src/HOL/Divides.thy
author wenzelm
Sat Jul 08 12:54:30 2006 +0200 (2006-07-08)
changeset 20044 92cc2f4c7335
parent 18702 7dc7dcd63224
child 20217 25b068a99d2b
permissions -rw-r--r--
simprocs: no theory argument -- use simpset context instead;
paulson@3366
     1
(*  Title:      HOL/Divides.thy
paulson@3366
     2
    ID:         $Id$
paulson@3366
     3
    Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
paulson@6865
     4
    Copyright   1999  University of Cambridge
huffman@18154
     5
*)
paulson@3366
     6
huffman@18154
     7
header {* The division operators div, mod and the divides relation "dvd" *}
paulson@3366
     8
nipkow@15131
     9
theory Divides
wenzelm@17508
    10
imports Datatype
nipkow@15131
    11
begin
paulson@3366
    12
wenzelm@8902
    13
(*We use the same class for div and mod;
paulson@6865
    14
  moreover, dvd is defined whenever multiplication is*)
paulson@6865
    15
axclass
wenzelm@12338
    16
  div < type
paulson@6865
    17
nipkow@13152
    18
instance  nat :: div ..
paulson@6865
    19
paulson@3366
    20
consts
nipkow@13152
    21
  div  :: "'a::div \<Rightarrow> 'a \<Rightarrow> 'a"          (infixl 70)
nipkow@13152
    22
  mod  :: "'a::div \<Rightarrow> 'a \<Rightarrow> 'a"          (infixl 70)
nipkow@13152
    23
  dvd  :: "'a::times \<Rightarrow> 'a \<Rightarrow> bool"      (infixl 50)
paulson@3366
    24
paulson@3366
    25
paulson@3366
    26
defs
paulson@6865
    27
nipkow@13152
    28
  mod_def:   "m mod n == wfrec (trancl pred_nat)
paulson@7029
    29
                          (%f j. if j<n | n=0 then j else f (j-n)) m"
paulson@6865
    30
nipkow@13152
    31
  div_def:   "m div n == wfrec (trancl pred_nat) 
paulson@7029
    32
                          (%f j. if j<n | n=0 then 0 else Suc (f (j-n))) m"
paulson@3366
    33
paulson@6865
    34
(*The definition of dvd is polymorphic!*)
paulson@14267
    35
  dvd_def:   "m dvd n == \<exists>k. n = m*k"
paulson@3366
    36
paulson@10559
    37
(*This definition helps prove the harder properties of div and mod.
paulson@10559
    38
  It is copied from IntDiv.thy; should it be overloaded?*)
paulson@10559
    39
constdefs
paulson@10559
    40
  quorem :: "(nat*nat) * (nat*nat) => bool"
paulson@10559
    41
    "quorem == %((a,b), (q,r)).
paulson@10559
    42
                      a = b*q + r &
paulson@14267
    43
                      (if 0<b then 0\<le>r & r<b else b<r & r \<le>0)"
paulson@14267
    44
paulson@14267
    45
paulson@14267
    46
paulson@14267
    47
subsection{*Initial Lemmas*}
paulson@14267
    48
paulson@14267
    49
lemmas wf_less_trans = 
paulson@14267
    50
       def_wfrec [THEN trans, OF eq_reflection wf_pred_nat [THEN wf_trancl],
paulson@14267
    51
                  standard]
paulson@14267
    52
paulson@14267
    53
lemma mod_eq: "(%m. m mod n) = 
paulson@14267
    54
              wfrec (trancl pred_nat) (%f j. if j<n | n=0 then j else f (j-n))"
paulson@14267
    55
by (simp add: mod_def)
paulson@14267
    56
paulson@14267
    57
lemma div_eq: "(%m. m div n) = wfrec (trancl pred_nat)  
paulson@14267
    58
               (%f j. if j<n | n=0 then 0 else Suc (f (j-n)))"
paulson@14267
    59
by (simp add: div_def)
paulson@14267
    60
paulson@14267
    61
paulson@14267
    62
(** Aribtrary definitions for division by zero.  Useful to simplify 
paulson@14267
    63
    certain equations **)
paulson@14267
    64
paulson@14267
    65
lemma DIVISION_BY_ZERO_DIV [simp]: "a div 0 = (0::nat)"
paulson@14267
    66
by (rule div_eq [THEN wf_less_trans], simp)
paulson@14267
    67
paulson@14267
    68
lemma DIVISION_BY_ZERO_MOD [simp]: "a mod 0 = (a::nat)"
paulson@14267
    69
by (rule mod_eq [THEN wf_less_trans], simp)
paulson@14267
    70
paulson@14267
    71
paulson@14267
    72
subsection{*Remainder*}
paulson@14267
    73
paulson@14267
    74
lemma mod_less [simp]: "m<n ==> m mod n = (m::nat)"
paulson@14267
    75
by (rule mod_eq [THEN wf_less_trans], simp)
paulson@14267
    76
paulson@14267
    77
lemma mod_geq: "~ m < (n::nat) ==> m mod n = (m-n) mod n"
paulson@14267
    78
apply (case_tac "n=0", simp) 
paulson@14267
    79
apply (rule mod_eq [THEN wf_less_trans])
nipkow@15439
    80
apply (simp add: cut_apply less_eq)
paulson@14267
    81
done
paulson@14267
    82
paulson@14267
    83
(*Avoids the ugly ~m<n above*)
paulson@14267
    84
lemma le_mod_geq: "(n::nat) \<le> m ==> m mod n = (m-n) mod n"
paulson@16796
    85
by (simp add: mod_geq linorder_not_less)
paulson@14267
    86
paulson@14267
    87
lemma mod_if: "m mod (n::nat) = (if m<n then m else (m-n) mod n)"
paulson@14267
    88
by (simp add: mod_geq)
paulson@14267
    89
paulson@14267
    90
lemma mod_1 [simp]: "m mod Suc 0 = 0"
paulson@15251
    91
apply (induct "m")
paulson@14267
    92
apply (simp_all (no_asm_simp) add: mod_geq)
paulson@14267
    93
done
paulson@14267
    94
paulson@14267
    95
lemma mod_self [simp]: "n mod n = (0::nat)"
paulson@14267
    96
apply (case_tac "n=0")
paulson@14267
    97
apply (simp_all add: mod_geq)
paulson@14267
    98
done
paulson@14267
    99
paulson@14267
   100
lemma mod_add_self2 [simp]: "(m+n) mod n = m mod (n::nat)"
paulson@15251
   101
apply (subgoal_tac "(n + m) mod n = (n+m-n) mod n") 
paulson@14267
   102
apply (simp add: add_commute)
paulson@14267
   103
apply (subst mod_geq [symmetric], simp_all)
paulson@14267
   104
done
paulson@14267
   105
paulson@14267
   106
lemma mod_add_self1 [simp]: "(n+m) mod n = m mod (n::nat)"
paulson@14267
   107
by (simp add: add_commute mod_add_self2)
paulson@14267
   108
paulson@14267
   109
lemma mod_mult_self1 [simp]: "(m + k*n) mod n = m mod (n::nat)"
paulson@15251
   110
apply (induct "k")
paulson@14267
   111
apply (simp_all add: add_left_commute [of _ n])
paulson@14267
   112
done
paulson@14267
   113
paulson@14267
   114
lemma mod_mult_self2 [simp]: "(m + n*k) mod n = m mod (n::nat)"
paulson@14267
   115
by (simp add: mult_commute mod_mult_self1)
paulson@14267
   116
paulson@14267
   117
lemma mod_mult_distrib: "(m mod n) * (k::nat) = (m*k) mod (n*k)"
paulson@14267
   118
apply (case_tac "n=0", simp)
paulson@14267
   119
apply (case_tac "k=0", simp)
paulson@15251
   120
apply (induct "m" rule: nat_less_induct)
paulson@14267
   121
apply (subst mod_if, simp)
nipkow@15439
   122
apply (simp add: mod_geq diff_mult_distrib)
paulson@14267
   123
done
paulson@14267
   124
paulson@14267
   125
lemma mod_mult_distrib2: "(k::nat) * (m mod n) = (k*m) mod (k*n)"
paulson@14267
   126
by (simp add: mult_commute [of k] mod_mult_distrib)
paulson@14267
   127
paulson@14267
   128
lemma mod_mult_self_is_0 [simp]: "(m*n) mod n = (0::nat)"
