src/HOL/Divides.thy
author ballarin
Thu Dec 11 18:30:26 2008 +0100 (2008-12-11)
changeset 29223 e09c53289830
parent 28823 dcbef866c9e2
child 29252 ea97aa6aeba2
permissions -rw-r--r--
Conversion of HOL-Main and ZF to new locales.
     1 (*  Title:      HOL/Divides.thy
     2     ID:         $Id$
     3     Author:     Lawrence C Paulson, Cambridge University Computer Laboratory
     4     Copyright   1999  University of Cambridge
     5 *)
     6 
     7 header {* The division operators div and mod *}
     8 
     9 theory Divides
    10 imports Nat Power Product_Type
    11 uses "~~/src/Provers/Arith/cancel_div_mod.ML"
    12 begin
    13 
    14 subsection {* Syntactic division operations *}
    15 
    16 class div = dvd +
    17   fixes div :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "div" 70)
    18     and mod :: "'a \<Rightarrow> 'a \<Rightarrow> 'a" (infixl "mod" 70)
    19 
    20 
    21 subsection {* Abstract division in commutative semirings. *}
    22 
    23 class semiring_div = comm_semiring_1_cancel + div + 
    24   assumes mod_div_equality: "a div b * b + a mod b = a"
    25     and div_by_0 [simp]: "a div 0 = 0"
    26     and div_0 [simp]: "0 div a = 0"
    27     and div_mult_self1 [simp]: "b \<noteq> 0 \<Longrightarrow> (a + c * b) div b = c + a div b"
    28 begin
    29 
    30 text {* @{const div} and @{const mod} *}
    31 
    32 lemma mod_div_equality2: "b * (a div b) + a mod b = a"
    33   unfolding mult_commute [of b]
    34   by (rule mod_div_equality)
    35 
    36 lemma div_mod_equality: "((a div b) * b + a mod b) + c = a + c"
    37   by (simp add: mod_div_equality)
    38 
    39 lemma div_mod_equality2: "(b * (a div b) + a mod b) + c = a + c"
    40   by (simp add: mod_div_equality2)
    41 
    42 lemma mod_by_0 [simp]: "a mod 0 = a"
    43   using mod_div_equality [of a zero] by simp
    44 
    45 lemma mod_0 [simp]: "0 mod a = 0"
    46   using mod_div_equality [of zero a] div_0 by simp 
    47 
    48 lemma div_mult_self2 [simp]:
    49   assumes "b \<noteq> 0"
    50   shows "(a + b * c) div b = c + a div b"
    51   using assms div_mult_self1 [of b a c] by (simp add: mult_commute)
    52 
    53 lemma mod_mult_self1 [simp]: "(a + c * b) mod b = a mod b"
    54 proof (cases "b = 0")
    55   case True then show ?thesis by simp
    56 next
    57   case False
    58   have "a + c * b = (a + c * b) div b * b + (a + c * b) mod b"
    59     by (simp add: mod_div_equality)
    60   also from False div_mult_self1 [of b a c] have
    61     "\<dots> = (c + a div b) * b + (a + c * b) mod b"
    62       by (simp add: left_distrib add_ac)
    63   finally have "a = a div b * b + (a + c * b) mod b"
    64     by (simp add: add_commute [of a] add_assoc left_distrib)
    65   then have "a div b * b + (a + c * b) mod b = a div b * b + a mod b"
    66     by (simp add: mod_div_equality)
    67   then show ?thesis by simp
    68 qed
    69 
    70 lemma mod_mult_self2 [simp]: "(a + b * c) mod b = a mod b"
    71   by (simp add: mult_commute [of b])
    72 
    73 lemma div_mult_self1_is_id [simp]: "b \<noteq> 0 \<Longrightarrow> b * a div b = a"
    74   using div_mult_self2 [of b 0 a] by simp
    75 
    76 lemma div_mult_self2_is_id [simp]: "b \<noteq> 0 \<Longrightarrow> a * b div b = a"
    77   using div_mult_self1 [of b 0 a] by simp
    78 
    79 lemma mod_mult_self1_is_0 [simp]: "b * a mod b = 0"
    80   using mod_mult_self2 [of 0 b a] by simp
    81 
    82 lemma mod_mult_self2_is_0 [simp]: "a * b mod b = 0"
    83   using mod_mult_self1 [of 0 a b] by simp
    84 
    85 lemma div_by_1 [simp]: "a div 1 = a"
    86   using div_mult_self2_is_id [of 1 a] zero_neq_one by simp
    87 
    88 lemma mod_by_1 [simp]: "a mod 1 = 0"
    89 proof -
    90   from mod_div_equality [of a one] div_by_1 have "a + a mod 1 = a" by simp
    91   then have "a + a mod 1 = a + 0" by simp
