src/CTT/arith.ML
 changeset 0 a5a9c433f639
```     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/src/CTT/arith.ML	Thu Sep 16 12:20:38 1993 +0200
1.3 @@ -0,0 +1,497 @@
1.4 +(*  Title: 	CTT/arith
1.5 +    ID:         \$Id\$
1.6 +    Author: 	Lawrence C Paulson, Cambridge University Computer Laboratory
1.7 +    Copyright   1991  University of Cambridge
1.8 +
1.9 +Theorems for arith.thy (Arithmetic operators)
1.10 +
1.11 +Proofs about elementary arithmetic: addition, multiplication, etc.
1.12 +Tests definitions and simplifier.
1.13 +*)
1.14 +
1.15 +open Arith;
1.16 +val arith_defs = [add_def, diff_def, absdiff_def, mult_def, mod_def, div_def];
1.17 +
1.18 +
1.19 +(** Addition *)
1.20 +
1.21 +(*typing of add: short and long versions*)
1.22 +
1.23 +val add_typing = prove_goal Arith.thy
1.24 +    "[| a:N;  b:N |] ==> a #+ b : N"
1.25 + (fn prems=>
1.26 +  [ (rewrite_goals_tac arith_defs),
1.27 +    (typechk_tac prems) ]);
1.28 +
1.29 +val add_typingL = prove_goal Arith.thy
1.30 +    "[| a=c:N;  b=d:N |] ==> a #+ b = c #+ d : N"
1.31 + (fn prems=>
1.32 +  [ (rewrite_goals_tac arith_defs),
1.33 +    (equal_tac prems) ]);
1.34 +
1.35 +
1.36 +(*computation for add: 0 and successor cases*)
1.37 +
1.38 +val addC0 = prove_goal Arith.thy
1.39 +    "b:N ==> 0 #+ b = b : N"
1.40 + (fn prems=>
1.41 +  [ (rewrite_goals_tac arith_defs),
1.42 +    (rew_tac prems) ]);
1.43 +
1.44 +val addC_succ = prove_goal Arith.thy
1.45 +    "[| a:N;  b:N |] ==> succ(a) #+ b = succ(a #+ b) : N"
1.46 + (fn prems=>
1.47 +  [ (rewrite_goals_tac arith_defs),
1.48 +    (rew_tac prems) ]);
1.49 +
1.50 +
1.51 +(** Multiplication *)
1.52 +
1.53 +(*typing of mult: short and long versions*)
1.54 +
1.55 +val mult_typing = prove_goal Arith.thy
1.56 +    "[| a:N;  b:N |] ==> a #* b : N"
1.57 + (fn prems=>
1.58 +  [ (rewrite_goals_tac arith_defs),
1.59 +    (typechk_tac([add_typing]@prems)) ]);
1.60 +
1.61 +val mult_typingL = prove_goal Arith.thy
1.62 +    "[| a=c:N;  b=d:N |] ==> a #* b = c #* d : N"
1.63 + (fn prems=>
1.64 +  [ (rewrite_goals_tac arith_defs),
1.65 +    (equal_tac (prems@[add_typingL])) ]);
1.66 +
1.67 +(*computation for mult: 0 and successor cases*)
1.68 +
1.69 +val multC0 = prove_goal Arith.thy
1.70 +    "b:N ==> 0 #* b = 0 : N"
1.71 + (fn prems=>
1.72 +  [ (rewrite_goals_tac arith_defs),
1.73 +    (rew_tac prems) ]);
1.74 +
1.75 +val multC_succ = prove_goal Arith.thy
1.76 +    "[| a:N;  b:N |] ==> succ(a) #* b = b #+ (a #* b) : N"
1.77 + (fn prems=>
1.78 +  [ (rewrite_goals_tac arith_defs),
1.79 +    (rew_tac prems) ]);
1.80 +
1.81 +
1.82 +(** Difference *)
1.83 +
1.84 +(*typing of difference*)
1.85 +
1.86 +val diff_typing = prove_goal Arith.thy
1.87 +    "[| a:N;  b:N |] ==> a - b : N"
1.88 + (fn prems=>
