src/HOL/Divides.thy
 author nipkow Fri Aug 28 18:52:41 2009 +0200 (2009-08-28) changeset 32436 10cd49e0c067 parent 32010 cb1a1c94b4cd child 33274 b6ff7db522b5 permissions -rw-r--r--
Turned "x <= y ==> sup x y = y" (and relatives) into simp rules
```     1 (*  Title:      HOL/Divides.thy
```
```     2     Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
```
```     3     Copyright   1999  University of Cambridge
```
```     4 *)
```
```     5
```
```     6 header {* The division operators div and mod *}
```
```     7
```
```     8 theory Divides
```
```     9 imports Nat Power Product_Type
```
```    10 uses "~~/src/Provers/Arith/cancel_div_mod.ML"
```
```    11 begin
```
```    12
```
```    13 subsection {* Syntactic division operations *}
```
```    14
```
```    15 class div = dvd +
```
```    16   fixes div :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "div" 70)
```
```    17     and mod :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "mod" 70)
```
```    18
```
```    19
```
```    20 subsection {* Abstract division in commutative semirings. *}
```
```    21
```
```    22 class semiring_div = comm_semiring_1_cancel + no_zero_divisors + div +
```
```    23   assumes mod_div_equality: "a div b * b + a mod b = a"
```
```    24     and div_by_0 [simp]: "a div 0 = 0"
```
```    25     and div_0 [simp]: "0 div a = 0"
```
```    26     and div_mult_self1 [simp]: "b \<noteq> 0 \<Longrightarrow> (a + c * b) div b = c + a div b"
```
```    27     and div_mult_mult1 [simp]: "c \<noteq> 0 \<Longrightarrow> (c * a) div (c * b) = a div b"
```
```    28 begin
```
```    29
```
```    30 text {* @{const div} and @{const mod} *}
```
```    31
```
```    32 lemma mod_div_equality2: "b * (a div b) + a mod b = a"
```
```    33   unfolding mult_commute [of b]
```
```    34   by (rule mod_div_equality)
```
```    35
```
```    36 lemma mod_div_equality': "a mod b + a div b * b = a"
```
```    37   using mod_div_equality [of a b]
```
```    38   by (simp only: add_ac)
```
```    39
```
```    40 lemma div_mod_equality: "((a div b) * b + a mod b) + c = a + c"
```
```    41   by (simp add: mod_div_equality)
```
```    42
```
```    43 lemma div_mod_equality2: "(b * (a div b) + a mod b) + c = a + c"
```
```    44   by (simp add: mod_div_equality2)
```
```    45
```
```    46 lemma mod_by_0 [simp]: "a mod 0 = a"
```
```    47   using mod_div_equality [of a zero] by simp
```
```    48
```
```    49 lemma mod_0 [simp]: "0 mod a = 0"
```
```    50   using mod_div_equality [of zero a] div_0 by simp
```
```    51
```
```    52 lemma div_mult_self2 [simp]:
```
```    53   assumes "b \<noteq> 0"
```
```    54   shows "(a + b * c) div b = c + a div b"
```
```    55   using assms div_mult_self1 [of b a c] by (simp add: mult_commute)
```
```    56
```
```    57 lemma mod_mult_self1 [simp]: "(a + c * b) mod b = a mod b"
```
```    58 proof (cases "b = 0")
```
```    59   case True then show ?thesis by simp
```
```    60 next
```
```    61   case False
```
```    62   have "a + c * b = (a + c * b) div b * b + (a + c * b) mod b"
```
```    63     by (simp add: mod_div_equality)
```
```    64   also from False div_mult_self1 [of b a c] have
```
```    65     "\<dots> = (c + a div b) * b + (a + c * b) mod b"
```
```    66       by (simp add: algebra_simps)
```
```    67   finally have "a = a div b * b + (a + c * b) mod b"
```
```    68     by (simp add: add_commute [of a] add_assoc left_distrib)
```
```    69   then have "a div b * b + (a + c * b) mod b = a div b * b + a mod b"
```
```    70     by (simp add: mod_div_equality)
```
```    71   then show ?thesis by simp
```
```    72 qed
```
```    73
```
```    74 lemma mod_mult_self2 [simp]: "(a + b * c) mod b = a mod b"
```
```    75   by (simp add: mult_commute [of b])
```
```    76
```
```    77 lemma div_mult_self1_is_id [simp]: "b \<noteq> 0 \<Longrightarrow> b * a div b = a"
```
```    78   using div_mult_self2 [of b 0 a] by simp
```
```    79
```
```    80 lemma div_mult_self2_is_id [simp]: "b \<noteq> 0 \<Longrightarrow> a * b div b = a"
```
```    81   using div_mult_self1 [of b 0 a] by simp
```
```    82
```
```    83 lemma mod_mult_self1_is_0 [simp]: "b * a mod b = 0"
```
```    84   using mod_mult_self2 [of 0 b a] by simp
```
```    85
```
```    86 lemma mod_mult_self2_is_0 [simp]: "a * b mod b = 0"
```
```    87   using mod_mult_self1 [of 0 a b] by simp
```
```    88
```
```    89 lemma div_by_1 [simp]: "a div 1 = a"
```
```    90   using div_mult_self2_is_id [of 1 a] zero_neq_one by simp
```
```    91
```
```    92 lemma mod_by_1 [simp]: "a mod 1 = 0"
```
```    93 proof -
```
```    94   from mod_div_equality [of a one] div_by_1 have "a + a mod 1 = a" by simp
```
```    95   then have "a + a mod 1 = a + 0" by simp
```
```    96   then show ?thesis by (rule add_left_imp_eq)
```
```    97 qed
```
```    98
```
```    99 lemma mod_self [simp]: "a mod a = 0"
```
```   100   using mod_mult_self2_is_0 [of 1] by simp
```
```   101
```
```   102 lemma div_self [simp]: "a \<noteq> 0 \<Longrightarrow> a div a = 1"
```
```   103   using div_mult_self2_is_id [of _ 1] by simp
```
```   104
```
```   105 lemma div_add_self1 [simp]:
```
```   106   assumes "b \<noteq> 0"
```
```   107   shows "(b + a) div b = a div b + 1"
```
```   108   using assms div_mult_self1 [of b a 1] by (simp add: add_commute)
```
```   109
```
```   110 lemma div_add_self2 [simp]:
```
```   111   assumes "b \<noteq> 0"
```
```   112   shows "(a + b) div b = a div b + 1"
```
```   113   using assms div_add_self1 [of b a] by (simp add: add_commute)
```
```   114
```
```   115 lemma mod_add_self1 [simp]:
```
```   116   "(b + a) mod b = a mod b"
```
```   117   using mod_mult_self1 [of a 1 b] by (simp add: add_commute)
```
```   118
```
```   119 lemma mod_add_self2 [simp]:
```
```   120   "(a + b) mod b = a mod b"
```
```   121   using mod_mult_self1 [of a 1 b] by simp
```
```   122
```
```   123 lemma mod_div_decomp:
```
```   124   fixes a b
```
```   125   obtains q r where "q = a div b" and "r = a mod b"
```
```   126     and "a = q * b + r"
```
```   127 proof -
```
```   128   from mod_div_equality have "a = a div b * b + a mod b" by simp
```
```   129   moreover have "a div b = a div b" ..
```
```   130   moreover have "a mod b = a mod b" ..
```
```   131   note that ultimately show thesis by blast
```
```   132 qed
```
```   133
```
```   134 lemma dvd_eq_mod_eq_0 [code_unfold]: "a dvd b \<longleftrightarrow> b mod a = 0"
```
```   135 proof
```
```   136   assume "b mod a = 0"
```
```   137   with mod_div_equality [of b a] have "b div a * a = b" by simp
```
```   138   then have "b = a * (b div a)" unfolding mult_commute ..
