src/HOL/Divides.thy
author wenzelm
Sun Nov 20 21:07:10 2011 +0100 (2011-11-20)
changeset 45607 16b4f5774621
parent 45530 0c4853bb77bf
child 46026 83caa4f4bd56
permissions -rw-r--r--
eliminated obsolete "standard";
     1 (*  Title:      HOL/Divides.thy
     2     Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
     3     Copyright   1999  University of Cambridge
     4 *)
     5 
     6 header {* The division operators div and mod *}
     7 
     8 theory Divides
     9 imports Nat_Numeral Nat_Transfer
    10 uses "~~/src/Provers/Arith/cancel_div_mod.ML"
    11 begin
    12 
    13 subsection {* Syntactic division operations *}
    14 
    15 class div = dvd +
    16   fixes div :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "div" 70)
    17     and mod :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "mod" 70)
    18 
    19 
    20 subsection {* Abstract division in commutative semirings. *}
    21 
    22 class semiring_div = comm_semiring_1_cancel + no_zero_divisors + div +
    23   assumes mod_div_equality: "a div b * b + a mod b = a"
    24     and div_by_0 [simp]: "a div 0 = 0"
    25     and div_0 [simp]: "0 div a = 0"
    26     and div_mult_self1 [simp]: "b \<noteq> 0 \<Longrightarrow> (a + c * b) div b = c + a div b"
    27     and div_mult_mult1 [simp]: "c \<noteq> 0 \<Longrightarrow> (c * a) div (c * b) = a div b"
    28 begin
    29 
    30 text {* @{const div} and @{const mod} *}
    31 
    32 lemma mod_div_equality2: "b * (a div b) + a mod b = a"
    33   unfolding mult_commute [of b]
    34   by (rule mod_div_equality)
    35 
    36 lemma mod_div_equality': "a mod b + a div b * b = a"
    37   using mod_div_equality [of a b]
    38   by (simp only: add_ac)
    39 
    40 lemma div_mod_equality: "((a div b) * b + a mod b) + c = a + c"
    41   by (simp add: mod_div_equality)
    42 
    43 lemma div_mod_equality2: "(b * (a div b) + a mod b) + c = a + c"
    44   by (simp add: mod_div_equality2)
    45 
    46 lemma mod_by_0 [simp]: "a mod 0 = a"
    47   using mod_div_equality [of a zero] by simp
    48 
    49 lemma mod_0 [simp]: "0 mod a = 0"
    50   using mod_div_equality [of zero a] div_0 by simp
    51 
    52 lemma div_mult_self2 [simp]:
    53   assumes "b \<noteq> 0"
    54   shows "(a + b * c) div b = c + a div b"
    55   using assms div_mult_self1 [of b a c] by (simp add: mult_commute)
    56 
    57 lemma mod_mult_self1 [simp]: "(a + c * b) mod b = a mod b"
    58 proof (cases "b = 0")
    59   case True then show ?thesis by simp
    60 next
    61   case False
    62   have "a + c * b = (a + c * b) div b * b + (a + c * b) mod b"
    63     by (simp add: mod_div_equality)
    64   also from False div_mult_self1 [of b a c] have
    65     "\<dots> = (c + a div b) * b + (a + c * b) mod b"
    66       by (simp add: algebra_simps)
    67   finally have "a = a div b * b + (a + c * b) mod b"
    68     by (simp add: add_commute [of a] add_assoc left_distrib)
    69   then have "a div b * b + (a + c * b) mod b = a div b * b + a mod b"
    70     by (simp add: mod_div_equality)
    71   then show ?thesis by simp
    72 qed
    73 
    74 lemma mod_mult_self2 [simp]: "(a + b * c) mod b = a mod b"
    75   by (simp add: mult_commute [of b])
    76 
    77 lemma div_mult_self1_is_id [simp]: "b \<noteq> 0 \<Longrightarrow> b * a div b = a"
    78   using div_mult_self2 [of b 0 a] by simp
    79 
    80 lemma div_mult_self2_is_id [simp]: "b \<noteq> 0 \<Longrightarrow> a * b div b = a"
    81   using div_mult_self1 [of b 0 a] by simp
    82 
    83 lemma mod_mult_self1_is_0 [simp]: "b * a mod b = 0"
    84   using mod_mult_self2 [of 0 b a] by simp
    85 
    86 lemma mod_mult_self2_is_0 [simp]: "a * b mod b = 0"
    87   using mod_mult_self1 [of 0 a b] by simp
    88 
    89 lemma div_by_1 [simp]: "a div 1 = a"
    90   using div_mult_self2_is_id [of 1 a] zero_neq_one by simp
    91 
    92 lemma mod_by_1 [simp]: "a mod 1 = 0"
    93 proof -
    94   from mod_div_equality [of a one] div_by_1 have "a + a mod 1 = a" by simp
    95   then have "a + a mod 1 = a + 0" by simp
    96   then show ?thesis by (rule add_left_imp_eq)
    97 qed
    98 
    99 lemma mod_self [simp]: "a mod a = 0"
   100   using mod_mult_self2_is_0 [of 1] by simp
   101 
   102 lemma div_self [simp]: "a \<noteq> 0 \<Longrightarrow> a div a = 1"
   103   using div_mult_self2_is_id [of _ 1] by simp
   104 
   105 lemma div_add_self1 [simp]:
   106   assumes "b \<noteq> 0"
   107   shows "(b + a) div b = a div b + 1"
   108   using assms div_mult_self1 [of b a 1] by (simp add: add_commute)
   109 
   110 lemma div_add_self2 [simp]:
   111   assumes "b \<noteq> 0"
   112   shows "(a + b) div b = a div b + 1"
   113   using assms div_add_self1 [of b a] by (simp add: add_commute)
   114 
   115 lemma mod_add_self1 [simp]:
   116   "(b + a) mod b = a mod b"
   117   using mod_mult_self1 [of a 1 b] by (simp add: add_commute)
   118 
   119 lemma mod_add_self2 [simp]:
   120   "(a + b) mod b = a mod b"
   121   using mod_mult_self1 [of a 1 b] by simp
   122 
   123 lemma mod_div_decomp:
   124   fixes a b
   125   obtains q r where "q = a div b" and "r = a mod b"
   126     and "a = q * b + r"
   127 proof -
   128   from mod_div_equality have "a = a div b * b + a mod b" by simp
   129   moreover have "a div b = a div b" ..
   130   moreover have "a mod b = a mod b" ..
   131   note that ultimately show thesis by blast
   132 qed
   133 
   134 lemma dvd_eq_mod_eq_0 [code]: "a dvd b \<longleftrightarrow> b mod a = 0"
   135 proof
   136   assume "b mod a = 0"
   137   with mod_div_equality [of b a] have "b div a * a = b" by simp
   138   then have "b = a * (b div a)" unfolding mult_commute ..
   139   then have "\<exists>c. b = a * c" ..
   140   then show "a dvd b" unfolding dvd_def .
   141 next
   142   assume "a dvd b"
   143   then have "\<exists>c. b = a * c" unfolding dvd_def .
   144   then obtain c where "b = a * c" ..
   145   then have "b mod a = a * c mod a" by simp
   146   then have "b mod a = c * a mod a" by (simp add: mult_commute)
   147   then show "b mod a = 0" by simp
   148 qed
   149 
   150 lemma mod_div_trivial [simp]: "a mod b div b = 0"
   151 proof (cases "b = 0")
   152   assume "b = 0"
   153   thus ?thesis by simp
   154 next
   155   assume "b \<noteq> 0"
   156   hence "a div b + a mod b div b = (a mod b + a div b * b) div b"
   157     by (rule div_mult_self1 [symmetric])
   158   also have "\<dots> = a div b"
   159     by (simp only: mod_div_equality')
   160   also have "\<dots> = a div b + 0"
   161     by simp
   162   finally show ?thesis
   163     by (rule add_left_imp_eq)
   164 qed
   165 
   166 lemma mod_mod_trivial [simp]: "a mod b mod b = a mod b"
   167 proof -
   168   have "a mod b mod b = (a mod b + a div b * b) mod b"
   169     by (simp only: mod_mult_self1)
   170   also have "\<dots> = a mod b"
   171     by (simp only: mod_div_equality')
   172   finally show ?thesis .
   173 qed
   174 
   175 lemma dvd_imp_mod_0: "a dvd b \<Longrightarrow> b mod a = 0"
   176 by (rule dvd_eq_mod_eq_0[THEN iffD1])
   177 
   178 lemma dvd_div_mult_self: "a dvd b \<Longrightarrow> (b div a) * a = b"
   179 by (subst (2) mod_div_equality [of b a, symmetric]) (simp add:dvd_imp_mod_0)
   180 
   181 lemma dvd_mult_div_cancel: "a dvd b \<Longrightarrow> a * (b div a) = b"
   182 by (drule dvd_div_mult_self) (simp add: mult_commute)
   183 
   184 lemma dvd_div_mult: "a dvd b \<Longrightarrow> (b div a) * c = b * c div a"
   185 apply (cases "a = 0")
   186  apply simp
   187 apply (auto simp: dvd_def mult_assoc)
   188 done
   189 
   190 lemma div_dvd_div[simp]:
   191   "a dvd b \<Longrightarrow> a dvd c \<Longrightarrow> (b div a dvd c div a) = (b dvd c)"
   192 apply (cases "a = 0")
   193  apply simp
   194 apply (unfold dvd_def)
   195 apply auto
   196  apply(blast intro:mult_assoc[symmetric])
   197 apply(fastforce simp add: mult_assoc)
   198 done
   199 
   200 lemma dvd_mod_imp_dvd: "[| k dvd m mod n;  k dvd n |] ==> k dvd m"
   201   apply (subgoal_tac "k dvd (m div n) *n + m mod n")
   202    apply (simp add: mod_div_equality)
   203   apply (simp only: dvd_add dvd_mult)
   204   done
   205 
   206 text {* Addition respects modular equivalence. *}
   207 
   208 lemma mod_add_left_eq: "(a + b) mod c = (a mod c + b) mod c"
   209 proof -
   210   have "(a + b) mod c = (a div c * c + a mod c + b) mod c"
   211     by (simp only: mod_div_equality)
   212   also have "\<dots> = (a mod c + b + a div c * c) mod c"
   213     by (simp only: add_ac)
   214   also have "\<dots> = (a mod c + b) mod c"
   215     by (rule mod_mult_self1)
   216   finally show ?thesis .
   217 qed
   218 
   219 lemma mod_add_right_eq: "(a + b) mod c = (a + b mod c) mod c"
   220 proof -
   221   have "(a + b) mod c = (a + (b div c * c + b mod c)) mod c"
   222     by (simp only: mod_div_equality)
   223   also have "\<dots> = (a + b mod c + b div c * c) mod c"
   224     by (simp only: add_ac)
   225   also have "\<dots> = (a + b mod c) mod c"
   226     by (rule mod_mult_self1)
   227   finally show ?thesis .
   228 qed
   229 
   230 lemma mod_add_eq: "(a + b) mod c = (a mod c + b mod c) mod c"
   231 by (rule trans [OF mod_add_left_eq mod_add_right_eq])
   232 
   233 lemma mod_add_cong:
   234   assumes "a mod c = a' mod c"
   235   assumes "b mod c = b' mod c"
   236   shows "(a + b) mod c = (a' + b') mod c"
   237 proof -
   238   have "(a mod c + b mod c) mod c = (a' mod c + b' mod c) mod c"
   239     unfolding assms ..
   240   thus ?thesis
   241     by (simp only: mod_add_eq [symmetric])
   242 qed
   243 
   244 lemma div_add [simp]: "z dvd x \<Longrightarrow> z dvd y
   245   \<Longrightarrow> (x + y) div z = x div z + y div z"
   246 by (cases "z = 0", simp, unfold dvd_def, auto simp add: algebra_simps)
   247 
   248 text {* Multiplication respects modular equivalence. *}
   249 
   250 lemma mod_mult_left_eq: "(a * b) mod c = ((a mod c) * b) mod c"
   251 proof -
   252   have "(a * b) mod c = ((a div c * c + a mod c) * b) mod c"
   253     by (simp only: mod_div_equality)
   254   also have "\<dots> = (a mod c * b + a div c * b * c) mod c"
   255     by (simp only: algebra_simps)
   256   also have "\<dots> = (a mod c * b) mod c"
   257     by (rule mod_mult_self1)
   258   finally show ?thesis .
   259 qed
   260 
   261 lemma mod_mult_right_eq: "(a * b) mod c = (a * (b mod c)) mod c"
   262 proof -
   263   have "(a * b) mod c = (a * (b div c * c + b mod c)) mod c"
   264     by (simp only: mod_div_equality)
   265   also have "\<dots> = (a * (b mod c) + a * (b div c) * c) mod c"
   266     by (simp only: algebra_simps)
   267   also have "\<dots> = (a * (b mod c)) mod c"
   268     by (rule mod_mult_self1)
   269   finally show ?thesis .
   270 qed
   271 
   272 lemma mod_mult_eq: "(a * b) mod c = ((a mod c) * (b mod c)) mod c"
   273 by (rule trans [OF mod_mult_left_eq mod_mult_right_eq])
   274 
   275 lemma mod_mult_cong:
   276   assumes "a mod c = a' mod c"
   277   assumes "b mod c = b' mod c"
   278   shows "(a * b) mod c = (a' * b') mod c"
   279 proof -
   280   have "(a mod c * (b mod c)) mod c = (a' mod c * (b' mod c)) mod c"
   281     unfolding assms ..
   282   thus ?thesis
   283     by (simp only: mod_mult_eq [symmetric])
   284 qed
   285 
   286 lemma mod_mod_cancel:
   287   assumes "c dvd b"
   288   shows "a mod b mod c = a mod c"
   289 proof -
   290   from `c dvd b` obtain k where "b = c * k"
   291     by (rule dvdE)
   292   have "a mod b mod c = a mod (c * k) mod c"
   293     by (simp only: `b = c * k`)
   294   also have "\<dots> = (a mod (c * k) + a div (c * k) * k * c) mod c"
   295     by (simp only: mod_mult_self1)
   296   also have "\<dots> = (a div (c * k) * (c * k) + a mod (c * k)) mod c"
   297     by (simp only: add_ac mult_ac)
   298   also have "\<dots> = a mod c"
   299     by (simp only: mod_div_equality)
   300   finally show ?thesis .
   301 qed
   302 
   303 lemma div_mult_div_if_dvd:
   304   "y dvd x \<Longrightarrow> z dvd w \<Longrightarrow> (x div y) * (w div z) = (x * w) div (y * z)"
   305   apply (cases "y = 0", simp)
   306   apply (cases "z = 0", simp)
   307   apply (auto elim!: dvdE simp add: algebra_simps)
   308   apply (subst mult_assoc [symmetric])
   309   apply (simp add: no_zero_divisors)
   310   done
   311 
   312 lemma div_mult_swap:
   313   assumes "c dvd b"
   314   shows "a * (b div c) = (a * b) div c"
   315 proof -
   316   from assms have "b div c * (a div 1) = b * a div (c * 1)"
   317     by (simp only: div_mult_div_if_dvd one_dvd)
   318   then show ?thesis by (simp add: mult_commute)
   319 qed
   320    
   321 lemma div_mult_mult2 [simp]:
   322   "c \<noteq> 0 \<Longrightarrow> (a * c) div (b * c) = a div b"
   323   by (drule div_mult_mult1) (simp add: mult_commute)
   324 
   325 lemma div_mult_mult1_if [simp]:
   326   "(c * a) div (c * b) = (if c = 0 then 0 else a div b)"
   327   by simp_all
   328 
   329 lemma mod_mult_mult1:
   330   "(c * a) mod (c * b) = c * (a mod b)"
   331 proof (cases "c = 0")
   332   case True then show ?thesis by simp
   333 next
   334   case False
   335   from mod_div_equality
   336   have "((c * a) div (c * b)) * (c * b) + (c * a) mod (c * b) = c * a" .
