# Theory Bits_Int

```(*
* Copyright Brian Huffman, PSU; Jeremy Dawson and Gerwin Klein, NICTA
*
*)

section ‹Bitwise Operations on integers›

theory Bits_Int
imports
"Word_Lib.Most_significant_bit"
"Word_Lib.Least_significant_bit"
"Word_Lib.Generic_set_bit"
"Word_Lib.Bit_Comprehension"
begin

subsection ‹Implicit bit representation of \<^typ>‹int››

lemma bin_last_def:
"(odd :: int ⇒ bool) w ⟷ w mod 2 = 1"
by (fact odd_iff_mod_2_eq_one)

lemma bin_last_numeral_simps [simp]:
"¬ odd (0 :: int)"
"odd (1 :: int)"
"odd (- 1 :: int)"
"odd (Numeral1 :: int)"
"¬ odd (numeral (Num.Bit0 w) :: int)"
"odd (numeral (Num.Bit1 w) :: int)"
"¬ odd (- numeral (Num.Bit0 w) :: int)"
"odd (- numeral (Num.Bit1 w) :: int)"
by simp_all

lemma bin_rest_numeral_simps [simp]:
"(λk::int. k div 2) 0 = 0"
"(λk::int. k div 2) 1 = 0"
"(λk::int. k div 2) (- 1) = - 1"
"(λk::int. k div 2) Numeral1 = 0"
"(λk::int. k div 2) (numeral (Num.Bit0 w)) = numeral w"
"(λk::int. k div 2) (numeral (Num.Bit1 w)) = numeral w"
"(λk::int. k div 2) (- numeral (Num.Bit0 w)) = - numeral w"
"(λk::int. k div 2) (- numeral (Num.Bit1 w)) = - numeral (w + Num.One)"
by simp_all

lemma bin_rl_eqI: "⟦(λk::int. k div 2) x = (λk::int. k div 2) y; odd x = odd y⟧ ⟹ x = y"
by (auto elim: oddE)

lemma [simp]:
shows bin_rest_lt0: "(λk::int. k div 2) i < 0 ⟷ i < 0"
and  bin_rest_ge_0: "(λk::int. k div 2) i ≥ 0 ⟷ i ≥ 0"
by auto

lemma bin_rest_gt_0 [simp]: "(λk::int. k div 2) x > 0 ⟷ x > 1"
by auto

subsection ‹Bit projection›

lemma bin_nth_eq_iff: "(bit :: int ⇒ nat ⇒ bool) x = (bit :: int ⇒ nat ⇒ bool) y ⟷ x = y"

lemma bin_eqI:
"x = y" if "⋀n. (bit :: int ⇒ nat ⇒ bool) x n ⟷ (bit :: int ⇒ nat ⇒ bool) y n"
using that by (rule bit_eqI)

lemma bin_eq_iff: "x = y ⟷ (∀n. (bit :: int ⇒ nat ⇒ bool) x n = (bit :: int ⇒ nat ⇒ bool) y n)"
by (metis bit_eq_iff)

lemma bin_nth_zero [simp]: "¬ (bit :: int ⇒ nat ⇒ bool) 0 n"
by simp

lemma bin_nth_1 [simp]: "(bit :: int ⇒ nat ⇒ bool) 1 n ⟷ n = 0"
by (cases n) (simp_all add: bit_Suc)

lemma bin_nth_minus1 [simp]: "(bit :: int ⇒ nat ⇒ bool) (- 1) n"
by simp

lemma bin_nth_numeral: "(λk::int. k div 2) x = y ⟹ (bit :: int ⇒ nat ⇒ bool) x (numeral n) = (bit :: int ⇒ nat ⇒ bool) y (pred_numeral n)"

lemmas bin_nth_numeral_simps [simp] =
bin_nth_numeral [OF bin_rest_numeral_simps(8)]

lemmas bin_nth_simps =
bit_0 bit_Suc bin_nth_zero bin_nth_minus1
bin_nth_numeral_simps

lemma nth_2p_bin: "(bit :: int ⇒ nat ⇒ bool) (2 ^ n) m = (m = n)" ― ‹for use when simplifying with ‹bin_nth_Bit››

lemma nth_rest_power_bin: "(bit :: int ⇒ nat ⇒ bool) (((λk::int. k div 2) ^^ k) w) n = (bit :: int ⇒ nat ⇒ bool) w (n + k)"
apply (induct k arbitrary: n)
apply clarsimp
apply clarsimp
apply (simp only: bit_Suc [symmetric] add_Suc)
done

lemma bin_nth_numeral_unfold:
"(bit :: int ⇒ nat ⇒ bool) (numeral (num.Bit0 x)) n ⟷ n > 0 ∧ (bit :: int ⇒ nat ⇒ bool) (numeral x) (n - 1)"
"(bit :: int ⇒ nat ⇒ bool) (numeral (num.Bit1 x)) n ⟷ (n > 0 ⟶ (bit :: int ⇒ nat ⇒ bool) (numeral x) (n - 1))"
by (cases n; simp)+

subsection ‹Truncating›

definition bin_sign :: "int ⇒ int"
where "bin_sign k = (if k ≥ 0 then 0 else - 1)"

lemma bin_sign_simps [simp]:
"bin_sign 0 = 0"
"bin_sign 1 = 0"
"bin_sign (- 1) = - 1"
"bin_sign (numeral k) = 0"
"bin_sign (- numeral k) = -1"

lemma bin_sign_rest [simp]: "bin_sign ((λk::int. k div 2) w) = bin_sign w"

lemma bintrunc_mod2p: "(take_bit :: nat ⇒ int ⇒ int) n w = w mod 2 ^ n"
by (fact take_bit_eq_mod)

lemma sbintrunc_mod2p: "(signed_take_bit :: nat ⇒ int ⇒ int) n w = (w + 2 ^ n) mod 2 ^ Suc n - 2 ^ n"

lemma sbintrunc_eq_take_bit:
‹(signed_take_bit :: nat ⇒ int ⇒ int) n k = take_bit (Suc n) (k + 2 ^ n) - 2 ^ n›
by (fact signed_take_bit_eq_take_bit_shift)

lemma sign_bintr: "bin_sign ((take_bit :: nat ⇒ int ⇒ int) n w) = 0"

lemma bintrunc_n_0: "(take_bit :: nat ⇒ int ⇒ int) n 0 = 0"
by (fact take_bit_of_0)

lemma sbintrunc_n_0: "(signed_take_bit :: nat ⇒ int ⇒ int) n 0 = 0"
by (fact signed_take_bit_of_0)

lemma sbintrunc_n_minus1: "(signed_take_bit :: nat ⇒ int ⇒ int) n (- 1) = -1"
by (fact signed_take_bit_of_minus_1)

lemma bintrunc_Suc_numeral:
"(take_bit :: nat ⇒ int ⇒ int) (Suc n) 1 = 1"
"(take_bit :: nat ⇒ int ⇒ int) (Suc n) (- 1) = 1 + 2 * (take_bit :: nat ⇒ int ⇒ int) n (- 1)"
"(take_bit :: nat ⇒ int ⇒ int) (Suc n) (numeral (Num.Bit0 w)) = 2 * (take_bit :: nat ⇒ int ⇒ int) n (numeral w)"
"(take_bit :: nat ⇒ int ⇒ int) (Suc n) (numeral (Num.Bit1 w)) = 1 + 2 * (take_bit :: nat ⇒ int ⇒ int) n (numeral w)"
"(take_bit :: nat ⇒ int ⇒ int) (Suc n) (- numeral (Num.Bit0 w)) = 2 * (take_bit :: nat ⇒ int ⇒ int) n (- numeral w)"
"(take_bit :: nat ⇒ int ⇒ int) (Suc n) (- numeral (Num.Bit1 w)) = 1 + 2 * (take_bit :: nat ⇒ int ⇒ int) n (- numeral (w + Num.One))"

lemma sbintrunc_0_numeral [simp]:
"(signed_take_bit :: nat ⇒ int ⇒ int) 0 1 = -1"
"(signed_take_bit :: nat ⇒ int ⇒ int) 0 (numeral (Num.Bit0 w)) = 0"
"(signed_take_bit :: nat ⇒ int ⇒ int) 0 (numeral (Num.Bit1 w)) = -1"
"(signed_take_bit :: nat ⇒ int ⇒ int) 0 (- numeral (Num.Bit0 w)) = 0"
"(signed_take_bit :: nat ⇒ int ⇒ int) 0 (- numeral (Num.Bit1 w)) = -1"
by simp_all

lemma sbintrunc_Suc_numeral:
"(signed_take_bit :: nat ⇒ int ⇒ int) (Suc n) 1 = 1"
"(signed_take_bit :: nat ⇒ int ⇒ int) (Suc n) (numeral (Num.Bit0 w)) = 2 * (signed_take_bit :: nat ⇒ int ⇒ int) n (numeral w)"
"(signed_take_bit :: nat ⇒ int ⇒ int) (Suc n) (numeral (Num.Bit1 w)) = 1 + 2 * (signed_take_bit :: nat ⇒ int ⇒ int) n (numeral w)"
"(signed_take_bit :: nat ⇒ int ⇒ int) (Suc n) (- numeral (Num.Bit0 w)) = 2 * (signed_take_bit :: nat ⇒ int ⇒ int) n (- numeral w)"
