diff --git a/thys/Polygonal_Number_Theorem/Polygonal_Number_Theorem_Cauchy.thy b/thys/Polygonal_Number_Theorem/Polygonal_Number_Theorem_Cauchy.thy --- a/thys/Polygonal_Number_Theorem/Polygonal_Number_Theorem_Cauchy.thy +++ b/thys/Polygonal_Number_Theorem/Polygonal_Number_Theorem_Cauchy.thy @@ -1,732 +1,734 @@ subsection \ Cauchy's Polygonal Number Theorem \ -text \We will use the definition of the polygonal numbers from the Gauss Theorem theory file +text \We will use the definition of the polygonal numbers from the Gauss Theorem theory file which also imports the Three Squares Theorem AFP entry \cite{Three_Squares-AFP}.\ theory Polygonal_Number_Theorem_Cauchy imports Polygonal_Number_Theorem_Gauss begin text\The following lemma shows there are two consecutive odd integers in any four consecutive integers.\ lemma two_consec_odd: fixes a1 a2 a3 a4 :: int assumes "a1-a2 = 1" assumes "a2-a3 = 1" assumes "a3-a4 = 1" shows "\k1 k2 :: int. {k1, k2} \ {a1, a2, a3, a4} \ (k2 = k1+2) \ odd k1" proof - - have c1:"\k1 k2 :: int. {k1, k2} \ {a1, a2, a3, a4} \ (k2 = k1+2) \ odd k1" + have c1:"\k1 k2 :: int. {k1, k2} \ {a1, a2, a3, a4} \ (k2 = k1+2) \ odd k1" if odd_case:"odd a4" proof- define k1 where k1_def:"k1 = a4" define k2 where k2_def:"k2 = k1 + 2" have 0:"k2 = a2" using k2_def k1_def assms by simp have 1:"odd k1" using k1_def odd_case by simp - show "\k1 k2 :: int. {k1, k2} \ {a1, a2, a3, a4} \ (k2 = k1+2) \ odd k1" + show "\k1 k2 :: int. {k1, k2} \ {a1, a2, a3, a4} \ (k2 = k1+2) \ odd k1" using 0 1 k1_def k2_def by auto qed - have c2:"\k1 k2 :: int. {k1, k2} \ {a1, a2, a3, a4} \ (k2 = k1+2) \ odd k1" + have c2:"\k1 k2 :: int. {k1, k2} \ {a1, a2, a3, a4} \ (k2 = k1+2) \ odd k1" if even_case:"even a4" proof - define k1 where k1_def:"k1 = a3" define k2 where k2_def:"k2 = k1 + 2" have 2:"odd k1" using even_case assms k1_def by presburger have 3:"k2 = a1" using k1_def k2_def assms by simp show "\k1 k2 :: int. {k1, k2} \ {a1, a2, a3, a4} \ (k2 = k1+2) \ odd k1" using 2 3 k1_def k2_def by auto qed show ?thesis using c1 c2 by auto qed text \This lemma proves that for two consecutive integers $b_1$ and $b_2$, and $r \in \{0,1,\dots,m-3\}$, numbers of the form $b_1+r$ and $b_2+r$ can cover all the congruence classes modulo $m$.\ lemma cong_classes: fixes b1 b2 :: int fixes m :: nat assumes "m \ 4" assumes "odd b1" assumes "b2 = b1 + 2" shows "\N::nat. \b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" proof - have first:"\N::nat. \b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if first_assum:"b1 mod m \ 3" proof - define k1 where k1_def:"k1 = b1 mod m" define l where l_def:"l = m - k1" have k1_size:"k1\3" using first_assum k1_def by simp have l_size:"l \ m-3" using first_assum k1_def l_def by auto have "(l+k1) mod m = 0" using l_def by auto hence "(l+b1) mod m = 0" using k1_def l_def by (metis mod_add_right_eq) define w where w_def:"w = m-3-l" - have w_size:"w\0 \ w\m-3" using w_def l_size l_def k1_def first_assum - by (smt (verit, best) Euclidean_Division.pos_mod_bound assms(1) le_antisym numeral_neq_zero + have w_size:"w\0 \ w\m-3" using w_def l_size l_def k1_def first_assum + by (smt (verit, best) Euclidean_Rings.pos_mod_bound assms(1) le_antisym numeral_neq_zero of_nat_0_less_iff order_trans_rules(22) verit_comp_simplify(3) zero_le_numeral) have "k1 = w+3" using w_def k1_def l_def w_size first_assum by linarith hence "w+2 = k1-1" by auto hence "w+2 = (b1-1) mod m" using first_assum k1_def - by (smt (verit, del_insts) Euclidean_Division.pos_mod_bound assms(1) + by (smt (verit, del_insts) Euclidean_Rings.pos_mod_bound assms(1) mod_diff_eq mod_pos_pos_trivial of_nat_le_0_iff verit_comp_simplify(8)) hence w_cover:"w+2 = k1-1" using k1_def using \w + 2 = k1 - 1\ by fastforce have "\r::nat. (r\m-3) \ [N=b1+r] (mod m)" if asm1:"N mod m \ k1 \ N mod m \ m-1" for N proof - have "m - (N mod m) \ l" using asm1 l_def k1_def by linarith - hence "\d::nat. d\l \ [N = k1+d] (mod m)" using asm1 k1_def l_def + hence "\d::nat. d\l \ [N = k1+d] (mod m)" using asm1 k1_def l_def by (metis add.commute add_le_cancel_left cong_mod_left cong_refl diff_add_cancel diff_le_self le_trans of_nat_mod of_nat_mono zle_iff_zadd) - hence "\d::nat. d\l \ [N=b1+d] (mod m)" using k1_def - by (metis mod_add_left_eq unique_euclidean_semiring_class.cong_def) - thus "\r::nat. (r\m-3) \ [N=b1+r] (mod m)" using l_size + hence "\d::nat. d\l \ [N=b1+d] (mod m)" using k1_def + by (metis mod_add_left_eq unique_euclidean_semiring_class.cong_def) + thus "\r::nat. (r\m-3) \ [N=b1+r] (mod m)" using l_size by (smt (verit, best) nat_leq_as_int) qed hence c1:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if asm1:"N mod m \ k1 \ N mod m \ m-1" for N using asm1 by blast - have c2:"\r::nat. (r\m-3) \ [N=b1+r] (mod m)" if asm2:"N mod m =0" for N using l_def k1_def + have c2:"\r::nat. (r\m-3) \ [N=b1+r] (mod m)" if asm2:"N mod m =0" for N using l_def k1_def by (smt (verit, ccfv_threshold) \(l + b1) mod int m = 0\ add_diff_cancel_left' cong_0_iff - cong_sym cong_trans diff_add_cancel diff_ge_0_iff_ge dvd_eq_mod_eq_0 int_dvd_int_iff nat_0_le + cong_sym cong_trans diff_add_cancel diff_ge_0_iff_ge dvd_eq_mod_eq_0 int_dvd_int_iff nat_0_le of_nat_le_iff that w_def w_size) hence c2:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if asm2:"N mod m = 0" for N using asm2 by metis have "\r::nat. (r\m-3) \ [N=b1+r] (mod m)" if asm3:"N mod m > 0 \ N mod m \w" for N proof - have "l+ (N mod m) \ m-3" using asm3 w_def by auto hence "\d::nat. (d\w) \ [N = k1+l+d] (mod m)" using asm3 w_def k1_def l_def - by (smt (verit, ccfv_threshold) minus_mod_self2 mod_mod_trivial of_nat_mod + by (smt (verit, ccfv_threshold) minus_mod_self2 mod_mod_trivial of_nat_mod unique_euclidean_semiring_class.cong_def) hence "\d::nat. (d\w) \ [N = b1+l+d] (mod m)" using k1_def by (metis (mono_tags, opaque_lifting) mod_add_left_eq unique_euclidean_semiring_class.cong_def) - hence "\r::nat. (r\w+l) \ [N = b1+r] (mod m)" by (smt (verit) add.commute + hence "\r::nat. (r\w+l) \ [N = b1+r] (mod m)" by (smt (verit) add.commute add.left_commute le_add_same_cancel2 of_nat_0_le_iff w_def w_size zero_le_imp_eq_int) thus "\r::nat. (r\m-3) \ [N = b1+r] (mod m)" using w_def by auto qed hence "\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if asm3:"N mod m > 0 \ N mod m \w" for N using asm3 by blast hence c3:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if asm8:"N mod m > 0 \ N mod m \k1-3" using asm8 w_cover by auto have "\r::nat. (r\m-3) \ [N=b2+r] (mod m)" if asm4:"N mod m = w+1 \ N mod m = w+2" for N proof - - have c4_1:"[N = b2+(m-3)] (mod m)" if asm5:"N mod m=w+2" for N using asm5 w_def assms(3) l_def + have c4_1:"[N = b2+(m-3)] (mod m)" if asm5:"N mod m=w+2" for N using asm5 w_def assms(3) l_def by (smt (verit) \w + 2 = (b1 - 1) mod int m\ \w + 2 = k1 - 1\ mod_add_self1 of_nat_mod unique_euclidean_semiring_class.cong_def) hence "[N-1 = b2+(m-4)] (mod m)" if asm5:"N mod m = w+2" for N by (smt (verit, ccfv_threshold) Num.of_nat_simps(2) \w + 2 = k1 - 1\ asm5 assms(1) - cong_iff_lin first_assum k1_def l_def mod_less_eq_dividend numeral_Bit0 of_nat_diff of_nat_le_iff -of_nat_numeral semiring_norm(172) w_def) - hence "[N = b2+(m-4)] (mod m)" if asm6:"N mod m = w+1" for N using asm6 - by (metis \w + 2 = (b1 - 1) mod int m\ add_diff_cancel_right' arith_special(3) int_ops(4) + cong_iff_lin first_assum k1_def l_def mod_less_eq_dividend numeral_Bit0 of_nat_diff of_nat_le_iff +of_nat_numeral semiring_norm(172) w_def) + hence "[N = b2+(m-4)] (mod m)" if asm6:"N mod m = w+1" for N using asm6 + by (metis \w + 2 = (b1 - 1) mod int m\ add_diff_cancel_right' arith_special(3) int_ops(4) is_num_normalize(1) mod_add_left_eq mod_diff_left_eq of_nat_mod) thus ?thesis using c4_1 by (metis asm4 diff_le_mono2 nat_le_linear numeral_le_iff verit_comp_simplify(10) verit_comp_simplify(13)) qed hence "\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if asm4:"N mod m = w+1 \ N mod m = w+2" for N using asm4 by blast - hence c4:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" + hence c4:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if asm7:"N mod m = k1-2 \ N mod m = k1-1" for N using w_cover asm7 by auto - have "\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" - if asm10:"N mod m \ 0 \ N mod m \w" for N using c2 c3 asm10 + have "\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" + if asm10:"N mod m \ 0 \ N mod m \w" for N using c2 c3 asm10 using \\N. 0 < N mod m \ int (N mod m) \ w \ \b r. r \ m - 3 \ [int N = b + int r] (mod int m) \ (b = b1 \ b = b2)\ by blast - hence c5:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" + hence c5:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if asm11:"N mod m \ 0 \ N mod m \k1-3" for N using w_cover using asm11 by force - have c6:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" - if asm9:"(N mod m \0 \ N mod m \ k1-3) \ N mod m = k1-2 \ N mod m = k1-1" for N + have c6:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" + if asm9:"(N mod m \0 \ N mod m \ k1-3) \ N mod m = k1-2 \ N mod m = k1-1" for N using c5 c4 asm9 by blast - hence c7:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" - if asm12:"(N mod m \0 \ N mod m \ k1-3) \ N mod m = k1-2 \ N mod m = k1-1 \ + hence c7:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" + if asm12:"(N mod m \0 \ N mod m \ k1-3) \ N mod m = k1-2 \ N mod m = k1-1 \ (N mod m \ k1 \ N mod m \ m-1)" for N using asm12 c1 by blast - have "\N::nat. (N mod m \0 \ N mod m\ k1-3) \ N mod m = k1-2 \ N mod m = k1-1 \ - (N mod m \ k1 \ N mod m \ m-1)" using k1_def - by (smt (verit, best) Suc_pred' assms(1) bot_nat_0.extremum le_simps(2) mod_less_divisor + have "\N::nat. (N mod m \0 \ N mod m\ k1-3) \ N mod m = k1-2 \ N mod m = k1-1 \ + (N mod m \ k1 \ N mod m \ m-1)" using k1_def + by (smt (verit, best) Suc_pred' assms(1) bot_nat_0.extremum le_simps(2) mod_less_divisor not_numeral_le_zero of_nat_0_less_iff of_nat_le_0_iff) thus ?thesis using c7 by auto qed have second:"\N::nat. \b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if second_assum:"b1 mod m \0 \ b1 mod m \2" proof - have case1:"\N::nat. \b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if case1_assum:"b1 mod m = 0" proof - have "\r::nat. (r \ m-3) \ [N = b1+r] (mod m)" if case1_1_assum:"N mod m \m-3" for N - using case1_assum case1_1_assum + using case1_assum case1_1_assum by (metis cong_add_rcancel_0 cong_mod_left cong_refl cong_sym_eq zmod_int) - hence case1_1:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" + hence case1_1:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if case1_1_assum:"N mod m \m-3" for N using case1_1_assum by blast have "[N = b1+(m-2)] (mod m)" if case1_2_assum:"N mod m = m-2" for N using case1_2_assum - case1_assum by (metis (no_types, opaque_lifting) add.commute cong_add_lcancel_0 + case1_assum by (metis (no_types, opaque_lifting) add.commute cong_add_lcancel_0 cong_mod_right of_nat_mod unique_euclidean_semiring_class.cong_def) hence "[N = b2+(m-4)] (mod m)" if case1_2_assum:"N mod m = m-2" for N using case1_2_assum assms(3) by (smt (verit, best) add_leD2 assms(1) int_ops(2) numeral_Bit0 of_nat_diff of_nat_numeral semiring_norm(172)) hence "\r::nat. (r \ m-3) \ [N = b2+r] (mod m)" if case1_2_assum:"N mod m = m-2" for N using case1_2_assum by (meson diff_le_mono2 less_num_simps(2) numeral_le_iff verit_comp_simplify(15)) hence case1_2:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if case1_2_assum:"N mod m = m-2" for N using case1_2_assum by blast have "[N = b1+(m-1)] (mod m)" if case1_3_assum:"N mod m = m-1" for N using case1_3_assum - case1_assum by (metis (no_types, opaque_lifting) add.commute cong_add_lcancel_0 + case1_assum by (metis (no_types, opaque_lifting) add.commute cong_add_lcancel_0 cong_mod_right of_nat_mod unique_euclidean_semiring_class.cong_def) hence "[N = b2+(m-3)] (mod m)" if case1_3_assum:"N mod m = m-1" for N using case1_3_assum assms(3) - by (smt (verit, best) assms(1) int_ops(2) int_ops(6) numeral_Bit0 numeral_Bit1 of_nat_mono + by (smt (verit, best) assms(1) int_ops(2) int_ops(6) numeral_Bit0 numeral_Bit1 of_nat_mono of_nat_numeral semiring_norm(172)) hence "\r::nat. (r \ m-3) \ [N = b2+r] (mod m)" if case1_3_assum:"N mod m = m-1" for N using case1_3_assum by blast hence case1_3:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if case1_3_assum:"N mod m = m-1" for N using case1_3_assum by blast have "\N::nat. (N mod m = m-1) \ (N mod m = m-2) \ (N mod m \ m-3)" - by (smt (verit, ccfv_threshold) Suc_pred' assms(1) bot_nat_0.not_eq_extremum diff_diff_add -diff_is_0_eq' le_simps(2) mod_less_divisor nat_1_add_1 nat_less_le not_numeral_le_zero + by (smt (verit, ccfv_threshold) Suc_pred' assms(1) bot_nat_0.not_eq_extremum diff_diff_add +diff_is_0_eq' le_simps(2) mod_less_divisor nat_1_add_1 nat_less_le not_numeral_le_zero numeral.simps(3) semiring_norm(172)) thus ?thesis using case1_1 case1_2 case1_3 by blast qed have case2:"\N::nat. \b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if case2_assum:"b1 mod m = 1" proof - have case2b2:"b2 mod m = 3" using case2_assum assms(3) by (smt (verit) assms(1) int_ops(2) mod_add_eq mod_pos_pos_trivial numeral_Bit0 of_nat_mono of_nat_numeral semiring_norm(172)) have "\r::nat. (r\m-3) \ [N = b2+r] (mod m)" if case2_1_assum:"N mod m = m-1" for N proof - have "[N = 3+(m-4)] (mod m)" using case2_1_assum by (metis (mono_tags, lifting) Suc_eq_plus1 Suc_numeral add_diff_cancel_left arithmetic_simps(1) arithmetic_simps(7) assms(1)mod_mod_trivial ordered_cancel_comm_monoid_diff_class.diff_add_assoc unique_euclidean_semiring_class.cong_def) - hence "[N = b2+(m-4)] (mod m)" using case2b2 - by (metis (mono_tags, lifting) Num.of_nat_simps(4) mod_add_left_eq + hence "[N = b2+(m-4)] (mod m)" using case2b2 + by (metis (mono_tags, lifting) Num.of_nat_simps(4) mod_add_left_eq of_nat_mod of_nat_numeral unique_euclidean_semiring_class.cong_def) thus ?thesis using le_diff_conv by fastforce qed hence case2_1:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if case2_1_assum:"N mod m = m-1" for N using case2_1_assum by blast have "\r::nat. (r\m-3) \ [N = b2+r] (mod m)" if case2_2_assum:"N mod m =0" for N proof - have "(3+(m-3)) mod m = 0" using assms(1) by fastforce - hence "(b2+(m-3)) mod m = 0" using case2b2 by (metis Num.of_nat_simps(1) + hence "(b2+(m-3)) mod m = 0" using case2b2 by (metis Num.of_nat_simps(1) Num.of_nat_simps(4) mod_add_left_eq of_nat_mod of_nat_numeral) - thus ?thesis using case2_2_assum + thus ?thesis using case2_2_assum by (metis int_ops(1) nat_le_linear of_nat_mod unique_euclidean_semiring_class.cong_def) qed hence case2_2:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if case2_2_assum:"N mod m =0" for N using case2_2_assum by metis - have "\r::nat. (r \ m-3) \ [N = b1+r] (mod m)" if - case2_3_assum:"N mod m \m-2 \ N mod m \1" for N + have "\r::nat. (r \ m-3) \ [N = b1+r] (mod m)" if + case2_3_assum:"N mod m \m-2 \ N mod m \1" for N proof - have "\r::nat. (r\m-3)\((b1+r) mod m = l)" if asml:"l\1 \ l\m-2" for l proof - define r where r_def:"r = l-1" from asml have r_range:"r\0 \ r\m-3" using r_def by linarith have "(1+r) mod m = l" using asml r_def r_range by fastforce hence "(b1+r) mod m = l" using case2_assum by (metis Num.of_nat_simps(3) int_ops(9) mod_add_left_eq plus_1_eq_Suc) thus ?thesis using asml r_range by blast qed thus ?thesis using case2_3_assum by (metis case2_3_assum of_nat_mod unique_euclidean_semiring_class.cong_def) qed hence case2_3:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if case2_3_assum:"N mod m \m-2 \ N mod m \1" for N using case2_3_assum by blast - have "\N::nat. N mod m = 0 \ (N mod m \1 \ N mod m \m-1)" by (metis One_nat_def Suc_pred + have "\N::nat. N mod m = 0 \ (N mod m \1 \ N mod m \m-1)" by (metis One_nat_def Suc_pred assms(1) bot_nat_0.extremum_uniqueI leI less_Suc_eq_le mod_less_divisor not_numeral_le_zero) - hence "\N::nat. N mod m = 0 \ (N mod m \1 \ N mod m \m-2) \ N mod m = m-1" - by (smt (verit) arithmetic_simps(68) diff_diff_eq le_add_diff_inverse le_neq_implies_less le_simps(2) + hence "\N::nat. N mod m = 0 \ (N mod m \1 \ N mod m \m-2) \ N mod m = m-1" + by (smt (verit) arithmetic_simps(68) diff_diff_eq le_add_diff_inverse le_neq_implies_less le_simps(2) le_trans plus_1_eq_Suc) thus ?thesis using case2_1 case2_2 case2_3 by (metis \\N. N mod m \ m - 2 \ 1 \ N mod m \ \r\m - 3. [int N = b1 + int r] (mod int m)\) qed have case3:"\N::nat. \b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if case3_assum:"b1 mod m = 2" proof - - have case3b2:"b2 mod m = 4" using assms case3_assum by (smt (verit, ccfv_SIG) - Euclidean_Division.pos_mod_sign dvd_mod_imp_dvd even_numeral int_ops(2) int_ops(4) -mod_diff_eq mod_pos_pos_trivial nat_1_add_1 numeral_Bit0 of_nat_le_iff of_nat_numeral plus_1_eq_Suc) + have case3b2:"b2 mod m = 4" + using assms case3_assum + by (smt (verit, ccfv_SIG) Euclidean_Rings.pos_mod_sign dvd_mod_imp_dvd even_numeral int_ops(2) + int_ops(4) mod_diff_eq mod_pos_pos_trivial nat_1_add_1 numeral_Bit0 of_nat_le_iff + of_nat_numeral plus_1_eq_Suc) have "\r::nat. (r\m-3)\ [N = b2+r] (mod m)" if case3_1_assum:"N mod m = 0 \ N mod m =1" for N proof - have "(4+(m-3)) mod m = (4+m-3) mod m" using assms(1) by auto have "(4+m-3) mod m = (1+m) mod m" by simp hence "(4+(m-3)) mod m = 1" using \(4+(m-3)) mod m = (4+m-3) mod m\ - by (smt (verit, best) Euclidean_Division.pos_mod_bound add_lessD1 arith_special(2) assms(1) case3b2 - landau_product_preprocess(4) mod_add_self2 mod_less numeral_Bit0 of_nat_numeral order_le_less) - hence caseone:"(b2+(m-3)) mod m = 1" using case3b2 + by (smt (verit, best) Euclidean_Rings.pos_mod_bound add_lessD1 arith_special(2) assms(1) case3b2 + landau_product_preprocess(4) mod_add_self2 mod_less numeral_Bit0 of_nat_numeral order_le_less) + hence caseone:"(b2+(m-3)) mod m = 1" using case3b2 by (metis Num.of_nat_simps(2) Num.of_nat_simps(4) mod_add_left_eq of_nat_mod of_nat_numeral) have "(4+(m-4)) mod m = 0" using assms(1) by auto - hence casezero:"(b2+(m-4)) mod m = 0" using case3b2 + hence casezero:"(b2+(m-4)) mod m = 0" using case3b2 by (metis (full_types) Num.of_nat_simps(1) Num.of_nat_simps(4) mod_add_left_eq of_nat_mod of_nat_numeral) - show ?thesis using caseone casezero case3_1_assum - by (metis cong_int cong_mod_right cong_refl diff_le_mono2 nat_le_linear numeral_le_iff + show ?thesis using caseone casezero case3_1_assum + by (metis cong_int cong_mod_right cong_refl diff_le_mono2 nat_le_linear numeral_le_iff of_nat_0 of_nat_1 semiring_norm(69) semiring_norm(72)) qed hence case3_1:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if case3_1_assum:"N mod m = 0 \ N mod m =1" for N using case3_1_assum by metis have "\r::nat.