src/HOL/Divides.thy
author haftmann
Sun Aug 18 15:29:50 2013 +0200 (2013-08-18)
changeset 53066 1f61a923c2d6
parent 52435 6646bb548c6b
child 53067 ee0b7c2315d2
permissions -rw-r--r--
added lemma
     1 (*  Title:      HOL/Divides.thy
     2     Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
     3     Copyright   1999  University of Cambridge
     4 *)
     5 
     6 header {* The division operators div and mod *}
     7 
     8 theory Divides
     9 imports Nat_Transfer
    10 begin
    11 
    12 subsection {* Syntactic division operations *}
    13 
    14 class div = dvd +
    15   fixes div :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "div" 70)
    16     and mod :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "mod" 70)
    17 
    18 
    19 subsection {* Abstract division in commutative semirings. *}
    20 
    21 class semiring_div = comm_semiring_1_cancel + no_zero_divisors + div +
    22   assumes mod_div_equality: "a div b * b + a mod b = a"
    23     and div_by_0 [simp]: "a div 0 = 0"
    24     and div_0 [simp]: "0 div a = 0"
    25     and div_mult_self1 [simp]: "b \<noteq> 0 \<Longrightarrow> (a + c * b) div b = c + a div b"
    26     and div_mult_mult1 [simp]: "c \<noteq> 0 \<Longrightarrow> (c * a) div (c * b) = a div b"
    27 begin
    28 
    29 text {* @{const div} and @{const mod} *}
    30 
    31 lemma mod_div_equality2: "b * (a div b) + a mod b = a"
    32   unfolding mult_commute [of b]
    33   by (rule mod_div_equality)
    34 
    35 lemma mod_div_equality': "a mod b + a div b * b = a"
    36   using mod_div_equality [of a b]
    37   by (simp only: add_ac)
    38 
    39 lemma div_mod_equality: "((a div b) * b + a mod b) + c = a + c"
    40   by (simp add: mod_div_equality)
    41 
    42 lemma div_mod_equality2: "(b * (a div b) + a mod b) + c = a + c"
    43   by (simp add: mod_div_equality2)
    44 
    45 lemma mod_by_0 [simp]: "a mod 0 = a"
    46   using mod_div_equality [of a zero] by simp
    47 
    48 lemma mod_0 [simp]: "0 mod a = 0"
    49   using mod_div_equality [of zero a] div_0 by simp
    50 
    51 lemma div_mult_self2 [simp]:
    52   assumes "b \<noteq> 0"
    53   shows "(a + b * c) div b = c + a div b"
    54   using assms div_mult_self1 [of b a c] by (simp add: mult_commute)
    55 
    56 lemma mod_mult_self1 [simp]: "(a + c * b) mod b = a mod b"
    57 proof (cases "b = 0")
    58   case True then show ?thesis by simp
    59 next
    60   case False
    61   have "a + c * b = (a + c * b) div b * b + (a + c * b) mod b"
    62     by (simp add: mod_div_equality)
    63   also from False div_mult_self1 [of b a c] have
    64     "\<dots> = (c + a div b) * b + (a + c * b) mod b"
    65       by (simp add: algebra_simps)
    66   finally have "a = a div b * b + (a + c * b) mod b"
    67     by (simp add: add_commute [of a] add_assoc distrib_right)
    68   then have "a div b * b + (a + c * b) mod b = a div b * b + a mod b"
    69     by (simp add: mod_div_equality)
    70   then show ?thesis by simp
    71 qed
    72 
    73 lemma mod_mult_self2 [simp]: "(a + b * c) mod b = a mod b"
    74   by (simp add: mult_commute [of b])
    75 
    76 lemma div_mult_self1_is_id [simp]: "b \<noteq> 0 \<Longrightarrow> b * a div b = a"
    77   using div_mult_self2 [of b 0 a] by simp
    78 
    79 lemma div_mult_self2_is_id [simp]: "b \<noteq> 0 \<Longrightarrow> a * b div b = a"
    80   using div_mult_self1 [of b 0 a] by simp
    81 
    82 lemma mod_mult_self1_is_0 [simp]: "b * a mod b = 0"
    83   using mod_mult_self2 [of 0 b a] by simp
    84 
    85 lemma mod_mult_self2_is_0 [simp]: "a * b mod b = 0"
    86   using mod_mult_self1 [of 0 a b] by simp
    87 
    88 lemma div_by_1 [simp]: "a div 1 = a"
    89   using div_mult_self2_is_id [of 1 a] zero_neq_one by simp
    90 
    91 lemma mod_by_1 [simp]: "a mod 1 = 0"
    92 proof -
    93   from mod_div_equality [of a one] div_by_1 have "a + a mod 1 = a" by simp
    94   then have "a + a mod 1 = a + 0" by simp
    95   then show ?thesis by (rule add_left_imp_eq)
    96 qed
    97 
    98 lemma mod_self [simp]: "a mod a = 0"
    99   using mod_mult_self2_is_0 [of 1] by simp
   100 
   101 lemma div_self [simp]: "a \<noteq> 0 \<Longrightarrow> a div a = 1"
   102   using div_mult_self2_is_id [of _ 1] by simp
   103 
   104 lemma div_add_self1 [simp]:
   105   assumes "b \<noteq> 0"
   106   shows "(b + a) div b = a div b + 1"
   107   using assms div_mult_self1 [of b a 1] by (simp add: add_commute)
   108 
   109 lemma div_add_self2 [simp]:
   110   assumes "b \<noteq> 0"
   111   shows "(a + b) div b = a div b + 1"
   112   using assms div_add_self1 [of b a] by (simp add: add_commute)
   113 
   114 lemma mod_add_self1 [simp]:
   115   "(b + a) mod b = a mod b"
   116   using mod_mult_self1 [of a 1 b] by (simp add: add_commute)
   117 
   118 lemma mod_add_self2 [simp]:
   119   "(a + b) mod b = a mod b"
   120   using mod_mult_self1 [of a 1 b] by simp
   121 
   122 lemma mod_div_decomp:
   123   fixes a b
   124   obtains q r where "q = a div b" and "r = a mod b"
   125     and "a = q * b + r"
   126 proof -
   127   from mod_div_equality have "a = a div b * b + a mod b" by simp
   128   moreover have "a div b = a div b" ..
   129   moreover have "a mod b = a mod b" ..
   130   note that ultimately show thesis by blast
   131 qed
   132 
   133 lemma dvd_eq_mod_eq_0 [code]: "a dvd b \<longleftrightarrow> b mod a = 0"
   134 proof
   135   assume "b mod a = 0"
   136   with mod_div_equality [of b a] have "b div a * a = b" by simp
   137   then have "b = a * (b div a)" unfolding mult_commute ..
   138   then have "\<exists>c. b = a * c" ..
   139   then show "a dvd b" unfolding dvd_def .
   140 next
   141   assume "a dvd b"
   142   then have "\<exists>c. b = a * c" unfolding dvd_def .
   143   then obtain c where "b = a * c" ..
   144   then have "b mod a = a * c mod a" by simp
   145   then have "b mod a = c * a mod a" by (simp add: mult_commute)
   146   then show "b mod a = 0" by simp
   147 qed
   148 
   149 lemma mod_div_trivial [simp]: "a mod b div b = 0"
   150 proof (cases "b = 0")
   151   assume "b = 0"
   152   thus ?thesis by simp
   153 next
   154   assume "b \<noteq> 0"
   155   hence "a div b + a mod b div b = (a mod b + a div b * b) div b"
   156     by (rule div_mult_self1 [symmetric])
   157   also have "\<dots> = a div b"
   158     by (simp only: mod_div_equality')
   159   also have "\<dots> = a div b + 0"
   160     by simp
   161   finally show ?thesis
   162     by (rule add_left_imp_eq)
   163 qed
   164 
   165 lemma mod_mod_trivial [simp]: "a mod b mod b = a mod b"
   166 proof -
   167   have "a mod b mod b = (a mod b + a div b * b) mod b"
   168     by (simp only: mod_mult_self1)
   169   also have "\<dots> = a mod b"
   170     by (simp only: mod_div_equality')
   171   finally show ?thesis .
   172 qed
   173 
   174 lemma dvd_imp_mod_0: "a dvd b \<Longrightarrow> b mod a = 0"
   175 by (rule dvd_eq_mod_eq_0[THEN iffD1])
   176 
   177 lemma dvd_div_mult_self: "a dvd b \<Longrightarrow> (b div a) * a = b"
   178 by (subst (2) mod_div_equality [of b a, symmetric]) (simp add:dvd_imp_mod_0)
   179 
   180 lemma dvd_mult_div_cancel: "a dvd b \<Longrightarrow> a * (b div a) = b"
   181 by (drule dvd_div_mult_self) (simp add: mult_commute)
   182 
   183 lemma dvd_div_mult: "a dvd b \<Longrightarrow> (b div a) * c = b * c div a"
   184 apply (cases "a = 0")
   185  apply simp
   186 apply (auto simp: dvd_def mult_assoc)
   187 done
   188 
   189 lemma div_dvd_div[simp]:
   190   "a dvd b \<Longrightarrow> a dvd c \<Longrightarrow> (b div a dvd c div a) = (b dvd c)"
   191 apply (cases "a = 0")
   192  apply simp
   193 apply (unfold dvd_def)
   194 apply auto
   195  apply(blast intro:mult_assoc[symmetric])
   196 apply(fastforce simp add: mult_assoc)
   197 done
   198 
   199 lemma dvd_mod_imp_dvd: "[| k dvd m mod n;  k dvd n |] ==> k dvd m"
   200   apply (subgoal_tac "k dvd (m div n) *n + m mod n")
   201    apply (simp add: mod_div_equality)
   202   apply (simp only: dvd_add dvd_mult)
   203   done
   204 
   205 text {* Addition respects modular equivalence. *}
   206 
   207 lemma mod_add_left_eq: "(a + b) mod c = (a mod c + b) mod c"
   208 proof -
   209   have "(a + b) mod c = (a div c * c + a mod c + b) mod c"
   210     by (simp only: mod_div_equality)
   211   also have "\<dots> = (a mod c + b + a div c * c) mod c"
   212     by (simp only: add_ac)
   213   also have "\<dots> = (a mod c + b) mod c"
   214     by (rule mod_mult_self1)
   215   finally show ?thesis .
   216 qed
   217 
   218 lemma mod_add_right_eq: "(a + b) mod c = (a + b mod c) mod c"
   219 proof -
   220   have "(a + b) mod c = (a + (b div c * c + b mod c)) mod c"
   221     by (simp only: mod_div_equality)
   222   also have "\<dots> = (a + b mod c + b div c * c) mod c"
   223     by (simp only: add_ac)
   224   also have "\<dots> = (a + b mod c) mod c"
   225     by (rule mod_mult_self1)
   226   finally show ?thesis .
   227 qed
   228 
   229 lemma mod_add_eq: "(a + b) mod c = (a mod c + b mod c) mod c"
   230 by (rule trans [OF mod_add_left_eq mod_add_right_eq])
   231 
   232 lemma mod_add_cong:
   233   assumes "a mod c = a' mod c"
   234   assumes "b mod c = b' mod c"
   235   shows "(a + b) mod c = (a' + b') mod c"
   236 proof -
   237   have "(a mod c + b mod c) mod c = (a' mod c + b' mod c) mod c"
   238     unfolding assms ..
   239   thus ?thesis
   240     by (simp only: mod_add_eq [symmetric])
   241 qed
   242 
   243 lemma div_add [simp]: "z dvd x \<Longrightarrow> z dvd y
   244   \<Longrightarrow> (x + y) div z = x div z + y div z"
   245 by (cases "z = 0", simp, unfold dvd_def, auto simp add: algebra_simps)
   246 
   247 text {* Multiplication respects modular equivalence. *}
   248 
   249 lemma mod_mult_left_eq: "(a * b) mod c = ((a mod c) * b) mod c"
   250 proof -
   251   have "(a * b) mod c = ((a div c * c + a mod c) * b) mod c"
   252     by (simp only: mod_div_equality)
   253   also have "\<dots> = (a mod c * b + a div c * b * c) mod c"
   254     by (simp only: algebra_simps)
   255   also have "\<dots> = (a mod c * b) mod c"
   256     by (rule mod_mult_self1)
   257   finally show ?thesis .
   258 qed
   259 
   260 lemma mod_mult_right_eq: "(a * b) mod c = (a * (b mod c)) mod c"
   261 proof -
   262   have "(a * b) mod c = (a * (b div c * c + b mod c)) mod c"
   263     by (simp only: mod_div_equality)
   264   also have "\<dots> = (a * (b mod c) + a * (b div c) * c) mod c"
   265     by (simp only: algebra_simps)
   266   also have "\<dots> = (a * (b mod c)) mod c"
   267     by (rule mod_mult_self1)
   268   finally show ?thesis .
   269 qed
   270 
   271 lemma mod_mult_eq: "(a * b) mod c = ((a mod c) * (b mod c)) mod c"
   272 by (rule trans [OF mod_mult_left_eq mod_mult_right_eq])
   273 
   274 lemma mod_mult_cong:
   275   assumes "a mod c = a' mod c"
   276   assumes "b mod c = b' mod c"
   277   shows "(a * b) mod c = (a' * b') mod c"
   278 proof -
   279   have "(a mod c * (b mod c)) mod c = (a' mod c * (b' mod c)) mod c"
   280     unfolding assms ..
   281   thus ?thesis
   282     by (simp only: mod_mult_eq [symmetric])
   283 qed
   284 
   285 text {* Exponentiation respects modular equivalence. *}
   286 
   287 lemma power_mod: "(a mod b)^n mod b = a^n mod b"
   288 apply (induct n, simp_all)
   289 apply (rule mod_mult_right_eq [THEN trans])
   290 apply (simp (no_asm_simp))
   291 apply (rule mod_mult_eq [symmetric])
   292 done
   293 
   294 lemma mod_mod_cancel:
   295   assumes "c dvd b"
   296   shows "a mod b mod c = a mod c"
   297 proof -
   298   from `c dvd b` obtain k where "b = c * k"
   299     by (rule dvdE)
   300   have "a mod b mod c = a mod (c * k) mod c"
   301     by (simp only: `b = c * k`)
   302   also have "\<dots> = (a mod (c * k) + a div (c * k) * k * c) mod c"
   303     by (simp only: mod_mult_self1)
   304   also have "\<dots> = (a div (c * k) * (c * k) + a mod (c * k)) mod c"
   305     by (simp only: add_ac mult_ac)
   306   also have "\<dots> = a mod c"
   307     by (simp only: mod_div_equality)
   308   finally show ?thesis .
   309 qed
   310 
   311 lemma div_mult_div_if_dvd:
   312   "y dvd x \<Longrightarrow> z dvd w \<Longrightarrow> (x div y) * (w div z) = (x * w) div (y * z)"
   313   apply (cases "y = 0", simp)
   314   apply (cases "z = 0", simp)
   315   apply (auto elim!: dvdE simp add: algebra_simps)
   316   apply (subst mult_assoc [symmetric])
   317   apply (simp add: no_zero_divisors)
   318   done
   319 
   320 lemma div_mult_swap:
   321   assumes "c dvd b"
   322   shows "a * (b div c) = (a * b) div c"
   323 proof -
   324   from assms have "b div c * (a div 1) = b * a div (c * 1)"
   325     by (simp only: div_mult_div_if_dvd one_dvd)
   326   then show ?thesis by (simp add: mult_commute)
   327 qed
   328    
   329 lemma div_mult_mult2 [simp]:
   330   "c \<noteq> 0 \<Longrightarrow> (a * c) div (b * c) = a div b"
   331   by (drule div_mult_mult1) (simp add: mult_commute)
   332 
   333 lemma div_mult_mult1_if [simp]:
   334   "(c * a) div (c * b) = (if c = 0 then 0 else a div b)"
   335   by simp_all
   336 
   337 lemma mod_mult_mult1:
   338   "(c * a) mod (c * b) = c * (a mod b)"
   339 proof (cases "c = 0")
   340   case True then show ?thesis by simp
   341 next
   342   case False
   343   from mod_div_equality
   344   have "((c * a) div (c * b)) * (c * b) + (c * a) mod (c * b) = c * a" .