paulson@14267
   129
apply (case_tac "n=0", simp)
paulson@15251
   130
apply (induct "m", simp)
paulson@14267
   131
apply (rename_tac "k")
paulson@14267
   132
apply (cut_tac m = "k*n" and n = n in mod_add_self2)
paulson@14267
   133
apply (simp add: add_commute)
paulson@14267
   134
done
paulson@14267
   135
paulson@14267
   136
lemma mod_mult_self1_is_0 [simp]: "(n*m) mod n = (0::nat)"
paulson@14267
   137
by (simp add: mult_commute mod_mult_self_is_0)
paulson@14267
   138
paulson@14267
   139
paulson@14267
   140
subsection{*Quotient*}
paulson@14267
   141
paulson@14267
   142
lemma div_less [simp]: "m<n ==> m div n = (0::nat)"
paulson@14267
   143
by (rule div_eq [THEN wf_less_trans], simp)
paulson@14267
   144
paulson@14267
   145
lemma div_geq: "[| 0<n;  ~m<n |] ==> m div n = Suc((m-n) div n)"
paulson@14267
   146
apply (rule div_eq [THEN wf_less_trans])
nipkow@15439
   147
apply (simp add: cut_apply less_eq)
paulson@14267
   148
done
paulson@14267
   149
paulson@14267
   150
(*Avoids the ugly ~m<n above*)
paulson@14267
   151
lemma le_div_geq: "[| 0<n;  n\<le>m |] ==> m div n = Suc((m-n) div n)"
paulson@16796
   152
by (simp add: div_geq linorder_not_less)
paulson@14267
   153
paulson@14267
   154
lemma div_if: "0<n ==> m div n = (if m<n then 0 else Suc((m-n) div n))"
paulson@14267
   155
by (simp add: div_geq)
paulson@14267
   156
paulson@14267
   157
paulson@14267
   158
(*Main Result about quotient and remainder.*)
paulson@14267
   159
lemma mod_div_equality: "(m div n)*n + m mod n = (m::nat)"
paulson@14267
   160
apply (case_tac "n=0", simp)
paulson@15251
   161
apply (induct "m" rule: nat_less_induct)
paulson@14267
   162
apply (subst mod_if)
nipkow@15439
   163
apply (simp_all (no_asm_simp) add: add_assoc div_geq add_diff_inverse)
paulson@14267
   164
done
paulson@14267
   165
paulson@14267
   166
lemma mod_div_equality2: "n * (m div n) + m mod n = (m::nat)"
paulson@14267
   167
apply(cut_tac m = m and n = n in mod_div_equality)
paulson@14267
   168
apply(simp add: mult_commute)
paulson@14267
   169
done
paulson@14267
   170
paulson@14267
   171
subsection{*Simproc for Cancelling Div and Mod*}
paulson@14267
   172
paulson@14267
   173
lemma div_mod_equality: "((m div n)*n + m mod n) + k = (m::nat) + k"
paulson@14267
   174
apply(simp add: mod_div_equality)
paulson@14267
   175
done
paulson@14267
   176
paulson@14267
   177
lemma div_mod_equality2: "(n*(m div n) + m mod n) + k = (m::nat) + k"
paulson@14267
   178
apply(simp add: mod_div_equality2)
paulson@14267
   179
done
paulson@14267
   180
paulson@14267
   181
ML
paulson@14267
   182
{*
paulson@14267
   183
val div_mod_equality = thm "div_mod_equality";
paulson@14267
   184
val div_mod_equality2 = thm "div_mod_equality2";
paulson@14267
   185
paulson@14267
   186
paulson@14267
   187
structure CancelDivModData =
paulson@14267
   188
struct
paulson@14267
   189
paulson@14267
   190
val div_name = "Divides.op div";
paulson@14267
   191
val mod_name = "Divides.op mod";
paulson@14267
   192
val mk_binop = HOLogic.mk_binop;
paulson@14267
   193
val mk_sum = NatArithUtils.mk_sum;
paulson@14267
   194
val dest_sum = NatArithUtils.dest_sum;
paulson@14267
   195
paulson@14267
   196
(*logic*)
paulson@14267
   197
paulson@14267
   198
val div_mod_eqs = map mk_meta_eq [div_mod_equality,div_mod_equality2]
paulson@14267
   199
paulson@14267
   200
val trans = trans
paulson@14267
   201
paulson@14267
   202
val prove_eq_sums =
paulson@14267
   203
  let val simps = add_0 :: add_0_right :: add_ac
wenzelm@17609
   204
  in NatArithUtils.prove_conv all_tac (NatArithUtils.simp_all_tac simps) end;
paulson@14267
   205
paulson@14267
   206
end;
paulson@14267
   207
paulson@14267
   208
structure CancelDivMod = CancelDivModFun(CancelDivModData);
paulson@14267
   209
paulson@14267
   210
val cancel_div_mod_proc = NatArithUtils.prep_simproc
wenzelm@20044
   211
      ("cancel_div_mod", ["(m::nat) + n"], K CancelDivMod.proc);
paulson@14267
   212
paulson@14267
   213
Addsimprocs[cancel_div_mod_proc];
paulson@14267
   214
*}
paulson@14267
   215
paulson@14267
   216
paulson@14267
   217
(* a simple rearrangement of mod_div_equality: *)
paulson@14267
   218
lemma mult_div_cancel: "(n::nat) * (m div n) = m - (m mod n)"
paulson@14267
   219
by (cut_tac m = m and n = n in mod_div_equality2, arith)
paulson@14267
   220
paulson@14267
   221
lemma mod_less_divisor [simp]: "0<n ==> m mod n < (n::nat)"
paulson@15251
   222
apply (induct "m" rule: nat_less_induct)
paulson@14267
   223
apply (case_tac "na<n", simp) 
paulson@14267
   224
txt{*case @{term "n \<le> na"}*}
nipkow@15439
   225
apply (simp add: mod_geq)
nipkow@15439
   226
done
nipkow@15439
   227
nipkow@15439
   228
lemma mod_le_divisor[simp]: "0 < n \<Longrightarrow> m mod n \<le> (n::nat)"
nipkow@15439
   229
apply(drule mod_less_divisor[where m = m])
nipkow@15439
   230
apply simp
paulson@14267
   231
done
paulson@14267
   232
paulson@14267
   233
lemma div_mult_self_is_m [simp]: "0<n ==> (m*n) div n = (m::nat)"
paulson@14267
   234
by (cut_tac m = "m*n" and n = n in mod_div_equality, auto)
paulson@14267
   235
paulson@14267
   236
lemma div_mult_self1_is_m [simp]: "0<n ==> (n*m) div n = (m::nat)"
paulson@14267
   237
by (simp add: mult_commute div_mult_self_is_m)
paulson@14267
   238
paulson@14267
   239
(*mod_mult_distrib2 above is the counterpart for remainder*)
paulson@14267
   240
paulson@14267
   241
paulson@14267
   242
subsection{*Proving facts about Quotient and Remainder*}
paulson@14267
   243
paulson@14267
   244
lemma unique_quotient_lemma:
nipkow@16733
   245
     "[| b*q' + r'  \<le> b*q + r;  x < b;  r < b |]  
paulson@14267
   246
      ==> q' \<le> (q::nat)"
paulson@14267
   247
apply (rule leI)
paulson@14267
   248
apply (subst less_iff_Suc_add)
paulson@14267
   249
apply (auto simp add: add_mult_distrib2)
paulson@14267
   250
done
paulson@14267
   251
paulson@14267
   252
lemma unique_quotient:
paulson@14267
   253
     "[| quorem ((a,b), (q,r));  quorem ((a,b), (q',r'));  0 < b |]  
paulson@14267
   254
      ==> q = q'"
paulson@14267
   255
apply (simp add: split_ifs quorem_def)
paulson@14267
   256
apply (blast intro: order_antisym 
nipkow@16733
   257
             dest: order_eq_refl [THEN unique_quotient_lemma] sym)
paulson@14267
   258
done
paulson@14267
   259
paulson@14267
   260
lemma unique_remainder:
paulson@14267
   261
     "[| quorem ((a,b), (q,r));  quorem ((a,b), (q',r'));  0 < b |]  
paulson@14267
   262
      ==> r = r'"
paulson@14267
   263
apply (subgoal_tac "q = q'")
paulson@14267
   264