(r\m-3)\ [N = b1+r] (mod m)" if case3_2_assum:"N mod m \2\N mod m \ m-1" for N proof - have "\r::nat. (r\m-3)\((b1+r) mod m = l)" if asml1:"l\2 \ l\m-1" for l proof - define r1 where r1_def:"r1 = l-2" from asml1 have r1_range:"r1\0 \ r1\m-2" using r1_def by linarith have "(2+r1) mod m = l" using asml1 r1_def r1_range by fastforce hence "(b1+r1) mod m = l" using case3_assum by (metis Num.of_nat_simps(4) mod_add_left_eq of_nat_mod of_nat_numeral) thus ?thesis using asml1 r1_range by (metis One_nat_def diff_diff_add diff_le_mono nat_1_add_1 numeral_3_eq_3 plus_1_eq_Suc r1_def) qed thus ?thesis using case3_2_assum by (metis case3_2_assum of_nat_mod unique_euclidean_semiring_class.cong_def) qed hence case3_2:"\b::int. \r::nat. (r \ m-3) \ [N=b+r] (mod m) \ (b = b1 \ b = b2)" if case3_2_assum:"N mod m \2\N mod m \ m-1" for N using case3_2_assum by blast - have "\N::nat. N mod m = 0 \ (N mod m \1 \ N mod m \m-1)" by (metis Suc_pred' assms(1) + have "\N::nat. N mod m = 0 \ (N mod m \1 \ N mod m \m-1)" by (metis Suc_pred' assms(1) bot_nat_0.not_eq_extremum less_one mod_Suc_le_divisor rel_simps(76) verit_comp_simplify1(3)) - hence "\N::nat. N mod m = 0 \ N mod m = 1 \ (N mod m \2 \ N mod m \m-1)" + hence "\N::nat. N mod m = 0 \ N mod m = 1 \ (N mod m \2 \ N mod m \m-1)" by (metis Suc_eq_plus1 le_neq_implies_less le_simps(3) nat_1_add_1) thus ?thesis using case3_1 case3_2 by blast qed show ?thesis using case1 case2 case3 using that by fastforce qed show ?thesis using first second using assms(1) by force qed -text\The strong form of Cauchy's polygonal number theorem shows for a natural number $N$ satisfying -certain conditions, it may be written as the sum of $m+1$ polygonal numbers of order $m+2$, at most four +text\The strong form of Cauchy's polygonal number theorem shows for a natural number $N$ satisfying +certain conditions, it may be written as the sum of $m+1$ polygonal numbers of order $m+2$, at most four of which are different from 0 or 1. This corresponds to Theorem 1.9 in \cite{nathanson1996}.\ theorem Strong_Form_of_Cauchy_Polygonal_Number_Theorem_1: fixes m N :: nat assumes "m\4" assumes "N\108*m" shows "\ xs :: nat list. (length xs = m+1) \ (sum_list xs = N) \ (\k\3. \a. xs! k = polygonal_number m a) - \ (\ k \ {4..m} . xs! k = 0 \ xs! k = 1)" + \ (\ k \ {4..m} . xs! k = 0 \ xs! k = 1)" proof - define L where L_def:"L = (2/3 + sqrt (8*N/m - 8)) - (1/2 + sqrt (6*N/m - 3))" from assms L_def have "L>4" using interval_length_greater_than_four apply(rule_tac N = "of_nat N" and m = "of_nat m" in interval_length_greater_than_four) by auto define c1 where c1_def:"c1 = \1/2 + sqrt (6*N/m - 3)\" define c2 where c2_def:"c2 = c1+1" define c3 where c3_def:"c3 = c1+2" define c4 where c4_def:"c4 = c1+3" from \L>4\ c1_def c2_def c3_def c4_def L_def have "c4<(2/3 + sqrt (8*N/m - 8))" by linarith have "N/m \ 108" using assms using le_divide_eq by fastforce hence "sqrt(6*N/m - 3)\1" by simp hence "1/2 + sqrt(6*N/m - 3) \1" by linarith hence "c1 \1" using c1_def by simp - obtain b1 b2 where bproperties:"{b1, b2} \ {c1, c2, c3, c4} \ (b2 = b1+2) \ odd b1" - using two_consec_odd c1_def c2_def c3_def c4_def by (metis (no_types, opaque_lifting) Groups.add_ac(2) + obtain b1 b2 where bproperties:"{b1, b2} \ {c1, c2, c3, c4} \ (b2 = b1+2) \ odd b1" + using two_consec_odd c1_def c2_def c3_def c4_def by (metis (no_types, opaque_lifting) Groups.add_ac(2) empty_subsetI even_plus_one_iff insert_commute insert_mono nat_arith.add1 numeral.simps(2) numeral.simps(3)) have b1andb2:"odd b1 \ b2 = b1+2" using bproperties by auto have b1pos:"b1 \1" using \c1\1\ c2_def c3_def c4_def bproperties by auto hence b2pos:"b2 \3" using bproperties by simp have b2odd:"odd b2" using bproperties by simp - + obtain b r where b_r:"r\m-3 \ (b = b1 \ b = b2) \ [int N = b+r] (mod m)" using b1andb2 assms(1) cong_classes by meson have bpos:"b\1" using b1pos b2pos b_r by auto have bodd:"odd b" using b_r bproperties by auto define a where a_def:"a = b+2*(N-b-r) div m" have m_div_num:"m dvd (N-b-r)" using b_r by (simp add: diff_diff_add mod_eq_dvd_iff unique_euclidean_semiring_class.cong_def) hence "(N-b-r)/m = (N-b-r) div m" by (simp add: real_of_int_div) - hence a_def1:"a = b+2*(N-b-r)/m" using a_def by (metis \int m dvd int N - b - int r\ + hence a_def1:"a = b+2*(N-b-r)/m" using a_def by (metis \int m dvd int N - b - int r\ dvd_add_right_iff mult_2 of_int_add of_int_of_nat_eq real_of_int_div) have "N-m>0" using assms by linarith - hence "N-r>0" using b_r by force + hence "N-r>0" using b_r by force hence "(N-b-r) = (N-r)-b" by linarith hence "(N-b-r)/m = (N-r)/m - b/m" by (metis diff_divide_distrib int_of_reals(3) of_int_of_nat_eq) hence "a = b+2*((N-r)/m - b/m)" using a_def1 by (metis int_of_reals(6) of_int_mult times_divide_eq_right) hence a_def2:"a = b- b*2/m+2*(N-r)/m " by simp have "b*(1-2/m) = b*1-b*(2/m)" by (simp add: Rings.ring_distribs(4)) hence a_def3:"a = b*(1-2/m) + 2*(N-r)/m" using a_def2 by simp have "1-2/m>0" using assms(1) by simp hence size1:"b*(1-2/m)>0" using bpos by simp have "N-r>0" using b_r assms by auto hence size2:"2*(N-r)/m>0" using assms(1) by simp - have apos:"a\1" using size1 size2 a_def3 by simp + have apos:"a\1" using size1 size2 a_def3 by simp have "odd (b+2*(N-b-r) div m)" using m_div_num b_r b2odd bproperties by (metis div_mult_swap zdvd_reduce) hence aodd:"odd a" using a_def by simp from a_def1 have "a-b = 2*(N-b-r)/m" by simp hence "m*(a-b)/2 = N-b-r" using assms(1) by simp hence N_expr:"N = r+b+m*(a-b)/2" by simp have "b1 \ c1" using bproperties c2_def c3_def c4_def by force hence "b1 \ 1/2 + sqrt (6*N/m - 3)" using c1_def using ceiling_le_iff by blast have b_ineq1:"b \ 1/2 + sqrt (6*N/m - 3)" using b_r bproperties - using \1 / 2 + sqrt (real (6 * N) / real m - 3) \ real_of_int b1\ by fastforce + using \1 / 2 + sqrt (real (6 * N) / real m - 3) \ real_of_int b1\ by fastforce have "b2 \ c4" using bproperties c1_def c2_def c3_def c4_def by fastforce hence "b2 \ (2/3 + sqrt (8*N/m - 8))" using \real_of_int c4 < 2 / 3 + sqrt (real (8 * N) / real m - 8)\ by linarith hence b_ineq2:"b\(2/3 + sqrt (8*N/m - 8))" using b_r bproperties by linarith define Nr where "Nr = real_of_nat N" define mr where "mr = real m" define ar where "ar = real_of_int a" define br where "br = real_of_int b" define rr where "rr = real_of_nat r" from assms(1) have "mr \3" using mr_def by auto from assms(2) have "N\2*m" by simp hence "Nr \ 2*mr" using Nr_def mr_def \N \ 2 * m\ by auto moreover have "br\0" using br_def bpos by auto moreover have "mr\3" using mr_def assms by auto moreover have "ar\0" using ar_def apos by auto moreover have "rr\0" using rr_def b_r by auto moreover have "mr > rr" using mr_def rr_def b_r assms(1) by linarith moreover have "Nr = mr*(ar-br)/2+br+rr" using Nr_def mr_def ar_def br_def N_expr rr_def by auto moreover have "1/2+sqrt(6*Nr/mr-3)\br \ br\2/3+sqrt(8*Nr/mr-8)" using Nr_def mr_def br_def b_ineq1 b_ineq2 by auto ultimately have "br^2<4*ar \ 3*ar 3*(real_of_int a) < (real_of_int b)^2 + 2*(real_of_int b) + 4" + hence real_ineq:"(real_of_int b)^2 < 4*(real_of_int a) \ 3*(real_of_int a) < (real_of_int b)^2 + 2*(real_of_int b) + 4" using br_def ar_def by auto hence int_ineq1: "b^2<4*a" using of_int_less_iff by fastforce from real_ineq have int_ineq2: "3*a1" using apos by auto have con2:"nat b \1" using bpos by auto have con3:"odd (nat a)" using aodd apos even_nat_iff by auto have con4:"odd (nat b)" using bodd bpos even_nat_iff by auto have "(nat b)^2 = b^2" using \nat b \1\ by auto hence con5:"(nat b)^2<4*(nat a)" using int_ineq1 by linarith have con6:"3*(nat a)<(nat b)^2+2*(nat b)+4" using \(nat b)^2 = b^2\ int_ineq2 by linarith obtain s t u v where stuv:"s \ 0 \ t \ 0 \ u \ 0 \ v \ 0 \ int(nat a) = s^2 + t^2 + u^2 + v^2 \ int(nat b) = s+t+u+v" using four_nonneg_int_sum con1 con2 con3 con4 con5 con6 by presburger have a_expr:"a = s^2 + t^2 + u^2 + v^2" using apos stuv by linarith have b_expr:"b = s+t+u+v" using bpos stuv by linarith from N_expr have "N = m/2*(s^2-s+t^2-t+u^2-u+v^2-v)+r+(s+t+u+v)" using a_expr b_expr by simp hence N_expr2:"N = m/2*(s^2-s)+ m/2*(t^2-t)+ m/2*(u^2-u)+ m/2*(v^2-v)+ r+(s+t+u+v)" by (metis (no_types, opaque_lifting) add_diff_eq nat_distrib(2) of_int_add) have s_div2:"m/2*(s^2-s) = m*(s^2-s) div 2" using real_of_int_div by auto have t_div2:"m/2*(t^2-t) = m*(t^2-t) div 2" using real_of_int_div by auto have u_div2:"m/2*(u^2-u) = m*(u^2-u) div 2" using real_of_int_div by auto have v_div2:"m/2*(v^2-v) = m*(v^2-v) div 2" using real_of_int_div by auto have N_expr3:"N = (m*(s^2-s) div 2+s)+(m*(t^2-t) div 2+t)+(m*(u^2-u) div 2+u)+(m*(v^2-v) div 2+v)+r" using s_div2 t_div2 u_div2 v_div2 N_expr2 by simp define sn where "sn = nat s" define tn where "tn = nat t" define un where "un = nat u" define vn where "vn = nat v" - have seqsn:"s^2-s = sn^2 - sn" using stuv sn_def + have seqsn:"s^2-s = sn^2 - sn" using stuv sn_def by (metis int_nat_eq le_refl of_nat_diff of_nat_power power2_nat_le_imp_le) have teqtn:"t^2-t = tn^2 - tn" using stuv tn_def by (metis int_nat_eq le_refl of_nat_diff of_nat_power power2_nat_le_imp_le) - have uequn:"u^2-u = un^2 - un" using stuv un_def + have uequn:"u^2-u = un^2 - un" using stuv un_def by (metis int_nat_eq le_refl of_nat_diff of_nat_power power2_nat_le_imp_le) - have veqvn:"v^2-v = vn^2 - vn" using stuv vn_def + have veqvn:"v^2-v = vn^2 - vn" using stuv vn_def by (metis int_nat_eq le_refl of_nat_diff of_nat_power power2_nat_le_imp_le) - from N_expr3 have + from N_expr3 have "N = (m*(sn^2-sn) div 2+s)+(m*(tn^2-tn) div 2+t)+(m*(un^2-un) div 2+u)+(m*(vn^2-vn) div 2+ v)+r" - using seqsn teqtn uequn veqvn by (metis (mono_tags, lifting) int_ops(2) int_ops(4) int_ops(7) + using seqsn teqtn uequn veqvn by (metis (mono_tags, lifting) int_ops(2) int_ops(4) int_ops(7) numeral_Bit0 numeral_code(1) plus_1_eq_Suc zdiv_int) - hence "N = (m*(sn^2-sn) div 2+sn)+(m*(tn^2-tn) div 2+tn)+(m*(un^2-un) div 2+un)+(m*(vn^2-vn) div 2+ v)+r" + hence "N = (m*(sn^2-sn) div 2+sn)+(m*(tn^2-tn) div 2+tn)+(m*(un^2-un) div 2+un)+(m*(vn^2-vn) div 2+ v)+r" using sn_def tn_def un_def stuv int_nat_eq int_ops(5) by presburger hence "N = (m*(sn^2-sn) div 2+sn)+(m*(tn^2-tn) div 2+tn)+(m*(un^2-un) div 2+un)+(m*(vn^2-vn) div 2+ vn)+r" using vn_def stuv by (smt (verit, del_insts) Num.of_nat_simps(4) int_nat_eq of_nat_eq_iff) hence "N = (m* sn*(sn-1) div 2+sn)+(m*tn*(tn-1) div 2+tn)+(m*un*(un-1) div 2+un)+(m* vn*(vn-1) div 2+ vn)+r" by (smt (verit, ccfv_threshold) more_arith_simps(11) mult.right_neutral power2_eq_square right_diff_distrib') hence N_expr4:"N = polygonal_number m sn + polygonal_number m tn + polygonal_number m un + polygonal_number m vn +r" using Polygonal_Number_Theorem_Gauss.polygonal_number_def by presburger define T where T_def:"T = [polygonal_number m sn,polygonal_number m tn,polygonal_number m un,polygonal_number m vn]" define ones where ones_def:"ones = replicate r (1::nat)" define zeros where zeros_def:"zeros = replicate (m+1-4-r) (0::nat)" define final where final_def:"final = T@ones@zeros" have "m+1-4-r\0" using assms(1) b_r by force - hence "4+r+(m+1-4-r) = m+1" using assms(1) b_r by force + hence "4+r+(m+1-4-r) = m+1" using assms(1) b_r by force have "length final = 4+r+(m+1-4-r)" using final_def T_def ones_def zeros_def by auto hence final_length:"length final = m+1" using \4+r+(m+1-4-r) = m+1\ by simp have T_sum:"sum_list T = polygonal_number m sn + polygonal_number m tn + polygonal_number m un + polygonal_number m vn" by (simp add: T_def) have ones_sum:"sum_list ones = r" using ones_def by (simp add: sum_list_replicate) have zeros_sum:"sum_list zeros = 0" using zeros_def by simp have "sum_list final = sum_list T + sum_list ones + sum_list zeros" using final_def by simp hence final_sum:"sum_list final = N" using N_expr4 by (simp add: T_sum ones_sum zeros_sum) have final_0th:"final! 0 = polygonal_number m sn" using final_def T_def by simp have final_1st:"final! 1 = polygonal_number m tn" using final_def T_def by simp have final_2nd:"final! 2 = polygonal_number m un" using final_def T_def by simp have final_3rd:"final! 3 = polygonal_number m vn" using final_def T_def by simp have first_four:"\k\3. \a. final! k = polygonal_number m a" using final_0th final_1st final_2nd final_3rd - by (metis Suc_eq_plus1 add_leD2 arith_simps(50) le_simps(2) numeral_Bit0 numeral_Bit1 + by (metis Suc_eq_plus1 add_leD2 arith_simps(50) le_simps(2) numeral_Bit0 numeral_Bit1 numeral_One verit_comp_simplify1(3) verit_la_disequality) - + have "length T = 4" using T_def by simp have "\k (ones@zeros)! k =0" using ones_def zeros_def by (simp add: nth_append) - hence "final! k = 1 \ final! k = 0" if "k\4 \ k<(length final)" for k + hence "final! k = 1 \ final! k = 0" if "k\4 \ k<(length final)" for k using \length T = 4\ final_def that by (metis add_less_cancel_left le_add_diff_inverse length_append nth_append verit_comp_simplify1(3)) hence other_terms:"\ k \ {4..m} . final! k = 0 \ final! k = 1" using final_length by (metis Suc_eq_plus1 atLeastAtMost_iff le_simps(2)) show ?thesis using final_length final_sum first_four other_terms by auto qed - + theorem Strong_Form_of_Cauchy_Polygonal_Number_Theorem_2: fixes N :: nat assumes "N\324" shows "\ p1 p2 p3 p4 r ::nat. N = p1+p2+p3+p4+r \ (\k1. p1 = polygonal_number 3 k1) \ (\k2. p2 = polygonal_number 3 k2) \ (\k3. p3 = polygonal_number 3 k3) \ (\k4. p4 = polygonal_number 3 k4) \ (r = 0 \ r = 1)" proof - define L where L_def:"L = (2/3 + sqrt (8*N/3 - 8)) - (1/2 + sqrt (6*N/3 - 3))" (*Now m = 3*) from assms L_def have "L>4" using interval_length_greater_than_four apply - apply(rule interval_length_greater_than_four[where N = "of_nat N" and m = "of_nat 3"]) by auto define c1 where c1_def:"c1 = \1/2 + sqrt (6*N/3 - 3)\" define c2 where c2_def:"c2 = c1+1" define c3 where c3_def:"c3 = c1+2" define c4 where c4_def:"c4 = c1+3" from \L>4\ c1_def c2_def c3_def c4_def L_def have "c4<(2/3 + sqrt (8*N/3 - 8))" by linarith define Nn where "Nn = int N" have "c4<(2/3 + sqrt (8*Nn/3 - 8))" using Nn_def \c4<(2/3 + sqrt (8*N/3 - 8))\ by simp - have Nn3:"(Nn-3)^2 - (sqrt (8*Nn/3 - 8))^2 = Nn^2-3*Nn-3*Nn+9 - (sqrt (8*Nn/3 - 8))^2" + have Nn3:"(Nn-3)^2 - (sqrt (8*Nn/3 - 8))^2 = Nn^2-3*Nn-3*Nn+9 - (sqrt (8*Nn/3 - 8))^2" using assms Nn_def power2_diff by (simp add: power2_eq_square algebra_simps) have "(Nn-3)^2 - (sqrt (8*Nn/3 - 8))^2 = Nn^2-3*Nn-3*Nn+9 - (8*Nn/3 - 8)" using assms Nn_def Nn3 by fastforce hence "(Nn-3)^2 - (sqrt (8*Nn/3 - 8))^2 = Nn^2-6*Nn+9-8*Nn/3 +8" by linarith hence Nn4:"(Nn-3)^2 - (sqrt (8*Nn/3 - 8))^2 = Nn*(Nn-26/3)+17" by (simp add: Rings.ring_distribs(4) power2_eq_square) have "Nn*(Nn-26/3)+17>17" using assms Nn_def by auto hence "(Nn-3)^2 - (sqrt (8*Nn/3 - 8))^2 > 0" using Nn4 by auto hence "Nn-3 > sqrt (8*Nn/3 - 8)" using assms Nn_def by (simp add: real_less_lsqrt) hence "Nn-2 > sqrt (8*Nn/3 - 8)+2/3" by linarith hence "N > c4" using Nn_def \c4<(2/3 + sqrt (8*Nn/3 - 8))\ by simp have "N/3 \ 108" using assms using le_divide_eq by fastforce hence "sqrt(6*N/3 - 3)\1" by simp hence "1/2 + sqrt(6*N/3 - 3) \1" by linarith hence "c1 \1" using c1_def by simp - obtain b1 b2 where bproperties:"{b1, b2} \ {c1, c2, c3, c4} \ (b2 = b1+2) \ odd b1" - using two_consec_odd c1_def c2_def c3_def c4_def by (metis (no_types, opaque_lifting) Groups.add_ac(2) + obtain b1 b2 where bproperties:"{b1, b2} \ {c1, c2, c3, c4} \ (b2 = b1+2) \ odd b1" + using two_consec_odd c1_def c2_def c3_def c4_def by (metis (no_types, opaque_lifting) Groups.add_ac(2) empty_subsetI even_plus_one_iff insert_commute insert_mono nat_arith.add1 numeral.simps(2) numeral.simps(3)) have b1andb2:"odd b1 \ b2 = b1+2" using bproperties by auto have b1pos:"b1 \1" using \c1\1\ c2_def c3_def c4_def bproperties by auto hence b2pos:"b2 \3" using bproperties by simp have b2odd:"odd b2" using bproperties by simp define b1n where "b1n = nat b1" define b2n where "b2n = nat b2" from b1n_def b1pos have "b1n mod 3 = b1 mod 3" using int_ops(9) by force from b2n_def b2pos have "b2n mod 3 = b2 mod 3" using int_ops(9) by force have b_and_r:"\b r::nat. [N = b+r] (mod 3) \ (b = b1n \ b = b2n) \ (r = 0 \ r = 1)" proof - - have case1:"\b r::nat. [N = b+r] (mod 3) \ (b = b1n \ b = b2n) \ (r = 0 \ r = 1)" + have case1:"\b r::nat. [N = b+r] (mod 3) \ (b = b1n \ b = b2n) \ (r = 0 \ r = 1)" if asm1:"b1 mod 3 = 0" proof - have "b1n mod 3 = 0" using asm1 \b1n mod 3 = b1 mod 3\ by simp hence "b2n mod 3 = 2" using \b2n mod 3 = b2 mod 3\ bproperties asm1 by fastforce - have case1_1:"[0 = b1n+0] (mod 3)" using \b1n mod 3 = 0\ + have case1_1:"[0 = b1n+0] (mod 3)" using \b1n mod 3 = 0\ by (metis mod_0 nat_arith.rule0 unique_euclidean_semiring_class.cong_def) have case1_2:"[1 = b1n+1] (mod 3)" using \b1n mod 3 = 0\ by (metis \[0 = b1n + 0] (mod 3)\ add.commute cong_add_lcancel_0_nat cong_sym) have case1_3:"[2 = b2n+0] (mod 3)" using \b2n mod 3 = 2\ by (simp add: unique_euclidean_semiring_class.cong_def) have "\N::nat. N mod 3 = 0 \ N mod 3 \ 1" by linarith hence "\N::nat. N mod 3 = 0 \ N mod 3 = 1 \ N mod 3 = 2" by linarith hence "\N. \b r::nat. [N = b+r] (mod 3) \ (b = b1n \ b = b2n) \ (r = 0 \ r = 1)" if asm1:"b1 mod 3 = 0" using case1_1 case1_2 case1_3 by (metis cong_mod_left) thus ?thesis using asm1 by auto qed - have case2:"\b r::nat. [N = b+r] (mod 3) \ (b = b1n \ b = b2n) \ (r = 0 \ r = 1)" + have case2:"\b r::nat. [N = b+r] (mod 3) \ (b = b1n \ b = b2n) \ (r = 0 \ r = 1)" if asm2:"b1 mod 3 = 1" proof - have "b1n mod 3 = 1" using asm2 \b1n mod 3 = b1 mod 3\ by simp hence "b2n mod 3 = 0" using \b2n mod 3 = b2 mod 3\ bproperties asm2 - by (smt (verit, best) Euclidean_Division.pos_mod_bound Euclidean_Division.pos_mod_sign + by (smt (verit, best) Euclidean_Rings.pos_mod_bound Euclidean_Rings.pos_mod_sign int_ops(1) mod_diff_eq mod_pos_pos_trivial of_nat_eq_iff) - have case2_1:"[0 = b2n+0] (mod 3)" using \b2n mod 3 = 0\ + have case2_1:"[0 = b2n+0] (mod 3)" using \b2n mod 3 = 0\ by (metis mod_0 nat_arith.rule0 unique_euclidean_semiring_class.cong_def) have case2_2:"[1 = b1n+0] (mod 3)" using \b1n mod 3 = 1\ by (simp add: unique_euclidean_semiring_class.cong_def) have case2_3:"[2 = b1n+1] (mod 3)" using \b1n mod 3 = 1\ by (metis case2_2 cong_add_rcancel_nat nat_1_add_1 nat_arith.rule0) have "\N::nat. N mod 3 = 0 \ N mod 3 \ 1" by linarith hence "\N::nat. N mod 3 = 0 \ N mod 3 = 1 \ N mod 3 = 2" by linarith hence "\N. \b r::nat. [N = b+r] (mod 3) \ (b = b1n \ b = b2n) \ (r = 0 \ r = 1)" if asm2:"b1 mod 3 = 1" using case2_1 case2_2 case2_3 by (metis cong_mod_left) thus ?thesis using asm2 by auto qed - have case3:"\b r::nat. [N = b+r] (mod 3) \ (b = b1n \ b = b2n) \ (r = 0 \ r = 1)" + have case3:"\b r::nat. [N = b+r] (mod 3) \ (b = b1n \ b = b2n) \ (r = 0 \ r = 1)" if asm3:"b1 mod 3 = 2" proof - have "b1n mod 3 = 2" using asm3 \b1n mod 3 = b1 mod 3\ by simp have "(b1+2) mod 3 = (2+2) mod 3" using asm3 by (metis Groups.add_ac(2) mod_add_right_eq) hence "b2n mod 3 = 1" using \b2n mod 3 = b2 mod 3\ bproperties