iszero_integ_of_0 iszero_integ_of_1     less_integ_of_eq_neg     not_neg_integ_of_Pls neg_integ_of_Min neg_integ_of_BIT     le_integ_of_eq_not_lessdeclare bin_arith_simps [simp]declare bin_rel_simps [simp](** Simplification of arithmetic when nested to the right **)lemma add_integ_of_left [simp]:     "[| v ∈ bin;  w ∈ bin |]      ==> integ_of(v) \$+ (integ_of(w) \$+ z) = (integ_of(bin_add(v,w)) \$+ z)"by (simp add: zadd_assoc [symmetric])lemma mult_integ_of_left [simp]:     "[| v ∈ bin;  w ∈ bin |]      ==> integ_of(v) \$* (integ_of(w) \$* z) = (integ_of(bin_mult(v,w)) \$* z)"by (simp add: zmult_assoc [symmetric])lemma add_integ_of_diff1 [simp]:    "[| v ∈ bin;  w ∈ bin |]      ==> integ_of(v) \$+ (integ_of(w) \$- c) = integ_of(bin_add(v,w)) \$- (c)"apply (unfold zdiff_def)apply (rule add_integ_of_left, auto)donelemma add_integ_of_diff2 [simp]:     "[| v ∈ bin;  w ∈ bin |]      ==> integ_of(v) \$+ (c \$- integ_of(w)) =          integ_of (bin_add (v, bin_minus(w))) \$+ (c)"apply (subst diff_integ_of_eq [symmetric])apply (simp_all add: zdiff_def zadd_ac)done(** More for integer constants **)declare int_of_0 [simp] int_of_succ [simp]lemma zdiff0 [simp]: "#0 \$- x = \$-x"by (simp add: zdiff_def)lemma zdiff0_right [simp]: "x \$- #0 = intify(x)"by (simp add: zdiff_def)lemma zdiff_self [simp]: "x \$- x = #0"by (simp add: zdiff_def)lemma znegative_iff_zless_0: "k ∈ int ==> znegative(k) <-> k \$< #0"by (simp add: zless_def)lemma zero_zless_imp_znegative_zminus: "[|#0 \$< k; k ∈ int|] ==> znegative(\$-k)"by (simp add: zless_def)lemma zero_zle_int_of [simp]: "#0 \$<= \$# n"by (simp add: not_zless_iff_zle [THEN iff_sym] znegative_iff_zless_0 [THEN iff_sym])lemma nat_of_0 [simp]: "nat_of(#0) = 0"by (simp only: natify_0 int_of_0 [symmetric] nat_of_int_of)lemma nat_le_int0_lemma: "[| z \$<= \$#0; z ∈ int |] ==> nat_of(z) = 0"by (auto simp add: znegative_iff_zless_0 [THEN iff_sym] zle_def zneg_nat_of)lemma nat_le_int0: "z \$<= \$#0 ==> nat_of(z) = 0"apply (subgoal_tac "nat_of (intify (z)) = 0")apply (rule_tac [2] nat_le_int0_lemma, auto)donelemma int_of_eq_0_imp_natify_eq_0: "\$# n = #0 ==> natify(n) = 0"by (rule not_znegative_imp_zero, auto)lemma nat_of_zminus_int_of: "nat_of(\$- \$# n) = 0"by (simp add: nat_of_def int_of_def raw_nat_of zminus image_intrel_int)lemma int_of_nat_of: "#0 \$<= z ==> \$# nat_of(z) = intify(z)"apply (rule not_zneg_nat_of_intify)apply (simp add: znegative_iff_zless_0 not_zless_iff_zle)donedeclare int_of_nat_of [simp] nat_of_zminus_int_of [simp]lemma int_of_nat_of_if: "\$# nat_of(z) = (if #0 \$<= z then intify(z) else #0)"by (simp add: int_of_nat_of znegative_iff_zless_0 not_zle_iff_zless)lemma zless_nat_iff_int_zless: "[| m ∈ nat; z ∈ int |] ==> (m < nat_of(z)) <-> (\$#m \$< z)"apply (case_tac "znegative (z) ")apply (erule_tac [2] not_zneg_nat_of [THEN subst])apply (auto dest: zless_trans dest!: zero_zle_int_of [THEN zle_zless_trans]            simp add: znegative_iff_zless_0)done(** nat_of and zless **)(*An alternative condition is  @{term"\$#0 ⊆ w"}  *)lemma zless_nat_conj_lemma: "\$#0 \$< z ==> (nat_of(w) < nat_of(z)) <-> (w \$< z)"apply (rule iff_trans)apply (rule zless_int_of [THEN iff_sym])apply (auto simp add: int_of_nat_of_if simp del: zless_int_of)apply (auto elim: zless_asym simp add: not_zle_iff_zless)apply (blast intro: zless_zle_trans)donelemma zless_nat_conj: "(nat_of(w) < nat_of(z)) <-> (\$#0 \$< z & w \$< z)"apply (case_tac "\$#0 \$< z")apply (auto simp add: zless_nat_conj_lemma nat_le_int0 not_zless_iff_zle)done(*This simprule cannot be added unless we can find a way to make eq_integ_of_eq  unconditional!  [The condition "True" is a hack to prevent looping.    Conditional rewrite rules are tried after unconditional ones, so a rule    like eq_nat_number_of will be tried first to eliminate #mm=#nn.]  lemma integ_of_reorient [simp]:       "True ==> (integ_of(w) = x) <-> (x = integ_of(w))"  by auto*)lemma integ_of_minus_reorient [simp]:     "(integ_of(w) = \$- x) <-> (\$- x = integ_of(w))"by autolemma integ_of_add_reorient [simp]:     "(integ_of(w) = x \$+ y) <-> (x \$+ y = integ_of(w))"by autolemma integ_of_diff_reorient [simp]:     "(integ_of(w) = x \$- y) <-> (x \$- y = integ_of(w))"by autolemma integ_of_mult_reorient [simp]:     "(integ_of(w) = x \$* y) <-> (x \$* y = integ_of(w))"by autoend`