prefer 2 apply (blast intro: unique_quotient)
paulson@14267
   265
apply (simp add: quorem_def)
paulson@14267
   266
done
paulson@14267
   267
paulson@14267
   268
lemma quorem_div_mod: "0 < b ==> quorem ((a, b), (a div b, a mod b))"
paulson@14267
   269
by (auto simp add: quorem_def)
paulson@14267
   270
paulson@14267
   271
lemma quorem_div: "[| quorem((a,b),(q,r));  0 < b |] ==> a div b = q"
paulson@14267
   272
by (simp add: quorem_div_mod [THEN unique_quotient])
paulson@14267
   273
paulson@14267
   274
lemma quorem_mod: "[| quorem((a,b),(q,r));  0 < b |] ==> a mod b = r"
paulson@14267
   275
by (simp add: quorem_div_mod [THEN unique_remainder])
paulson@14267
   276
paulson@14267
   277
(** A dividend of zero **)
paulson@14267
   278
paulson@14267
   279
lemma div_0 [simp]: "0 div m = (0::nat)"
paulson@14267
   280
by (case_tac "m=0", simp_all)
paulson@14267
   281
paulson@14267
   282
lemma mod_0 [simp]: "0 mod m = (0::nat)"
paulson@14267
   283
by (case_tac "m=0", simp_all)
paulson@14267
   284
paulson@14267
   285
(** proving (a*b) div c = a * (b div c) + a * (b mod c) **)
paulson@14267
   286
paulson@14267
   287
lemma quorem_mult1_eq:
paulson@14267
   288
     "[| quorem((b,c),(q,r));  0 < c |]  
paulson@14267
   289
      ==> quorem ((a*b, c), (a*q + a*r div c, a*r mod c))"
paulson@14267
   290
apply (auto simp add: split_ifs mult_ac quorem_def add_mult_distrib2)
paulson@14267
   291
done
paulson@14267
   292
paulson@14267
   293
lemma div_mult1_eq: "(a*b) div c = a*(b div c) + a*(b mod c) div (c::nat)"
paulson@14267
   294
apply (case_tac "c = 0", simp)
paulson@14267
   295
apply (blast intro: quorem_div_mod [THEN quorem_mult1_eq, THEN quorem_div])
paulson@14267
   296
done
paulson@14267
   297
paulson@14267
   298
lemma mod_mult1_eq: "(a*b) mod c = a*(b mod c) mod (c::nat)"
paulson@14267
   299
apply (case_tac "c = 0", simp)
paulson@14267
   300
apply (blast intro: quorem_div_mod [THEN quorem_mult1_eq, THEN quorem_mod])
paulson@14267
   301
done
paulson@14267
   302
paulson@14267
   303
lemma mod_mult1_eq': "(a*b) mod (c::nat) = ((a mod c) * b) mod c"
paulson@14267
   304
apply (rule trans)
paulson@14267
   305
apply (rule_tac s = "b*a mod c" in trans)
paulson@14267
   306
apply (rule_tac [2] mod_mult1_eq)
paulson@14267
   307
apply (simp_all (no_asm) add: mult_commute)
paulson@14267
   308
done
paulson@14267
   309
paulson@14267
   310
lemma mod_mult_distrib_mod: "(a*b) mod (c::nat) = ((a mod c) * (b mod c)) mod c"
paulson@14267
   311
apply (rule mod_mult1_eq' [THEN trans])
paulson@14267
   312
apply (rule mod_mult1_eq)
paulson@14267
   313
done
paulson@14267
   314
paulson@14267
   315
(** proving (a+b) div c = a div c + b div c + ((a mod c + b mod c) div c) **)
paulson@14267
   316
paulson@14267
   317
lemma quorem_add1_eq:
paulson@14267
   318
     "[| quorem((a,c),(aq,ar));  quorem((b,c),(bq,br));  0 < c |]  
paulson@14267
   319
      ==> quorem ((a+b, c), (aq + bq + (ar+br) div c, (ar+br) mod c))"
paulson@14267
   320
by (auto simp add: split_ifs mult_ac quorem_def add_mult_distrib2)
paulson@14267
   321
paulson@14267
   322
(*NOT suitable for rewriting: the RHS has an instance of the LHS*)
paulson@14267
   323
lemma div_add1_eq:
paulson@14267
   324
     "(a+b) div (c::nat) = a div c + b div c + ((a mod c + b mod c) div c)"
paulson@14267
   325
apply (case_tac "c = 0", simp)
paulson@14267
   326
apply (blast intro: quorem_add1_eq [THEN quorem_div] quorem_div_mod quorem_div_mod)
paulson@14267
   327
done
paulson@14267
   328
paulson@14267
   329
lemma mod_add1_eq: "(a+b) mod (c::nat) = (a mod c + b mod c) mod c"
paulson@14267
   330
apply (case_tac "c = 0", simp)
paulson@14267
   331
apply (blast intro: quorem_div_mod quorem_div_mod
paulson@14267
   332
                    quorem_add1_eq [THEN quorem_mod])
paulson@14267
   333
done
paulson@14267
   334
paulson@14267
   335
paulson@14267
   336
subsection{*Proving @{term "a div (b*c) = (a div b) div c"}*}
paulson@14267
   337
paulson@14267
   338
(** first, a lemma to bound the remainder **)
paulson@14267
   339
paulson@14267
   340
lemma mod_lemma: "[| (0::nat) < c; r < b |] ==> b * (q mod c) + r < b * c"
paulson@14267
   341
apply (cut_tac m = q and n = c in mod_less_divisor)
paulson@14267
   342
apply (drule_tac [2] m = "q mod c" in less_imp_Suc_add, auto)
paulson@14267
   343
apply (erule_tac P = "%x. ?lhs < ?rhs x" in ssubst)
paulson@14267
   344
apply (simp add: add_mult_distrib2)
paulson@14267
   345
done
paulson@10559
   346
paulson@14267
   347
lemma quorem_mult2_eq: "[| quorem ((a,b), (q,r));  0 < b;  0 < c |]  
paulson@14267
   348
      ==> quorem ((a, b*c), (q div c, b*(q mod c) + r))"
paulson@14267
   349
apply (auto simp add: mult_ac quorem_def add_mult_distrib2 [symmetric] mod_lemma)
paulson@14267
   350
done
paulson@14267
   351
paulson@14267
   352
lemma div_mult2_eq: "a div (b*c) = (a div b) div (c::nat)"
paulson@14267
   353
apply (case_tac "b=0", simp)
paulson@14267
   354
apply (case_tac "c=0", simp)
paulson@14267
   355
apply (force simp add: quorem_div_mod [THEN quorem_mult2_eq, THEN quorem_div])
paulson@14267
   356
done
paulson@14267
   357
paulson@14267
   358
lemma mod_mult2_eq: "a mod (b*c) = b*(a div b mod c) + a mod (b::nat)"
paulson@14267
   359
apply (case_tac "b=0", simp)
paulson@14267
   360
apply (case_tac "c=0", simp)
paulson@14267
   361
apply (auto simp add: mult_commute quorem_div_mod [THEN quorem_mult2_eq, THEN quorem_mod])
paulson@14267
   362
done
paulson@14267
   363
paulson@14267
   364
paulson@14267
   365
subsection{*Cancellation of Common Factors in Division*}
paulson@14267
   366
paulson@14267
   367
lemma div_mult_mult_lemma:
paulson@14267
   368
     "[| (0::nat) < b;  0 < c |] ==> (c*a) div (c*b) = a div b"
paulson@14267
   369
by (auto simp add: div_mult2_eq)
paulson@14267
   370
paulson@14267
   371
lemma div_mult_mult1 [simp]: "(0::nat) < c ==> (c*a) div (c*b) = a div b"
paulson@14267
   372
apply (case_tac "b = 0")
paulson@14267
   373
apply (auto simp add: linorder_neq_iff [of b] div_mult_mult_lemma)
paulson@14267
   374
done
paulson@14267
   375
paulson@14267
   376
lemma div_mult_mult2 [simp]: "(0::nat) < c ==> (a*c) div (b*c) = a div b"
paulson@14267
   377
apply (drule div_mult_mult1)
paulson@14267
   378
apply (auto simp add: mult_commute)
paulson@14267
   379
done
paulson@14267
   380
paulson@14267
   381
paulson@14267
   382
(*Distribution of Factors over Remainders:
paulson@14267
   383
paulson@14267
   384
Could prove these as in Integ/IntDiv.ML, but we already have
paulson@14267
   385
mod_mult_distrib and mod_mult_distrib2 above!