   337   with False have "c * ((a div b) * b + a mod b) + (c * a) mod (c * b)
   338     = c * a + c * (a mod b)" by (simp add: algebra_simps)
   339   with mod_div_equality show ?thesis by simp 
   340 qed
   341   
   342 lemma mod_mult_mult2:
   343   "(a * c) mod (b * c) = (a mod b) * c"
   344   using mod_mult_mult1 [of c a b] by (simp add: mult_commute)
   345 
   346 lemma dvd_mod: "k dvd m \<Longrightarrow> k dvd n \<Longrightarrow> k dvd (m mod n)"
   347   unfolding dvd_def by (auto simp add: mod_mult_mult1)
   348 
   349 lemma dvd_mod_iff: "k dvd n \<Longrightarrow> k dvd (m mod n) \<longleftrightarrow> k dvd m"
   350 by (blast intro: dvd_mod_imp_dvd dvd_mod)
   351 
   352 lemma div_power:
   353   "y dvd x \<Longrightarrow> (x div y) ^ n = x ^ n div y ^ n"
   354 apply (induct n)
   355  apply simp
   356 apply(simp add: div_mult_div_if_dvd dvd_power_same)
   357 done
   358 
   359 lemma dvd_div_eq_mult:
   360   assumes "a \<noteq> 0" and "a dvd b"  
   361   shows "b div a = c \<longleftrightarrow> b = c * a"
   362 proof
   363   assume "b = c * a"
   364   then show "b div a = c" by (simp add: assms)
   365 next
   366   assume "b div a = c"
   367   then have "b div a * a = c * a" by simp
   368   moreover from `a dvd b` have "b div a * a = b" by (simp add: dvd_div_mult_self)
   369   ultimately show "b = c * a" by simp
   370 qed
   371    
   372 lemma dvd_div_div_eq_mult:
   373   assumes "a \<noteq> 0" "c \<noteq> 0" and "a dvd b" "c dvd d"
   374   shows "b div a = d div c \<longleftrightarrow> b * c = a * d"
   375   using assms by (auto simp add: mult_commute [of _ a] dvd_div_mult_self dvd_div_eq_mult div_mult_swap intro: sym)
   376 
   377 end
   378 
   379 class ring_div = semiring_div + comm_ring_1
   380 begin
   381 
   382 subclass ring_1_no_zero_divisors ..
   383 
   384 text {* Negation respects modular equivalence. *}
   385 
   386 lemma mod_minus_eq: "(- a) mod b = (- (a mod b)) mod b"
   387 proof -
   388   have "(- a) mod b = (- (a div b * b + a mod b)) mod b"
   389     by (simp only: mod_div_equality)
   390   also have "\<dots> = (- (a mod b) + - (a div b) * b) mod b"
   391     by (simp only: minus_add_distrib minus_mult_left add_ac)
   392   also have "\<dots> = (- (a mod b)) mod b"
   393     by (rule mod_mult_self1)
   394   finally show ?thesis .
   395 qed
   396 
   397 lemma mod_minus_cong:
   398   assumes "a mod b = a' mod b"
   399   shows "(- a) mod b = (- a') mod b"
   400 proof -
   401   have "(- (a mod b)) mod b = (- (a' mod b)) mod b"
   402     unfolding assms ..
   403   thus ?thesis
   404     by (simp only: mod_minus_eq [symmetric])
   405 qed
   406 
   407 text {* Subtraction respects modular equivalence. *}
   408 
   409 lemma mod_diff_left_eq: "(a - b) mod c = (a mod c - b) mod c"
   410   unfolding diff_minus
   411   by (intro mod_add_cong mod_minus_cong) simp_all
   412 
   413 lemma mod_diff_right_eq: "(a - b) mod c = (a - b mod c) mod c"
   414   unfolding diff_minus
   415   by (intro mod_add_cong mod_minus_cong) simp_all
   416 
   417 lemma mod_diff_eq: "(a - b) mod c = (a mod c - b mod c) mod c"
   418   unfolding diff_minus
   419   by (intro mod_add_cong mod_minus_cong) simp_all
   420 
   421 lemma mod_diff_cong:
   422   assumes "a mod c = a' mod c"
   423   assumes "b mod c = b' mod c"
   424   shows "(a - b) mod c = (a' - b') mod c"
   425   unfolding diff_minus using assms
   426   by (intro mod_add_cong mod_minus_cong)
   427 
   428 lemma dvd_neg_div: "y dvd x \<Longrightarrow> -x div y = - (x div y)"
   429 apply (case_tac "y = 0") apply simp
   430 apply (auto simp add: dvd_def)
   431 apply (subgoal_tac "-(y * k) = y * - k")
   432  apply (erule ssubst)
   433  apply (erule div_mult_self1_is_id)
   434 apply simp
   435 done
   436 
   437 lemma dvd_div_neg: "y dvd x \<Longrightarrow> x div -y = - (x div y)"
   438 apply (case_tac "y = 0") apply simp
   439 apply (auto simp add: dvd_def)
   440 apply (subgoal_tac "y * k = -y * -k")
   441  apply (erule ssubst)
   442  apply (rule div_mult_self1_is_id)
   443  apply simp
   444 apply simp
   445 done
   446 
   447 end
   448 
   449 
   450 subsection {* Division on @{typ nat} *}
   451 
   452 text {*
   453   We define @{const div} and @{const mod} on @{typ nat} by means
   454   of a characteristic relation with two input arguments
   455   @{term "m\<Colon>nat"}, @{term "n\<Colon>nat"} and two output arguments
   456   @{term "q\<Colon>nat"}(uotient) and @{term "r\<Colon>nat"}(emainder).
   457 *}
   458 
   459 definition divmod_nat_rel :: "nat \<Rightarrow> nat \<Rightarrow> nat \<times> nat \<Rightarrow> bool" where
   460   "divmod_nat_rel m n qr \<longleftrightarrow>
   461     m = fst qr * n + snd qr \<and>
   462       (if n = 0 then fst qr = 0 else if n > 0 then 0 \<le> snd qr \<and> snd qr < n else n < snd qr \<and> snd qr \<le> 0)"
   463 
   464 text {* @{const divmod_nat_rel} is total: *}
   465 
   466 lemma divmod_nat_rel_ex:
   467   obtains q r where "divmod_nat_rel m n (q, r)"
   468 proof (cases "n = 0")
   469   case True  with that show thesis
   470     by (auto simp add: divmod_nat_rel_def)
   471 next
   472   case False
   473   have "\<exists>q r. m = q * n + r \<and> r < n"
   474   proof (induct m)
   475     case 0 with `n \<noteq> 0`
   476     have "(0\<Colon>nat) = 0 * n + 0 \<and> 0 < n" by simp
   477     then show ?case by blast
   478   next
   479     case (Suc m) then obtain q' r'
   480       where m: "m = q' * n + r'" and n: "r' < n" by auto
   481     then show ?case proof (cases "Suc r' < n")
   482       case True
   483       from m n have "Suc m = q' * n + Suc r'" by simp
   484       with True show ?thesis by blast
   485     next
   486       case False then have "n \<le> Suc r'" by auto
   487       moreover from n have "Suc r' \<le> n" by auto
   488       ultimately have "n = Suc r'" by auto
   489       with m have "Suc m = Suc q' * n + 0" by simp
   490       with `n \<noteq> 0` show ?thesis by blast
   491     qed
   492   qed
   493   with that show thesis
   494     using `n \<noteq> 0` by (auto simp add: divmod_nat_rel_def)
   495 qed
   496 
   497 text {* @{const divmod_nat_rel} is injective: *}
   498 
   499 lemma divmod_nat_rel_unique:
   500   assumes "divmod_nat_rel m n qr"
   501     and "divmod_nat_rel m n qr'"
   502   shows "qr = qr'"
   503 proof (cases "n = 0")
   504   case True with assms show ?thesis
   505     by (cases qr, cases qr')
   506       (simp add: divmod_nat_rel_def)
   507 next
   508   case False
   509   have aux: "\<And>q r q' r'. q' * n + r' = q * n + r \<Longrightarrow> r < n \<Longrightarrow> q' \<le> (q\<Colon>nat)"
   510   apply (rule leI)
   511   apply (subst less_iff_Suc_add)
   512   apply (auto simp add: add_mult_distrib)
   513   done
   514   from `n \<noteq> 0` assms have "fst qr = fst qr'"
   515     by (auto simp add: divmod_nat_rel_def intro: order_antisym dest: aux sym)
   516   moreover from this assms have "snd qr = snd qr'"
   517     by (simp add: divmod_nat_rel_def)
   518   ultimately show ?thesis by (cases qr, cases qr') simp
   519 qed
   520 
   521 text {*
   522   We instantiate divisibility on the natural numbers by
   523   means of @{const divmod_nat_rel}:
   524 *}
   525 
   526 instantiation nat :: semiring_div
   527 begin
   528 
   529 definition divmod_nat :: "nat \<Rightarrow> nat \<Rightarrow> nat \<times> nat" where
   530   "divmod_nat m n = (THE qr. divmod_nat_rel m n qr)"
   531 
   532 lemma divmod_nat_rel_divmod_nat:
   533   "divmod_nat_rel m n (divmod_nat m n)"
   534 proof -
   535   from divmod_nat_rel_ex
   536     obtain qr where rel: "divmod_nat_rel m n qr" .
   537   then show ?thesis
   538   by (auto simp add: divmod_nat_def intro: theI elim: divmod_nat_rel_unique)
   539 qed
   540 
   541 lemma divmod_nat_eq:
   542   assumes "divmod_nat_rel m n qr" 
   543   shows "divmod_nat m n = qr"
   544   using assms by (auto intro: divmod_nat_rel_unique divmod_nat_rel_divmod_nat)
   545 
   546 definition div_nat where
   547   "m div n = fst (divmod_nat m n)"
   548 
   549 definition mod_nat where
   550   "m mod n = snd (divmod_nat m n)"
   551 
   552 lemma divmod_nat_div_mod:
   553   "divmod_nat m n = (m div n, m mod n)"
   554   unfolding div_nat_def mod_nat_def by simp
   555 
   556 lemma div_eq:
   557   assumes "divmod_nat_rel m n (q, r)" 
   558   shows "m div n = q"
   559   using assms by (auto dest: divmod_nat_eq simp add: divmod_nat_div_mod)
   560 
   561 lemma mod_eq:
   562   assumes "divmod_nat_rel m n (q, r)" 
   563   shows "m mod n = r"
   564   using assms by (auto dest: divmod_nat_eq simp add: divmod_nat_div_mod)
   565 
   566 lemma divmod_nat_rel: "divmod_nat_rel m n (m div n, m mod n)"
   567   by (simp add: div_nat_def mod_nat_def divmod_nat_rel_divmod_nat)
   568 
   569 lemma divmod_nat_zero:
   570   "divmod_nat m 0 = (0, m)"
   571 proof -
   572   from divmod_nat_rel [of m 0] show ?thesis
   573     unfolding divmod_nat_div_mod divmod_nat_rel_def by simp
   574 qed
   575 
   576 lemma divmod_nat_base:
   577   assumes "m < n"
   578   shows "divmod_nat m n = (0, m)"
   579 proof -
   580   from divmod_nat_rel [of m n] show ?thesis
   581     unfolding divmod_nat_div_mod divmod_nat_rel_def
   582     using assms by (cases "m div n = 0")
   583       (auto simp add: gr0_conv_Suc [of "m div n"])
   584 qed
   585 
   586 lemma divmod_nat_step:
   587   assumes "0 < n" and "n \<le> m"
   588   shows "divmod_nat m n = (Suc ((m - n) div n), (m - n) mod n)"
   589 proof -
   590   from divmod_nat_rel have divmod_nat_m_n: "divmod_nat_rel m n (m div n, m mod n)" .
   591   with assms have m_div_n: "m div n \<ge> 1"
   592     by (cases "m div n") (auto simp add: divmod_nat_rel_def)
   593   have "divmod_nat_rel (m - n) n (m div n - Suc 0, m mod n)"
   594   proof -
   595     from assms have
   596       "n \<noteq> 0"
   597       "\<And>k. m = Suc k * n + m mod n ==> m - n = (Suc k - Suc 0) * n + m mod n"
   598       by simp_all
   599     then show ?thesis using assms divmod_nat_m_n 
   600       by (cases "m div n")
   601          (simp_all only: divmod_nat_rel_def fst_conv snd_conv, simp_all)
   602   qed
   603   with divmod_nat_eq have "divmod_nat (m - n) n = (m div n - Suc 0, m mod n)" by simp
   604   moreover from divmod_nat_div_mod have "divmod_nat (m - n) n = ((m - n) div n, (m - n) mod n)" .
   605   ultimately have "m div n = Suc ((m - n) div n)"
   606     and "m mod n = (m - n) mod n" using m_div_n by simp_all
   607   then show ?thesis using divmod_nat_div_mod by simp
   608 qed
   609 
   610 text {* The ''recursion'' equations for @{const div} and @{const mod} *}
   611 
   612 lemma div_less [simp]:
   613   fixes m n :: nat
   614   assumes "m < n"
   615   shows "m div n = 0"
   616   using assms divmod_nat_base divmod_nat_div_mod by simp
   617 
   618 lemma le_div_geq:
   619   fixes m n :: nat
   620   assumes "0 < n" and "n \<le> m"
   621   shows "m div n = Suc ((m - n) div n)"
   622   using assms divmod_nat_step divmod_nat_div_mod by simp
   623 
   624 lemma mod_less [simp]:
   625   fixes m n :: nat
   626   assumes "m < n"
   627   shows "m mod n = m"
   628   using assms divmod_nat_base divmod_nat_div_mod by simp
   629 
   630 lemma le_mod_geq:
   631   fixes m n :: nat
   632   assumes "n \<le> m"
   633   shows "m mod n = (m - n) mod n"
   634   using assms divmod_nat_step divmod_nat_div_mod by (cases "n = 0") simp_all
   635 
   636 instance proof -
   637   have [simp]: "\<And>n::nat. n div 0 = 0"
   638     by (simp add: div_nat_def divmod_nat_zero)
   639   have [simp]: "\<And>n::nat. 0 div n = 0"
   640   proof -
   641     fix n :: nat
   642     show "0 div n = 0"
   643       by (cases "n = 0") simp_all
   644   qed
   645   show "OFCLASS(nat, semiring_div_class)" proof
   646     fix m n :: nat
   647     show "m div n * n + m mod n = m"
   648       using divmod_nat_rel [of m n] by (simp add: divmod_nat_rel_def)
   649   next
   650     fix m n q :: nat
   651     assume "n \<noteq> 0"
   652     then show "(q + m * n) div n = m + q div n"
   653       by (induct m) (simp_all add: le_div_geq)
   654   next
   655     fix m n q :: nat
   656     assume "m \<noteq> 0"
   657     then show "(m * n) div (m * q) = n div q"
   658     proof (cases "n \<noteq> 0 \<and> q \<noteq> 0")
   659       case False then show ?thesis by auto
   660     next
   661       case True with `m \<noteq> 0`
   662         have "m > 0" and "n > 0" and "q > 0" by auto
   663       then have "\<And>a b. divmod_nat_rel n q (a, b) \<Longrightarrow> divmod_nat_rel (m * n) (m * q) (a, m * b)"
   664         by (auto simp add: divmod_nat_rel_def) (simp_all add: algebra_simps)
   665       moreover from divmod_nat_rel have "divmod_nat_rel n q (n div q, n mod q)" .
   666       ultimately have "divmod_nat_rel (m * n) (m * q) (n div q, m * (n mod q))" .
   667       then show ?thesis by (simp add: div_eq)
   668     qed
   669   qed simp_all
   670 qed
   671 
   672 end
   673 
   674 lemma divmod_nat_if [code]: "divmod_nat m n = (if n = 0 \<or> m < n then (0, m) else
   675   let (q, r) = divmod_nat (m - n) n in (Suc q, r))"
   676 by (simp add: divmod_nat_zero divmod_nat_base divmod_nat_step)
   677     (simp add: divmod_nat_div_mod)
   678 
   679 text {* Simproc for cancelling @{const div} and @{const mod} *}
   680 
   681 ML {*
   682 structure Cancel_Div_Mod_Nat = Cancel_Div_Mod
   683 (
   684   val div_name = @{const_name div};
   685   val mod_name = @{const_name mod};
   686   val mk_binop = HOLogic.mk_binop;
   687   val mk_sum = Nat_Arith.mk_sum;
   688   val dest_sum = Nat_Arith.dest_sum;
   689 
   690   val div_mod_eqs = map mk_meta_eq [@{thm div_mod_equality}, @{thm div_mod_equality2}];
   691 
   692   val prove_eq_sums = Arith_Data.prove_conv2 all_tac (Arith_Data.simp_all_tac
   693     (@{thm add_0_left} :: @{thm add_0_right} :: @{thms add_ac}))
   694 )
   695 *}
   696 
   697 simproc_setup cancel_div_mod_nat ("(m::nat) + n") = {* K Cancel_Div_Mod_Nat.proc *}
   698 
   699 
   700 subsubsection {* Quotient *}
   701 
   702 lemma div_geq: "0 < n \<Longrightarrow>  \<not> m < n \<Longrightarrow> m div n = Suc ((m - n) div n)"
   703 by (simp add: le_div_geq linorder_not_less)
   704 
   705 lemma div_if: "0 < n \<Longrightarrow> m div n = (if m < n then 0 else Suc ((m - n) div n))"
   706 by (simp add: div_geq)
   707 
   708 lemma div_mult_self_is_m [simp]: "0<n ==> (m*n) div n = (m::nat)"
   709 by simp
   710 
   711 lemma div_mult_self1_is_m [simp]: "0<n ==> (n*m) div n = (m::nat)"
   712 by simp
   713 
   714 
   715 subsubsection {* Remainder *}
   716 
   717 lemma mod_less_divisor [simp]:
   718   fixes m n :: nat
   719   assumes "n > 0"
   720   shows "m mod n < (n::nat)"
   721   using assms divmod_nat_rel [of m n] unfolding divmod_nat_rel_def by auto
   722 
   723 lemma mod_less_eq_dividend [simp]:
   724   fixes m n :: nat
   725   shows "m mod n \<le> m"
   726 proof (rule add_leD2)
   727   from mod_div_equality have "m div n * n + m mod n = m" .