1.89 +  [ (rewrite_goals_tac arith_defs),
1.90 +    (typechk_tac prems) ]);
1.91 +
1.92 +val diff_typingL = prove_goal Arith.thy
1.93 +    "[| a=c:N;  b=d:N |] ==> a - b = c - d : N"
1.94 + (fn prems=>
1.95 +  [ (rewrite_goals_tac arith_defs),
1.96 +    (equal_tac prems) ]);
1.97 +
1.98 +
1.99 +
1.100 +(*computation for difference: 0 and successor cases*)
1.101 +
1.102 +val diffC0 = prove_goal Arith.thy
1.103 +    "a:N ==> a - 0 = a : N"
1.104 + (fn prems=>
1.105 +  [ (rewrite_goals_tac arith_defs),
1.106 +    (rew_tac prems) ]);
1.107 +
1.108 +(*Note: rec(a, 0, %z w.z) is pred(a). *)
1.109 +
1.110 +val diff_0_eq_0 = prove_goal Arith.thy
1.111 +    "b:N ==> 0 - b = 0 : N"
1.112 + (fn prems=>
1.113 +  [ (NE_tac "b" 1),
1.114 +    (rewrite_goals_tac arith_defs),
1.115 +    (hyp_rew_tac prems) ]);
1.116 +
1.117 +
1.118 +(*Essential to simplify FIRST!!  (Else we get a critical pair)
1.119 +  succ(a) - succ(b) rewrites to   pred(succ(a) - b)  *)
1.120 +val diff_succ_succ = prove_goal Arith.thy
1.121 +    "[| a:N;  b:N |] ==> succ(a) - succ(b) = a - b : N"
1.122 + (fn prems=>
1.123 +  [ (rewrite_goals_tac arith_defs),
1.124 +    (hyp_rew_tac prems),
1.125 +    (NE_tac "b" 1),
1.126 +    (hyp_rew_tac prems) ]);
1.127 +
1.128 +
1.129 +
1.130 +(*** Simplification *)
1.131 +
1.132 +val arith_typing_rls =
1.133 +  [add_typing, mult_typing, diff_typing];
1.134 +
1.135 +val arith_congr_rls =
1.136 +  [add_typingL, mult_typingL, diff_typingL];
1.137 +
1.138 +val congr_rls = arith_congr_rls@standard_congr_rls;
1.139 +
1.140 +val arithC_rls =
1.142 +   multC0, multC_succ,
1.143 +   diffC0, diff_0_eq_0, diff_succ_succ];
1.144 +
1.145 +
1.146 +structure Arith_simp_data: TSIMP_DATA =
1.147 +  struct
1.148 +  val refl		= refl_elem
1.149 +  val sym		= sym_elem
1.150 +  val trans		= trans_elem
1.151 +  val refl_red		= refl_red
1.152 +  val trans_red		= trans_red
1.153 +  val red_if_equal	= red_if_equal
1.154 +  val default_rls 	= arithC_rls @ comp_rls
1.155 +  val routine_tac 	= routine_tac (arith_typing_rls @ routine_rls)
1.156 +  end;
1.157 +
1.158 +structure Arith_simp = TSimpFun (Arith_simp_data);
1.159 +
1.160 +fun arith_rew_tac prems = make_rew_tac
1.161 +    (Arith_simp.norm_tac(congr_rls, prems));
1.162 +
1.163 +fun hyp_arith_rew_tac prems = make_rew_tac
1.164 +    (Arith_simp.cond_norm_tac(prove_cond_tac, congr_rls, prems));
1.165 +
1.166 +
1.167 +(**********
1.169 + **********)
1.170 +
1.171 +(*Associative law for addition*)
1.172 +val add_assoc = prove_goal Arith.thy
1.173 +    "[| a:N;  b:N;  c:N |] ==> (a #+ b) #+ c = a #+ (b #+ c) : N"
1.174 + (fn prems=>
1.175 +  [ (NE_tac "a" 1),
1.176 +    (hyp_arith_rew_tac prems) ]);
1.177 +
1.178 +
1.179 +(*Commutative law for addition.  Can be proved using three inductions.