paulson@14267
   386
paulson@14267
   387
Goal "(c*a) mod (c*b) = (c::nat) * (a mod b)"
paulson@14267
   388
qed "mod_mult_mult1";
paulson@14267
   389
paulson@14267
   390
Goal "(a*c) mod (b*c) = (a mod b) * (c::nat)";
paulson@14267
   391
qed "mod_mult_mult2";
paulson@14267
   392
 ***)
paulson@14267
   393
paulson@14267
   394
subsection{*Further Facts about Quotient and Remainder*}
paulson@14267
   395
paulson@14267
   396
lemma div_1 [simp]: "m div Suc 0 = m"
paulson@15251
   397
apply (induct "m")
paulson@14267
   398
apply (simp_all (no_asm_simp) add: div_geq)
paulson@14267
   399
done
paulson@14267
   400
paulson@14267
   401
lemma div_self [simp]: "0<n ==> n div n = (1::nat)"
paulson@14267
   402
by (simp add: div_geq)
paulson@14267
   403
paulson@14267
   404
lemma div_add_self2: "0<n ==> (m+n) div n = Suc (m div n)"
paulson@15251
   405
apply (subgoal_tac "(n + m) div n = Suc ((n+m-n) div n) ")
paulson@14267
   406
apply (simp add: add_commute)
paulson@14267
   407
apply (subst div_geq [symmetric], simp_all)
paulson@14267
   408
done
paulson@14267
   409
paulson@14267
   410
lemma div_add_self1: "0<n ==> (n+m) div n = Suc (m div n)"
paulson@14267
   411
by (simp add: add_commute div_add_self2)
paulson@14267
   412
paulson@14267
   413
lemma div_mult_self1 [simp]: "!!n::nat. 0<n ==> (m + k*n) div n = k + m div n"
paulson@14267
   414
apply (subst div_add1_eq)
paulson@14267
   415
apply (subst div_mult1_eq, simp)
paulson@14267
   416
done
paulson@14267
   417
paulson@14267
   418
lemma div_mult_self2 [simp]: "0<n ==> (m + n*k) div n = k + m div (n::nat)"
paulson@14267
   419
by (simp add: mult_commute div_mult_self1)
paulson@14267
   420
paulson@14267
   421
paulson@14267
   422
(* Monotonicity of div in first argument *)
paulson@14267
   423
lemma div_le_mono [rule_format (no_asm)]:
paulson@14267
   424
     "\<forall>m::nat. m \<le> n --> (m div k) \<le> (n div k)"
paulson@14267
   425
apply (case_tac "k=0", simp)
paulson@15251
   426
apply (induct "n" rule: nat_less_induct, clarify)
paulson@14267
   427
apply (case_tac "n<k")
paulson@14267
   428
(* 1  case n<k *)
paulson@14267
   429
apply simp
paulson@14267
   430
(* 2  case n >= k *)
paulson@14267
   431
apply (case_tac "m<k")
paulson@14267
   432
(* 2.1  case m<k *)
paulson@14267
   433
apply simp
paulson@14267
   434
(* 2.2  case m>=k *)
nipkow@15439
   435
apply (simp add: div_geq diff_le_mono)
paulson@14267
   436
done
paulson@14267
   437
paulson@14267
   438
(* Antimonotonicity of div in second argument *)
paulson@14267
   439
lemma div_le_mono2: "!!m::nat. [| 0<m; m\<le>n |] ==> (k div n) \<le> (k div m)"
paulson@14267
   440
apply (subgoal_tac "0<n")
paulson@14267
   441
 prefer 2 apply simp 
paulson@15251
   442
apply (induct_tac k rule: nat_less_induct)
paulson@14267
   443
apply (rename_tac "k")
paulson@14267
   444
apply (case_tac "k<n", simp)
paulson@14267
   445
apply (subgoal_tac "~ (k<m) ")
paulson@14267
   446
 prefer 2 apply simp 
paulson@14267
   447
apply (simp add: div_geq)
paulson@15251
   448
apply (subgoal_tac "(k-n) div n \<le> (k-m) div n")
paulson@14267
   449
 prefer 2
paulson@14267
   450
 apply (blast intro: div_le_mono diff_le_mono2)
paulson@14267
   451
apply (rule le_trans, simp)
nipkow@15439
   452
apply (simp)
paulson@14267
   453
done
paulson@14267
   454
paulson@14267
   455
lemma div_le_dividend [simp]: "m div n \<le> (m::nat)"
paulson@14267
   456
apply (case_tac "n=0", simp)
paulson@14267
   457
apply (subgoal_tac "m div n \<le> m div 1", simp)
paulson@14267
   458
apply (rule div_le_mono2)
paulson@14267
   459
apply (simp_all (no_asm_simp))
paulson@14267
   460
done
paulson@14267
   461
paulson@14267
   462
(* Similar for "less than" *) 
paulson@17085
   463
lemma div_less_dividend [rule_format]:
paulson@14267
   464
     "!!n::nat. 1<n ==> 0 < m --> m div n < m"
paulson@15251
   465
apply (induct_tac m rule: nat_less_induct)
paulson@14267
   466
apply (rename_tac "m")
paulson@14267
   467
apply (case_tac "m<n", simp)
paulson@14267
   468
apply (subgoal_tac "0<n")
paulson@14267
   469
 prefer 2 apply simp 
paulson@14267
   470
apply (simp add: div_geq)
paulson@14267
   471
apply (case_tac "n<m")
paulson@15251
   472
 apply (subgoal_tac "(m-n) div n < (m-n) ")
paulson@14267
   473
  apply (rule impI less_trans_Suc)+
paulson@14267
   474
apply assumption
nipkow@15439
   475
  apply (simp_all)
paulson@14267
   476
done
paulson@14267
   477
paulson@17085
   478
declare div_less_dividend [simp]
paulson@17085
   479
paulson@14267
   480
text{*A fact for the mutilated chess board*}
paulson@14267
   481
lemma mod_Suc: "Suc(m) mod n = (if Suc(m mod n) = n then 0 else Suc(m mod n))"
paulson@14267
   482
apply (case_tac "n=0", simp)
paulson@15251
   483
apply (induct "m" rule: nat_less_induct)
paulson@14267
   484
apply (case_tac "Suc (na) <n")
paulson@14267
   485
(* case Suc(na) < n *)
paulson@14267
   486
apply (frule lessI [THEN less_trans], simp add: less_not_refl3)
paulson@14267
   487
(* case n \<le> Suc(na) *)
paulson@16796
   488
apply (simp add: linorder_not_less le_Suc_eq mod_geq)
nipkow@15439
   489
apply (auto simp add: Suc_diff_le le_mod_geq)
paulson@14267
   490
done
paulson@14267
   491
paulson@14437
   492
lemma nat_mod_div_trivial [simp]: "m mod n div n = (0 :: nat)"
paulson@14437
   493
by (case_tac "n=0", auto)
paulson@14437
   494
paulson@14437
   495
lemma nat_mod_mod_trivial [simp]: "m mod n mod n = (m mod n :: nat)"
paulson@14437
   496
by (case_tac "n=0", auto)
paulson@14437
   497
paulson@14267
   498
paulson@14267
   499
subsection{*The Divides Relation*}
paulson@14267
   500
paulson@14267
   501
lemma dvdI [intro?]: "n = m * k ==> m dvd n"
paulson@14267
   502
by (unfold dvd_def, blast)
paulson@14267
   503
paulson@14267
   504
lemma dvdE [elim?]: "!!P. [|m dvd n;  !!k. n = m*k ==> P|] ==> P"
paulson@14267
   505
by (unfold dvd_def, blast)
nipkow@13152
   506
paulson@14267
   507
lemma dvd_0_right [iff]: "m dvd (0::nat)"
paulson@14267
   508
apply (unfold dvd_def)
paulson@14267
   509
apply (blast intro: mult_0_right [symmetric])
paulson@14267
   510
done
paulson@14267
   511
paulson@14267
   512
lemma dvd_0_left: "0 dvd m ==> m = (0::nat)"
paulson@14267
   513
by (force simp add: dvd_def)
paulson@14267
   514
paulson@14267
   515
lemma dvd_0_left_iff [iff]: "(0 dvd (m::nat)) = (m = 0)"
paulson@14267
   516
by (blast intro: dvd_0_left)
paulson@14267
   517
paulson@14267
   518
lemma dvd_1_left [iff]: "Suc 0 dvd k"
paulson@14267
   519
by (unfold dvd_def, simp)
paulson@14267
   520
paulson@14267
   521
lemma dvd_1_iff_1 [simp]: "(m dvd Suc 0) = (m = Suc 0)"
paulson@14267
   522
by (simp add: dvd_def)
paulson@14267
   523
paulson@14267