by simp have case3_1:"[0 = b1n+1] (mod 3)" using \b1n mod 3 = 2\ by (metis One_nat_def add.commute mod_0 mod_add_right_eq mod_self nat_1_add_1 numeral_3_eq_3 plus_1_eq_Suc unique_euclidean_semiring_class.cong_def) have case3_2:"[1 = b2n+0] (mod 3)" using \b2n mod 3 = 1\ by (simp add: unique_euclidean_semiring_class.cong_def) have case3_3:"[2 = b1n+0] (mod 3)" using \b1n mod 3 = 2\ by (simp add: unique_euclidean_semiring_class.cong_def) have "\N::nat. N mod 3 = 0 \ N mod 3 \ 1" by linarith hence "\N::nat. N mod 3 = 0 \ N mod 3 = 1 \ N mod 3 = 2" by linarith hence "\N. \b r::nat. [N = b+r] (mod 3) \ (b = b1n \ b = b2n) \ (r = 0 \ r = 1)" if asm3:"b1 mod 3 = 2" using case3_1 case3_2 case3_3 by (metis cong_mod_left) thus ?thesis using asm3 by auto qed have "b1 mod 3 = 0 \ b1 mod 3 = 1 \ b1 mod 3 = 2" by auto thus ?thesis using case1 case2 case3 by auto qed - obtain b r where b_r:"[N = b+r] (mod 3) \ (b = b1n \ b = b2n) \ (r = 0 \ r = 1)" + obtain b r where b_r:"[N = b+r] (mod 3) \ (b = b1n \ b = b2n) \ (r = 0 \ r = 1)" using b_and_r by auto have bpos:"b\1" using b1pos b2pos b_r b1n_def b2n_def by auto - have bodd:"odd b" + have bodd:"odd b" using b_r bproperties by (metis b1n_def b2n_def b2odd bpos even_nat_iff nat_eq_iff2 rel_simps(45)) define a where a_def:"a = b+2*(N-b-r) div 3" have "int b1n = b1" using b1n_def b1pos by linarith have "int b2n = b2" using b2n_def b2pos by linarith have m_div_num:"3 dvd (N-b-r)" using b_r by (metis cong_altdef_nat diff_diff_left diff_is_0_eq' dvd_0_right nat_le_linear) hence a_def1:"a = b+2*(N-b-r)/3" using a_def m_div_num real_of_nat_div by auto from \N>c4\ have "N>b" using b_r bproperties b1n_def b2n_def by (smt (verit, del_insts) \int b1n = b1\ \int b2n = b2\ c2_def c3_def c4_def empty_iff insert_iff insert_subset of_nat_less_imp_less) hence "(N-b-r)/3 = (N-r)/3 - b/3" using \b < N\ b_r by force hence "a = b- b*2/3+2*(N-r)/3" using a_def1 by linarith hence a_def3:"a = b*(1-2/3) + 2*(N-r)/3" by simp have size1:"b*(1-2/3)>0" using bpos by simp have "N-r>0" using b_r assms by auto hence size2:"2*(N-r)/3>0" using assms(1) by simp - have apos:"a\1" using size1 size2 a_def3 by simp + have apos:"a\1" using size1 size2 a_def3 by simp have "odd (b+2*(N-b-r) div 3)" using m_div_num b_r b2odd bproperties by (simp add: bodd mult_2) hence aodd:"odd a" using a_def by simp from a_def1 have "a-b = 2*(N-b-r)/3" by simp hence "(a-b)/2 = (N-b-r)/3" by simp hence "3*(a-b)/2 = N-b-r" by simp have "N-b-r\0" using b_r by simp hence N_expr:"N = r+b+3*(a-b)/2" using \N-b-r\0\ \b < N\ b_r \real (3 * (a - b)) / 2 = real (N - b - r)\ by linarith from a_def \N-b-r\0\ have "a\b" using a_def le_add1 by blast have "b1 \ c1" using bproperties c2_def c3_def c4_def by force hence "b1 \ 1/2 + sqrt (6*N/3 - 3)" using c1_def using ceiling_le_iff by blast hence b1ngreater:"b1n \ 1/2 + sqrt (6*N/3 - 3)" using b1n_def by simp hence b2ngreater:"b2n \ 1/2 + sqrt (6*N/3 - 3)" using bproperties b1n_def b2n_def by linarith hence b_ineq1:"b \ 1/2 + sqrt (6*N/3 - 3)" using b_r b1ngreater by auto have "b2 \ c4" using bproperties c1_def c2_def c3_def c4_def by fastforce hence "b2 \ (2/3 + sqrt (8*N/3 - 8))" using \real_of_int c4 < 2 / 3 + sqrt (real (8 * N) / 3 - 8)\ by linarith hence b2nsmaller:"b2n \ (2/3 + sqrt (8*N/3 - 8))" using b2n_def by (metis \int b2n = b2\ of_int_of_nat_eq) hence "b1n \ (2/3 + sqrt (8*N/3 - 8))" using b1n_def bproperties using \int b2n = b2\ by linarith hence b_ineq2:"b\(2/3 + sqrt (8*N/3 - 8))" using b_r b2nsmaller by auto - + define Nr where "Nr = real_of_nat N" define ar where "ar = real_of_int a" define br where "br = real_of_int b" define rr where "rr = real_of_nat r" define m where "m = real_of_nat 3" from assms have "N\2*m" using m_def by simp then have "Nr \ 2*m" using Nr_def \N \ 2 * m\ by auto moreover have "br\0" using br_def bpos by auto moreover have "ar\0" using ar_def apos by auto moreover have "rr\0" using rr_def b_r by auto moreover have "m\3" using m_def by auto moreover have "m>rr" using m_def rr_def b_r by auto moreover have "Nr = m*(ar-br)/2+br+rr" using Nr_def ar_def br_def N_expr rr_def m_def \a\b\ by auto moreover have "1/2+sqrt(6*Nr/m-3)\br \ br\2/3+sqrt(8*Nr/m-8)" using Nr_def br_def b_ineq1 b_ineq2 m_def by auto ultimately have "br^2<4*ar \ 3*ar 3*(real_of_int a) < (real_of_int b)^2 + 2*(real_of_int b) + 4" + hence real_ineq:"(real_of_int b)^2 < 4*(real_of_int a) \ 3*(real_of_int a) < (real_of_int b)^2 + 2*(real_of_int b) + 4" using br_def ar_def by auto - hence nat_ineq1: "b^2<4*a" using br_def by (smt (verit, del_insts) Num.of_nat_simps(4) + hence nat_ineq1: "b^2<4*a" using br_def by (smt (verit, del_insts) Num.of_nat_simps(4) mult.commute mult_2_right nat_distrib(1) numeral_Bit0 of_int_of_nat_eq of_nat_less_of_nat_power_cancel_iff) from real_ineq have nat_ineq2: "3*a 0 \ t \ 0 \ u \ 0 \ v \ 0 \ int a = s^2 + t^2 + u^2 + v^2 \ int b = s+t+u+v" using apos bpos aodd bodd nat_ineq1 nat_ineq2 four_nonneg_int_sum by presburger have a_expr:"a = s^2 + t^2 + u^2 + v^2" using apos stuv by linarith have b_expr:"b = s+t+u+v" using bpos stuv by linarith have "N = r + (s+t+u+v)+ 3*(a-(s+t+u+v))/2" using b_expr N_expr by (metis Num.of_nat_simps(4) Num.of_nat_simps(5) \b \ a\ of_int_of_nat_eq of_nat_diff of_nat_numeral) hence "N = 3/2*(s^2-s+t^2-t+u^2-u+v^2-v)+r+(s+t+u+v)" using a_expr by simp hence N_expr2:"N = 3/2*(s^2-s)+ 3/2*(t^2-t)+ 3/2*(u^2-u)+ 3/2*(v^2-v)+ r+(s+t+u+v)" by (metis (no_types, opaque_lifting) add_diff_eq nat_distrib(2) of_int_add) have s_div2:"3/2*(s^2-s) = 3*(s^2-s) div 2" using real_of_int_div by auto have t_div2:"3/2*(t^2-t) = 3*(t^2-t) div 2" using real_of_int_div by auto have u_div2:"3/2*(u^2-u) = 3*(u^2-u) div 2" using real_of_int_div by auto have v_div2:"3/2*(v^2-v) = 3*(v^2-v) div 2" using real_of_int_div by auto have N_expr3:"N = (3*(s^2-s) div 2+s)+(3*(t^2-t) div 2+t)+(3*(u^2-u) div 2+u)+(3*(v^2-v) div 2+v)+r" using N_expr2 s_div2 t_div2 u_div2 v_div2 by simp define sn where "sn = nat s" define tn where "tn = nat t" define un where "un = nat u" define vn where "vn = nat v" - have seqsn:"s^2-s = sn^2 - sn" using stuv sn_def + have seqsn:"s^2-s = sn^2 - sn" using stuv sn_def by (metis int_nat_eq le_refl of_nat_diff of_nat_power power2_nat_le_imp_le) have teqtn:"t^2-t = tn^2 - tn" using stuv tn_def by (metis int_nat_eq le_refl of_nat_diff of_nat_power power2_nat_le_imp_le) - have uequn:"u^2-u = un^2 - un" using stuv un_def + have uequn:"u^2-u = un^2 - un" using stuv un_def by (metis int_nat_eq le_refl of_nat_diff of_nat_power power2_nat_le_imp_le) - have veqvn:"v^2-v = vn^2 - vn" using stuv vn_def + have veqvn:"v^2-v = vn^2 - vn" using stuv vn_def by (metis int_nat_eq le_refl of_nat_diff of_nat_power power2_nat_le_imp_le) - from N_expr3 have + from N_expr3 have "N = (3*(sn^2-sn) div 2+s)+(3*(tn^2-tn) div 2+t)+(3*(un^2-un) div 2+u)+(3*(vn^2-vn) div 2+ v)+r" using seqsn teqtn uequn veqvn by (metis (mono_tags, lifting) Num.of_nat_simps(5) of_nat_numeral zdiv_int) - hence "N = (3*(sn^2-sn) div 2+sn)+(3*(tn^2-tn) div 2+tn)+(3*(un^2-un) div 2+un)+(3*(vn^2-vn) div 2+ v)+r" + hence "N = (3*(sn^2-sn) div 2+sn)+(3*(tn^2-tn) div 2+tn)+(3*(un^2-un) div 2+un)+(3*(vn^2-vn) div 2+ v)+r" using sn_def tn_def un_def stuv int_nat_eq int_ops(5) by presburger hence "N = (3*(sn^2-sn) div 2+sn)+(3*(tn^2-tn) div 2+tn)+(3*(un^2-un) div 2+un)+(3*(vn^2-vn) div 2+ vn)+r" using vn_def stuv by (smt (verit, del_insts) Num.of_nat_simps(4) int_nat_eq of_nat_eq_iff) hence "N = (3* sn*(sn-1) div 2+sn)+(3*tn*(tn-1) div 2+tn)+(3*un*(un-1) div 2+un)+(3* vn*(vn-1) div 2+ vn)+r" by (smt (verit, ccfv_threshold) more_arith_simps(11) mult.right_neutral power2_eq_square right_diff_distrib') hence N_expr4:"N = polygonal_number 3 sn + polygonal_number 3 tn + polygonal_number 3 un + polygonal_number 3 vn +r" using Polygonal_Number_Theorem_Gauss.polygonal_number_def by presburger define p1 where "p1 = polygonal_number 3 sn" define p2 where "p2 = polygonal_number 3 tn" define p3 where "p3 = polygonal_number 3 un" define p4 where "p4 = polygonal_number 3 vn" have N_expr5:"N = p1 + p2 + p3 + p4 + r" using N_expr4 p1_def p2_def p3_def p4_def by auto thus ?thesis using p1_def p2_def p3_def p4_def b_r by blast qed end \ No newline at end of file diff --git a/thys/Polygonal_Number_Theorem/Polygonal_Number_Theorem_Legendre.thy b/thys/Polygonal_Number_Theorem/Polygonal_Number_Theorem_Legendre.thy --- a/thys/Polygonal_Number_Theorem/Polygonal_Number_Theorem_Legendre.thy +++ b/thys/Polygonal_Number_Theorem/Polygonal_Number_Theorem_Legendre.thy @@ -1,613 +1,613 @@ subsection \ Legendre's Polygonal Number Theorem \ -text\We will use the definition of the polygonal numbers from the Gauss Theorem theory file +text\We will use the definition of the polygonal numbers from the Gauss Theorem theory file which also imports the Three Squares Theorem AFP entry \cite{Three_Squares-AFP}.\ theory Polygonal_Number_Theorem_Legendre imports Polygonal_Number_Theorem_Gauss begin text \This lemma shows that under certain conditions, an integer $N$ can be written as the sum of four polygonal numbers.\ lemma sum_of_four_polygonal_numbers: fixes N m :: nat fixes b :: int assumes "m \ 3" assumes "N \ 2*m" assumes "[N = b] (mod m)" assumes odd_b: "odd b" assumes "b \ {1/2 + sqrt (6*N/m - 3) .. 2/3 + sqrt (8*N/m - 8)}" assumes "N \ 9" shows "\k1 k2 k3 k4. N = polygonal_number m k1 + polygonal_number m k2 + polygonal_number m k3 + polygonal_number m k4" proof - define I where "I = {1/2 + sqrt (6*N/m - 3) .. 2/3 + sqrt (8*N/m - 8)}" from assms(5) I_def have "b \ I" by auto define a::int where a_def: "a = 2*(N-b) div m + b" have "m dvd (N-b)" using assms(3) by (smt (verit, ccfv_threshold) cong_iff_dvd_diff zdvd_zdiffD) hence "even (2*(N-b) div m)" by (metis div_mult_swap dvd_triv_left) - hence "odd a" using a_def assms(3) odd_b by auto + hence "odd a" using a_def assms(3) odd_b by auto from assms(1) have "m^3 \ m" by (simp add: power3_eq_cube) hence "N \ 2 * m" using assms(1,2) by simp from assms(1) have m_pos: "m > 0" by auto have "N \ b" proof - from assms(1) have "m \ 1" by auto hence "1/m \ 1" using m_pos by auto moreover have "N > 0" using \N \ 2 * m\ m_pos by auto ultimately have "N/m \ N" using divide_less_eq_1 less_eq_real_def by fastforce hence "sqrt(8*N/m - 8) \ sqrt(8*(N-1))" by auto from assms(1) have "m^3 \ 3*3*(3::real)" by (metis numeral_le_real_of_nat_iff numeral_times_numeral power3_eq_cube power_mono zero_le_numeral) from \N \ 9\ have "N-1 \ 8" by auto hence "(N-1)^2 \ 8*(N-1)" using \N > 0\ by (simp add: power2_eq_square) hence "(N-1) \ sqrt (8*(N-1))" using \N > 0\ by (metis of_nat_0_le_iff of_nat_mono of_nat_power real_sqrt_le_mono real_sqrt_pow2 real_sqrt_power) hence "N - (1::real) - sqrt(8*N/m - 8) \ 0" using \sqrt (real (8 * N) / real m - 8) \ sqrt (real (8 * (N - 1)))\ \9 \ N\ by linarith hence expr_pos: "N - (2/3::real) - sqrt(8*N/m - 8) \ 0" by auto have "b \ 2/3 + sqrt(8*N/m - 8)" using \b \ I\ I_def by auto hence "N - b \ N - (2/3 + sqrt(8*N/m-8))" by auto hence "N - b \ 0" using expr_pos of_int_0_le_iff by auto thus ?thesis by auto qed from \N \ 2 * m\ m_pos have "6*N/m - 3 \ 0" by (simp add: mult_imp_le_div_pos) hence "1/2 + sqrt (6*N/m - 3) > 0" - by (smt (verit, del_insts) divide_le_0_1_iff real_sqrt_ge_zero) + by (smt (verit, del_insts) divide_le_0_1_iff real_sqrt_ge_zero) with \b \ I\ assms(3) I_def have "b \ 1" by auto hence b_pos: "b \ 0" by auto from \b \ I\ have b_in_I: "(1/2::real) + sqrt (6* real N / real m - 3) \ b \ b \ (2/3::real) + sqrt (8 * real N/real m - 8)" unfolding I_def by auto from b_pos \N \ b\ a_def have a_pos: "a \ 0" by (smt (verit) m_pos of_nat_0_less_iff pos_imp_zdiv_neg_iff) hence "a \ 1" by (smt (verit) \odd a\ dvd_0_right) have "a - b = 2*(N-b) div m" using a_def by auto from \int m dvd (int N - b)\ have "m dvd 2*(N-b)" by fastforce have "a = 2*(N-b)/m + b" using a_def m_pos using \int m dvd 2 * (int N - b)\ by fastforce hence "a = 2*N/m - 2*b/m + b" by (simp add: assms diff_divide_distrib of_nat_diff) hence "(2::real)*N/m = a + 2*b/m - b" by auto hence "(2::real)*N = (a + 2*b/m - b)*m" using m_pos by (simp add: divide_eq_eq) hence "(2::real)*N = m*(a-b) + 2*b" using \int m dvd 2 * (int N - b)\ a_def by auto hence "N = m*(a-b)/2 + b" by auto hence N_expr: "real N = real m * (of_int a - of_int b) / 2 + of_int b" by auto have "even (a-b)" using \odd a\ \odd b\ by auto hence "2 dvd m*(a-b)" by auto hence N_expr2: "N = m*(a-b) div 2 + b" using \N = m*(a-b)/2 + b\ by linarith define Nr where "Nr = real_of_nat N" define mr where "mr = real m" define ar where "ar = real_of_int a" define br where "br = real_of_int b" from assms(1) have "mr \ 3" using mr_def by auto moreover have "Nr \ 2*mr" using Nr_def mr_def \N \ 2 * m\ by auto moreover have "br \ 0" using br_def b_pos by auto moreover have "mr > 0" using mr_def m_pos by auto moreover have "ar \ 0" using ar_def \a \ 0\ by auto moreover have "Nr = mr*(ar-br)/2 + br" using Nr_def mr_def ar_def br_def N_expr by auto moreover have "1/2 + sqrt (6*Nr/mr-3) \ br \ br \ 2/3 + sqrt (8*Nr/mr-8)" using Nr_def mr_def br_def b_in_I by auto ultimately have "br^2 < 4*ar \ 3*ar < br^2+2*br+4" using Cauchy_lemma_r_eq_zero by auto - hence real_ineq:"(real_of_int b)^2 < 4*(real_of_int a) \ 3*(real_of_int a) < (real_of_int b)^2 + 2*(real_of_int b) + 4" + hence real_ineq:"(real_of_int b)^2 < 4*(real_of_int a) \ 3*(real_of_int a) < (real_of_int b)^2 + 2*(real_of_int b) + 4" using br_def ar_def by auto hence int_ineq1: "b^2<4*a" using of_int_less_iff by fastforce from real_ineq have int_ineq2: "3*a < b^2+2*b+4" using of_int_less_iff by fastforce define an:: nat where "an = nat a" from a_pos have "an = a" unfolding an_def by auto define bn:: nat where "bn = nat b" from b_pos have "bn = b" unfolding bn_def by auto have "an \ 1" using \int an = a\ \a \ 1\ by auto moreover have "bn \ 1" using \int bn = b\ \b \ 1\ by auto moreover have "odd an" using \odd a\ \int an = a\ by auto moreover have "odd bn" using \odd b\ \int bn = b\ by auto moreover have "bn ^ 2 < 4 * an" using int_ineq1 \int an = a\ \int bn = b\ using of_nat_less_iff by fastforce moreover have "3 * an < bn ^ 2 + 2 * bn + 4" using int_ineq2 \int an = a\ \int bn = b\ using of_nat_less_iff by fastforce ultimately have "\s t u v :: int. s \ 0 \ t \ 0 \ u \ 0 \ v \ 0 \ an = s^2 + t^2 + u^2 + v^2 \ bn = s+t+u+v" using four_nonneg_int_sum by auto hence "\s t u v :: int. s \ 0 \ t \ 0 \ u \ 0 \ v \ 0 \ a = s^2 + t^2 + u^2 + v^2 \ b = s+t+u+v" using \int an = a\ \int bn = b\ by auto then obtain s t u v :: int where stuv: "s \ 0 \ t \ 0 \ u \ 0 \ v \ 0 \ a = s^2 + t^2 + u^2 + v^2 \ b = s+t+u+v" by auto hence "N = (m*(s^2+t^2+u^2+v^2-s-t-u-v) div 2) + s+t+u+v" using N_expr2 by (smt (verit, ccfv_threshold)) hence "N = (m*(s^2-s+t^2-t+u^2-u+v^2-v) div 2) + s+t+u+v" by (smt (verit, ccfv_SIG)) hence "N = (m * (s * (s-1) + t * (t-1) + u * (u-1) + v * (v-1)) div 2) +s+t+u+v" by (simp add: power2_eq_square algebra_simps) hence previous_step: "N = (m * s * (s-1) + m * t * (t-1) + m * u * (u-1) + m * v * (v-1)) div 2 + s+t+u+v" by (simp add: algebra_simps) moreover have "2 dvd m * s * (s-1)" by simp moreover have "2 dvd m * t * (t-1)" by simp moreover have "2 dvd m * u * (u-1)" by simp moreover have "2 dvd m * v * (v-1)" by simp ultimately have "N = m * s * (s-1) div 2 + m * t * (t-1) div 2 + m * u * (u-1) div 2 + m * v *(v-1) div 2 + s+t+u+v" by fastforce hence N_expr3: "N = m * s * (s-1) div 2 + s + m * t * (t-1) div 2 + t + m * u * (u-1) div 2 + u + m * v * (v-1) div 2 + v" by auto define sn::nat where "sn = nat s" define tn::nat where "tn = nat t" define un::nat where "un = nat u" define vn::nat where "vn = nat v" have "sn = s" using stuv sn_def by auto hence "m * sn * (sn-1) = m * s * (s-1)" by fastforce hence "m * sn * (sn-1) div 2 = m * s * (s-1) div 2" by linarith have "tn = t" using stuv tn_def by auto hence "m * tn * (tn-1) = m * t * (t-1)" by fastforce hence "m * tn * (tn-1) div 2 = m * t * (t-1) div 2" by linarith have "un = u" using stuv un_def by auto hence "m * un * (un-1) = m * u * (u-1)" by fastforce hence "m * un * (un-1) div 2 = m * u * (u-1) div 2" by linarith have "vn = v" using stuv vn_def by auto hence "m * vn * (vn-1) = m * v * (v-1)" by fastforce hence "m * vn * (vn-1) div 2 = m * v * (v-1) div 2" by linarith have "N = m * sn * (sn-1) div 2 + sn + m * tn * (tn-1) div 2 + tn + m * un * (un-1) div 2 + un + m * vn * (vn-1) div 2 + vn" using N_expr3 \sn = s\ \tn = t\ \un = u\ \vn = v\ \m * sn * (sn-1) div 2 = m * s * (s-1) div 2\ \m * tn * (tn-1) div 2 = m * t * (t-1) div 2\ \m * un * (un-1) div 2 = m * u * (u-1) div 2\ \m * vn * (vn-1) div 2 = m * v * (v-1) div 2\ by linarith hence "N = polygonal_number m sn + polygonal_number m tn + polygonal_number m un + polygonal_number m vn" using Polygonal_Number_Theorem_Gauss.polygonal_number_def by presburger thus ?thesis by blast qed text \We show Legendre's polygonal number theorem which corresponds to Theorem 1.10 in \cite{nathanson1996}.\ theorem Legendre_Polygonal_Number_Theorem: fixes m N :: nat assumes "m \ 3" assumes "N \ 28*m^3" shows "odd m \ \k1 k2 k3 k4::nat. N = polygonal_number m k1 + polygonal_number m k2 + polygonal_number m k3 + polygonal_number m k4" and "even m \ \k1 k2 k3 k4 k5::nat. N = polygonal_number m k1 + polygonal_number m k2 + polygonal_number m k3 + polygonal_number m k4 + polygonal_number m k5 \ (k1 = 0 \ k1 = 1 \ k2 = 0 \ k2 = 1 \ k3 = 0 \ k3 = 1 \ k4 = 0 \ k4 = 1 \ k5 = 0 \ k5 = 1)" proof - define L :: real where "L = (2/3 + sqrt (8*N/m - 8)) - (1/2 + sqrt (6*N/m - 3))" define I where "I = {1/2 + sqrt (6*N/m - 3) .. 2/3 + sqrt (8*N/m - 8)}" from assms(1) have "m^3 \ m" by (simp add: power3_eq_cube) hence "N \ 2 * m" using assms by simp have m_pos: "m > 0" using assms(1) by simp have "L > 2 * of_nat m" using assms \N \ 2 * m\ m_pos L_def apply - apply (rule interval_length_greater_than_2m[where N="of_nat N" and m="of_nat m"]) apply (simp_all) by (metis (no_types, opaque_lifting) of_nat_le_iff of_nat_mult of_nat_numeral power3_eq_cube) hence 2: "L > 2 * m" by simp show thm_odd_m: "odd m \ \k1 k2 k3 k4. N = polygonal_number m k1 + polygonal_number m k2 + polygonal_number m k3 + polygonal_number m k4" proof - assume odd_m: "odd m" from assms(1) have "m > 0" by auto define ce where "ce = \1/2 + sqrt (6*N/m - 3)\" have "\ i\{0..2*m-1}. ce + i \ ce" by auto hence lower_bound: "\ i\{0..2*m-1}. ce + i \ 1/2 + sqrt (6*N/m - 3)" using ceiling_le_iff ce_def by blast have "2*m-1 + ce \ 2/3 + sqrt (8*N/m - 8)" using 2 L_def assms(1) ce_def by linarith hence upper_bound: "\ i\{0..2*m-1}. ce + i \ 2/3 + sqrt (8*N/m - 8)" by auto from lower_bound upper_bound have in_interval: "\ i\{0..2*m-1}. ce + i \ I" unfolding ce_def I_def by auto have "\ f::nat \ int. (\ i\{0..m-1}. odd (f i)) \ (\ i\{1..m-1}. f i = f 0 + 2*i) \ (\ i\{0..m-1}. f i \ I)" proof - have ?thesis if odd_f0: "odd ce" proof - define g::"nat \ int" where "g i = ce + 2*i" have "odd (g 0)" using odd_f0 \g \ \i. ce + int (2 * i)\ by auto hence "\ i\{0..m-1}. odd (g i)" using \g \ \i. ce + int (2 * i)\ by auto have "\ i\{1..m-1}. g i = g 0 + 2*i" using \g \ \i. ce + int (2 * i)\ by auto have "\ i\{0..m-1}. 