"(signed_take_bit :: nat ⇒ int ⇒ int) (Suc n) (- numeral (Num.Bit1 w)) = 1 + 2 * (signed_take_bit :: nat ⇒ int ⇒ int) n (- numeral (w + Num.One))"

lemma bin_sign_lem: "(bin_sign ((signed_take_bit :: nat ⇒ int ⇒ int) n bin) = -1) = bit bin n"

lemma nth_bintr: "(bit :: int ⇒ nat ⇒ bool) ((take_bit :: nat ⇒ int ⇒ int) m w) n ⟷ n < m ∧ (bit :: int ⇒ nat ⇒ bool) w n"
by (fact bit_take_bit_iff)

lemma nth_sbintr: "(bit :: int ⇒ nat ⇒ bool) ((signed_take_bit :: nat ⇒ int ⇒ int) m w) n = (if n < m then (bit :: int ⇒ nat ⇒ bool) w n else (bit :: int ⇒ nat ⇒ bool) w m)"

lemma bin_nth_Bit0:
"(bit :: int ⇒ nat ⇒ bool) (numeral (Num.Bit0 w)) n ⟷
(∃m. n = Suc m ∧ (bit :: int ⇒ nat ⇒ bool) (numeral w) m)"
using bit_double_iff [of ‹numeral w :: int› n]
by (auto intro: exI [of _ ‹n - 1›])

lemma bin_nth_Bit1:
"(bit :: int ⇒ nat ⇒ bool) (numeral (Num.Bit1 w)) n ⟷
n = 0 ∨ (∃m. n = Suc m ∧ (bit :: int ⇒ nat ⇒ bool) (numeral w) m)"
using even_bit_succ_iff [of ‹2 * numeral w :: int› n]
bit_double_iff [of ‹numeral w :: int› n]
by auto

lemma bintrunc_bintrunc_l: "n ≤ m ⟹ (take_bit :: nat ⇒ int ⇒ int) m ((take_bit :: nat ⇒ int ⇒ int) n w) = (take_bit :: nat ⇒ int ⇒ int) n w"
by simp

lemma sbintrunc_sbintrunc_l: "n ≤ m ⟹ (signed_take_bit :: nat ⇒ int ⇒ int) m ((signed_take_bit :: nat ⇒ int ⇒ int) n w) = (signed_take_bit :: nat ⇒ int ⇒ int) n w"
by simp

lemma bintrunc_bintrunc_ge: "n ≤ m ⟹ (take_bit :: nat ⇒ int ⇒ int) n ((take_bit :: nat ⇒ int ⇒ int) m w) = (take_bit :: nat ⇒ int ⇒ int) n w"
by (rule bin_eqI) (auto simp: nth_bintr)

lemma bintrunc_bintrunc_min [simp]: "(take_bit :: nat ⇒ int ⇒ int) m ((take_bit :: nat ⇒ int ⇒ int) n w) = (take_bit :: nat ⇒ int ⇒ int) (min m n) w"
by (rule take_bit_take_bit)

lemma sbintrunc_sbintrunc_min [simp]: "(signed_take_bit :: nat ⇒ int ⇒ int) m ((signed_take_bit :: nat ⇒ int ⇒ int) n w) = (signed_take_bit :: nat ⇒ int ⇒ int) (min m n) w"
by (rule signed_take_bit_signed_take_bit)

lemmas sbintrunc_Suc_Pls =
signed_take_bit_Suc [where a="0::int", simplified bin_last_numeral_simps bin_rest_numeral_simps]

lemmas sbintrunc_Suc_Min =
signed_take_bit_Suc [where a="-1::int", simplified bin_last_numeral_simps bin_rest_numeral_simps]

lemmas sbintrunc_Sucs = sbintrunc_Suc_Pls sbintrunc_Suc_Min
sbintrunc_Suc_numeral

lemmas sbintrunc_Pls =
signed_take_bit_0 [where a="0::int", simplified bin_last_numeral_simps bin_rest_numeral_simps]

lemmas sbintrunc_Min =
signed_take_bit_0 [where a="-1::int", simplified bin_last_numeral_simps bin_rest_numeral_simps]

lemmas sbintrunc_0_simps =
sbintrunc_Pls sbintrunc_Min

lemmas sbintrunc_simps = sbintrunc_0_simps sbintrunc_Sucs

lemma bintrunc_minus: "0 < n ⟹ (take_bit :: nat ⇒ int ⇒ int) (Suc (n - 1)) w = (take_bit :: nat ⇒ int ⇒ int) n w"
by auto

lemma sbintrunc_minus: "0 < n ⟹ (signed_take_bit :: nat ⇒ int ⇒ int) (Suc (n - 1)) w = (signed_take_bit :: nat ⇒ int ⇒ int) n w"
by auto

lemmas sbintrunc_minus_simps =
sbintrunc_Sucs [THEN [2] sbintrunc_minus [symmetric, THEN trans]]

lemma sbintrunc_BIT_I:
‹0 < n ⟹
(signed_take_bit :: nat ⇒ int ⇒ int) (n - 1) 0 = y ⟹
(signed_take_bit :: nat ⇒ int ⇒ int) n 0 = 2 * y›
by simp

lemma sbintrunc_Suc_Is:
‹(signed_take_bit :: nat ⇒ int ⇒ int) n (- 1) = y ⟹
(signed_take_bit :: nat ⇒ int ⇒ int) (Suc n) (- 1) = 1 + 2 * y›
by auto

lemma sbintrunc_Suc_lem: "(signed_take_bit :: nat ⇒ int ⇒ int) (Suc n) x = y ⟹ m = Suc n ⟹ (signed_take_bit :: nat ⇒ int ⇒ int) m x = y"
by (rule ssubst)

lemmas sbintrunc_Suc_Ialts =
sbintrunc_Suc_Is [THEN sbintrunc_Suc_lem]

lemma sbintrunc_bintrunc_lt: "m > n ⟹ (signed_take_bit :: nat ⇒ int ⇒ int) n ((take_bit :: nat ⇒ int ⇒ int) m w) = (signed_take_bit :: nat ⇒ int ⇒ int) n w"
by (rule bin_eqI) (auto simp: nth_sbintr nth_bintr)

lemma bintrunc_sbintrunc_le: "m ≤ Suc n ⟹ (take_bit :: nat ⇒ int ⇒ int) m ((signed_take_bit :: nat ⇒ int ⇒ int) n w) = (take_bit :: nat ⇒ int ⇒ int) m w"
by (rule take_bit_signed_take_bit)

lemmas bintrunc_sbintrunc [simp] = order_refl [THEN bintrunc_sbintrunc_le]
lemmas sbintrunc_bintrunc [simp] = lessI [THEN sbintrunc_bintrunc_lt]
lemmas bintrunc_bintrunc [simp] = order_refl [THEN bintrunc_bintrunc_l]
lemmas sbintrunc_sbintrunc [simp] = order_refl [THEN sbintrunc_sbintrunc_l]

lemma bintrunc_sbintrunc' [simp]: "0 < n ⟹ (take_bit :: nat ⇒ int ⇒ int) n ((signed_take_bit :: nat ⇒ int ⇒ int) (n - 1) w) = (take_bit :: nat ⇒ int ⇒ int) n w"
by (cases n) simp_all

lemma sbintrunc_bintrunc' [simp]: "0 < n ⟹ (signed_take_bit :: nat ⇒ int ⇒ int) (n - 1) ((take_bit :: nat ⇒ int ⇒ int) n w) = (signed_take_bit :: nat ⇒ int ⇒ int) (n - 1) w"
by (cases n) simp_all

lemma bin_sbin_eq_iff: "(take_bit :: nat ⇒ int ⇒ int) (Suc n) x = (take_bit :: nat ⇒ int ⇒ int) (Suc n) y ⟷ (signed_take_bit :: nat ⇒ int ⇒ int) n x = (signed_take_bit :: nat ⇒ int ⇒ int) n y"
apply (rule iffI)
apply (rule box_equals [OF _ sbintrunc_bintrunc sbintrunc_bintrunc])
apply simp
apply (rule box_equals [OF _ bintrunc_sbintrunc bintrunc_sbintrunc])
apply simp
done

lemma bin_sbin_eq_iff':
"0 < n ⟹ (take_bit :: nat ⇒ int ⇒ int) n x = (take_bit :: nat ⇒ int ⇒ int) n y ⟷ (signed_take_bit :: nat ⇒ int ⇒ int) (n - 1) x = (signed_take_bit :: nat ⇒ int ⇒ int) (n - 1) y"
by (cases n) (simp_all add: bin_sbin_eq_iff)

lemmas bintrunc_sbintruncS0 [simp] = bintrunc_sbintrunc' [unfolded One_nat_def]
lemmas sbintrunc_bintruncS0 [simp] = sbintrunc_bintrunc' [unfolded One_nat_def]

lemmas bintrunc_bintrunc_l' = le_add1 [THEN bintrunc_bintrunc_l]
lemmas sbintrunc_sbintrunc_l' = le_add1 [THEN sbintrunc_sbintrunc_l]

(* although bintrunc_minus_simps, if added to default simpset,