   524
lemma dvd_refl [simp]: "m dvd (m::nat)"
paulson@14267
   525
apply (unfold dvd_def)
paulson@14267
   526
apply (blast intro: mult_1_right [symmetric])
paulson@14267
   527
done
paulson@14267
   528
paulson@14267
   529
lemma dvd_trans [trans]: "[| m dvd n; n dvd p |] ==> m dvd (p::nat)"
paulson@14267
   530
apply (unfold dvd_def)
paulson@14267
   531
apply (blast intro: mult_assoc)
paulson@14267
   532
done
paulson@14267
   533
paulson@14267
   534
lemma dvd_anti_sym: "[| m dvd n; n dvd m |] ==> m = (n::nat)"
paulson@14267
   535
apply (unfold dvd_def)
paulson@14267
   536
apply (force dest: mult_eq_self_implies_10 simp add: mult_assoc mult_eq_1_iff)
paulson@14267
   537
done
paulson@14267
   538
paulson@14267
   539
lemma dvd_add: "[| k dvd m; k dvd n |] ==> k dvd (m+n :: nat)"
paulson@14267
   540
apply (unfold dvd_def)
paulson@14267
   541
apply (blast intro: add_mult_distrib2 [symmetric])
paulson@14267
   542
done
paulson@14267
   543
paulson@14267
   544
lemma dvd_diff: "[| k dvd m; k dvd n |] ==> k dvd (m-n :: nat)"
paulson@14267
   545
apply (unfold dvd_def)
paulson@14267
   546
apply (blast intro: diff_mult_distrib2 [symmetric])
paulson@14267
   547
done
paulson@14267
   548
paulson@14267
   549
lemma dvd_diffD: "[| k dvd m-n; k dvd n; n\<le>m |] ==> k dvd (m::nat)"
paulson@16796
   550
apply (erule linorder_not_less [THEN iffD2, THEN add_diff_inverse, THEN subst])
paulson@14267
   551
apply (blast intro: dvd_add)
paulson@14267
   552
done
paulson@14267
   553
paulson@14267
   554
lemma dvd_diffD1: "[| k dvd m-n; k dvd m; n\<le>m |] ==> k dvd (n::nat)"
paulson@14267
   555
by (drule_tac m = m in dvd_diff, auto)
paulson@14267
   556
paulson@14267
   557
lemma dvd_mult: "k dvd n ==> k dvd (m*n :: nat)"
paulson@14267
   558
apply (unfold dvd_def)
paulson@14267
   559
apply (blast intro: mult_left_commute)
paulson@14267
   560
done
paulson@14267
   561
paulson@14267
   562
lemma dvd_mult2: "k dvd m ==> k dvd (m*n :: nat)"
paulson@14267
   563
apply (subst mult_commute)
paulson@14267
   564
apply (erule dvd_mult)
paulson@14267
   565
done
paulson@14267
   566
paulson@17084
   567
lemma dvd_triv_right [iff]: "k dvd (m*k :: nat)"
paulson@17084
   568
by (rule dvd_refl [THEN dvd_mult])
paulson@17084
   569
paulson@17084
   570
lemma dvd_triv_left [iff]: "k dvd (k*m :: nat)"
paulson@17084
   571
by (rule dvd_refl [THEN dvd_mult2])
paulson@14267
   572
paulson@14267
   573
lemma dvd_reduce: "(k dvd n + k) = (k dvd (n::nat))"
paulson@14267
   574
apply (rule iffI)
paulson@14267
   575
apply (erule_tac [2] dvd_add)
paulson@14267
   576
apply (rule_tac [2] dvd_refl)
paulson@14267
   577
apply (subgoal_tac "n = (n+k) -k")
paulson@14267
   578
 prefer 2 apply simp 
paulson@14267
   579
apply (erule ssubst)
paulson@14267
   580
apply (erule dvd_diff)
paulson@14267
   581
apply (rule dvd_refl)
paulson@14267
   582
done
paulson@14267
   583
paulson@14267
   584
lemma dvd_mod: "!!n::nat. [| f dvd m; f dvd n |] ==> f dvd m mod n"
paulson@14267
   585
apply (unfold dvd_def)
paulson@14267
   586
apply (case_tac "n=0", auto)
paulson@14267
   587
apply (blast intro: mod_mult_distrib2 [symmetric])
paulson@14267
   588
done
paulson@14267
   589
paulson@14267
   590
lemma dvd_mod_imp_dvd: "[| (k::nat) dvd m mod n;  k dvd n |] ==> k dvd m"
paulson@14267
   591
apply (subgoal_tac "k dvd (m div n) *n + m mod n")
paulson@14267
   592
 apply (simp add: mod_div_equality)
paulson@14267
   593
apply (simp only: dvd_add dvd_mult)
paulson@14267
   594
done
paulson@14267
   595
paulson@14267
   596
lemma dvd_mod_iff: "k dvd n ==> ((k::nat) dvd m mod n) = (k dvd m)"
paulson@14267
   597
by (blast intro: dvd_mod_imp_dvd dvd_mod)
paulson@14267
   598
paulson@14267
   599
lemma dvd_mult_cancel: "!!k::nat. [| k*m dvd k*n; 0<k |] ==> m dvd n"
paulson@14267
   600
apply (unfold dvd_def)
paulson@14267
   601
apply (erule exE)
paulson@14267
   602
apply (simp add: mult_ac)
paulson@14267
   603
done
paulson@14267
   604
paulson@14267
   605
lemma dvd_mult_cancel1: "0<m ==> (m*n dvd m) = (n = (1::nat))"
paulson@14267
   606
apply auto
paulson@14267
   607
apply (subgoal_tac "m*n dvd m*1")
paulson@14267
   608
apply (drule dvd_mult_cancel, auto)
paulson@14267
   609
done
paulson@14267
   610
paulson@14267
   611
lemma dvd_mult_cancel2: "0<m ==> (n*m dvd m) = (n = (1::nat))"
paulson@14267
   612
apply (subst mult_commute)
paulson@14267
   613
apply (erule dvd_mult_cancel1)
paulson@14267
   614
done
paulson@14267
   615
paulson@14267
   616
lemma mult_dvd_mono: "[| i dvd m; j dvd n|] ==> i*j dvd (m*n :: nat)"
paulson@14267
   617
apply (unfold dvd_def, clarify)
paulson@14267
   618
apply (rule_tac x = "k*ka" in exI)
paulson@14267
   619
apply (simp add: mult_ac)
paulson@14267
   620
done
paulson@14267
   621
paulson@14267
   622
lemma dvd_mult_left: "(i*j :: nat) dvd k ==> i dvd k"
paulson@14267
   623
by (simp add: dvd_def mult_assoc, blast)
paulson@14267
   624
paulson@14267
   625
lemma dvd_mult_right: "(i*j :: nat) dvd k ==> j dvd k"
paulson@14267
   626
apply (unfold dvd_def, clarify)
paulson@14267
   627
apply (rule_tac x = "i*k" in exI)
paulson@14267
   628
apply (simp add: mult_ac)
paulson@14267
   629
done
paulson@14267
   630
paulson@14267
   631
lemma dvd_imp_le: "[| k dvd n; 0 < n |] ==> k \<le> (n::nat)"
paulson@14267
   632
apply (unfold dvd_def, clarify)
paulson@14267
   633
apply (simp_all (no_asm_use) add: zero_less_mult_iff)
paulson@14267
   634
apply (erule conjE)
paulson@14267
   635
apply (rule le_trans)
paulson@14267
   636
apply (rule_tac [2] le_refl [THEN mult_le_mono])
paulson@14267
   637
apply (erule_tac [2] Suc_leI, simp)
paulson@14267
   638
done
paulson@14267
   639
paulson@14267
   640
lemma dvd_eq_mod_eq_0: "!!k::nat. (k dvd n) = (n mod k = 0)"
paulson@14267
   641
apply (unfold dvd_def)
paulson@14267
   642
apply (case_tac "k=0", simp, safe)
paulson@14267
   643
apply (simp add: mult_commute)
paulson@14267
   644
apply (rule_tac t = n and n1 = k in mod_div_equality [THEN subst])
paulson@14267
   645
apply (subst mult_commute, simp)
paulson@14267
   646
done
paulson@14267
   647
paulson@14267
   648
lemma dvd_mult_div_cancel: "n dvd m ==> n * (m div n) = (m::nat)"
paulson@14267
   649
apply (subgoal_tac "m mod n = 0")
paulson@14267
   650
 apply (simp add: mult_div_cancel)
paulson@14267
   651
apply (simp only: dvd_eq_mod_eq_0)
paulson@14267
   652
done
paulson@14267
   653
paulson@14267
   654
lemma mod_eq_0_iff: "(m mod d = 0) = (\<exists>q::nat. m = d*q)"
paulson@14267
   655
by (auto simp add: dvd_eq_mod_eq_0 [symmetric] dvd_def)
paulson@17084
   656
paulson@17084
   657
lemmas mod_eq_0D = mod_eq_0_iff [THEN iffD1]
paulson@17084
   658
declare mod_eq_0D [dest!]