2*i < 2*m-1" using m_pos by auto hence "\ i\{0..m-1}. g i \ I" using \g \ \i. ce + int (2 * i)\ in_interval by fastforce show ?thesis using \\i\{0..m - 1}. odd (g i)\ \\i\{0..m - 1}. real_of_int (g i) \ I\ \\i\{1..m - 1}. g i = g 0 + int(2 * i)\ by blast qed moreover have ?thesis if "even ce" proof - from \even ce\ have odd_f1: "odd (ce + 1)" by auto define g::"nat \ int" where "g i = ce + (2*i + 1)" have "odd (g 0)" using odd_f1 \g \ \i. ce + int (2 * i + 1)\ by auto hence "\ i\{0..m-1}. odd (g i)" using \g \ \i. ce + int (2 * i + 1)\ by auto have "\ i\{1..m-1}. g i = g 0 + 2*i" using \g \ \i. ce + int (2 * i + 1)\ by auto have "\ i\{0..m-1}. 2*i + 1 \ 2*m-1" using m_pos by auto hence "\ i\{0..m-1}. g i \ I" using \g \ \i. ce + int (2 * i + 1)\ in_interval by fastforce show ?thesis using \\i\{0..m - 1}. odd (g i)\ \\i\{0..m - 1}. real_of_int (g i) \ I\ \\i\{1..m - 1}. g i = g 0 + int(2 *i)\ by blast qed ultimately show ?thesis by blast qed then obtain f::"nat \ int" where f_def: "(\ i\{0..m-1}. odd (f i)) \ (\ i\{1..m-1}. f i = f 0 + 2*i) \ (\ i\{0..m-1}. f i \ I)" by auto - + have inj_lemma: "\i \ {0..m-1}; j \ {0..m-1}; [f i = f j] (mod m)\ \ i = j" for i j proof - assume asm1: "i \ {0..m-1}" assume asm2: "j \ {0..m-1}" assume asm3: "[f i = f j] (mod m)" from f_def have "odd (f 0)" by auto hence "\ k::int. f 0 = 2*k + 1" by (metis oddE) then obtain k::int where k_def: "f 0 = 2*k + 1" by auto have False if case2: "i = 0 \ j > 0" proof - have "f j = f 0 + 2*j" using f_def case2 asm2 by auto hence "[2*k + 1 = 2*k + 1 + 2*j] (mod m)" using asm3 case2 k_def by auto hence "[2*j = 0] (mod m)" by (metis cong_add_lcancel_0 cong_int_iff cong_sym_eq int_ops(1)) have "coprime 2 m" using odd_m by simp hence "[j = 0] (mod m)" using \[2*j = 0] (mod m)\ by (simp add: cong_0_iff coprime_dvd_mult_right_iff) thus False using asm2 case2 cong_less_modulus_unique_nat by fastforce qed moreover have False if case3: "i > 0 \ j = 0" proof - have "f i = f 0 + 2*i" using f_def case3 asm1 by auto hence "[2*k + 1 + 2*i = 2*k + 1] (mod m)" using asm3 case3 k_def by auto hence "[2*i = 0] (mod m)" by (metis cong_add_lcancel_0 cong_int_iff cong_sym_eq int_ops(1)) have "coprime 2 m" using odd_m by simp hence "[i = 0] (mod m)" using \[2*i = 0] (mod m)\ by (simp add: cong_0_iff coprime_dvd_mult_right_iff) thus False using asm1 case3 cong_less_modulus_unique_nat by fastforce qed moreover have ?thesis if case4: "i > 0 \ j > 0" proof - have "i > 0" and "j > 0" using case4 by auto have "f i = f 0 + 2*i" using f_def case4 asm1 by auto moreover have "f j = f 0 + 2*j" using f_def case4 asm2 by auto ultimately have "[2*k + 1 + 2*i = 2*k + 1 + 2*j] (mod m)" using case4 k_def asm3 by fastforce hence "[2*i = 2*j] (mod m)" using cong_add_lcancel cong_int_iff by blast have "coprime 2 m" using odd_m by simp hence "[i = j] (mod m)" using \[2 * i = 2 * j] (mod m)\ cong_mult_lcancel_nat by auto thus ?thesis using asm1 asm2 case4 cong_less_modulus_unique_nat by auto qed ultimately show ?thesis by fastforce qed have complete_cong_class: "\i \ {0..m-1}. [f i = S] (mod m)" for S proof - have "(f i) mod m = (f j) mod m \ [f i = f j] (mod m)" for i j by (simp add: unique_euclidean_semiring_class.cong_def) hence inj2: "\i \ {0..m-1}; j \ {0..m-1}; (f i) mod m = (f j) mod m\ \ i = j" for i j using inj_lemma by auto hence injective: "\i \ {0..m-1}. \j \ {0..m-1}. (f i) mod m = (f j) mod m \ i = j" by auto define g :: "nat \ int" where "g i = (f i) mod m" then have g_inj2: "\i \ {0..m-1}. \ j \ {0..m-1}. g i = g j \ i = j" using \g \ \i. f i mod int m\ injective by fastforce then have g_inj: "inj_on g {0..m-1}" by (meson inj_onI) have g_range2: "\ i \ {0..m-1}. g i \ {0..m-1}" using \g \ \i. f i mod int m\ - by (metis m_pos Euclidean_Division.pos_mod_bound Euclidean_Division.pos_mod_sign atLeastAtMost_iff mod_by_1 mod_if not_gr0 of_nat_0_less_iff of_nat_1 of_nat_diff verit_comp_simplify1(3) zle_diff1_eq) + by (metis m_pos Euclidean_Rings.pos_mod_bound Euclidean_Rings.pos_mod_sign atLeastAtMost_iff mod_by_1 mod_if not_gr0 of_nat_0_less_iff of_nat_1 of_nat_diff verit_comp_simplify1(3) zle_diff1_eq) hence image_subset: "g ` {0..m-1} \ {0..m-1}" by blast have g_range: "i \ {0..m-1} \ g i \ {0..m-1}" using \g \ \i. f i mod int m\ - by (metis m_pos Euclidean_Division.pos_mod_bound Euclidean_Division.pos_mod_sign atLeastAtMost_iff mod_by_1 mod_if not_gr0 of_nat_0_less_iff of_nat_1 of_nat_diff verit_comp_simplify1(3) zle_diff1_eq) + by (metis m_pos Euclidean_Rings.pos_mod_bound Euclidean_Rings.pos_mod_sign atLeastAtMost_iff mod_by_1 mod_if not_gr0 of_nat_0_less_iff of_nat_1 of_nat_diff verit_comp_simplify1(3) zle_diff1_eq) have card_ge_m: "card (g ` {0..m-1}) \ m" using g_inj by (metis m_pos Suc_diff_1 card_atLeastAtMost card_image minus_nat.diff_0 verit_comp_simplify1(2)) have "card {0..m-1} = m" using m_pos by force hence card_le_m: "card (g ` {0..m-1}) \ m" using m_pos by (metis card_image g_inj le_refl) from card_ge_m card_le_m have image_size: "card (g ` {0..m-1}) = m" by auto with \card {0..m-1} = m\ have equal_card: "card (g ` {0..m-1}) = card {0..m-1}" by auto have "finite (g ` {0..m-1})" using image_size by auto with equal_card image_subset have "g ` {0..m-1} = {0..m-1}" by (metis card_image card_subset_eq finite_atLeastAtMost_int image_int_atLeastAtMost inj_on_of_nat of_nat_0) hence "i \ {0..m-1} \ \ j \ {0..m-1}. i = g j" for i by auto hence "i \ {0..m-1} \ \ j \ {0..m-1}. i = (f j) mod m" for i - using \g \ \i. f i mod int m\ by auto + using \g \ \i. f i mod int m\ by auto hence surj: "i \ {0..m-1} \ \ j \ {0..m-1}. [i = f j] (mod m)" for i by (metis mod_mod_trivial unique_euclidean_semiring_class.cong_def) have "S mod m \ 0" using m_pos by simp moreover have "S mod m \ m-1" using m_pos by (simp add: of_nat_diff) ultimately have "S mod m \ {0..m-1}" by auto with surj m_pos have "\ j \ {0..m-1}. [S mod m = f j] (mod m)" by (metis atLeastAtMost_iff less_eq_nat.simps(1) nonneg_int_cases of_nat_less_iff verit_comp_simplify(3)) thus ?thesis using cong_mod_right cong_sym by blast qed have "\ b::int. [N = b] (mod m) \ odd b \ b \ I" proof - have "N mod m \ 0" by auto moreover have "N mod m \ m-1" using m_pos less_Suc_eq_le by fastforce ultimately have "N mod m \ {0..m-1}" by auto with complete_cong_class have "\ i. i \ {0..m-1} \ [f i = N] (mod m)" by blast then obtain c::nat where c_def: "c \ {0..m-1} \ [f c = N] (mod m)" by auto define b::int where "b = f c" have "[N = b] (mod m)" using b_def c_def by (metis cong_sym) moreover have "odd b" using b_def f_def c_def by auto moreover have "b \ I" using b_def f_def c_def by auto ultimately show ?thesis by auto qed then obtain b::int where b_def: "[N = b] (mod m) \ odd b \ b \ I" by auto have "m^3 \ m" using m_pos by (auto simp add: power3_eq_cube) hence "N \ 28*m" using assms(1,2) by linarith hence "N \ 2*m" by simp have "m^3 \ 3*3*(3::nat)" using assms(1) by (metis power3_eq_cube power_mono zero_le_numeral) hence "N \ 28*3*3*(3::nat)" using assms(2) by auto hence "N \ 9" by simp show ?thesis using sum_of_four_polygonal_numbers assms(1) b_def I_def \N \ 2 * m\ \N \ 9\ by blast qed show thm_even_m: "even m \ \k1 k2 k3 k4 k5. N = polygonal_number m k1 + polygonal_number m k2 + polygonal_number m k3 + polygonal_number m k4 + polygonal_number m k5 \ (k1 = 0 \ k1 = 1 \ k2 = 0 \ k2 = 1 \ k3 = 0 \ k3 = 1 \ k4 = 0 \ k4 = 1 \ k5 = 0 \ k5 = 1)" proof - assume even_m: "even m" from assms(1) have "m > 0" by auto define ce where "ce = \1/2 + sqrt (6*N/m - 3)\" have "\ i\{0..m-1}. ce + i \ ce" by auto hence lower_bound: "\ i\{0..m-1}. ce + i \ 1/2 + sqrt (6*N/m - 3)" using ceiling_le_iff ce_def by blast have "m-1 + ce \ 2/3 + sqrt (8*N/m - 8)" using 2 L_def assms(1) ce_def by linarith hence upper_bound: "\ i\{0..m-1}. ce + i \ 2/3 + sqrt (8*N/m - 8)" by auto from lower_bound upper_bound have in_interval: "\ i\{0..m-1}. ce + i \ I" unfolding ce_def I_def by auto have "\ f::nat \ int. (\ i\{1..m-1}. f i = f 0 + i) \ (\ i\{0..m-1}. f i \ I)" proof - define g::"nat \ int" where "g i = ce + i" have "\ i\{1..m-1}. g i = g 0 + i" using \g \ \i. ce + int i\ by auto have "\ i\{0..m-1}. i < m" using m_pos by auto hence "\ i\{0..m-1}. g i \ I" using \g \ \i. ce + int i\ in_interval by fastforce show ?thesis by (metis Num.of_nat_simps(1) \\i\{0..m - 1}. real_of_int (g i) \ I\ \g \ \i. ce + int i\ arith_extra_simps(6)) qed then obtain f::"nat \ int" where f_def: "(\ i\{1..m-1}. f i = f 0 + i) \ (\ i\{0..m-1}. f i \ I)" by auto have inj_lemma: "\i \ {0..m-1}; j \ {0..m-1}; [f i = f j] (mod m)\ \ i = j" for i j proof - assume asm1: "i \ {0..m-1}" assume asm2: "j \ {0..m-1}" assume asm3: "[f i = f j] (mod m)" have False if case2: "i = 0 \ j > 0" proof - have "f j = f 0 + j" using f_def case2 asm2 by auto hence "[f 0 = f 0 + j] (mod m)" using asm3 case2 by auto hence "[j = 0] (mod m)" by (metis cong_add_lcancel_0 cong_int_iff cong_sym_eq int_ops(1)) thus False using asm2 case2 cong_less_modulus_unique_nat by fastforce qed moreover have False if case3: "i > 0 \ j = 0" proof - have "f i = f 0 + i" using f_def case3 asm1 by auto hence "[f 0 + i = f 0] (mod m)" using asm3 case3 by auto hence "[i = 0] (mod m)" by (metis cong_add_lcancel_0 cong_int_iff cong_sym_eq int_ops(1)) thus False using asm1 case3 cong_less_modulus_unique_nat by fastforce qed moreover have ?thesis if case4: "i > 0 \ j > 0" proof - have "i > 0" and "j > 0" using case4 by auto have "f i = f 0 + i" using f_def case4 asm1 by auto moreover have "f j = f 0 + j" using f_def case4 asm2 by auto ultimately have "[f 0 + i = f 0 + j] (mod m)" using case4 asm3 by fastforce hence "[i = j] (mod m)" using cong_add_lcancel cong_int_iff by blast thus ?thesis using asm1 asm2 case4 cong_less_modulus_unique_nat by auto qed ultimately show ?thesis by fastforce qed have complete_cong_class: "\i \ {0..m-1}. [f i = S] (mod m)" for S proof - have "(f i) mod m = (f j) mod m \ [f i = f j] (mod m)" for i j by (simp add: unique_euclidean_semiring_class.cong_def) hence inj2: "\i \ {0..m-1}; j \ {0..m-1}; (f i) mod m = (f j) mod m\ \ i = j" for i j using inj_lemma by auto hence injective: "\i \ {0..m-1}. \j \ {0..m-1}. (f i) mod m = (f j) mod m \ i = j" by auto define g :: "nat \ int" where "g i = (f i) mod m" then have g_inj2: "\i \ {0..m-1}. \ j \ {0..m-1}. g i = g j \ i = j" using \g \ \i. f i mod int m\ injective by fastforce then have g_inj: "inj_on g {0..m-1}" by (meson inj_onI) have g_range2: "\ i \ {0..m-1}. g i \ {0..m-1}" using \g \ \i. f i mod int m\ - by (metis m_pos Euclidean_Division.pos_mod_bound Euclidean_Division.pos_mod_sign atLeastAtMost_iff mod_by_1 mod_if not_gr0 of_nat_0_less_iff of_nat_1 of_nat_diff verit_comp_simplify1(3) zle_diff1_eq) + by (metis m_pos Euclidean_Rings.pos_mod_bound Euclidean_Rings.pos_mod_sign atLeastAtMost_iff mod_by_1 mod_if not_gr0 of_nat_0_less_iff of_nat_1 of_nat_diff verit_comp_simplify1(3) zle_diff1_eq) hence image_subset: "g ` {0..m-1} \ {0..m-1}" by blast have g_range: "i \ {0..m-1} \ g i \ {0..m-1}" using \g \ \i. f i mod int m\ - by (metis m_pos Euclidean_Division.pos_mod_bound Euclidean_Division.pos_mod_sign atLeastAtMost_iff mod_by_1 mod_if not_gr0 of_nat_0_less_iff of_nat_1 of_nat_diff verit_comp_simplify1(3) zle_diff1_eq) + by (metis m_pos Euclidean_Rings.pos_mod_bound Euclidean_Rings.pos_mod_sign atLeastAtMost_iff mod_by_1 mod_if not_gr0 of_nat_0_less_iff of_nat_1 of_nat_diff verit_comp_simplify1(3) zle_diff1_eq) have card_ge_m: "card (g ` {0..m-1}) \ m" using g_inj by (metis m_pos Suc_diff_1 card_atLeastAtMost card_image minus_nat.diff_0 verit_comp_simplify1(2)) have "card {0..m-1} = m" using m_pos by force hence card_le_m: "card (g ` {0..m-1}) \ m" using m_pos by (metis card_image g_inj le_refl) from card_ge_m card_le_m have image_size: "card (g ` {0..m-1}) = m" by auto with \card {0..m-1} = m\ have equal_card: "card (g ` {0..m-1}) = card {0..m-1}" by auto have "finite (g ` {0..m-1})" using image_size by auto with equal_card image_subset have "g ` {0..m-1} = {0..m-1}" by (metis card_image card_subset_eq finite_atLeastAtMost_int image_int_atLeastAtMost inj_on_of_nat of_nat_0) hence "i \ {0..m-1} \ \ j \ {0..m-1}. i = g j" for i by auto hence "i \ {0..m-1} \ \ j \ {0..m-1}. i = (f j) mod m" for i - using \g \ \i. f i mod int m\ by auto + using \g \ \i. f i mod int m\ by auto hence surj: "i \ {0..m-1} \ \ j \ {0..m-1}. [i = f j] (mod m)" for i by (metis mod_mod_trivial unique_euclidean_semiring_class.cong_def) have "S mod m \ 0" using m_pos by simp moreover have "S mod m \ m-1" using m_pos by (simp add: of_nat_diff) ultimately have "S mod m \ {0..m-1}" by auto with surj m_pos have "\ j \ {0..m-1}. [S mod m = f j] (mod m)" by (metis atLeastAtMost_iff less_eq_nat.simps(1) nonneg_int_cases of_nat_less_iff verit_comp_simplify(3)) thus ?thesis using cong_mod_right cong_sym by blast qed have thm_odd_n: ?thesis if "odd N" proof - have "\ b::int. [N = b] (mod m) \ odd b \ b \ I" proof - from complete_cong_class have "\ i. i \ {0..m-1} \ [f i = N] (mod m)" by blast then obtain c::nat where c_def: "c \ {0..m-1} \ [f c = N] (mod m)" by auto define b::int where "b = f c" have "[N = b] (mod m)" using b_def c_def by (metis cong_sym) moreover have "odd b" proof assume "even b" have "\k::int. N = b + k*m" using \[N = b] (mod m)\ by (metis cong_iff_lin cong_sym_eq mult.commute) then obtain k::int where k_def: "N = b + k*m" by auto have "even (k*m)" using even_m by auto hence "even N" using k_def \even b\ by presburger thus False using \odd N\ by blast - qed + qed moreover have "b \ I" using b_def f_def c_def by auto ultimately show ?thesis by auto qed then obtain b::int where b_def: "[N = b] (mod m) \ odd b \ b \ I" by auto have "m^3 \ m" using m_pos by (auto simp add: power3_eq_cube) hence "N \ 28*m" using assms(1,2) by linarith hence "N \ 2*m" by simp have "m^3 \ 3*3*(3::nat)" using assms(1) by (metis power3_eq_cube power_mono zero_le_numeral) hence "N \ 28*3*3*(3::nat)" using assms(2) by auto hence "N \ 9" by simp hence "\k1 k2 k3 k4. N = polygonal_number m k1 + polygonal_number m k2 + polygonal_number m k3 + polygonal_number m k4" using sum_of_four_polygonal_numbers assms(1) b_def I_def \N \ 2 * m\ \N \ 9\ by blast then obtain k1 k2 k3 k4 where "N = polygonal_number m k1 + polygonal_number m k2 + polygonal_number m k3 + polygonal_number m k4" by blast - moreover have "polygonal_number m 0 = 0" using Polygonal_Number_Theorem_Gauss.polygonal_number_def by auto + moreover have "polygonal_number m 0 = 0" using Polygonal_Number_Theorem_Gauss.polygonal_number_def by auto ultimately have "N = polygonal_number m k1 + polygonal_number m k2 + polygonal_number m k3 + polygonal_number m k4 + polygonal_number m 0" by linarith thus ?thesis by blast qed have thm_even_n: ?thesis if "even N" proof - have "\ b::int. [N-1 = b] (mod m) \ odd b \ b \ I" proof - - from complete_cong_class have "\ i. i \ {0..m-1} \ [f i = N-1] (mod m)" by blast + from complete_cong_class have "\ i. i \ {0..m-1} \ [f i = N-1] (mod m)" by blast then obtain c::nat where c_def: "c \ {0..m-1} \ [f c = N-1] (mod m)" by auto define b::int where "b = f c" have "[N-1 = b] (mod m)" using b_def c_def by (metis cong_sym) moreover have "odd b" proof assume "even b" have "\k::int. N-1 = b + k*m" using \[N-1 = b] (mod m)\ by (metis (full_types) cong_iff_lin cong_sym_eq mult.commute) then obtain k::int where k_def: "N-1 = b + k*m" by auto have "even (k*m)" using even_m by auto hence "even (N-1)" using k_def \even b\ by presburger hence "odd N" by (metis Groups.mult_ac(2) \2 * m \ N\ add_eq_self_zero add_leD1 assms(1) dvd_diffD1 le_trans mult_2_right nat_1_add_1 nat_dvd_1_iff_1 rel_simps(25) zero_neq_numeral) thus False using \even N\ by blast qed moreover have "b \ I" using b_def f_def c_def by auto ultimately show ?thesis by auto qed then obtain b::int where b_def: "[N-1 = b] (mod m) \ odd b \ b \ I" by auto from b_def have "b \ I" by auto define a::int where a_def: "a = 2*(N-1-b) div m + b" have "m dvd (N-1-b)" using b_def by (smt (verit, ccfv_threshold) cong_iff_dvd_diff zdvd_zdiffD) hence "even (2*(N-1-b) div m)" by (metis div_mult_swap dvd_triv_left) - hence "odd a" using a_def b_def by auto + hence "odd a" using a_def b_def by auto from assms(1) have "m^3 \ m" by (simp add: power3_eq_cube) hence "N \ 2 * m" using assms(1,2) by simp from assms(1) have m_pos: "m > 0" by auto have "N-1 \ b" proof - from assms(1) have "m \ 1" by auto hence "1/m \ 1" using m_pos by auto moreover have "N > 0" using \N \ 2 * m\ m_pos by auto ultimately have "N/m \ N" using divide_less_eq_1 less_eq_real_def by fastforce hence "sqrt(8*N/m - 8) \ sqrt(8*(N-1))" by auto from assms(1) have "m^3 \ 3*3*(3::real)" by (metis numeral_le_real_of_nat_iff numeral_times_numeral power3_eq_cube power_mono zero_le_numeral) hence "N \ 28*3*3*(3::real)" using assms(2) by linarith hence "N-6 \ 6" by simp - hence "N-6 \ 0" by simp + hence "N-6 \ 0" by simp with \N-6 \ 6\ have "(N-6)^2 \ 6^2" using power2_nat_le_eq_le by blast hence "(N-6)^2 \ 24" by simp hence "(N-2)^2 \ 8*(N-1)" by (simp add: power2_eq_square algebra_simps) hence "(N-2) \ sqrt (8*(N-1))" using \N > 0\ by (metis of_nat_0_le_iff of_nat_mono of_nat_power real_sqrt_le_mono real_sqrt_pow2 real_sqrt_power) hence "N - (2::real) - sqrt(8*N/m - 8) \ 0" using \sqrt (real (8 * N) / real m - 8) \ sqrt (real (8 * (N - 1)))\ \N-6 \ 6\ by linarith hence expr_pos: "N - 1 - (2/3::real) - sqrt(8*N/m - 8) \ 0" by auto have "b \ 2/3 + sqrt(8*N/m - 8)" using \b \ I\ I_def by auto hence "N - 1 - b \ N - 1 - (2/3 + sqrt(8*N/m-8))" by auto hence "N - 1 - b \ 0" using expr_pos of_int_0_le_iff by auto thus ?thesis by auto qed from \N \ 2 * m\ m_pos have "6*N/m - 3 \ 0" by (simp add: mult_imp_le_div_pos) hence "1/2 + sqrt (6*N/m - 3) > 0" - by (smt (verit, del_insts) divide_le_0_1_iff real_sqrt_ge_zero) + by (smt (verit, del_insts) divide_le_0_1_iff real_sqrt_ge_zero) with \b \ I\ b_def I_def have "b \ 1" by auto hence b_pos: "b \ 0" by auto from \b \ I\ have b_in_I: "(1/2::real) + sqrt (6* real N / real m - 3) \ b \ b \ (2/3::real) + sqrt (8 * real N/real m - 8)" unfolding I_def by auto from b_pos \N-1 \ b\ a_def have a_pos: "a \ 0" by (smt (verit) m_pos of_nat_0_less_iff pos_imp_zdiv_neg_iff) hence "a \ 1" by (smt (verit) \odd a\ dvd_0_right) have "a - b = 2*(N-1-b) div m" using a_def by auto from \int m dvd (N - 1 - b)\ have "m dvd 2*(N-1-b)" by fastforce have "a = 2*(N-1-b)/m + b" using a_def m_pos using \int m dvd 2 * (N - 1 - b)\ by fastforce - hence "a = 2*(N-1)/m - 2*b/m + b" + hence "a = 2*(N-1)/m - 