   728   then show "m div n * n + m mod n \<le> m" by auto
   729 qed
   730 
   731 lemma mod_geq: "\<not> m < (n\<Colon>nat) \<Longrightarrow> m mod n = (m - n) mod n"
   732 by (simp add: le_mod_geq linorder_not_less)
   733 
   734 lemma mod_if: "m mod (n\<Colon>nat) = (if m < n then m else (m - n) mod n)"
   735 by (simp add: le_mod_geq)
   736 
   737 lemma mod_1 [simp]: "m mod Suc 0 = 0"
   738 by (induct m) (simp_all add: mod_geq)
   739 
   740 lemma mod_mult_distrib: "(m mod n) * (k\<Colon>nat) = (m * k) mod (n * k)"
   741   apply (cases "n = 0", simp)
   742   apply (cases "k = 0", simp)
   743   apply (induct m rule: nat_less_induct)
   744   apply (subst mod_if, simp)
   745   apply (simp add: mod_geq diff_mult_distrib)
   746   done
   747 
   748 lemma mod_mult_distrib2: "(k::nat) * (m mod n) = (k*m) mod (k*n)"
   749 by (simp add: mult_commute [of k] mod_mult_distrib)
   750 
   751 (* a simple rearrangement of mod_div_equality: *)
   752 lemma mult_div_cancel: "(n::nat) * (m div n) = m - (m mod n)"
   753 by (cut_tac a = m and b = n in mod_div_equality2, arith)
   754 
   755 lemma mod_le_divisor[simp]: "0 < n \<Longrightarrow> m mod n \<le> (n::nat)"
   756   apply (drule mod_less_divisor [where m = m])
   757   apply simp
   758   done
   759 
   760 subsubsection {* Quotient and Remainder *}
   761 
   762 lemma divmod_nat_rel_mult1_eq:
   763   "divmod_nat_rel b c (q, r) \<Longrightarrow> c > 0
   764    \<Longrightarrow> divmod_nat_rel (a * b) c (a * q + a * r div c, a * r mod c)"
   765 by (auto simp add: split_ifs divmod_nat_rel_def algebra_simps)
   766 
   767 lemma div_mult1_eq:
   768   "(a * b) div c = a * (b div c) + a * (b mod c) div (c::nat)"
   769 apply (cases "c = 0", simp)
   770 apply (blast intro: divmod_nat_rel [THEN divmod_nat_rel_mult1_eq, THEN div_eq])
   771 done
   772 
   773 lemma divmod_nat_rel_add1_eq:
   774   "divmod_nat_rel a c (aq, ar) \<Longrightarrow> divmod_nat_rel b c (bq, br) \<Longrightarrow>  c > 0
   775    \<Longrightarrow> divmod_nat_rel (a + b) c (aq + bq + (ar + br) div c, (ar + br) mod c)"
   776 by (auto simp add: split_ifs divmod_nat_rel_def algebra_simps)
   777 
   778 (*NOT suitable for rewriting: the RHS has an instance of the LHS*)
   779 lemma div_add1_eq:
   780   "(a+b) div (c::nat) = a div c + b div c + ((a mod c + b mod c) div c)"
   781 apply (cases "c = 0", simp)
   782 apply (blast intro: divmod_nat_rel_add1_eq [THEN div_eq] divmod_nat_rel)
   783 done
   784 
   785 lemma mod_lemma: "[| (0::nat) < c; r < b |] ==> b * (q mod c) + r < b * c"
   786   apply (cut_tac m = q and n = c in mod_less_divisor)
   787   apply (drule_tac [2] m = "q mod c" in less_imp_Suc_add, auto)
   788   apply (erule_tac P = "%x. ?lhs < ?rhs x" in ssubst)
   789   apply (simp add: add_mult_distrib2)
   790   done
   791 
   792 lemma divmod_nat_rel_mult2_eq:
   793   "divmod_nat_rel a b (q, r) \<Longrightarrow> 0 < b \<Longrightarrow> 0 < c
   794    \<Longrightarrow> divmod_nat_rel a (b * c) (q div c, b *(q mod c) + r)"
   795 by (auto simp add: mult_ac divmod_nat_rel_def add_mult_distrib2 [symmetric] mod_lemma)
   796 
   797 lemma div_mult2_eq: "a div (b*c) = (a div b) div (c::nat)"
   798   apply (cases "b = 0", simp)
   799   apply (cases "c = 0", simp)
   800   apply (force simp add: divmod_nat_rel [THEN divmod_nat_rel_mult2_eq, THEN div_eq])
   801   done
   802 
   803 lemma mod_mult2_eq: "a mod (b*c) = b*(a div b mod c) + a mod (b::nat)"
   804   apply (cases "b = 0", simp)
   805   apply (cases "c = 0", simp)
   806   apply (auto simp add: mult_commute divmod_nat_rel [THEN divmod_nat_rel_mult2_eq, THEN mod_eq])
   807   done
   808 
   809 
   810 subsubsection{*Further Facts about Quotient and Remainder*}
   811 
   812 lemma div_1 [simp]: "m div Suc 0 = m"
   813 by (induct m) (simp_all add: div_geq)
   814 
   815 
   816 (* Monotonicity of div in first argument *)
   817 lemma div_le_mono [rule_format (no_asm)]:
   818     "\<forall>m::nat. m \<le> n --> (m div k) \<le> (n div k)"
   819 apply (case_tac "k=0", simp)
   820 apply (induct "n" rule: nat_less_induct, clarify)
   821 apply (case_tac "n<k")
   822 (* 1  case n<k *)
   823 apply simp
   824 (* 2  case n >= k *)
   825 apply (case_tac "m<k")
   826 (* 2.1  case m<k *)
   827 apply simp
   828 (* 2.2  case m>=k *)
   829 apply (simp add: div_geq diff_le_mono)
   830 done
   831 
   832 (* Antimonotonicity of div in second argument *)
   833 lemma div_le_mono2: "!!m::nat. [| 0<m; m\<le>n |] ==> (k div n) \<le> (k div m)"
   834 apply (subgoal_tac "0<n")
   835  prefer 2 apply simp
   836 apply (induct_tac k rule: nat_less_induct)
   837 apply (rename_tac "k")
   838 apply (case_tac "k<n", simp)
   839 apply (subgoal_tac "~ (k<m) ")
   840  prefer 2 apply simp
   841 apply (simp add: div_geq)
   842 apply (subgoal_tac "(k-n) div n \<le> (k-m) div n")
   843  prefer 2
   844  apply (blast intro: div_le_mono diff_le_mono2)
   845 apply (rule le_trans, simp)
   846 apply (simp)
   847 done
   848 
   849 lemma div_le_dividend [simp]: "m div n \<le> (m::nat)"
   850 apply (case_tac "n=0", simp)
   851 apply (subgoal_tac "m div n \<le> m div 1", simp)
   852 apply (rule div_le_mono2)
   853 apply (simp_all (no_asm_simp))
   854 done
   855 
   856 (* Similar for "less than" *)
   857 lemma div_less_dividend [rule_format]:
   858      "!!n::nat. 1<n ==> 0 < m --> m div n < m"
   859 apply (induct_tac m rule: nat_less_induct)
   860 apply (rename_tac "m")
   861 apply (case_tac "m<n", simp)
   862 apply (subgoal_tac "0<n")
   863  prefer 2 apply simp
   864 apply (simp add: div_geq)
   865 apply (case_tac "n<m")
   866  apply (subgoal_tac "(m-n) div n < (m-n) ")
   867   apply (rule impI less_trans_Suc)+
   868 apply assumption
   869   apply (simp_all)
   870 done
   871 
   872 declare div_less_dividend [simp]
   873 
   874 text{*A fact for the mutilated chess board*}
   875 lemma mod_Suc: "Suc(m) mod n = (if Suc(m mod n) = n then 0 else Suc(m mod n))"
   876 apply (case_tac "n=0", simp)
   877 apply (induct "m" rule: nat_less_induct)
   878 apply (case_tac "Suc (na) <n")
   879 (* case Suc(na) < n *)
   880 apply (frule lessI [THEN less_trans], simp add: less_not_refl3)
   881 (* case n \<le> Suc(na) *)
   882 apply (simp add: linorder_not_less le_Suc_eq mod_geq)
   883 apply (auto simp add: Suc_diff_le le_mod_geq)
   884 done
   885 
   886 lemma mod_eq_0_iff: "(m mod d = 0) = (\<exists>q::nat. m = d*q)"
   887 by (auto simp add: dvd_eq_mod_eq_0 [symmetric] dvd_def)
   888 
   889 lemmas mod_eq_0D [dest!] = mod_eq_0_iff [THEN iffD1]
   890 
   891 (*Loses information, namely we also have r<d provided d is nonzero*)
   892 lemma mod_eqD: "(m mod d = r) ==> \<exists>q::nat. m = r + q*d"
   893   apply (cut_tac a = m in mod_div_equality)
   894   apply (simp only: add_ac)
   895   apply (blast intro: sym)
   896   done
   897 
   898 lemma split_div:
   899  "P(n div k :: nat) =
   900  ((k = 0 \<longrightarrow> P 0) \<and> (k \<noteq> 0 \<longrightarrow> (!i. !j<k. n = k*i + j \<longrightarrow> P i)))"
   901  (is "?P = ?Q" is "_ = (_ \<and> (_ \<longrightarrow> ?R))")
   902 proof
   903   assume P: ?P
   904   show ?Q
   905   proof (cases)
   906     assume "k = 0"
   907     with P show ?Q by simp
   908   next
   909     assume not0: "k \<noteq> 0"
   910     thus ?Q
   911     proof (simp, intro allI impI)
   912       fix i j
   913       assume n: "n = k*i + j" and j: "j < k"
   914       show "P i"
   915       proof (cases)
   916         assume "i = 0"
   917         with n j P show "P i" by simp
   918       next
   919         assume "i \<noteq> 0"
   920         with not0 n j P show "P i" by(simp add:add_ac)
   921       qed
   922     qed
   923   qed
   924 next
   925   assume Q: ?Q
   926   show ?P
   927   proof (cases)
   928     assume "k = 0"
   929     with Q show ?P by simp
   930   next
   931     assume not0: "k \<noteq> 0"
   932     with Q have R: ?R by simp
   933     from not0 R[THEN spec,of "n div k",THEN spec, of "n mod k"]
   934     show ?P by simp
   935   qed
   936 qed
   937 
   938 lemma split_div_lemma:
   939   assumes "0 < n"
   940   shows "n * q \<le> m \<and> m < n * Suc q \<longleftrightarrow> q = ((m\<Colon>nat) div n)" (is "?lhs \<longleftrightarrow> ?rhs")
   941 proof
   942   assume ?rhs
   943   with mult_div_cancel have nq: "n * q = m - (m mod n)" by simp
   944   then have A: "n * q \<le> m" by simp
   945   have "n - (m mod n) > 0" using mod_less_divisor assms by auto
   946   then have "m < m + (n - (m mod n))" by simp
   947   then have "m < n + (m - (m mod n))" by simp
   948   with nq have "m < n + n * q" by simp
   949   then have B: "m < n * Suc q" by simp
   950   from A B show ?lhs ..
   951 next
   952   assume P: ?lhs
   953   then have "divmod_nat_rel m n (q, m - n * q)"
   954     unfolding divmod_nat_rel_def by (auto simp add: mult_ac)
   955   with divmod_nat_rel_unique divmod_nat_rel [of m n]
   956   have "(q, m - n * q) = (m div n, m mod n)" by auto
   957   then show ?rhs by simp
   958 qed
   959 
   960 theorem split_div':
   961   "P ((m::nat) div n) = ((n = 0 \<and> P 0) \<or>
   962    (\<exists>q. (n * q \<le> m \<and> m < n * (Suc q)) \<and> P q))"
   963   apply (case_tac "0 < n")
   964   apply (simp only: add: split_div_lemma)
   965   apply simp_all
   966   done
   967 
   968 lemma split_mod:
   969  "P(n mod k :: nat) =
   970  ((k = 0 \<longrightarrow> P n) \<and> (k \<noteq> 0 \<longrightarrow> (!i. !j<k. n = k*i + j \<longrightarrow> P j)))"
   971  (is "?P = ?Q" is "_ = (_ \<and> (_ \<longrightarrow> ?R))")
   972 proof
   973   assume P: ?P
   974   show ?Q
   975   proof (cases)
   976     assume "k = 0"
   977     with P show ?Q by simp
   978   next
   979     assume not0: "k \<noteq> 0"
   980     thus ?Q
   981     proof (simp, intro allI impI)
   982       fix i j
   983       assume "n = k*i + j" "j < k"
   984       thus "P j" using not0 P by(simp add:add_ac mult_ac)
   985     qed
   986   qed
   987 next
   988   assume Q: ?Q
   989   show ?P
   990   proof (cases)
   991     assume "k = 0"
   992     with Q show ?P by simp
   993   next
   994     assume not0: "k \<noteq> 0"
   995     with Q have R: ?R by simp
   996     from not0 R[THEN spec,of "n div k",THEN spec, of "n mod k"]
   997     show ?P by simp
   998   qed
   999 qed
  1000 
  1001 theorem mod_div_equality': "(m::nat) mod n = m - (m div n) * n"
  1002   apply (rule_tac P="%x. m mod n = x - (m div n) * n" in
  1003     subst [OF mod_div_equality [of _ n]])
  1004   apply arith
  1005   done
  1006 
  1007 lemma div_mod_equality':
  1008   fixes m n :: nat
  1009   shows "m div n * n = m - m mod n"
  1010 proof -
  1011   have "m mod n \<le> m mod n" ..
  1012   from div_mod_equality have 
  1013     "m div n * n + m mod n - m mod n = m - m mod n" by simp
  1014   with diff_add_assoc [OF `m mod n \<le> m mod n`, of "m div n * n"] have
  1015     "m div n * n + (m mod n - m mod n) = m - m mod n"
  1016     by simp
  1017   then show ?thesis by simp
  1018 qed
  1019 
  1020 
  1021 subsubsection {*An ``induction'' law for modulus arithmetic.*}
  1022 
  1023 lemma mod_induct_0:
  1024   assumes step: "\<forall>i<p. P i \<longrightarrow> P ((Suc i) mod p)"
  1025   and base: "P i" and i: "i<p"
  1026   shows "P 0"
  1027 proof (rule ccontr)
  1028   assume contra: "\<not>(P 0)"
  1029   from i have p: "0<p" by simp
  1030   have "\<forall>k. 0<k \<longrightarrow> \<not> P (p-k)" (is "\<forall>k. ?A k")
  1031   proof
  1032     fix k
  1033     show "?A k"
  1034     proof (induct k)
  1035       show "?A 0" by simp  -- "by contradiction"
  1036     next
  1037       fix n
  1038       assume ih: "?A n"
  1039       show "?A (Suc n)"
  1040       proof (clarsimp)
  1041         assume y: "P (p - Suc n)"
  1042         have n: "Suc n < p"
  1043         proof (rule ccontr)
  1044           assume "\<not>(Suc n < p)"
  1045           hence "p - Suc n = 0"
  1046             by simp
  1047           with y contra show "False"
  1048             by simp
  1049         qed
  1050         hence n2: "Suc (p - Suc n) = p-n" by arith
  1051         from p have "p - Suc n < p" by arith
  1052         with y step have z: "P ((Suc (p - Suc n)) mod p)"
  1053           by blast
  1054         show "False"
  1055         proof (cases "n=0")
  1056           case True
  1057           with z n2 contra show ?thesis by simp
  1058         next
  1059           case False
  1060           with p have "p-n < p" by arith
  1061           with z n2 False ih show ?thesis by simp
  1062         qed
  1063       qed
  1064     qed
  1065   qed
  1066   moreover
  1067   from i obtain k where "0<k \<and> i+k=p"
  1068     by (blast dest: less_imp_add_positive)
  1069   hence "0<k \<and> i=p-k" by auto
  1070   moreover
  1071   note base
  1072   ultimately
  1073   show "False" by blast
  1074 qed
  1075 
  1076 lemma mod_induct:
  1077   assumes step: "\<forall>i<p. P i \<longrightarrow> P ((Suc i) mod p)"
  1078   and base: "P i" and i: "i<p" and j: "j<p"
  1079   shows "P j"
  1080 proof -
  1081   have "\<forall>j<p. P j"
  1082   proof
  1083     fix j
  1084     show "j<p \<longrightarrow> P j" (is "?A j")
  1085     proof (induct j)
  1086       from step base i show "?A 0"
  1087         by (auto elim: mod_induct_0)
  1088     next
  1089       fix k
  1090       assume ih: "?A k"
  1091       show "?A (Suc k)"
  1092       proof
  1093         assume suc: "Suc k < p"
  1094         hence k: "k<p" by simp
  1095         with ih have "P k" ..