tends to get applied where it's not wanted in developing the theories,
we get a version for when the word length is given literally *)

lemmas nat_non0_gr =
trans [OF iszero_def [THEN Not_eq_iff [THEN iffD2]] refl]

lemma bintrunc_numeral:
"(take_bit :: nat ⇒ int ⇒ int) (numeral k) x = of_bool (odd x) + 2 * (take_bit :: nat ⇒ int ⇒ int) (pred_numeral k) (x div 2)"
by (simp add: numeral_eq_Suc take_bit_Suc mod_2_eq_odd)

lemma sbintrunc_numeral:
"(signed_take_bit :: nat ⇒ int ⇒ int) (numeral k) x = of_bool (odd x) + 2 * (signed_take_bit :: nat ⇒ int ⇒ int) (pred_numeral k) (x div 2)"
by (simp add: numeral_eq_Suc signed_take_bit_Suc mod2_eq_if)

lemma bintrunc_numeral_simps [simp]:
"(take_bit :: nat ⇒ int ⇒ int) (numeral k) (numeral (Num.Bit0 w)) =
2 * (take_bit :: nat ⇒ int ⇒ int) (pred_numeral k) (numeral w)"
"(take_bit :: nat ⇒ int ⇒ int) (numeral k) (numeral (Num.Bit1 w)) =
1 + 2 * (take_bit :: nat ⇒ int ⇒ int) (pred_numeral k) (numeral w)"
"(take_bit :: nat ⇒ int ⇒ int) (numeral k) (- numeral (Num.Bit0 w)) =
2 * (take_bit :: nat ⇒ int ⇒ int) (pred_numeral k) (- numeral w)"
"(take_bit :: nat ⇒ int ⇒ int) (numeral k) (- numeral (Num.Bit1 w)) =
1 + 2 * (take_bit :: nat ⇒ int ⇒ int) (pred_numeral k) (- numeral (w + Num.One))"
"(take_bit :: nat ⇒ int ⇒ int) (numeral k) 1 = 1"

lemma sbintrunc_numeral_simps [simp]:
"(signed_take_bit :: nat ⇒ int ⇒ int) (numeral k) (numeral (Num.Bit0 w)) =
2 * (signed_take_bit :: nat ⇒ int ⇒ int) (pred_numeral k) (numeral w)"
"(signed_take_bit :: nat ⇒ int ⇒ int) (numeral k) (numeral (Num.Bit1 w)) =
1 + 2 * (signed_take_bit :: nat ⇒ int ⇒ int) (pred_numeral k) (numeral w)"
"(signed_take_bit :: nat ⇒ int ⇒ int) (numeral k) (- numeral (Num.Bit0 w)) =
2 * (signed_take_bit :: nat ⇒ int ⇒ int) (pred_numeral k) (- numeral w)"
"(signed_take_bit :: nat ⇒ int ⇒ int) (numeral k) (- numeral (Num.Bit1 w)) =
1 + 2 * (signed_take_bit :: nat ⇒ int ⇒ int) (pred_numeral k) (- numeral (w + Num.One))"
"(signed_take_bit :: nat ⇒ int ⇒ int) (numeral k) 1 = 1"

lemma no_bintr_alt1: "(take_bit :: nat ⇒ int ⇒ int) n = (λw. w mod 2 ^ n :: int)"
by (rule ext) (rule bintrunc_mod2p)

lemma range_bintrunc: "range ((take_bit :: nat ⇒ int ⇒ int) n) = {i. 0 ≤ i ∧ i < 2 ^ n}"
by (auto simp add: take_bit_eq_mod image_iff) (metis mod_pos_pos_trivial)

lemma no_sbintr_alt2: "(signed_take_bit :: nat ⇒ int ⇒ int) n = (λw. (w + 2 ^ n) mod 2 ^ Suc n - 2 ^ n :: int)"
by (rule ext) (simp add : sbintrunc_mod2p)

lemma range_sbintrunc: "range ((signed_take_bit :: nat ⇒ int ⇒ int) n) = {i. - (2 ^ n) ≤ i ∧ i < 2 ^ n}"
proof -
have ‹surj (λk::int. k + 2 ^ n)›
by (rule surjI [of _ ‹(λk. k - 2 ^ n)›]) simp
moreover have ‹(signed_take_bit :: nat ⇒ int ⇒ int) n = ((λk. k - 2 ^ n) ∘ take_bit (Suc n) ∘ (λk. k + 2 ^ n))›
ultimately show ?thesis
apply (simp only: fun.set_map range_bintrunc)
apply presburger
done
qed

lemma sbintrunc_inc:
‹k + 2 ^ Suc n ≤ (signed_take_bit :: nat ⇒ int ⇒ int) n k› if ‹k < - (2 ^ n)›
using that by (fact signed_take_bit_int_greater_eq)

lemma sbintrunc_dec:
‹(signed_take_bit :: nat ⇒ int ⇒ int) n k ≤ k - 2 ^ (Suc n)› if ‹k ≥ 2 ^ n›
using that by (fact signed_take_bit_int_less_eq)

lemma bintr_ge0: "0 ≤ (take_bit :: nat ⇒ int ⇒ int) n w"

lemma bintr_lt2p: "(take_bit :: nat ⇒ int ⇒ int) n w < 2 ^ n"

lemma bintr_Min: "(take_bit :: nat ⇒ int ⇒ int) n (- 1) = 2 ^ n - 1"

lemma sbintr_ge: "- (2 ^ n) ≤ (signed_take_bit :: nat ⇒ int ⇒ int) n w"
by (fact signed_take_bit_int_greater_eq_minus_exp)

lemma sbintr_lt: "(signed_take_bit :: nat ⇒ int ⇒ int) n w < 2 ^ n"
by (fact signed_take_bit_int_less_exp)

lemma sign_Pls_ge_0: "bin_sign bin = 0 ⟷ bin ≥ 0"
for bin :: int

lemma sign_Min_lt_0: "bin_sign bin = -1 ⟷ bin < 0"
for bin :: int

lemma bin_rest_trunc: "(λk::int. k div 2) ((take_bit :: nat ⇒ int ⇒ int) n bin) = (take_bit :: nat ⇒ int ⇒ int) (n - 1) ((λk::int. k div 2) bin)"
by (simp add: take_bit_rec [of n bin])

lemma bin_rest_power_trunc:
"((λk::int. k div 2) ^^ k) ((take_bit :: nat ⇒ int ⇒ int) n bin) = (take_bit :: nat ⇒ int ⇒ int) (n - k) (((λk::int. k div 2) ^^ k) bin)"
by (induct k) (auto simp: bin_rest_trunc)

lemma bin_rest_trunc_i: "(take_bit :: nat ⇒ int ⇒ int) n ((λk::int. k div 2) bin) = (λk::int. k div 2) ((take_bit :: nat ⇒ int ⇒ int) (Suc n) bin)"

lemma bin_rest_strunc: "(λk::int. k div 2) ((signed_take_bit :: nat ⇒ int ⇒ int) (Suc n) bin) = (signed_take_bit :: nat ⇒ int ⇒ int) n ((λk::int. k div 2) bin)"

lemma bintrunc_rest [simp]: "(take_bit :: nat ⇒ int ⇒ int) n ((λk::int. k div 2) ((take_bit :: nat ⇒ int ⇒ int) n bin)) = (λk::int. k div 2) ((take_bit :: nat ⇒ int ⇒ int) n bin)"
by (induct n arbitrary: bin) (simp_all add: take_bit_Suc)

lemma sbintrunc_rest [simp]: "(signed_take_bit :: nat ⇒ int ⇒ int) n ((λk::int. k div 2) ((signed_take_bit :: nat ⇒ int ⇒ int) n bin)) = (λk::int. k div 2) ((signed_take_bit :: nat ⇒ int ⇒ int) n bin)"
by (induct n arbitrary: bin) (simp_all add: signed_take_bit_Suc mod2_eq_if)

lemma bintrunc_rest': "(take_bit :: nat ⇒ int ⇒ int) n ∘ (λk::int. k div 2) ∘ (take_bit :: nat ⇒ int ⇒ int) n = (λk::int. k div 2) ∘ (take_bit :: nat ⇒ int ⇒ int) n"
by (rule ext) auto

lemma sbintrunc_rest': "(signed_take_bit :: nat ⇒ int ⇒ int) n ∘ (λk::int. k div 2) ∘ (signed_take_bit :: nat ⇒ int ⇒ int) n = (λk::int. k div 2) ∘ (signed_take_bit :: nat ⇒ int ⇒ int) n"
by (rule ext) auto

lemma rco_lem: "f ∘ g ∘ f = g ∘ f ⟹ f ∘ (g ∘ f) ^^ n = g ^^ n ∘ f"
apply (rule ext)
apply (induct_tac n)
apply (simp_all (no_asm))
apply (drule fun_cong)
apply (unfold o_def)
apply (erule trans)
apply simp
done

lemmas rco_bintr = bintrunc_rest'