2*b/m + b" by (simp add: assms diff_divide_distrib of_nat_diff) hence "(2::real)*(N-1)/m = a + 2*b/m - b" by auto hence "(2::real)*(N-1) = (a + 2*b/m - b)*m" using m_pos by (simp add: divide_eq_eq) hence "(2::real)*(N-1) = m*(a-b) + 2*b" using \int m dvd 2 * (N - 1 - b)\ a_def by auto hence "N-1 = m*(a-b)/2 + b" by auto hence "N = m*(a-b)/2 + b + 1" using \2 * m \ N\ assms(1) by linarith hence N_expr: "N = real m * (of_int a - of_int b) / 2 + of_int b + 1" by auto have "even (a-b)" using \odd a\ b_def by auto hence "2 dvd m*(a-b)" by auto hence N_expr2: "N = m*(a-b) div 2 + b + 1" using \N = m*(a-b)/2 + b + 1\ by linarith define Nr where "Nr = real_of_nat N" define mr where "mr = real m" define ar where "ar = real_of_int a" define br where "br = real_of_int b" from assms(1) have "mr \ 3" using mr_def by auto moreover have "Nr \ 2*mr" using Nr_def mr_def \N \ 2 * m\ by auto moreover have "br \ 0" using br_def b_pos by auto moreover have "mr > 0" using mr_def m_pos by auto moreover have "ar \ 0" using ar_def \a \ 0\ by auto moreover have "Nr = mr*(ar-br)/2 + br + 1" using Nr_def mr_def ar_def br_def N_expr by auto moreover have "1/2 + sqrt (6*Nr/mr-3) \ br \ br \ 2/3 + sqrt (8*Nr/mr-8)" using Nr_def mr_def br_def b_in_I by auto ultimately have "br^2 < 4*ar \ 3*ar < br^2+2*br+4" using Cauchy_lemma by auto - hence real_ineq:"(real_of_int b)^2 < 4*(real_of_int a) \ 3*(real_of_int a) < (real_of_int b)^2 + 2*(real_of_int b) + 4" + hence real_ineq:"(real_of_int b)^2 < 4*(real_of_int a) \ 3*(real_of_int a) < (real_of_int b)^2 + 2*(real_of_int b) + 4" using br_def ar_def by auto hence int_ineq1: "b^2<4*a" using of_int_less_iff by fastforce from real_ineq have int_ineq2: "3*a < b^2+2*b+4" using of_int_less_iff by fastforce - + define an:: nat where "an = nat a" from a_pos have "an = a" unfolding an_def by auto define bn:: nat where "bn = nat b" from b_pos have "bn = b" unfolding bn_def by auto have "an \ 1" using \int an = a\ \a \ 1\ by auto moreover have "bn \ 1" using \int bn = b\ \b \ 1\ by auto moreover have "odd an" using \odd a\ \int an = a\ by auto moreover have "odd bn" using b_def \int bn = b\ by auto moreover have "bn ^ 2 < 4 * an" using int_ineq1 \int an = a\ \int bn = b\ using of_nat_less_iff by fastforce moreover have "3 * an < bn ^ 2 + 2 * bn + 4" using int_ineq2 \int an = a\ \int bn = b\ using of_nat_less_iff by fastforce ultimately have "\s t u v :: int. s \ 0 \ t \ 0 \ u \ 0 \ v \ 0 \ an = s^2 + t^2 + u^2 + v^2 \ bn = s+t+u+v" using four_nonneg_int_sum by auto hence "\s t u v :: int. s \ 0 \ t \ 0 \ u \ 0 \ v \ 0 \ a = s^2 + t^2 + u^2 + v^2 \ b = s+t+u+v" using \int an = a\ \int bn = b\ by auto then obtain s t u v :: int where stuv: "s \ 0 \ t \ 0 \ u \ 0 \ v \ 0 \ a = s^2 + t^2 + u^2 + v^2 \ b = s+t+u+v" by auto hence "N = (m*(s^2+t^2+u^2+v^2-s-t-u-v) div 2) + s+t+u+v + 1" using N_expr2 by (smt (verit, ccfv_threshold)) hence "N = (m*(s^2-s+t^2-t+u^2-u+v^2-v) div 2) + s+t+u+v + 1" by (smt (verit, ccfv_SIG)) hence "N = (m * (s * (s-1) + t * (t-1) + u * (u-1) + v * (v-1)) div 2) +s+t+u+v + 1" by (simp add: power2_eq_square algebra_simps) hence previous_step: "N = (m * s * (s-1) + m * t * (t-1) + m * u * (u-1) + m * v * (v-1)) div 2 + s+t+u+v + 1" by (simp add: algebra_simps) moreover have "2 dvd m * s * (s-1)" by simp moreover have "2 dvd m * t * (t-1)" by simp moreover have "2 dvd m * u * (u-1)" by simp moreover have "2 dvd m * v * (v-1)" by simp ultimately have "N = m * s * (s-1) div 2 + m * t * (t-1) div 2 + m * u * (u-1) div 2 + m * v *(v-1) div 2 + s+t+u+v + 1" by fastforce hence N_expr3: "N = m * s * (s-1) div 2 + s + m * t * (t-1) div 2 + t + m * u * (u-1) div 2 + u + m * v * (v-1) div 2 + v + 1" by auto define sn::nat where "sn = nat s" define tn::nat where "tn = nat t" define un::nat where "un = nat u" define vn::nat where "vn = nat v" have "sn = s" using stuv sn_def by auto hence "m * sn * (sn-1) = m * s * (s-1)" by fastforce hence "m * sn * (sn-1) div 2 = m * s * (s-1) div 2" by linarith have "tn = t" using stuv tn_def by auto hence "m * tn * (tn-1) = m * t * (t-1)" by fastforce hence "m * tn * (tn-1) div 2 = m * t * (t-1) div 2" by linarith have "un = u" using stuv un_def by auto hence "m * un * (un-1) = m * u * (u-1)" by fastforce hence "m * un * (un-1) div 2 = m * u * (u-1) div 2" by linarith have "vn = v" using stuv vn_def by auto hence "m * vn * (vn-1) = m * v * (v-1)" by fastforce hence "m * vn * (vn-1) div 2 = m * v * (v-1) div 2" by linarith have "N = m * sn * (sn-1) div 2 + sn + m * tn * (tn-1) div 2 + tn + m * un * (un-1) div 2 + un + m * vn * (vn-1) div 2 + vn + 1" using N_expr3 \sn = s\ \tn = t\ \un = u\ \vn = v\ \m * sn * (sn-1) div 2 = m * s * (s-1) div 2\ \m * tn * (tn-1) div 2 = m * t * (t-1) div 2\ \m * un * (un-1) div 2 = m * u * (u-1) div 2\ \m * vn * (vn-1) div 2 = m * v * (v-1) div 2\ by linarith hence "N = polygonal_number m sn + polygonal_number m tn + polygonal_number m un + polygonal_number m vn + 1" using Polygonal_Number_Theorem_Gauss.polygonal_number_def by presburger also have "polygonal_number m 1 = 1" using Polygonal_Number_Theorem_Gauss.polygonal_number_def by auto ultimately have "N = polygonal_number m sn + polygonal_number m tn + polygonal_number m un + polygonal_number m vn + polygonal_number m 1" by auto thus ?thesis by blast qed show ?thesis using thm_odd_n thm_even_n by blast qed qed end \ No newline at end of file diff --git a/thys/Polygonal_Number_Theorem/ROOT b/thys/Polygonal_Number_Theorem/ROOT --- a/thys/Polygonal_Number_Theorem/ROOT +++ b/thys/Polygonal_Number_Theorem/ROOT @@ -1,17 +1,14 @@ chapter AFP -session "Polygonal_Number_Theorem" (AFP) = "HOL-Analysis" + +session "Polygonal_Number_Theorem" (AFP) = "Three_Squares" + options [timeout = 600] - sessions - "Three_Squares" - theories "Polygonal_Number_Theorem_Lemmas" "Polygonal_Number_Theorem_Gauss" "Polygonal_Number_Theorem_Cauchy" "Polygonal_Number_Theorem_Legendre" - + document_files "root.tex" "root.bib" \ No newline at end of file diff --git a/thys/Quantales_Converse/Modal_Quantale.thy b/thys/Quantales_Converse/Modal_Quantale.thy --- a/thys/Quantales_Converse/Modal_Quantale.thy +++ b/thys/Quantales_Converse/Modal_Quantale.thy @@ -1,329 +1,329 @@ -(* +(* Title: Modal quantales Author: Georg Struth Maintainer: Georg Struth *) section \Modal quantales\ theory Modal_Quantale imports Quantales.Quantale_Star Modal_Kleene_Algebra_Var KAD.Modal_Kleene_Algebra begin subsection \Simplified modal semirings and Kleene algebras\ -text \The previous formalisation of modal Kleene algebra in the AFP adds two compatibility axioms between domain and codomain -when combining an antidomain semiring with an antirange semiring. But these are unnecessary. They are derivable from the other +text \The previous formalisation of modal Kleene algebra in the AFP adds two compatibility axioms between domain and codomain +when combining an antidomain semiring with an antirange semiring. But these are unnecessary. They are derivable from the other axioms. Thus I provide a simpler axiomatisation that should eventually replace the one in the AFP.\ class modal_semiring_simp = antidomain_semiring + antirange_semiring lemma (in modal_semiring_simp) dr_compat [simp]: "d (r x) = r x" proof- have a: "ar x \ d (r x) = 0" using local.ads_d_def local.ars_r_def local.dpdz.dom_weakly_local by auto have "r x \ d (r x) \ ar x \ r x \ ar x" by (simp add: local.a_subid_aux2 local.ads_d_def local.mult_isor) hence b: "r x \ d (r x) \ ar x = 0" by (simp add: local.ardual.am2 local.ars_r_def local.join.bot_unique) have "d (r x) = (ar x + r x) \ d (r x)" using local.add_comm local.ardual.ans3 local.ars_r_def local.mult_1_left by presburger also have "\ = ar x \ d (r x) + r x \ d (r x)" by simp also have "\ = r x \ d (r x)" by (simp add: a) also have "\ = r x \ d (r x) \ (ar x + r x)" using local.add_comm local.ardual.ans3 local.ars_r_def by auto also have "\ = r x \ d (r x) \ ar x + r x \ d (r x) \ r x" by simp also have "\ = r x \ d (r x) \ r x" using b by auto also have "\ = r x" by (metis local.ads_d_def local.am3 local.ardual.a_mult_idem local.ars_r_def local.ds.ddual.mult_assoc) finally show ?thesis by simp qed lemma (in modal_semiring_simp) rd_compat [simp]: "r (d x) = d x" by (smt (verit) local.a_mult_idem local.ads_d_def local.am2 local.ardual.dpdz.dom_weakly_local local.ars_r_def local.dr_compat local.kat_3_equiv') subclass (in modal_semiring_simp) modal_semiring apply unfold_locales by simp_all class modal_kleene_algebra_simp = modal_semiring_simp + kleene_algebra subclass (in modal_kleene_algebra_simp) modal_kleene_algebra.. subsection \Domain quantales\ class domain_quantale = unital_quantale + domain_op + assumes dom_absorb: "x \ dom x \ x" and dom_local: "dom (x \ dom y) = dom (x \ y)" and dom_add: "dom (x \ y) = dom x \ dom y" and dom_subid: "dom x \ 1" and dom_zero [simp]: "dom \ = \" -text \The definition is that of a domain semiring. I cannot extend the quantale class with respect to domain semirings +text \The definition is that of a domain semiring. I cannot extend the quantale class with respect to domain semirings because of different operations are used for addition/sup. The following sublocale statement brings all those properties into scope.\ sublocale domain_quantale \ dqmsr: domain_semiring "(\)" "(\)" 1 \ dom "(\)" "(<)" by unfold_locales (simp_all add: dom_add dom_local dom_absorb sup.absorb2 dom_subid) sublocale domain_quantale \ dqmka: domain_kleene_algebra "(\)" "(\)" 1 \ dom "(\)" "(<)" qstar.. typedef (overloaded) 'a d_element = "{x :: 'a :: domain_quantale. dom x = x}" using dqmsr.dom_one by blast setup_lifting type_definition_d_element instantiation d_element :: (domain_quantale) bounded_lattice begin lift_definition less_eq_d_element :: "'a d_element \ 'a d_element \ bool" is "(\)" . lift_definition less_d_element :: "'a d_element \ 'a d_element \ bool" is "(<)" . lift_definition bot_d_element :: "'a d_element" is \ by simp lift_definition top_d_element :: "'a d_element" is 1 by simp lift_definition inf_d_element :: "'a d_element \ 'a d_element \ 'a d_element" is "(\)" by (metis dqmsr.dom_mult_closed) lift_definition sup_d_element :: "'a d_element \ 'a d_element \ 'a d_element" is "(\)" by simp instance apply (standard; transfer) apply (simp_all add: less_le_not_le) apply (metis dqmsr.dom_subid_aux2'') apply (metis dqmsr.dom_subid_aux1'') apply (metis dqmsr.dom_glb_eq) by (metis dqmsr.dom_subid) end instance d_element :: (domain_quantale) distrib_lattice by (standard, transfer, metis dqmsr.dom_distrib) context domain_quantale begin lemma dom_top [simp]: "dom \ = 1" proof- have "1 \ \" by simp hence "dom 1 \ dom \" using local.dqmsr.d_iso by blast thus ?thesis by (simp add: local.dual_order.antisym) qed lemma dom_top2: "x \ \ \ dom x \ \" proof- have "x \ \ = dom x \ x \ \" by simp also have "\ \ dom x \ \ \ \" using local.dqmsr.d_restrict_iff_1 local.top_greatest local.top_times_top mult_assoc by presburger finally show ?thesis by (simp add: local.mult.semigroup_axioms semigroup.assoc) qed lemma weak_twisted: "x \ dom y \ dom (x \ y) \ x" using local.dqmsr.fd_def local.dqmsr.fdemodalisation2 local.eq_refl by blast lemma dom_meet: "dom x \ dom y = dom x \ dom y" apply (rule order.antisym) apply (simp add: local.dqmsr.dom_subid_aux2 local.dqmsr.dom_subid_aux2'') by (smt (z3) local.dom_absorb local.dqmsr.dom_iso local.dqmsr.dom_subid_aux2 local.dqmsr.dsg3 local.dqmsr.dsg4 local.dual_order.antisym local.inf.cobounded1 local.inf.cobounded2 local.psrpq.mult_isol_var) lemma dom_meet_pres: "dom (dom x \ dom y) = dom x \ dom y" using dom_meet local.dqmsr.dom_mult_closed by presburger lemma dom_meet_distl: "dom x \ (y \ z) = (dom x \ y) \ (dom x \ z)" proof- have a: "dom x \ (y \ z) \ (dom x \ y) \ (dom x \ z)" using local.mult_isol by force have "(dom x \ y) \ (dom x \ z) = dom ((dom x \ y) \ (dom x \ z)) \ ((dom x \ y) \ (dom x \ z))" by simp also have "\ \ dom ((dom x \ y)) \ ((dom x \ y) \ (dom x \ z))" using calculation local.dqmsr.dom_iso local.dqmsr.dom_llp2 local.inf.cobounded1 by presburger also have "\ \ dom x \ ((dom x \ y) \ (dom x \ z))" by (metis local.dqmsr.domain_1'' local.dqmsr.domain_invol local.mult_isor) also have "\ \ dom x \ (y \ z)" by (meson local.dqmsr.dom_subid_aux2 local.inf_mono local.order_refl local.psrpq.mult_isol_var) finally show ?thesis using a local.dual_order.antisym by blast qed lemma dom_meet_approx: "dom ((dom x \ y) \ (dom x \ z)) \ dom x" by (metis dom_meet_distl local.dqmsr.domain_1'' local.dqmsr.domain_invol) lemma dom_inf_pres_aux: "Y \ {} \ dom (\y \ Y. dom x \ y) \ dom x" proof- assume "Y \ {}" have "\z\Y. dom (\y \ Y. dom x \ y) \ dom (dom x \ z)" by (meson local.INF_lower local.dqmsr.dom_iso) hence "\z\Y. dom (\y \ Y. dom x \ y) \ dom x \ dom z" by fastforce hence "\z\Y. dom (\y \ Y. dom x \ y) \ dom x" using dom_meet by fastforce thus "dom (\y \ Y. dom x \ y) \ dom x" using \Y \ {}\ by blast qed lemma dom_inf_pres_aux2: "(\y \ Y. dom x \ y) \ \Y" by (simp add: local.INF_lower2 local.dqmsr.dom_subid_aux2 local.le_Inf_iff) lemma dom_inf_pres: "Y \ {} \ dom x \ (\Y) = (\y \ Y. dom x \ y)" proof- assume hyp: "Y \ {}" have a: "dom x \ (\Y) \ (\y \ Y. dom x \ y)" by (simp add: Setcompr_eq_image local.Inf_subdistl) have "(\y \ Y. dom x \ y) = dom (\y \ Y. dom x \ y) \ (\y \ Y. dom x \ y)" by simp also have "\ \ dom x \ (\y \ Y. dom x \ y)" using dom_inf_pres_aux hyp local.mult_isor by blast also have "\ \ dom x \ \Y" by (simp add: dom_inf_pres_aux2 local.psrpq.mult_isol_var) finally show ?thesis using a order.antisym by blast qed lemma "dom (\X) \ \ (dom ` X)" by (simp add: local.INF_greatest local.Inf_lower local.dqmsr.dom_iso) text \The domain operation need not preserve arbitrary sups, though this property holds, for instance, in quantales of binary relations. I do not aim at a stronger axiomatisation in this theory.\ lemma dom_top_pres: "(x \ dom y \ x) = (x \ dom y \ \)" apply standard apply (meson local.dqmsr.ddual.mult_isol_var local.dual_order.eq_iff local.dual_order.trans local.top_greatest) using local.dqmsr.dom_iso local.dqmsr.dom_llp by fastforce lemma dom_lla_var: "(dom x \ dom y) = (x \ dom y \ \)" using dom_top_pres local.dqmsr.dom_llp by force lemma "dom (1 \ x) = 1 \ x \ x \ 1 \ dom x = x" using local.inf_absorb2 by force lemma dom_meet_sub: "dom (x \ y) \ dom x \ dom y" by (simp add: local.dqmsr.d_iso) lemma dom_dist1: "dom x \ (dom y \ dom z) = (dom x \ dom y) \ (dom x \ dom z)" by (metis dom_meet local.dom_add local.dqmsr.dom_distrib) lemma dom_dist2: "dom x \ (dom y \ dom z) = (dom x \ dom y) \ (dom x \ dom z)" by (metis dom_meet local.dom_add local.sup_distl) abbreviation "fd' \ dqmsr.fd" definition "bb x y = \{dom z |z. fd' x z \ dom y}" lemma fd'_bb_galois_aux: "fd' x (dom p) \ dom q \ dom p \ bb x (dom q)" by (simp add: bb_def local.SUP_upper setcompr_eq_image) lemma dom_iso_var: "(\x \ X. dom x) \ dom (\x \ X. dom x)" by (meson local.SUP_le_iff local.dom_subid local.dqmsr.domain_subid) lemma dom_iso_var2: "(\x \ X. dom x) \ dom (\x \ X. x)" by (simp add: local.SUP_le_iff local.Sup_upper local.dqmsr.dom_iso) end subsection \Codomain quantales\ class codomain_quantale = unital_quantale + range_op + - assumes cod_absorb: "x \ x \ cod x" + assumes cod_absorb: "x \ x \ cod x" and cod_local: "cod (cod x \ y) = cod (x \ y)" and cod_add: "cod (x \ y) = cod x \ cod y" and cod_subid: "cod x \ 1" and cod_zero: "cod \ = \" sublocale codomain_quantale \ coddual: domain_quantale range_op _ "\x y. y \ x" _ _ _ _ _ _ _ _ by unfold_locales (auto simp: mult_assoc cod_subid cod_zero cod_add cod_local cod_absorb Sup_distr Sup_distl) abbreviation (in codomain_quantale) "bd' \ coddual.fd'" definition (in codomain_quantale) "fb x y = \{cod z |z. bd' x z \ cod y}" lemma (in codomain_quantale) bd'_fb_galois_aux: "bd' x (cod p) \ cod q \ cod p \ fb x (cod q)" using local.coddual.bb_def local.coddual.fd'_bb_galois_aux local.fb_def by auto subsection \Modal quantales\ class dc_modal_quantale = domain_quantale + codomain_quantale + - assumes dc_compat [simp]: "dom (cod x) = cod x" - and cd_compat [simp]: "cod (dom x) = dom x" + assumes dc_compat [simp]: "dom (cod x) = cod x" + and cd_compat [simp]: "cod (dom x) = dom x" sublocale dc_modal_quantale \ mqs: dr_modal_kleene_algebra "(\)" "(\)" 1 \ "(\)" "(<)" qstar dom cod by unfold_locales simp_all sublocale dc_modal_quantale \ mqdual: dc_modal_quantale _ "\x y. y \ x" _ _ _ _ _ _ _ _ dom cod by unfold_locales simp_all lemma (in dc_modal_quantale) "x \ \ = dom x \ \" (* nitpick[expect=genuine] *) - oops + oops lemma (in dc_modal_quantale) "\ \ x = \ \ cod x" (* nitpick[expect=genuine] *) - oops + oops subsection \Antidomain and anticodomain quantales\ -notation antidomain_op ("adom") +notation antidomain_op ("adom") class antidomain_quantale = unital_quantale + antidomain_op + assumes as1 [simp]: "adom x \ x = \" and as2 [simp]: "adom (x \ y) \ adom (x \ adom (adom y))" and as3 [simp]: "adom (adom x) \ adom x = 1" definition (in antidomain_quantale) "ddom = adom \ adom" sublocale antidomain_quantale \ adqmsr: antidomain_semiring adom "(\)" "(\)" 1 \ "(\)" "(<)" by unfold_locales (simp_all add: local.sup.absorb2) sublocale antidomain_quantale \ adqmka: antidomain_kleene_algebra adom "(\)" "(\)" 1 \ "(\)" "(<)" qstar.. sublocale antidomain_quantale \ addq: domain_quantale ddom by unfold_locales (simp_all add: ddom_def local.adqmsr.ans_d_def) -notation antirange_op ("acod") +notation antirange_op ("acod") class anticodomain_quantale = unital_quantale + antirange_op + assumes ars1 [simp]: "x \ acod x = \" and ars2 [simp]: "acod (x \ y) \ acod (acod (acod x) \ y)" and ars3 [simp]: "acod (acod x) \ acod x = 1" sublocale anticodomain_quantale \ acoddual: antidomain_quantale acod _ "\x y. y \ x" _ _ _ _ _ _ _ _ by unfold_locales (auto simp: mult_assoc Sup_distl Sup_distr) definition (in anticodomain_quantale) "ccod = acod \ acod" sublocale anticodomain_quantale \ acdqmsr: antirange_semiring "(\)" "(\)" 1 \ acod "(\)" "(<)".. sublocale anticodomain_quantale \ acdqmka: antirange_kleene_algebra "(\)" "(\)" 1 \ "(\)" "(<)" qstar acod.. sublocale anticodomain_quantale \ acddq: codomain_quantale _ _ _ _ _ _ _ _ _ _ "\ x. acod (acod x)" by unfold_locales (simp_all add: local.acoddual.adqmsr.ans_d_def) class modal_quantale = antidomain_quantale + anticodomain_quantale sublocale modal_quantale \ mmqs: modal_kleene_algebra_simp "(\)" "(\)" 1 \ "(\)" "(<)" qstar adom acod.. sublocale modal_quantale \ mmqdual: modal_quantale _ "\x y. y \ x" _ _ _ _ _ _ _ _ adom acod by unfold_locales simp_all end diff --git a/thys/Quantales_Converse/Quantale_Converse.thy b/thys/Quantales_Converse/Quantale_Converse.thy --- a/thys/Quantales_Converse/Quantale_Converse.thy +++ b/thys/Quantales_Converse/Quantale_Converse.thy @@ -1,1583 +1,1583 @@ -(* +(* Title: Quantales with converse Author: Cameron Calk, Georg Struth Maintainer: Georg Struth *) section \Quantales with converse\ theory Quantale_Converse - imports Modal_Quantale Modal_Kleene_Algebra_Converse + imports Modal_Quantale Modal_Kleene_Algebra_Converse begin subsection \Properties of unital quantales\ text \These properties should eventually added to the quantales AFP entry.