paulson@14267
   659
paulson@14267
   660
(*Loses information, namely we also have r<d provided d is nonzero*)
paulson@14267
   661
lemma mod_eqD: "(m mod d = r) ==> \<exists>q::nat. m = r + q*d"
paulson@14267
   662
apply (cut_tac m = m in mod_div_equality)
paulson@14267
   663
apply (simp only: add_ac)
paulson@14267
   664
apply (blast intro: sym)
paulson@14267
   665
done
paulson@14267
   666
paulson@14131
   667
nipkow@13152
   668
lemma split_div:
nipkow@13189
   669
 "P(n div k :: nat) =
nipkow@13189
   670
 ((k = 0 \<longrightarrow> P 0) \<and> (k \<noteq> 0 \<longrightarrow> (!i. !j<k. n = k*i + j \<longrightarrow> P i)))"
nipkow@13189
   671
 (is "?P = ?Q" is "_ = (_ \<and> (_ \<longrightarrow> ?R))")
nipkow@13189
   672
proof
nipkow@13189
   673
  assume P: ?P
nipkow@13189
   674
  show ?Q
nipkow@13189
   675
  proof (cases)
nipkow@13189
   676
    assume "k = 0"
nipkow@13189
   677
    with P show ?Q by(simp add:DIVISION_BY_ZERO_DIV)
nipkow@13189
   678
  next
nipkow@13189
   679
    assume not0: "k \<noteq> 0"
nipkow@13189
   680
    thus ?Q
nipkow@13189
   681
    proof (simp, intro allI impI)
nipkow@13189
   682
      fix i j
nipkow@13189
   683
      assume n: "n = k*i + j" and j: "j < k"
nipkow@13189
   684
      show "P i"
nipkow@13189
   685
      proof (cases)
nipkow@13189
   686
	assume "i = 0"
nipkow@13189
   687
	with n j P show "P i" by simp
nipkow@13189
   688
      next
nipkow@13189
   689
	assume "i \<noteq> 0"
nipkow@13189
   690
	with not0 n j P show "P i" by(simp add:add_ac)
nipkow@13189
   691
      qed
nipkow@13189
   692
    qed
nipkow@13189
   693
  qed
nipkow@13189
   694
next
nipkow@13189
   695
  assume Q: ?Q
nipkow@13189
   696
  show ?P
nipkow@13189
   697
  proof (cases)
nipkow@13189
   698
    assume "k = 0"
nipkow@13189
   699
    with Q show ?P by(simp add:DIVISION_BY_ZERO_DIV)
nipkow@13189
   700
  next
nipkow@13189
   701
    assume not0: "k \<noteq> 0"
nipkow@13189
   702
    with Q have R: ?R by simp
nipkow@13189
   703
    from not0 R[THEN spec,of "n div k",THEN spec, of "n mod k"]
nipkow@13517
   704
    show ?P by simp
nipkow@13189
   705
  qed
nipkow@13189
   706
qed
nipkow@13189
   707
berghofe@13882
   708
lemma split_div_lemma:
paulson@14267
   709
  "0 < n \<Longrightarrow> (n * q \<le> m \<and> m < n * (Suc q)) = (q = ((m::nat) div n))"
berghofe@13882
   710
  apply (rule iffI)
berghofe@13882
   711
  apply (rule_tac a=m and r = "m - n * q" and r' = "m mod n" in unique_quotient)
nipkow@16733
   712
prefer 3; apply assumption
nipkow@16733
   713
  apply (simp_all add: quorem_def)
nipkow@16733
   714
  apply arith
berghofe@13882
   715
  apply (rule conjI)
berghofe@13882
   716
  apply (rule_tac P="%x. n * (m div n) \<le> x" in
berghofe@13882
   717
    subst [OF mod_div_equality [of _ n]])
berghofe@13882
   718
  apply (simp only: add: mult_ac)
berghofe@13882
   719
  apply (rule_tac P="%x. x < n + n * (m div n)" in
berghofe@13882
   720
    subst [OF mod_div_equality [of _ n]])
berghofe@13882
   721
  apply (simp only: add: mult_ac add_ac)
paulson@14208
   722
  apply (rule add_less_mono1, simp)
berghofe@13882
   723
  done
berghofe@13882
   724
berghofe@13882
   725
theorem split_div':
berghofe@13882
   726
  "P ((m::nat) div n) = ((n = 0 \<and> P 0) \<or>
paulson@14267
   727
   (\<exists>q. (n * q \<le> m \<and> m < n * (Suc q)) \<and> P q))"
berghofe@13882
   728
  apply (case_tac "0 < n")
berghofe@13882
   729
  apply (simp only: add: split_div_lemma)
berghofe@13882
   730
  apply (simp_all add: DIVISION_BY_ZERO_DIV)
berghofe@13882
   731
  done
berghofe@13882
   732
nipkow@13189
   733
lemma split_mod:
nipkow@13189
   734
 "P(n mod k :: nat) =
nipkow@13189
   735
 ((k = 0 \<longrightarrow> P n) \<and> (k \<noteq> 0 \<longrightarrow> (!i. !j<k. n = k*i + j \<longrightarrow> P j)))"
nipkow@13189
   736
 (is "?P = ?Q" is "_ = (_ \<and> (_ \<longrightarrow> ?R))")
nipkow@13189
   737
proof
nipkow@13189
   738
  assume P: ?P
nipkow@13189
   739
  show ?Q
nipkow@13189
   740
  proof (cases)
nipkow@13189
   741
    assume "k = 0"
nipkow@13189
   742
    with P show ?Q by(simp add:DIVISION_BY_ZERO_MOD)
nipkow@13189
   743
  next
nipkow@13189
   744
    assume not0: "k \<noteq> 0"
nipkow@13189
   745
    thus ?Q
nipkow@13189
   746
    proof (simp, intro allI impI)
nipkow@13189
   747
      fix i j
nipkow@13189
   748
      assume "n = k*i + j" "j < k"
nipkow@13189
   749
      thus "P j" using not0 P by(simp add:add_ac mult_ac)
nipkow@13189
   750
    qed
nipkow@13189
   751
  qed
nipkow@13189
   752
next
nipkow@13189
   753
  assume Q: ?Q
nipkow@13189
   754
  show ?P
nipkow@13189
   755
  proof (cases)
nipkow@13189
   756
    assume "k = 0"
nipkow@13189
   757
    with Q show ?P by(simp add:DIVISION_BY_ZERO_MOD)
nipkow@13189
   758
  next
nipkow@13189
   759
    assume not0: "k \<noteq> 0"
nipkow@13189
   760
    with Q have R: ?R by simp
nipkow@13189
   761
    from not0 R[THEN spec,of "n div k",THEN spec, of "n mod k"]
nipkow@13517
   762
    show ?P by simp
nipkow@13189
   763
  qed
nipkow@13189
   764
qed
nipkow@13189
   765
berghofe@13882
   766
theorem mod_div_equality': "(m::nat) mod n = m - (m div n) * n"
berghofe@13882
   767
  apply (rule_tac P="%x. m mod n = x - (m div n) * n" in
berghofe@13882
   768
    subst [OF mod_div_equality [of _ n]])
berghofe@13882
   769
  apply arith
berghofe@13882
   770
  done
berghofe@13882
   771
paulson@14640
   772
subsection {*An ``induction'' law for modulus arithmetic.*}
paulson@14640
   773
paulson@14640
   774
lemma mod_induct_0:
paulson@14640
   775
  assumes step: "\<forall>i<p. P i \<longrightarrow> P ((Suc i) mod p)"
paulson@14640
   776
  and base: "P i" and i: "i<p"
paulson@14640
   777
  shows "P 0"
paulson@14640
   778
proof (rule ccontr)
paulson@14640
   779
  assume contra: "\<not>(P 0)"
paulson@14640
   780
  from i have p: "0<p" by simp
paulson@14640
   781
  have "\<forall>k. 0<k \<longrightarrow> \<not> P (p-k)" (is "\<forall>k. ?A k")