[THEN rco_lem [THEN fun_cong], unfolded o_def]
lemmas rco_sbintr = sbintrunc_rest'
[THEN rco_lem [THEN fun_cong], unfolded o_def]

subsection ‹Splitting and concatenation›

definition bin_split :: ‹nat ⇒ int ⇒ int × int›
where [simp]: ‹bin_split n k = (drop_bit n k, take_bit n k)›

lemma [code]:
"bin_split (Suc n) w = (let (w1, w2) = bin_split n (w div 2) in (w1, of_bool (odd w) + 2 * w2))"
"bin_split 0 w = (w, 0)"
by (simp_all add: drop_bit_Suc take_bit_Suc mod_2_eq_odd)

‹concat_bit n l k = push_bit n k + take_bit n l›

lemma bin_sign_cat: "bin_sign ((λk n l. concat_bit n l k) x n y) = bin_sign x"
proof -
have ‹0 ≤ x› if ‹0 ≤ x * 2 ^ n + y mod 2 ^ n›
proof -
have ‹y mod 2 ^ n < 2 ^ n›
using pos_mod_bound [of ‹2 ^ n› y] by simp
then have ‹¬ y mod 2 ^ n ≥ 2 ^ n›
with that have ‹x ≠ - 1›
by auto
have *: ‹- 1 ≤ (- (y mod 2 ^ n)) div 2 ^ n›
from that have ‹- (y mod 2 ^ n) ≤ x * 2 ^ n›
by simp
then have ‹(- (y mod 2 ^ n)) div 2 ^ n ≤ (x * 2 ^ n) div 2 ^ n›
using zdiv_mono1 zero_less_numeral zero_less_power by blast
with * have ‹- 1 ≤ x * 2 ^ n div 2 ^ n› by simp
with ‹x ≠ - 1› show ?thesis
by simp
qed
then show ?thesis
qed

lemma bin_cat_assoc: "(λk n l. concat_bit n l k) ((λk n l. concat_bit n l k) x m y) n z = (λk n l. concat_bit n l k) x (m + n) ((λk n l. concat_bit n l k) y n z)"
by (fact concat_bit_assoc)

lemma bin_cat_assoc_sym: "(λk n l. concat_bit n l k) x m ((λk n l. concat_bit n l k) y n z) = (λk n l. concat_bit n l k) ((λk n l. concat_bit n l k) x (m - n) y) (min m n) z"
by (fact concat_bit_assoc_sym)

definition bin_rcat :: ‹nat ⇒ int list ⇒ int›
where ‹bin_rcat n = horner_sum (take_bit n) (2 ^ n) ∘ rev›

lemma bin_rcat_eq_foldl:
‹bin_rcat n = foldl (λu v. (λk n l. concat_bit n l k) u n v) 0›
proof
fix ks :: ‹int list›
show ‹bin_rcat n ks = foldl (λu v. (λk n l. concat_bit n l k) u n v) 0 ks›
by (induction ks rule: rev_induct)
qed

fun bin_rsplit_aux :: "nat ⇒ nat ⇒ int ⇒ int list ⇒ int list"
where "bin_rsplit_aux n m c bs =
(if m = 0 ∨ n = 0 then bs
else
let (a, b) = bin_split n c
in bin_rsplit_aux n (m - n) a (b # bs))"

definition bin_rsplit :: "nat ⇒ nat × int ⇒ int list"
where "bin_rsplit n w = bin_rsplit_aux n (fst w) (snd w) []"

fun bin_rsplitl_aux :: "nat ⇒ nat ⇒ int ⇒ int list ⇒ int list"
where "bin_rsplitl_aux n m c bs =
(if m = 0 ∨ n = 0 then bs
else
let (a, b) = bin_split (min m n) c
in bin_rsplitl_aux n (m - n) a (b # bs))"

definition bin_rsplitl :: "nat ⇒ nat × int ⇒ int list"
where "bin_rsplitl n w = bin_rsplitl_aux n (fst w) (snd w) []"

declare bin_rsplit_aux.simps [simp del]
declare bin_rsplitl_aux.simps [simp del]

lemma bin_nth_cat:
"(bit :: int ⇒ nat ⇒ bool) ((λk n l. concat_bit n l k) x k y) n =
(if n < k then (bit :: int ⇒ nat ⇒ bool) y n else (bit :: int ⇒ nat ⇒ bool) x (n - k))"

lemma bin_nth_drop_bit_iff:
‹(bit :: int ⇒ nat ⇒ bool) (drop_bit n c) k ⟷ (bit :: int ⇒ nat ⇒ bool) c (n + k)›

lemma bin_nth_take_bit_iff:
‹(bit :: int ⇒ nat ⇒ bool) (take_bit n c) k ⟷ k < n ∧ (bit :: int ⇒ nat ⇒ bool) c k›
by (fact bit_take_bit_iff)

lemma bin_nth_split:
"bin_split n c = (a, b) ⟹
(∀k. (bit :: int ⇒ nat ⇒ bool) a k = (bit :: int ⇒ nat ⇒ bool) c (n + k)) ∧
(∀k. (bit :: int ⇒ nat ⇒ bool) b k = (k < n ∧ (bit :: int ⇒ nat ⇒ bool) c k))"
by (auto simp add: bin_nth_drop_bit_iff bin_nth_take_bit_iff)

lemma bin_cat_zero [simp]: "(λk n l. concat_bit n l k) 0 n w = (take_bit :: nat ⇒ int ⇒ int) n w"

lemma bintr_cat1: "(take_bit :: nat ⇒ int ⇒ int) (k + n) ((λk n l. concat_bit n l k) a n b) = (λk n l. concat_bit n l k) ((take_bit :: nat ⇒ int ⇒ int) k a) n b"
by (metis bin_cat_assoc bin_cat_zero)

lemma bintr_cat: "(take_bit :: nat ⇒ int ⇒ int) m ((λk n l. concat_bit n l k) a n b) =
(λk n l. concat_bit n l k) ((take_bit :: nat ⇒ int ⇒ int) (m - n) a) n ((take_bit :: nat ⇒ int ⇒ int) (min m n) b)"
by (rule bin_eqI) (auto simp: bin_nth_cat nth_bintr)

lemma bintr_cat_same [simp]: "(take_bit :: nat ⇒ int ⇒ int) n ((λk n l. concat_bit n l k) a n b) = (take_bit :: nat ⇒ int ⇒ int) n b"
by (auto simp add : bintr_cat)

lemma cat_bintr [simp]: "(λk n l. concat_bit n l k) a n ((take_bit :: nat ⇒ int ⇒ int) n b) = (λk n l. concat_bit n l k) a n b"

lemma split_bintrunc: "bin_split n c = (a, b) ⟹ b = (take_bit :: nat ⇒ int ⇒ int) n c"
by simp

lemma bin_cat_split: "bin_split n w = (u, v) ⟹ w = (λk n l. concat_bit n l k) u n v"

lemma drop_bit_bin_cat_eq:
‹drop_bit n ((λk n l. concat_bit n l k) v n w) = v›
by (rule bit_eqI) (simp add: bit_drop_bit_eq bit_concat_bit_iff)

lemma take_bit_bin_cat_eq:
‹take_bit n ((λk n l. concat_bit n l k) v n w) = take_bit n w›
by (rule bit_eqI) (simp add: bit_concat_bit_iff)

lemma bin_split_cat: "bin_split n ((λk n l. concat_bit n l k) v n w) = (v, (take_bit :: nat ⇒ int ⇒ int) n w)"

lemma bin_split_zero [simp]: "bin_split n 0 = (0, 0)"
by simp

lemma bin_split_minus1 [simp]:
"bin_split n (- 1) = (- 1, (take_bit :: nat ⇒ int ⇒ int) n (- 1))"
by simp

lemma bin_split_trunc:
"bin_split (min m n) c = (a, b) ⟹
bin_split n ((take_bit :: nat ⇒ int ⇒ int) m c) = ((take_bit :: nat ⇒ int ⇒ int) (m - n) a, b)"
apply (induct n arbitrary: m b c, clarsimp)
apply (simp add: bin_rest_trunc Let_def split: prod.split_asm)
apply (case_tac m)
apply (auto simp: Let_def drop_bit_Suc take_bit_Suc mod_2_eq_odd split: prod.split_asm)
done

lemma bin_split_trunc1:
"bin_split n c = (a, b) ⟹
bin_split n ((take_bit :: nat ⇒ int ⇒ int) m c) = ((take_bit :: nat ⇒ int ⇒ int) (m - n) a, (take_bit :: nat ⇒ int ⇒ int) m b)"
apply (induct n arbitrary: m b c, clarsimp)
apply (simp add: bin_rest_trunc Let_def split: prod.split_asm)
apply (case_tac m)