\ lemma (in quantale) bres_bot_top [simp]: "\ \ \ = \" by (simp add: local.bres_galois_imp local.order.antisym) lemma (in quantale) fres_top_bot [simp]: "\ \ \ = \" by (meson local.fres_galois local.order_antisym local.top_greatest) lemma (in unital_quantale) bres_top_top2 [simp]: "(x \ y \ \) \ \ = x \ y \ \" proof- have "(x \ y \ \) \ \ \ x \ y \ \ \ \" by (simp add: local.bres_interchange) hence "(x \ y \ \) \ \ \ x \ y \ \" by (simp add: mult_assoc) thus ?thesis by (metis local.mult_1_right local.order_eq_iff local.psrpq.subdistl local.sup_top_right) qed lemma (in unital_quantale) fres_top_top2 [simp]: "\ \ (\ \ y \ x) = \ \ y \ x" by (metis local.dual_order.antisym local.fres_interchange local.le_top local.top_greatest mult_assoc) lemma (in unital_quantale) bres_top_bot [simp]: "\ \ \ = \" by (metis local.bot_least local.bres_canc1 local.le_top local.order.antisym) lemma (in unital_quantale) fres_bot_top [simp]: "\ \ \ = \" by (metis local.bot_unique local.fres_canc1 local.top_le local.uqka.independence2 local.uwqlka.star_ext) lemma (in unital_quantale) top_bot_iff: "(x \ \ = \) = (x = \)" by (metis local.fres_bot_top local.fres_canc2 local.le_bot local.mult_botl) subsection \Involutive quantales\ text \The following axioms for involutive quantales are standard.\ class involutive_quantale = unital_quantale + invol_op + assumes inv_invol [simp]: "(x\<^sup>\)\<^sup>\ = x" and inv_contrav: "(x \ y)\<^sup>\ = y\<^sup>\ \ x\<^sup>\" and inv_sup [simp]: "(\X)\<^sup>\ = (\x \ X. x\<^sup>\)" context involutive_quantale begin lemma inv_binsup [simp]: "(x \ y)\<^sup>\ = x\<^sup>\ \ y\<^sup>\" proof- have "(x \ y)\<^sup>\ = (\z \ {x,y}. z\<^sup>\)" using local.inv_sup local.sup_Sup by presburger also have "\ = (\z \ {x\<^sup>\,y\<^sup>\}. z)" by simp also have "\ = x\<^sup>\ \ y\<^sup>\" by fastforce finally show ?thesis. qed lemma inv_iso: "x \ y \ x\<^sup>\ \ y\<^sup>\" by (metis inv_binsup local.sup.absorb_iff1) lemma inv_galois: "(x\<^sup>\ \ y) = (x \ y\<^sup>\)" using local.inv_iso by fastforce lemma bres_fres_conv: "(y\<^sup>\ \ x\<^sup>\)\<^sup>\ = x \ y" proof- have "(y\<^sup>\ \ x\<^sup>\)\<^sup>\ = (\{z. z \ x\<^sup>\ \ y\<^sup>\})\<^sup>\" by (simp add: local.fres_def) also have "\ = \{z\<^sup>\ |z. z \ x\<^sup>\ \ y\<^sup>\}" by (simp add: image_Collect) also have "\ = \{z. z\<^sup>\ \ x\<^sup>\ \ y\<^sup>\}" by (metis local.inv_invol) also have "\ = \{z. (x \ z)\<^sup>\ \ y\<^sup>\}" by (simp add: local.inv_contrav) also have "\ = \{z. x \ z \ y}" by (metis local.inv_invol local.inv_iso) also have "\ = x \ y" by (simp add: local.bres_def) finally show ?thesis. qed lemma fres_bres_conv: "(y\<^sup>\ \ x\<^sup>\)\<^sup>\ = x \ y" by (metis bres_fres_conv local.inv_invol) sublocale invqka: involutive_kleene_algebra "(\)" "(\)" 1 \ "(\)" "(<)" qstar invol by unfold_locales (simp_all add: local.inv_contrav) lemma inv_binf [simp]: "(x \ y)\<^sup>\ = x\<^sup>\ \ y\<^sup>\" proof- {fix z have "(z \ (x \ y)\<^sup>\) = (z\<^sup>\ \ x \ y)" using invqka.inv_adj by blast also have "\ = (z\<^sup>\ \ x \ z\<^sup>\ \ y)" by simp also have "\ = (z \ x\<^sup>\ \ z \ y\<^sup>\)" by (simp add: invqka.inv_adj) also have "\ = (z \ x\<^sup>\ \ y\<^sup>\)" by simp finally have "(z \ (x \ y)\<^sup>\) = (z \ x\<^sup>\ \ y\<^sup>\)".} thus ?thesis using local.dual_order.antisym by blast qed lemma inv_inf [simp]: "(\X)\<^sup>\ = (\x \ X. x\<^sup>\)" by (metis invqka.inv_adj local.INF_eqI local.Inf_greatest local.Inf_lower local.inv_invol) lemma inv_top [simp]: "\\<^sup>\ = \" proof- have a: "\\<^sup>\ \ \" by simp hence "(\\<^sup>\)\<^sup>\ \ \\<^sup>\" using local.inv_iso by blast hence "\ \ \\<^sup>\" by simp thus ?thesis by (simp add: local.top_le) qed lemma inv_qstar_aux [simp]: "(x ^ i)\<^sup>\ = (x\<^sup>\) ^ i" by (induct i, simp_all add: local.power_commutes) lemma inv_conjugate: "(x\<^sup>\ \ y = \) = (x \ y\<^sup>\ = \)" using inv_binf invqka.inv_zero by fastforce -text \We define domain and codomain as in relation algebra and compare with the domain +text \We define domain and codomain as in relation algebra and compare with the domain and codomain axioms above.\ -definition do :: "'a \ 'a" where +definition do :: "'a \ 'a" where "do x = 1 \ (x \ x\<^sup>\)" definition cd :: "'a \ 'a" where "cd x = 1 \ (x\<^sup>\ \ x)" lemma do_inv: "do (x\<^sup>\) = cd x" proof- have "do (x\<^sup>\) = 1 \ (x\<^sup>\ \ (x\<^sup>\)\<^sup>\)" by (simp add: do_def) also have "\ = 1 \ (x\<^sup>\ \ x)" by simp also have "\ = cd x" by (simp add: cd_def) finally show ?thesis. qed lemma cd_inv: "cd (x\<^sup>\) = do x" by (simp add: cd_def do_def) lemma do_le_top: "do x \ 1 \ (x \ \)" by (simp add: do_def local.inf.coboundedI2 local.mult_isol) lemma do_subid: "do x \ 1" by (simp add: do_def) lemma cd_subid: "cd x \ 1" by (simp add: cd_def) lemma do_bot [simp]: "do \ = \" by (simp add: do_def) lemma cd_bot [simp]: "cd \ = \" by (simp add: cd_def) lemma do_iso: "x \ y \ do x \ do y" by (simp add: do_def local.inf.coboundedI2 local.inv_iso local.psrpq.mult_isol_var) lemma cd_iso: "x \ y \ cd x \ cd y" using cd_def local.eq_refl local.inf_mono local.inv_iso local.psrpq.mult_isol_var by presburger lemma do_subdist: "do x \ do y \ do (x \ y)" proof- have "do x \ do (x \ y)" and "do y \ do (x \ y)" by (simp_all add: do_iso) thus ?thesis by simp qed lemma cd_subdist: "cd x \ cd y \ cd (x \ y)" by (simp add: cd_iso) lemma inv_do [simp]: "(do x)\<^sup>\ = do x" by (simp add: do_def) lemma inv_cd [simp]: "(cd x)\<^sup>\ = cd x" by (metis do_inv inv_do) lemma dedekind_modular: assumes "(x \ y) \ z \ (x \ (z \ y\<^sup>\)) \ (y \ (x\<^sup>\ \ z))" shows "(x \ y) \ z \ (x \ (z \ y\<^sup>\)) \ y" using assms local.inf.cobounded1 local.mult_isol local.order_trans by blast -lemma modular_eq1: +lemma modular_eq1: assumes "\x y z w. (y \ (z \ x\<^sup>\) \ w \ (y \ x) \ z \ w \ x)" shows "\x y z. (x \ y) \ z \ (x \ (z \ y\<^sup>\)) \ y" using assms by blast lemma "do x \ do y = do x \ do y" (* nitpick[expect=genuine]*) oops lemma "p \ 1 \ q \ 1 \ p \ q = p \ q" (* nitpick[expect=genuine]*) oops end sublocale ab_unital_quantale \ ciq: involutive_quantale id _ _ _ _ _ _ _ _ _ _ by unfold_locales (simp_all add: mult_commute) class distributive_involutive_quantale = involutive_quantale + distrib_unital_quantale class boolean_involutive_quantale = involutive_quantale + bool_unital_quantale begin -lemma res_peirce: +lemma res_peirce: assumes "\x y. x\<^sup>\ \ -(x \ y) \ -y" shows "((x \ y) \ z\<^sup>\ = \) = ((y \ z) \ x\<^sup>\ = \)" proof assume "(x \ y) \ z\<^sup>\ = \" hence "z\<^sup>\ \ -(x \ y)" by (simp add: local.inf.commute local.inf_shunt) thus "(y \ z) \ x\<^sup>\ = \" by (metis assms local.inf_shunt local.inv_conjugate local.inv_contrav local.inv_invol local.mult_isol local.order.trans) -next +next assume "(y \ z) \ x\<^sup>\ = \" hence "x\<^sup>\ \ -(y \ z)" using local.compl_le_swap1 local.inf_shunt by blast thus "(x \ y) \ z\<^sup>\ = \" by (metis assms local.dual_order.trans local.inf_shunt local.inv_conjugate local.inv_contrav local.mult_isol) qed -lemma res_schroeder1: +lemma res_schroeder1: assumes "\x y. x\<^sup>\ \ -(x \ y) \ -y" shows "((x \ y) \ z = \) = (y \ (x\<^sup>\ \ z) = \)" proof assume h: "(x \ y) \ z = \" hence "z \ -(x \ y)" by (simp add: local.inf.commute local.inf_shunt) thus "y \ (x\<^sup>\ \ z) = \" by (metis assms local.dual_order.trans local.inf.commute local.inf_shunt local.mult_isol) -next +next assume "y \ (x\<^sup>\ \ z) = \" hence "y \ -(x\<^sup>\ \ z)" by (simp add: local.inf_shunt) thus "(x \ y) \ z = \" by (metis assms local.inf_shunt local.inv_invol local.order_trans mult_isol) qed -lemma res_schroeder2: +lemma res_schroeder2: assumes "\x y. x\<^sup>\ \ -(x \ y) \ -y" shows "((x \ y) \ z = \) = (x \ (z \ y\<^sup>\) = \)" by (metis assms local.inv_invol local.res_peirce local.res_schroeder1) lemma res_mod: assumes "\x y. x\<^sup>\ \ -(x \ y) \ -y" shows "(x \ y) \ z \ (x \ (z \ y\<^sup>\)) \ y" proof- have "(x \ y) \ z = ((x \ ((z \ y\<^sup>\) \ -(z \ y\<^sup>\))) \ y) \ z" by simp also have "\ = (((x \ (z \ y\<^sup>\)) \ y) \ z) \ (((x \ -(z \ y\<^sup>\)) \ y) \ z)" using local.chaq.wswq.distrib_left local.inf.commute local.sup_distr by presburger also have "\ \ ((x \ (z \ y\<^sup>\)) \ y) \ ((x \ y) \ (-(z \ y\<^sup>\)) \ y \ z)" by (metis assms local.inf.commute local.inf_compl_bot_right local.sup.orderI local.sup_inf_absorb res_schroeder2) also have "\ \ ((x \ (z \ y\<^sup>\)) \ y) \ ((x \ y) \ -z \ z)" by (metis assms local.dual_order.eq_iff local.inf.commute local.inf_compl_bot_right res_schroeder2) also have "\ \ ((x \ (z \ y\<^sup>\)) \ y)" by (simp add: local.inf.commute) finally show ?thesis. qed end -text \The strong Gelfand property (name by Palmigiano and Re) is important for dioids and Kleene algebras. +text \The strong Gelfand property (name by Palmigiano and Re) is important for dioids and Kleene algebras. The modular law is a convenient axiom for relational quantales, in a setting where the underlying lattice is not boolean.\ class quantale_converse = involutive_quantale + assumes strong_gelfand: "x \ x \ x\<^sup>\ \ x" begin lemma do_gelfand [simp]: "do x \ do x \ do x = do x" apply (rule order.antisym) using local.do_subid local.h_seq local.mult_isol apply fastforce by (metis local.inv_do local.strong_gelfand) - + lemma cd_gelfand [simp]: "cd x \ cd x \ cd x = cd x" by (metis do_gelfand local.do_inv) lemma do_idem [simp]: "do x \ do x = do x" apply (rule order.antisym) using local.do_subid local.mult_isol apply fastforce by (metis do_gelfand local.do_subid local.eq_refl local.nsrnqo.mult_oner local.psrpq.mult_isol_var) lemma cd_idem [simp]: "cd x \ cd x = cd x" by (metis do_idem local.do_inv) lemma dodo [simp]: "do (do x) = do x" proof- have "do (do x) = 1 \ (do x \ do x)" using local.do_def local.inv_do by force also have "\ = 1 \ do x" by simp also have "\ = do x" by (simp add: local.do_def) finally show ?thesis. qed lemma cdcd [simp]: "cd (cd x) = cd x" using cd_idem local.cd_def local.inv_cd by force lemma docd_compat [simp]: "do (cd x) = cd x" proof- have "do (cd x) = do (do (x\<^sup>\))" by (simp add: local.do_inv) also have "\ = do (x\<^sup>\)" by simp also have "\ = cd x" by (simp add: local.do_inv) finally show ?thesis. qed lemma cddo_compat [simp]: "cd (do x) = do x" by (metis docd_compat local.cd_inv local.inv_do) end sublocale quantale_converse \ convqka: kleene_algebra_converse "(\)" "(\)" 1 \ "(\)" "(<)" invol qstar by unfold_locales (simp add: local.strong_gelfand) subsection \Dedekind quantales\ class dedekind_quantale = involutive_quantale + assumes modular_law: "(x \ y) \ z \ (x \ (z \ y\<^sup>\)) \ y" begin sublocale convdqka: kleene_algebra_converse "(\)" "(\)" 1 \ "(\)" "(<)" invol qstar by unfold_locales (metis local.inf.absorb2 local.le_top local.modular_law local.top_greatest) subclass quantale_converse by unfold_locales (simp add: local.convdqka.strong_gelfand) lemma modular_2 [simp]: "((x \ (z \ y\<^sup>\)) \ y) \ z = (x \ y) \ z" apply (rule order.antisym) using local.inf.cobounded1 local.inf_mono local.mult_isor local.order_refl apply presburger by (simp add: local.modular_law) lemma modular_1 [simp]: "(x \ (y \ (x\<^sup>\ \ z))) \ z = (x \ y) \ z" by (metis local.inv_binf local.inv_contrav local.inv_invol modular_2) lemma modular3: "(x \ y) \ z \ x \ (y \ (x\<^sup>\ \ z))" by (metis local.inf.cobounded1 modular_1) text \The name Dedekind quantale owes to the following formula, which is equivalent to the modular law. Dedekind quantales -are called modular quantales in Rosenthal's book on quantaloids (to be precise: he discusses modular quantaloids, but the +are called modular quantales in Rosenthal's book on quantaloids (to be precise: he discusses modular quantaloids, but the notion of modular quantale is then obvious).\ lemma dedekind: "(x \ y) \ z \ (x \ (z \ y\<^sup>\)) \ (y \ (x\<^sup>\ \ z))" proof- have "(x \ y) \ z = (x \ (y \ (x\<^sup>\ \ z))) \ z" by simp also have "\ \ (x \ (z \ (y \ (x\<^sup>\ \ z))\<^sup>\)) \ (y \ (x\<^sup>\ \ z))" using local.modular_law by presburger also have "\ = (x \ (z \ (y\<^sup>\ \ (z\<^sup>\ \ x)))) \ (y \ (x\<^sup>\ \ z))" by simp also have "\ \ (x \ (z \ y\<^sup>\)) \ (y \ (x\<^sup>\ \ z))" using local.inf.commute modular_1 by fastforce finally show ?thesis. qed lemma peirce: "((x \ y) \ z\<^sup>\ = \) = ((y \ z) \ x\<^sup>\ = \)" proof assume "(x \ y) \ z\<^sup>\ = \" hence "((x \ y) \ z\<^sup>\) \ y\<^sup>\ = \" by simp hence "(z\<^sup>\ \ y\<^sup>\) \ x = \" by (metis local.inf.commute local.inv_invol local.le_bot local.modular_law) hence "((y \ z) \ x\<^sup>\)\<^sup>\ = \\<^sup>\" by simp thus "(y \ z) \ x\<^sup>\ = \" by (metis local.inv_invol) next assume h: "(y \ z) \ x\<^sup>\ = \" hence "z\<^sup>\ \ ((y \ z) \ x\<^sup>\) = \" by simp hence "(y\<^sup>\ \ x\<^sup>\) \ z = \" by (metis h local.inf.commute local.inv_invol local.le_bot local.mult_botr modular3) hence "((x \ y) \ z\<^sup>\)\<^sup>\ = \\<^sup>\" by simp thus "(x \ y) \ z\<^sup>\ = \" by (metis local.inv_invol) qed lemma schroeder_1: "((x \ y) \ z = \) = (y \ (x\<^sup>\ \ z) = \)" by (metis local.inf.commute local.inf_bot_right local.inv_invol local.mult_botr modular_1) lemma schroeder_2: "((x \ y) \ z = \) = (x \ (z \ y\<^sup>\) = \)" by (metis local.inv_invol peirce schroeder_1) lemma modular_eq2: "y \ (z \ x\<^sup>\) \ w \ (y \ x) \ z \ w \ x" by (meson local.dual_order.trans local.eq_refl local.h_w1 local.modular_law) lemma lla_top_aux: "p \ 1 \ ((x \ p \ x) = (x \ p \ \))" proof assume h: "p \ 1" and h1: "x \ p \ x" thus "x \ p \ \" by (meson local.mult_isol local.order_trans local.top_greatest) -next +next assume h: "p \ 1" and "x \ p \ \" hence "x = (p \ \) \ x" using local.inf.absorb_iff2 by auto also have "\ \ p \ (\ \ (p\<^sup>\ \ x))" using modular3 by blast also have "\ = p \ p \ x" by (simp add: h local.convdqka.subid_conv mult_assoc) finally show "x \ p \ x" by (metis h local.dual_order.trans local.mult_isor local.nsrnqo.mult_onel) qed text \Next we turn to properties of domain and codomain in Dedekind quantales.\ lemma lra_top_aux: "p \ 1 \ ((x \ x \ p ) = (x \ \ \ p))" by (metis convdqka.subid_conv local.inf.absorb_iff2 local.mult_1_right local.psrpq.subdistl local.sup.absorb_iff2 local.top_greatest modular_eq2) lemma lla: "p \ 1 \ ((do x \ p) = (x \ p \ \))" -proof +proof assume a1: "x \ p \ \" assume a2: "p \ 1" have f3: "x \ \ \ p \ \ \ \" by (simp add: a1 local.mult_isor) have f4: "p \ do x \ p" by (simp add: local.do_subid local.uqka.star_inductr_var_equiv local.uwqlka.star_subid) have "x \ \ \ p \ \" using f3 by (simp add: local.mult.semigroup_axioms semigroup.assoc) thus "do x \ p" using f4 a2 lla_top_aux local.do_le_top local.inf.bounded_iff local.order_trans by blast -next +next assume a1: "do x \ p" assume a2: "p \ 1" hence "do x \ x \ p \ x" by (simp add: a1 local.mult_isor) hence "x \ p \ x" using a1 local.do_def modular_eq2 by fastforce thus "x \ p \ \" by (simp add: a2 lla_top_aux) qed lemma lla_Inf: "do x = \{p. x \ p \ \ \ p \ 1}" apply (rule order.antisym) using lla local.Inf_greatest apply fastforce by (metis CollectI lla local.Inf_lower local.do_subid local.order.refl) lemma lra: "p \ 1 \ ((cd x \ p) = (x \ \ \ p))" by (metis invqka.inv_adj lla local.convdqka.subid_conv local.do_inv local.inv_contrav local.inv_top) lemma lra_Inf: "cd x = \{p. x \ \ \ p \ p \ 1}" apply (rule order.antisym) using local.Inf_greatest lra apply fastforce by (metis CollectI local.Inf_lower local.cd_subid local.order.refl lra) lemma lla_var: "p \ 1 \ ((do x \ p) = (x \ p \ x))" by (simp add: lla lla_top_aux) lemma lla_Inf_var: "do x = \{p. x \ p \ x \ p \ 1}" apply (rule order.antisym) using lla_var local.Inf_greatest apply fastforce by (metis CollectI lla_var local.Inf_lower local.do_subid local.order.refl) lemma lra_var: "p \ 1 \ ((cd x \ p) = (x \ x \ p))" by (simp add: lra lra_top_aux) lemma lra_Inf_var: "cd x = \{p. x \ x \ p \ p \ 1}" apply (rule order.antisym) using local.Inf_greatest lra_var apply fastforce by (metis CollectI local.Inf_lower local.cd_subid local.order.refl lra_var) lemma do_top: "do x = 1 \ (x \ \)" proof- have "1 \ (x \ \) = 1 \ (x \ (\ \ x\<^sup>\ \ 1))" by (metis local.inf.commute local.inf_top.left_neutral modular_1) also have "\ = do x" by (simp add: local.do_def) finally show ?thesis.. qed lemma cd_top: "cd x = 1 \ (\ \ x)" by (metis do_top invqka.inv_one local.do_inv local.inv_binf local.inv_cd local.inv_contrav local.inv_invol local.inv_top) text \We start deriving the axioms of modal semirings and modal quantales.\ lemma do_absorp: "x \ do x \ x" using lla_var local.do_subid by blast lemma cd_absorp: "x \ x \ cd x" using local.cd_subid lra_var by blast lemma do_absorp_eq [simp]: "do x \ x = x" using do_absorp local.do_subid local.dual_order.antisym local.h_w1 by fastforce lemma cd_absorp_eq [simp]: "x \ cd x = x" by (metis do_top local.do_inv local.inf_top.right_neutral local.nsrnqo.mult_oner modular_1) lemma do_top2: "x \ \ = do x \ \" proof (rule order.antisym) have "x \ \ = do x \ x \ \" by simp also have "\ \ do x \ \ \ \" using local.psrpq.mult_double_iso local.top_greatest by presburger also have "\ = do x \ \" by (simp add: local.mult.semigroup_axioms semigroup.assoc) finally show "x \ \ \ do x \ \". have "do x \ \ = (1 \ (x \ \)) \ \" by (simp add: do_top) also have "\ \ (1 \ \) \ (x \ \ \ \)" by (simp add: local.mult_isor) also have "\ = x \ \" by (simp add: mult_assoc) finally show "do x \ \ \ x \ \". qed lemma cd_top2: "\ \ x = \ \ cd x" by (metis do_top2 local.do_inv local.inv_cd local.inv_contrav local.inv_invol local.inv_top) lemma do_local [simp]: "do (x \ do y) = do (x \ y)" proof- have "do (x \ do y) = 1 \ (x \ do y \ \)" using do_top by force also have "\ = 1 \ (x \ y \ \)" using do_top2 mult_assoc by force also have "\ = do (x \ y)" by (simp add: do_top) finally show ?thesis by force qed lemma cd_local [simp]: "cd (cd x \ y) = cd (x \ y)" by (metis cd_top cd_top2 mult_assoc) lemma do_fix_subid: "(do x = x) = (x \ 1)" proof assume "do x = x" thus "x \ 1" by (metis local.do_subid) -next +next assume a: "x \ 1" hence "x = do x \ x" by simp hence b: "x \ do x" by (metis a local.mult_isol local.nsrnqo.mult_oner) have "x \ x \ x" using a local.mult_isor by fastforce hence "do x \ x" by (simp add: a lla_var local.le_top lra_top_aux) thus "do x = x" by (simp add: b local.dual_order.antisym) qed lemma cd_fix_subid: "(cd x = x) = (x \ 1)" by (metis local.convdqka.subid_conv local.do_inv local.do_fix_subid local.docd_compat) lemma do_inf2: "do (do x \ do y) = do x \ do y" using do_top local.do_fix_subid local.inf.assoc by auto lemma do_inf_comp: "do x \ do y = do x \ do y" by (smt (verit, best) local.do_def local.do_idem local.do_fix_subid local.dodo local.dual_order.trans local.inf_commute local.inf_idem local.inv_contrav local.inv_do local.mult_1_right local.mult_isol modular_1 mult_assoc) lemma cd_inf_comp: "cd x \ cd y = cd x \ cd y" by (metis do_inf_comp local.docd_compat) lemma subid_mult_meet: "p \ 1 \ q \ 1 \ p \ q = p \ q" by (metis do_inf_comp local.do_fix_subid) lemma dodo_sup: "do (do x \ do y) = do x \ do y" proof- have "do (do x \ do y) = 1 \ ((do x \ do y) \ (do x \ do y)\<^sup>\)" using local.do_def by blast also have "\ = 1 \ ((do x \ do y) \ (do x \ do y))" by simp also have "\ = 1 \ (do x \ do y)" using local.do_subid local.dodo local.inf.idem local.le_supI subid_mult_meet by presburger also have "\ = do x \ do y" by (simp add: local.do_def local.inf_absorb2) finally show ?thesis. qed lemma do_sup [simp]: "do (x \ y) = do x \ do y" proof- have "do (x \ y) = 1 \ ((x \ y) \ \)" by (simp add: do_top) also have "\ = 1 \ (x \ \ \ y \ \)" by simp also have "\ = 1 \ (do x \ \ \ do y \ \)" using do_top2 by force also have "\ = 1 \ ((do x \ do y) \ \)" by simp also have "\ = do (do x \ do y)" by (simp add: do_top) finally show ?thesis by (simp add: dodo_sup) qed lemma cdcd_sup: "cd (cd x \ cd y) = cd x \ cd y" using local.cd_fix_subid by fastforce lemma cd_sup [simp]: "cd (x \ y) = cd x \ cd y" by (metis do_sup local.do_inv local.inv_binsup) text \Next we show that Dedekind quantales are modal quantales, hence also modal semirings.