1.180 +  Must simplify after first induction!  Orientation of rewrites is delicate*)
1.181 +val add_commute = prove_goal Arith.thy
1.182 +    "[| a:N;  b:N |] ==> a #+ b = b #+ a : N"
1.183 + (fn prems=>
1.184 +  [ (NE_tac "a" 1),
1.185 +    (hyp_arith_rew_tac prems),
1.186 +    (NE_tac "b" 2),
1.187 +    (resolve_tac [sym_elem] 1),
1.188 +    (NE_tac "b" 1),
1.189 +    (hyp_arith_rew_tac prems) ]);
1.190 +
1.191 +
1.192 +(****************
1.193 +  Multiplication
1.194 + ****************)
1.195 +
1.196 +(*Commutative law for multiplication
1.197 +val mult_commute = prove_goal Arith.thy
1.198 +    "[| a:N;  b:N |] ==> a #* b = b #* a : N"
1.199 + (fn prems=>
1.200 +  [ (NE_tac "a" 1),
1.201 +    (hyp_arith_rew_tac prems),
1.202 +    (NE_tac "b" 2),
1.203 +    (resolve_tac [sym_elem] 1),
1.204 +    (NE_tac "b" 1),
1.205 +    (hyp_arith_rew_tac prems) ]);   NEEDS COMMUTATIVE MATCHING
1.206 +***************)
1.207 +
1.208 +(*right annihilation in product*)
1.209 +val mult_0_right = prove_goal Arith.thy
1.210 +    "a:N ==> a #* 0 = 0 : N"
1.211 + (fn prems=>
1.212 +  [ (NE_tac "a" 1),
1.213 +    (hyp_arith_rew_tac prems) ]);
1.214 +
1.215 +(*right successor law for multiplication*)
1.216 +val mult_succ_right = prove_goal Arith.thy
1.217 +    "[| a:N;  b:N |] ==> a #* succ(b) = a #+ (a #* b) : N"
1.218 + (fn prems=>
1.219 +  [ (NE_tac "a" 1),
1.220 +(*swap round the associative law of addition*)
1.221 +    (hyp_arith_rew_tac (prems @ [add_assoc RS sym_elem])),
1.222 +(*leaves a goal involving a commutative law*)
1.223 +    (REPEAT (assume_tac 1  ORELSE
1.224 +            resolve_tac
1.226 +	       intrL_rls@[refl_elem])   1)) ]);
1.227 +
1.228 +(*Commutative law for multiplication*)
1.229 +val mult_commute = prove_goal Arith.thy
1.230 +    "[| a:N;  b:N |] ==> a #* b = b #* a : N"
1.231 + (fn prems=>
1.232 +  [ (NE_tac "a" 1),
1.233 +    (hyp_arith_rew_tac (prems @ [mult_0_right, mult_succ_right])) ]);
1.234 +
1.235 +(*addition distributes over multiplication*)
1.236 +val add_mult_distrib = prove_goal Arith.thy
1.237 +    "[| a:N;  b:N;  c:N |] ==> (a #+ b) #* c = (a #* c) #+ (b #* c) : N"
1.238 + (fn prems=>
1.239 +  [ (NE_tac "a" 1),
1.240 +(*swap round the associative law of addition*)
1.241 +    (hyp_arith_rew_tac (prems @ [add_assoc RS sym_elem])) ]);
1.242 +
1.243 +
1.244 +(*Associative law for multiplication*)
1.245 +val mult_assoc = prove_goal Arith.thy
1.246 +    "[| a:N;  b:N;  c:N |] ==> (a #* b) #* c = a #* (b #* c) : N"
1.247 + (fn prems=>
1.248 +  [ (NE_tac "a" 1),
1.249 +    (hyp_arith_rew_tac (prems @ [add_mult_distrib])) ]);
1.250 +
1.251 +
1.252 +(************
1.253 +  Difference
1.254 + ************
1.255 +
1.256 +Difference on natural numbers, without negative numbers
1.257 +  a - b = 0  iff  a<=b    a - b = succ(c) iff a>b   *)
1.258 +
1.259 +val diff_self_eq_0 = prove_goal Arith.thy
1.260 +    "a:N ==> a - a = 0 : N"
1.261 + (fn prems=>
1.262 +  [ (NE_tac "a" 1),
1.263 +    (hyp_arith_rew_tac prems) ]);
1.264 +
1.265 +
1.266 +(*  [| c : N; 0 : N; c : N |] ==> c #+ 0 = c : N  *)
1.267 +val add_0_right = addC0 RSN (3, add_commute RS trans_elem);
1.268 +
1.269 +(*Addition is the inverse of subtraction: if b<=x then b#+(x-b) = x.
1.270 +  An example of induction over a quantified formula (a product).