  1096         with step k have "P (Suc k mod p)"
  1097           by blast
  1098         moreover
  1099         from suc have "Suc k mod p = Suc k"
  1100           by simp
  1101         ultimately
  1102         show "P (Suc k)" by simp
  1103       qed
  1104     qed
  1105   qed
  1106   with j show ?thesis by blast
  1107 qed
  1108 
  1109 lemma div2_Suc_Suc [simp]: "Suc (Suc m) div 2 = Suc (m div 2)"
  1110 by (auto simp add: numeral_2_eq_2 le_div_geq)
  1111 
  1112 lemma add_self_div_2 [simp]: "(m + m) div 2 = (m::nat)"
  1113 by (simp add: nat_mult_2 [symmetric])
  1114 
  1115 lemma mod2_Suc_Suc [simp]: "Suc(Suc(m)) mod 2 = m mod 2"
  1116 apply (subgoal_tac "m mod 2 < 2")
  1117 apply (erule less_2_cases [THEN disjE])
  1118 apply (simp_all (no_asm_simp) add: Let_def mod_Suc)
  1119 done
  1120 
  1121 lemma mod2_gr_0 [simp]: "0 < (m\<Colon>nat) mod 2 \<longleftrightarrow> m mod 2 = 1"
  1122 proof -
  1123   { fix n :: nat have  "(n::nat) < 2 \<Longrightarrow> n = 0 \<or> n = 1" by (cases n) simp_all }
  1124   moreover have "m mod 2 < 2" by simp
  1125   ultimately have "m mod 2 = 0 \<or> m mod 2 = 1" .
  1126   then show ?thesis by auto
  1127 qed
  1128 
  1129 text{*These lemmas collapse some needless occurrences of Suc:
  1130     at least three Sucs, since two and fewer are rewritten back to Suc again!
  1131     We already have some rules to simplify operands smaller than 3.*}
  1132 
  1133 lemma div_Suc_eq_div_add3 [simp]: "m div (Suc (Suc (Suc n))) = m div (3+n)"
  1134 by (simp add: Suc3_eq_add_3)
  1135 
  1136 lemma mod_Suc_eq_mod_add3 [simp]: "m mod (Suc (Suc (Suc n))) = m mod (3+n)"
  1137 by (simp add: Suc3_eq_add_3)
  1138 
  1139 lemma Suc_div_eq_add3_div: "(Suc (Suc (Suc m))) div n = (3+m) div n"
  1140 by (simp add: Suc3_eq_add_3)
  1141 
  1142 lemma Suc_mod_eq_add3_mod: "(Suc (Suc (Suc m))) mod n = (3+m) mod n"
  1143 by (simp add: Suc3_eq_add_3)
  1144 
  1145 lemmas Suc_div_eq_add3_div_number_of [simp] = Suc_div_eq_add3_div [of _ "number_of v"] for v
  1146 lemmas Suc_mod_eq_add3_mod_number_of [simp] = Suc_mod_eq_add3_mod [of _ "number_of v"] for v
  1147 
  1148 
  1149 lemma Suc_times_mod_eq: "1<k ==> Suc (k * m) mod k = 1" 
  1150 apply (induct "m")
  1151 apply (simp_all add: mod_Suc)
  1152 done
  1153 
  1154 declare Suc_times_mod_eq [of "number_of w", simp] for w
  1155 
  1156 lemma [simp]: "n div k \<le> (Suc n) div k"
  1157 by (simp add: div_le_mono) 
  1158 
  1159 lemma Suc_n_div_2_gt_zero [simp]: "(0::nat) < n ==> 0 < (n + 1) div 2"
  1160 by (cases n) simp_all
  1161 
  1162 lemma div_2_gt_zero [simp]: assumes A: "(1::nat) < n" shows "0 < n div 2"
  1163 proof -
  1164   from A have B: "0 < n - 1" and C: "n - 1 + 1 = n" by simp_all
  1165   from Suc_n_div_2_gt_zero [OF B] C show ?thesis by simp 
  1166 qed
  1167 
  1168   (* Potential use of algebra : Equality modulo n*)
  1169 lemma mod_mult_self3 [simp]: "(k*n + m) mod n = m mod (n::nat)"
  1170 by (simp add: mult_ac add_ac)
  1171 
  1172 lemma mod_mult_self4 [simp]: "Suc (k*n + m) mod n = Suc m mod n"
  1173 proof -
  1174   have "Suc (k * n + m) mod n = (k * n + Suc m) mod n" by simp
  1175   also have "... = Suc m mod n" by (rule mod_mult_self3) 
  1176   finally show ?thesis .
  1177 qed
  1178 
  1179 lemma mod_Suc_eq_Suc_mod: "Suc m mod n = Suc (m mod n) mod n"
  1180 apply (subst mod_Suc [of m]) 
  1181 apply (subst mod_Suc [of "m mod n"], simp) 
  1182 done
  1183 
  1184 
  1185 subsection {* Division on @{typ int} *}
  1186 
  1187 definition divmod_int_rel :: "int \<Rightarrow> int \<Rightarrow> int \<times> int \<Rightarrow> bool" where
  1188     --{*definition of quotient and remainder*}
  1189     [code]: "divmod_int_rel a b = (\<lambda>(q, r). a = b * q + r \<and>
  1190                (if 0 < b then 0 \<le> r \<and> r < b else b < r \<and> r \<le> 0))"
  1191 
  1192 definition adjust :: "int \<Rightarrow> int \<times> int \<Rightarrow> int \<times> int" where
  1193     --{*for the division algorithm*}
  1194     [code]: "adjust b = (\<lambda>(q, r). if 0 \<le> r - b then (2 * q + 1, r - b)
  1195                          else (2 * q, r))"
  1196 
  1197 text{*algorithm for the case @{text "a\<ge>0, b>0"}*}
  1198 function posDivAlg :: "int \<Rightarrow> int \<Rightarrow> int \<times> int" where
  1199   "posDivAlg a b = (if a < b \<or>  b \<le> 0 then (0, a)
  1200      else adjust b (posDivAlg a (2 * b)))"
  1201 by auto
  1202 termination by (relation "measure (\<lambda>(a, b). nat (a - b + 1))")
  1203   (auto simp add: mult_2)
  1204 
  1205 text{*algorithm for the case @{text "a<0, b>0"}*}
  1206 function negDivAlg :: "int \<Rightarrow> int \<Rightarrow> int \<times> int" where
  1207   "negDivAlg a b = (if 0 \<le>a + b \<or> b \<le> 0  then (-1, a + b)
  1208      else adjust b (negDivAlg a (2 * b)))"
  1209 by auto
  1210 termination by (relation "measure (\<lambda>(a, b). nat (- a - b))")
  1211   (auto simp add: mult_2)
  1212 
  1213 text{*algorithm for the general case @{term "b\<noteq>0"}*}
  1214 definition negateSnd :: "int \<times> int \<Rightarrow> int \<times> int" where
  1215   [code_unfold]: "negateSnd = apsnd uminus"
  1216 
  1217 definition divmod_int :: "int \<Rightarrow> int \<Rightarrow> int \<times> int" where
  1218     --{*The full division algorithm considers all possible signs for a, b
  1219        including the special case @{text "a=0, b<0"} because 
  1220        @{term negDivAlg} requires @{term "a<0"}.*}
  1221   "divmod_int a b = (if 0 \<le> a then if 0 \<le> b then posDivAlg a b
  1222                   else if a = 0 then (0, 0)
  1223                        else negateSnd (negDivAlg (-a) (-b))
  1224                else 
  1225                   if 0 < b then negDivAlg a b
  1226                   else negateSnd (posDivAlg (-a) (-b)))"
  1227 
  1228 instantiation int :: Divides.div
  1229 begin
  1230 
  1231 definition
  1232   "a div b = fst (divmod_int a b)"
  1233 
  1234 definition
  1235  "a mod b = snd (divmod_int a b)"
  1236 
  1237 instance ..
  1238 
  1239 end
  1240 
  1241 lemma divmod_int_mod_div:
  1242   "divmod_int p q = (p div q, p mod q)"
  1243   by (auto simp add: div_int_def mod_int_def)
  1244 
  1245 text{*
  1246 Here is the division algorithm in ML:
  1247 
  1248 \begin{verbatim}
  1249     fun posDivAlg (a,b) =
  1250       if a<b then (0,a)
  1251       else let val (q,r) = posDivAlg(a, 2*b)
  1252                in  if 0\<le>r-b then (2*q+1, r-b) else (2*q, r)
  1253            end
  1254 
  1255     fun negDivAlg (a,b) =
  1256       if 0\<le>a+b then (~1,a+b)
  1257       else let val (q,r) = negDivAlg(a, 2*b)
  1258                in  if 0\<le>r-b then (2*q+1, r-b) else (2*q, r)
  1259            end;
  1260 
  1261     fun negateSnd (q,r:int) = (q,~r);
  1262 
  1263     fun divmod (a,b) = if 0\<le>a then 
  1264                           if b>0 then posDivAlg (a,b) 
  1265                            else if a=0 then (0,0)
  1266                                 else negateSnd (negDivAlg (~a,~b))
  1267                        else 
  1268                           if 0<b then negDivAlg (a,b)
  1269                           else        negateSnd (posDivAlg (~a,~b));
  1270 \end{verbatim}
  1271 *}
  1272 
  1273 
  1274 
  1275 subsubsection{*Uniqueness and Monotonicity of Quotients and Remainders*}
  1276 
  1277 lemma unique_quotient_lemma:
  1278      "[| b*q' + r'  \<le> b*q + r;  0 \<le> r';  r' < b;  r < b |]  
  1279       ==> q' \<le> (q::int)"
  1280 apply (subgoal_tac "r' + b * (q'-q) \<le> r")
  1281  prefer 2 apply (simp add: right_diff_distrib)
  1282 apply (subgoal_tac "0 < b * (1 + q - q') ")
  1283 apply (erule_tac [2] order_le_less_trans)
  1284  prefer 2 apply (simp add: right_diff_distrib right_distrib)
  1285 apply (subgoal_tac "b * q' < b * (1 + q) ")
  1286  prefer 2 apply (simp add: right_diff_distrib right_distrib)
  1287 apply (simp add: mult_less_cancel_left)
  1288 done
  1289 
  1290 lemma unique_quotient_lemma_neg:
  1291      "[| b*q' + r' \<le> b*q + r;  r \<le> 0;  b < r;  b < r' |]  
  1292       ==> q \<le> (q'::int)"
  1293 by (rule_tac b = "-b" and r = "-r'" and r' = "-r" in unique_quotient_lemma, 
  1294     auto)
  1295 
  1296 lemma unique_quotient:
  1297      "[| divmod_int_rel a b (q, r); divmod_int_rel a b (q', r');  b \<noteq> 0 |]  
  1298       ==> q = q'"
  1299 apply (simp add: divmod_int_rel_def linorder_neq_iff split: split_if_asm)
  1300 apply (blast intro: order_antisym
  1301              dest: order_eq_refl [THEN unique_quotient_lemma] 
  1302              order_eq_refl [THEN unique_quotient_lemma_neg] sym)+
  1303 done
  1304 
  1305 
  1306 lemma unique_remainder:
  1307      "[| divmod_int_rel a b (q, r); divmod_int_rel a b (q', r');  b \<noteq> 0 |]  
  1308       ==> r = r'"
  1309 apply (subgoal_tac "q = q'")
  1310  apply (simp add: divmod_int_rel_def)
  1311 apply (blast intro: unique_quotient)
  1312 done
  1313 
  1314 
  1315 subsubsection{*Correctness of @{term posDivAlg}, the Algorithm for Non-Negative Dividends*}
  1316 
  1317 text{*And positive divisors*}
  1318 
  1319 lemma adjust_eq [simp]:
  1320      "adjust b (q,r) = 
  1321       (let diff = r-b in  
  1322         if 0 \<le> diff then (2*q + 1, diff)   
  1323                      else (2*q, r))"
  1324 by (simp add: Let_def adjust_def)
  1325 
  1326 declare posDivAlg.simps [simp del]
  1327 
  1328 text{*use with a simproc to avoid repeatedly proving the premise*}
  1329 lemma posDivAlg_eqn:
  1330      "0 < b ==>  
  1331       posDivAlg a b = (if a<b then (0,a) else adjust b (posDivAlg a (2*b)))"
  1332 by (rule posDivAlg.simps [THEN trans], simp)
  1333 
  1334 text{*Correctness of @{term posDivAlg}: it computes quotients correctly*}
  1335 theorem posDivAlg_correct:
  1336   assumes "0 \<le> a" and "0 < b"
  1337   shows "divmod_int_rel a b (posDivAlg a b)"
  1338   using assms
  1339   apply (induct a b rule: posDivAlg.induct)
  1340   apply auto
  1341   apply (simp add: divmod_int_rel_def)
  1342   apply (subst posDivAlg_eqn, simp add: right_distrib)
  1343   apply (case_tac "a < b")
  1344   apply simp_all
  1345   apply (erule splitE)
  1346   apply (auto simp add: right_distrib Let_def mult_ac mult_2_right)
  1347   done
  1348 
  1349 
  1350 subsubsection{*Correctness of @{term negDivAlg}, the Algorithm for Negative Dividends*}
  1351 
  1352 text{*And positive divisors*}
  1353 
  1354 declare negDivAlg.simps [simp del]
  1355 
  1356 text{*use with a simproc to avoid repeatedly proving the premise*}
  1357 lemma negDivAlg_eqn:
  1358      "0 < b ==>  
  1359       negDivAlg a b =       
  1360        (if 0\<le>a+b then (-1,a+b) else adjust b (negDivAlg a (2*b)))"
  1361 by (rule negDivAlg.simps [THEN trans], simp)
  1362 
  1363 (*Correctness of negDivAlg: it computes quotients correctly
  1364   It doesn't work if a=0 because the 0/b equals 0, not -1*)
  1365 lemma negDivAlg_correct:
  1366   assumes "a < 0" and "b > 0"
  1367   shows "divmod_int_rel a b (negDivAlg a b)"
  1368   using assms
  1369   apply (induct a b rule: negDivAlg.induct)
  1370   apply (auto simp add: linorder_not_le)
  1371   apply (simp add: divmod_int_rel_def)
  1372   apply (subst negDivAlg_eqn, assumption)
  1373   apply (case_tac "a + b < (0\<Colon>int)")
  1374   apply simp_all