\ sublocale dmq: dc_modal_quantale 1 "(\)" Inf Sup "(\)" "(\)" "(<)" "(\)" "\" "\" cd do proof show "\x. cd x \ 1" by (simp add: cd_top) show "\x. do x \ 1" by (simp add: do_top) qed simp_all lemma do_top3 [simp]: "do (x \ \) = do x" using dmq.coddual.le_top dmq.dqmsr.domain_1'' local.do_iso local.order.antisym by presburger lemma cd_top3 [simp]: "cd (\ \ x) = cd x" by (simp add: cd_top dmq.coddual.mult_assoc) lemma dodo_Sup_pres: "do (\x \ X. do x) = (\x \ X. do x)" by (simp add: local.SUP_least local.do_fix_subid) text \The domain elements form a complete Heyting algebra.\ lemma do_complete_heyting: "do x \ (\y \ Y. do y) = (\y \ Y. do x \ do y)" proof- have "do x \ (\y \ Y. do y) = do x \ (\y \ Y. do y)" by (metis do_inf_comp dodo_Sup_pres) also have "\ = (\y \ Y. do x \ do y)" by (simp add: dmq.coddual.Sup_distr image_image) also have "\ = (\y \ Y. do x \ do y)" using do_inf_comp by force finally show ?thesis. qed lemma cdcd_Sup_pres: "cd (\x \ X. cd x) = (\x \ X. cd x)" by (simp add: local.SUP_least local.cd_fix_subid) lemma cd_complete_heyting: "cd x \ (\y \ Y. cd y) = (\y \ Y. cd x \ cd y)" proof- have "cd x \ (\y \ Y. cd y) = cd x \ (\y \ Y. cd y)" by (metis cd_inf_comp cdcd_Sup_pres) also have "\ = (\y \ Y. cd x \ cd y)" by (simp add: dmq.coddual.Sup_distr image_image) also have "\ = (\y \ Y. cd x \ cd y)" using cd_inf_comp by force finally show ?thesis. qed -lemma subid_complete_heyting: +lemma subid_complete_heyting: assumes "p \ 1" and "\q \ Q. q \ 1" shows "p \ (\Q) = (\q \ Q. p \ q)" proof- have a: "do p = p" by (simp add: assms(1) local.do_fix_subid) have b: "\q \ Q. do q = q" using assms(2) local.do_fix_subid by presburger hence "p \ (\Q) = do p \ (\q \ Q. do q)" by (simp add: a) also have "\ = (\q \ Q. do p \ do q)" using do_complete_heyting by blast also have "\ = (\q \ Q. p \ q)" using a b by force finally show ?thesis. qed text \Next we show that domain and codomain preserve arbitrary Sups.\ lemma do_Sup_pres_aux: "(\x \ X. do x \ \) = (\x \ do ` X. x \ \)" by (smt (verit, best) Sup.SUP_cong image_image) lemma do_Sup_pres: "do (\x \ X. x) = (\x \ X. do x)" proof- have "do (\x \ X. x) = 1 \ ((\x \ X. x) \ \)" by (simp add: do_top) also have "\ = 1 \ (\x \ X. x \ \)" by (simp add: dmq.coddual.Sup_distl) also have "\ = 1 \ (\x \ X. do x \ \)" using do_top2 by force also have "\ = 1 \ (\x \ do ` X. x \ \)" using do_Sup_pres_aux by presburger also have "\ = 1 \ ((\x \ X. do x) \ \)" using dmq.coddual.Sup_distl by presburger also have "\ = do (\x \ X. do x)" by (simp add: do_top) finally show ?thesis using dodo_Sup_pres by presburger qed lemma cd_Sup_pres: "cd (\x \ X. x) = (\x \ X. cd x)" proof- have "cd (\x \ X. x) = do ((\x \ X. x)\<^sup>\)" using local.do_inv by presburger also have "\ = do (\x \ X. x\<^sup>\)" by simp also have "\ = (\x \ X. do (x\<^sup>\))" by (metis do_Sup_pres image_ident image_image) also have "\ = (\x \ X. cd x)" using local.do_inv by presburger finally show ?thesis. qed lemma do_inf: "do (x \ y) = 1 \ (y \ x\<^sup>\)" by (smt (z3) do_absorp_eq invqka.inv_one local.do_def local.inf_commute local.inv_binf local.inv_contrav local.inv_invol local.mult_1_right modular_1 modular_2 mult_assoc) lemma cd_inf: "cd (x \ y) = 1 \ (y\<^sup>\ \ x)" by (metis do_inf local.do_inv local.inv_binf local.inv_invol) lemma do_bres_prop: "p \ 1 \ do (x \ p \ \) = 1 \ (x \ p \ \)" by (simp add: do_top) lemma cd_fres_prop: "p \ 1 \ cd (\ \ p \ x) = 1 \ (\ \ p \ x)" by (simp add: cd_top) lemma do_meet_prop: "(do p \ x) \ (x \ do q) = do p \ x \ do q" proof (rule order.antisym) have "x \ (do p \ x \ do q) \ do p \ x" by (simp add: dmq.dqmsr.dom_subid_aux2'' local.inf.coboundedI2) thus "(do p \ x) \ (x \ do q) \ do p \ x \ do q" by (simp add: local.inf.commute modular_eq2) next have "do p \ x \ do q = (do p \ x \ do q) \ (do p \ x \ do q)" by simp also have "\ \ (do p \ x) \ (x \ do q)" using dmq.dqmsr.dom_subid_aux2 dmq.dqmsr.dom_subid_aux2'' local.psrpq.mult_isol_var by auto finally show "do p \ x \ do q \ (do p \ x) \ (x \ do q)". qed lemma subid_meet_prop: "p \ 1 \ q \ 1 \ (p \ x) \ (x \ q) = p \ x \ q" by (metis do_fix_subid do_meet_prop) -text \Next we consider box and diamond operators like in modal semirings and modal quantales. -These are inherited from domain quantales. Diamonds are defined with respect to domain and codomain. +text \Next we consider box and diamond operators like in modal semirings and modal quantales. +These are inherited from domain quantales. Diamonds are defined with respect to domain and codomain. The box operators are defined as Sups and hence right adjoints of diamonds.\ abbreviation "do_dia \ dmq.fd'" abbreviation "cd_dia \ dmq.bd'" abbreviation "do_box \ dmq.bb" abbreviation "cd_box \ dmq.fb" text \In the sense of modal logic, the domain-based diamond is a backward operator, the codomain-based one a forward operator. These are related by opposition/converse.\ lemma do_dia_cd_dia_conv: "p \ 1 \ do_dia (x\<^sup>\) p = cd_dia x p" by (simp add: convdqka.subid_conv dmq.coddual.dqmsr.fd_def dmq.dqmsr.fd_def local.cd_def local.do_def) lemma cd_dia_do_dia_conv: "p \ 1 \ cd_dia (x\<^sup>\) p = do_dia x p" by (metis do_dia_cd_dia_conv local.inv_invol) text \Diamonds preserve sups in both arguments.\ lemma do_dia_Sup: "do_dia (\X) p = (\x \ X. do_dia x p)" proof- have "do_dia (\X) p = do ((\X) \ p)" by (simp add: dmq.dqmsr.fd_def) also have "\ = do (\x \ X. x \ p)" using local.Sup_distr by fastforce also have "\ = (\x \ X. do (x \ p))" by (metis do_Sup_pres image_ident image_image) also have "\ = (\x \ X. do_dia x p)" using dmq.dqmsr.fd_def by fastforce finally show ?thesis. qed lemma do_dia_Sup2: "do_dia x (\P) = (\p \ P. do_dia x p)" proof- have "do_dia x (\P) = do (x \ (\P))" by (simp add: dmq.dqmsr.fd_def) also have "\ = (\p \ P. do (x \ p))" by (metis dmq.coddual.Sup_distr do_Sup_pres image_ident image_image) also have "\ = (\p \ P. do_dia x p)" using dmq.dqmsr.fd_def by auto finally show ?thesis. qed lemma cd_dia_Sup: "cd_dia (\X) p = (\x \ X. cd_dia x p)" proof- have "cd_dia (\X) p = cd (p \ (\X))" by (simp add: dmq.coddual.dqmsr.fd_def) also have "\ = cd (\x \ X. p \ x)" using dmq.coddual.Sup_distr by auto also have "\ = (\x \ X. cd (p \ x))" by (metis cd_Sup_pres image_ident image_image) also have "\ = (\x \ X. cd_dia x p)" using dmq.coddual.dqmsr.fd_def by force finally show ?thesis. qed lemma cd_dia_Sup2: "cd_dia x (\P) = (\p \ P. cd_dia x p)" proof- have "cd_dia x (\P) = cd ((\P) \ x)" by (simp add: dmq.coddual.dqmsr.fd_def) also have "\ = (\p \ P. cd (p \ x))" by (metis cd_Sup_pres dmq.coddual.Sup_distl image_ident image_image) also have "\ = (\p \ P. cd_dia x p)" using dmq.coddual.dqmsr.fd_def by auto finally show ?thesis. qed text \The domain-based box is a forward operator, the codomain-based on a backward one. These interact again with respect to converse.\ lemma do_box_var: "p \ 1 \ do_box x p = \{q. do_dia x q \ p \ q \ 1}" by (smt (verit, best) Collect_cong dmq.bb_def dmq.dqmsr.fdia_d_simp local.do_fix_subid local.dodo) lemma cd_box_var: "p \ 1 \ cd_box x p = \{q. cd_dia x q \ p \ q \ 1}" by (smt (verit, best) Collect_cong dmq.coddual.dqmsr.fdia_d_simp dmq.fb_def local.cd_fix_subid local.cdcd) lemma do_box_cd_box_conv: "p \ 1 \ do_box (x\<^sup>\) p = cd_box x p" proof- assume a: "p \ 1" hence "do_box (x\<^sup>\) p = \{q. do_dia (x\<^sup>\) q \ p \ q \ 1}" by (simp add: do_box_var) also have "\ = \{q. cd_dia x q \ p \ q \ 1}" by (metis do_dia_cd_dia_conv) also have "\ = cd_box x p" using a cd_box_var by auto finally show ?thesis. qed lemma cd_box_do_box_conv: "p \ 1 \ cd_box (x\<^sup>\) p = do_box x p" by (metis do_box_cd_box_conv local.inv_invol) lemma do_box_subid: "do_box x p \ 1" using dmq.bb_def local.Sup_le_iff by force lemma cd_box_subid: "p \ 1 \ cd_box x p \ 1" by (metis do_box_subid local.do_box_cd_box_conv) -text \Next we prove that boxes and diamonds are adjoints, and then demodalisation laws known +text \Next we prove that boxes and diamonds are adjoints, and then demodalisation laws known from modal semirings.\ -lemma do_dia_do_box_galois: +lemma do_dia_do_box_galois: assumes "p \ 1" - and "q \ 1" + and "q \ 1" shows "(do_dia x p \ q) = (p \ do_box x q)" proof show "do_dia x p \ q \ p \ do_box x q" by (simp add: assms do_box_var local.Sup_upper) next assume "p \ do_box x q" hence "do_dia x p \ do (x \ \{t. do_dia x t \ q \ t \ 1})" by (simp add: assms(2) local.dmq.dqmsr.fd_def local.do_box_var local.do_iso local.mult_isol) also have "\ = \{do (x \ t) |t. do_dia x t \ q \ t \ 1}" by (metis do_Sup_pres image_ident image_image local.Sup_distl setcompr_eq_image) also have "\ = \{do_dia x t |t. do_dia x t \ q \ t \ 1}" using local.dmq.dqmsr.fd_def by fastforce also have "\ \ q" using local.Sup_le_iff by blast finally have "do_dia x p \ q". thus "p \ do_box x q \ do_dia x p \ q". qed -lemma cd_dia_cd_box_galois: +lemma cd_dia_cd_box_galois: assumes "p \ 1" and "q \ 1" shows "(cd_dia x p \ q) = (p \ cd_box x q)" by (metis assms do_box_cd_box_conv do_dia_cd_dia_conv do_dia_do_box_galois) -lemma do_dia_demod_subid: - assumes "p \ 1" +lemma do_dia_demod_subid: + assumes "p \ 1" and "q \ 1" shows "(do_dia x p \ q) = (x \ p \ q \ x)" by (metis assms dmq.dqmsr.fdemodalisation2 local.do_fix_subid) text \The demodalisation laws have variants based on residuals.\ -lemma do_dia_demod_subid_fres: - assumes "p \ 1" +lemma do_dia_demod_subid_fres: + assumes "p \ 1" and "q \ 1" shows "(do_dia x p \ q) = (p \ x \ q \ x)" by (simp add: assms do_dia_demod_subid local.bres_galois) -lemma do_dia_demod_subid_var: - assumes "p \ 1" +lemma do_dia_demod_subid_var: + assumes "p \ 1" and "q \ 1" shows "(do_dia x p \ q) = (x \ p \ q \ \)" by (simp add: assms(2) dmq.dqmsr.fd_def lla) -lemma do_dia_demod_subid_var_fres: - assumes "p \ 1" +lemma do_dia_demod_subid_var_fres: + assumes "p \ 1" and "q \ 1" shows "(do_dia x p \ q) = (p \ x \ q \ \)" by (simp add: assms do_dia_demod_subid_var local.bres_galois) -lemma cd_dia_demod_subid: - assumes "p \ 1" +lemma cd_dia_demod_subid: + assumes "p \ 1" and "q \ 1" shows "(cd_dia x p \ q) = (p \ x \ x \ q)" by (metis assms dmq.coddual.dqmsr.fdemodalisation2 local.cd_fix_subid) -lemma cd_dia_demod_subid_fres: - assumes "p \ 1" +lemma cd_dia_demod_subid_fres: + assumes "p \ 1" and "q \ 1" shows "(cd_dia x p \ q) = (p \ x \ q \ x)" by (simp add: assms cd_dia_demod_subid local.fres_galois) -lemma cd_dia_demod_subid_var: - assumes "p \ 1" +lemma cd_dia_demod_subid_var: + assumes "p \ 1" and "q \ 1" shows "(cd_dia x p \ q) = (p \ x \ \ \ q)" by (simp add: assms(2) dmq.coddual.dqmsr.fd_def lra) -lemma cd_dia_demod_subid_var_fres: - assumes "p \ 1" +lemma cd_dia_demod_subid_var_fres: + assumes "p \ 1" and "q \ 1" shows "(cd_dia x p \ q) = (p \ \ \ q \ x)" by (simp add: assms cd_dia_demod_subid_var local.fres_galois) -lemma do_box_iso: +lemma do_box_iso: assumes "p \ 1" - and "q \ 1" - and "p \ q" + and "q \ 1" + and "p \ q" shows "do_box x p \ do_box x q" by (meson assms do_box_subid do_dia_do_box_galois local.order.refl local.order.trans) lemma cd_box_iso: assumes "p \ 1" - and "q \ 1" - and "p \ q" + and "q \ 1" + and "p \ q" shows "cd_box x p \ cd_box x q" by (metis assms do_box_cd_box_conv do_box_iso) -lemma do_box_demod_subid: - assumes "p \ 1" +lemma do_box_demod_subid: + assumes "p \ 1" and "q \ 1" shows "(p \ do_box x q) = (x \ p \ q \ x)" using assms do_dia_do_box_galois local.do_dia_demod_subid by force -lemma do_box_demod_subid_bres: - assumes "p \ 1" +lemma do_box_demod_subid_bres: + assumes "p \ 1" and "q \ 1" shows "(p \ do_box x q) = (p \ x \ q \ x)" by (simp add: assms do_box_demod_subid local.bres_galois) -lemma do_box_demod_subid_var: - assumes "p \ 1" +lemma do_box_demod_subid_var: + assumes "p \ 1" and "q \ 1" shows "(p \ do_box x q) = (x \ p \ q \ \)" using assms do_dia_demod_subid_var do_dia_do_box_galois by auto -lemma do_box_demod_subid_var_bres: - assumes "p \ 1" +lemma do_box_demod_subid_var_bres: + assumes "p \ 1" and "q \ 1" shows "(p \ do_box x q) = (p \ x \ q \ \)" by (simp add: assms do_box_demod_subid_var local.bres_galois) -lemma do_box_demod_subid_var_bres_do: - assumes "p \ 1" +lemma do_box_demod_subid_var_bres_do: + assumes "p \ 1" and "q \ 1" shows "(p \ do_box x q) = (p \ do (x \ q \ \))" by (simp add: assms do_box_demod_subid_var_bres do_top) -lemma cd_box_demod_subid: - assumes "p \ 1" +lemma cd_box_demod_subid: + assumes "p \ 1" and "q \ 1" shows "(p \ cd_box x q) = (p \ x \ x \ q)" using assms local.cd_dia_cd_box_galois local.cd_dia_demod_subid by force -lemma cd_box_demod_subid_fres: - assumes "p \ 1" +lemma cd_box_demod_subid_fres: + assumes "p \ 1" and "q \ 1" shows "(p \ cd_box x q) = (p \ x \ q \ x)" by (simp add: assms cd_box_demod_subid local.fres_galois) -lemma cd_box_demod_subid_var: - assumes "p \ 1" +lemma cd_box_demod_subid_var: + assumes "p \ 1" and "q \ 1" shows "(p \ cd_box x q) = (p \ x \ \ \ q)" using assms cd_dia_cd_box_galois cd_dia_demod_subid_var by force -lemma cd_box_demod_subid_var_fres: - assumes "p \ 1" +lemma cd_box_demod_subid_var_fres: + assumes "p \ 1" and "q \ 1" shows "(p \ cd_box x q) = (p \ \ \ q \ x)" by (simp add: assms cd_box_demod_subid_var local.fres_galois) -text \We substitute demodalisation inequalities for diamonds in the definitions of boxes.\ +text \We substitute demodalisation inequalities for diamonds in the definitions of boxes.\ lemma do_box_var2: "p \ 1 \ do_box x p = \{q. x \ q \ p \ x \ q \ 1}" unfolding do_box_var by (meson do_dia_demod_subid) lemma do_box_bres1: "p \ 1 \ do_box x p = \{q. q \ x \ p \ x \ q \ 1}" unfolding do_box_var by (meson do_dia_demod_subid_fres) lemma do_box_bres2: "p \ 1 \ do_box x p = \{q. q \ x \ p \ \ \ q \ 1}" - unfolding do_box_var by (simp add: dmq.dqmsr.fd_def lla local.bres_galois) + unfolding do_box_var by (simp add: dmq.dqmsr.fd_def lla local.bres_galois) lemma do_box_var3: "p \ 1 \ do_box x p = \{q. x \ q \ p \ \ \ q \ 1}" unfolding do_box_var using dmq.dqmsr.fd_def lla by force lemma cd_box_var2: "p \ 1 \ cd_box x p = \{q. q \ x \ x \ p \ q \ 1}" unfolding cd_box_var by (metis cd_dia_demod_subid) lemma cd_box_var3: "p \ 1 \ cd_box x p = \{q. q \ x \ \ \ p \ q \ 1}" unfolding cd_box_var by (simp add: dmq.coddual.dqmsr.fd_def lra) text \Using these results we get a simple characterisation of boxes via domain and codomain. Similar laws can be found implicitly in Doornbos, Backhouse and van der Woude's paper on a calculational approach to mathematical induction, which speaks about wlp operators instead modal operators.\ lemma bres_do_box: "p \ 1 \ do_box x p = do (x \ p \ \)" by (meson do_box_demod_subid_var_bres_do do_box_subid local.cd_fix_subid local.cddo_compat local.dual_order.antisym local.eq_refl) lemma bres_do_box_var: "p \ 1 \ do_box x p = 1 \ (x \ p \ \)" using bres_do_box do_bres_prop by force lemma bres_do_box_top: "p \ 1 \ (do_box x p) \ \ = x \ p \ \" using bres_do_box do_top2 by auto lemma fres_cd_box: "p \ 1 \ cd_box x p = cd (\ \ p \ x)" proof- assume h0: "p \ 1" - {fix q + {fix q assume h1: "q \ 1" have "(q \ cd_box x p) = (q \ x \ \ \ p)" by (simp add: cd_box_demod_subid_var h0 h1) also have "\ = (q \ \ \ p \ x)" by (simp add: local.fres_galois) also have "\ = (q \ 1 \ (\ \ p \ x))" by (simp add: h1) also have "\ = (q \ cd (\ \ p \ x))" by (simp add: cd_fres_prop h0) finally have "(q \ cd_box x p) = (q \ cd (\ \ p \ x))".} hence "\y. y \ cd_box x p \ y \ cd (\ \ p \ x)" by (meson cd_box_subid dmq.coddual.dqmsr.dpd3 h0 local.dual_order.trans) thus ?thesis using local.dual_order.antisym by blast qed lemma fres_cd_box_var: "p \ 1 \ cd_box x p = 1 \ (\ \ p \ x)" by (simp add: cd_fres_prop fres_cd_box) lemma fres_cd_box_top: "p \ 1 \ \ \ cd_box x p = \ \ p \ x" using cd_top2 fres_cd_box by auto text \Next we show that the box operators act on the complete Heyting algebra of subidentities.\ lemma cd_box_act: assumes "p \ 1" shows "cd_box (x \ y) p = cd_box x (cd_box y p)" proof- {fix q assume a: "q \ 1" hence "(q \ cd_box (x \ y) p) = (cd_dia (x \ y) q \ p)" by (simp add: assms cd_dia_cd_box_galois) also have "\ = (cd_dia y (cd_dia x q) \ p)" by (simp add: local.dmq.coddual.dqmsr.fdia_mult) also have "\ = (cd_dia x q \ cd_box y p)" using assms cd_dia_cd_box_galois cd_top dmq.coddual.dqmsr.fd_def by force also have "\ = (q \ cd_box x (cd_box y p))" by (simp add: a assms cd_dia_cd_box_galois local.cd_box_subid) finally have "(q \ cd_box (x \ y) p) = (q \ cd_box x (cd_box y p))".} thus ?thesis by (meson assms local.cd_box_subid local.dual_order.eq_iff) qed lemma do_box_act: assumes "p \ 1" shows "do_box (x \ y) p = do_box y (do_box x p)" by (smt (verit) assms cd_box_act local.cd_box_do_box_conv local.do_box_subid local.inv_contrav) -text \Next we show that the box operators are Sup reversing in the first and Inf preserving +text \Next we show that the box operators are Sup reversing in the first and Inf preserving in the second argument.