1.271 +  Uses rewriting with a quantified, implicative inductive hypothesis.*)
1.272 +val prems =
1.273 +goal Arith.thy
1.274 +    "b:N ==> ?a : PROD x:N. Eq(N, b-x, 0) --> Eq(N, b #+ (x-b), x)";
1.275 +by (NE_tac "b" 1);
1.276 +(*strip one "universal quantifier" but not the "implication"*)
1.277 +by (resolve_tac intr_rls 3);
1.278 +(*case analysis on x in
1.279 +    (succ(u) <= x) --> (succ(u)#+(x-succ(u)) = x) *)
1.280 +by (NE_tac "x" 4 THEN assume_tac 4);
1.281 +(*Prepare for simplification of types -- the antecedent succ(u)<=x *)
1.282 +by (resolve_tac [replace_type] 5);
1.283 +by (resolve_tac [replace_type] 4);
1.284 +by (arith_rew_tac prems);
1.285 +(*Solves first 0 goal, simplifies others.  Two sugbgoals remain.
1.286 +  Both follow by rewriting, (2) using quantified induction hyp*)
1.287 +by (intr_tac[]);  (*strips remaining PRODs*)
1.288 +by (hyp_arith_rew_tac (prems@[add_0_right]));
1.289 +by (assume_tac 1);
1.290 +val add_diff_inverse_lemma = result();
1.291 +
1.292 +
1.293 +(*Version of above with premise   b-a=0   i.e.    a >= b.
1.294 +  Using ProdE does not work -- for ?B(?a) is ambiguous.
1.295 +  Instead, add_diff_inverse_lemma states the desired induction scheme;
1.296 +    the use of RS below instantiates Vars in ProdE automatically. *)
1.297 +val prems =
1.298 +goal Arith.thy "[| a:N;  b:N;  b-a = 0 : N |] ==> b #+ (a-b) = a : N";
1.299 +by (resolve_tac [EqE] 1);
1.300 +by (resolve_tac [ add_diff_inverse_lemma RS ProdE RS ProdE ] 1);
1.301 +by (REPEAT (resolve_tac (prems@[EqI]) 1));
1.302 +val add_diff_inverse = result();
1.303 +
1.304 +
1.305 +(********************
1.306 +  Absolute difference
1.307 + ********************)
1.308 +
1.309 +(*typing of absolute difference: short and long versions*)
1.310 +
1.311 +val absdiff_typing = prove_goal Arith.thy
1.312 +    "[| a:N;  b:N |] ==> a |-| b : N"
1.313 + (fn prems=>
1.314 +  [ (rewrite_goals_tac arith_defs),
1.315 +    (typechk_tac prems) ]);
1.316 +
1.317 +val absdiff_typingL = prove_goal Arith.thy
1.318 +    "[| a=c:N;  b=d:N |] ==> a |-| b = c |-| d : N"
1.319 + (fn prems=>
1.320 +  [ (rewrite_goals_tac arith_defs),
1.321 +    (equal_tac prems) ]);
1.322 +
1.323 +val absdiff_self_eq_0 = prove_goal Arith.thy
1.324 +    "a:N ==> a |-| a = 0 : N"
1.325 + (fn prems=>
1.326 +  [ (rewrite_goals_tac [absdiff_def]),
1.327 +    (arith_rew_tac (prems@[diff_self_eq_0])) ]);
1.328 +
1.329 +val absdiffC0 = prove_goal Arith.thy
1.330 +    "a:N ==> 0 |-| a = a : N"
1.331 + (fn prems=>
1.332 +  [ (rewrite_goals_tac [absdiff_def]),
1.333 +    (hyp_arith_rew_tac prems) ]);
1.334 +
1.335 +
1.336 +val absdiff_succ_succ = prove_goal Arith.thy
1.337 +    "[| a:N;  b:N |] ==> succ(a) |-| succ(b)  =  a |-| b : N"
1.338 + (fn prems=>
1.339 +  [ (rewrite_goals_tac [absdiff_def]),
1.340 +    (hyp_arith_rew_tac prems) ]);
1.341 +
1.342 +(*Note how easy using commutative laws can be?  ...not always... *)
1.343 +val prems = goal Arith.thy "[| a:N;  b:N |] ==> a |-| b = b |-| a : N";
1.344 +by (rewrite_goals_tac [absdiff_def]);
1.345 +by (resolve_tac [add_commute] 1);
1.346 +by (typechk_tac ([diff_typing]@prems));
1.347 +val absdiff_commute = result();
1.348 +
1.349 +(*If a+b=0 then a=0.   Surprisingly tedious*)
1.350 +val prems =
1.351 +goal Arith.thy "[| a:N;  b:N |] ==> ?c : PROD u: Eq(N,a#+b,0) .  Eq(N,a,0)";
1.352 +by (NE_tac "a" 1);
1.353 +by (resolve_tac [replace_type] 3);
1.354 +by (arith_rew_tac prems);
1.355 +by (intr_tac[]);  (*strips remaining PRODs*)
1.356 +by (resolve_tac [ zero_ne_succ RS FE ] 2);
1.357 +by (etac (EqE RS sym_elem) 3);
1.358 +by (typechk_tac ([add_typing] @prems));
1.359 +val add_eq0_lemma = result();
1.360 +
1.361 +(*Version of above with the premise  a+b=0.