   345   with False have "c * ((a div b) * b + a mod b) + (c * a) mod (c * b)
   346     = c * a + c * (a mod b)" by (simp add: algebra_simps)
   347   with mod_div_equality show ?thesis by simp 
   348 qed
   349   
   350 lemma mod_mult_mult2:
   351   "(a * c) mod (b * c) = (a mod b) * c"
   352   using mod_mult_mult1 [of c a b] by (simp add: mult_commute)
   353 
   354 lemma mult_mod_left: "(a mod b) * c = (a * c) mod (b * c)"
   355   by (fact mod_mult_mult2 [symmetric])
   356 
   357 lemma mult_mod_right: "c * (a mod b) = (c * a) mod (c * b)"
   358   by (fact mod_mult_mult1 [symmetric])
   359 
   360 lemma dvd_mod: "k dvd m \<Longrightarrow> k dvd n \<Longrightarrow> k dvd (m mod n)"
   361   unfolding dvd_def by (auto simp add: mod_mult_mult1)
   362 
   363 lemma dvd_mod_iff: "k dvd n \<Longrightarrow> k dvd (m mod n) \<longleftrightarrow> k dvd m"
   364 by (blast intro: dvd_mod_imp_dvd dvd_mod)
   365 
   366 lemma div_power:
   367   "y dvd x \<Longrightarrow> (x div y) ^ n = x ^ n div y ^ n"
   368 apply (induct n)
   369  apply simp
   370 apply(simp add: div_mult_div_if_dvd dvd_power_same)
   371 done
   372 
   373 lemma dvd_div_eq_mult:
   374   assumes "a \<noteq> 0" and "a dvd b"  
   375   shows "b div a = c \<longleftrightarrow> b = c * a"
   376 proof
   377   assume "b = c * a"
   378   then show "b div a = c" by (simp add: assms)
   379 next
   380   assume "b div a = c"
   381   then have "b div a * a = c * a" by simp
   382   moreover from `a dvd b` have "b div a * a = b" by (simp add: dvd_div_mult_self)
   383   ultimately show "b = c * a" by simp
   384 qed
   385    
   386 lemma dvd_div_div_eq_mult:
   387   assumes "a \<noteq> 0" "c \<noteq> 0" and "a dvd b" "c dvd d"
   388   shows "b div a = d div c \<longleftrightarrow> b * c = a * d"
   389   using assms by (auto simp add: mult_commute [of _ a] dvd_div_mult_self dvd_div_eq_mult div_mult_swap intro: sym)
   390 
   391 end
   392 
   393 class ring_div = semiring_div + comm_ring_1
   394 begin
   395 
   396 subclass ring_1_no_zero_divisors ..
   397 
   398 text {* Negation respects modular equivalence. *}
   399 
   400 lemma mod_minus_eq: "(- a) mod b = (- (a mod b)) mod b"
   401 proof -
   402   have "(- a) mod b = (- (a div b * b + a mod b)) mod b"
   403     by (simp only: mod_div_equality)
   404   also have "\<dots> = (- (a mod b) + - (a div b) * b) mod b"
   405     by (simp only: minus_add_distrib minus_mult_left add_ac)
   406   also have "\<dots> = (- (a mod b)) mod b"
   407     by (rule mod_mult_self1)
   408   finally show ?thesis .
   409 qed
   410 
   411 lemma mod_minus_cong:
   412   assumes "a mod b = a' mod b"
   413   shows "(- a) mod b = (- a') mod b"
   414 proof -
   415   have "(- (a mod b)) mod b = (- (a' mod b)) mod b"
   416     unfolding assms ..
   417   thus ?thesis
   418     by (simp only: mod_minus_eq [symmetric])
   419 qed
   420 
   421 text {* Subtraction respects modular equivalence. *}
   422 
   423 lemma mod_diff_left_eq: "(a - b) mod c = (a mod c - b) mod c"
   424   unfolding diff_minus
   425   by (intro mod_add_cong mod_minus_cong) simp_all
   426 
   427 lemma mod_diff_right_eq: "(a - b) mod c = (a - b mod c) mod c"
   428   unfolding diff_minus
   429   by (intro mod_add_cong mod_minus_cong) simp_all
   430 
   431 lemma mod_diff_eq: "(a - b) mod c = (a mod c - b mod c) mod c"
   432   unfolding diff_minus
   433   by (intro mod_add_cong mod_minus_cong) simp_all
   434 
   435 lemma mod_diff_cong:
   436   assumes "a mod c = a' mod c"
   437   assumes "b mod c = b' mod c"
   438   shows "(a - b) mod c = (a' - b') mod c"
   439   unfolding diff_minus using assms
   440   by (intro mod_add_cong mod_minus_cong)
   441 
   442 lemma dvd_neg_div: "y dvd x \<Longrightarrow> -x div y = - (x div y)"
   443 apply (case_tac "y = 0") apply simp
   444 apply (auto simp add: dvd_def)
   445 apply (subgoal_tac "-(y * k) = y * - k")
   446  apply (erule ssubst)
   447  apply (erule div_mult_self1_is_id)
   448 apply simp
   449 done
   450 
   451 lemma dvd_div_neg: "y dvd x \<Longrightarrow> x div -y = - (x div y)"
   452 apply (case_tac "y = 0") apply simp
   453 apply (auto simp add: dvd_def)
   454 apply (subgoal_tac "y * k = -y * -k")
   455  apply (erule ssubst)
   456  apply (rule div_mult_self1_is_id)
   457  apply simp
   458 apply simp
   459 done
   460 
   461 lemma div_minus_minus [simp]: "(-a) div (-b) = a div b"
   462   using div_mult_mult1 [of "- 1" a b]
   463   unfolding neg_equal_0_iff_equal by simp
   464 
   465 lemma mod_minus_minus [simp]: "(-a) mod (-b) = - (a mod b)"
   466   using mod_mult_mult1 [of "- 1" a b] by simp
   467 
   468 lemma div_minus_right: "a div (-b) = (-a) div b"
   469   using div_minus_minus [of "-a" b] by simp
   470 
   471 lemma mod_minus_right: "a mod (-b) = - ((-a) mod b)"
   472   using mod_minus_minus [of "-a" b] by simp
   473 
   474 lemma div_minus1_right [simp]: "a div (-1) = -a"
   475   using div_minus_right [of a 1] by simp
   476 
   477 lemma mod_minus1_right [simp]: "a mod (-1) = 0"
   478   using mod_minus_right [of a 1] by simp
   479 
   480 end
   481 
   482 
   483 subsection {* Division on @{typ nat} *}
   484 
   485 text {*
   486   We define @{const div} and @{const mod} on @{typ nat} by means
   487   of a characteristic relation with two input arguments
   488   @{term "m\<Colon>nat"}, @{term "n\<Colon>nat"} and two output arguments
   489   @{term "q\<Colon>nat"}(uotient) and @{term "r\<Colon>nat"}(emainder).
   490 *}
   491 
   492 definition divmod_nat_rel :: "nat \<Rightarrow> nat \<Rightarrow> nat \<times> nat \<Rightarrow> bool" where
   493   "divmod_nat_rel m n qr \<longleftrightarrow>
   494     m = fst qr * n + snd qr \<and>
   495       (if n = 0 then fst qr = 0 else if n > 0 then 0 \<le> snd qr \<and> snd qr < n else n < snd qr \<and> snd qr \<le> 0)"
   496 
   497 text {* @{const divmod_nat_rel} is total: *}
   498 
   499 lemma divmod_nat_rel_ex:
   500   obtains q r where "divmod_nat_rel m n (q, r)"
   501 proof (cases "n = 0")
   502   case True  with that show thesis
   503     by (auto simp add: divmod_nat_rel_def)
   504 next
   505   case False
   506   have "\<exists>q r. m = q * n + r \<and> r < n"
   507   proof (induct m)
   508     case 0 with `n \<noteq> 0`
   509     have "(0\<Colon>nat) = 0 * n + 0 \<and> 0 < n" by simp
   510     then show ?case by blast
   511   next
   512     case (Suc m) then obtain q' r'
   513       where m: "m = q' * n + r'" and n: "r' < n" by auto
   514     then show ?case proof (cases "Suc r' < n")
   515       case True
   516       from m n have "Suc m = q' * n + Suc r'" by simp
   517       with True show ?thesis by blast
   518     next
   519       case False then have "n \<le> Suc r'" by auto
   520       moreover from n have "Suc r' \<le> n" by auto
   521       ultimately have "n = Suc r'" by auto
   522       with m have "Suc m = Suc q' * n + 0" by simp
   523       with `n \<noteq> 0` show ?thesis by blast
   524     qed
   525   qed
   526   with that show thesis
   527     using `n \<noteq> 0` by (auto simp add: divmod_nat_rel_def)
   528 qed
   529 
   530 text {* @{const divmod_nat_rel} is injective: *}
   531 
   532 lemma divmod_nat_rel_unique:
   533   assumes "divmod_nat_rel m n qr"
   534     and "divmod_nat_rel m n qr'"
   535   shows "qr = qr'"
   536 proof (cases "n = 0")
   537   case True with assms show ?thesis
   538     by (cases qr, cases qr')
   539       (simp add: divmod_nat_rel_def)
   540 next
   541   case False
   542   have aux: "\<And>q r q' r'. q' * n + r' = q * n + r \<Longrightarrow> r < n \<Longrightarrow> q' \<le> (q\<Colon>nat)"
   543   apply (rule leI)
   544   apply (subst less_iff_Suc_add)
   545   apply (auto simp add: add_mult_distrib)
   546   done
   547   from `n \<noteq> 0` assms have "fst qr = fst qr'"
   548     by (auto simp add: divmod_nat_rel_def intro: order_antisym dest: aux sym)
   549   moreover from this assms have "snd qr = snd qr'"
   550     by (simp add: divmod_nat_rel_def)
   551   ultimately show ?thesis by (cases qr, cases qr') simp
   552 qed
   553 
   554 text {*
   555   We instantiate divisibility on the natural numbers by
   556   means of @{const divmod_nat_rel}:
   557 *}
   558 
   559 definition divmod_nat :: "nat \<Rightarrow> nat \<Rightarrow> nat \<times> nat" where
   560   "divmod_nat m n = (THE qr. divmod_nat_rel m n qr)"
   561 
   562 lemma divmod_nat_rel_divmod_nat:
   563   "divmod_nat_rel m n (divmod_nat m n)"
   564 proof -
   565   from divmod_nat_rel_ex
   566     obtain qr where rel: "divmod_nat_rel m n qr" .
   567   then show ?thesis
   568   by (auto simp add: divmod_nat_def intro: theI elim: divmod_nat_rel_unique)
   569 qed
   570 
   571 lemma divmod_nat_unique:
   572   assumes "divmod_nat_rel m n qr" 
   573   shows "divmod_nat m n = qr"
   574   using assms by (auto intro: divmod_nat_rel_unique divmod_nat_rel_divmod_nat)
   575 
   576 instantiation nat :: semiring_div
   577 begin
   578 
   579 definition div_nat where
   580   "m div n = fst (divmod_nat m n)"
   581 
   582 lemma fst_divmod_nat [simp]:
   583   "fst (divmod_nat m n) = m div n"
   584   by (simp add: div_nat_def)
   585 
   586 definition mod_nat where
   587   "m mod n = snd (divmod_nat m n)"
   588 
   589 lemma snd_divmod_nat [simp]:
   590   "snd (divmod_nat m n) = m mod n"
   591   by (simp add: mod_nat_def)
   592 
   593 lemma divmod_nat_div_mod:
   594   "divmod_nat m n = (m div n, m mod n)"
   595   by (simp add: prod_eq_iff)
   596 
   597 lemma div_nat_unique:
   598   assumes "divmod_nat_rel m n (q, r)" 
   599   shows "m div n = q"
   600   using assms by (auto dest!: divmod_nat_unique simp add: prod_eq_iff)
   601 
   602 lemma mod_nat_unique:
   603   assumes "divmod_nat_rel m n (q, r)" 
   604   shows "m mod n = r"
   605   using assms by (auto dest!: divmod_nat_unique simp add: prod_eq_iff)
   606 
   607 lemma divmod_nat_rel: "divmod_nat_rel m n (m div n, m mod n)"
   608   using divmod_nat_rel_divmod_nat by (simp add: divmod_nat_div_mod)
   609 
   610 lemma divmod_nat_zero: "divmod_nat m 0 = (0, m)"
   611   by (simp add: divmod_nat_unique divmod_nat_rel_def)
   612 
   613 lemma divmod_nat_zero_left: "divmod_nat 0 n = (0, 0)"
   614   by (simp add: divmod_nat_unique divmod_nat_rel_def)
   615 
   616 lemma divmod_nat_base: "m < n \<Longrightarrow> divmod_nat m n = (0, m)"
   617   by (simp add: divmod_nat_unique divmod_nat_rel_def)
   618 
   619 lemma divmod_nat_step:
   620   assumes "0 < n" and "n \<le> m"
   621   shows "divmod_nat m n = (Suc ((m - n) div n), (m - n) mod n)"
   622 proof (rule divmod_nat_unique)
   623   have "divmod_nat_rel (m - n) n ((m - n) div n, (m - n) mod n)"
   624     by (rule divmod_nat_rel)
   625   thus "divmod_nat_rel m n (Suc ((m - n) div n), (m - n) mod n)"
   626     unfolding divmod_nat_rel_def using assms by auto
   627 qed
   628 
   629 text {* The ''recursion'' equations for @{const div} and @{const mod} *}
   630 
   631 lemma div_less [simp]:
   632   fixes m n :: nat
   633   assumes "m < n"
   634   shows "m div n = 0"
   635   using assms divmod_nat_base by (simp add: prod_eq_iff)
   636 
   637 lemma le_div_geq:
   638   fixes m n :: nat
   639   assumes "0 < n" and "n \<le> m"
   640   shows "m div n = Suc ((m - n) div n)"
   641   using assms divmod_nat_step by (simp add: prod_eq_iff)
   642 
   643 lemma mod_less [simp]:
   644   fixes m n :: nat
   645   assumes "m < n"
   646   shows "m mod n = m"
   647   using assms divmod_nat_base by (simp add: prod_eq_iff)
   648 
   649 lemma le_mod_geq:
   650   fixes m n :: nat
   651   assumes "n \<le> m"
   652   shows "m mod n = (m - n) mod n"
   653   using assms divmod_nat_step by (cases "n = 0") (simp_all add: prod_eq_iff)
   654 
   655 instance proof
   656   fix m n :: nat
   657   show "m div n * n + m mod n = m"
   658     using divmod_nat_rel [of m n] by (simp add: divmod_nat_rel_def)
   659 next
   660   fix m n q :: nat
   661   assume "n \<noteq> 0"
   662   then show "(q + m * n) div n = m + q div n"
   663     by (induct m) (simp_all add: le_div_geq)
   664 next
   665   fix m n q :: nat
   666   assume "m \<noteq> 0"
   667   hence "\<And>a b. divmod_nat_rel n q (a, b) \<Longrightarrow> divmod_nat_rel (m * n) (m * q) (a, m * b)"
   668     unfolding divmod_nat_rel_def
   669     by (auto split: split_if_asm, simp_all add: algebra_simps)
   670   moreover from divmod_nat_rel have "divmod_nat_rel n q (n div q, n mod q)" .