```
```   139   then have "\<exists>c. b = a * c" ..
```
```   140   then show "a dvd b" unfolding dvd_def .
```
```   141 next
```
```   142   assume "a dvd b"
```
```   143   then have "\<exists>c. b = a * c" unfolding dvd_def .
```
```   144   then obtain c where "b = a * c" ..
```
```   145   then have "b mod a = a * c mod a" by simp
```
```   146   then have "b mod a = c * a mod a" by (simp add: mult_commute)
```
```   147   then show "b mod a = 0" by simp
```
```   148 qed
```
```   149
```
```   150 lemma mod_div_trivial [simp]: "a mod b div b = 0"
```
```   151 proof (cases "b = 0")
```
```   152   assume "b = 0"
```
```   153   thus ?thesis by simp
```
```   154 next
```
```   155   assume "b \<noteq> 0"
```
```   156   hence "a div b + a mod b div b = (a mod b + a div b * b) div b"
```
```   157     by (rule div_mult_self1 [symmetric])
```
```   158   also have "\<dots> = a div b"
```
```   159     by (simp only: mod_div_equality')
```
```   160   also have "\<dots> = a div b + 0"
```
```   161     by simp
```
```   162   finally show ?thesis
```
```   163     by (rule add_left_imp_eq)
```
```   164 qed
```
```   165
```
```   166 lemma mod_mod_trivial [simp]: "a mod b mod b = a mod b"
```
```   167 proof -
```
```   168   have "a mod b mod b = (a mod b + a div b * b) mod b"
```
```   169     by (simp only: mod_mult_self1)
```
```   170   also have "\<dots> = a mod b"
```
```   171     by (simp only: mod_div_equality')
```
```   172   finally show ?thesis .
```
```   173 qed
```
```   174
```
```   175 lemma dvd_imp_mod_0: "a dvd b \<Longrightarrow> b mod a = 0"
```
```   176 by (rule dvd_eq_mod_eq_0[THEN iffD1])
```
```   177
```
```   178 lemma dvd_div_mult_self: "a dvd b \<Longrightarrow> (b div a) * a = b"
```
```   179 by (subst (2) mod_div_equality [of b a, symmetric]) (simp add:dvd_imp_mod_0)
```
```   180
```
```   181 lemma dvd_div_mult: "a dvd b \<Longrightarrow> (b div a) * c = b * c div a"
```
```   182 apply (cases "a = 0")
```
```   183  apply simp
```
```   184 apply (auto simp: dvd_def mult_assoc)
```
```   185 done
```
```   186
```
```   187 lemma div_dvd_div[simp]:
```
```   188   "a dvd b \<Longrightarrow> a dvd c \<Longrightarrow> (b div a dvd c div a) = (b dvd c)"
```
```   189 apply (cases "a = 0")
```
```   190  apply simp
```
```   191 apply (unfold dvd_def)
```
```   192 apply auto
```
```   193  apply(blast intro:mult_assoc[symmetric])
```
```   194 apply(fastsimp simp add: mult_assoc)
```
```   195 done
```
```   196
```
```   197 lemma dvd_mod_imp_dvd: "[| k dvd m mod n;  k dvd n |] ==> k dvd m"
```
```   198   apply (subgoal_tac "k dvd (m div n) *n + m mod n")
```
```   199    apply (simp add: mod_div_equality)
```
```   200   apply (simp only: dvd_add dvd_mult)
```
```   201   done
```
```   202
```
```   203 text {* Addition respects modular equivalence. *}
```
```   204
```
```   205 lemma mod_add_left_eq: "(a + b) mod c = (a mod c + b) mod c"
```
```   206 proof -
```
```   207   have "(a + b) mod c = (a div c * c + a mod c + b) mod c"
```
```   208     by (simp only: mod_div_equality)
```
```   209   also have "\<dots> = (a mod c + b + a div c * c) mod c"
```
```   210     by (simp only: add_ac)
```
```   211   also have "\<dots> = (a mod c + b) mod c"
```
```   212     by (rule mod_mult_self1)
```
```   213   finally show ?thesis .
```
```   214 qed
```
```   215
```
```   216 lemma mod_add_right_eq: "(a + b) mod c = (a + b mod c) mod c"
```
```   217 proof -
```
```   218   have "(a + b) mod c = (a + (b div c * c + b mod c)) mod c"
```
```   219     by (simp only: mod_div_equality)
```
```   220   also have "\<dots> = (a + b mod c + b div c * c) mod c"
```
```   221     by (simp only: add_ac)
```
```   222   also have "\<dots> = (a + b mod c) mod c"
```
```   223     by (rule mod_mult_self1)
```
```   224   finally show ?thesis .
```
```   225 qed
```
```   226
```
```   227 lemma mod_add_eq: "(a + b) mod c = (a mod c + b mod c) mod c"
```
```   228 by (rule trans [OF mod_add_left_eq mod_add_right_eq])
```
```   229
```
```   230 lemma mod_add_cong:
```
```   231   assumes "a mod c = a' mod c"
```
```   232   assumes "b mod c = b' mod c"
```
```   233   shows "(a + b) mod c = (a' + b') mod c"
```
```   234 proof -
```
```   235   have "(a mod c + b mod c) mod c = (a' mod c + b' mod c) mod c"
```
```   236     unfolding assms ..
```
```   237   thus ?thesis
```
```   238     by (simp only: mod_add_eq [symmetric])
```
```   239 qed
```
```   240
```
```   241 lemma div_add [simp]: "z dvd x \<Longrightarrow> z dvd y
```
```   242   \<Longrightarrow> (x + y) div z = x div z + y div z"
```
```   243 by (cases "z = 0", simp, unfold dvd_def, auto simp add: algebra_simps)
```
```   244
```
```   245 text {* Multiplication respects modular equivalence. *}
```
```   246
```
```   247 lemma mod_mult_left_eq: "(a * b) mod c = ((a mod c) * b) mod c"
```
```   248 proof -
```
```   249   have "(a * b) mod c = ((a div c * c + a mod c) * b) mod c"
```
```   250     by (simp only: mod_div_equality)
```
```   251   also have "\<dots> = (a mod c * b + a div c * b * c) mod c"
```
```   252     by (simp only: algebra_simps)
```
```   253   also have "\<dots> = (a mod c * b) mod c"
```
```   254     by (rule mod_mult_self1)
```
```   255   finally show ?thesis .
```
```   256 qed
```
```   257
```
```   258 lemma mod_mult_right_eq: "(a * b) mod c = (a * (b mod c)) mod c"
```
```   259 proof -
```
```   260   have "(a * b) mod c = (a * (b div c * c + b mod c)) mod c"
```
```   261     by (simp only: mod_div_equality)
```
```   262   also have "\<dots> = (a * (b mod c) + a * (b div c) * c) mod c"
```
```   263     by (simp only: algebra_simps)
```
```   264   also have "\<dots> = (a * (b mod c)) mod c"
```
```   265     by (rule mod_mult_self1)
```
```   266   finally show ?thesis .
```
```   267 qed
```
```   268
```
```   269 lemma mod_mult_eq: "(a * b) mod c = ((a mod c) * (b mod c)) mod c"
```
```   270 by (rule trans [OF mod_mult_left_eq mod_mult_right_eq])
```
```   271
```
```   272 lemma mod_mult_cong:
```
```   273   assumes "a mod c = a' mod c"
```
```   274   assumes "b mod c = b' mod c"
```
```   275   shows "(a * b) mod c = (a' * b') mod c"
```
```   276 proof -
```
```   277   have "(a mod c * (b mod c)) mod c = (a' mod c * (b' mod c)) mod c"
```
```   278     unfolding assms ..