apply (auto simp: Let_def drop_bit_Suc take_bit_Suc mod_2_eq_odd split: prod.split_asm)
done

lemma bin_cat_num: "(λk n l. concat_bit n l k) a n b = a * 2 ^ n + (take_bit :: nat ⇒ int ⇒ int) n b"

lemma bin_split_num: "bin_split n b = (b div 2 ^ n, b mod 2 ^ n)"

lemmas bin_rsplit_aux_simps = bin_rsplit_aux.simps bin_rsplitl_aux.simps
lemmas rsplit_aux_simps = bin_rsplit_aux_simps

lemmas th_if_simp1 = if_split [where P = "(=) l", THEN iffD1, THEN conjunct1, THEN mp] for l
lemmas th_if_simp2 = if_split [where P = "(=) l", THEN iffD1, THEN conjunct2, THEN mp] for l

lemmas rsplit_aux_simp1s = rsplit_aux_simps [THEN th_if_simp1]

lemmas rsplit_aux_simp2ls = rsplit_aux_simps [THEN th_if_simp2]
― ‹these safe to ‹[simp add]› as require calculating ‹m - n››
lemmas bin_rsplit_aux_simp2s [simp] = rsplit_aux_simp2ls [unfolded Let_def]
lemmas rbscl = bin_rsplit_aux_simp2s (2)

lemmas rsplit_aux_0_simps [simp] =
rsplit_aux_simp1s [OF disjI1] rsplit_aux_simp1s [OF disjI2]

lemma bin_rsplit_aux_append: "bin_rsplit_aux n m c (bs @ cs) = bin_rsplit_aux n m c bs @ cs"
apply (induct n m c bs rule: bin_rsplit_aux.induct)
apply (subst bin_rsplit_aux.simps)
apply (subst bin_rsplit_aux.simps)
apply (clarsimp split: prod.split)
done

lemma bin_rsplitl_aux_append: "bin_rsplitl_aux n m c (bs @ cs) = bin_rsplitl_aux n m c bs @ cs"
apply (induct n m c bs rule: bin_rsplitl_aux.induct)
apply (subst bin_rsplitl_aux.simps)
apply (subst bin_rsplitl_aux.simps)
apply (clarsimp split: prod.split)
done

lemmas rsplit_aux_apps [where bs = "[]"] =
bin_rsplit_aux_append bin_rsplitl_aux_append

lemmas rsplit_def_auxs = bin_rsplit_def bin_rsplitl_def

lemmas rsplit_aux_alts = rsplit_aux_apps
[unfolded append_Nil rsplit_def_auxs [symmetric]]

lemma bin_split_minus: "0 < n ⟹ bin_split (Suc (n - 1)) w = bin_split n w"
by auto

lemma bin_split_pred_simp [simp]:
"(0::nat) < numeral bin ⟹
bin_split (numeral bin) w =
(let (w1, w2) = bin_split (numeral bin - 1) ((λk::int. k div 2) w)
in (w1, of_bool (odd w) + 2 * w2))"
by (simp add: take_bit_rec drop_bit_rec mod_2_eq_odd)

lemma bin_rsplit_aux_simp_alt:
"bin_rsplit_aux n m c bs =
(if m = 0 ∨ n = 0 then bs
else let (a, b) = bin_split n c in bin_rsplit n (m - n, a) @ b # bs)"
apply (simp add: bin_rsplit_aux.simps [of n m c bs])
apply (subst rsplit_aux_alts)
done

lemmas bin_rsplit_simp_alt =
trans [OF bin_rsplit_def bin_rsplit_aux_simp_alt]

lemmas bthrs = bin_rsplit_simp_alt [THEN [2] trans]

lemma bin_rsplit_size_sign' [rule_format]:
"n > 0 ⟹ rev sw = bin_rsplit n (nw, w) ⟹ ∀v∈set sw. (take_bit :: nat ⇒ int ⇒ int) n v = v"
apply (induct sw arbitrary: nw w)
apply clarsimp
apply clarsimp
apply (drule bthrs)
apply (simp (no_asm_use) add: Let_def split: prod.split_asm if_split_asm)
apply clarify
apply simp
done

lemmas bin_rsplit_size_sign = bin_rsplit_size_sign' [OF asm_rl
rev_rev_ident [THEN trans] set_rev [THEN equalityD2 [THEN subsetD]]]

lemma bin_nth_rsplit [rule_format] :
"n > 0 ⟹ m < n ⟹
∀w k nw.
rev sw = bin_rsplit n (nw, w) ⟶
k < size sw ⟶ (bit :: int ⇒ nat ⇒ bool) (sw ! k) m = (bit :: int ⇒ nat ⇒ bool) w (k * n + m)"
apply (induct sw)
apply clarsimp
apply clarsimp
apply (drule bthrs)
apply (simp (no_asm_use) add: Let_def split: prod.split_asm if_split_asm)
apply (erule allE, erule impE, erule exI)
apply (case_tac k)
apply clarsimp
prefer 2
apply clarsimp
apply (erule allE)
apply (erule (1) impE)
done

lemma bin_rsplit_all: "0 < nw ⟹ nw ≤ n ⟹ bin_rsplit n (nw, w) = [(take_bit :: nat ⇒ int ⇒ int) n w]"
by (auto simp: bin_rsplit_def rsplit_aux_simp2ls split: prod.split dest!: split_bintrunc)

lemma bin_rsplit_l [rule_format]:
"∀bin. bin_rsplitl n (m, bin) = bin_rsplit n (m, (take_bit :: nat ⇒ int ⇒ int) m bin)"
apply (rule_tac a = "m" in wf_less_than [THEN wf_induct])
apply (simp (no_asm) add: bin_rsplitl_def bin_rsplit_def)
apply (rule allI)
apply (subst bin_rsplitl_aux.simps)
apply (subst bin_rsplit_aux.simps)
apply (clarsimp simp: Let_def split: prod.split)
apply (subst rsplit_aux_alts(1))
apply (subst rsplit_aux_alts(2))
apply clarsimp
unfolding bin_rsplit_def bin_rsplitl_def
apply (case_tac ‹x < n›)
done

lemma bin_rsplit_rcat [rule_format]:
"n > 0 ⟶ bin_rsplit n (n * size ws, bin_rcat n ws) = map ((take_bit :: nat ⇒ int ⇒ int) n) ws"
apply (unfold bin_rsplit_def bin_rcat_eq_foldl)
apply (rule_tac xs = ws in rev_induct)
apply clarsimp
apply clarsimp
apply (subst rsplit_aux_alts)
done

lemma bin_rsplit_aux_len_le [rule_format] :
"∀ws m. n ≠ 0 ⟶ ws = bin_rsplit_aux n nw w bs ⟶
length ws ≤ m ⟷ nw + length bs * n ≤ m * n"
proof -
have *: R
if d: "i ≤ j ∨ m < j'"
and R1: "i * k ≤ j * k ⟹ R"
and R2: "Suc m * k' ≤ j' * k' ⟹ R"
for i j j' k k' m :: nat and R
using d
apply safe
apply (rule R1, erule mult_le_mono1)
apply (rule R2, erule Suc_le_eq [THEN iffD2 [THEN mult_le_mono1]])
done
have **: "0 < sc ⟹ sc - n + (n + lb * n) ≤ m * n ⟷ sc + lb * n ≤ m * n"
for sc m n lb :: nat
apply safe
apply arith
apply (case_tac "sc ≥ n")
apply arith
apply (insert linorder_le_less_linear [of m lb])
apply (erule_tac k=n and k'=n in *)
apply arith
apply simp
done
show ?thesis
apply (induct n nw w bs rule: bin_rsplit_aux.induct)
apply (subst bin_rsplit_aux.simps)
apply (simp add: ** Let_def split: prod.split)
done
qed

lemma bin_rsplit_len_le: "n ≠ 0 ⟶ ws = bin_rsplit n (nw, w) ⟶ length ws ≤ m ⟷ nw ≤ m * n"
by (auto simp: bin_rsplit_def bin_rsplit_aux_len_le)

lemma bin_rsplit_aux_len:
"n ≠ 0 ⟹ length (bin_rsplit_aux n nw w cs) = (nw + n - 1) div n + length cs"
apply (induct n nw w cs rule: bin_rsplit_aux.induct)
apply (subst bin_rsplit_aux.simps)
apply (clarsimp simp: Let_def split: prod.split)