   671   ultimately have "divmod_nat_rel (m * n) (m * q) (n div q, m * (n mod q))" .
   672   thus "(m * n) div (m * q) = n div q" by (rule div_nat_unique)
   673 next
   674   fix n :: nat show "n div 0 = 0"
   675     by (simp add: div_nat_def divmod_nat_zero)
   676 next
   677   fix n :: nat show "0 div n = 0"
   678     by (simp add: div_nat_def divmod_nat_zero_left)
   679 qed
   680 
   681 end
   682 
   683 lemma divmod_nat_if [code]: "divmod_nat m n = (if n = 0 \<or> m < n then (0, m) else
   684   let (q, r) = divmod_nat (m - n) n in (Suc q, r))"
   685   by (simp add: prod_eq_iff prod_case_beta not_less le_div_geq le_mod_geq)
   686 
   687 text {* Simproc for cancelling @{const div} and @{const mod} *}
   688 
   689 ML_file "~~/src/Provers/Arith/cancel_div_mod.ML"
   690 
   691 ML {*
   692 structure Cancel_Div_Mod_Nat = Cancel_Div_Mod
   693 (
   694   val div_name = @{const_name div};
   695   val mod_name = @{const_name mod};
   696   val mk_binop = HOLogic.mk_binop;
   697   val mk_plus = HOLogic.mk_binop @{const_name Groups.plus};
   698   val dest_plus = HOLogic.dest_bin @{const_name Groups.plus} HOLogic.natT;
   699   fun mk_sum [] = HOLogic.zero
   700     | mk_sum [t] = t
   701     | mk_sum (t :: ts) = mk_plus (t, mk_sum ts);
   702   fun dest_sum tm =
   703     if HOLogic.is_zero tm then []
   704     else
   705       (case try HOLogic.dest_Suc tm of
   706         SOME t => HOLogic.Suc_zero :: dest_sum t
   707       | NONE =>
   708           (case try dest_plus tm of
   709             SOME (t, u) => dest_sum t @ dest_sum u
   710           | NONE => [tm]));
   711 
   712   val div_mod_eqs = map mk_meta_eq [@{thm div_mod_equality}, @{thm div_mod_equality2}];
   713 
   714   val prove_eq_sums = Arith_Data.prove_conv2 all_tac (Arith_Data.simp_all_tac
   715     (@{thm add_0_left} :: @{thm add_0_right} :: @{thms add_ac}))
   716 )
   717 *}
   718 
   719 simproc_setup cancel_div_mod_nat ("(m::nat) + n") = {* K Cancel_Div_Mod_Nat.proc *}
   720 
   721 
   722 subsubsection {* Quotient *}
   723 
   724 lemma div_geq: "0 < n \<Longrightarrow>  \<not> m < n \<Longrightarrow> m div n = Suc ((m - n) div n)"
   725 by (simp add: le_div_geq linorder_not_less)
   726 
   727 lemma div_if: "0 < n \<Longrightarrow> m div n = (if m < n then 0 else Suc ((m - n) div n))"
   728 by (simp add: div_geq)
   729 
   730 lemma div_mult_self_is_m [simp]: "0<n ==> (m*n) div n = (m::nat)"
   731 by simp
   732 
   733 lemma div_mult_self1_is_m [simp]: "0<n ==> (n*m) div n = (m::nat)"
   734 by simp
   735 
   736 lemma div_positive:
   737   fixes m n :: nat
   738   assumes "n > 0"
   739   assumes "m \<ge> n"
   740   shows "m div n > 0"
   741 proof -
   742   from `m \<ge> n` obtain q where "m = n + q"
   743     by (auto simp add: le_iff_add)
   744   with `n > 0` show ?thesis by simp
   745 qed
   746 
   747 
   748 subsubsection {* Remainder *}
   749 
   750 lemma mod_less_divisor [simp]:
   751   fixes m n :: nat
   752   assumes "n > 0"
   753   shows "m mod n < (n::nat)"
   754   using assms divmod_nat_rel [of m n] unfolding divmod_nat_rel_def by auto
   755 
   756 lemma mod_Suc_le_divisor [simp]:
   757   "m mod Suc n \<le> n"
   758   using mod_less_divisor [of "Suc n" m] by arith
   759 
   760 lemma mod_less_eq_dividend [simp]:
   761   fixes m n :: nat
   762   shows "m mod n \<le> m"
   763 proof (rule add_leD2)
   764   from mod_div_equality have "m div n * n + m mod n = m" .
   765   then show "m div n * n + m mod n \<le> m" by auto
   766 qed
   767 
   768 lemma mod_geq: "\<not> m < (n\<Colon>nat) \<Longrightarrow> m mod n = (m - n) mod n"
   769 by (simp add: le_mod_geq linorder_not_less)
   770 
   771 lemma mod_if: "m mod (n\<Colon>nat) = (if m < n then m else (m - n) mod n)"
   772 by (simp add: le_mod_geq)
   773 
   774 lemma mod_1 [simp]: "m mod Suc 0 = 0"
   775 by (induct m) (simp_all add: mod_geq)
   776 
   777 (* a simple rearrangement of mod_div_equality: *)
   778 lemma mult_div_cancel: "(n::nat) * (m div n) = m - (m mod n)"
   779   using mod_div_equality2 [of n m] by arith
   780 
   781 lemma mod_le_divisor[simp]: "0 < n \<Longrightarrow> m mod n \<le> (n::nat)"
   782   apply (drule mod_less_divisor [where m = m])
   783   apply simp
   784   done
   785 
   786 subsubsection {* Quotient and Remainder *}
   787 
   788 lemma divmod_nat_rel_mult1_eq:
   789   "divmod_nat_rel b c (q, r)
   790    \<Longrightarrow> divmod_nat_rel (a * b) c (a * q + a * r div c, a * r mod c)"
   791 by (auto simp add: split_ifs divmod_nat_rel_def algebra_simps)
   792 
   793 lemma div_mult1_eq:
   794   "(a * b) div c = a * (b div c) + a * (b mod c) div (c::nat)"
   795 by (blast intro: divmod_nat_rel_mult1_eq [THEN div_nat_unique] divmod_nat_rel)
   796 
   797 lemma divmod_nat_rel_add1_eq:
   798   "divmod_nat_rel a c (aq, ar) \<Longrightarrow> divmod_nat_rel b c (bq, br)
   799    \<Longrightarrow> divmod_nat_rel (a + b) c (aq + bq + (ar + br) div c, (ar + br) mod c)"
   800 by (auto simp add: split_ifs divmod_nat_rel_def algebra_simps)
   801 
   802 (*NOT suitable for rewriting: the RHS has an instance of the LHS*)
   803 lemma div_add1_eq:
   804   "(a+b) div (c::nat) = a div c + b div c + ((a mod c + b mod c) div c)"
   805 by (blast intro: divmod_nat_rel_add1_eq [THEN div_nat_unique] divmod_nat_rel)
   806 
   807 lemma mod_lemma: "[| (0::nat) < c; r < b |] ==> b * (q mod c) + r < b * c"
   808   apply (cut_tac m = q and n = c in mod_less_divisor)
   809   apply (drule_tac [2] m = "q mod c" in less_imp_Suc_add, auto)
   810   apply (erule_tac P = "%x. ?lhs < ?rhs x" in ssubst)
   811   apply (simp add: add_mult_distrib2)
   812   done
   813 
   814 lemma divmod_nat_rel_mult2_eq:
   815   "divmod_nat_rel a b (q, r)
   816    \<Longrightarrow> divmod_nat_rel a (b * c) (q div c, b *(q mod c) + r)"
   817 by (auto simp add: mult_ac divmod_nat_rel_def add_mult_distrib2 [symmetric] mod_lemma)
   818 
   819 lemma div_mult2_eq: "a div (b*c) = (a div b) div (c::nat)"
   820 by (force simp add: divmod_nat_rel [THEN divmod_nat_rel_mult2_eq, THEN div_nat_unique])
   821 
   822 lemma mod_mult2_eq: "a mod (b*c) = b*(a div b mod c) + a mod (b::nat)"
   823 by (auto simp add: mult_commute divmod_nat_rel [THEN divmod_nat_rel_mult2_eq, THEN mod_nat_unique])
   824 
   825 
   826 subsubsection {* Further Facts about Quotient and Remainder *}
   827 
   828 lemma div_1 [simp]: "m div Suc 0 = m"
   829 by (induct m) (simp_all add: div_geq)
   830 
   831 (* Monotonicity of div in first argument *)
   832 lemma div_le_mono [rule_format (no_asm)]:
   833     "\<forall>m::nat. m \<le> n --> (m div k) \<le> (n div k)"
   834 apply (case_tac "k=0", simp)
   835 apply (induct "n" rule: nat_less_induct, clarify)
   836 apply (case_tac "n<k")
   837 (* 1  case n<k *)
   838 apply simp
   839 (* 2  case n >= k *)
   840 apply (case_tac "m<k")
   841 (* 2.1  case m<k *)
   842 apply simp
   843 (* 2.2  case m>=k *)
   844 apply (simp add: div_geq diff_le_mono)
   845 done
   846 
   847 (* Antimonotonicity of div in second argument *)
   848 lemma div_le_mono2: "!!m::nat. [| 0<m; m\<le>n |] ==> (k div n) \<le> (k div m)"
   849 apply (subgoal_tac "0<n")
   850  prefer 2 apply simp
   851 apply (induct_tac k rule: nat_less_induct)
   852 apply (rename_tac "k")
   853 apply (case_tac "k<n", simp)
   854 apply (subgoal_tac "~ (k<m) ")
   855  prefer 2 apply simp
   856 apply (simp add: div_geq)
   857 apply (subgoal_tac "(k-n) div n \<le> (k-m) div n")
   858  prefer 2
   859  apply (blast intro: div_le_mono diff_le_mono2)
   860 apply (rule le_trans, simp)
   861 apply (simp)
   862 done
   863 
   864 lemma div_le_dividend [simp]: "m div n \<le> (m::nat)"
   865 apply (case_tac "n=0", simp)
   866 apply (subgoal_tac "m div n \<le> m div 1", simp)
   867 apply (rule div_le_mono2)
   868 apply (simp_all (no_asm_simp))
   869 done
   870 
   871 (* Similar for "less than" *)
   872 lemma div_less_dividend [simp]:
   873   "\<lbrakk>(1::nat) < n; 0 < m\<rbrakk> \<Longrightarrow> m div n < m"
   874 apply (induct m rule: nat_less_induct)
   875 apply (rename_tac "m")
   876 apply (case_tac "m<n", simp)
   877 apply (subgoal_tac "0<n")
   878  prefer 2 apply simp
   879 apply (simp add: div_geq)
   880 apply (case_tac "n<m")
   881  apply (subgoal_tac "(m-n) div n < (m-n) ")
   882   apply (rule impI less_trans_Suc)+
   883 apply assumption
   884   apply (simp_all)
   885 done
   886 
   887 text{*A fact for the mutilated chess board*}
   888 lemma mod_Suc: "Suc(m) mod n = (if Suc(m mod n) = n then 0 else Suc(m mod n))"
   889 apply (case_tac "n=0", simp)
   890 apply (induct "m" rule: nat_less_induct)
   891 apply (case_tac "Suc (na) <n")
   892 (* case Suc(na) < n *)
   893 apply (frule lessI [THEN less_trans], simp add: less_not_refl3)
   894 (* case n \<le> Suc(na) *)
   895 apply (simp add: linorder_not_less le_Suc_eq mod_geq)
   896 apply (auto simp add: Suc_diff_le le_mod_geq)
   897 done
   898 
   899 lemma mod_eq_0_iff: "(m mod d = 0) = (\<exists>q::nat. m = d*q)"
   900 by (auto simp add: dvd_eq_mod_eq_0 [symmetric] dvd_def)
   901 
   902 lemmas mod_eq_0D [dest!] = mod_eq_0_iff [THEN iffD1]
   903 
   904 (*Loses information, namely we also have r<d provided d is nonzero*)
   905 lemma mod_eqD: "(m mod d = r) ==> \<exists>q::nat. m = r + q*d"
   906   apply (cut_tac a = m in mod_div_equality)
   907   apply (simp only: add_ac)
   908   apply (blast intro: sym)
   909   done
   910 
   911 lemma split_div:
   912  "P(n div k :: nat) =
   913  ((k = 0 \<longrightarrow> P 0) \<and> (k \<noteq> 0 \<longrightarrow> (!i. !j<k. n = k*i + j \<longrightarrow> P i)))"
   914  (is "?P = ?Q" is "_ = (_ \<and> (_ \<longrightarrow> ?R))")
   915 proof
   916   assume P: ?P
   917   show ?Q
   918   proof (cases)
   919     assume "k = 0"
   920     with P show ?Q by simp
   921   next
   922     assume not0: "k \<noteq> 0"
   923     thus ?Q
   924     proof (simp, intro allI impI)
   925       fix i j
   926       assume n: "n = k*i + j" and j: "j < k"
   927       show "P i"
   928       proof (cases)
   929         assume "i = 0"
   930         with n j P show "P i" by simp
   931       next
   932         assume "i \<noteq> 0"
   933         with not0 n j P show "P i" by(simp add:add_ac)
   934       qed
   935     qed
   936   qed
   937 next
   938   assume Q: ?Q
   939   show ?P
   940   proof (cases)
   941     assume "k = 0"
   942     with Q show ?P by simp
   943   next
   944     assume not0: "k \<noteq> 0"
   945     with Q have R: ?R by simp
   946     from not0 R[THEN spec,of "n div k",THEN spec, of "n mod k"]
   947     show ?P by simp
   948   qed
   949 qed
   950 
   951 lemma split_div_lemma:
   952   assumes "0 < n"
   953   shows "n * q \<le> m \<and> m < n * Suc q \<longleftrightarrow> q = ((m\<Colon>nat) div n)" (is "?lhs \<longleftrightarrow> ?rhs")
   954 proof
   955   assume ?rhs
   956   with mult_div_cancel have nq: "n * q = m - (m mod n)" by simp
   957   then have A: "n * q \<le> m" by simp
   958   have "n - (m mod n) > 0" using mod_less_divisor assms by auto
   959   then have "m < m + (n - (m mod n))" by simp
   960   then have "m < n + (m - (m mod n))" by simp
   961   with nq have "m < n + n * q" by simp
   962   then have B: "m < n * Suc q" by simp
   963   from A B show ?lhs ..