```
```   279   thus ?thesis
```
```   280     by (simp only: mod_mult_eq [symmetric])
```
```   281 qed
```
```   282
```
```   283 lemma mod_mod_cancel:
```
```   284   assumes "c dvd b"
```
```   285   shows "a mod b mod c = a mod c"
```
```   286 proof -
```
```   287   from `c dvd b` obtain k where "b = c * k"
```
```   288     by (rule dvdE)
```
```   289   have "a mod b mod c = a mod (c * k) mod c"
```
```   290     by (simp only: `b = c * k`)
```
```   291   also have "\<dots> = (a mod (c * k) + a div (c * k) * k * c) mod c"
```
```   292     by (simp only: mod_mult_self1)
```
```   293   also have "\<dots> = (a div (c * k) * (c * k) + a mod (c * k)) mod c"
```
```   294     by (simp only: add_ac mult_ac)
```
```   295   also have "\<dots> = a mod c"
```
```   296     by (simp only: mod_div_equality)
```
```   297   finally show ?thesis .
```
```   298 qed
```
```   299
```
```   300 lemma div_mult_div_if_dvd:
```
```   301   "y dvd x \<Longrightarrow> z dvd w \<Longrightarrow> (x div y) * (w div z) = (x * w) div (y * z)"
```
```   302   apply (cases "y = 0", simp)
```
```   303   apply (cases "z = 0", simp)
```
```   304   apply (auto elim!: dvdE simp add: algebra_simps)
```
```   305   apply (subst mult_assoc [symmetric])
```
```   306   apply (simp add: no_zero_divisors)
```
```   307   done
```
```   308
```
```   309 lemma div_mult_mult2 [simp]:
```
```   310   "c \<noteq> 0 \<Longrightarrow> (a * c) div (b * c) = a div b"
```
```   311   by (drule div_mult_mult1) (simp add: mult_commute)
```
```   312
```
```   313 lemma div_mult_mult1_if [simp]:
```
```   314   "(c * a) div (c * b) = (if c = 0 then 0 else a div b)"
```
```   315   by simp_all
```
```   316
```
```   317 lemma mod_mult_mult1:
```
```   318   "(c * a) mod (c * b) = c * (a mod b)"
```
```   319 proof (cases "c = 0")
```
```   320   case True then show ?thesis by simp
```
```   321 next
```
```   322   case False
```
```   323   from mod_div_equality
```
```   324   have "((c * a) div (c * b)) * (c * b) + (c * a) mod (c * b) = c * a" .
```
```   325   with False have "c * ((a div b) * b + a mod b) + (c * a) mod (c * b)
```
```   326     = c * a + c * (a mod b)" by (simp add: algebra_simps)
```
```   327   with mod_div_equality show ?thesis by simp
```
```   328 qed
```
```   329
```
```   330 lemma mod_mult_mult2:
```
```   331   "(a * c) mod (b * c) = (a mod b) * c"
```
```   332   using mod_mult_mult1 [of c a b] by (simp add: mult_commute)
```
```   333
```
```   334 lemma dvd_mod: "k dvd m \<Longrightarrow> k dvd n \<Longrightarrow> k dvd (m mod n)"
```
```   335   unfolding dvd_def by (auto simp add: mod_mult_mult1)
```
```   336
```
```   337 lemma dvd_mod_iff: "k dvd n \<Longrightarrow> k dvd (m mod n) \<longleftrightarrow> k dvd m"
```
```   338 by (blast intro: dvd_mod_imp_dvd dvd_mod)
```
```   339
```
```   340 lemma div_power:
```
```   341   "y dvd x \<Longrightarrow> (x div y) ^ n = x ^ n div y ^ n"
```
```   342 apply (induct n)
```
```   343  apply simp
```
```   344 apply(simp add: div_mult_div_if_dvd dvd_power_same)
```
```   345 done
```
```   346
```
```   347 end
```
```   348
```
```   349 class ring_div = semiring_div + idom
```
```   350 begin
```
```   351
```
```   352 text {* Negation respects modular equivalence. *}
```
```   353
```
```   354 lemma mod_minus_eq: "(- a) mod b = (- (a mod b)) mod b"
```
```   355 proof -
```
```   356   have "(- a) mod b = (- (a div b * b + a mod b)) mod b"
```
```   357     by (simp only: mod_div_equality)
```
```   358   also have "\<dots> = (- (a mod b) + - (a div b) * b) mod b"
```
```   359     by (simp only: minus_add_distrib minus_mult_left add_ac)
```
```   360   also have "\<dots> = (- (a mod b)) mod b"
```
```   361     by (rule mod_mult_self1)
```
```   362   finally show ?thesis .
```
```   363 qed
```
```   364
```
```   365 lemma mod_minus_cong:
```
```   366   assumes "a mod b = a' mod b"
```
```   367   shows "(- a) mod b = (- a') mod b"
```
```   368 proof -
```
```   369   have "(- (a mod b)) mod b = (- (a' mod b)) mod b"
```
```   370     unfolding assms ..
```
```   371   thus ?thesis
```
```   372     by (simp only: mod_minus_eq [symmetric])
```
```   373 qed
```
```   374
```
```   375 text {* Subtraction respects modular equivalence. *}
```
```   376
```
```   377 lemma mod_diff_left_eq: "(a - b) mod c = (a mod c - b) mod c"
```
```   378   unfolding diff_minus
```
```   379   by (intro mod_add_cong mod_minus_cong) simp_all
```
```   380
```
```   381 lemma mod_diff_right_eq: "(a - b) mod c = (a - b mod c) mod c"
```
```   382   unfolding diff_minus
```
```   383   by (intro mod_add_cong mod_minus_cong) simp_all
```
```   384
```
```   385 lemma mod_diff_eq: "(a - b) mod c = (a mod c - b mod c) mod c"
```
```   386   unfolding diff_minus
```
```   387   by (intro mod_add_cong mod_minus_cong) simp_all
```
```   388
```
```   389 lemma mod_diff_cong:
```
```   390   assumes "a mod c = a' mod c"
```
```   391   assumes "b mod c = b' mod c"
```
```   392   shows "(a - b) mod c = (a' - b') mod c"
```
```   393   unfolding diff_minus using assms
```
```   394   by (intro mod_add_cong mod_minus_cong)
```
```   395
```
```   396 lemma dvd_neg_div: "y dvd x \<Longrightarrow> -x div y = - (x div y)"
```
```   397 apply (case_tac "y = 0") apply simp
```
```   398 apply (auto simp add: dvd_def)
```
```   399 apply (subgoal_tac "-(y * k) = y * - k")
```
```   400  apply (erule ssubst)
```
```   401  apply (erule div_mult_self1_is_id)
```
```   402 apply simp
```
```   403 done
```
```   404
```
```   405 lemma dvd_div_neg: "y dvd x \<Longrightarrow> x div -y = - (x div y)"
```
```   406 apply (case_tac "y = 0") apply simp
```
```   407 apply (auto simp add: dvd_def)
```
```   408 apply (subgoal_tac "y * k = -y * -k")
```
```   409  apply (erule ssubst)
```
```   410  apply (rule div_mult_self1_is_id)
```
```   411  apply simp
```
```   412 apply simp
```
```   413 done
```
```   414
```
```   415 end
```
```   416
```
```   417
```
```   418 subsection {* Division on @{typ nat} *}
```
```   419
```
```   420 text {*
```
```   421   We define @{const div} and @{const mod} on @{typ nat} by means
```
```   422   of a characteristic relation with two input arguments
```
```   423   @{term "m\<Colon>nat"}, @{term "n\<Colon>nat"} and two output arguments
```
```   424   @{term "q\<Colon>nat"}(uotient) and @{term "r\<Colon>nat"}(emainder).