1.362 +  Again, resolution instantiates variables in ProdE *)
1.363 +val prems =
1.364 +goal Arith.thy "[| a:N;  b:N;  a #+ b = 0 : N |] ==> a = 0 : N";
1.365 +by (resolve_tac [EqE] 1);
1.366 +by (resolve_tac [add_eq0_lemma RS ProdE] 1);
1.367 +by (resolve_tac [EqI] 3);
1.368 +by (ALLGOALS (resolve_tac prems));
1.369 +val add_eq0 = result();
1.370 +
1.371 +(*Here is a lemma to infer a-b=0 and b-a=0 from a|-|b=0, below. *)
1.372 +val prems = goal Arith.thy
1.373 +    "[| a:N;  b:N;  a |-| b = 0 : N |] ==> \
1.374 +\    ?a : SUM v: Eq(N, a-b, 0) . Eq(N, b-a, 0)";
1.375 +by (intr_tac[]);
1.376 +by eqintr_tac;
1.377 +by (resolve_tac [add_eq0] 2);
1.378 +by (resolve_tac [add_eq0] 1);
1.379 +by (resolve_tac [add_commute RS trans_elem] 6);
1.380 +by (typechk_tac (diff_typing:: map (rewrite_rule [absdiff_def]) prems));
1.381 +val absdiff_eq0_lem = result();
1.382 +
1.383 +(*if  a |-| b = 0  then  a = b
1.384 +  proof: a-b=0 and b-a=0, so b = a+(b-a) = a+0 = a*)
1.385 +val prems =
1.386 +goal Arith.thy "[| a |-| b = 0 : N;  a:N;  b:N |] ==> a = b : N";
1.387 +by (resolve_tac [EqE] 1);
1.388 +by (resolve_tac [absdiff_eq0_lem RS SumE] 1);
1.389 +by (TRYALL (resolve_tac prems));
1.390 +by eqintr_tac;
1.391 +by (resolve_tac [add_diff_inverse RS sym_elem RS trans_elem] 1);
1.392 +by (resolve_tac [EqE] 3  THEN  assume_tac 3);
1.393 +by (hyp_arith_rew_tac (prems@[add_0_right]));
1.394 +val absdiff_eq0 = result();
1.395 +
1.396 +(***********************
1.397 +  Remainder and Quotient
1.398 + ***********************)
1.399 +
1.400 +(*typing of remainder: short and long versions*)
1.401 +
1.402 +val mod_typing = prove_goal Arith.thy
1.403 +    "[| a:N;  b:N |] ==> a mod b : N"
1.404 + (fn prems=>
1.405 +  [ (rewrite_goals_tac [mod_def]),
1.406 +    (typechk_tac (absdiff_typing::prems)) ]);
1.407 +
1.408 +val mod_typingL = prove_goal Arith.thy
1.409 +    "[| a=c:N;  b=d:N |] ==> a mod b = c mod d : N"
1.410 + (fn prems=>
1.411 +  [ (rewrite_goals_tac [mod_def]),
1.412 +    (equal_tac (prems@[absdiff_typingL])) ]);
1.413 +
1.414 +
1.415 +(*computation for  mod : 0 and successor cases*)
1.416 +
1.417 +val modC0 = prove_goal Arith.thy "b:N ==> 0 mod b = 0 : N"
1.418 + (fn prems=>
1.419 +  [ (rewrite_goals_tac [mod_def]),
1.420 +    (rew_tac(absdiff_typing::prems)) ]);
1.421 +
1.422 +val modC_succ = prove_goal Arith.thy
1.423 +"[| a:N; b:N |] ==> succ(a) mod b = rec(succ(a mod b) |-| b, 0, %x y.succ(a mod b)) : N"
1.424 + (fn prems=>
1.425 +  [ (rewrite_goals_tac [mod_def]),
1.426 +    (rew_tac(absdiff_typing::prems)) ]);
1.427 +
1.428 +
1.429 +(*typing of quotient: short and long versions*)
1.430 +
1.431 +val div_typing = prove_goal Arith.thy "[| a:N;  b:N |] ==> a div b : N"
1.432 + (fn prems=>
1.433 +  [ (rewrite_goals_tac [div_def]),
1.434 +    (typechk_tac ([absdiff_typing,mod_typing]@prems)) ]);