   964 next
   965   assume P: ?lhs
   966   then have "divmod_nat_rel m n (q, m - n * q)"
   967     unfolding divmod_nat_rel_def by (auto simp add: mult_ac)
   968   with divmod_nat_rel_unique divmod_nat_rel [of m n]
   969   have "(q, m - n * q) = (m div n, m mod n)" by auto
   970   then show ?rhs by simp
   971 qed
   972 
   973 theorem split_div':
   974   "P ((m::nat) div n) = ((n = 0 \<and> P 0) \<or>
   975    (\<exists>q. (n * q \<le> m \<and> m < n * (Suc q)) \<and> P q))"
   976   apply (case_tac "0 < n")
   977   apply (simp only: add: split_div_lemma)
   978   apply simp_all
   979   done
   980 
   981 lemma split_mod:
   982  "P(n mod k :: nat) =
   983  ((k = 0 \<longrightarrow> P n) \<and> (k \<noteq> 0 \<longrightarrow> (!i. !j<k. n = k*i + j \<longrightarrow> P j)))"
   984  (is "?P = ?Q" is "_ = (_ \<and> (_ \<longrightarrow> ?R))")
   985 proof
   986   assume P: ?P
   987   show ?Q
   988   proof (cases)
   989     assume "k = 0"
   990     with P show ?Q by simp
   991   next
   992     assume not0: "k \<noteq> 0"
   993     thus ?Q
   994     proof (simp, intro allI impI)
   995       fix i j
   996       assume "n = k*i + j" "j < k"
   997       thus "P j" using not0 P by(simp add:add_ac mult_ac)
   998     qed
   999   qed
  1000 next
  1001   assume Q: ?Q
  1002   show ?P
  1003   proof (cases)
  1004     assume "k = 0"
  1005     with Q show ?P by simp
  1006   next
  1007     assume not0: "k \<noteq> 0"
  1008     with Q have R: ?R by simp
  1009     from not0 R[THEN spec,of "n div k",THEN spec, of "n mod k"]
  1010     show ?P by simp
  1011   qed
  1012 qed
  1013 
  1014 theorem mod_div_equality': "(m::nat) mod n = m - (m div n) * n"
  1015   using mod_div_equality [of m n] by arith
  1016 
  1017 lemma div_mod_equality': "(m::nat) div n * n = m - m mod n"
  1018   using mod_div_equality [of m n] by arith
  1019 (* FIXME: very similar to mult_div_cancel *)
  1020 
  1021 lemma div_eq_dividend_iff: "a \<noteq> 0 \<Longrightarrow> (a :: nat) div b = a \<longleftrightarrow> b = 1"
  1022   apply rule
  1023   apply (cases "b = 0")
  1024   apply simp_all
  1025   apply (metis (full_types) One_nat_def Suc_lessI div_less_dividend less_not_refl3)
  1026   done
  1027 
  1028 
  1029 subsubsection {* An ``induction'' law for modulus arithmetic. *}
  1030 
  1031 lemma mod_induct_0:
  1032   assumes step: "\<forall>i<p. P i \<longrightarrow> P ((Suc i) mod p)"
  1033   and base: "P i" and i: "i<p"
  1034   shows "P 0"
  1035 proof (rule ccontr)
  1036   assume contra: "\<not>(P 0)"
  1037   from i have p: "0<p" by simp
  1038   have "\<forall>k. 0<k \<longrightarrow> \<not> P (p-k)" (is "\<forall>k. ?A k")
  1039   proof
  1040     fix k
  1041     show "?A k"
  1042     proof (induct k)
  1043       show "?A 0" by simp  -- "by contradiction"
  1044     next
  1045       fix n
  1046       assume ih: "?A n"
  1047       show "?A (Suc n)"
  1048       proof (clarsimp)
  1049         assume y: "P (p - Suc n)"
  1050         have n: "Suc n < p"
  1051         proof (rule ccontr)
  1052           assume "\<not>(Suc n < p)"
  1053           hence "p - Suc n = 0"
  1054             by simp
  1055           with y contra show "False"
  1056             by simp
  1057         qed
  1058         hence n2: "Suc (p - Suc n) = p-n" by arith
  1059         from p have "p - Suc n < p" by arith
  1060         with y step have z: "P ((Suc (p - Suc n)) mod p)"
  1061           by blast
  1062         show "False"
  1063         proof (cases "n=0")
  1064           case True
  1065           with z n2 contra show ?thesis by simp
  1066         next
  1067           case False
  1068           with p have "p-n < p" by arith
  1069           with z n2 False ih show ?thesis by simp
  1070         qed
  1071       qed
  1072     qed
  1073   qed
  1074   moreover
  1075   from i obtain k where "0<k \<and> i+k=p"
  1076     by (blast dest: less_imp_add_positive)
  1077   hence "0<k \<and> i=p-k" by auto
  1078   moreover
  1079   note base
  1080   ultimately
  1081   show "False" by blast
  1082 qed
  1083 
  1084 lemma mod_induct:
  1085   assumes step: "\<forall>i<p. P i \<longrightarrow> P ((Suc i) mod p)"
  1086   and base: "P i" and i: "i<p" and j: "j<p"
  1087   shows "P j"
  1088 proof -
  1089   have "\<forall>j<p. P j"
  1090   proof
  1091     fix j
  1092     show "j<p \<longrightarrow> P j" (is "?A j")
  1093     proof (induct j)
  1094       from step base i show "?A 0"
  1095         by (auto elim: mod_induct_0)
  1096     next
  1097       fix k
  1098       assume ih: "?A k"
  1099       show "?A (Suc k)"
  1100       proof
  1101         assume suc: "Suc k < p"
  1102         hence k: "k<p" by simp
  1103         with ih have "P k" ..
  1104         with step k have "P (Suc k mod p)"
  1105           by blast
  1106         moreover
  1107         from suc have "Suc k mod p = Suc k"
  1108           by simp
  1109         ultimately
  1110         show "P (Suc k)" by simp
  1111       qed
  1112     qed
  1113   qed
  1114   with j show ?thesis by blast
  1115 qed
  1116 
  1117 lemma div2_Suc_Suc [simp]: "Suc (Suc m) div 2 = Suc (m div 2)"
  1118   by (simp add: numeral_2_eq_2 le_div_geq)
  1119 
  1120 lemma mod2_Suc_Suc [simp]: "Suc (Suc m) mod 2 = m mod 2"
  1121   by (simp add: numeral_2_eq_2 le_mod_geq)
  1122 
  1123 lemma add_self_div_2 [simp]: "(m + m) div 2 = (m::nat)"
  1124 by (simp add: mult_2 [symmetric])
  1125 
  1126 lemma mod2_gr_0 [simp]: "0 < (m\<Colon>nat) mod 2 \<longleftrightarrow> m mod 2 = 1"
  1127 proof -
  1128   { fix n :: nat have  "(n::nat) < 2 \<Longrightarrow> n = 0 \<or> n = 1" by (cases n) simp_all }
  1129   moreover have "m mod 2 < 2" by simp
  1130   ultimately have "m mod 2 = 0 \<or> m mod 2 = 1" .
  1131   then show ?thesis by auto
  1132 qed
  1133 
  1134 text{*These lemmas collapse some needless occurrences of Suc:
  1135     at least three Sucs, since two and fewer are rewritten back to Suc again!
  1136     We already have some rules to simplify operands smaller than 3.*}
  1137 
  1138 lemma div_Suc_eq_div_add3 [simp]: "m div (Suc (Suc (Suc n))) = m div (3+n)"
  1139 by (simp add: Suc3_eq_add_3)
  1140 
  1141 lemma mod_Suc_eq_mod_add3 [simp]: "m mod (Suc (Suc (Suc n))) = m mod (3+n)"
  1142 by (simp add: Suc3_eq_add_3)
  1143 
  1144 lemma Suc_div_eq_add3_div: "(Suc (Suc (Suc m))) div n = (3+m) div n"
  1145 by (simp add: Suc3_eq_add_3)
  1146 
  1147 lemma Suc_mod_eq_add3_mod: "(Suc (Suc (Suc m))) mod n = (3+m) mod n"
  1148 by (simp add: Suc3_eq_add_3)
  1149 
  1150 lemmas Suc_div_eq_add3_div_numeral [simp] = Suc_div_eq_add3_div [of _ "numeral v"] for v
  1151 lemmas Suc_mod_eq_add3_mod_numeral [simp] = Suc_mod_eq_add3_mod [of _ "numeral v"] for v
  1152 
  1153 
  1154 lemma Suc_times_mod_eq: "1<k ==> Suc (k * m) mod k = 1" 
  1155 apply (induct "m")
  1156 apply (simp_all add: mod_Suc)
  1157 done
  1158 
  1159 declare Suc_times_mod_eq [of "numeral w", simp] for w
  1160 
  1161 lemma Suc_div_le_mono [simp]: "n div k \<le> (Suc n) div k"
  1162 by (simp add: div_le_mono)
  1163 
  1164 lemma Suc_n_div_2_gt_zero [simp]: "(0::nat) < n ==> 0 < (n + 1) div 2"
  1165 by (cases n) simp_all
  1166 
  1167 lemma div_2_gt_zero [simp]: assumes A: "(1::nat) < n" shows "0 < n div 2"
  1168 proof -
  1169   from A have B: "0 < n - 1" and C: "n - 1 + 1 = n" by simp_all
  1170   from Suc_n_div_2_gt_zero [OF B] C show ?thesis by simp 
  1171 qed
  1172 
  1173   (* Potential use of algebra : Equality modulo n*)
  1174 lemma mod_mult_self3 [simp]: "(k*n + m) mod n = m mod (n::nat)"
  1175 by (simp add: mult_ac add_ac)
  1176 
  1177 lemma mod_mult_self4 [simp]: "Suc (k*n + m) mod n = Suc m mod n"
  1178 proof -
  1179   have "Suc (k * n + m) mod n = (k * n + Suc m) mod n" by simp
  1180   also have "... = Suc m mod n" by (rule mod_mult_self3) 
  1181   finally show ?thesis .
  1182 qed
  1183 
  1184 lemma mod_Suc_eq_Suc_mod: "Suc m mod n = Suc (m mod n) mod n"
  1185 apply (subst mod_Suc [of m]) 
  1186 apply (subst mod_Suc [of "m mod n"], simp) 
  1187 done
  1188 
  1189 lemma mod_2_not_eq_zero_eq_one_nat:
  1190   fixes n :: nat
  1191   shows "n mod 2 \<noteq> 0 \<longleftrightarrow> n mod 2 = 1"
  1192   by simp
  1193 
  1194 
  1195 subsection {* Division on @{typ int} *}
  1196 
  1197 definition divmod_int_rel :: "int \<Rightarrow> int \<Rightarrow> int \<times> int \<Rightarrow> bool" where
  1198     --{*definition of quotient and remainder*}
  1199   "divmod_int_rel a b = (\<lambda>(q, r). a = b * q + r \<and>
  1200     (if 0 < b then 0 \<le> r \<and> r < b else if b < 0 then b < r \<and> r \<le> 0 else q = 0))"
  1201 
  1202 definition adjust :: "int \<Rightarrow> int \<times> int \<Rightarrow> int \<times> int" where
  1203     --{*for the division algorithm*}
  1204     "adjust b = (\<lambda>(q, r). if 0 \<le> r - b then (2 * q + 1, r - b)
  1205                          else (2 * q, r))"
  1206 
  1207 text{*algorithm for the case @{text "a\<ge>0, b>0"}*}
  1208 function posDivAlg :: "int \<Rightarrow> int \<Rightarrow> int \<times> int" where
  1209   "posDivAlg a b = (if a < b \<or>  b \<le> 0 then (0, a)
  1210      else adjust b (posDivAlg a (2 * b)))"
  1211 by auto
  1212 termination by (relation "measure (\<lambda>(a, b). nat (a - b + 1))")
  1213   (auto simp add: mult_2)
  1214 
  1215 text{*algorithm for the case @{text "a<0, b>0"}*}
  1216 function negDivAlg :: "int \<Rightarrow> int \<Rightarrow> int \<times> int" where
  1217   "negDivAlg a b = (if 0 \<le>a + b \<or> b \<le> 0  then (-1, a + b)
  1218      else adjust b (negDivAlg a (2 * b)))"
  1219 by auto
  1220 termination by (relation "measure (\<lambda>(a, b). nat (- a - b))")
  1221   (auto simp add: mult_2)
  1222 
  1223 text{*algorithm for the general case @{term "b\<noteq>0"}*}
  1224 
  1225 definition divmod_int :: "int \<Rightarrow> int \<Rightarrow> int \<times> int" where
  1226     --{*The full division algorithm considers all possible signs for a, b
  1227        including the special case @{text "a=0, b<0"} because 
  1228        @{term negDivAlg} requires @{term "a<0"}.*}
  1229   "divmod_int a b = (if 0 \<le> a then if 0 \<le> b then posDivAlg a b
  1230                   else if a = 0 then (0, 0)
  1231                        else apsnd uminus (negDivAlg (-a) (-b))
  1232                else 
  1233                   if 0 < b then negDivAlg a b
  1234                   else apsnd uminus (posDivAlg (-a) (-b)))"
  1235 
  1236 instantiation int :: Divides.div
  1237 begin
  1238 
  1239 definition div_int where
  1240   "a div b = fst (divmod_int a b)"
  1241 
  1242 lemma fst_divmod_int [simp]:
  1243   "fst (divmod_int a b) = a div b"
  1244   by (simp add: div_int_def)
  1245 
  1246 definition mod_int where
  1247   "a mod b = snd (divmod_int a b)"
  1248 
  1249 lemma snd_divmod_int [simp]:
  1250   "snd (divmod_int a b) = a mod b"
  1251   by (simp add: mod_int_def)
  1252 
  1253 instance ..