```
```   425 *}
```
```   426
```
```   427 definition divmod_rel :: "nat \<Rightarrow> nat \<Rightarrow> nat \<times> nat \<Rightarrow> bool" where
```
```   428   "divmod_rel m n qr \<longleftrightarrow>
```
```   429     m = fst qr * n + snd qr \<and>
```
```   430       (if n = 0 then fst qr = 0 else if n > 0 then 0 \<le> snd qr \<and> snd qr < n else n < snd qr \<and> snd qr \<le> 0)"
```
```   431
```
```   432 text {* @{const divmod_rel} is total: *}
```
```   433
```
```   434 lemma divmod_rel_ex:
```
```   435   obtains q r where "divmod_rel m n (q, r)"
```
```   436 proof (cases "n = 0")
```
```   437   case True  with that show thesis
```
```   438     by (auto simp add: divmod_rel_def)
```
```   439 next
```
```   440   case False
```
```   441   have "\<exists>q r. m = q * n + r \<and> r < n"
```
```   442   proof (induct m)
```
```   443     case 0 with `n \<noteq> 0`
```
```   444     have "(0\<Colon>nat) = 0 * n + 0 \<and> 0 < n" by simp
```
```   445     then show ?case by blast
```
```   446   next
```
```   447     case (Suc m) then obtain q' r'
```
```   448       where m: "m = q' * n + r'" and n: "r' < n" by auto
```
```   449     then show ?case proof (cases "Suc r' < n")
```
```   450       case True
```
```   451       from m n have "Suc m = q' * n + Suc r'" by simp
```
```   452       with True show ?thesis by blast
```
```   453     next
```
```   454       case False then have "n \<le> Suc r'" by auto
```
```   455       moreover from n have "Suc r' \<le> n" by auto
```
```   456       ultimately have "n = Suc r'" by auto
```
```   457       with m have "Suc m = Suc q' * n + 0" by simp
```
```   458       with `n \<noteq> 0` show ?thesis by blast
```
```   459     qed
```
```   460   qed
```
```   461   with that show thesis
```
```   462     using `n \<noteq> 0` by (auto simp add: divmod_rel_def)
```
```   463 qed
```
```   464
```
```   465 text {* @{const divmod_rel} is injective: *}
```
```   466
```
```   467 lemma divmod_rel_unique:
```
```   468   assumes "divmod_rel m n qr"
```
```   469     and "divmod_rel m n qr'"
```
```   470   shows "qr = qr'"
```
```   471 proof (cases "n = 0")
```
```   472   case True with assms show ?thesis
```
```   473     by (cases qr, cases qr')
```
```   474       (simp add: divmod_rel_def)
```
```   475 next
```
```   476   case False
```
```   477   have aux: "\<And>q r q' r'. q' * n + r' = q * n + r \<Longrightarrow> r < n \<Longrightarrow> q' \<le> (q\<Colon>nat)"
```
```   478   apply (rule leI)
```
```   479   apply (subst less_iff_Suc_add)
```
```   480   apply (auto simp add: add_mult_distrib)
```
```   481   done
```
```   482   from `n \<noteq> 0` assms have "fst qr = fst qr'"
```
```   483     by (auto simp add: divmod_rel_def intro: order_antisym dest: aux sym)
```
```   484   moreover from this assms have "snd qr = snd qr'"
```
```   485     by (simp add: divmod_rel_def)
```
```   486   ultimately show ?thesis by (cases qr, cases qr') simp
```
```   487 qed
```
```   488
```
```   489 text {*
```
```   490   We instantiate divisibility on the natural numbers by
```
```   491   means of @{const divmod_rel}:
```
```   492 *}
```
```   493
```
```   494 instantiation nat :: semiring_div
```
```   495 begin
```
```   496
```
```   497 definition divmod :: "nat \<Rightarrow> nat \<Rightarrow> nat \<times> nat" where
```
```   498   [code del]: "divmod m n = (THE qr. divmod_rel m n qr)"
```
```   499
```
```   500 lemma divmod_rel_divmod:
```
```   501   "divmod_rel m n (divmod m n)"
```
```   502 proof -
```
```   503   from divmod_rel_ex
```
```   504     obtain qr where rel: "divmod_rel m n qr" .
```
```   505   then show ?thesis
```
```   506   by (auto simp add: divmod_def intro: theI elim: divmod_rel_unique)
```
```   507 qed
```
```   508
```
```   509 lemma divmod_eq:
```
```   510   assumes "divmod_rel m n qr"
```
```   511   shows "divmod m n = qr"
```
```   512   using assms by (auto intro: divmod_rel_unique divmod_rel_divmod)
```
```   513
```
```   514 definition div_nat where
```
```   515   "m div n = fst (divmod m n)"
```
```   516
```
```   517 definition mod_nat where
```
```   518   "m mod n = snd (divmod m n)"
```
```   519
```
```   520 lemma divmod_div_mod:
```
```   521   "divmod m n = (m div n, m mod n)"
```
```   522   unfolding div_nat_def mod_nat_def by simp
```
```   523
```
```   524 lemma div_eq:
```
```   525   assumes "divmod_rel m n (q, r)"
```
```   526   shows "m div n = q"
```
```   527   using assms by (auto dest: divmod_eq simp add: divmod_div_mod)
```
```   528
```
```   529 lemma mod_eq:
```
```   530   assumes "divmod_rel m n (q, r)"
```
```   531   shows "m mod n = r"
```
```   532   using assms by (auto dest: divmod_eq simp add: divmod_div_mod)
```
```   533
```
```   534 lemma divmod_rel: "divmod_rel m n (m div n, m mod n)"
```
```   535   by (simp add: div_nat_def mod_nat_def divmod_rel_divmod)
```
```   536
```
```   537 lemma divmod_zero:
```
```   538   "divmod m 0 = (0, m)"
```
```   539 proof -
```
```   540   from divmod_rel [of m 0] show ?thesis
```
```   541     unfolding divmod_div_mod divmod_rel_def by simp
```
```   542 qed
```
```   543
```
```   544 lemma divmod_base:
```
```   545   assumes "m < n"
```
```   546   shows "divmod m n = (0, m)"
```
```   547 proof -
```
```   548   from divmod_rel [of m n] show ?thesis
```
```   549     unfolding divmod_div_mod divmod_rel_def
```
```   550     using assms by (cases "m div n = 0")
```
```   551       (auto simp add: gr0_conv_Suc [of "m div n"])
```
```   552 qed
```
```   553
```
```   554 lemma divmod_step:
```
```   555   assumes "0 < n" and "n \<le> m"
```
```   556   shows "divmod m n = (Suc ((m - n) div n), (m - n) mod n)"
```
```   557 proof -
```
```   558   from divmod_rel have divmod_m_n: "divmod_rel m n (m div n, m mod n)" .
```
```   559   with assms have m_div_n: "m div n \<ge> 1"
```
```   560     by (cases "m div n") (auto simp add: divmod_rel_def)
```
```   561   from assms divmod_m_n have "divmod_rel (m - n) n (m div n - Suc 0, m mod n)"
```
```   562     by (cases "m div n") (auto simp add: divmod_rel_def)
```
```   563   with divmod_eq have "divmod (m - n) n = (m div n - Suc 0, m mod n)" by simp
```
```   564   moreover from divmod_div_mod have "divmod (m - n) n = ((m - n) div n, (m - n) mod n)" .