apply (erule thin_rl)
apply (case_tac m)
apply simp
apply (case_tac "m ≤ n")
done

lemma bin_rsplit_len: "n ≠ 0 ⟹ length (bin_rsplit n (nw, w)) = (nw + n - 1) div n"
by (auto simp: bin_rsplit_def bin_rsplit_aux_len)

lemma bin_rsplit_aux_len_indep:
"n ≠ 0 ⟹ length bs = length cs ⟹
length (bin_rsplit_aux n nw v bs) =
length (bin_rsplit_aux n nw w cs)"
proof (induct n nw w cs arbitrary: v bs rule: bin_rsplit_aux.induct)
case (1 n m w cs v bs)
show ?case
proof (cases "m = 0")
case True
with ‹length bs = length cs› show ?thesis by simp
next
case False
from "1.hyps" [of ‹bin_split n w› ‹drop_bit n w› ‹take_bit n w›] ‹m ≠ 0› ‹n ≠ 0›
have hyp: "⋀v bs. length bs = Suc (length cs) ⟹
length (bin_rsplit_aux n (m - n) v bs) =
length (bin_rsplit_aux n (m - n) (drop_bit n w) (take_bit n w # cs))"
using bin_rsplit_aux_len by fastforce
from ‹length bs = length cs› ‹n ≠ 0› show ?thesis
by (auto simp add: bin_rsplit_aux_simp_alt Let_def bin_rsplit_len split: prod.split)
qed
qed

lemma bin_rsplit_len_indep:
"n ≠ 0 ⟹ length (bin_rsplit n (nw, v)) = length (bin_rsplit n (nw, w))"
apply (unfold bin_rsplit_def)
apply (simp (no_asm))
apply (erule bin_rsplit_aux_len_indep)
apply (rule refl)
done

subsection ‹Logical operations›

abbreviation (input) bin_sc :: ‹nat ⇒ bool ⇒ int ⇒ int›
where ‹bin_sc n b i ≡ set_bit i n b›

lemma bin_sc_0 [simp]:
"bin_sc 0 b w = of_bool b + 2 * (λk::int. k div 2) w"

lemma bin_sc_Suc [simp]:
"bin_sc (Suc n) b w = of_bool (odd w) + 2 * bin_sc n b (w div 2)"
by (simp add: set_bit_int_def set_bit_Suc unset_bit_Suc bin_last_def)

lemma bin_nth_sc [bit_simps]: "bit (bin_sc n b w) n ⟷ b"

lemma bin_sc_sc_same [simp]: "bin_sc n c (bin_sc n b w) = bin_sc n c w"
by (induction n arbitrary: w) (simp_all add: bit_Suc)

lemma bin_sc_sc_diff: "m ≠ n ⟹ bin_sc m c (bin_sc n b w) = bin_sc n b (bin_sc m c w)"
apply (induct n arbitrary: w m)
apply (case_tac [!] m)
apply auto
done

lemma bin_nth_sc_gen: "(bit :: int ⇒ nat ⇒ bool) (bin_sc n b w) m = (if m = n then b else (bit :: int ⇒ nat ⇒ bool) w m)"

lemma bin_sc_eq:
‹bin_sc n False = unset_bit n›
‹bin_sc n True = Bit_Operations.set_bit n›
done

lemma bin_sc_nth [simp]: "bin_sc n ((bit :: int ⇒ nat ⇒ bool) w n) w = w"
by (rule bit_eqI) (simp add: bin_nth_sc_gen)

lemma bin_sign_sc [simp]: "bin_sign (bin_sc n b w) = bin_sign w"
proof (induction n arbitrary: w)
case 0
then show ?case
by (auto simp add: bin_sign_def) (use bin_rest_ge_0 in fastforce)
next
case (Suc n)
from Suc [of ‹w div 2›]
show ?case by (auto simp add: bin_sign_def split: if_splits)
qed

lemma bin_sc_bintr [simp]:
"(take_bit :: nat ⇒ int ⇒ int) m (bin_sc n x ((take_bit :: nat ⇒ int ⇒ int) m w)) = (take_bit :: nat ⇒ int ⇒ int) m (bin_sc n x w)"
apply (rule bit_eqI)
apply (cases x)
apply (auto simp add: bit_simps bin_sc_eq)
done

lemma bin_clr_le: "bin_sc n False w ≤ w"

lemma bin_set_ge: "bin_sc n True w ≥ w"

lemma bintr_bin_clr_le: "(take_bit :: nat ⇒ int ⇒ int) n (bin_sc m False w) ≤ (take_bit :: nat ⇒ int ⇒ int) n w"
by (simp add: set_bit_int_def take_bit_unset_bit_eq unset_bit_less_eq)

lemma bintr_bin_set_ge: "(take_bit :: nat ⇒ int ⇒ int) n (bin_sc m True w) ≥ (take_bit :: nat ⇒ int ⇒ int) n w"
by (simp add: set_bit_int_def take_bit_set_bit_eq set_bit_greater_eq)

lemma bin_sc_FP [simp]: "bin_sc n False 0 = 0"
by (induct n) auto

lemma bin_sc_TM [simp]: "bin_sc n True (- 1) = - 1"
by (induct n) auto

lemmas bin_sc_simps = bin_sc_0 bin_sc_Suc bin_sc_TM bin_sc_FP

lemma bin_sc_minus: "0 < n ⟹ bin_sc (Suc (n - 1)) b w = bin_sc n b w"
by auto

lemmas bin_sc_Suc_minus =
trans [OF bin_sc_minus [symmetric] bin_sc_Suc]

lemma bin_sc_numeral [simp]:
"bin_sc (numeral k) b w =
of_bool (odd w) + 2 * bin_sc (pred_numeral k) b (w div 2)"

lemmas bin_sc_minus_simps =
bin_sc_simps (2,3,4) [THEN [2] trans, OF bin_sc_minus [THEN sym]]

lemma int_set_bit_0 [simp]: fixes x :: int shows
"set_bit x 0 b = of_bool b + 2 * (x div 2)"
by (fact bin_sc_0)

lemma int_set_bit_Suc: fixes x :: int shows
"set_bit x (Suc n) b = of_bool (odd x) + 2 * set_bit (x div 2) n b"
by (fact bin_sc_Suc)

lemma bin_last_set_bit:
"odd (set_bit x n b :: int) = (if n > 0 then odd x else b)"
by (cases n) (simp_all add: int_set_bit_Suc)

lemma bin_rest_set_bit:
"(set_bit x n b :: int) div 2 = (if n > 0 then set_bit (x div 2) (n - 1) b else x div 2)"
by (cases n) (simp_all add: int_set_bit_Suc)

lemma int_set_bit_numeral: fixes x :: int shows
"set_bit x (numeral w) b = of_bool (odd x) + 2 * set_bit (x div 2) (pred_numeral w) b"
by (fact bin_sc_numeral)

lemmas int_set_bit_numerals [simp] =
int_set_bit_numeral[where x="numeral w'"]
int_set_bit_numeral[where x="- numeral w'"]
int_set_bit_numeral[where x="Numeral1"]
int_set_bit_numeral[where x="1"]
int_set_bit_numeral[where x="0"]
int_set_bit_Suc[where x="numeral w'"]
int_set_bit_Suc[where x="- numeral w'"]
int_set_bit_Suc[where x="Numeral1"]
int_set_bit_Suc[where x="1"]
int_set_bit_Suc[where x="0"]
for w'

lemma msb_set_bit [simp]:
"msb (set_bit (x :: int) n b) ⟷ msb x"

lemma word_set_bit_def:
‹set_bit a n x = word_of_int (bin_sc n x (uint a))›
apply (rule bit_word_eqI)
apply (cases x)
done

lemma set_bit_word_of_int:
"set_bit (word_of_int x) n b = word_of_int (bin_sc n b x)"
unfolding word_set_bit_def
by (rule word_eqI) (simp add: word_size bin_nth_sc_gen nth_bintr bit_simps)

lemma word_set_numeral [simp]:
"set_bit (numeral bin::'a::len word) n b =
word_of_int (bin_sc n b (numeral bin))"
unfolding word_numeral_alt by (rule set_bit_word_of_int)

lemma word_set_neg_numeral [simp]:
"set_bit (- numeral bin::'a::len word) n b =
word_of_int (bin_sc n b (- numeral bin))"