1.435 +
1.436 +val div_typingL = prove_goal Arith.thy
1.437 +   "[| a=c:N;  b=d:N |] ==> a div b = c div d : N"
1.438 + (fn prems=>
1.439 +  [ (rewrite_goals_tac [div_def]),
1.440 +    (equal_tac (prems @ [absdiff_typingL, mod_typingL])) ]);
1.441 +
1.442 +val div_typing_rls = [mod_typing, div_typing, absdiff_typing];
1.443 +
1.444 +
1.445 +(*computation for quotient: 0 and successor cases*)
1.446 +
1.447 +val divC0 = prove_goal Arith.thy "b:N ==> 0 div b = 0 : N"
1.448 + (fn prems=>
1.449 +  [ (rewrite_goals_tac [div_def]),
1.450 +    (rew_tac([mod_typing, absdiff_typing] @ prems)) ]);
1.451 +
1.452 +val divC_succ =
1.453 +prove_goal Arith.thy "[| a:N;  b:N |] ==> succ(a) div b = \
1.454 +\    rec(succ(a) mod b, succ(a div b), %x y. a div b) : N"
1.455 + (fn prems=>
1.456 +  [ (rewrite_goals_tac [div_def]),
1.457 +    (rew_tac([mod_typing]@prems)) ]);
1.458 +
1.459 +
1.460 +(*Version of above with same condition as the  mod  one*)
1.461 +val divC_succ2 = prove_goal Arith.thy
1.462 +    "[| a:N;  b:N |] ==> \
1.463 +\    succ(a) div b =rec(succ(a mod b) |-| b, succ(a div b), %x y. a div b) : N"
1.464 + (fn prems=>
1.465 +  [ (resolve_tac [ divC_succ RS trans_elem ] 1),
1.466 +    (rew_tac(div_typing_rls @ prems @ [modC_succ])),
1.467 +    (NE_tac "succ(a mod b)|-|b" 1),
1.468 +    (rew_tac ([mod_typing, div_typing, absdiff_typing] @prems)) ]);
1.469 +
1.470 +(*for case analysis on whether a number is 0 or a successor*)
1.471 +val iszero_decidable = prove_goal Arith.thy
1.472 +    "a:N ==> rec(a, inl(eq), %ka kb.inr(<ka, eq>)) : \
1.473 +\		      Eq(N,a,0) + (SUM x:N. Eq(N,a, succ(x)))"
1.474 + (fn prems=>
1.475 +  [ (NE_tac "a" 1),
1.476 +    (resolve_tac [PlusI_inr] 3),
1.477 +    (resolve_tac [PlusI_inl] 2),
1.478 +    eqintr_tac,
1.479 +    (equal_tac prems) ]);
1.480 +
1.481 +(*Main Result.  Holds when b is 0 since   a mod 0 = a     and    a div 0 = 0  *)
1.482 +val prems =
1.483 +goal Arith.thy "[| a:N;  b:N |] ==> a mod b  #+  (a div b) #* b = a : N";
1.484 +by (NE_tac "a" 1);
1.485 +by (arith_rew_tac (div_typing_rls@prems@[modC0,modC_succ,divC0,divC_succ2]));
1.486 +by (resolve_tac [EqE] 1);
1.487 +(*case analysis on   succ(u mod b)|-|b  *)
1.488 +by (res_inst_tac [("a1", "succ(u mod b) |-| b")]
1.489 +                 (iszero_decidable RS PlusE) 1);
1.490 +by (etac SumE 3);
1.491 +by (hyp_arith_rew_tac (prems @ div_typing_rls @
1.492 +	[modC0,modC_succ, divC0, divC_succ2]));
1.493 +(*Replace one occurence of  b  by succ(u mod b).  Clumsy!*)
1.494 +by (resolve_tac [ add_typingL RS trans_elem ] 1);
1.495 +by (eresolve_tac [EqE RS absdiff_eq0 RS sym_elem] 1);
1.496 +by (resolve_tac [refl_elem] 3);
1.497 +by (hyp_arith_rew_tac (prems @ div_typing_rls));
1.498 +val mod_div_equality = result();
1.499 +
1.500 +writeln"Reached end of file.";
```