  1375   apply (erule splitE)
  1376   apply (auto simp add: right_distrib Let_def mult_ac mult_2_right)
  1377   done
  1378 
  1379 
  1380 subsubsection{*Existence Shown by Proving the Division Algorithm to be Correct*}
  1381 
  1382 (*the case a=0*)
  1383 lemma divmod_int_rel_0: "b \<noteq> 0 ==> divmod_int_rel 0 b (0, 0)"
  1384 by (auto simp add: divmod_int_rel_def linorder_neq_iff)
  1385 
  1386 lemma posDivAlg_0 [simp]: "posDivAlg 0 b = (0, 0)"
  1387 by (subst posDivAlg.simps, auto)
  1388 
  1389 lemma negDivAlg_minus1 [simp]: "negDivAlg -1 b = (-1, b - 1)"
  1390 by (subst negDivAlg.simps, auto)
  1391 
  1392 lemma negateSnd_eq [simp]: "negateSnd(q,r) = (q,-r)"
  1393 by (simp add: negateSnd_def)
  1394 
  1395 lemma divmod_int_rel_neg: "divmod_int_rel (-a) (-b) qr ==> divmod_int_rel a b (negateSnd qr)"
  1396 by (auto simp add: split_ifs divmod_int_rel_def)
  1397 
  1398 lemma divmod_int_correct: "b \<noteq> 0 ==> divmod_int_rel a b (divmod_int a b)"
  1399 by (force simp add: linorder_neq_iff divmod_int_rel_0 divmod_int_def divmod_int_rel_neg
  1400                     posDivAlg_correct negDivAlg_correct)
  1401 
  1402 text{*Arbitrary definitions for division by zero.  Useful to simplify 
  1403     certain equations.*}
  1404 
  1405 lemma DIVISION_BY_ZERO [simp]: "a div (0::int) = 0 & a mod (0::int) = a"
  1406 by (simp add: div_int_def mod_int_def divmod_int_def posDivAlg.simps)  
  1407 
  1408 
  1409 text{*Basic laws about division and remainder*}
  1410 
  1411 lemma zmod_zdiv_equality: "(a::int) = b * (a div b) + (a mod b)"
  1412 apply (case_tac "b = 0", simp)
  1413 apply (cut_tac a = a and b = b in divmod_int_correct)
  1414 apply (auto simp add: divmod_int_rel_def div_int_def mod_int_def)
  1415 done
  1416 
  1417 lemma zdiv_zmod_equality: "(b * (a div b) + (a mod b)) + k = (a::int)+k"
  1418 by(simp add: zmod_zdiv_equality[symmetric])
  1419 
  1420 lemma zdiv_zmod_equality2: "((a div b) * b + (a mod b)) + k = (a::int)+k"
  1421 by(simp add: mult_commute zmod_zdiv_equality[symmetric])
  1422 
  1423 text {* Tool setup *}
  1424 
  1425 ML {*
  1426 structure Cancel_Div_Mod_Int = Cancel_Div_Mod
  1427 (
  1428   val div_name = @{const_name div};
  1429   val mod_name = @{const_name mod};
  1430   val mk_binop = HOLogic.mk_binop;
  1431   val mk_sum = Arith_Data.mk_sum HOLogic.intT;
  1432   val dest_sum = Arith_Data.dest_sum;
  1433 
  1434   val div_mod_eqs = map mk_meta_eq [@{thm zdiv_zmod_equality}, @{thm zdiv_zmod_equality2}];
  1435 
  1436   val prove_eq_sums = Arith_Data.prove_conv2 all_tac (Arith_Data.simp_all_tac 
  1437     (@{thm diff_minus} :: @{thms add_0s} @ @{thms add_ac}))
  1438 )
  1439 *}
  1440 
  1441 simproc_setup cancel_div_mod_int ("(k::int) + l") = {* K Cancel_Div_Mod_Int.proc *}
  1442 
  1443 lemma pos_mod_conj : "(0::int) < b ==> 0 \<le> a mod b & a mod b < b"
  1444 apply (cut_tac a = a and b = b in divmod_int_correct)
  1445 apply (auto simp add: divmod_int_rel_def mod_int_def)
  1446 done
  1447 
  1448 lemmas pos_mod_sign [simp] = pos_mod_conj [THEN conjunct1]
  1449    and pos_mod_bound [simp] = pos_mod_conj [THEN conjunct2]
  1450 
  1451 lemma neg_mod_conj : "b < (0::int) ==> a mod b \<le> 0 & b < a mod b"
  1452 apply (cut_tac a = a and b = b in divmod_int_correct)
  1453 apply (auto simp add: divmod_int_rel_def div_int_def mod_int_def)
  1454 done
  1455 
  1456 lemmas neg_mod_sign [simp] = neg_mod_conj [THEN conjunct1]
  1457    and neg_mod_bound [simp] = neg_mod_conj [THEN conjunct2]
  1458 
  1459 
  1460 subsubsection{*General Properties of div and mod*}
  1461 
  1462 lemma divmod_int_rel_div_mod: "b \<noteq> 0 ==> divmod_int_rel a b (a div b, a mod b)"
  1463 apply (cut_tac a = a and b = b in zmod_zdiv_equality)
  1464 apply (force simp add: divmod_int_rel_def linorder_neq_iff)
  1465 done
  1466 
  1467 lemma divmod_int_rel_div: "[| divmod_int_rel a b (q, r);  b \<noteq> 0 |] ==> a div b = q"
  1468 by (simp add: divmod_int_rel_div_mod [THEN unique_quotient])
  1469 
  1470 lemma divmod_int_rel_mod: "[| divmod_int_rel a b (q, r);  b \<noteq> 0 |] ==> a mod b = r"
  1471 by (simp add: divmod_int_rel_div_mod [THEN unique_remainder])
  1472 
  1473 lemma div_pos_pos_trivial: "[| (0::int) \<le> a;  a < b |] ==> a div b = 0"
  1474 apply (rule divmod_int_rel_div)
  1475 apply (auto simp add: divmod_int_rel_def)
  1476 done
  1477 
  1478 lemma div_neg_neg_trivial: "[| a \<le> (0::int);  b < a |] ==> a div b = 0"
  1479 apply (rule divmod_int_rel_div)
  1480 apply (auto simp add: divmod_int_rel_def)
  1481 done
  1482 
  1483 lemma div_pos_neg_trivial: "[| (0::int) < a;  a+b \<le> 0 |] ==> a div b = -1"
  1484 apply (rule divmod_int_rel_div)
  1485 apply (auto simp add: divmod_int_rel_def)
  1486 done
  1487 
  1488 (*There is no div_neg_pos_trivial because  0 div b = 0 would supersede it*)
  1489 
  1490 lemma mod_pos_pos_trivial: "[| (0::int) \<le> a;  a < b |] ==> a mod b = a"
  1491 apply (rule_tac q = 0 in divmod_int_rel_mod)
  1492 apply (auto simp add: divmod_int_rel_def)
  1493 done
  1494 
  1495 lemma mod_neg_neg_trivial: "[| a \<le> (0::int);  b < a |] ==> a mod b = a"
  1496 apply (rule_tac q = 0 in divmod_int_rel_mod)
  1497 apply (auto simp add: divmod_int_rel_def)
  1498 done
  1499 
  1500 lemma mod_pos_neg_trivial: "[| (0::int) < a;  a+b \<le> 0 |] ==> a mod b = a+b"
  1501 apply (rule_tac q = "-1" in divmod_int_rel_mod)
  1502 apply (auto simp add: divmod_int_rel_def)
  1503 done
  1504 
  1505 text{*There is no @{text mod_neg_pos_trivial}.*}
  1506 
  1507 
  1508 (*Simpler laws such as -a div b = -(a div b) FAIL, but see just below*)
  1509 lemma zdiv_zminus_zminus [simp]: "(-a) div (-b) = a div (b::int)"
  1510 apply (case_tac "b = 0", simp)
  1511 apply (simp add: divmod_int_rel_div_mod [THEN divmod_int_rel_neg, simplified, 
  1512                                  THEN divmod_int_rel_div, THEN sym])
  1513 
  1514 done
  1515 
  1516 (*Simpler laws such as -a mod b = -(a mod b) FAIL, but see just below*)
  1517 lemma zmod_zminus_zminus [simp]: "(-a) mod (-b) = - (a mod (b::int))"
  1518 apply (case_tac "b = 0", simp)
  1519 apply (subst divmod_int_rel_div_mod [THEN divmod_int_rel_neg, simplified, THEN divmod_int_rel_mod],
  1520        auto)
  1521 done
  1522 
  1523 
  1524 subsubsection{*Laws for div and mod with Unary Minus*}
  1525 
  1526 lemma zminus1_lemma:
  1527      "divmod_int_rel a b (q, r)
  1528       ==> divmod_int_rel (-a) b (if r=0 then -q else -q - 1,  
  1529                           if r=0 then 0 else b-r)"
  1530 by (force simp add: split_ifs divmod_int_rel_def linorder_neq_iff right_diff_distrib)
  1531 
  1532 
  1533 lemma zdiv_zminus1_eq_if:
  1534      "b \<noteq> (0::int)  
  1535       ==> (-a) div b =  
  1536           (if a mod b = 0 then - (a div b) else  - (a div b) - 1)"
  1537 by (blast intro: divmod_int_rel_div_mod [THEN zminus1_lemma, THEN divmod_int_rel_div])
  1538 
  1539 lemma zmod_zminus1_eq_if:
  1540      "(-a::int) mod b = (if a mod b = 0 then 0 else  b - (a mod b))"
  1541 apply (case_tac "b = 0", simp)
  1542 apply (blast intro: divmod_int_rel_div_mod [THEN zminus1_lemma, THEN divmod_int_rel_mod])
  1543 done
  1544 
  1545 lemma zmod_zminus1_not_zero:
  1546   fixes k l :: int
  1547   shows "- k mod l \<noteq> 0 \<Longrightarrow> k mod l \<noteq> 0"
  1548   unfolding zmod_zminus1_eq_if by auto
  1549 
  1550 lemma zdiv_zminus2: "a div (-b) = (-a::int) div b"
  1551 by (cut_tac a = "-a" in zdiv_zminus_zminus, auto)
  1552 
  1553 lemma zmod_zminus2: "a mod (-b) = - ((-a::int) mod b)"
  1554 by (cut_tac a = "-a" and b = b in zmod_zminus_zminus, auto)
  1555 
  1556 lemma zdiv_zminus2_eq_if:
  1557      "b \<noteq> (0::int)  
  1558       ==> a div (-b) =  
  1559           (if a mod b = 0 then - (a div b) else  - (a div b) - 1)"
  1560 by (simp add: zdiv_zminus1_eq_if zdiv_zminus2)
  1561 
  1562 lemma zmod_zminus2_eq_if:
  1563      "a mod (-b::int) = (if a mod b = 0 then 0 else  (a mod b) - b)"
  1564 by (simp add: zmod_zminus1_eq_if zmod_zminus2)
  1565 
  1566 lemma zmod_zminus2_not_zero:
  1567   fixes k l :: int
  1568   shows "k mod - l \<noteq> 0 \<Longrightarrow> k mod l \<noteq> 0"
  1569   unfolding zmod_zminus2_eq_if by auto 
  1570 
  1571 
  1572 subsubsection{*Division of a Number by Itself*}
  1573 
  1574 lemma self_quotient_aux1: "[| (0::int) < a; a = r + a*q; r < a |] ==> 1 \<le> q"
  1575 apply (subgoal_tac "0 < a*q")
  1576  apply (simp add: zero_less_mult_iff, arith)
  1577 done
  1578 
  1579 lemma self_quotient_aux2: "[| (0::int) < a; a = r + a*q; 0 \<le> r |] ==> q \<le> 1"
  1580 apply (subgoal_tac "0 \<le> a* (1-q) ")
  1581  apply (simp add: zero_le_mult_iff)
  1582 apply (simp add: right_diff_distrib)
  1583 done
  1584 
  1585 lemma self_quotient: "[| divmod_int_rel a a (q, r);  a \<noteq> (0::int) |] ==> q = 1"
  1586 apply (simp add: split_ifs divmod_int_rel_def linorder_neq_iff)
  1587 apply (rule order_antisym, safe, simp_all)
  1588 apply (rule_tac [3] a = "-a" and r = "-r" in self_quotient_aux1)
  1589 apply (rule_tac a = "-a" and r = "-r" in self_quotient_aux2)
  1590 apply (force intro: self_quotient_aux1 self_quotient_aux2 simp add: add_commute)+
  1591 done
  1592 
  1593 lemma self_remainder: "[| divmod_int_rel a a (q, r);  a \<noteq> (0::int) |] ==> r = 0"
  1594 apply (frule self_quotient, assumption)
  1595 apply (simp add: divmod_int_rel_def)
  1596 done
  1597 
  1598 lemma zdiv_self [simp]: "a \<noteq> 0 ==> a div a = (1::int)"
  1599 by (simp add: divmod_int_rel_div_mod [THEN self_quotient])
  1600 
  1601 (*Here we have 0 mod 0 = 0, also assumed by Knuth (who puts m mod 0 = 0) *)
  1602 lemma zmod_self [simp]: "a mod a = (0::int)"
  1603 apply (case_tac "a = 0", simp)
  1604 apply (simp add: divmod_int_rel_div_mod [THEN self_remainder])
  1605 done
  1606 
  1607 
  1608 subsubsection{*Computation of Division and Remainder*}
  1609 
  1610 lemma zdiv_zero [simp]: "(0::int) div b = 0"
  1611 by (simp add: div_int_def divmod_int_def)
  1612 
  1613 lemma div_eq_minus1: "(0::int) < b ==> -1 div b = -1"
  1614 by (simp add: div_int_def divmod_int_def)
  1615 
  1616 lemma zmod_zero [simp]: "(0::int) mod b = 0"
  1617 by (simp add: mod_int_def divmod_int_def)
  1618 
  1619 lemma zmod_minus1: "(0::int) < b ==> -1 mod b = b - 1"
  1620 by (simp add: mod_int_def divmod_int_def)
  1621 
  1622 text{*a positive, b positive *}
  1623 
  1624 lemma div_pos_pos: "[| 0 < a;  0 \<le> b |] ==> a div b = fst (posDivAlg a b)"
  1625 by (simp add: div_int_def divmod_int_def)
  1626 
  1627 lemma mod_pos_pos: "[| 0 < a;  0 \<le> b |] ==> a mod b = snd (posDivAlg a b)"
  1628 by (simp add: mod_int_def divmod_int_def)
  1629 
  1630 text{*a negative, b positive *}
  1631 
  1632 lemma div_neg_pos: "[| a < 0;  0 < b |] ==> a div b = fst (negDivAlg a b)"
  1633 by (simp add: div_int_def divmod_int_def)
  1634 
  1635 lemma mod_neg_pos: "[| a < 0;  0 < b |] ==> a mod b = snd (negDivAlg a b)"
  1636 by (simp add: mod_int_def divmod_int_def)
  1637 
  1638 text{*a positive, b negative *}
  1639 
  1640 lemma div_pos_neg:
  1641      "[| 0 < a;  b < 0 |] ==> a div b = fst (negateSnd (negDivAlg (-a) (-b)))"
  1642 by (simp add: div_int_def divmod_int_def)
  1643 
  1644 lemma mod_pos_neg:
  1645      "[| 0 < a;  b < 0 |] ==> a mod b = snd (negateSnd (negDivAlg (-a) (-b)))"