```
```   565   ultimately have "m div n = Suc ((m - n) div n)"
```
```   566     and "m mod n = (m - n) mod n" using m_div_n by simp_all
```
```   567   then show ?thesis using divmod_div_mod by simp
```
```   568 qed
```
```   569
```
```   570 text {* The ''recursion'' equations for @{const div} and @{const mod} *}
```
```   571
```
```   572 lemma div_less [simp]:
```
```   573   fixes m n :: nat
```
```   574   assumes "m < n"
```
```   575   shows "m div n = 0"
```
```   576   using assms divmod_base divmod_div_mod by simp
```
```   577
```
```   578 lemma le_div_geq:
```
```   579   fixes m n :: nat
```
```   580   assumes "0 < n" and "n \<le> m"
```
```   581   shows "m div n = Suc ((m - n) div n)"
```
```   582   using assms divmod_step divmod_div_mod by simp
```
```   583
```
```   584 lemma mod_less [simp]:
```
```   585   fixes m n :: nat
```
```   586   assumes "m < n"
```
```   587   shows "m mod n = m"
```
```   588   using assms divmod_base divmod_div_mod by simp
```
```   589
```
```   590 lemma le_mod_geq:
```
```   591   fixes m n :: nat
```
```   592   assumes "n \<le> m"
```
```   593   shows "m mod n = (m - n) mod n"
```
```   594   using assms divmod_step divmod_div_mod by (cases "n = 0") simp_all
```
```   595
```
```   596 instance proof -
```
```   597   have [simp]: "\<And>n::nat. n div 0 = 0"
```
```   598     by (simp add: div_nat_def divmod_zero)
```
```   599   have [simp]: "\<And>n::nat. 0 div n = 0"
```
```   600   proof -
```
```   601     fix n :: nat
```
```   602     show "0 div n = 0"
```
```   603       by (cases "n = 0") simp_all
```
```   604   qed
```
```   605   show "OFCLASS(nat, semiring_div_class)" proof
```
```   606     fix m n :: nat
```
```   607     show "m div n * n + m mod n = m"
```
```   608       using divmod_rel [of m n] by (simp add: divmod_rel_def)
```
```   609   next
```
```   610     fix m n q :: nat
```
```   611     assume "n \<noteq> 0"
```
```   612     then show "(q + m * n) div n = m + q div n"
```
```   613       by (induct m) (simp_all add: le_div_geq)
```
```   614   next
```
```   615     fix m n q :: nat
```
```   616     assume "m \<noteq> 0"
```
```   617     then show "(m * n) div (m * q) = n div q"
```
```   618     proof (cases "n \<noteq> 0 \<and> q \<noteq> 0")
```
```   619       case False then show ?thesis by auto
```
```   620     next
```
```   621       case True with `m \<noteq> 0`
```
```   622         have "m > 0" and "n > 0" and "q > 0" by auto
```
```   623       then have "\<And>a b. divmod_rel n q (a, b) \<Longrightarrow> divmod_rel (m * n) (m * q) (a, m * b)"
```
```   624         by (auto simp add: divmod_rel_def) (simp_all add: algebra_simps)
```
```   625       moreover from divmod_rel have "divmod_rel n q (n div q, n mod q)" .
```
```   626       ultimately have "divmod_rel (m * n) (m * q) (n div q, m * (n mod q))" .
```
```   627       then show ?thesis by (simp add: div_eq)
```
```   628     qed
```
```   629   qed simp_all
```
```   630 qed
```
```   631
```
```   632 end
```
```   633
```
```   634 text {* Simproc for cancelling @{const div} and @{const mod} *}
```
```   635
```
```   636 ML {*
```
```   637 local
```
```   638
```
```   639 structure CancelDivMod = CancelDivModFun(struct
```
```   640
```
```   641   val div_name = @{const_name div};
```
```   642   val mod_name = @{const_name mod};
```
```   643   val mk_binop = HOLogic.mk_binop;
```
```   644   val mk_sum = Nat_Arith.mk_sum;
```
```   645   val dest_sum = Nat_Arith.dest_sum;
```
```   646
```
```   647   val div_mod_eqs = map mk_meta_eq [@{thm div_mod_equality}, @{thm div_mod_equality2}];
```
```   648
```
```   649   val trans = trans;
```
```   650
```
```   651   val prove_eq_sums = Arith_Data.prove_conv2 all_tac (Arith_Data.simp_all_tac
```
```   652     (@{thm monoid_add_class.add_0_left} :: @{thm monoid_add_class.add_0_right} :: @{thms add_ac}))
```
```   653
```
```   654 end)
```
```   655
```
```   656 in
```
```   657
```
```   658 val cancel_div_mod_nat_proc = Simplifier.simproc @{theory}
```
```   659   "cancel_div_mod" ["(m::nat) + n"] (K CancelDivMod.proc);
```
```   660
```
```   661 val _ = Addsimprocs [cancel_div_mod_nat_proc];
```
```   662
```
```   663 end
```
```   664 *}
```
```   665
```
```   666 text {* code generator setup *}
```
```   667
```
```   668 lemma divmod_if [code]: "divmod m n = (if n = 0 \<or> m < n then (0, m) else
```
```   669   let (q, r) = divmod (m - n) n in (Suc q, r))"
```
```   670 by (simp add: divmod_zero divmod_base divmod_step)
```
```   671     (simp add: divmod_div_mod)
```
```   672
```
```   673 code_modulename SML
```
```   674   Divides Nat
```
```   675
```
```   676 code_modulename OCaml
```
```   677   Divides Nat
```
```   678
```
```   679 code_modulename Haskell
```
```   680   Divides Nat
```
```   681
```
```   682
```
```   683 subsubsection {* Quotient *}
```
```   684
```
```   685 lemma div_geq: "0 < n \<Longrightarrow>  \<not> m < n \<Longrightarrow> m div n = Suc ((m - n) div n)"
```
```   686 by (simp add: le_div_geq linorder_not_less)
```
```   687
```
```   688 lemma div_if: "0 < n \<Longrightarrow> m div n = (if m < n then 0 else Suc ((m - n) div n))"
```
```   689 by (simp add: div_geq)
```
```   690
```
```   691 lemma div_mult_self_is_m [simp]: "0<n ==> (m*n) div n = (m::nat)"
```
```   692 by simp
```
```   693
```
```   694 lemma div_mult_self1_is_m [simp]: "0<n ==> (n*m) div n = (m::nat)"
```
```   695 by simp
```
```   696
```
```   697
```
```   698 subsubsection {* Remainder *}
```
```   699
```
```   700 lemma mod_less_divisor [simp]:
```
```   701   fixes m n :: nat
```
```   702   assumes "n > 0"
```
```   703   shows "m mod n < (n::nat)"
```
```   704   using assms divmod_rel [of m n] unfolding divmod_rel_def by auto
```
```   705
```
```   706 lemma mod_less_eq_dividend [simp]:
```
```   707   fixes m n :: nat
```
```   708   shows "m mod n \<le> m"
```
```   709 proof (rule add_leD2)
```
```   710   from mod_div_equality have "m div n * n + m mod n = m" .