  1254 
  1255 end
  1256 
  1257 lemma divmod_int_mod_div:
  1258   "divmod_int p q = (p div q, p mod q)"
  1259   by (simp add: prod_eq_iff)
  1260 
  1261 text{*
  1262 Here is the division algorithm in ML:
  1263 
  1264 \begin{verbatim}
  1265     fun posDivAlg (a,b) =
  1266       if a<b then (0,a)
  1267       else let val (q,r) = posDivAlg(a, 2*b)
  1268                in  if 0\<le>r-b then (2*q+1, r-b) else (2*q, r)
  1269            end
  1270 
  1271     fun negDivAlg (a,b) =
  1272       if 0\<le>a+b then (~1,a+b)
  1273       else let val (q,r) = negDivAlg(a, 2*b)
  1274                in  if 0\<le>r-b then (2*q+1, r-b) else (2*q, r)
  1275            end;
  1276 
  1277     fun negateSnd (q,r:int) = (q,~r);
  1278 
  1279     fun divmod (a,b) = if 0\<le>a then 
  1280                           if b>0 then posDivAlg (a,b) 
  1281                            else if a=0 then (0,0)
  1282                                 else negateSnd (negDivAlg (~a,~b))
  1283                        else 
  1284                           if 0<b then negDivAlg (a,b)
  1285                           else        negateSnd (posDivAlg (~a,~b));
  1286 \end{verbatim}
  1287 *}
  1288 
  1289 
  1290 subsubsection {* Uniqueness and Monotonicity of Quotients and Remainders *}
  1291 
  1292 lemma unique_quotient_lemma:
  1293      "[| b*q' + r'  \<le> b*q + r;  0 \<le> r';  r' < b;  r < b |]  
  1294       ==> q' \<le> (q::int)"
  1295 apply (subgoal_tac "r' + b * (q'-q) \<le> r")
  1296  prefer 2 apply (simp add: right_diff_distrib)
  1297 apply (subgoal_tac "0 < b * (1 + q - q') ")
  1298 apply (erule_tac [2] order_le_less_trans)
  1299  prefer 2 apply (simp add: right_diff_distrib distrib_left)
  1300 apply (subgoal_tac "b * q' < b * (1 + q) ")
  1301  prefer 2 apply (simp add: right_diff_distrib distrib_left)
  1302 apply (simp add: mult_less_cancel_left)
  1303 done
  1304 
  1305 lemma unique_quotient_lemma_neg:
  1306      "[| b*q' + r' \<le> b*q + r;  r \<le> 0;  b < r;  b < r' |]  
  1307       ==> q \<le> (q'::int)"
  1308 by (rule_tac b = "-b" and r = "-r'" and r' = "-r" in unique_quotient_lemma, 
  1309     auto)
  1310 
  1311 lemma unique_quotient:
  1312      "[| divmod_int_rel a b (q, r); divmod_int_rel a b (q', r') |]  
  1313       ==> q = q'"
  1314 apply (simp add: divmod_int_rel_def linorder_neq_iff split: split_if_asm)
  1315 apply (blast intro: order_antisym
  1316              dest: order_eq_refl [THEN unique_quotient_lemma] 
  1317              order_eq_refl [THEN unique_quotient_lemma_neg] sym)+
  1318 done
  1319 
  1320 
  1321 lemma unique_remainder:
  1322      "[| divmod_int_rel a b (q, r); divmod_int_rel a b (q', r') |]  
  1323       ==> r = r'"
  1324 apply (subgoal_tac "q = q'")
  1325  apply (simp add: divmod_int_rel_def)
  1326 apply (blast intro: unique_quotient)
  1327 done
  1328 
  1329 
  1330 subsubsection {* Correctness of @{term posDivAlg}, the Algorithm for Non-Negative Dividends *}
  1331 
  1332 text{*And positive divisors*}
  1333 
  1334 lemma adjust_eq [simp]:
  1335      "adjust b (q, r) = 
  1336       (let diff = r - b in  
  1337         if 0 \<le> diff then (2 * q + 1, diff)   
  1338                      else (2*q, r))"
  1339   by (simp add: Let_def adjust_def)
  1340 
  1341 declare posDivAlg.simps [simp del]
  1342 
  1343 text{*use with a simproc to avoid repeatedly proving the premise*}
  1344 lemma posDivAlg_eqn:
  1345      "0 < b ==>  
  1346       posDivAlg a b = (if a<b then (0,a) else adjust b (posDivAlg a (2*b)))"
  1347 by (rule posDivAlg.simps [THEN trans], simp)
  1348 
  1349 text{*Correctness of @{term posDivAlg}: it computes quotients correctly*}
  1350 theorem posDivAlg_correct:
  1351   assumes "0 \<le> a" and "0 < b"
  1352   shows "divmod_int_rel a b (posDivAlg a b)"
  1353   using assms
  1354   apply (induct a b rule: posDivAlg.induct)
  1355   apply auto
  1356   apply (simp add: divmod_int_rel_def)
  1357   apply (subst posDivAlg_eqn, simp add: distrib_left)
  1358   apply (case_tac "a < b")
  1359   apply simp_all
  1360   apply (erule splitE)
  1361   apply (auto simp add: distrib_left Let_def mult_ac mult_2_right)
  1362   done
  1363 
  1364 
  1365 subsubsection {* Correctness of @{term negDivAlg}, the Algorithm for Negative Dividends *}
  1366 
  1367 text{*And positive divisors*}
  1368 
  1369 declare negDivAlg.simps [simp del]
  1370 
  1371 text{*use with a simproc to avoid repeatedly proving the premise*}
  1372 lemma negDivAlg_eqn:
  1373      "0 < b ==>  
  1374       negDivAlg a b =       
  1375        (if 0\<le>a+b then (-1,a+b) else adjust b (negDivAlg a (2*b)))"
  1376 by (rule negDivAlg.simps [THEN trans], simp)
  1377 
  1378 (*Correctness of negDivAlg: it computes quotients correctly
  1379   It doesn't work if a=0 because the 0/b equals 0, not -1*)
  1380 lemma negDivAlg_correct:
  1381   assumes "a < 0" and "b > 0"
  1382   shows "divmod_int_rel a b (negDivAlg a b)"
  1383   using assms
  1384   apply (induct a b rule: negDivAlg.induct)
  1385   apply (auto simp add: linorder_not_le)
  1386   apply (simp add: divmod_int_rel_def)
  1387   apply (subst negDivAlg_eqn, assumption)
  1388   apply (case_tac "a + b < (0\<Colon>int)")
  1389   apply simp_all
  1390   apply (erule splitE)
  1391   apply (auto simp add: distrib_left Let_def mult_ac mult_2_right)
  1392   done
  1393 
  1394 
  1395 subsubsection {* Existence Shown by Proving the Division Algorithm to be Correct *}
  1396 
  1397 (*the case a=0*)
  1398 lemma divmod_int_rel_0: "divmod_int_rel 0 b (0, 0)"
  1399 by (auto simp add: divmod_int_rel_def linorder_neq_iff)
  1400 
  1401 lemma posDivAlg_0 [simp]: "posDivAlg 0 b = (0, 0)"
  1402 by (subst posDivAlg.simps, auto)
  1403 
  1404 lemma posDivAlg_0_right [simp]: "posDivAlg a 0 = (0, a)"
  1405 by (subst posDivAlg.simps, auto)
  1406 
  1407 lemma negDivAlg_minus1 [simp]: "negDivAlg -1 b = (-1, b - 1)"
  1408 by (subst negDivAlg.simps, auto)
  1409 
  1410 lemma divmod_int_rel_neg: "divmod_int_rel (-a) (-b) qr ==> divmod_int_rel a b (apsnd uminus qr)"
  1411 by (auto simp add: divmod_int_rel_def)
  1412 
  1413 lemma divmod_int_correct: "divmod_int_rel a b (divmod_int a b)"
  1414 apply (cases "b = 0", simp add: divmod_int_def divmod_int_rel_def)
  1415 by (force simp add: linorder_neq_iff divmod_int_rel_0 divmod_int_def divmod_int_rel_neg
  1416                     posDivAlg_correct negDivAlg_correct)
  1417 
  1418 lemma divmod_int_unique:
  1419   assumes "divmod_int_rel a b qr" 
  1420   shows "divmod_int a b = qr"
  1421   using assms divmod_int_correct [of a b]
  1422   using unique_quotient [of a b] unique_remainder [of a b]
  1423   by (metis pair_collapse)
  1424 
  1425 lemma divmod_int_rel_div_mod: "divmod_int_rel a b (a div b, a mod b)"
  1426   using divmod_int_correct by (simp add: divmod_int_mod_div)
  1427 
  1428 lemma div_int_unique: "divmod_int_rel a b (q, r) \<Longrightarrow> a div b = q"
  1429   by (simp add: divmod_int_rel_div_mod [THEN unique_quotient])
  1430 
  1431 lemma mod_int_unique: "divmod_int_rel a b (q, r) \<Longrightarrow> a mod b = r"
  1432   by (simp add: divmod_int_rel_div_mod [THEN unique_remainder])
  1433 
  1434 instance int :: ring_div
  1435 proof
  1436   fix a b :: int
  1437   show "a div b * b + a mod b = a"
  1438     using divmod_int_rel_div_mod [of a b]
  1439     unfolding divmod_int_rel_def by (simp add: mult_commute)
  1440 next
  1441   fix a b c :: int
  1442   assume "b \<noteq> 0"
  1443   hence "divmod_int_rel (a + c * b) b (c + a div b, a mod b)"
  1444     using divmod_int_rel_div_mod [of a b]
  1445     unfolding divmod_int_rel_def by (auto simp: algebra_simps)
  1446   thus "(a + c * b) div b = c + a div b"
  1447     by (rule div_int_unique)
  1448 next
  1449   fix a b c :: int
  1450   assume "c \<noteq> 0"
  1451   hence "\<And>q r. divmod_int_rel a b (q, r)
  1452     \<Longrightarrow> divmod_int_rel (c * a) (c * b) (q, c * r)"
  1453     unfolding divmod_int_rel_def
  1454     by - (rule linorder_cases [of 0 b], auto simp: algebra_simps
  1455       mult_less_0_iff zero_less_mult_iff mult_strict_right_mono
  1456       mult_strict_right_mono_neg zero_le_mult_iff mult_le_0_iff)
  1457   hence "divmod_int_rel (c * a) (c * b) (a div b, c * (a mod b))"
  1458     using divmod_int_rel_div_mod [of a b] .
  1459   thus "(c * a) div (c * b) = a div b"
  1460     by (rule div_int_unique)
  1461 next
  1462   fix a :: int show "a div 0 = 0"
  1463     by (rule div_int_unique, simp add: divmod_int_rel_def)
  1464 next
  1465   fix a :: int show "0 div a = 0"
  1466     by (rule div_int_unique, auto simp add: divmod_int_rel_def)
  1467 qed
  1468 
  1469 text{*Basic laws about division and remainder*}
  1470 
  1471 lemma zmod_zdiv_equality: "(a::int) = b * (a div b) + (a mod b)"
  1472   by (fact mod_div_equality2 [symmetric])
  1473 
  1474 text {* Tool setup *}
  1475 
  1476 (* FIXME: Theorem list add_0s doesn't exist, because Numeral0 has gone. *)
  1477 lemmas add_0s = add_0_left add_0_right
  1478 
  1479 ML {*
  1480 structure Cancel_Div_Mod_Int = Cancel_Div_Mod
  1481 (
  1482   val div_name = @{const_name div};
  1483   val mod_name = @{const_name mod};
  1484   val mk_binop = HOLogic.mk_binop;
  1485   val mk_sum = Arith_Data.mk_sum HOLogic.intT;
  1486   val dest_sum = Arith_Data.dest_sum;
  1487 
  1488   val div_mod_eqs = map mk_meta_eq [@{thm div_mod_equality}, @{thm div_mod_equality2}];
  1489 
  1490   val prove_eq_sums = Arith_Data.prove_conv2 all_tac (Arith_Data.simp_all_tac 
  1491     (@{thm diff_minus} :: @{thms add_0s} @ @{thms add_ac}))
  1492 )
  1493 *}
  1494 
  1495 simproc_setup cancel_div_mod_int ("(k::int) + l") = {* K Cancel_Div_Mod_Int.proc *}
  1496 
  1497 lemma pos_mod_conj: "(0::int) < b \<Longrightarrow> 0 \<le> a mod b \<and> a mod b < b"
  1498   using divmod_int_correct [of a b]
  1499   by (auto simp add: divmod_int_rel_def prod_eq_iff)
  1500 
  1501 lemmas pos_mod_sign [simp] = pos_mod_conj [THEN conjunct1]
  1502    and pos_mod_bound [simp] = pos_mod_conj [THEN conjunct2]
  1503 
  1504 lemma neg_mod_conj: "b < (0::int) \<Longrightarrow> a mod b \<le> 0 \<and> b < a mod b"
  1505   using divmod_int_correct [of a b]
  1506   by (auto simp add: divmod_int_rel_def prod_eq_iff)
  1507 
  1508 lemmas neg_mod_sign [simp] = neg_mod_conj [THEN conjunct1]
  1509    and neg_mod_bound [simp] = neg_mod_conj [THEN conjunct2]
  1510 
  1511 
  1512 subsubsection {* General Properties of div and mod *}
  1513 
  1514 lemma div_pos_pos_trivial: "[| (0::int) \<le> a;  a < b |] ==> a div b = 0"
  1515 apply (rule div_int_unique)
  1516 apply (auto simp add: divmod_int_rel_def)
  1517 done
  1518 
  1519 lemma div_neg_neg_trivial: "[| a \<le> (0::int);  b < a |] ==> a div b = 0"
  1520 apply (rule div_int_unique)
  1521 apply (auto simp add: divmod_int_rel_def)
  1522 done
  1523 
  1524 lemma div_pos_neg_trivial: "[| (0::int) < a;  a+b \<le> 0 |] ==> a div b = -1"
  1525 apply (rule div_int_unique)
  1526 apply (auto simp add: divmod_int_rel_def)
  1527 done
  1528 
  1529 (*There is no div_neg_pos_trivial because  0 div b = 0 would supersede it*)
  1530 
  1531 lemma mod_pos_pos_trivial: "[| (0::int) \<le> a;  a < b |] ==> a mod b = a"
  1532 apply (rule_tac q = 0 in mod_int_unique)
  1533 apply (auto simp add: divmod_int_rel_def)
  1534 done
  1535 
  1536 lemma mod_neg_neg_trivial: "[| a \<le> (0::int);  b < a |] ==> a mod b = a"
  1537 apply (rule_tac q = 0 in mod_int_unique)
  1538 apply (auto simp add: divmod_int_rel_def)
  1539 done
  1540 
  1541 lemma mod_pos_neg_trivial: "[| (0::int) < a;  a+b \<le> 0 |] ==> a mod b = a+b"
  1542 apply (rule_tac q = "-1" in mod_int_unique)
  1543 apply (auto simp add: divmod_int_rel_def)
  1544 done
  1545 
  1546 text{*There is no @{text mod_neg_pos_trivial}.*}
  1547 
  1548 
  1549 subsubsection {* Laws for div and mod with Unary Minus *}