  1646 by (simp add: mod_int_def divmod_int_def)
  1647 
  1648 text{*a negative, b negative *}
  1649 
  1650 lemma div_neg_neg:
  1651      "[| a < 0;  b \<le> 0 |] ==> a div b = fst (negateSnd (posDivAlg (-a) (-b)))"
  1652 by (simp add: div_int_def divmod_int_def)
  1653 
  1654 lemma mod_neg_neg:
  1655      "[| a < 0;  b \<le> 0 |] ==> a mod b = snd (negateSnd (posDivAlg (-a) (-b)))"
  1656 by (simp add: mod_int_def divmod_int_def)
  1657 
  1658 text {*Simplify expresions in which div and mod combine numerical constants*}
  1659 
  1660 lemma int_div_pos_eq: "\<lbrakk>(a::int) = b * q + r; 0 \<le> r; r < b\<rbrakk> \<Longrightarrow> a div b = q"
  1661   by (rule divmod_int_rel_div [of a b q r],
  1662     simp add: divmod_int_rel_def, simp)
  1663 
  1664 lemma int_div_neg_eq: "\<lbrakk>(a::int) = b * q + r; r \<le> 0; b < r\<rbrakk> \<Longrightarrow> a div b = q"
  1665   by (rule divmod_int_rel_div [of a b q r],
  1666     simp add: divmod_int_rel_def, simp)
  1667 
  1668 lemma int_mod_pos_eq: "\<lbrakk>(a::int) = b * q + r; 0 \<le> r; r < b\<rbrakk> \<Longrightarrow> a mod b = r"
  1669   by (rule divmod_int_rel_mod [of a b q r],
  1670     simp add: divmod_int_rel_def, simp)
  1671 
  1672 lemma int_mod_neg_eq: "\<lbrakk>(a::int) = b * q + r; r \<le> 0; b < r\<rbrakk> \<Longrightarrow> a mod b = r"
  1673   by (rule divmod_int_rel_mod [of a b q r],
  1674     simp add: divmod_int_rel_def, simp)
  1675 
  1676 lemmas arithmetic_simps =
  1677   arith_simps
  1678   add_special
  1679   add_0_left
  1680   add_0_right
  1681   mult_zero_left
  1682   mult_zero_right
  1683   mult_1_left
  1684   mult_1_right
  1685 
  1686 (* simprocs adapted from HOL/ex/Binary.thy *)
  1687 ML {*
  1688 local
  1689   val mk_number = HOLogic.mk_number HOLogic.intT
  1690   val plus = @{term "plus :: int \<Rightarrow> int \<Rightarrow> int"}
  1691   val times = @{term "times :: int \<Rightarrow> int \<Rightarrow> int"}
  1692   val zero = @{term "0 :: int"}
  1693   val less = @{term "op < :: int \<Rightarrow> int \<Rightarrow> bool"}
  1694   val le = @{term "op \<le> :: int \<Rightarrow> int \<Rightarrow> bool"}
  1695   val simps = @{thms arith_simps} @ @{thms rel_simps} @
  1696     map (fn th => th RS sym) [@{thm numeral_0_eq_0}, @{thm numeral_1_eq_1}]
  1697   fun prove ctxt goal = Goal.prove ctxt [] [] (HOLogic.mk_Trueprop goal)
  1698     (K (ALLGOALS (full_simp_tac (HOL_basic_ss addsimps simps))));
  1699   fun binary_proc proc ss ct =
  1700     (case Thm.term_of ct of
  1701       _ $ t $ u =>
  1702       (case try (pairself (`(snd o HOLogic.dest_number))) (t, u) of
  1703         SOME args => proc (Simplifier.the_context ss) args
  1704       | NONE => NONE)
  1705     | _ => NONE);
  1706 in
  1707   fun divmod_proc posrule negrule =
  1708     binary_proc (fn ctxt => fn ((a, t), (b, u)) =>
  1709       if b = 0 then NONE else let
  1710         val (q, r) = pairself mk_number (Integer.div_mod a b)
  1711         val goal1 = HOLogic.mk_eq (t, plus $ (times $ u $ q) $ r)
  1712         val (goal2, goal3, rule) = if b > 0
  1713           then (le $ zero $ r, less $ r $ u, posrule RS eq_reflection)
  1714           else (le $ r $ zero, less $ u $ r, negrule RS eq_reflection)
  1715       in SOME (rule OF map (prove ctxt) [goal1, goal2, goal3]) end)
  1716 end
  1717 *}
  1718 
  1719 simproc_setup binary_int_div ("number_of m div number_of n :: int") =
  1720   {* K (divmod_proc @{thm int_div_pos_eq} @{thm int_div_neg_eq}) *}
  1721 
  1722 simproc_setup binary_int_mod ("number_of m mod number_of n :: int") =
  1723   {* K (divmod_proc @{thm int_mod_pos_eq} @{thm int_mod_neg_eq}) *}
  1724 
  1725 lemmas posDivAlg_eqn_number_of [simp] = posDivAlg_eqn [of "number_of v" "number_of w"] for v w
  1726 lemmas negDivAlg_eqn_number_of [simp] = negDivAlg_eqn [of "number_of v" "number_of w"] for v w
  1727 
  1728 
  1729 text{*Special-case simplification *}
  1730 
  1731 lemma zmod_minus1_right [simp]: "a mod (-1::int) = 0"
  1732 apply (cut_tac a = a and b = "-1" in neg_mod_sign)
  1733 apply (cut_tac [2] a = a and b = "-1" in neg_mod_bound)
  1734 apply (auto simp del: neg_mod_sign neg_mod_bound)
  1735 done
  1736 
  1737 lemma zdiv_minus1_right [simp]: "a div (-1::int) = -a"
  1738 by (cut_tac a = a and b = "-1" in zmod_zdiv_equality, auto)
  1739 
  1740 (** The last remaining special cases for constant arithmetic:
  1741     1 div z and 1 mod z **)
  1742 
  1743 lemmas div_pos_pos_1_number_of [simp] = div_pos_pos [OF zero_less_one, of "number_of w"] for w
  1744 lemmas div_pos_neg_1_number_of [simp] = div_pos_neg [OF zero_less_one, of "number_of w"] for w
  1745 lemmas mod_pos_pos_1_number_of [simp] = mod_pos_pos [OF zero_less_one, of "number_of w"] for w
  1746 lemmas mod_pos_neg_1_number_of [simp] = mod_pos_neg [OF zero_less_one, of "number_of w"] for w
  1747 lemmas posDivAlg_eqn_1_number_of [simp] = posDivAlg_eqn [of concl: 1 "number_of w"] for w
  1748 lemmas negDivAlg_eqn_1_number_of [simp] = negDivAlg_eqn [of concl: 1 "number_of w"] for w
  1749 
  1750 
  1751 subsubsection{*Monotonicity in the First Argument (Dividend)*}
  1752 
  1753 lemma zdiv_mono1: "[| a \<le> a';  0 < (b::int) |] ==> a div b \<le> a' div b"
  1754 apply (cut_tac a = a and b = b in zmod_zdiv_equality)
  1755 apply (cut_tac a = a' and b = b in zmod_zdiv_equality)
  1756 apply (rule unique_quotient_lemma)
  1757 apply (erule subst)
  1758 apply (erule subst, simp_all)
  1759 done
  1760 
  1761 lemma zdiv_mono1_neg: "[| a \<le> a';  (b::int) < 0 |] ==> a' div b \<le> a div b"
  1762 apply (cut_tac a = a and b = b in zmod_zdiv_equality)
  1763 apply (cut_tac a = a' and b = b in zmod_zdiv_equality)
  1764 apply (rule unique_quotient_lemma_neg)
  1765 apply (erule subst)
  1766 apply (erule subst, simp_all)
  1767 done
  1768 
  1769 
  1770 subsubsection{*Monotonicity in the Second Argument (Divisor)*}
  1771 
  1772 lemma q_pos_lemma:
  1773      "[| 0 \<le> b'*q' + r'; r' < b';  0 < b' |] ==> 0 \<le> (q'::int)"
  1774 apply (subgoal_tac "0 < b'* (q' + 1) ")
  1775  apply (simp add: zero_less_mult_iff)
  1776 apply (simp add: right_distrib)
  1777 done
  1778 
  1779 lemma zdiv_mono2_lemma:
  1780      "[| b*q + r = b'*q' + r';  0 \<le> b'*q' + r';   
  1781          r' < b';  0 \<le> r;  0 < b';  b' \<le> b |]   
  1782       ==> q \<le> (q'::int)"
  1783 apply (frule q_pos_lemma, assumption+) 
  1784 apply (subgoal_tac "b*q < b* (q' + 1) ")
  1785  apply (simp add: mult_less_cancel_left)
  1786 apply (subgoal_tac "b*q = r' - r + b'*q'")
  1787  prefer 2 apply simp
  1788 apply (simp (no_asm_simp) add: right_distrib)
  1789 apply (subst add_commute, rule add_less_le_mono, arith)
  1790 apply (rule mult_right_mono, auto)
  1791 done
  1792 
  1793 lemma zdiv_mono2:
  1794      "[| (0::int) \<le> a;  0 < b';  b' \<le> b |] ==> a div b \<le> a div b'"
  1795 apply (subgoal_tac "b \<noteq> 0")
  1796  prefer 2 apply arith
  1797 apply (cut_tac a = a and b = b in zmod_zdiv_equality)
  1798 apply (cut_tac a = a and b = b' in zmod_zdiv_equality)
  1799 apply (rule zdiv_mono2_lemma)
  1800 apply (erule subst)
  1801 apply (erule subst, simp_all)
  1802 done
  1803 
  1804 lemma q_neg_lemma:
  1805      "[| b'*q' + r' < 0;  0 \<le> r';  0 < b' |] ==> q' \<le> (0::int)"
  1806 apply (subgoal_tac "b'*q' < 0")
  1807  apply (simp add: mult_less_0_iff, arith)
  1808 done
  1809 
  1810 lemma zdiv_mono2_neg_lemma:
  1811      "[| b*q + r = b'*q' + r';  b'*q' + r' < 0;   
  1812          r < b;  0 \<le> r';  0 < b';  b' \<le> b |]   
  1813       ==> q' \<le> (q::int)"
  1814 apply (frule q_neg_lemma, assumption+) 
  1815 apply (subgoal_tac "b*q' < b* (q + 1) ")
  1816  apply (simp add: mult_less_cancel_left)
  1817 apply (simp add: right_distrib)
  1818 apply (subgoal_tac "b*q' \<le> b'*q'")
  1819  prefer 2 apply (simp add: mult_right_mono_neg, arith)
  1820 done
  1821 
  1822 lemma zdiv_mono2_neg:
  1823      "[| a < (0::int);  0 < b';  b' \<le> b |] ==> a div b' \<le> a div b"
  1824 apply (cut_tac a = a and b = b in zmod_zdiv_equality)
  1825 apply (cut_tac a = a and b = b' in zmod_zdiv_equality)
  1826 apply (rule zdiv_mono2_neg_lemma)
  1827 apply (erule subst)
  1828 apply (erule subst, simp_all)
  1829 done
  1830 
  1831 
  1832 subsubsection{*More Algebraic Laws for div and mod*}
  1833 
  1834 text{*proving (a*b) div c = a * (b div c) + a * (b mod c) *}
  1835 
  1836 lemma zmult1_lemma:
  1837      "[| divmod_int_rel b c (q, r);  c \<noteq> 0 |]  
  1838       ==> divmod_int_rel (a * b) c (a*q + a*r div c, a*r mod c)"
  1839 by (auto simp add: split_ifs divmod_int_rel_def linorder_neq_iff right_distrib mult_ac)
  1840 
  1841 lemma zdiv_zmult1_eq: "(a*b) div c = a*(b div c) + a*(b mod c) div (c::int)"
  1842 apply (case_tac "c = 0", simp)
  1843 apply (blast intro: divmod_int_rel_div_mod [THEN zmult1_lemma, THEN divmod_int_rel_div])
  1844 done
  1845 
  1846 lemma zmod_zmult1_eq: "(a*b) mod c = a*(b mod c) mod (c::int)"
  1847 apply (case_tac "c = 0", simp)
  1848 apply (blast intro: divmod_int_rel_div_mod [THEN zmult1_lemma, THEN divmod_int_rel_mod])
  1849 done
  1850 
  1851 lemma zmod_zdiv_trivial: "(a mod b) div b = (0::int)"
  1852 apply (case_tac "b = 0", simp)
  1853 apply (auto simp add: linorder_neq_iff div_pos_pos_trivial div_neg_neg_trivial)
  1854 done
  1855 
  1856 text{*proving (a+b) div c = a div c + b div c + ((a mod c + b mod c) div c) *}
  1857 
  1858 lemma zadd1_lemma:
  1859      "[| divmod_int_rel a c (aq, ar);  divmod_int_rel b c (bq, br);  c \<noteq> 0 |]  
  1860       ==> divmod_int_rel (a+b) c (aq + bq + (ar+br) div c, (ar+br) mod c)"
  1861 by (force simp add: split_ifs divmod_int_rel_def linorder_neq_iff right_distrib)
  1862 
  1863 (*NOT suitable for rewriting: the RHS has an instance of the LHS*)
  1864 lemma zdiv_zadd1_eq:
  1865      "(a+b) div (c::int) = a div c + b div c + ((a mod c + b mod c) div c)"
  1866 apply (case_tac "c = 0", simp)
  1867 apply (blast intro: zadd1_lemma [OF divmod_int_rel_div_mod divmod_int_rel_div_mod] divmod_int_rel_div)
  1868 done
  1869 
  1870 instance int :: ring_div
  1871 proof
  1872   fix a b c :: int
  1873   assume not0: "b \<noteq> 0"
  1874   show "(a + c * b) div b = c + a div b"
  1875     unfolding zdiv_zadd1_eq [of a "c * b"] using not0 
  1876       by (simp add: zmod_zmult1_eq zmod_zdiv_trivial zdiv_zmult1_eq)
  1877 next
  1878   fix a b c :: int
  1879   assume "a \<noteq> 0"
  1880   then show "(a * b) div (a * c) = b div c"
  1881   proof (cases "b \<noteq> 0 \<and> c \<noteq> 0")
  1882     case False then show ?thesis by auto
  1883   next
  1884     case True then have "b \<noteq> 0" and "c \<noteq> 0" by auto
  1885     with `a \<noteq> 0`
  1886     have "\<And>q r. divmod_int_rel b c (q, r) \<Longrightarrow> divmod_int_rel (a * b) (a * c) (q, a * r)"
  1887       apply (auto simp add: divmod_int_rel_def) 
  1888       apply (auto simp add: algebra_simps)
  1889       apply (auto simp add: zero_less_mult_iff zero_le_mult_iff mult_le_0_iff mult_commute [of a] mult_less_cancel_right)
  1890       done
  1891     moreover with `c \<noteq> 0` divmod_int_rel_div_mod have "divmod_int_rel b c (b div c, b mod c)" by auto
  1892     ultimately have "divmod_int_rel (a * b) (a * c) (b div c, a * (b mod c))" .