paulson@14640
   782
  proof
paulson@14640
   783
    fix k
paulson@14640
   784
    show "?A k"
paulson@14640
   785
    proof (induct k)
paulson@14640
   786
      show "?A 0" by simp  -- "by contradiction"
paulson@14640
   787
    next
paulson@14640
   788
      fix n
paulson@14640
   789
      assume ih: "?A n"
paulson@14640
   790
      show "?A (Suc n)"
paulson@14640
   791
      proof (clarsimp)
paulson@14640
   792
	assume y: "P (p - Suc n)"
paulson@14640
   793
	have n: "Suc n < p"
paulson@14640
   794
	proof (rule ccontr)
paulson@14640
   795
	  assume "\<not>(Suc n < p)"
paulson@14640
   796
	  hence "p - Suc n = 0"
paulson@14640
   797
	    by simp
paulson@14640
   798
	  with y contra show "False"
paulson@14640
   799
	    by simp
paulson@14640
   800
	qed
paulson@14640
   801
	hence n2: "Suc (p - Suc n) = p-n" by arith
paulson@14640
   802
	from p have "p - Suc n < p" by arith
paulson@14640
   803
	with y step have z: "P ((Suc (p - Suc n)) mod p)"
paulson@14640
   804
	  by blast
paulson@14640
   805
	show "False"
paulson@14640
   806
	proof (cases "n=0")
paulson@14640
   807
	  case True
paulson@14640
   808
	  with z n2 contra show ?thesis by simp
paulson@14640
   809
	next
paulson@14640
   810
	  case False
paulson@14640
   811
	  with p have "p-n < p" by arith
paulson@14640
   812
	  with z n2 False ih show ?thesis by simp
paulson@14640
   813
	qed
paulson@14640
   814
      qed
paulson@14640
   815
    qed
paulson@14640
   816
  qed
paulson@14640
   817
  moreover
paulson@14640
   818
  from i obtain k where "0<k \<and> i+k=p"
paulson@14640
   819
    by (blast dest: less_imp_add_positive)
paulson@14640
   820
  hence "0<k \<and> i=p-k" by auto
paulson@14640
   821
  moreover
paulson@14640
   822
  note base
paulson@14640
   823
  ultimately
paulson@14640
   824
  show "False" by blast
paulson@14640
   825
qed
paulson@14640
   826
paulson@14640
   827
lemma mod_induct:
paulson@14640
   828
  assumes step: "\<forall>i<p. P i \<longrightarrow> P ((Suc i) mod p)"
paulson@14640
   829
  and base: "P i" and i: "i<p" and j: "j<p"
paulson@14640
   830
  shows "P j"
paulson@14640
   831
proof -
paulson@14640
   832
  have "\<forall>j<p. P j"
paulson@14640
   833
  proof
paulson@14640
   834
    fix j
paulson@14640
   835
    show "j<p \<longrightarrow> P j" (is "?A j")
paulson@14640
   836
    proof (induct j)
paulson@14640
   837
      from step base i show "?A 0"
paulson@14640
   838
	by (auto elim: mod_induct_0)
paulson@14640
   839
    next
paulson@14640
   840
      fix k
paulson@14640
   841
      assume ih: "?A k"
paulson@14640
   842
      show "?A (Suc k)"
paulson@14640
   843
      proof
paulson@14640
   844
	assume suc: "Suc k < p"
paulson@14640
   845
	hence k: "k<p" by simp
paulson@14640
   846
	with ih have "P k" ..
paulson@14640
   847
	with step k have "P (Suc k mod p)"
paulson@14640
   848
	  by blast
paulson@14640
   849
	moreover
paulson@14640
   850
	from suc have "Suc k mod p = Suc k"
paulson@14640
   851
	  by simp
paulson@14640
   852
	ultimately
paulson@14640
   853
	show "P (Suc k)" by simp
paulson@14640
   854
      qed
paulson@14640
   855
    qed
paulson@14640
   856
  qed
paulson@14640
   857
  with j show ?thesis by blast
paulson@14640
   858
qed
paulson@14640
   859
paulson@14640
   860
chaieb@18202
   861
lemma mod_add_left_eq: "((a::nat) + b) mod c = (a mod c + b) mod c"
chaieb@18202
   862
  apply (rule trans [symmetric])
chaieb@18202
   863
  apply (rule mod_add1_eq, simp)
chaieb@18202
   864
  apply (rule mod_add1_eq [symmetric])
chaieb@18202
   865
  done
chaieb@18202
   866
chaieb@18202
   867
lemma mod_add_right_eq: "(a+b) mod (c::nat) = (a + (b mod c)) mod c"
chaieb@18202
   868
apply (rule trans [symmetric])
chaieb@18202
   869
apply (rule mod_add1_eq, simp)
chaieb@18202
   870
apply (rule mod_add1_eq [symmetric])
chaieb@18202
   871
done
chaieb@18202
   872
haftmann@18702
   873
subsection {* Code generator setup *}
haftmann@18702
   874
haftmann@18702
   875
code_alias
haftmann@18702
   876
  "Divides.op div" "Divides.div"
haftmann@18702
   877
  "Divides.op dvd" "Divides.dvd"
haftmann@18702
   878
  "Divides.op mod" "Divides.mod"
haftmann@18702
   879
paulson@14267
   880
ML
paulson@14267
   881
{*
paulson@14267
   882
val div_def = thm "div_def"
paulson@14267
   883
val mod_def = thm "mod_def"
paulson@14267
   884
val dvd_def = thm "dvd_def"
paulson@14267
   885
val quorem_def = thm "quorem_def"
paulson@14267
   886
paulson@14267
   887
val wf_less_trans = thm "wf_less_trans";
paulson@14267
   888
val mod_eq = thm "mod_eq";
paulson@14267
   889
val div_eq = thm "div_eq";
paulson@14267
   890
val DIVISION_BY_ZERO_DIV = thm "DIVISION_BY_ZERO_DIV";
paulson@14267
   891
val DIVISION_BY_ZERO_MOD = thm "DIVISION_BY_ZERO_MOD";
paulson@14267
   892
val mod_less = thm "mod_less";
paulson@14267
   893
val mod_geq = thm "mod_geq";
paulson@14267
   894
val le_mod_geq = thm "le_mod_geq";
paulson@14267
   895
val mod_if = thm "mod_if";
paulson@14267
   896
val mod_1 = thm "mod_1";
paulson@14267
   897
val mod_self = thm "mod_self";
paulson@14267
   898
val mod_add_self2 = thm "mod_add_self2";
paulson@14267
   899
val mod_add_self1 = thm "mod_add_self1";
paulson@14267
   900
val mod_mult_self1 = thm "mod_mult_self1";
paulson@14267
   901
val mod_mult_self2 = thm "mod_mult_self2";
paulson@14267
   902
val mod_mult_distrib = thm "mod_mult_distrib";
paulson@14267
   903
val mod_mult_distrib2 = thm "mod_mult_distrib2";
paulson@14267
   904
val mod_mult_self_is_0 = thm "mod_mult_self_is_0";
paulson@14267
   905
val mod_mult_self1_is_0 = thm "mod_mult_self1_is_0";
paulson@14267
   906
val div_less = thm "div_less";
paulson@14267
   907
val div_geq = thm "div_geq";
paulson@14267
   908
val le_div_geq = thm "le_div_geq";
paulson@14267
   909
val div_if = thm "div_if";
paulson@14267
   910
val mod_div_equality = thm "mod_div_equality";
paulson@14267
   911
val mod_div_equality2 = thm "mod_div_equality2";
paulson@14267