  1550 
  1551 lemma zminus1_lemma:
  1552      "divmod_int_rel a b (q, r) ==> b \<noteq> 0
  1553       ==> divmod_int_rel (-a) b (if r=0 then -q else -q - 1,  
  1554                           if r=0 then 0 else b-r)"
  1555 by (force simp add: split_ifs divmod_int_rel_def linorder_neq_iff right_diff_distrib)
  1556 
  1557 
  1558 lemma zdiv_zminus1_eq_if:
  1559      "b \<noteq> (0::int)  
  1560       ==> (-a) div b =  
  1561           (if a mod b = 0 then - (a div b) else  - (a div b) - 1)"
  1562 by (blast intro: divmod_int_rel_div_mod [THEN zminus1_lemma, THEN div_int_unique])
  1563 
  1564 lemma zmod_zminus1_eq_if:
  1565      "(-a::int) mod b = (if a mod b = 0 then 0 else  b - (a mod b))"
  1566 apply (case_tac "b = 0", simp)
  1567 apply (blast intro: divmod_int_rel_div_mod [THEN zminus1_lemma, THEN mod_int_unique])
  1568 done
  1569 
  1570 lemma zmod_zminus1_not_zero:
  1571   fixes k l :: int
  1572   shows "- k mod l \<noteq> 0 \<Longrightarrow> k mod l \<noteq> 0"
  1573   unfolding zmod_zminus1_eq_if by auto
  1574 
  1575 lemma zdiv_zminus2_eq_if:
  1576      "b \<noteq> (0::int)  
  1577       ==> a div (-b) =  
  1578           (if a mod b = 0 then - (a div b) else  - (a div b) - 1)"
  1579 by (simp add: zdiv_zminus1_eq_if div_minus_right)
  1580 
  1581 lemma zmod_zminus2_eq_if:
  1582      "a mod (-b::int) = (if a mod b = 0 then 0 else  (a mod b) - b)"
  1583 by (simp add: zmod_zminus1_eq_if mod_minus_right)
  1584 
  1585 lemma zmod_zminus2_not_zero:
  1586   fixes k l :: int
  1587   shows "k mod - l \<noteq> 0 \<Longrightarrow> k mod l \<noteq> 0"
  1588   unfolding zmod_zminus2_eq_if by auto 
  1589 
  1590 
  1591 subsubsection {* Computation of Division and Remainder *}
  1592 
  1593 lemma div_eq_minus1: "(0::int) < b ==> -1 div b = -1"
  1594 by (simp add: div_int_def divmod_int_def)
  1595 
  1596 lemma zmod_minus1: "(0::int) < b ==> -1 mod b = b - 1"
  1597 by (simp add: mod_int_def divmod_int_def)
  1598 
  1599 text{*a positive, b positive *}
  1600 
  1601 lemma div_pos_pos: "[| 0 < a;  0 \<le> b |] ==> a div b = fst (posDivAlg a b)"
  1602 by (simp add: div_int_def divmod_int_def)
  1603 
  1604 lemma mod_pos_pos: "[| 0 < a;  0 \<le> b |] ==> a mod b = snd (posDivAlg a b)"
  1605 by (simp add: mod_int_def divmod_int_def)
  1606 
  1607 text{*a negative, b positive *}
  1608 
  1609 lemma div_neg_pos: "[| a < 0;  0 < b |] ==> a div b = fst (negDivAlg a b)"
  1610 by (simp add: div_int_def divmod_int_def)
  1611 
  1612 lemma mod_neg_pos: "[| a < 0;  0 < b |] ==> a mod b = snd (negDivAlg a b)"
  1613 by (simp add: mod_int_def divmod_int_def)
  1614 
  1615 text{*a positive, b negative *}
  1616 
  1617 lemma div_pos_neg:
  1618      "[| 0 < a;  b < 0 |] ==> a div b = fst (apsnd uminus (negDivAlg (-a) (-b)))"
  1619 by (simp add: div_int_def divmod_int_def)
  1620 
  1621 lemma mod_pos_neg:
  1622      "[| 0 < a;  b < 0 |] ==> a mod b = snd (apsnd uminus (negDivAlg (-a) (-b)))"
  1623 by (simp add: mod_int_def divmod_int_def)
  1624 
  1625 text{*a negative, b negative *}
  1626 
  1627 lemma div_neg_neg:
  1628      "[| a < 0;  b \<le> 0 |] ==> a div b = fst (apsnd uminus (posDivAlg (-a) (-b)))"
  1629 by (simp add: div_int_def divmod_int_def)
  1630 
  1631 lemma mod_neg_neg:
  1632      "[| a < 0;  b \<le> 0 |] ==> a mod b = snd (apsnd uminus (posDivAlg (-a) (-b)))"
  1633 by (simp add: mod_int_def divmod_int_def)
  1634 
  1635 text {*Simplify expresions in which div and mod combine numerical constants*}
  1636 
  1637 lemma int_div_pos_eq: "\<lbrakk>(a::int) = b * q + r; 0 \<le> r; r < b\<rbrakk> \<Longrightarrow> a div b = q"
  1638   by (rule div_int_unique [of a b q r]) (simp add: divmod_int_rel_def)
  1639 
  1640 lemma int_div_neg_eq: "\<lbrakk>(a::int) = b * q + r; r \<le> 0; b < r\<rbrakk> \<Longrightarrow> a div b = q"
  1641   by (rule div_int_unique [of a b q r],
  1642     simp add: divmod_int_rel_def)
  1643 
  1644 lemma int_mod_pos_eq: "\<lbrakk>(a::int) = b * q + r; 0 \<le> r; r < b\<rbrakk> \<Longrightarrow> a mod b = r"
  1645   by (rule mod_int_unique [of a b q r],
  1646     simp add: divmod_int_rel_def)
  1647 
  1648 lemma int_mod_neg_eq: "\<lbrakk>(a::int) = b * q + r; r \<le> 0; b < r\<rbrakk> \<Longrightarrow> a mod b = r"
  1649   by (rule mod_int_unique [of a b q r],
  1650     simp add: divmod_int_rel_def)
  1651 
  1652 (* simprocs adapted from HOL/ex/Binary.thy *)
  1653 ML {*
  1654 local
  1655   val mk_number = HOLogic.mk_number HOLogic.intT
  1656   val plus = @{term "plus :: int \<Rightarrow> int \<Rightarrow> int"}
  1657   val times = @{term "times :: int \<Rightarrow> int \<Rightarrow> int"}
  1658   val zero = @{term "0 :: int"}
  1659   val less = @{term "op < :: int \<Rightarrow> int \<Rightarrow> bool"}
  1660   val le = @{term "op \<le> :: int \<Rightarrow> int \<Rightarrow> bool"}
  1661   val simps = @{thms arith_simps} @ @{thms rel_simps} @
  1662     map (fn th => th RS sym) [@{thm numeral_1_eq_1}]
  1663   fun prove ctxt goal = Goal.prove ctxt [] [] (HOLogic.mk_Trueprop goal)
  1664     (K (ALLGOALS (full_simp_tac (put_simpset HOL_basic_ss ctxt addsimps simps))));
  1665   fun binary_proc proc ctxt ct =
  1666     (case Thm.term_of ct of
  1667       _ $ t $ u =>
  1668       (case try (pairself (`(snd o HOLogic.dest_number))) (t, u) of
  1669         SOME args => proc ctxt args
  1670       | NONE => NONE)
  1671     | _ => NONE);
  1672 in
  1673   fun divmod_proc posrule negrule =
  1674     binary_proc (fn ctxt => fn ((a, t), (b, u)) =>
  1675       if b = 0 then NONE else let
  1676         val (q, r) = pairself mk_number (Integer.div_mod a b)
  1677         val goal1 = HOLogic.mk_eq (t, plus $ (times $ u $ q) $ r)
  1678         val (goal2, goal3, rule) = if b > 0
  1679           then (le $ zero $ r, less $ r $ u, posrule RS eq_reflection)
  1680           else (le $ r $ zero, less $ u $ r, negrule RS eq_reflection)
  1681       in SOME (rule OF map (prove ctxt) [goal1, goal2, goal3]) end)
  1682 end
  1683 *}
  1684 
  1685 simproc_setup binary_int_div
  1686   ("numeral m div numeral n :: int" |
  1687    "numeral m div neg_numeral n :: int" |
  1688    "neg_numeral m div numeral n :: int" |
  1689    "neg_numeral m div neg_numeral n :: int") =
  1690   {* K (divmod_proc @{thm int_div_pos_eq} @{thm int_div_neg_eq}) *}
  1691 
  1692 simproc_setup binary_int_mod
  1693   ("numeral m mod numeral n :: int" |
  1694    "numeral m mod neg_numeral n :: int" |
  1695    "neg_numeral m mod numeral n :: int" |
  1696    "neg_numeral m mod neg_numeral n :: int") =
  1697   {* K (divmod_proc @{thm int_mod_pos_eq} @{thm int_mod_neg_eq}) *}
  1698 
  1699 lemmas posDivAlg_eqn_numeral [simp] =
  1700     posDivAlg_eqn [of "numeral v" "numeral w", OF zero_less_numeral] for v w
  1701 
  1702 lemmas negDivAlg_eqn_numeral [simp] =
  1703     negDivAlg_eqn [of "numeral v" "neg_numeral w", OF zero_less_numeral] for v w
  1704 
  1705 
  1706 text{*Special-case simplification *}
  1707 
  1708 (** The last remaining special cases for constant arithmetic:
  1709     1 div z and 1 mod z **)
  1710 
  1711 lemmas div_pos_pos_1_numeral [simp] =
  1712   div_pos_pos [OF zero_less_one, of "numeral w", OF zero_le_numeral] for w
  1713 
  1714 lemmas div_pos_neg_1_numeral [simp] =
  1715   div_pos_neg [OF zero_less_one, of "neg_numeral w",
  1716   OF neg_numeral_less_zero] for w
  1717 
  1718 lemmas mod_pos_pos_1_numeral [simp] =
  1719   mod_pos_pos [OF zero_less_one, of "numeral w", OF zero_le_numeral] for w
  1720 
  1721 lemmas mod_pos_neg_1_numeral [simp] =
  1722   mod_pos_neg [OF zero_less_one, of "neg_numeral w",
  1723   OF neg_numeral_less_zero] for w
  1724 
  1725 lemmas posDivAlg_eqn_1_numeral [simp] =
  1726     posDivAlg_eqn [of concl: 1 "numeral w", OF zero_less_numeral] for w
  1727 
  1728 lemmas negDivAlg_eqn_1_numeral [simp] =
  1729     negDivAlg_eqn [of concl: 1 "numeral w", OF zero_less_numeral] for w
  1730 
  1731 
  1732 subsubsection {* Monotonicity in the First Argument (Dividend) *}
  1733 
  1734 lemma zdiv_mono1: "[| a \<le> a';  0 < (b::int) |] ==> a div b \<le> a' div b"
  1735 apply (cut_tac a = a and b = b in zmod_zdiv_equality)
  1736 apply (cut_tac a = a' and b = b in zmod_zdiv_equality)
  1737 apply (rule unique_quotient_lemma)
  1738 apply (erule subst)
  1739 apply (erule subst, simp_all)
  1740 done
  1741 
  1742 lemma zdiv_mono1_neg: "[| a \<le> a';  (b::int) < 0 |] ==> a' div b \<le> a div b"
  1743 apply (cut_tac a = a and b = b in zmod_zdiv_equality)
  1744 apply (cut_tac a = a' and b = b in zmod_zdiv_equality)
  1745 apply (rule unique_quotient_lemma_neg)
  1746 apply (erule subst)
  1747 apply (erule subst, simp_all)
  1748 done
  1749 
  1750 
  1751 subsubsection {* Monotonicity in the Second Argument (Divisor) *}
  1752 
  1753 lemma q_pos_lemma:
  1754      "[| 0 \<le> b'*q' + r'; r' < b';  0 < b' |] ==> 0 \<le> (q'::int)"
  1755 apply (subgoal_tac "0 < b'* (q' + 1) ")
  1756  apply (simp add: zero_less_mult_iff)
  1757 apply (simp add: distrib_left)
  1758 done
  1759 
  1760 lemma zdiv_mono2_lemma:
  1761      "[| b*q + r = b'*q' + r';  0 \<le> b'*q' + r';   
  1762          r' < b';  0 \<le> r;  0 < b';  b' \<le> b |]   
  1763       ==> q \<le> (q'::int)"
  1764 apply (frule q_pos_lemma, assumption+) 
  1765 apply (subgoal_tac "b*q < b* (q' + 1) ")
  1766  apply (simp add: mult_less_cancel_left)
  1767 apply (subgoal_tac "b*q = r' - r + b'*q'")
  1768  prefer 2 apply simp
  1769 apply (simp (no_asm_simp) add: distrib_left)
  1770 apply (subst add_commute, rule add_less_le_mono, arith)
  1771 apply (rule mult_right_mono, auto)
  1772 done
  1773 
  1774 lemma zdiv_mono2:
  1775      "[| (0::int) \<le> a;  0 < b';  b' \<le> b |] ==> a div b \<le> a div b'"
  1776 apply (subgoal_tac "b \<noteq> 0")
  1777  prefer 2 apply arith
  1778 apply (cut_tac a = a and b = b in zmod_zdiv_equality)
  1779 apply (cut_tac a = a and b = b' in zmod_zdiv_equality)
  1780 apply (rule zdiv_mono2_lemma)
  1781 apply (erule subst)
  1782 apply (erule subst, simp_all)
  1783 done
  1784 
  1785 lemma q_neg_lemma:
  1786      "[| b'*q' + r' < 0;  0 \<le> r';  0 < b' |] ==> q' \<le> (0::int)"
  1787 apply (subgoal_tac "b'*q' < 0")
  1788  apply (simp add: mult_less_0_iff, arith)
  1789 done
  1790 
  1791 lemma zdiv_mono2_neg_lemma:
  1792      "[| b*q + r = b'*q' + r';  b'*q' + r' < 0;   
  1793          r < b;  0 \<le> r';  0 < b';  b' \<le> b |]   
  1794       ==> q' \<le> (q::int)"
  1795 apply (frule q_neg_lemma, assumption+) 
  1796 apply (subgoal_tac "b*q' < b* (q + 1) ")
  1797  apply (simp add: mult_less_cancel_left)
  1798 apply (simp add: distrib_left)
  1799 apply (subgoal_tac "b*q' \<le> b'*q'")
  1800  prefer 2 apply (simp add: mult_right_mono_neg, arith)
  1801 done
  1802 
  1803 lemma zdiv_mono2_neg:
  1804      "[| a < (0::int);  0 < b';  b' \<le> b |] ==> a div b' \<le> a div b"
  1805 apply (cut_tac a = a and b = b in zmod_zdiv_equality)
  1806 apply (cut_tac a = a and b = b' in zmod_zdiv_equality)
  1807 apply (rule zdiv_mono2_neg_lemma)
  1808 apply (erule subst)
  1809 apply (erule subst, simp_all)
  1810 done
  1811 
  1812 
  1813 subsubsection {* More Algebraic Laws for div and mod *}
  1814 
  1815 text{*proving (a*b) div c = a * (b div c) + a * (b mod c) *}
  1816 
  1817 lemma zmult1_lemma:
  1818      "[| divmod_int_rel b c (q, r) |]  
  1819       ==> divmod_int_rel (a * b) c (a*q + a*r div c, a*r mod c)"
  1820 by (auto simp add: split_ifs divmod_int_rel_def linorder_neq_iff distrib_left mult_ac)
  1821 
  1822 lemma zdiv_zmult1_eq: "(a*b) div c = a*(b div c) + a*(b mod c) div (c::int)"
  1823 apply (case_tac "c = 0", simp)
  1824 apply (blast intro: divmod_int_rel_div_mod [THEN zmult1_lemma, THEN div_int_unique])
  1825 done
  1826 
  1827 text{*proving (a+b) div c = a div c + b div c + ((a mod c + b mod c) div c) *}