```
```   711   then show "m div n * n + m mod n \<le> m" by auto
```
```   712 qed
```
```   713
```
```   714 lemma mod_geq: "\<not> m < (n\<Colon>nat) \<Longrightarrow> m mod n = (m - n) mod n"
```
```   715 by (simp add: le_mod_geq linorder_not_less)
```
```   716
```
```   717 lemma mod_if: "m mod (n\<Colon>nat) = (if m < n then m else (m - n) mod n)"
```
```   718 by (simp add: le_mod_geq)
```
```   719
```
```   720 lemma mod_1 [simp]: "m mod Suc 0 = 0"
```
```   721 by (induct m) (simp_all add: mod_geq)
```
```   722
```
```   723 lemma mod_mult_distrib: "(m mod n) * (k\<Colon>nat) = (m * k) mod (n * k)"
```
```   724   apply (cases "n = 0", simp)
```
```   725   apply (cases "k = 0", simp)
```
```   726   apply (induct m rule: nat_less_induct)
```
```   727   apply (subst mod_if, simp)
```
```   728   apply (simp add: mod_geq diff_mult_distrib)
```
```   729   done
```
```   730
```
```   731 lemma mod_mult_distrib2: "(k::nat) * (m mod n) = (k*m) mod (k*n)"
```
```   732 by (simp add: mult_commute [of k] mod_mult_distrib)
```
```   733
```
```   734 (* a simple rearrangement of mod_div_equality: *)
```
```   735 lemma mult_div_cancel: "(n::nat) * (m div n) = m - (m mod n)"
```
```   736 by (cut_tac a = m and b = n in mod_div_equality2, arith)
```
```   737
```
```   738 lemma mod_le_divisor[simp]: "0 < n \<Longrightarrow> m mod n \<le> (n::nat)"
```
```   739   apply (drule mod_less_divisor [where m = m])
```
```   740   apply simp
```
```   741   done
```
```   742
```
```   743 subsubsection {* Quotient and Remainder *}
```
```   744
```
```   745 lemma divmod_rel_mult1_eq:
```
```   746   "divmod_rel b c (q, r) \<Longrightarrow> c > 0
```
```   747    \<Longrightarrow> divmod_rel (a * b) c (a * q + a * r div c, a * r mod c)"
```
```   748 by (auto simp add: split_ifs divmod_rel_def algebra_simps)
```
```   749
```
```   750 lemma div_mult1_eq:
```
```   751   "(a * b) div c = a * (b div c) + a * (b mod c) div (c::nat)"
```
```   752 apply (cases "c = 0", simp)
```
```   753 apply (blast intro: divmod_rel [THEN divmod_rel_mult1_eq, THEN div_eq])
```
```   754 done
```
```   755
```
```   756 lemma divmod_rel_add1_eq:
```
```   757   "divmod_rel a c (aq, ar) \<Longrightarrow> divmod_rel b c (bq, br) \<Longrightarrow>  c > 0
```
```   758    \<Longrightarrow> divmod_rel (a + b) c (aq + bq + (ar + br) div c, (ar + br) mod c)"
```
```   759 by (auto simp add: split_ifs divmod_rel_def algebra_simps)
```
```   760
```
```   761 (*NOT suitable for rewriting: the RHS has an instance of the LHS*)
```
```   762 lemma div_add1_eq:
```
```   763   "(a+b) div (c::nat) = a div c + b div c + ((a mod c + b mod c) div c)"
```
```   764 apply (cases "c = 0", simp)
```
```   765 apply (blast intro: divmod_rel_add1_eq [THEN div_eq] divmod_rel)
```
```   766 done
```
```   767
```
```   768 lemma mod_lemma: "[| (0::nat) < c; r < b |] ==> b * (q mod c) + r < b * c"
```
```   769   apply (cut_tac m = q and n = c in mod_less_divisor)
```
```   770   apply (drule_tac [2] m = "q mod c" in less_imp_Suc_add, auto)
```
```   771   apply (erule_tac P = "%x. ?lhs < ?rhs x" in ssubst)
```
```   772   apply (simp add: add_mult_distrib2)
```
```   773   done
```
```   774
```
```   775 lemma divmod_rel_mult2_eq:
```
```   776   "divmod_rel a b (q, r) \<Longrightarrow> 0 < b \<Longrightarrow> 0 < c
```
```   777    \<Longrightarrow> divmod_rel a (b * c) (q div c, b *(q mod c) + r)"
```
```   778 by (auto simp add: mult_ac divmod_rel_def add_mult_distrib2 [symmetric] mod_lemma)
```
```   779
```
```   780 lemma div_mult2_eq: "a div (b*c) = (a div b) div (c::nat)"
```
```   781   apply (cases "b = 0", simp)
```
```   782   apply (cases "c = 0", simp)
```
```   783   apply (force simp add: divmod_rel [THEN divmod_rel_mult2_eq, THEN div_eq])
```
```   784   done
```
```   785
```
```   786 lemma mod_mult2_eq: "a mod (b*c) = b*(a div b mod c) + a mod (b::nat)"
```
```   787   apply (cases "b = 0", simp)
```
```   788   apply (cases "c = 0", simp)
```
```   789   apply (auto simp add: mult_commute divmod_rel [THEN divmod_rel_mult2_eq, THEN mod_eq])
```
```   790   done
```
```   791
```
```   792
```
```   793 subsubsection{*Further Facts about Quotient and Remainder*}
```
```   794
```
```   795 lemma div_1 [simp]: "m div Suc 0 = m"
```
```   796 by (induct m) (simp_all add: div_geq)
```
```   797
```
```   798
```
```   799 (* Monotonicity of div in first argument *)
```
```   800 lemma div_le_mono [rule_format (no_asm)]:
```
```   801     "\<forall>m::nat. m \<le> n --> (m div k) \<le> (n div k)"
```
```   802 apply (case_tac "k=0", simp)
```
```   803 apply (induct "n" rule: nat_less_induct, clarify)
```
```   804 apply (case_tac "n<k")
```
```   805 (* 1  case n<k *)
```
```   806 apply simp
```
```   807 (* 2  case n >= k *)
```
```   808 apply (case_tac "m<k")
```
```   809 (* 2.1  case m<k *)
```
```   810 apply simp
```
```   811 (* 2.2  case m>=k *)
```
```   812 apply (simp add: div_geq diff_le_mono)
```
```   813 done
```
```   814
```
```   815 (* Antimonotonicity of div in second argument *)
```
```   816 lemma div_le_mono2: "!!m::nat. [| 0<m; m\<le>n |] ==> (k div n) \<le> (k div m)"
```
```   817 apply (subgoal_tac "0<n")
```
```   818  prefer 2 apply simp
```
```   819 apply (induct_tac k rule: nat_less_induct)
```
```   820 apply (rename_tac "k")
```
```   821 apply (case_tac "k<n", simp)
```
```   822 apply (subgoal_tac "~ (k<m) ")
```
```   823  prefer 2 apply simp
```
```   824 apply (simp add: div_geq)
```
```   825 apply (subgoal_tac "(k-n) div n \<le> (k-m) div n")
```
```   826  prefer 2
```
```   827  apply (blast intro: div_le_mono diff_le_mono2)
```
```   828 apply (rule le_trans, simp)
```
```   829 apply (simp)
```
```   830 done
```
```   831
```
```   832 lemma div_le_dividend [simp]: "m div n \<le> (m::nat)"
```
```   833 apply (case_tac "n=0", simp)
```
```   834 apply (subgoal_tac "m div n \<le> m div 1", simp)
```
```   835 apply (rule div_le_mono2)
```
```   836 apply (simp_all (no_asm_simp))
```
```   837 done
```
```   838
```
```   839 (* Similar for "less than" *)
```
```   840 lemma div_less_dividend [rule_format]:
```
```   841      "!!n::nat. 1<n ==> 0 < m --> m div n < m"
```
```   842 apply (induct_tac m rule: nat_less_induct)
```
```   843 apply (rename_tac "m")
```
```   844 apply (case_tac "m<n", simp)
```
```   845 apply (subgoal_tac "0<n")
```
```   846  prefer 2 apply simp
```
```   847 apply (simp add: div_geq)
```
```   848 apply (case_tac "n<m")
```
```   849  apply (subgoal_tac "(m-n) div n < (m-n) ")
```
```   850   apply (rule impI less_trans_Suc)+
```
```   851 apply assumption
```
```   852   apply (simp_all)
```
```   853 done
```
```   854
```