unfolding word_neg_numeral_alt by (rule set_bit_word_of_int)

lemma word_set_bit_0 [simp]: "set_bit 0 n b = word_of_int (bin_sc n b 0)"
unfolding word_0_wi by (rule set_bit_word_of_int)

lemma word_set_bit_1 [simp]: "set_bit 1 n b = word_of_int (bin_sc n b 1)"
unfolding word_1_wi by (rule set_bit_word_of_int)

lemmas shiftl_int_def = shiftl_eq_mult[of x for x::int]
lemmas shiftr_int_def = shiftr_eq_div[of x for x::int]

subsubsection ‹Basic simplification rules›

context
includes bit_operations_syntax
begin

lemmas int_not_def = not_int_def

lemma int_not_simps:
"NOT (0::int) = -1"
"NOT (1::int) = -2"
"NOT (- 1::int) = 0"
"NOT (numeral w::int) = - numeral (w + Num.One)"
"NOT (- numeral (Num.Bit0 w)::int) = numeral (Num.BitM w)"
"NOT (- numeral (Num.Bit1 w)::int) = numeral (Num.Bit0 w)"

lemma int_not_not: "NOT (NOT x) = x"
for x :: int
by (fact bit.double_compl)

lemma int_and_0 [simp]: "0 AND x = 0"
for x :: int
by (fact bit.conj_zero_left)

lemma int_and_m1 [simp]: "-1 AND x = x"
for x :: int
by (fact and.left_neutral)

lemma int_or_zero [simp]: "0 OR x = x"
for x :: int
by (fact or.left_neutral)

lemma int_or_minus1 [simp]: "-1 OR x = -1"
for x :: int
by (fact bit.disj_one_left)

lemma int_xor_zero [simp]: "0 XOR x = x"
for x :: int
by (fact xor.left_neutral)

subsubsection ‹Binary destructors›

lemma bin_rest_NOT [simp]: "(λk::int. k div 2) (NOT x) = NOT ((λk::int. k div 2) x)"
by (fact not_int_div_2)

lemma bin_last_NOT [simp]: "(odd :: int ⇒ bool) (NOT x) ⟷ ¬ (odd :: int ⇒ bool) x"
by simp

lemma bin_rest_AND [simp]: "(λk::int. k div 2) (x AND y) = (λk::int. k div 2) x AND (λk::int. k div 2) y"
by (subst and_int_rec) auto

lemma bin_last_AND [simp]: "(odd :: int ⇒ bool) (x AND y) ⟷ (odd :: int ⇒ bool) x ∧ (odd :: int ⇒ bool) y"
by (subst and_int_rec) auto

lemma bin_rest_OR [simp]: "(λk::int. k div 2) (x OR y) = (λk::int. k div 2) x OR (λk::int. k div 2) y"
by (subst or_int_rec) auto

lemma bin_last_OR [simp]: "(odd :: int ⇒ bool) (x OR y) ⟷ (odd :: int ⇒ bool) x ∨ (odd :: int ⇒ bool) y"
by (subst or_int_rec) auto

lemma bin_rest_XOR [simp]: "(λk::int. k div 2) (x XOR y) = (λk::int. k div 2) x XOR (λk::int. k div 2) y"
by (subst xor_int_rec) auto

lemma bin_last_XOR [simp]: "(odd :: int ⇒ bool) (x XOR y) ⟷ ((odd :: int ⇒ bool) x ∨ (odd :: int ⇒ bool) y) ∧ ¬ ((odd :: int ⇒ bool) x ∧ (odd :: int ⇒ bool) y)"
by (subst xor_int_rec) auto

lemma bin_nth_ops:
"⋀x y. (bit :: int ⇒ nat ⇒ bool) (x AND y) n ⟷ (bit :: int ⇒ nat ⇒ bool) x n ∧ (bit :: int ⇒ nat ⇒ bool) y n"
"⋀x y. (bit :: int ⇒ nat ⇒ bool) (x OR y) n ⟷ (bit :: int ⇒ nat ⇒ bool) x n ∨ (bit :: int ⇒ nat ⇒ bool) y n"
"⋀x y. (bit :: int ⇒ nat ⇒ bool) (x XOR y) n ⟷ (bit :: int ⇒ nat ⇒ bool) x n ≠ (bit :: int ⇒ nat ⇒ bool) y n"
"⋀x. (bit :: int ⇒ nat ⇒ bool) (NOT x) n ⟷ ¬ (bit :: int ⇒ nat ⇒ bool) x n"
by (simp_all add: bit_and_iff bit_or_iff bit_xor_iff bit_not_iff)

subsubsection ‹Derived properties›

lemma int_xor_minus1 [simp]: "-1 XOR x = NOT x"
for x :: int
by (fact bit.xor_one_left)

lemma int_xor_extra_simps [simp]:
"w XOR 0 = w"
"w XOR -1 = NOT w"
for w :: int
by simp_all

lemma int_or_extra_simps [simp]:
"w OR 0 = w"
"w OR -1 = -1"
for w :: int
by simp_all

lemma int_and_extra_simps [simp]:
"w AND 0 = 0"
"w AND -1 = w"
for w :: int
by simp_all

text ‹Commutativity of the above.›
lemma bin_ops_comm:
fixes x y :: int
shows int_and_comm: "x AND y = y AND x"
and int_or_comm:  "x OR y = y OR x"
and int_xor_comm: "x XOR y = y XOR x"

lemma bin_ops_same [simp]:
"x AND x = x"
"x OR x = x"
"x XOR x = 0"
for x :: int
by simp_all

lemmas bin_log_esimps =
int_and_extra_simps  int_or_extra_simps  int_xor_extra_simps
int_and_0 int_and_m1 int_or_zero int_or_minus1 int_xor_zero int_xor_minus1

subsubsection ‹Basic properties of logical (bit-wise) operations›

lemma bbw_ao_absorb: "x AND (y OR x) = x ∧ x OR (y AND x) = x"
for x y :: int
by (auto simp add: bin_eq_iff bin_nth_ops)

lemma bbw_ao_absorbs_other:
"x AND (x OR y) = x ∧ (y AND x) OR x = x"
"(y OR x) AND x = x ∧ x OR (x AND y) = x"
"(x OR y) AND x = x ∧ (x AND y) OR x = x"
for x y :: int
by (auto simp add: bin_eq_iff bin_nth_ops)

lemmas bbw_ao_absorbs [simp] = bbw_ao_absorb bbw_ao_absorbs_other

lemma int_xor_not: "(NOT x) XOR y = NOT (x XOR y) ∧ x XOR (NOT y) = NOT (x XOR y)"
for x y :: int
by (auto simp add: bin_eq_iff bin_nth_ops)

lemma int_and_assoc: "(x AND y) AND z = x AND (y AND z)"
for x y z :: int
by (auto simp add: bin_eq_iff bin_nth_ops)

lemma int_or_assoc: "(x OR y) OR z = x OR (y OR z)"
for x y z :: int
by (auto simp add: bin_eq_iff bin_nth_ops)

lemma int_xor_assoc: "(x XOR y) XOR z = x XOR (y XOR z)"
for x y z :: int
by (auto simp add: bin_eq_iff bin_nth_ops)

lemmas bbw_assocs = int_and_assoc int_or_assoc int_xor_assoc

(* BH: Why are these declared as simp rules??? *)
lemma bbw_lcs [simp]:
"y AND (x AND z) = x AND (y AND z)"
"y OR (x OR z) = x OR (y OR z)"
"y XOR (x XOR z) = x XOR (y XOR z)"
for x y :: int
by (auto simp add: bin_eq_iff bin_nth_ops)

lemma bbw_not_dist:
"NOT (x OR y) = (NOT x) AND (NOT y)"
"NOT (x AND y) = (NOT x) OR (NOT y)"
for x y :: int
by (auto simp add: bin_eq_iff bin_nth_ops)

lemma bbw_oa_dist: "(x AND y) OR z = (x OR z) AND (y OR z)"
for x y z :: int
by (auto simp add: bin_eq_iff bin_nth_ops)

lemma bbw_ao_dist: "(x OR y) AND z = (x AND z) OR (y AND z)"
for x y z :: int
by (auto simp add: bin_eq_iff bin_nth_ops)

subsubsection ‹Simplification with numerals›

text ‹Cases for ‹0› and ‹-1› are already covered by other simp rules.›

lemma bin_rest_neg_numeral_BitM [simp]:
"(λk::int. k div 2) (- numeral (Num.BitM w)) = - numeral w"
by simp

lemma bin_last_neg_numeral_BitM [simp]:
"(odd :: int ⇒ bool) (- numeral (Num.BitM w))"
by simp

subsubsection ‹Interactions with arithmetic›

lemma le_int_or: "bin_sign y = 0 ⟹ x ≤ x OR y"
for x y :: int
by (simp add: bin_sign_def or_greater_eq split: if_splits)

lemmas int_and_le =
xtrans(3) [OF bbw_ao_absorbs (2) [THEN conjunct2, symmetric] le_int_or]

text ‹Interaction between bit-wise and arithmetic: good example of ‹bin_induction›.›
lemma bin_add_not: "x + NOT x = (-1::int)"

lemma AND_mod: "x AND (2 ^ n - 1) = x mod 2 ^ n"
for x :: int

subsubsection ‹Truncating results of bit-wise operations›

lemma bin_trunc_ao:
"(take_bit :: nat ⇒ int ⇒ int) n x AND (take_bit :: nat ⇒ int ⇒ int) n y = (take_bit :: nat ⇒ int ⇒ int) n (x AND y)"
"(take_bit :: nat ⇒ int ⇒ int) n x OR (take_bit :: nat ⇒ int ⇒ int) n y = (take_bit :: nat ⇒ int ⇒ int) n (x OR y)"
by simp_all

lemma bin_trunc_xor: "(take_bit :: nat ⇒ int ⇒ int) n ((take_bit :: nat ⇒ int ⇒ int) n x XOR (take_bit :: nat ⇒ int ⇒ int) n y) = (take_bit :: nat ⇒ int ⇒ int) n (x XOR y)"
by simp

lemma bin_trunc_not: "(take_bit :: nat ⇒ int ⇒ int) n (NOT ((take_bit :: nat ⇒ int ⇒ int) n x)) = (take_bit :: nat ⇒ int ⇒ int) n (NOT x)"
by (fact take_bit_not_take_bit)

text ‹Want theorems of the form of ‹bin_trunc_xor›.›
lemma bintr_bintr_i: "x = (take_bit :: nat ⇒ int ⇒ int) n y ⟹ (take_bit :: nat ⇒ int ⇒ int) n x = (take_bit :: nat ⇒ int ⇒ int) n y"
by auto

lemmas bin_trunc_and = bin_trunc_ao(1) [THEN bintr_bintr_i]
lemmas bin_trunc_or = bin_trunc_ao(2) [THEN bintr_bintr_i]

subsubsection ‹More lemmas›

lemma not_int_cmp_0 [simp]:
fixes i :: int shows
"0 < NOT i ⟷ i < -1"
"0 ≤ NOT i ⟷ i < 0"
"NOT i < 0 ⟷ i ≥ 0"
"NOT i ≤ 0 ⟷ i ≥ -1"

lemma bbw_ao_dist2: "(x :: int) AND (y OR z) = x AND y OR x AND z"
by (fact bit.conj_disj_distrib)

lemmas int_and_ac = bbw_lcs(1) int_and_comm int_and_assoc

lemma int_nand_same [simp]: fixes x :: int shows "x AND NOT x = 0"
by simp

lemma int_nand_same_middle: fixes x :: int shows "x AND y AND NOT x = 0"
by (simp add: bit_eq_iff bit_and_iff bit_not_iff)

lemma and_xor_dist: fixes x :: int shows
"x AND (y XOR z) = (x AND y) XOR (x AND z)"
by (fact bit.conj_xor_distrib)

lemma int_and_lt0 [simp]:
‹x AND y < 0 ⟷ x < 0 ∧ y < 0› for x y :: int
by (fact and_negative_int_iff)

lemma int_and_ge0 [simp]:
‹x AND y ≥ 0 ⟷ x ≥ 0 ∨ y ≥ 0› for x y :: int
by (fact and_nonnegative_int_iff)

lemma int_and_1: fixes x :: int shows "x AND 1 = x mod 2"
by (fact and_one_eq)

lemma int_1_and: fixes x :: int shows "1 AND x = x mod 2"
by (fact one_and_eq)

lemma int_or_lt0 [simp]:
‹x OR y < 0 ⟷ x < 0 ∨ y < 0› for x y :: int
by (fact or_negative_int_iff)

lemma int_or_ge0 [simp]:
‹x OR y ≥ 0 ⟷ x ≥ 0 ∧ y ≥ 0› for x y :: int
by (fact or_nonnegative_int_iff)

lemma int_xor_lt0 [simp]:
‹x XOR y < 0 ⟷ (x < 0) ≠ (y < 0)› for x y :: int
by (fact xor_negative_int_iff)

lemma int_xor_ge0 [simp]:
‹x XOR y ≥ 0 ⟷ (x ≥ 0 ⟷ y ≥ 0)› for x y :: int
by (fact xor_nonnegative_int_iff)

lemma even_conv_AND:
‹even i ⟷ i AND 1 = 0› for i :: int

lemma bin_last_conv_AND:
"(odd :: int ⇒ bool) i ⟷ i AND 1 ≠ 0"

lemma bitval_bin_last:
"of_bool ((odd :: int ⇒ bool) i) = i AND 1"

lemma bin_sign_and:
"bin_sign (i AND j) = - (bin_sign i * bin_sign j)"

lemma int_not_neg_numeral: "NOT (- numeral n) = (Num.sub n num.One :: int)"

lemma int_neg_numeral_pOne_conv_not: "- numeral (n + num.One) = (NOT (numeral n) :: int)"

subsection ‹Setting and clearing bits›

lemma int_shiftl_BIT: fixes x :: int
shows int_shiftl0: "x << 0 = x"
and int_shiftl_Suc: "x << Suc n = 2 * x << n"

lemma int_0_shiftl: "push_bit n 0 = (0 :: int)"
by (fact push_bit_of_0)

lemma bin_last_shiftl: "odd (push_bit n x) ⟷ n = 0 ∧ (odd :: int ⇒ bool) x"
by simp

lemma bin_rest_shiftl: "(λk::int. k div 2) (push_bit n x) = (if n > 0 then push_bit (n - 1) x else (λk::int. k div 2) x)"
by (cases n) (simp_all add: push_bit_eq_mult)

lemma bin_nth_shiftl: "(bit :: int ⇒ nat ⇒ bool) (push_bit n x) m ⟷ n ≤ m ∧ (bit :: int ⇒ nat ⇒ bool) x (m - n)"
by (fact bit_push_bit_iff_int)

lemma bin_last_shiftr: "odd (drop_bit n x) ⟷ bit x n" for x :: int

lemma bin_rest_shiftr: "(λk::int. k div 2) (drop_bit n x) = drop_bit (Suc n) x"

lemma bin_nth_shiftr: "(bit :: int ⇒ nat ⇒ bool) (drop_bit n x) m = (bit :: int ⇒ nat ⇒ bool) x (n + m)"

lemma bin_nth_conv_AND:
fixes x :: int shows
"(bit :: int ⇒ nat ⇒ bool) x n ⟷ x AND (push_bit n 1) ≠ 0"
by (fact bit_iff_and_push_bit_not_eq_0)

lemma int_shiftl_numeral [simp]:
"push_bit (numeral w') (numeral w :: int) = push_bit (pred_numeral w') (numeral (num.Bit0 w))"
"push_bit (numeral w') (- numeral w :: int) = push_bit (pred_numeral w') (- numeral (num.Bit0 w))"
(metis add_One mult_inc semiring_norm(11) semiring_norm(13) semiring_norm(2) semiring_norm(6) semiring_norm(87))+

lemma int_shiftl_One_numeral [simp]:
"push_bit (numeral w) (1::int) = push_bit (pred_numeral w) 2"
using int_shiftl_numeral [of Num.One w]
by (simp only: numeral_eq_Suc push_bit_Suc) simp

lemma shiftl_ge_0: fixes i :: int shows "push_bit n i ≥ 0 ⟷ i ≥ 0"
by (fact push_bit_nonnegative_int_iff)

lemma shiftl_lt_0: fixes i :: int shows "push_bit n i < 0 ⟷ i < 0"
by (fact push_bit_negative_int_iff)

lemma int_shiftl_test_bit: "bit (push_bit i n :: int) m ⟷ m ≥ i ∧ bit n (m - i)"
by (fact bit_push_bit_iff_int)

lemma int_0shiftr: "drop_bit x (0 :: int) = 0"
by (fact drop_bit_of_0)

lemma int_minus1_shiftr: "drop_bit x (-1 :: int) = -1"
by (fact drop_bit_minus_one)

lemma int_shiftr_ge_0: fixes i :: int shows "drop_bit n i ≥ 0 ⟷ i ≥ 0"
by (fact ```