  1893     moreover from  `a \<noteq> 0` `c \<noteq> 0` have "a * c \<noteq> 0" by simp
  1894     ultimately show ?thesis by (rule divmod_int_rel_div)
  1895   qed
  1896 qed auto
  1897 
  1898 lemma posDivAlg_div_mod:
  1899   assumes "k \<ge> 0"
  1900   and "l \<ge> 0"
  1901   shows "posDivAlg k l = (k div l, k mod l)"
  1902 proof (cases "l = 0")
  1903   case True then show ?thesis by (simp add: posDivAlg.simps)
  1904 next
  1905   case False with assms posDivAlg_correct
  1906     have "divmod_int_rel k l (fst (posDivAlg k l), snd (posDivAlg k l))"
  1907     by simp
  1908   from divmod_int_rel_div [OF this `l \<noteq> 0`] divmod_int_rel_mod [OF this `l \<noteq> 0`]
  1909   show ?thesis by simp
  1910 qed
  1911 
  1912 lemma negDivAlg_div_mod:
  1913   assumes "k < 0"
  1914   and "l > 0"
  1915   shows "negDivAlg k l = (k div l, k mod l)"
  1916 proof -
  1917   from assms have "l \<noteq> 0" by simp
  1918   from assms negDivAlg_correct
  1919     have "divmod_int_rel k l (fst (negDivAlg k l), snd (negDivAlg k l))"
  1920     by simp
  1921   from divmod_int_rel_div [OF this `l \<noteq> 0`] divmod_int_rel_mod [OF this `l \<noteq> 0`]
  1922   show ?thesis by simp
  1923 qed
  1924 
  1925 lemma zmod_eq_0_iff: "(m mod d = 0) = (EX q::int. m = d*q)"
  1926 by (simp add: dvd_eq_mod_eq_0 [symmetric] dvd_def)
  1927 
  1928 (* REVISIT: should this be generalized to all semiring_div types? *)
  1929 lemmas zmod_eq_0D [dest!] = zmod_eq_0_iff [THEN iffD1]
  1930 
  1931 
  1932 subsubsection{*Proving  @{term "a div (b*c) = (a div b) div c"} *}
  1933 
  1934 (*The condition c>0 seems necessary.  Consider that 7 div ~6 = ~2 but
  1935   7 div 2 div ~3 = 3 div ~3 = ~1.  The subcase (a div b) mod c = 0 seems
  1936   to cause particular problems.*)
  1937 
  1938 text{*first, four lemmas to bound the remainder for the cases b<0 and b>0 *}
  1939 
  1940 lemma zmult2_lemma_aux1: "[| (0::int) < c;  b < r;  r \<le> 0 |] ==> b*c < b*(q mod c) + r"
  1941 apply (subgoal_tac "b * (c - q mod c) < r * 1")
  1942  apply (simp add: algebra_simps)
  1943 apply (rule order_le_less_trans)
  1944  apply (erule_tac [2] mult_strict_right_mono)
  1945  apply (rule mult_left_mono_neg)
  1946   using add1_zle_eq[of "q mod c"]apply(simp add: algebra_simps)
  1947  apply (simp)
  1948 apply (simp)
  1949 done
  1950 
  1951 lemma zmult2_lemma_aux2:
  1952      "[| (0::int) < c;   b < r;  r \<le> 0 |] ==> b * (q mod c) + r \<le> 0"
  1953 apply (subgoal_tac "b * (q mod c) \<le> 0")
  1954  apply arith
  1955 apply (simp add: mult_le_0_iff)
  1956 done
  1957 
  1958 lemma zmult2_lemma_aux3: "[| (0::int) < c;  0 \<le> r;  r < b |] ==> 0 \<le> b * (q mod c) + r"
  1959 apply (subgoal_tac "0 \<le> b * (q mod c) ")
  1960 apply arith
  1961 apply (simp add: zero_le_mult_iff)
  1962 done
  1963 
  1964 lemma zmult2_lemma_aux4: "[| (0::int) < c; 0 \<le> r; r < b |] ==> b * (q mod c) + r < b * c"
  1965 apply (subgoal_tac "r * 1 < b * (c - q mod c) ")
  1966  apply (simp add: right_diff_distrib)
  1967 apply (rule order_less_le_trans)
  1968  apply (erule mult_strict_right_mono)
  1969  apply (rule_tac [2] mult_left_mono)
  1970   apply simp
  1971  using add1_zle_eq[of "q mod c"] apply (simp add: algebra_simps)
  1972 apply simp
  1973 done
  1974 
  1975 lemma zmult2_lemma: "[| divmod_int_rel a b (q, r);  b \<noteq> 0;  0 < c |]  
  1976       ==> divmod_int_rel a (b * c) (q div c, b*(q mod c) + r)"
  1977 by (auto simp add: mult_ac divmod_int_rel_def linorder_neq_iff
  1978                    zero_less_mult_iff right_distrib [symmetric] 
  1979                    zmult2_lemma_aux1 zmult2_lemma_aux2 zmult2_lemma_aux3 zmult2_lemma_aux4)
  1980 
  1981 lemma zdiv_zmult2_eq: "(0::int) < c ==> a div (b*c) = (a div b) div c"
  1982 apply (case_tac "b = 0", simp)
  1983 apply (force simp add: divmod_int_rel_div_mod [THEN zmult2_lemma, THEN divmod_int_rel_div])
  1984 done
  1985 
  1986 lemma zmod_zmult2_eq:
  1987      "(0::int) < c ==> a mod (b*c) = b*(a div b mod c) + a mod b"
  1988 apply (case_tac "b = 0", simp)
  1989 apply (force simp add: divmod_int_rel_div_mod [THEN zmult2_lemma, THEN divmod_int_rel_mod])
  1990 done
  1991 
  1992 
  1993 subsubsection {*Splitting Rules for div and mod*}
  1994 
  1995 text{*The proofs of the two lemmas below are essentially identical*}
  1996 
  1997 lemma split_pos_lemma:
  1998  "0<k ==> 
  1999     P(n div k :: int)(n mod k) = (\<forall>i j. 0\<le>j & j<k & n = k*i + j --> P i j)"
  2000 apply (rule iffI, clarify)
  2001  apply (erule_tac P="P ?x ?y" in rev_mp)  
  2002  apply (subst mod_add_eq) 
  2003  apply (subst zdiv_zadd1_eq) 
  2004  apply (simp add: div_pos_pos_trivial mod_pos_pos_trivial)  
  2005 txt{*converse direction*}
  2006 apply (drule_tac x = "n div k" in spec) 
  2007 apply (drule_tac x = "n mod k" in spec, simp)
  2008 done
  2009 
  2010 lemma split_neg_lemma:
  2011  "k<0 ==>
  2012     P(n div k :: int)(n mod k) = (\<forall>i j. k<j & j\<le>0 & n = k*i + j --> P i j)"
  2013 apply (rule iffI, clarify)
  2014  apply (erule_tac P="P ?x ?y" in rev_mp)  
  2015  apply (subst mod_add_eq) 
  2016  apply (subst zdiv_zadd1_eq) 
  2017  apply (simp add: div_neg_neg_trivial mod_neg_neg_trivial)  
  2018 txt{*converse direction*}
  2019 apply (drule_tac x = "n div k" in spec) 
  2020 apply (drule_tac x = "n mod k" in spec, simp)
  2021 done
  2022 
  2023 lemma split_zdiv:
  2024  "P(n div k :: int) =
  2025   ((k = 0 --> P 0) & 
  2026    (0<k --> (\<forall>i j. 0\<le>j & j<k & n = k*i + j --> P i)) & 
  2027    (k<0 --> (\<forall>i j. k<j & j\<le>0 & n = k*i + j --> P i)))"
  2028 apply (case_tac "k=0", simp)
  2029 apply (simp only: linorder_neq_iff)
  2030 apply (erule disjE) 
  2031  apply (simp_all add: split_pos_lemma [of concl: "%x y. P x"] 
  2032                       split_neg_lemma [of concl: "%x y. P x"])
  2033 done
  2034 
  2035 lemma split_zmod:
  2036  "P(n mod k :: int) =
  2037   ((k = 0 --> P n) & 
  2038    (0<k --> (\<forall>i j. 0\<le>j & j<k & n = k*i + j --> P j)) & 
  2039    (k<0 --> (\<forall>i j. k<j & j\<le>0 & n = k*i + j --> P j)))"
  2040 apply (case_tac "k=0", simp)
  2041 apply (simp only: linorder_neq_iff)
  2042 apply (erule disjE) 
  2043  apply (simp_all add: split_pos_lemma [of concl: "%x y. P y"] 
  2044                       split_neg_lemma [of concl: "%x y. P y"])
  2045 done
  2046 
  2047 text {* Enable (lin)arith to deal with @{const div} and @{const mod}
  2048   when these are applied to some constant that is of the form
  2049   @{term "number_of k"}: *}
  2050 declare split_zdiv [of _ _ "number_of k", arith_split] for k
  2051 declare split_zmod [of _ _ "number_of k", arith_split] for k
  2052 
  2053 
  2054 subsubsection{*Speeding up the Division Algorithm with Shifting*}
  2055 
  2056 text{*computing div by shifting *}
  2057 
  2058 lemma pos_zdiv_mult_2: "(0::int) \<le> a ==> (1 + 2*b) div (2*a) = b div a"
  2059 proof cases
  2060   assume "a=0"
  2061     thus ?thesis by simp
  2062 next
  2063   assume "a\<noteq>0" and le_a: "0\<le>a"   
  2064   hence a_pos: "1 \<le> a" by arith
  2065   hence one_less_a2: "1 < 2 * a" by arith
  2066   hence le_2a: "2 * (1 + b mod a) \<le> 2 * a"
  2067     unfolding mult_le_cancel_left
  2068     by (simp add: add1_zle_eq add_commute [of 1])
  2069   with a_pos have "0 \<le> b mod a" by simp
  2070   hence le_addm: "0 \<le> 1 mod (2*a) + 2*(b mod a)"
  2071     by (simp add: mod_pos_pos_trivial one_less_a2)
  2072   with  le_2a
  2073   have "(1 mod (2*a) + 2*(b mod a)) div (2*a) = 0"
  2074     by (simp add: div_pos_pos_trivial le_addm mod_pos_pos_trivial one_less_a2
  2075                   right_distrib) 
  2076   thus ?thesis
  2077     by (subst zdiv_zadd1_eq,
  2078         simp add: mod_mult_mult1 one_less_a2
  2079                   div_pos_pos_trivial)
  2080 qed
  2081 
  2082 lemma neg_zdiv_mult_2: 
  2083   assumes A: "a \<le> (0::int)" shows "(1 + 2*b) div (2*a) = (b+1) div a"
  2084 proof -
  2085   have R: "1 + - (2 * (b + 1)) = - (1 + 2 * b)" by simp
  2086   have "(1 + 2 * (-b - 1)) div (2 * (-a)) = (-b - 1) div (-a)"
  2087     by (rule pos_zdiv_mult_2, simp add: A)
  2088   thus ?thesis
  2089     by (simp only: R zdiv_zminus_zminus diff_minus
  2090       minus_add_distrib [symmetric] mult_minus_right)
  2091 qed
  2092 
  2093 lemma zdiv_number_of_Bit0 [simp]:
  2094      "number_of (Int.Bit0 v) div number_of (Int.Bit0 w) =  
  2095           number_of v div (number_of w :: int)"
  2096 by (simp only: number_of_eq numeral_simps) (simp add: mult_2 [symmetric])
  2097 
  2098 lemma zdiv_number_of_Bit1 [simp]:
  2099      "number_of (Int.Bit1 v) div number_of (Int.Bit0 w) =  
  2100           (if (0::int) \<le> number_of w                    
  2101            then number_of v div (number_of w)     
  2102            else (number_of v + (1::int)) div (number_of w))"
  2103 apply (simp only: number_of_eq numeral_simps UNIV_I split: split_if) 
  2104 apply (simp add: pos_zdiv_mult_2 neg_zdiv_mult_2 add_ac mult_2 [symmetric])
  2105 done
  2106 
  2107 
  2108 subsubsection{*Computing mod by Shifting (proofs resemble those for div)*}
  2109 
  2110 lemma pos_zmod_mult_2:
  2111   fixes a b :: int
  2112   assumes "0 \<le> a"
  2113   shows "(1 + 2 * b) mod (2 * a) = 1 + 2 * (b mod a)"
  2114 proof (cases "0 < a")
  2115   case False with assms show ?thesis by simp
  2116 next
  2117   case True
  2118   then have "b mod a < a" by (rule pos_mod_bound)
  2119   then have "1 + b mod a \<le> a" by simp
  2120   then have A: "2 * (1 + b mod a) \<le> 2 * a" by simp
  2121   from `0 < a` have "0 \<le> b mod a" by (rule pos_mod_sign)
  2122   then have B: "0 \<le> 1 + 2 * (b mod a)" by simp
  2123   have "((1\<Colon>int) mod ((2\<Colon>int) * a) + (2\<Colon>int) * b mod ((2\<Colon>int) * a)) mod ((2\<Colon>int) * a) = (1\<Colon>int) + (2\<Colon>int) * (b mod a)"
  2124     using `0 < a` and A
  2125     by (auto simp add: mod_mult_mult1 mod_pos_pos_trivial ring_distribs intro!: mod_pos_pos_trivial B)
  2126   then show ?thesis by (subst mod_add_eq)
  2127 qed
  2128 
  2129 lemma neg_zmod_mult_2:
  2130   fixes a b :: int
  2131   assumes "a \<le> 0"
  2132   shows "(1 + 2 * b) mod (2 * a) = 2 * ((b + 1) mod a) - 1"
  2133 proof -
  2134   from assms have "0 \<le> - a" by auto
  2135   then have "(1 + 2 * (- b - 1)) mod (2 * (- a)) = 1 + 2 * ((- b - 1) mod (- a))"
  2136     by (rule pos_zmod_mult_2)
  2137   then show ?thesis by (simp add: zmod_zminus2 algebra_simps)
  2138      (simp add: diff_minus add_ac)
  2139 qed
  2140 
  2141 lemma zmod_number_of_Bit0 [simp]:
  2142      "number_of (Int.Bit0 v) mod number_of (Int.Bit0 w) =  
  2143       (2::int) * (number_of v mod number_of w)"
  2144 apply (simp only: number_of_eq numeral_simps) 
  2145 apply (simp add: mod_mult_mult1 pos_zmod_mult_2 
  2146                  neg_zmod_mult_2 add_ac mult_2 [symmetric])
  2147 done
  2148 
  2149 lemma zmod_number_of_Bit1 [simp]:
  2150      "number_of (Int.Bit1 v) mod number_of (Int.Bit0 w) =  
  2151       (if (0::int) \<le> number_of w  
  2152                 then 2 * (number_of v mod number_of w) + 1     
  2153                 else 2 * ((number_of v + (1::int)) mod number_of w) - 1)"
  2154 apply (simp only: number_of_eq numeral_simps) 
  2155 apply (simp add: mod_mult_mult1 pos_zmod_mult_2 
  2156                  neg_zmod_mult_2 add_ac mult_2 [symmetric])
  2157 done
  2158 
  2159 
  2160 lemma zdiv_eq_0_iff:
  2161  "(i::int) div k = 0 \<longleftrightarrow> k=0 \<or> 0\<le>i \<and> i<k \<or> i\<le>0 \<and> k<i" (is "?L = ?R")
  2162 proof
  2163   assume ?L
  2164   have "?L \<longrightarrow> ?R" by (rule split_zdiv[THEN iffD2]) simp
  2165   with `?L` show ?R by blast
  2166 next
  2167   assume ?R thus ?L
  2168     by(auto simp: div_pos_pos_trivial div_neg_neg_trivial)
  2169 qed
  2170 
  2171 
  2172 subsubsection{*Quotients of Signs*}
  2173 
  2174 lemma div_neg_pos_less0: "[| a < (0::int);  0 < b |] ==> a div b < 0"
  2175 apply (subgoal_tac "a div b \<le> -1", force)
  2176 apply (rule order_trans)
  2177 apply (rule_tac a' = "-1" in zdiv_mono1)
  2178 apply (auto simp add: div_eq_minus1)
  2179 done
  2180 
  2181 lemma div_nonneg_neg_le0: "[| (0::int) \<le> a; b < 0 |] ==> a div b \<le> 0"
  2182 by (drule zdiv_mono1_neg, auto)
  2183 
  2184 lemma div_nonpos_pos_le0: "[| (a::int) \<le> 0; b > 0 |] ==> a div b \<le> 0"
  2185 by (drule zdiv_mono1, auto)
  2186 
  2187 text{* Now for some equivalences of the form @{text"a div b >=< 0 \<longleftrightarrow> \<dots>"}
  2188 conditional upon the sign of @{text a} or @{text b}. There are many more.