```   855 declare div_less_dividend [simp]
```
```   856
```
```   857 text{*A fact for the mutilated chess board*}
```
```   858 lemma mod_Suc: "Suc(m) mod n = (if Suc(m mod n) = n then 0 else Suc(m mod n))"
```
```   859 apply (case_tac "n=0", simp)
```
```   860 apply (induct "m" rule: nat_less_induct)
```
```   861 apply (case_tac "Suc (na) <n")
```
```   862 (* case Suc(na) < n *)
```
```   863 apply (frule lessI [THEN less_trans], simp add: less_not_refl3)
```
```   864 (* case n \<le> Suc(na) *)
```
```   865 apply (simp add: linorder_not_less le_Suc_eq mod_geq)
```
```   866 apply (auto simp add: Suc_diff_le le_mod_geq)
```
```   867 done
```
```   868
```
```   869
```
```   870 subsubsection {* The Divides Relation *}
```
```   871
```
```   872 lemma dvd_1_left [iff]: "Suc 0 dvd k"
```
```   873   unfolding dvd_def by simp
```
```   874
```
```   875 lemma dvd_1_iff_1 [simp]: "(m dvd Suc 0) = (m = Suc 0)"
```
```   876 by (simp add: dvd_def)
```
```   877
```
```   878 lemma nat_dvd_1_iff_1 [simp]: "m dvd (1::nat) \<longleftrightarrow> m = 1"
```
```   879 by (simp add: dvd_def)
```
```   880
```
```   881 lemma dvd_anti_sym: "[| m dvd n; n dvd m |] ==> m = (n::nat)"
```
```   882   unfolding dvd_def
```
```   883   by (force dest: mult_eq_self_implies_10 simp add: mult_assoc mult_eq_1_iff)
```
```   884
```
```   885 text {* @{term "op dvd"} is a partial order *}
```
```   886
```
```   887 interpretation dvd: order "op dvd" "\<lambda>n m \<Colon> nat. n dvd m \<and> \<not> m dvd n"
```
```   888   proof qed (auto intro: dvd_refl dvd_trans dvd_anti_sym)
```
```   889
```
```   890 lemma dvd_diff_nat[simp]: "[| k dvd m; k dvd n |] ==> k dvd (m-n :: nat)"
```
```   891 unfolding dvd_def
```
```   892 by (blast intro: diff_mult_distrib2 [symmetric])
```
```   893
```
```   894 lemma dvd_diffD: "[| k dvd m-n; k dvd n; n\<le>m |] ==> k dvd (m::nat)"
```
```   895   apply (erule linorder_not_less [THEN iffD2, THEN add_diff_inverse, THEN subst])
```
```   896   apply (blast intro: dvd_add)
```
```   897   done
```
```   898
```
```   899 lemma dvd_diffD1: "[| k dvd m-n; k dvd m; n\<le>m |] ==> k dvd (n::nat)"
```
```   900 by (drule_tac m = m in dvd_diff_nat, auto)
```
```   901
```
```   902 lemma dvd_reduce: "(k dvd n + k) = (k dvd (n::nat))"
```
```   903   apply (rule iffI)
```
```   904    apply (erule_tac [2] dvd_add)
```
```   905    apply (rule_tac [2] dvd_refl)
```
```   906   apply (subgoal_tac "n = (n+k) -k")
```
```   907    prefer 2 apply simp
```
```   908   apply (erule ssubst)
```
```   909   apply (erule dvd_diff_nat)
```
```   910   apply (rule dvd_refl)
```
```   911   done
```
```   912
```
```   913 lemma dvd_mult_cancel: "!!k::nat. [| k*m dvd k*n; 0<k |] ==> m dvd n"
```
```   914   unfolding dvd_def
```
```   915   apply (erule exE)
```
```   916   apply (simp add: mult_ac)
```
```   917   done
```
```   918
```
```   919 lemma dvd_mult_cancel1: "0<m ==> (m*n dvd m) = (n = (1::nat))"
```
```   920   apply auto
```
```   921    apply (subgoal_tac "m*n dvd m*1")
```
```   922    apply (drule dvd_mult_cancel, auto)
```
```   923   done
```
```   924
```
```   925 lemma dvd_mult_cancel2: "0<m ==> (n*m dvd m) = (n = (1::nat))"
```
```   926   apply (subst mult_commute)
```
```   927   apply (erule dvd_mult_cancel1)
```
```   928   done
```
```   929
```
```   930 lemma dvd_imp_le: "[| k dvd n; 0 < n |] ==> k \<le> (n::nat)"
```
```   931   by (auto elim!: dvdE) (auto simp add: gr0_conv_Suc)
```
```   932
```
```   933 lemma dvd_mult_div_cancel: "n dvd m ==> n * (m div n) = (m::nat)"
```
```   934   by (simp add: dvd_eq_mod_eq_0 mult_div_cancel)
```
```   935
```
```   936 lemma power_dvd_imp_le:
```
```   937   "i ^ m dvd i ^ n \<Longrightarrow> (1::nat) < i \<Longrightarrow> m \<le> n"
```
```   938   apply (rule power_le_imp_le_exp, assumption)
```
```   939   apply (erule dvd_imp_le, simp)
```
```   940   done
```
```   941
```
```   942 lemma mod_eq_0_iff: "(m mod d = 0) = (\<exists>q::nat. m = d*q)"
```
```   943 by (auto simp add: dvd_eq_mod_eq_0 [symmetric] dvd_def)
```
```   944
```
```   945 lemmas mod_eq_0D [dest!] = mod_eq_0_iff [THEN iffD1]
```
```   946
```
```   947 (*Loses information, namely we also have r<d provided d is nonzero*)
```
```   948 lemma mod_eqD: "(m mod d = r) ==> \<exists>q::nat. m = r + q*d"
```
```   949   apply (cut_tac a = m in mod_div_equality)
```
```   950   apply (simp only: add_ac)
```
```   951   apply (blast intro: sym)
```
```   952   done
```
```   953
```
```   954 lemma split_div:
```
```   955  "P(n div k :: nat) =
```
```   956  ((k = 0 \<longrightarrow> P 0) \<and> (k \<noteq> 0 \<longrightarrow> (!i. !j<k. n = k*i + j \<longrightarrow> P i)))"
```
```   957  (is "?P = ?Q" is "_ = (_ \<and> (_ \<longrightarrow> ?R))")
```
```   958 proof
```
```   959   assume P: ?P
```
```   960   show ?Q
```
```   961   proof (cases)
```
```   962     assume "k = 0"
```
```   963     with P show ?Q by simp
```
```   964   next
```
```   965     assume not0: "k \<noteq> 0"
```
```   966     thus ?Q
```
```   967     proof (simp, intro allI impI)
```
```   968       fix i j
```
```   969       assume n: "n = k*i + j" and j: "j < k"
```
```   970       show "P i"
```
```   971       proof (cases)
```
```   972         assume "i = 0"
```
```   973         with n j P show "P i" by simp
```
```   974       next
```
```   975         assume "i \<noteq> 0"
```
```   976         with not0 n j P show "P i" by(simp add:add_ac)
```
```   977       qed
```
```   978     qed
```
```   979   qed
```
```   980 next
```
```   981   assume Q: ?Q
```
```   982   show ?P
```
```   983   proof (cases)
```
```   984     assume "k = 0"
```
```   985     with Q show ?P by simp
```
```   986   next
```
```   987     assume not0: "k \<noteq> 0"
```
```   988     with Q have R: ?R by simp
```
```   989     from not0 R[THEN spec,of "n div k",THEN spec, of "n mod k"]
```
```   990     show ?P by simp
```
```   991   qed
```
```   992 qed
```
```   993
```
```   994 lemma split_div_lemma:
```
```   995   assumes "0 < n"
```
```   996   shows "n * q \<le> m \<and> m < n * Suc q \<longleftrightarrow> q = ((m\<Colon>nat) div n)" (is "?lhs \<longleftrightarrow> ?rhs")
```
```   997 proof
```
```   998   assume ?rhs
```
```   999   with mult_div_cancel have nq: "n * q = m - (m mod n)" by simp
```
```  1000   then have A: "n * q \<le> m" by simp
```
```  1001   have "n - (m mod n) > 0" using mod_less_divisor assms by auto
```
```  1002   then have "m < m + (n - (m mod n))" by simp
```
```  1003   then have "m < n + (m - (m mod n))" by simp
```
```  1004   with nq have "m < n + n * q" by simp
```
```  1005   then have B: "m < n * Suc q" by simp
```
```  1006   from A B show ?lhs ..