    92   then show ?thesis by (rule add_left_imp_eq)
    93 qed
    94 
    95 lemma mod_self [simp]: "a mod a = 0"
    96   using mod_mult_self2_is_0 [of 1] by simp
    97 
    98 lemma div_self [simp]: "a \<noteq> 0 \<Longrightarrow> a div a = 1"
    99   using div_mult_self2_is_id [of _ 1] by simp
   100 
   101 lemma div_add_self1 [simp]:
   102   assumes "b \<noteq> 0"
   103   shows "(b + a) div b = a div b + 1"
   104   using assms div_mult_self1 [of b a 1] by (simp add: add_commute)
   105 
   106 lemma div_add_self2 [simp]:
   107   assumes "b \<noteq> 0"
   108   shows "(a + b) div b = a div b + 1"
   109   using assms div_add_self1 [of b a] by (simp add: add_commute)
   110 
   111 lemma mod_add_self1 [simp]:
   112   "(b + a) mod b = a mod b"
   113   using mod_mult_self1 [of a 1 b] by (simp add: add_commute)
   114 
   115 lemma mod_add_self2 [simp]:
   116   "(a + b) mod b = a mod b"
   117   using mod_mult_self1 [of a 1 b] by simp
   118 
   119 lemma mod_div_decomp:
   120   fixes a b
   121   obtains q r where "q = a div b" and "r = a mod b"
   122     and "a = q * b + r"
   123 proof -
   124   from mod_div_equality have "a = a div b * b + a mod b" by simp
   125   moreover have "a div b = a div b" ..
   126   moreover have "a mod b = a mod b" ..
   127   note that ultimately show thesis by blast
   128 qed
   129 
   130 lemma dvd_eq_mod_eq_0 [code]: "a dvd b \<longleftrightarrow> b mod a = 0"
   131 proof
   132   assume "b mod a = 0"
   133   with mod_div_equality [of b a] have "b div a * a = b" by simp
   134   then have "b = a * (b div a)" unfolding mult_commute ..
   135   then have "\<exists>c. b = a * c" ..
   136   then show "a dvd b" unfolding dvd_def .
   137 next
   138   assume "a dvd b"
   139   then have "\<exists>c. b = a * c" unfolding dvd_def .
   140   then obtain c where "b = a * c" ..
   141   then have "b mod a = a * c mod a" by simp
   142   then have "b mod a = c * a mod a" by (simp add: mult_commute)
   143   then show "b mod a = 0" by simp
   144 qed
   145 
   146 end
   147 
   148 
   149 subsection {* Division on @{typ nat} *}
   150 
   151 text {*
   152   We define @{const div} and @{const mod} on @{typ nat} by means
   153   of a characteristic relation with two input arguments
   154   @{term "m\<Colon>nat"}, @{term "n\<Colon>nat"} and two output arguments
   155   @{term "q\<Colon>nat"}(uotient) and @{term "r\<Colon>nat"}(emainder).
   156 *}
   157 
   158 definition divmod_rel :: "nat \<Rightarrow> nat \<Rightarrow> nat \<Rightarrow> nat \<Rightarrow> bool" where
   159   "divmod_rel m n q r \<longleftrightarrow> m = q * n + r \<and> (if n > 0 then 0 \<le> r \<and> r < n else q = 0)"
   160 
   161 text {* @{const divmod_rel} is total: *}
   162 
   163 lemma divmod_rel_ex:
   164   obtains q r where "divmod_rel m n q r"
   165 proof (cases "n = 0")
   166   case True with that show thesis
   167     by (auto simp add: divmod_rel_def)
   168 next
   169   case False
   170   have "\<exists>q r. m = q * n + r \<and> r < n"
   171   proof (induct m)
   172     case 0 with `n \<noteq> 0`
   173     have "(0\<Colon>nat) = 0 * n + 0 \<and> 0 < n" by simp
   174     then show ?case by blast
   175   next
   176     case (Suc m) then obtain q' r'
   177       where m: "m = q' * n + r'" and n: "r' < n" by auto
   178     then show ?case proof (cases "Suc r' < n")
   179       case True
   180       from m n have "Suc m = q' * n + Suc r'" by simp
   181       with True show ?thesis by blast
   182     next
   183       case False then have "n \<le> Suc r'" by auto
   184       moreover from n have "Suc r' \<le> n" by auto
   185       ultimately have "n = Suc r'" by auto
   186       with m have "Suc m = Suc q' * n + 0" by simp
   187       with `n \<noteq> 0` show ?thesis by blast
   188     qed
   189   qed
   190   with that show thesis