  1828 
  1829 lemma zadd1_lemma:
  1830      "[| divmod_int_rel a c (aq, ar);  divmod_int_rel b c (bq, br) |]  
  1831       ==> divmod_int_rel (a+b) c (aq + bq + (ar+br) div c, (ar+br) mod c)"
  1832 by (force simp add: split_ifs divmod_int_rel_def linorder_neq_iff distrib_left)
  1833 
  1834 (*NOT suitable for rewriting: the RHS has an instance of the LHS*)
  1835 lemma zdiv_zadd1_eq:
  1836      "(a+b) div (c::int) = a div c + b div c + ((a mod c + b mod c) div c)"
  1837 apply (case_tac "c = 0", simp)
  1838 apply (blast intro: zadd1_lemma [OF divmod_int_rel_div_mod divmod_int_rel_div_mod] div_int_unique)
  1839 done
  1840 
  1841 lemma posDivAlg_div_mod:
  1842   assumes "k \<ge> 0"
  1843   and "l \<ge> 0"
  1844   shows "posDivAlg k l = (k div l, k mod l)"
  1845 proof (cases "l = 0")
  1846   case True then show ?thesis by (simp add: posDivAlg.simps)
  1847 next
  1848   case False with assms posDivAlg_correct
  1849     have "divmod_int_rel k l (fst (posDivAlg k l), snd (posDivAlg k l))"
  1850     by simp
  1851   from div_int_unique [OF this] mod_int_unique [OF this]
  1852   show ?thesis by simp
  1853 qed
  1854 
  1855 lemma negDivAlg_div_mod:
  1856   assumes "k < 0"
  1857   and "l > 0"
  1858   shows "negDivAlg k l = (k div l, k mod l)"
  1859 proof -
  1860   from assms have "l \<noteq> 0" by simp
  1861   from assms negDivAlg_correct
  1862     have "divmod_int_rel k l (fst (negDivAlg k l), snd (negDivAlg k l))"
  1863     by simp
  1864   from div_int_unique [OF this] mod_int_unique [OF this]
  1865   show ?thesis by simp
  1866 qed
  1867 
  1868 lemma zmod_eq_0_iff: "(m mod d = 0) = (EX q::int. m = d*q)"
  1869 by (simp add: dvd_eq_mod_eq_0 [symmetric] dvd_def)
  1870 
  1871 (* REVISIT: should this be generalized to all semiring_div types? *)
  1872 lemmas zmod_eq_0D [dest!] = zmod_eq_0_iff [THEN iffD1]
  1873 
  1874 lemma zmod_zdiv_equality':
  1875   "(m\<Colon>int) mod n = m - (m div n) * n"
  1876   using mod_div_equality [of m n] by arith
  1877 
  1878 
  1879 subsubsection {* Proving  @{term "a div (b*c) = (a div b) div c"} *}
  1880 
  1881 (*The condition c>0 seems necessary.  Consider that 7 div ~6 = ~2 but
  1882   7 div 2 div ~3 = 3 div ~3 = ~1.  The subcase (a div b) mod c = 0 seems
  1883   to cause particular problems.*)
  1884 
  1885 text{*first, four lemmas to bound the remainder for the cases b<0 and b>0 *}
  1886 
  1887 lemma zmult2_lemma_aux1: "[| (0::int) < c;  b < r;  r \<le> 0 |] ==> b*c < b*(q mod c) + r"
  1888 apply (subgoal_tac "b * (c - q mod c) < r * 1")
  1889  apply (simp add: algebra_simps)
  1890 apply (rule order_le_less_trans)
  1891  apply (erule_tac [2] mult_strict_right_mono)
  1892  apply (rule mult_left_mono_neg)
  1893   using add1_zle_eq[of "q mod c"]apply(simp add: algebra_simps)
  1894  apply (simp)
  1895 apply (simp)
  1896 done
  1897 
  1898 lemma zmult2_lemma_aux2:
  1899      "[| (0::int) < c;   b < r;  r \<le> 0 |] ==> b * (q mod c) + r \<le> 0"
  1900 apply (subgoal_tac "b * (q mod c) \<le> 0")
  1901  apply arith
  1902 apply (simp add: mult_le_0_iff)
  1903 done
  1904 
  1905 lemma zmult2_lemma_aux3: "[| (0::int) < c;  0 \<le> r;  r < b |] ==> 0 \<le> b * (q mod c) + r"
  1906 apply (subgoal_tac "0 \<le> b * (q mod c) ")
  1907 apply arith
  1908 apply (simp add: zero_le_mult_iff)
  1909 done
  1910 
  1911 lemma zmult2_lemma_aux4: "[| (0::int) < c; 0 \<le> r; r < b |] ==> b * (q mod c) + r < b * c"
  1912 apply (subgoal_tac "r * 1 < b * (c - q mod c) ")
  1913  apply (simp add: right_diff_distrib)
  1914 apply (rule order_less_le_trans)
  1915  apply (erule mult_strict_right_mono)
  1916  apply (rule_tac [2] mult_left_mono)
  1917   apply simp
  1918  using add1_zle_eq[of "q mod c"] apply (simp add: algebra_simps)
  1919 apply simp
  1920 done
  1921 
  1922 lemma zmult2_lemma: "[| divmod_int_rel a b (q, r); 0 < c |]  
  1923       ==> divmod_int_rel a (b * c) (q div c, b*(q mod c) + r)"
  1924 by (auto simp add: mult_ac divmod_int_rel_def linorder_neq_iff
  1925                    zero_less_mult_iff distrib_left [symmetric] 
  1926                    zmult2_lemma_aux1 zmult2_lemma_aux2 zmult2_lemma_aux3 zmult2_lemma_aux4 mult_less_0_iff split: split_if_asm)
  1927 
  1928 lemma zdiv_zmult2_eq: "(0::int) < c ==> a div (b*c) = (a div b) div c"
  1929 apply (case_tac "b = 0", simp)
  1930 apply (force simp add: divmod_int_rel_div_mod [THEN zmult2_lemma, THEN div_int_unique])
  1931 done
  1932 
  1933 lemma zmod_zmult2_eq:
  1934      "(0::int) < c ==> a mod (b*c) = b*(a div b mod c) + a mod b"
  1935 apply (case_tac "b = 0", simp)
  1936 apply (force simp add: divmod_int_rel_div_mod [THEN zmult2_lemma, THEN mod_int_unique])
  1937 done
  1938 
  1939 lemma div_pos_geq:
  1940   fixes k l :: int
  1941   assumes "0 < l" and "l \<le> k"
  1942   shows "k div l = (k - l) div l + 1"
  1943 proof -
  1944   have "k = (k - l) + l" by simp
  1945   then obtain j where k: "k = j + l" ..
  1946   with assms show ?thesis by simp
  1947 qed
  1948 
  1949 lemma mod_pos_geq:
  1950   fixes k l :: int
  1951   assumes "0 < l" and "l \<le> k"
  1952   shows "k mod l = (k - l) mod l"
  1953 proof -
  1954   have "k = (k - l) + l" by simp
  1955   then obtain j where k: "k = j + l" ..
  1956   with assms show ?thesis by simp
  1957 qed
  1958 
  1959 
  1960 subsubsection {* Splitting Rules for div and mod *}
  1961 
  1962 text{*The proofs of the two lemmas below are essentially identical*}
  1963 
  1964 lemma split_pos_lemma:
  1965  "0<k ==> 
  1966     P(n div k :: int)(n mod k) = (\<forall>i j. 0\<le>j & j<k & n = k*i + j --> P i j)"
  1967 apply (rule iffI, clarify)
  1968  apply (erule_tac P="P ?x ?y" in rev_mp)  
  1969  apply (subst mod_add_eq) 
  1970  apply (subst zdiv_zadd1_eq) 
  1971  apply (simp add: div_pos_pos_trivial mod_pos_pos_trivial)  
  1972 txt{*converse direction*}
  1973 apply (drule_tac x = "n div k" in spec) 
  1974 apply (drule_tac x = "n mod k" in spec, simp)
  1975 done
  1976 
  1977 lemma split_neg_lemma:
  1978  "k<0 ==>
  1979     P(n div k :: int)(n mod k) = (\<forall>i j. k<j & j\<le>0 & n = k*i + j --> P i j)"
  1980 apply (rule iffI, clarify)
  1981  apply (erule_tac P="P ?x ?y" in rev_mp)  
  1982  apply (subst mod_add_eq) 
  1983  apply (subst zdiv_zadd1_eq) 
  1984  apply (simp add: div_neg_neg_trivial mod_neg_neg_trivial)  
  1985 txt{*converse direction*}
  1986 apply (drule_tac x = "n div k" in spec) 
  1987 apply (drule_tac x = "n mod k" in spec, simp)
  1988 done
  1989 
  1990 lemma split_zdiv:
  1991  "P(n div k :: int) =
  1992   ((k = 0 --> P 0) & 
  1993    (0<k --> (\<forall>i j. 0\<le>j & j<k & n = k*i + j --> P i)) & 
  1994    (k<0 --> (\<forall>i j. k<j & j\<le>0 & n = k*i + j --> P i)))"
  1995 apply (case_tac "k=0", simp)
  1996 apply (simp only: linorder_neq_iff)
  1997 apply (erule disjE) 
  1998  apply (simp_all add: split_pos_lemma [of concl: "%x y. P x"] 
  1999                       split_neg_lemma [of concl: "%x y. P x"])
  2000 done
  2001 
  2002 lemma split_zmod:
  2003  "P(n mod k :: int) =
  2004   ((k = 0 --> P n) & 
  2005    (0<k --> (\<forall>i j. 0\<le>j & j<k & n = k*i + j --> P j)) & 
  2006    (k<0 --> (\<forall>i j. k<j & j\<le>0 & n = k*i + j --> P j)))"
  2007 apply (case_tac "k=0", simp)
  2008 apply (simp only: linorder_neq_iff)
  2009 apply (erule disjE) 
  2010  apply (simp_all add: split_pos_lemma [of concl: "%x y. P y"] 
  2011                       split_neg_lemma [of concl: "%x y. P y"])
  2012 done
  2013 
  2014 text {* Enable (lin)arith to deal with @{const div} and @{const mod}
  2015   when these are applied to some constant that is of the form
  2016   @{term "numeral k"}: *}
  2017 declare split_zdiv [of _ _ "numeral k", arith_split] for k
  2018 declare split_zmod [of _ _ "numeral k", arith_split] for k
  2019 
  2020 
  2021 subsubsection {* Computing @{text "div"} and @{text "mod"} with shifting *}
  2022 
  2023 lemma pos_divmod_int_rel_mult_2:
  2024   assumes "0 \<le> b"
  2025   assumes "divmod_int_rel a b (q, r)"
  2026   shows "divmod_int_rel (1 + 2*a) (2*b) (q, 1 + 2*r)"
  2027   using assms unfolding divmod_int_rel_def by auto
  2028 
  2029 lemma neg_divmod_int_rel_mult_2:
  2030   assumes "b \<le> 0"
  2031   assumes "divmod_int_rel (a + 1) b (q, r)"
  2032   shows "divmod_int_rel (1 + 2*a) (2*b) (q, 2*r - 1)"
  2033   using assms unfolding divmod_int_rel_def by auto
  2034 
  2035 text{*computing div by shifting *}
  2036 
  2037 lemma pos_zdiv_mult_2: "(0::int) \<le> a ==> (1 + 2*b) div (2*a) = b div a"
  2038   using pos_divmod_int_rel_mult_2 [OF _ divmod_int_rel_div_mod]
  2039   by (rule div_int_unique)
  2040 
  2041 lemma neg_zdiv_mult_2: 
  2042   assumes A: "a \<le> (0::int)" shows "(1 + 2*b) div (2*a) = (b+1) div a"
  2043   using neg_divmod_int_rel_mult_2 [OF A divmod_int_rel_div_mod]
  2044   by (rule div_int_unique)
  2045 
  2046 (* FIXME: add rules for negative numerals *)
  2047 lemma zdiv_numeral_Bit0 [simp]:
  2048   "numeral (Num.Bit0 v) div numeral (Num.Bit0 w) =
  2049     numeral v div (numeral w :: int)"
  2050   unfolding numeral.simps unfolding mult_2 [symmetric]
  2051   by (rule div_mult_mult1, simp)
  2052 
  2053 lemma zdiv_numeral_Bit1 [simp]:
  2054   "numeral (Num.Bit1 v) div numeral (Num.Bit0 w) =  
  2055     (numeral v div (numeral w :: int))"
  2056   unfolding numeral.simps
  2057   unfolding mult_2 [symmetric] add_commute [of _ 1]
  2058   by (rule pos_zdiv_mult_2, simp)
  2059 
  2060 lemma pos_zmod_mult_2:
  2061   fixes a b :: int
  2062   assumes "0 \<le> a"
  2063   shows "(1 + 2 * b) mod (2 * a) = 1 + 2 * (b mod a)"
  2064   using pos_divmod_int_rel_mult_2 [OF assms divmod_int_rel_div_mod]
  2065   by (rule mod_int_unique)
  2066 
  2067 lemma neg_zmod_mult_2:
  2068   fixes a b :: int
  2069   assumes "a \<le> 0"
  2070   shows "(1 + 2 * b) mod (2 * a) = 2 * ((b + 1) mod a) - 1"
  2071   using neg_divmod_int_rel_mult_2 [OF assms divmod_int_rel_div_mod]
  2072   by (rule mod_int_unique)
  2073 
  2074 (* FIXME: add rules for negative numerals *)
  2075 lemma zmod_numeral_Bit0 [simp]:
  2076   "numeral (Num.Bit0 v) mod numeral (Num.Bit0 w) =  
  2077     (2::int) * (numeral v mod numeral w)"
  2078   unfolding numeral_Bit0 [of v] numeral_Bit0 [of w]
  2079   unfolding mult_2 [symmetric] by (rule mod_mult_mult1)
  2080 
  2081 lemma zmod_numeral_Bit1 [simp]:
  2082   "numeral (Num.Bit1 v) mod numeral (Num.Bit0 w) =
  2083     2 * (numeral v mod numeral w) + (1::int)"
  2084   unfolding numeral_Bit1 [of v] numeral_Bit0 [of w]
  2085   unfolding mult_2 [symmetric] add_commute [of _ 1]
  2086   by (rule pos_zmod_mult_2, simp)
  2087 
  2088 lemma zdiv_eq_0_iff:
  2089  "(i::int) div k = 0 \<longleftrightarrow> k=0 \<or> 0\<le>i \<and> i<k \<or> i\<le>0 \<and> k<i" (is "?L = ?R")
  2090 proof
  2091   assume ?L
  2092   have "?L \<longrightarrow> ?R" by (rule split_zdiv[THEN iffD2]) simp
  2093   with `?L` show ?R by blast
  2094 next
  2095   assume ?R thus ?L
  2096     by(auto simp: div_pos_pos_trivial div_neg_neg_trivial)
  2097 qed
  2098 
  2099 
  2100 subsubsection {* Quotients of Signs *}
  2101 
  2102 lemma div_neg_pos_less0: "[| a < (0::int);  0 < b |] ==> a div b < 0"
  2103 apply (subgoal_tac "a div b \<le> -1", force)
  2104 apply (rule order_trans)
  2105 apply (rule_tac a' = "-1" in zdiv_mono1)
  2106 apply (auto simp add: div_eq_minus1)
  2107 done
  2108 
  2109 lemma div_nonneg_neg_le0: "[| (0::int) \<le> a; b < 0 |] ==> a div b \<le> 0"
  2110 by (drule zdiv_mono1_neg, auto)
  2111 
  2112 lemma div_nonpos_pos_le0: "[| (a::int) \<le> 0; b > 0 |] ==> a div b \<le> 0"
  2113 by (drule zdiv_mono1, auto)
  2114 
  2115 text{* Now for some equivalences of the form @{text"a div b >=< 0 \<longleftrightarrow> \<dots>"}
  2116 conditional upon the sign of @{text a} or @{text b}. There are many more.