   912
val div_mod_equality = thm "div_mod_equality";
paulson@14267
   913
val div_mod_equality2 = thm "div_mod_equality2";
paulson@14267
   914
val mult_div_cancel = thm "mult_div_cancel";
paulson@14267
   915
val mod_less_divisor = thm "mod_less_divisor";
paulson@14267
   916
val div_mult_self_is_m = thm "div_mult_self_is_m";
paulson@14267
   917
val div_mult_self1_is_m = thm "div_mult_self1_is_m";
paulson@14267
   918
val unique_quotient_lemma = thm "unique_quotient_lemma";
paulson@14267
   919
val unique_quotient = thm "unique_quotient";
paulson@14267
   920
val unique_remainder = thm "unique_remainder";
paulson@14267
   921
val div_0 = thm "div_0";
paulson@14267
   922
val mod_0 = thm "mod_0";
paulson@14267
   923
val div_mult1_eq = thm "div_mult1_eq";
paulson@14267
   924
val mod_mult1_eq = thm "mod_mult1_eq";
paulson@14267
   925
val mod_mult1_eq' = thm "mod_mult1_eq'";
paulson@14267
   926
val mod_mult_distrib_mod = thm "mod_mult_distrib_mod";
paulson@14267
   927
val div_add1_eq = thm "div_add1_eq";
paulson@14267
   928
val mod_add1_eq = thm "mod_add1_eq";
chaieb@18202
   929
val mod_add_left_eq = thm "mod_add_left_eq";
chaieb@18202
   930
 val mod_add_right_eq = thm "mod_add_right_eq";
paulson@14267
   931
val mod_lemma = thm "mod_lemma";
paulson@14267
   932
val div_mult2_eq = thm "div_mult2_eq";
paulson@14267
   933
val mod_mult2_eq = thm "mod_mult2_eq";
paulson@14267
   934
val div_mult_mult_lemma = thm "div_mult_mult_lemma";
paulson@14267
   935
val div_mult_mult1 = thm "div_mult_mult1";
paulson@14267
   936
val div_mult_mult2 = thm "div_mult_mult2";
paulson@14267
   937
val div_1 = thm "div_1";
paulson@14267
   938
val div_self = thm "div_self";
paulson@14267
   939
val div_add_self2 = thm "div_add_self2";
paulson@14267
   940
val div_add_self1 = thm "div_add_self1";
paulson@14267
   941
val div_mult_self1 = thm "div_mult_self1";
paulson@14267
   942
val div_mult_self2 = thm "div_mult_self2";
paulson@14267
   943
val div_le_mono = thm "div_le_mono";
paulson@14267
   944
val div_le_mono2 = thm "div_le_mono2";
paulson@14267
   945
val div_le_dividend = thm "div_le_dividend";
paulson@14267
   946
val div_less_dividend = thm "div_less_dividend";
paulson@14267
   947
val mod_Suc = thm "mod_Suc";
paulson@14267
   948
val dvdI = thm "dvdI";
paulson@14267
   949
val dvdE = thm "dvdE";
paulson@14267
   950
val dvd_0_right = thm "dvd_0_right";
paulson@14267
   951
val dvd_0_left = thm "dvd_0_left";
paulson@14267
   952
val dvd_0_left_iff = thm "dvd_0_left_iff";
paulson@14267
   953
val dvd_1_left = thm "dvd_1_left";
paulson@14267
   954
val dvd_1_iff_1 = thm "dvd_1_iff_1";
paulson@14267
   955
val dvd_refl = thm "dvd_refl";
paulson@14267
   956
val dvd_trans = thm "dvd_trans";
paulson@14267
   957
val dvd_anti_sym = thm "dvd_anti_sym";
paulson@14267
   958
val dvd_add = thm "dvd_add";
paulson@14267
   959
val dvd_diff = thm "dvd_diff";
paulson@14267
   960
val dvd_diffD = thm "dvd_diffD";
paulson@14267
   961
val dvd_diffD1 = thm "dvd_diffD1";
paulson@14267
   962
val dvd_mult = thm "dvd_mult";
paulson@14267
   963
val dvd_mult2 = thm "dvd_mult2";
paulson@14267
   964
val dvd_reduce = thm "dvd_reduce";
paulson@14267
   965
val dvd_mod = thm "dvd_mod";
paulson@14267
   966
val dvd_mod_imp_dvd = thm "dvd_mod_imp_dvd";
paulson@14267
   967
val dvd_mod_iff = thm "dvd_mod_iff";
paulson@14267
   968
val dvd_mult_cancel = thm "dvd_mult_cancel";
paulson@14267
   969
val dvd_mult_cancel1 = thm "dvd_mult_cancel1";
paulson@14267
   970
val dvd_mult_cancel2 = thm "dvd_mult_cancel2";
paulson@14267
   971
val mult_dvd_mono = thm "mult_dvd_mono";
paulson@14267
   972
val dvd_mult_left = thm "dvd_mult_left";
paulson@14267
   973
val dvd_mult_right = thm "dvd_mult_right";
paulson@14267
   974
val dvd_imp_le = thm "dvd_imp_le";
paulson@14267
   975
val dvd_eq_mod_eq_0 = thm "dvd_eq_mod_eq_0";
paulson@14267
   976
val dvd_mult_div_cancel = thm "dvd_mult_div_cancel";
paulson@14267
   977
val mod_eq_0_iff = thm "mod_eq_0_iff";
paulson@14267
   978
val mod_eqD = thm "mod_eqD";
paulson@14267
   979
*}
paulson@14267
   980
paulson@14267
   981
nipkow@13189
   982
(*
nipkow@13189
   983
lemma split_div:
nipkow@13152
   984
assumes m: "m \<noteq> 0"
nipkow@13152
   985
shows "P(n div m :: nat) = (!i. !j<m. n = m*i + j \<longrightarrow> P i)"
nipkow@13152
   986
       (is "?P = ?Q")
nipkow@13152
   987
proof
nipkow@13152
   988
  assume P: ?P
nipkow@13152
   989
  show ?Q
nipkow@13152
   990
  proof (intro allI impI)
nipkow@13152
   991
    fix i j
nipkow@13152
   992
    assume n: "n = m*i + j" and j: "j < m"
nipkow@13152
   993
    show "P i"
nipkow@13152
   994
    proof (cases)
nipkow@13152
   995
      assume "i = 0"
nipkow@13152
   996
      with n j P show "P i" by simp
nipkow@13152
   997
    next
nipkow@13152
   998
      assume "i \<noteq> 0"
nipkow@13152
   999
      with n j P show "P i" by (simp add:add_ac div_mult_self1)
nipkow@13152
  1000
    qed
nipkow@13152
  1001
  qed
nipkow@13152
  1002
next
nipkow@13152
  1003
  assume Q: ?Q
nipkow@13152
  1004
  from m Q[THEN spec,of "n div m",THEN spec, of "n mod m"]
nipkow@13517
  1005
  show ?P by simp
nipkow@13152
  1006
qed
nipkow@13152
  1007
nipkow@13152
  1008
lemma split_mod:
nipkow@13152
  1009
assumes m: "m \<noteq> 0"
nipkow@13152
  1010
shows "P(n mod m :: nat) = (!i. !j<m. n = m*i + j \<longrightarrow> P j)"
nipkow@13152
  1011
       (is "?P = ?Q")
nipkow@13152
  1012
proof
nipkow@13152
  1013
  assume P: ?P
nipkow@13152
  1014
  show ?Q
nipkow@13152
  1015
  proof (intro allI impI)
nipkow@13152
  1016
    fix i j
nipkow@13152
  1017
    assume "n = m*i + j" "j < m"
nipkow@13152
  1018
    thus "P j" using m P by(simp add:add_ac mult_ac)
nipkow@13152
  1019
  qed
nipkow@13152
  1020
next
nipkow@13152
  1021
  assume Q: ?Q
nipkow@13152
  1022
  from m Q[THEN spec,of "n div m",THEN spec, of "n mod m"]
nipkow@13517
  1023
  show ?P by simp
nipkow@13152
  1024
qed
nipkow@13189
  1025
*)
paulson@3366
  1026
end