\ lemma do_box_sup_inf: "p \ 1 \ do_box (x \ y) p = do_box x p \ do_box y p" proof- - assume h1: "p \ 1" + assume h1: "p \ 1" {fix q assume h2: "q \ 1" hence "(q \ do_box (x \ y) p) = (do_dia (x \ y) q \ p)" by (simp add: do_dia_do_box_galois h1) also have "\ = (do_dia x q \ p \ do_dia y q \ p)" by (simp add: dmq.dqmsr.fdia_add2) also have "\ = (q \ do_box x p \ q \ do_box y p)" by (simp add: do_dia_do_box_galois h1 h2) also have "\ = (q \ do_box x p \ do_box y p)" by (simp add: do_box_subid subid_mult_meet) finally have "(q \ do_box (x \ y) p) = (q \ do_box x p \ do_box y p)".} hence "\z. z \ do_box (x \ y) p \ z \ do_box x p \ do_box y p" by (metis do_box_subid local.dual_order.trans local.inf.boundedE subid_mult_meet) thus ?thesis using local.dual_order.antisym by blast qed lemma do_box_sup_inf_var: "p \ 1 \ do_box (x \ y) p = do_box x p \ do_box y p" by (simp add: do_box_subid do_box_sup_inf subid_mult_meet) -lemma do_box_Sup_Inf: +lemma do_box_Sup_Inf: assumes "X \ {}" and "p \ 1" shows "do_box (\X) p = (\x \ X. do_box x p)" proof- {fix q assume h: "q \ 1" hence "(q \ do_box (\X) p) = (do_dia (\X) q \ p)" by (simp add: do_dia_do_box_galois assms(2)) also have "\ = ((\x \ X. do_dia x q) \ p)" using do_dia_Sup by force also have "\ = (\x \ X. do_dia x q \ p)" by (simp add: local.SUP_le_iff) also have "\ = (\x \ X. q \ do_box x p)" using do_dia_do_box_galois assms(2) h by blast also have "\ = (q \ (\x \ X. do_box x p))" by (simp add: local.le_INF_iff) finally have "(q \ do_box (\X) p) = (q \ (\x \ X. do_box x p))".} hence "\y. y \ do_box (\X) p \ y \ (\x \ X. do_box x p)" by (smt (verit, ccfv_threshold) assms(1) do_box_subid local.INF_le_SUP local.SUP_least local.order_trans) thus ?thesis using local.dual_order.antisym by blast qed -lemma do_box_Sup_Inf2: +lemma do_box_Sup_Inf2: assumes "P \ {}" and "\p \ P. p \ 1" shows "do_box x (\P) = (\p \ P. do_box x p)" proof- have h0: "(\p \ P. do_box x p) \ 1" by (meson all_not_in_conv assms(1) do_box_subid local.INF_lower2) {fix q assume h1: "q \ 1" hence "(q \ do_box x (\P)) = (do_dia x q \ \P)" by (simp add: assms do_dia_do_box_galois local.Inf_less_eq) also have "\ = (\p \ P. do_dia x q \ p)" using local.le_Inf_iff by blast also have "\ = (\p \ P. q \ do_box x p)" using assms(2) do_dia_do_box_galois h1 by auto also have "\ = (q \ (\p \ P. do_box x p))" by (simp add: local.le_INF_iff) finally have "(q \ do_box x (\P)) = (q \ (\p \ P. do_box x p))".} thus ?thesis using do_box_subid h0 local.dual_order.antisym by blast qed lemma cd_box_sup_inf: "p \ 1 \ cd_box (x \ y) p = cd_box x p \ cd_box y p" by (metis do_box_cd_box_conv do_box_sup_inf local.inv_binsup) lemma cd_box_sup_inf_var: "p \ 1 \ cd_box (x \ y) p = cd_box x p \ cd_box y p" by (simp add: cd_box_subid cd_box_sup_inf subid_mult_meet) -lemma cd_box_Sup_Inf: +lemma cd_box_Sup_Inf: assumes "X \ {}" and "p \ 1" shows "cd_box (\X) p = (\x \ X. cd_box x p)" proof- have "cd_box (\X) p = do_box ((\X)\<^sup>\) p" using assms(2) do_box_cd_box_conv by presburger also have "\ = (\y \ {x\<^sup>\|x. x \ X}. do_box y p)" by (simp add: Setcompr_eq_image assms do_box_Sup_Inf) also have "\ = (\x \ X. do_box (x\<^sup>\) p)" by (simp add: Setcompr_eq_image image_image) also have "\ = (\x \ X. cd_box x p)" using assms(2) do_box_cd_box_conv by force finally show ?thesis. qed -lemma cd_box_Sup_Inf2: +lemma cd_box_Sup_Inf2: assumes "P \ {}" and "\p \ P. p \ 1" shows "cd_box x (\P) = (\p \ P. cd_box x p)" proof- have "cd_box x (\P) = do_box (x\<^sup>\) (\P)" by (simp add: assms do_box_cd_box_conv local.Inf_less_eq) also have "\ = (\p \ P. do_box (x\<^sup>\) p)" using assms do_box_Sup_Inf2 by presburger also have "\ = (\p \ P. cd_box x p)" using assms(2) do_box_cd_box_conv by force finally show ?thesis. qed -text \Next we define an antidomain operation in the style of modal semirings. A natural condition is -that the antidomain of an element is the greatest test that cannot be left-composed with that elements, -and hence a greatest left annihilator. The definition of anticodomain is similar. As we are not in a -boolean domain algebra, we cannot expect that the antidomain of the antidomain yields the domain or +text \Next we define an antidomain operation in the style of modal semirings. A natural condition is +that the antidomain of an element is the greatest test that cannot be left-composed with that elements, +and hence a greatest left annihilator. The definition of anticodomain is similar. As we are not in a +boolean domain algebra, we cannot expect that the antidomain of the antidomain yields the domain or that the union of a domain element with the corresponding antidomain element equals one.\ definition "ado x = \{p. p \ x = \ \ p \ 1}" definition "acd x = \{p. x \ p = \ \ p \ 1}" lemma ado_acd: "ado (x\<^sup>\) = acd x" unfolding ado_def acd_def by (metis convdqka.subid_conv invqka.inv_zero local.inv_contrav local.inv_invol) lemma acd_ado: "acd (x\<^sup>\) = ado x" unfolding ado_def acd_def by (metis acd_def ado_acd ado_def local.inv_invol) lemma ado_left_zero [simp]: "ado x \ x = \" unfolding ado_def using dmq.coddual.Sup_distl by auto lemma acd_right_zero [simp]: "x \ acd x = \" unfolding acd_def by (simp add: dmq.coddual.h_Sup local.dual_order.antisym) lemma ado_greatest: "p \ 1 \ p \ x = \ \ p \ ado x" by (simp add: ado_def local.Sup_upper) lemma acd_greatest: "p \ 1 \ x \ p = \ \ p \ acd x" by (simp add: acd_def local.Sup_upper) lemma ado_subid: "ado x \ 1" using ado_def local.Sup_le_iff by force lemma acd_subid: "acd x \ 1" by (simp add: acd_def local.Sup_le_iff) lemma ado_left_zero_iff: "p \ 1 \ (p \ ado x) = (p \ x = \)" by (metis ado_greatest ado_left_zero local.bot_unique local.mult_isor) lemma acd_right_zero_iff: "p \ 1 \ (p \ acd x) = (x \ p = \)" by (metis acd_greatest acd_right_zero local.bot_unique local.mult_isol) text \This gives an eqational characterisation of antidomain and anticodomain.\ lemma ado_cd_bot: "ado x = cd (\ \ x)" proof- {fix p assume h: "p \ 1" hence "(p \ ado x) = (p \ x = \)" - by (simp add: ado_left_zero_iff) + by (simp add: ado_left_zero_iff) also have "\ = (p \ \ \ x)" using local.bot_unique local.fres_galois by blast also have "\ = (p \ 1 \ (\ \ x))" by (simp add: h) also have "\ = (p \ cd (\ \ x))" by (metis cd_fres_prop local.bot_least local.mult_botr) finally have "(p \ ado x) = (p \ cd (\ \ x))".} hence "\y. y \ ado x \ y \ cd (\ \ x)" using ado_subid local.cd_subid local.dual_order.trans by blast thus ?thesis using local.dual_order.antisym by blast qed lemma acd_do_bot: "acd x = do (x \ \)" by (metis ado_acd ado_cd_bot invqka.inv_zero local.bres_fres_conv local.cd_inv local.inv_invol) lemma ado_cd_bot_id: "ado x = 1 \ (\ \ x)" by (metis ado_cd_bot cd_fres_prop local.cd_bot local.cd_subid local.mult_botr) lemma acd_do_bot_id: "acd x = 1 \ (x \ \)" by (metis acd_do_bot do_bres_prop local.bot_least local.mult_botl) lemma ado_cd_bot_var: "ado x = cd (\ \ do x)" by (metis ado_cd_bot do_top2 local.fres_bot_top local.fres_curry) lemma acd_do_bot_var: "acd x = do (cd x \ \)" by (metis acd_do_bot cd_top2 local.bres_curry local.bres_top_bot) lemma ado_do_bot: "ado x = do (do x \ \)" using acd_ado acd_do_bot_var local.cd_inv by auto lemma "do x = ado (ado x)" (* nitpick[expect=genuine]*) - oops + oops lemma acd_cd_bot: "acd x = cd (\ \ cd x)" by (metis ado_acd ado_cd_bot_var local.cd_inv local.inv_invol) lemma ado_do_bot_var: "ado x = 1 \ (do x \ \)" by (metis ado_do_bot do_bres_prop local.bot_unique local.bres_bot_bot local.bres_canc1 local.do_bot local.do_subid) lemma acd_cd_bot_var: "acd x = 1 \ (\ \ cd x)" by (metis acd_cd_bot acd_right_zero cd_top local.fres_top_top2) text \Domain and codomain are compatible with the boxes.\ lemma cd_box_ado: "cd_box x \ = ado x" by (simp add: ado_cd_bot fres_cd_box) lemma do_box_acd: "do_box x \ = acd x" by (simp add: acd_do_bot bres_do_box) lemma ado_subid_prop: "p \ 1 \ ado p = 1 \ (p \ \)" by (metis ado_do_bot_var do_fix_subid) lemma ado_do: "p \ 1 \ ado p = do (p \ \)" using ado_do_bot do_fix_subid by force lemma ado_do_compl: "ado x \ do x = \" using dmq.dqmsr.dom_weakly_local by force lemma "ado x \ do x = \" (* nitpick[expect = genuine]*) oops lemma "\x p. \f. 1 \ (\ \ p \ x) = 1 \ (\ \ (x \ p \ \))" (* nitpick[expect=genuine]*) oops lemma "cd_box x p = ado (x \ ado p)" (* nitpick[expect=genuine]*) oops lemma ad_do_bot [simp]: "(1 \ (do x \ \)) \ do x = \" using ado_do_bot_var ado_left_zero dmq.dqmsr.dom_weakly_local by presburger - + lemma do_heyting_galois: "(do x \ do y \ do z) = (do x \ 1 \ (do y \ do z))" by (metis dmq.dqmsr.dsg4 dmq.mqdual.cod_subid local.bres_galois local.le_inf_iff) lemma do_heyting_galois_var: "(do x \ do y \ do z) = (do x \ cd_box (do y) (do z))" by (metis cd_dia_cd_box_galois cd_fix_subid dmq.coddual.dqmsr.fd_def dmq.dqmsr.dom_mult_closed local.do_subid) text \Antidomain is therefore Heyting negation.\ lemma ado_heyting_negation: "ado (do x) = cd_box (do x) \" by (simp add: cd_box_ado) lemma ad_ax1 [simp]: "(1 \ (do x \ \)) \ x = \" by (simp add: local.dmq.dqmsr.dom_weakly_local) lemma "1 \ (do (1 \ (do x \ \)) \ \) = do x" (* nitpick[expect=genuine]*) oops lemma "p \ 1 \ do_dia x p = 1 \ (cd_box x (1 \ (p \ \)) \ \)" (* nitpick[expect=genuine]*) oops lemma "p \ 1 \ cd_box x p = 1 \ (do_dia x (1 \ (p \ \)) \ \)" (* nitpick[expect=genuine]*) oops lemma "p \ 1 \ cd_dia x p = 1 \ (do_box x (1 \ (p \ \)) \ \)" (* nitpick[expect=genuine]*) oops lemma "p \ 1 \ do_box x p = 1 \ (cd_dia x (1 \ (p \ \)) \ \)" (* nitpick[expect=genuine]*) oops end subsection \Boolean Dedekind quantales\ class distributive_dedekind_quantale = distrib_unital_quantale + dedekind_quantale class boolean_dedekind_quantale = bool_unital_quantale + distributive_dedekind_quantale begin lemma ad_do_bot [simp]: "(1 - do x) \ do x = \" by (simp add: local.diff_eq local.inf_shunt local.subid_mult_meet) lemma ad_ax1 [simp]: "(1 - do x) \ x = \" by (simp add: local.dmq.dqmsr.dom_weakly_local) lemma ad_do [simp]: "1 - do (1 - do x) = do x" proof- have "1 - do (1 - do x) = 1 - (1 - do x)" by (metis local.diff_eq local.do_fix_subid local.inf.cobounded1) also have "\ = 1 \ -(1 \ - do x)" by (simp add: local.diff_eq) also have "\ = do x" by (simp add: local.chaq.wswq.distrib_left local.do_top) finally show ?thesis. qed lemma ad_ax2: "1 - do (x \ y) \ (1 - do (x \ (1 - do (1 - do y)))) = 1 - do (x \ (1 - do (1 - do y)))" by simp lemma ad_ax3 [simp]: "do x \ (1 - do x) = 1" proof- have "do x \ (1 - do x) = do x \ (1 \ -do x)" using local.diff_eq by force also have "\ = 1 \ (do x \ -do x)" by (simp add: local.chaq.wswq.distrib_left local.do_top) also have "\ = 1" by simp finally show ?thesis. qed -sublocale bdad: antidomain_semiring "\x. 1 - do x" "(\)" "(\)" 1 \ _ _ +sublocale bdad: antidomain_semiring "\x. 1 - do x" "(\)" "(\)" 1 \ _ _ by unfold_locales simp_all sublocale bdadka: antidomain_kleene_algebra "\x. 1 - do x" "(\)" "(\)" 1 \ _ _ qstar.. sublocale bdar: antirange_semiring "(\)" "(\)" 1 \ "\x. 1 - cd x" _ _ apply unfold_locales apply (metis ad_ax1 ad_do dmq.mqs.local_var local.docd_compat) apply (metis ad_do local.cddo_compat local.dmq.coddual.dqmsr.dsr2 local.docd_compat local.sup.idem) by (metis bdad.a_subid' bdad.as3 local.convdqka.subid_conv local.do_inv) sublocale bdaka: antirange_kleene_algebra "(\)" "(\)" 1 \ _ _ qstar "\x. 1 - cd x".. sublocale bmod: modal_semiring_simp "\x. 1 - do x" "(\)" "(\)" 1 \ _ _ "\x. 1 - cd x".. sublocale bmod: modal_kleene_algebra_simp "(\)" "(\)" 1 \ _ _ qstar "\x. 1 - do x" "\x. 1 - cd x".. lemma inv_neg: "(-x)\<^sup>\ = -(x\<^sup>\)" by (metis local.diff_eq local.diff_shunt_var local.dual_order.eq_iff local.inf.commute local.inv_conjugate local.inv_galois) lemma residuation: "x\<^sup>\ \ -(x \ y) \ -y" by (metis local.inf.commute local.inf_compl_bot local.inf_shunt local.schroeder_1) lemma bres_prop: "x \ y = -(x\<^sup>\ \ -y)" by (metis local.ba_dual.dual_iff local.bres_canc1 local.bres_galois_imp local.compl_le_swap1 local.dmq.coddual.h_w1 local.dual_order.antisym local.inv_invol residuation) lemma fres_prop: "x \ y = -(-x \ y\<^sup>\)" using bres_prop inv_neg local.fres_bres_conv by auto lemma do_dia_fdia: "do_dia x p = bdad.fdia x p" by (simp add: local.bdad.fdia_def local.dmq.dqmsr.fd_def) lemma cd_dia_bdia: "cd_dia x p = bdar.bdia x p" by (metis ad_do bdar.ardual.a_subid' bdar.bdia_def local.cd_fix_subid local.dmq.coddual.dqmsr.fd_def local.docd_compat) lemma do_dia_fbox_de_morgan: "p \ 1 \ do_dia x p = 1 - bdad.fbox x (1 - p)" by (smt (verit, ccfv_SIG) ad_do bdad.a_closure bdad.am_d_def bdad.fbox_def local.dmq.dqmsr.fd_def local.do_fix_subid) lemma fbox_do_dia_de_morgan: "p \ 1 \ bdad.fbox x p = 1 - do_dia x (1 - p)" using bdad.fbox_def local.dmq.dqmsr.fd_def local.do_fix_subid by force lemma cd_dia_bbox_de_morgan: "p \ 1 \ cd_dia x p = 1 - bdar.bbox x (1 - p)" by (smt (verit, best) ad_do bdar.bbox_def bdar.bdia_def cd_dia_bdia local.cd_fix_subid local.do_subid local.docd_compat) lemma bbox_cd_dia_de_morgan: "p \ 1 \ bdar.bbox x p = 1 - cd_dia x (1 - p)" using bdar.bbox_def local.cd_fix_subid local.dmq.coddual.dqmsr.fd_def by force lemma do_box_bbox: "p \ 1 \ do_box x p = bdar.bbox x p" proof- assume a: "p \ 1" {fix q assume b: "q \ 1" hence "(q \ do_box x p) = (x \ q \ p \ x)" by (simp add: a local.do_box_demod_subid) also have "\ = (x \ cd q \ cd p \ x)" by (metis a b local.cd_fix_subid) also have "\ = (cd q \ bdar.bbox x p)" by (metis bdar.bbox_def bdar.bdia_def cd_dia_bdia local.bdar.ardual.a_closure' local.bdar.ardual.ans_d_def local.bdar.ardual.dnsz.dsg1 local.bdar.ardual.fbox_demodalisation3 local.bdar.ardual.fbox_one local.dmq.coddual.dqmsr.fd_def local.nsrnqo.mult_oner) also have "\ = (q \ bdar.bbox x p)" using b local.cd_fix_subid by force finally have "(q \ do_box x p) = (q \ bdar.bbox x p)".} thus ?thesis by (metis bdar.bbox_def local.bdar.ardual.a_subid' local.do_box_subid local.dual_order.antisym local.eq_refl) qed lemma cd_box_fbox: "p \ 1 \ cd_box x p = bdad.fbox x p" by (smt (verit, ccfv_SIG) bdar.bbox_def do_box_bbox local.bdad.fbox_def local.cd_dia_do_dia_conv local.cd_inv local.cd_fix_subid local.cd_top local.diff_eq local.dmq.bb_def local.dmq.coddual.dqmsr.fd_def local.dmq.coddual.mult_assoc local.dmq.dqmsr.fd_def local.dmq.fb_def local.do_box_cd_box_conv local.do_fix_subid local.do_top local.inf.cobounded1) lemma do_dia_cd_box_de_morgan: "p \ 1 \ do_dia x p = 1 - cd_box x (1 - p)" by (simp add: cd_box_fbox local.diff_eq local.do_dia_fbox_de_morgan) lemma cd_box_do_dia_de_morgan: "p \ 1 \ cd_box x p = 1 - do_dia x (1 - p)" by (simp add: cd_box_fbox local.fbox_do_dia_de_morgan) lemma cd_dia_do_box_de_morgan: "p \ 1 \ cd_dia x p = 1 - do_box x (1 - p)" by (simp add: do_box_bbox local.cd_dia_bbox_de_morgan local.diff_eq) lemma do_box_cd_dia_de_morgan: "p \ 1 \ do_box x p = 1 - cd_dia x (1 - p)" by (simp add: do_box_bbox local.bbox_cd_dia_de_morgan) end class dc_involutive_modal_quantale = dc_modal_quantale + involutive_quantale begin sublocale invmqmka: involutive_dr_modal_kleene_algebra "(\)" "(\)" 1 \ "(\)" "(<)" qstar invol dom cod.. lemma do_approx_dom: "do x \ dom x" proof - have "do x = dom (do x) \ do x" by simp also have "\ \ dom (1 \ (x \ x\<^sup>\))" by (simp add: local.do_def local.dqmsr.domain_subid) also have "\ \ dom 1 \ dom (x \ x\<^sup>\)" using local.dom_meet_sub by presburger also have "\ \ dom (x \ dom (x\<^sup>\))" by simp also have "\ \ dom x" by (simp add: local.dqmsr.domain_1'') finally show ?thesis. qed end class dc_modal_quantale_converse = dc_involutive_modal_quantale + quantale_converse sublocale dc_modal_quantale_converse \ invmqmka: dr_modal_kleene_algebra_converse "(\)" "(\)" 1 \ "(\)" "(<)" qstar invol dom cod.. -class dc_modal_quantale_strong_converse = dc_involutive_modal_quantale + +class dc_modal_quantale_strong_converse = dc_involutive_modal_quantale + assumes weak_dom_def: "dom x \ x \ x\<^sup>\" and weak_cod_def: "cod x \ x\<^sup>\ \ x" begin sublocale invmqmka: dr_modal_kleene_algebra_strong_converse "(\)" "(\)" 1 \ "(\)" "(<)" qstar invol dom cod by (unfold_locales, simp_all add: local.weak_dom_def local.weak_cod_def) lemma dom_def: "dom x = 1 \ (x \ x\<^sup>\)" using local.do_approx_dom local.do_def local.dual_order.eq_iff local.weak_dom_def by force lemma cod_def: "cod x = 1 \ (x\<^sup>\ \ x)" using local.dom_def local.invmqmka.d_conv_cod by auto lemma do_dom: "do x = dom x" by (simp add: local.do_def local.dom_def) lemma cd_cod: "cd x = cod x" by (simp add: local.cd_def local.cod_def) end -class dc_modal_dedekind_quantale = dc_involutive_modal_quantale + dedekind_quantale +class dc_modal_dedekind_quantale = dc_involutive_modal_quantale + dedekind_quantale class cd_distributive_modal_dedekind_quantale = dc_modal_dedekind_quantale + distrib_unital_quantale class dc_boolean_modal_dedekind_quantale = dc_modal_dedekind_quantale + bool_unital_quantale begin lemma subid_idem: "p \ 1 \ p \ p = p" by (simp add: local.subid_mult_meet) lemma subid_comm: "p \ 1 \ q \ 1 \ p \ q = q \ p" using local.inf.commute local.subid_mult_meet by force lemma subid_meet_comp: "p \ 1 \ q \ 1 \ p \ q = p \ q" by (simp add: local.subid_mult_meet) lemma subid_dom: "p \ 1 \ dom p = p" proof- assume h: "p \ 1" have a: "p \ (1 \ -p) = 1" by (metis h local.inf_sup_absorb local.sup.commute local.sup.orderE local.sup_compl_top local.sup_inf_distrib1) have b: "(1 \ -p) \ p = \" by (simp add: local.inf.commute) hence "dom p = (p \ (1 \ -p)) \ dom p" by (simp add: a) also have "\ = p \ dom p \ dom ((1 \ -p) \ dom p) \ (1 \ -p) \ dom p" using local.dqmsr.dsg1 local.wswq.distrib_right mult_assoc by presburger also have "\ \ p \ dom ((1 \ -p) \ dom p)" by (metis b h local.dom_subid local.dom_zero local.inf.cobounded1 local.mqdual.cod_local local.mult_botr local.sup.mono subid_comm subid_meet_comp) also have "\ = p \ dom ((1 \ -p) \ p)" by simp also have "\ = p \ dom \" using b h subid_meet_comp by fastforce also have "\ = p" by simp finally have "dom p \ p". thus ?thesis using h local.dqmsr.domain_subid local.dual_order.antisym by presburger qed lemma do_prop: "(do x \ do y) = (x \ do y \ \)" by (simp add: local.lla) lemma do_lla: "(do x \ do y) = (x \ do y \ x)" by (simp add: local.lla_var) lemma lla_subid: "p \ 1 \ ((dom x \ p) = (x \ p \ x))" by (metis local.dqmsr.dom_llp subid_dom) lemma dom_do: "dom x = do x" proof- have "x \ do x \ x" by simp hence "dom x \ do x" using lla_subid local.do_subid local.dodo by presburger thus ?thesis by (simp add: local.antisym_conv local.do_approx_dom) qed end end diff --git a/thys/Quantales_Converse/ROOT b/thys/Quantales_Converse/ROOT --- a/thys/Quantales_Converse/ROOT +++ b/thys/Quantales_Converse/ROOT @@ -1,20 +1,20 @@ chapter AFP session "Quantales_Converse" (AFP) = HOL + - options [timeout = 600] + options [timeout = 1200] sessions Kleene_Algebra - KAD - Quantales - + KAD + Quantales + theories Modal_Kleene_Algebra_Var Kleene_Algebra_Converse Modal_Kleene_Algebra_Converse Modal_Quantale Quantale_Converse - + document_files "root.tex" "root.bib"