   191     using `n \<noteq> 0` by (auto simp add: divmod_rel_def)
   192 qed
   193 
   194 text {* @{const divmod_rel} is injective: *}
   195 
   196 lemma divmod_rel_unique_div:
   197   assumes "divmod_rel m n q r"
   198     and "divmod_rel m n q' r'"
   199   shows "q = q'"
   200 proof (cases "n = 0")
   201   case True with assms show ?thesis
   202     by (simp add: divmod_rel_def)
   203 next
   204   case False
   205   have aux: "\<And>q r q' r'. q' * n + r' = q * n + r \<Longrightarrow> r < n \<Longrightarrow> q' \<le> (q\<Colon>nat)"
   206   apply (rule leI)
   207   apply (subst less_iff_Suc_add)
   208   apply (auto simp add: add_mult_distrib)
   209   done
   210   from `n \<noteq> 0` assms show ?thesis
   211     by (auto simp add: divmod_rel_def
   212       intro: order_antisym dest: aux sym)
   213 qed
   214 
   215 lemma divmod_rel_unique_mod:
   216   assumes "divmod_rel m n q r"
   217     and "divmod_rel m n q' r'"
   218   shows "r = r'"
   219 proof -
   220   from assms have "q = q'" by (rule divmod_rel_unique_div)
   221   with assms show ?thesis by (simp add: divmod_rel_def)
   222 qed
   223 
   224 text {*
   225   We instantiate divisibility on the natural numbers by
   226   means of @{const divmod_rel}:
   227 *}
   228 
   229 instantiation nat :: semiring_div
   230 begin
   231 
   232 definition divmod :: "nat \<Rightarrow> nat \<Rightarrow> nat \<times> nat" where
   233   [code del]: "divmod m n = (THE (q, r). divmod_rel m n q r)"
   234 
   235 definition div_nat where
   236   "m div n = fst (divmod m n)"
   237 
   238 definition mod_nat where
   239   "m mod n = snd (divmod m n)"
   240 
   241 lemma divmod_div_mod:
   242   "divmod m n = (m div n, m mod n)"
   243   unfolding div_nat_def mod_nat_def by simp
   244 
   245 lemma divmod_eq:
   246   assumes "divmod_rel m n q r" 
   247   shows "divmod m n = (q, r)"
   248   using assms by (auto simp add: divmod_def
   249     dest: divmod_rel_unique_div divmod_rel_unique_mod)
   250 
   251 lemma div_eq:
   252   assumes "divmod_rel m n q r" 
   253   shows "m div n = q"
   254   using assms by (auto dest: divmod_eq simp add: div_nat_def)
   255 
   256 lemma mod_eq:
   257   assumes "divmod_rel m n q r" 
   258   shows "m mod n = r"
   259   using assms by (auto dest: divmod_eq simp add: mod_nat_def)
   260 
   261 lemma divmod_rel: "divmod_rel m n (m div n) (m mod n)"
   262 proof -
   263   from divmod_rel_ex
   264     obtain q r where rel: "divmod_rel m n q r" .
   265   moreover with div_eq mod_eq have "m div n = q" and "m mod n = r"
   266     by simp_all
   267   ultimately show ?thesis by simp
   268 qed
   269 
   270 lemma divmod_zero:
   271   "divmod m 0 = (0, m)"
   272 proof -
   273   from divmod_rel [of m 0] show ?thesis
   274     unfolding divmod_div_mod divmod_rel_def by simp
   275 qed
   276 
   277 lemma divmod_base:
   278   assumes "m < n"
   279   shows "divmod m n = (0, m)"
   280 proof -
   281   from divmod_rel [of m n] show ?thesis
   282     unfolding divmod_div_mod divmod_rel_def
   283     using assms by (cases "m div n = 0")
   284       (auto simp add: gr0_conv_Suc [of "m div n"])
   285 qed
   286 
   287 lemma divmod_step:
   288   assumes "0 < n" and "n \<le> m"
   289   shows "divmod m n = (Suc ((m - n) div n), (m - n) mod n)"
   290 proof -
   291   from divmod_rel have divmod_m_n: "divmod_rel m n (m div n) (m mod n)" .
   292   with assms have m_div_n: "m div n \<ge> 1"
   293     by (cases "m div n") (auto simp add: divmod_rel_def)
   294   from assms divmod_m_n have "divmod_rel (m - n) n (m div n - 1) (m mod n)"
   295     by (cases "m div n") (auto simp add: divmod_rel_def)
   296   with divmod_eq have "divmod (m - n) n = (m div n - 1, m mod n)" by simp
   297   moreover from divmod_div_mod have "divmod (m - n) n = ((m - n) div n, (m - n) mod n)" .