  2117 They should all be simp rules unless that causes too much search. *}
  2118 
  2119 lemma pos_imp_zdiv_nonneg_iff: "(0::int) < b ==> (0 \<le> a div b) = (0 \<le> a)"
  2120 apply auto
  2121 apply (drule_tac [2] zdiv_mono1)
  2122 apply (auto simp add: linorder_neq_iff)
  2123 apply (simp (no_asm_use) add: linorder_not_less [symmetric])
  2124 apply (blast intro: div_neg_pos_less0)
  2125 done
  2126 
  2127 lemma neg_imp_zdiv_nonneg_iff:
  2128   "b < (0::int) ==> (0 \<le> a div b) = (a \<le> (0::int))"
  2129 apply (subst div_minus_minus [symmetric])
  2130 apply (subst pos_imp_zdiv_nonneg_iff, auto)
  2131 done
  2132 
  2133 (*But not (a div b \<le> 0 iff a\<le>0); consider a=1, b=2 when a div b = 0.*)
  2134 lemma pos_imp_zdiv_neg_iff: "(0::int) < b ==> (a div b < 0) = (a < 0)"
  2135 by (simp add: linorder_not_le [symmetric] pos_imp_zdiv_nonneg_iff)
  2136 
  2137 lemma pos_imp_zdiv_pos_iff:
  2138   "0<k \<Longrightarrow> 0 < (i::int) div k \<longleftrightarrow> k \<le> i"
  2139 using pos_imp_zdiv_nonneg_iff[of k i] zdiv_eq_0_iff[of i k]
  2140 by arith
  2141 
  2142 (*Again the law fails for \<le>: consider a = -1, b = -2 when a div b = 0*)
  2143 lemma neg_imp_zdiv_neg_iff: "b < (0::int) ==> (a div b < 0) = (0 < a)"
  2144 by (simp add: linorder_not_le [symmetric] neg_imp_zdiv_nonneg_iff)
  2145 
  2146 lemma nonneg1_imp_zdiv_pos_iff:
  2147   "(0::int) <= a \<Longrightarrow> (a div b > 0) = (a >= b & b>0)"
  2148 apply rule
  2149  apply rule
  2150   using div_pos_pos_trivial[of a b]apply arith
  2151  apply(cases "b=0")apply simp
  2152  using div_nonneg_neg_le0[of a b]apply arith
  2153 using int_one_le_iff_zero_less[of "a div b"] zdiv_mono1[of b a b]apply simp
  2154 done
  2155 
  2156 lemma zmod_le_nonneg_dividend: "(m::int) \<ge> 0 ==> m mod k \<le> m"
  2157 apply (rule split_zmod[THEN iffD2])
  2158 apply(fastforce dest: q_pos_lemma intro: split_mult_pos_le)
  2159 done
  2160 
  2161 
  2162 subsubsection {* The Divides Relation *}
  2163 
  2164 lemma dvd_neg_numeral_left [simp]:
  2165   fixes y :: "'a::comm_ring_1"
  2166   shows "(neg_numeral k) dvd y \<longleftrightarrow> (numeral k) dvd y"
  2167   unfolding neg_numeral_def minus_dvd_iff ..
  2168 
  2169 lemma dvd_neg_numeral_right [simp]:
  2170   fixes x :: "'a::comm_ring_1"
  2171   shows "x dvd (neg_numeral k) \<longleftrightarrow> x dvd (numeral k)"
  2172   unfolding neg_numeral_def dvd_minus_iff ..
  2173 
  2174 lemmas dvd_eq_mod_eq_0_numeral [simp] =
  2175   dvd_eq_mod_eq_0 [of "numeral x" "numeral y"] for x y
  2176 
  2177 
  2178 subsubsection {* Further properties *}
  2179 
  2180 lemma zmult_div_cancel: "(n::int) * (m div n) = m - (m mod n)"
  2181   using zmod_zdiv_equality[where a="m" and b="n"]
  2182   by (simp add: algebra_simps) (* FIXME: generalize *)
  2183 
  2184 lemma zdiv_int: "int (a div b) = (int a) div (int b)"
  2185 apply (subst split_div, auto)
  2186 apply (subst split_zdiv, auto)
  2187 apply (rule_tac a="int (b * i) + int j" and b="int b" and r="int j" and r'=ja in unique_quotient)
  2188 apply (auto simp add: divmod_int_rel_def of_nat_mult)
  2189 done
  2190 
  2191 lemma zmod_int: "int (a mod b) = (int a) mod (int b)"
  2192 apply (subst split_mod, auto)
  2193 apply (subst split_zmod, auto)
  2194 apply (rule_tac a="int (b * i) + int j" and b="int b" and q="int i" and q'=ia 
  2195        in unique_remainder)
  2196 apply (auto simp add: divmod_int_rel_def of_nat_mult)
  2197 done
  2198 
  2199 lemma abs_div: "(y::int) dvd x \<Longrightarrow> abs (x div y) = abs x div abs y"
  2200 by (unfold dvd_def, cases "y=0", auto simp add: abs_mult)
  2201 
  2202 text{*Suggested by Matthias Daum*}
  2203 lemma int_power_div_base:
  2204      "\<lbrakk>0 < m; 0 < k\<rbrakk> \<Longrightarrow> k ^ m div k = (k::int) ^ (m - Suc 0)"
  2205 apply (subgoal_tac "k ^ m = k ^ ((m - Suc 0) + Suc 0)")
  2206  apply (erule ssubst)
  2207  apply (simp only: power_add)
  2208  apply simp_all
  2209 done
  2210 
  2211 text {* by Brian Huffman *}
  2212 lemma zminus_zmod: "- ((x::int) mod m) mod m = - x mod m"
  2213 by (rule mod_minus_eq [symmetric])
  2214 
  2215 lemma zdiff_zmod_left: "(x mod m - y) mod m = (x - y) mod (m::int)"
  2216 by (rule mod_diff_left_eq [symmetric])
  2217 
  2218 lemma zdiff_zmod_right: "(x - y mod m) mod m = (x - y) mod (m::int)"
  2219 by (rule mod_diff_right_eq [symmetric])
  2220 
  2221 lemmas zmod_simps =
  2222   mod_add_left_eq  [symmetric]
  2223   mod_add_right_eq [symmetric]
  2224   mod_mult_right_eq[symmetric]
  2225   mod_mult_left_eq [symmetric]
  2226   power_mod
  2227   zminus_zmod zdiff_zmod_left zdiff_zmod_right
  2228 
  2229 text {* Distributive laws for function @{text nat}. *}
  2230 
  2231 lemma nat_div_distrib: "0 \<le> x \<Longrightarrow> nat (x div y) = nat x div nat y"
  2232 apply (rule linorder_cases [of y 0])
  2233 apply (simp add: div_nonneg_neg_le0)
  2234 apply simp
  2235 apply (simp add: nat_eq_iff pos_imp_zdiv_nonneg_iff zdiv_int)
  2236 done
  2237 
  2238 (*Fails if y<0: the LHS collapses to (nat z) but the RHS doesn't*)
  2239 lemma nat_mod_distrib:
  2240   "\<lbrakk>0 \<le> x; 0 \<le> y\<rbrakk> \<Longrightarrow> nat (x mod y) = nat x mod nat y"
  2241 apply (case_tac "y = 0", simp)
  2242 apply (simp add: nat_eq_iff zmod_int)
  2243 done
  2244 
  2245 text  {* transfer setup *}
  2246 
  2247 lemma transfer_nat_int_functions:
  2248     "(x::int) >= 0 \<Longrightarrow> y >= 0 \<Longrightarrow> (nat x) div (nat y) = nat (x div y)"
  2249     "(x::int) >= 0 \<Longrightarrow> y >= 0 \<Longrightarrow> (nat x) mod (nat y) = nat (x mod y)"
  2250   by (auto simp add: nat_div_distrib nat_mod_distrib)
  2251 
  2252 lemma transfer_nat_int_function_closures:
  2253     "(x::int) >= 0 \<Longrightarrow> y >= 0 \<Longrightarrow> x div y >= 0"
  2254     "(x::int) >= 0 \<Longrightarrow> y >= 0 \<Longrightarrow> x mod y >= 0"
  2255   apply (cases "y = 0")
  2256   apply (auto simp add: pos_imp_zdiv_nonneg_iff)
  2257   apply (cases "y = 0")
  2258   apply auto
  2259 done
  2260 
  2261 declare transfer_morphism_nat_int [transfer add return:
  2262   transfer_nat_int_functions
  2263   transfer_nat_int_function_closures
  2264 ]
  2265 
  2266 lemma transfer_int_nat_functions:
  2267     "(int x) div (int y) = int (x div y)"
  2268     "(int x) mod (int y) = int (x mod y)"
  2269   by (auto simp add: zdiv_int zmod_int)
  2270 
  2271 lemma transfer_int_nat_function_closures:
  2272     "is_nat x \<Longrightarrow> is_nat y \<Longrightarrow> is_nat (x div y)"
  2273     "is_nat x \<Longrightarrow> is_nat y \<Longrightarrow> is_nat (x mod y)"
  2274   by (simp_all only: is_nat_def transfer_nat_int_function_closures)
  2275 
  2276 declare transfer_morphism_int_nat [transfer add return:
  2277   transfer_int_nat_functions
  2278   transfer_int_nat_function_closures
  2279 ]
  2280 
  2281 text{*Suggested by Matthias Daum*}
  2282 lemma int_div_less_self: "\<lbrakk>0 < x; 1 < k\<rbrakk> \<Longrightarrow> x div k < (x::int)"
  2283 apply (subgoal_tac "nat x div nat k < nat x")
  2284  apply (simp add: nat_div_distrib [symmetric])
  2285 apply (rule Divides.div_less_dividend, simp_all)
  2286 done
  2287 
  2288 lemma zmod_eq_dvd_iff: "(x::int) mod n = y mod n \<longleftrightarrow> n dvd x - y"
  2289 proof
  2290   assume H: "x mod n = y mod n"
  2291   hence "x mod n - y mod n = 0" by simp
  2292   hence "(x mod n - y mod n) mod n = 0" by simp 
  2293   hence "(x - y) mod n = 0" by (simp add: mod_diff_eq[symmetric])
  2294   thus "n dvd x - y" by (simp add: dvd_eq_mod_eq_0)
  2295 next
  2296   assume H: "n dvd x - y"
  2297   then obtain k where k: "x-y = n*k" unfolding dvd_def by blast
  2298   hence "x = n*k + y" by simp
  2299   hence "x mod n = (n*k + y) mod n" by simp
  2300   thus "x mod n = y mod n" by (simp add: mod_add_left_eq)
  2301 qed
  2302 
  2303 lemma nat_mod_eq_lemma: assumes xyn: "(x::nat) mod n = y  mod n" and xy:"y \<le> x"
  2304   shows "\<exists>q. x = y + n * q"
  2305 proof-
  2306   from xy have th: "int x - int y = int (x - y)" by simp 
  2307   from xyn have "int x mod int n = int y mod int n" 
  2308     by (simp add: zmod_int [symmetric])
  2309   hence "int n dvd int x - int y" by (simp only: zmod_eq_dvd_iff[symmetric]) 
  2310   hence "n dvd x - y" by (simp add: th zdvd_int)
  2311   then show ?thesis using xy unfolding dvd_def apply clarsimp apply (rule_tac x="k" in exI) by arith
  2312 qed
  2313 
  2314 lemma nat_mod_eq_iff: "(x::nat) mod n = y mod n \<longleftrightarrow> (\<exists>q1 q2. x + n * q1 = y + n * q2)" 
  2315   (is "?lhs = ?rhs")
  2316 proof
  2317   assume H: "x mod n = y mod n"
  2318   {assume xy: "x \<le> y"
  2319     from H have th: "y mod n = x mod n" by simp
  2320     from nat_mod_eq_lemma[OF th xy] have ?rhs 
  2321       apply clarify  apply (rule_tac x="q" in exI) by (rule exI[where x="0"], simp)}
  2322   moreover
  2323   {assume xy: "y \<le> x"
  2324     from nat_mod_eq_lemma[OF H xy] have ?rhs 
  2325       apply clarify  apply (rule_tac x="0" in exI) by (rule_tac x="q" in exI, simp)}
  2326   ultimately  show ?rhs using linear[of x y] by blast  
  2327 next
  2328   assume ?rhs then obtain q1 q2 where q12: "x + n * q1 = y + n * q2" by blast
  2329   hence "(x + n * q1) mod n = (y + n * q2) mod n" by simp
  2330   thus  ?lhs by simp
  2331 qed
  2332 
  2333 lemma div_nat_numeral [simp]:
  2334   "(numeral v :: nat) div numeral v' = nat (numeral v div numeral v')"
  2335   by (simp add: nat_div_distrib)
  2336 
  2337 lemma one_div_nat_numeral [simp]:
  2338   "Suc 0 div numeral v' = nat (1 div numeral v')"
  2339   by (subst nat_div_distrib, simp_all)
  2340 
  2341 lemma mod_nat_numeral [simp]:
  2342   "(numeral v :: nat) mod numeral v' = nat (numeral v mod numeral v')"
  2343   by (simp add: nat_mod_distrib)
  2344 
  2345 lemma one_mod_nat_numeral [simp]:
  2346   "Suc 0 mod numeral v' = nat (1 mod numeral v')"
  2347   by (subst nat_mod_distrib) simp_all
  2348 
  2349 lemma mod_2_not_eq_zero_eq_one_int:
  2350   fixes k :: int
  2351   shows "k mod 2 \<noteq> 0 \<longleftrightarrow> k mod 2 = 1"
  2352   by auto
  2353 
  2354 
  2355 subsubsection {* Tools setup *}
  2356 
  2357 text {* Nitpick *}
  2358 
  2359 lemmas [nitpick_unfold] = dvd_eq_mod_eq_0 mod_div_equality' zmod_zdiv_equality'
  2360 
  2361 
  2362 subsubsection {* Code generation *}
  2363 
  2364 definition pdivmod :: "int \<Rightarrow> int \<Rightarrow> int \<times> int" where
  2365   "pdivmod k l = (\<bar>k\<bar> div \<bar>l\<bar>, \<bar>k\<bar> mod \<bar>l\<bar>)"
  2366 
  2367 lemma pdivmod_posDivAlg [code]:
  2368   "pdivmod k l = (if l = 0 then (0, \<bar>k\<bar>) else posDivAlg \<bar>k\<bar> \<bar>l\<bar>)"
  2369 by (subst posDivAlg_div_mod) (simp_all add: pdivmod_def)
  2370 
  2371 lemma divmod_int_pdivmod: "divmod_int k l = (if k = 0 then (0, 0) else if l = 0 then (0, k) else
  2372   apsnd ((op *) (sgn l)) (if 0 < l \<and> 0 \<le> k \<or> l < 0 \<and> k < 0
  2373     then pdivmod k l
  2374     else (let (r, s) = pdivmod k l in
  2375        if s = 0 then (- r, 0) else (- r - 1, \<bar>l\<bar> - s))))"
  2376 proof -
  2377   have aux: "\<And>q::int. - k = l * q \<longleftrightarrow> k = l * - q" by auto
  2378   show ?thesis
  2379     by (simp add: divmod_int_mod_div pdivmod_def)
  2380       (auto simp add: aux not_less not_le zdiv_zminus1_eq_if
  2381       zmod_zminus1_eq_if zdiv_zminus2_eq_if zmod_zminus2_eq_if)
  2382 qed
  2383 
  2384 lemma divmod_int_code [code]: "divmod_int k l = (if k = 0 then (0, 0) else if l = 0 then (0, k) else
  2385   apsnd ((op *) (sgn l)) (if sgn k = sgn l
  2386     then pdivmod k l
  2387     else (let (r, s) = pdivmod k l in
  2388       if s = 0 then (- r, 0) else (- r - 1, \<bar>l\<bar> - s))))"
  2389 proof -
  2390   have "k \<noteq> 0 \<Longrightarrow> l \<noteq> 0 \<Longrightarrow> 0 < l \<and> 0 \<le> k \<or> l < 0 \<and> k < 0 \<longleftrightarrow> sgn k = sgn l"
  2391     by (auto simp add: not_less sgn_if)
  2392   then show ?thesis by (simp add: divmod_int_pdivmod)
  2393 qed
  2394 
  2395 code_identifier
  2396   code_module Divides \<rightharpoonup> (SML) Arith and (OCaml) Arith and (Haskell) Arith
  2397 
  2398 end
  2399