feat: toInt_ushiftRight, ushiftRight_eq_zero

mhk119 · bollu · commit 5b7c6546497e · 2024-11-27T15:03:54.000Z
diff --git a/src/Init/Data/BitVec/Lemmas.lean b/src/Init/Data/BitVec/Lemmas.lean
@@ -1316,6 +1316,51 @@ theorem toNat_ushiftRight_lt (x : BitVec w) (n : Nat) (hn : n ≤ w) :
     · apply hn
   · apply Nat.pow_pos (by decide)
 
+
+/-- Shifting right by `n`, which is larger than the bitwidth `w` produces `0. -/
+theorem ushiftRight_eq_zero {x : BitVec w} {n : Nat} (hn : w ≤ n) :
+    x >>> n = 0#w := by
+  simp [bv_toNat]
+  have : 2^w ≤ 2^n := Nat.pow_le_pow_of_le Nat.one_lt_two hn
+  rw [Nat.shiftRight_eq_div_pow, Nat.div_eq_of_lt (by omega)]
+
+
+/--
+Unsigned shift right by at least one bit makes the value of the bitvector less than or equal to `2^(w-1)`,
+makes the interpretation of the bitvector `Int` and `Nat` agree.
+-/
+theorem toInt_ushiftRight_of_lt {x : BitVec w} {n : Nat} (hn : 0 < n) :
+    (x >>> n).toInt = x.toNat >>> n := by
+  rw [toInt_eq_toNat_cond]
+  simp only [toNat_ushiftRight, ite_eq_left_iff, Nat.not_lt]
+  intros h
+  by_cases hn: n ≤ w
+  · have h1 := Nat.mul_lt_mul_of_pos_left (toNat_ushiftRight_lt x n hn) Nat.two_pos
+    simp only [toNat_ushiftRight, Nat.zero_lt_succ, Nat.mul_lt_mul_left] at h1
+    have : 2 ^ (w - n).succ ≤ 2^ w := Nat.pow_le_pow_of_le (by decide) (by omega)
+    have := show 2 * x.toNat >>> n < 2 ^ w by
+      omega
+    omega
+  · have : x.toNat >>> n = 0 := by
+      apply Nat.shiftRight_eq_zero
+      have : 2^w ≤ 2^n := Nat.pow_le_pow_of_le (by decide) (by omega)
+      omega
+    simp [this] at h
+    omega
+
+/--
+Unsigned shift right by at least one bit makes the value of the bitvector less than or equal to `2^(w-1)`,
+makes the interpretation of the bitvector `Int` and `Nat` agree.
+In the case when `n = 0`, then the shift right value equals the integer interpretation.
+-/
+@[simp]
+theorem toInt_ushiftRight_eq_ite {x : BitVec w} {n : Nat} :
+    (x >>> n).toInt = if n = 0 then x.toInt else x.toNat >>> n := by
+  by_cases hn : n = 0
+  · simp [hn]
+  · rw [toInt_ushiftRight_of_lt (by omega), toInt_eq_toNat_cond]
+    simp [hn]
+
 @[simp]
 theorem getMsbD_ushiftRight {x : BitVec w} {i n : Nat} :
     (x >>> n).getMsbD i = (decide (i < w) && (!decide (i < n) && x.getMsbD (i - n))) := by
diff --git a/src/Init/Data/Int/Bitwise/Lemmas.lean b/src/Init/Data/Int/Bitwise/Lemmas.lean
@@ -34,4 +34,8 @@ theorem shiftRight_eq_div_pow (m : Int) (n : Nat) :
 theorem zero_shiftRight (n : Nat) : (0 : Int) >>> n = 0 := by
   simp [Int.shiftRight_eq_div_pow]
 
+@[simp]
+theorem shiftRight_zero (n : Int) : n >>> 0 = n := by
+  simp [Int.shiftRight_eq_div_pow]
+
 end Int
diff --git a/src/Init/Data/Nat/Bitwise/Basic.lean b/src/Init/Data/Nat/Bitwise/Basic.lean
@@ -71,6 +71,9 @@ theorem shiftRight_eq_div_pow (m : Nat) : ∀ n, m >>> n = m / 2 ^ n
     rw [shiftRight_add, shiftRight_eq_div_pow m k]
     simp [Nat.div_div_eq_div_mul, ← Nat.pow_succ, shiftRight_succ]
 
+theorem shiftRight_eq_zero (m n : Nat) (hn : m < 2^n) : m >>> n = 0 := by
+  simp [Nat.shiftRight_eq_div_pow, Nat.div_eq_of_lt hn]
+
 /-!
 ### testBit
 We define an operation for testing individual bits in the binary representation