  2189 They should all be simp rules unless that causes too much search. *}
  2190 
  2191 lemma pos_imp_zdiv_nonneg_iff: "(0::int) < b ==> (0 \<le> a div b) = (0 \<le> a)"
  2192 apply auto
  2193 apply (drule_tac [2] zdiv_mono1)
  2194 apply (auto simp add: linorder_neq_iff)
  2195 apply (simp (no_asm_use) add: linorder_not_less [symmetric])
  2196 apply (blast intro: div_neg_pos_less0)
  2197 done
  2198 
  2199 lemma neg_imp_zdiv_nonneg_iff:
  2200   "b < (0::int) ==> (0 \<le> a div b) = (a \<le> (0::int))"
  2201 apply (subst zdiv_zminus_zminus [symmetric])
  2202 apply (subst pos_imp_zdiv_nonneg_iff, auto)
  2203 done
  2204 
  2205 (*But not (a div b \<le> 0 iff a\<le>0); consider a=1, b=2 when a div b = 0.*)
  2206 lemma pos_imp_zdiv_neg_iff: "(0::int) < b ==> (a div b < 0) = (a < 0)"
  2207 by (simp add: linorder_not_le [symmetric] pos_imp_zdiv_nonneg_iff)
  2208 
  2209 lemma pos_imp_zdiv_pos_iff:
  2210   "0<k \<Longrightarrow> 0 < (i::int) div k \<longleftrightarrow> k \<le> i"
  2211 using pos_imp_zdiv_nonneg_iff[of k i] zdiv_eq_0_iff[of i k]
  2212 by arith
  2213 
  2214 (*Again the law fails for \<le>: consider a = -1, b = -2 when a div b = 0*)
  2215 lemma neg_imp_zdiv_neg_iff: "b < (0::int) ==> (a div b < 0) = (0 < a)"
  2216 by (simp add: linorder_not_le [symmetric] neg_imp_zdiv_nonneg_iff)
  2217 
  2218 lemma nonneg1_imp_zdiv_pos_iff:
  2219   "(0::int) <= a \<Longrightarrow> (a div b > 0) = (a >= b & b>0)"
  2220 apply rule
  2221  apply rule
  2222   using div_pos_pos_trivial[of a b]apply arith
  2223  apply(cases "b=0")apply simp
  2224  using div_nonneg_neg_le0[of a b]apply arith
  2225 using int_one_le_iff_zero_less[of "a div b"] zdiv_mono1[of b a b]apply simp
  2226 done
  2227 
  2228 
  2229 lemma zmod_le_nonneg_dividend: "(m::int) \<ge> 0 ==> m mod k \<le> m"
  2230 apply (rule split_zmod[THEN iffD2])
  2231 apply(fastforce dest: q_pos_lemma intro: split_mult_pos_le)
  2232 done
  2233 
  2234 
  2235 subsubsection {* The Divides Relation *}
  2236 
  2237 lemmas zdvd_iff_zmod_eq_0_number_of [simp] =
  2238   dvd_eq_mod_eq_0 [of "number_of x" "number_of y"] for x y :: int
  2239 
  2240 lemma zdvd_zmod: "f dvd m ==> f dvd (n::int) ==> f dvd m mod n"
  2241   by (rule dvd_mod) (* TODO: remove *)
  2242 
  2243 lemma zdvd_zmod_imp_zdvd: "k dvd m mod n ==> k dvd n ==> k dvd (m::int)"
  2244   by (rule dvd_mod_imp_dvd) (* TODO: remove *)
  2245 
  2246 lemma zmult_div_cancel: "(n::int) * (m div n) = m - (m mod n)"
  2247   using zmod_zdiv_equality[where a="m" and b="n"]
  2248   by (simp add: algebra_simps)
  2249 
  2250 lemma zpower_zmod: "((x::int) mod m)^y mod m = x^y mod m"
  2251 apply (induct "y", auto)
  2252 apply (rule zmod_zmult1_eq [THEN trans])
  2253 apply (simp (no_asm_simp))
  2254 apply (rule mod_mult_eq [symmetric])
  2255 done
  2256 
  2257 lemma zdiv_int: "int (a div b) = (int a) div (int b)"
  2258 apply (subst split_div, auto)
  2259 apply (subst split_zdiv, auto)
  2260 apply (rule_tac a="int (b * i) + int j" and b="int b" and r="int j" and r'=ja in unique_quotient)
  2261 apply (auto simp add: divmod_int_rel_def of_nat_mult)
  2262 done
  2263 
  2264 lemma zmod_int: "int (a mod b) = (int a) mod (int b)"
  2265 apply (subst split_mod, auto)
  2266 apply (subst split_zmod, auto)
  2267 apply (rule_tac a="int (b * i) + int j" and b="int b" and q="int i" and q'=ia 
  2268        in unique_remainder)
  2269 apply (auto simp add: divmod_int_rel_def of_nat_mult)
  2270 done
  2271 
  2272 lemma abs_div: "(y::int) dvd x \<Longrightarrow> abs (x div y) = abs x div abs y"
  2273 by (unfold dvd_def, cases "y=0", auto simp add: abs_mult)
  2274 
  2275 lemma zdvd_mult_div_cancel:"(n::int) dvd m \<Longrightarrow> n * (m div n) = m"
  2276 apply (subgoal_tac "m mod n = 0")
  2277  apply (simp add: zmult_div_cancel)
  2278 apply (simp only: dvd_eq_mod_eq_0)
  2279 done
  2280 
  2281 text{*Suggested by Matthias Daum*}
  2282 lemma int_power_div_base:
  2283      "\<lbrakk>0 < m; 0 < k\<rbrakk> \<Longrightarrow> k ^ m div k = (k::int) ^ (m - Suc 0)"
  2284 apply (subgoal_tac "k ^ m = k ^ ((m - Suc 0) + Suc 0)")
  2285  apply (erule ssubst)
  2286  apply (simp only: power_add)
  2287  apply simp_all
  2288 done
  2289 
  2290 text {* by Brian Huffman *}
  2291 lemma zminus_zmod: "- ((x::int) mod m) mod m = - x mod m"
  2292 by (rule mod_minus_eq [symmetric])
  2293 
  2294 lemma zdiff_zmod_left: "(x mod m - y) mod m = (x - y) mod (m::int)"
  2295 by (rule mod_diff_left_eq [symmetric])
  2296 
  2297 lemma zdiff_zmod_right: "(x - y mod m) mod m = (x - y) mod (m::int)"
  2298 by (rule mod_diff_right_eq [symmetric])
  2299 
  2300 lemmas zmod_simps =
  2301   mod_add_left_eq  [symmetric]
  2302   mod_add_right_eq [symmetric]
  2303   zmod_zmult1_eq   [symmetric]
  2304   mod_mult_left_eq [symmetric]
  2305   zpower_zmod
  2306   zminus_zmod zdiff_zmod_left zdiff_zmod_right
  2307 
  2308 text {* Distributive laws for function @{text nat}. *}
  2309 
  2310 lemma nat_div_distrib: "0 \<le> x \<Longrightarrow> nat (x div y) = nat x div nat y"
  2311 apply (rule linorder_cases [of y 0])
  2312 apply (simp add: div_nonneg_neg_le0)
  2313 apply simp
  2314 apply (simp add: nat_eq_iff pos_imp_zdiv_nonneg_iff zdiv_int)
  2315 done
  2316 
  2317 (*Fails if y<0: the LHS collapses to (nat z) but the RHS doesn't*)
  2318 lemma nat_mod_distrib:
  2319   "\<lbrakk>0 \<le> x; 0 \<le> y\<rbrakk> \<Longrightarrow> nat (x mod y) = nat x mod nat y"
  2320 apply (case_tac "y = 0", simp)
  2321 apply (simp add: nat_eq_iff zmod_int)
  2322 done
  2323 
  2324 text  {* transfer setup *}
  2325 
  2326 lemma transfer_nat_int_functions:
  2327     "(x::int) >= 0 \<Longrightarrow> y >= 0 \<Longrightarrow> (nat x) div (nat y) = nat (x div y)"
  2328     "(x::int) >= 0 \<Longrightarrow> y >= 0 \<Longrightarrow> (nat x) mod (nat y) = nat (x mod y)"
  2329   by (auto simp add: nat_div_distrib nat_mod_distrib)
  2330 
  2331 lemma transfer_nat_int_function_closures:
  2332     "(x::int) >= 0 \<Longrightarrow> y >= 0 \<Longrightarrow> x div y >= 0"
  2333     "(x::int) >= 0 \<Longrightarrow> y >= 0 \<Longrightarrow> x mod y >= 0"
  2334   apply (cases "y = 0")
  2335   apply (auto simp add: pos_imp_zdiv_nonneg_iff)
  2336   apply (cases "y = 0")
  2337   apply auto
  2338 done
  2339 
  2340 declare transfer_morphism_nat_int [transfer add return:
  2341   transfer_nat_int_functions
  2342   transfer_nat_int_function_closures
  2343 ]
  2344 
  2345 lemma transfer_int_nat_functions:
  2346     "(int x) div (int y) = int (x div y)"
  2347     "(int x) mod (int y) = int (x mod y)"
  2348   by (auto simp add: zdiv_int zmod_int)
  2349 
  2350 lemma transfer_int_nat_function_closures:
  2351     "is_nat x \<Longrightarrow> is_nat y \<Longrightarrow> is_nat (x div y)"
  2352     "is_nat x \<Longrightarrow> is_nat y \<Longrightarrow> is_nat (x mod y)"
  2353   by (simp_all only: is_nat_def transfer_nat_int_function_closures)
  2354 
  2355 declare transfer_morphism_int_nat [transfer add return:
  2356   transfer_int_nat_functions
  2357   transfer_int_nat_function_closures
  2358 ]
  2359 
  2360 text{*Suggested by Matthias Daum*}
  2361 lemma int_div_less_self: "\<lbrakk>0 < x; 1 < k\<rbrakk> \<Longrightarrow> x div k < (x::int)"
  2362 apply (subgoal_tac "nat x div nat k < nat x")
  2363  apply (simp add: nat_div_distrib [symmetric])
  2364 apply (rule Divides.div_less_dividend, simp_all)
  2365 done
  2366 
  2367 lemma zmod_eq_dvd_iff: "(x::int) mod n = y mod n \<longleftrightarrow> n dvd x - y"
  2368 proof
  2369   assume H: "x mod n = y mod n"
  2370   hence "x mod n - y mod n = 0" by simp
  2371   hence "(x mod n - y mod n) mod n = 0" by simp 
  2372   hence "(x - y) mod n = 0" by (simp add: mod_diff_eq[symmetric])
  2373   thus "n dvd x - y" by (simp add: dvd_eq_mod_eq_0)
  2374 next
  2375   assume H: "n dvd x - y"
  2376   then obtain k where k: "x-y = n*k" unfolding dvd_def by blast
  2377   hence "x = n*k + y" by simp
  2378   hence "x mod n = (n*k + y) mod n" by simp
  2379   thus "x mod n = y mod n" by (simp add: mod_add_left_eq)
  2380 qed
  2381 
  2382 lemma nat_mod_eq_lemma: assumes xyn: "(x::nat) mod n = y  mod n" and xy:"y \<le> x"
  2383   shows "\<exists>q. x = y + n * q"
  2384 proof-
  2385   from xy have th: "int x - int y = int (x - y)" by simp 
  2386   from xyn have "int x mod int n = int y mod int n" 
  2387     by (simp add: zmod_int[symmetric])
  2388   hence "int n dvd int x - int y" by (simp only: zmod_eq_dvd_iff[symmetric]) 
  2389   hence "n dvd x - y" by (simp add: th zdvd_int)
  2390   then show ?thesis using xy unfolding dvd_def apply clarsimp apply (rule_tac x="k" in exI) by arith
  2391 qed
  2392 
  2393 lemma nat_mod_eq_iff: "(x::nat) mod n = y mod n \<longleftrightarrow> (\<exists>q1 q2. x + n * q1 = y + n * q2)" 
  2394   (is "?lhs = ?rhs")
  2395 proof
  2396   assume H: "x mod n = y mod n"
  2397   {assume xy: "x \<le> y"
  2398     from H have th: "y mod n = x mod n" by simp
  2399     from nat_mod_eq_lemma[OF th xy] have ?rhs 
  2400       apply clarify  apply (rule_tac x="q" in exI) by (rule exI[where x="0"], simp)}
  2401   moreover
  2402   {assume xy: "y \<le> x"
  2403     from nat_mod_eq_lemma[OF H xy] have ?rhs 
  2404       apply clarify  apply (rule_tac x="0" in exI) by (rule_tac x="q" in exI, simp)}
  2405   ultimately  show ?rhs using linear[of x y] by blast  
  2406 next
  2407   assume ?rhs then obtain q1 q2 where q12: "x + n * q1 = y + n * q2" by blast
  2408   hence "(x + n * q1) mod n = (y + n * q2) mod n" by simp
  2409   thus  ?lhs by simp
  2410 qed
  2411 
  2412 lemma div_nat_number_of [simp]:
  2413      "(number_of v :: nat)  div  number_of v' =  
  2414           (if neg (number_of v :: int) then 0  
  2415            else nat (number_of v div number_of v'))"
  2416   unfolding nat_number_of_def number_of_is_id neg_def
  2417   by (simp add: nat_div_distrib)
  2418 
  2419 lemma one_div_nat_number_of [simp]:
  2420      "Suc 0 div number_of v' = nat (1 div number_of v')" 
  2421 by (simp del: nat_numeral_1_eq_1 add: numeral_1_eq_Suc_0 [symmetric]) 
  2422 
  2423 lemma mod_nat_number_of [simp]:
  2424      "(number_of v :: nat)  mod  number_of v' =  
  2425         (if neg (number_of v :: int) then 0  
  2426          else if neg (number_of v' :: int) then number_of v  
  2427          else nat (number_of v mod number_of v'))"
  2428   unfolding nat_number_of_def number_of_is_id neg_def
  2429   by (simp add: nat_mod_distrib)
  2430 
  2431 lemma one_mod_nat_number_of [simp]:
  2432      "Suc 0 mod number_of v' =  
  2433         (if neg (number_of v' :: int) then Suc 0
  2434          else nat (1 mod number_of v'))"
  2435 by (simp del: nat_numeral_1_eq_1 add: numeral_1_eq_Suc_0 [symmetric]) 
  2436 
  2437 lemmas dvd_eq_mod_eq_0_number_of [simp] =
  2438   dvd_eq_mod_eq_0 [of "number_of x" "number_of y"] for x y
  2439 
  2440 
  2441 subsubsection {* Nitpick *}
  2442 
  2443 lemma zmod_zdiv_equality':
  2444 "(m\<Colon>int) mod n = m - (m div n) * n"
  2445 by (rule_tac P="%x. m mod n = x - (m div n) * n"
  2446     in subst [OF mod_div_equality [of _ n]])
  2447    arith
  2448 
  2449 lemmas [nitpick_unfold] = dvd_eq_mod_eq_0 mod_div_equality' zmod_zdiv_equality'
  2450 
  2451 
  2452 subsubsection {* Code generation *}
  2453 
  2454 definition pdivmod :: "int \<Rightarrow> int \<Rightarrow> int \<times> int" where
  2455   "pdivmod k l = (\<bar>k\<bar> div \<bar>l\<bar>, \<bar>k\<bar> mod \<bar>l\<bar>)"
  2456 
  2457 lemma pdivmod_posDivAlg [code]:
  2458   "pdivmod k l = (if l = 0 then (0, \<bar>k\<bar>) else posDivAlg \<bar>k\<bar> \<bar>l\<bar>)"
  2459 by (subst posDivAlg_div_mod) (simp_all add: pdivmod_def)
  2460 
  2461 lemma divmod_int_pdivmod: "divmod_int k l = (if k = 0 then (0, 0) else if l = 0 then (0, k) else
  2462   apsnd ((op *) (sgn l)) (if 0 < l \<and> 0 \<le> k \<or> l < 0 \<and> k < 0
  2463     then pdivmod k l
  2464     else (let (r, s) = pdivmod k l in
  2465       if s = 0 then (- r, 0) else (- r - 1, \<bar>l\<bar> - s))))"
  2466 proof -
  2467   have aux: "\<And>q::int. - k = l * q \<longleftrightarrow> k = l * - q" by auto
  2468   show ?thesis
  2469     by (simp add: divmod_int_mod_div pdivmod_def)
  2470       (auto simp add: aux not_less not_le zdiv_zminus1_eq_if
  2471       zmod_zminus1_eq_if zdiv_zminus2_eq_if zmod_zminus2_eq_if)
  2472 qed
  2473 
  2474 lemma divmod_int_code [code]: "divmod_int k l = (if k = 0 then (0, 0) else if l = 0 then (0, k) else
  2475   apsnd ((op *) (sgn l)) (if sgn k = sgn l
  2476     then pdivmod k l
  2477     else (let (r, s) = pdivmod k l in
  2478       if s = 0 then (- r, 0) else (- r - 1, \<bar>l\<bar> - s))))"
  2479 proof -
  2480   have "k \<noteq> 0 \<Longrightarrow> l \<noteq> 0 \<Longrightarrow> 0 < l \<and> 0 \<le> k \<or> l < 0 \<and> k < 0 \<longleftrightarrow> sgn k = sgn l"
  2481     by (auto simp add: not_less sgn_if)
  2482   then show ?thesis by (simp add: divmod_int_pdivmod)
  2483 qed
  2484 
  2485 context ring_1
  2486 begin
  2487 
  2488 lemma of_int_num [code]:
  2489   "of_int k = (if k = 0 then 0 else if k < 0 then
  2490      - of_int (- k) else let
  2491        (l, m) = divmod_int k 2;
  2492        l' = of_int l
  2493      in if m = 0 then l' + l' else l' + l' + 1)"
  2494 proof -
  2495   have aux1: "k mod (2\<Colon>int) \<noteq> (0\<Colon>int) \<Longrightarrow> 
  2496     of_int k = of_int (k div 2 * 2 + 1)"
  2497   proof -
  2498     have "k mod 2 < 2" by (auto intro: pos_mod_bound)
  2499     moreover have "0 \<le> k mod 2" by (auto intro: pos_mod_sign)
  2500     moreover assume "k mod 2 \<noteq> 0"
  2501     ultimately have "k mod 2 = 1" by arith
  2502     moreover have "of_int k = of_int (k div 2 * 2 + k mod 2)" by simp
  2503     ultimately show ?thesis by auto
  2504   qed
  2505   have aux2: "\<And>x. of_int 2 * x = x + x"
  2506   proof -
  2507     fix x
  2508     have int2: "(2::int) = 1 + 1" by arith
  2509     show "of_int 2 * x = x + x"
  2510     unfolding int2 of_int_add left_distrib by simp
  2511   qed
  2512   have aux3: "\<And>x. x * of_int 2 = x + x"
  2513   proof -
  2514     fix x
  2515     have int2: "(2::int) = 1 + 1" by arith
  2516     show "x * of_int 2 = x + x" 
  2517     unfolding int2 of_int_add right_distrib by simp
  2518   qed
  2519   from aux1 show ?thesis by (auto simp add: divmod_int_mod_div Let_def aux2 aux3)
  2520 qed
  2521 
  2522 end
  2523 
  2524 code_modulename SML
  2525   Divides Arith
  2526 
  2527 code_modulename OCaml
  2528   Divides Arith
  2529 
  2530 code_modulename Haskell
  2531   Divides Arith
  2532 
  2533 end