```
```  1007 next
```
```  1008   assume P: ?lhs
```
```  1009   then have "divmod_rel m n (q, m - n * q)"
```
```  1010     unfolding divmod_rel_def by (auto simp add: mult_ac)
```
```  1011   with divmod_rel_unique divmod_rel [of m n]
```
```  1012   have "(q, m - n * q) = (m div n, m mod n)" by auto
```
```  1013   then show ?rhs by simp
```
```  1014 qed
```
```  1015
```
```  1016 theorem split_div':
```
```  1017   "P ((m::nat) div n) = ((n = 0 \<and> P 0) \<or>
```
```  1018    (\<exists>q. (n * q \<le> m \<and> m < n * (Suc q)) \<and> P q))"
```
```  1019   apply (case_tac "0 < n")
```
```  1020   apply (simp only: add: split_div_lemma)
```
```  1021   apply simp_all
```
```  1022   done
```
```  1023
```
```  1024 lemma split_mod:
```
```  1025  "P(n mod k :: nat) =
```
```  1026  ((k = 0 \<longrightarrow> P n) \<and> (k \<noteq> 0 \<longrightarrow> (!i. !j<k. n = k*i + j \<longrightarrow> P j)))"
```
```  1027  (is "?P = ?Q" is "_ = (_ \<and> (_ \<longrightarrow> ?R))")
```
```  1028 proof
```
```  1029   assume P: ?P
```
```  1030   show ?Q
```
```  1031   proof (cases)
```
```  1032     assume "k = 0"
```
```  1033     with P show ?Q by simp
```
```  1034   next
```
```  1035     assume not0: "k \<noteq> 0"
```
```  1036     thus ?Q
```
```  1037     proof (simp, intro allI impI)
```
```  1038       fix i j
```
```  1039       assume "n = k*i + j" "j < k"
```
```  1040       thus "P j" using not0 P by(simp add:add_ac mult_ac)
```
```  1041     qed
```
```  1042   qed
```
```  1043 next
```
```  1044   assume Q: ?Q
```
```  1045   show ?P
```
```  1046   proof (cases)
```
```  1047     assume "k = 0"
```
```  1048     with Q show ?P by simp
```
```  1049   next
```
```  1050     assume not0: "k \<noteq> 0"
```
```  1051     with Q have R: ?R by simp
```
```  1052     from not0 R[THEN spec,of "n div k",THEN spec, of "n mod k"]
```
```  1053     show ?P by simp
```
```  1054   qed
```
```  1055 qed
```
```  1056
```
```  1057 theorem mod_div_equality': "(m::nat) mod n = m - (m div n) * n"
```
```  1058   apply (rule_tac P="%x. m mod n = x - (m div n) * n" in
```
```  1059     subst [OF mod_div_equality [of _ n]])
```
```  1060   apply arith
```
```  1061   done
```
```  1062
```
```  1063 lemma div_mod_equality':
```
```  1064   fixes m n :: nat
```
```  1065   shows "m div n * n = m - m mod n"
```
```  1066 proof -
```
```  1067   have "m mod n \<le> m mod n" ..
```
```  1068   from div_mod_equality have
```
```  1069     "m div n * n + m mod n - m mod n = m - m mod n" by simp
```
```  1070   with diff_add_assoc [OF `m mod n \<le> m mod n`, of "m div n * n"] have
```
```  1071     "m div n * n + (m mod n - m mod n) = m - m mod n"
```
```  1072     by simp
```
```  1073   then show ?thesis by simp
```
```  1074 qed
```
```  1075
```
```  1076
```
```  1077 subsubsection {*An ``induction'' law for modulus arithmetic.*}
```
```  1078
```
```  1079 lemma mod_induct_0:
```
```  1080   assumes step: "\<forall>i<p. P i \<longrightarrow> P ((Suc i) mod p)"
```
```  1081   and base: "P i" and i: "i<p"
```
```  1082   shows "P 0"
```
```  1083 proof (rule ccontr)
```
```  1084   assume contra: "\<not>(P 0)"
```
```  1085   from i have p: "0<p" by simp
```
```  1086   have "\<forall>k. 0<k \<longrightarrow> \<not> P (p-k)" (is "\<forall>k. ?A k")
```
```  1087   proof
```
```  1088     fix k
```
```  1089     show "?A k"
```
```  1090     proof (induct k)
```
```  1091       show "?A 0" by simp  -- "by contradiction"
```
```  1092     next
```
```  1093       fix n
```
```  1094       assume ih: "?A n"
```
```  1095       show "?A (Suc n)"
```
```  1096       proof (clarsimp)
```
```  1097         assume y: "P (p - Suc n)"
```
```  1098         have n: "Suc n < p"
```
```  1099         proof (rule ccontr)
```
```  1100           assume "\<not>(Suc n < p)"
```
```  1101           hence "p - Suc n = 0"
```
```  1102             by simp
```
```  1103           with y contra show "False"
```
```  1104             by simp
```
```  1105         qed
```
```  1106         hence n2: "Suc (p - Suc n) = p-n" by arith
```
```  1107         from p have "p - Suc n < p" by arith
```
```  1108         with y step have z: "P ((Suc (p - Suc n)) mod p)"
```
```  1109           by blast
```
```  1110         show "False"
```
```  1111         proof (cases "n=0")
```
```  1112           case True
```
```  1113           with z n2 contra show ?thesis by simp
```
```  1114         next
```
```  1115           case False
```
```  1116           with p have "p-n < p" by arith
```
```  1117           with z n2 False ih show ?thesis by simp
```
```  1118         qed
```
```  1119       qed
```
```  1120     qed
```
```  1121   qed
```
```  1122   moreover
```
```  1123   from i obtain k where "0<k \<and> i+k=p"
```
```  1124     by (blast dest: less_imp_add_positive)
```
```  1125   hence "0<k \<and> i=p-k" by auto
```
```  1126   moreover
```
```  1127   note base
```
```  1128   ultimately
```
```  1129   show "False" by blast
```
```  1130 qed
```
```  1131
```
```  1132 lemma mod_induct:
```
```  1133   assumes step: "\<forall>i<p. P i \<longrightarrow> P ((Suc i) mod p)"
```
```  1134   and base: "P i" and i: "i<p" and j: "j<p"
```
```  1135   shows "P j"
```
```  1136 proof -
```
```  1137   have "\<forall>j<p. P j"
```
```  1138   proof
```
```  1139     fix j
```
```  1140     show "j<p \<longrightarrow> P j" (is "?A j")
```
```  1141     proof (induct j)
```
```  1142       from step base i show "?A 0"
```
```  1143         by (auto elim: mod_induct_0)
```
```  1144     next
```
```  1145       fix k
```
```  1146       assume ih: "?A k"
```
```  1147       show "?A (Suc k)"
```
```  1148       proof
```
```  1149         assume suc: "Suc k < p"
```
```  1150         hence k: "k<p" by simp
```
```  1151         with ih have "P k" ..
```
```  1152         with step k have "P (Suc k mod p)"
```
```  1153           by blast
```
```  1154         moreover
```
```  1155         from suc have "Suc k mod p = Suc k"
```
```  1156           by simp
```
```  1157         ultimately
```
```  1158         show "P (Suc k)" by simp
```
```  1159       qed
```
```  1160     qed
```
```  1161   qed
```
```  1162   with j show ?thesis by blast
```
```  1163 qed
```
```  1164
```
```  1165 lemma nat_dvd_not_less:
```
```  1166   fixes m n :: nat
```
```  1167   shows "0 < m \<Longrightarrow> m < n \<Longrightarrow> \<not> n dvd m"
```
```  1168 by (auto elim!: dvdE) (auto simp add: gr0_conv_Suc)
```
```  1169
```
```  1170 end
```