   298   ultimately have "m div n = Suc ((m - n) div n)"
   299     and "m mod n = (m - n) mod n" using m_div_n by simp_all
   300   then show ?thesis using divmod_div_mod by simp
   301 qed
   302 
   303 text {* The ''recursion'' equations for @{const div} and @{const mod} *}
   304 
   305 lemma div_less [simp]:
   306   fixes m n :: nat
   307   assumes "m < n"
   308   shows "m div n = 0"
   309   using assms divmod_base divmod_div_mod by simp
   310 
   311 lemma le_div_geq:
   312   fixes m n :: nat
   313   assumes "0 < n" and "n \<le> m"
   314   shows "m div n = Suc ((m - n) div n)"
   315   using assms divmod_step divmod_div_mod by simp
   316 
   317 lemma mod_less [simp]:
   318   fixes m n :: nat
   319   assumes "m < n"
   320   shows "m mod n = m"
   321   using assms divmod_base divmod_div_mod by simp
   322 
   323 lemma le_mod_geq:
   324   fixes m n :: nat
   325   assumes "n \<le> m"
   326   shows "m mod n = (m - n) mod n"
   327   using assms divmod_step divmod_div_mod by (cases "n = 0") simp_all
   328 
   329 instance proof
   330   fix m n :: nat show "m div n * n + m mod n = m"
   331     using divmod_rel [of m n] by (simp add: divmod_rel_def)
   332 next
   333   fix n :: nat show "n div 0 = 0"
   334     using divmod_zero divmod_div_mod [of n 0] by simp
   335 next
   336   fix n :: nat show "0 div n = 0"
   337     using divmod_rel [of 0 n] by (cases n) (simp_all add: divmod_rel_def)
   338 next
   339   fix m n q :: nat assume "n \<noteq> 0" then show "(q + m * n) div n = m + q div n"
   340     by (induct m) (simp_all add: le_div_geq)
   341 qed
   342 
   343 end
   344 
   345 text {* Simproc for cancelling @{const div} and @{const mod} *}
   346 
   347 (*lemmas mod_div_equality_nat = semiring_div_class.times_div_mod_plus_zero_one.mod_div_equality [of "m\<Colon>nat" n, standard]
   348 lemmas mod_div_equality2_nat = mod_div_equality2 [of "n\<Colon>nat" m, standard*)
   349 
   350 ML {*
   351 structure CancelDivModData =
   352 struct
   353 
   354 val div_name = @{const_name div};
   355 val mod_name = @{const_name mod};
   356 val mk_binop = HOLogic.mk_binop;
   357 val mk_sum = ArithData.mk_sum;
   358 val dest_sum = ArithData.dest_sum;
   359 
   360 (*logic*)
   361 
   362 val div_mod_eqs = map mk_meta_eq [@{thm div_mod_equality}, @{thm div_mod_equality2}]
   363 
   364 val trans = trans
   365 
   366 val prove_eq_sums =
   367   let val simps = @{thm add_0} :: @{thm add_0_right} :: @{thms add_ac}
   368   in ArithData.prove_conv all_tac (ArithData.simp_all_tac simps) end;
   369 
   370 end;
   371 
   372 structure CancelDivMod = CancelDivModFun(CancelDivModData);
   373 
   374 val cancel_div_mod_proc = Simplifier.simproc (the_context ())
   375   "cancel_div_mod" ["(m::nat) + n"] (K CancelDivMod.proc);
   376 
   377 Addsimprocs[cancel_div_mod_proc];
   378 *}
   379 
   380 text {* code generator setup *}
   381 
   382 lemma divmod_if [code]: "divmod m n = (if n = 0 \<or> m < n then (0, m) else
   383   let (q, r) = divmod (m - n) n in (Suc q, r))"
   384   by (simp add: divmod_zero divmod_base divmod_step)
   385     (simp add: divmod_div_mod)
   386 
   387 code_modulename SML
   388   Divides Nat
   389 
   390 code_modulename OCaml
   391   Divides Nat
   392 
   393 code_modulename Haskell
   394   Divides Nat
   395 
   396 
   397 subsubsection {* Quotient *}
   398 
   399 lemma div_geq: "0 < n \<Longrightarrow>  \<not> m < n \<Longrightarrow> m div n = Suc ((m - n) div n)"
   400   by (simp add: le_div_geq linorder_not_less)
   401 
   402 lemma div_if: "0 < n \<Longrightarrow> m div n = (if m < n then 0 else Suc ((m - n) div n))"
   403   by (simp add: div_geq)
   404 
   405 lemma div_mult_self_is_m [simp]: "0<n ==> (m*n) div n = (m::nat)"
   406   by simp
   407 
   408 lemma div_mult_self1_is_m [simp]: "0<n ==> (n*m) div n = (m::nat)"
   409   by simp
   410 
   411 
   412 subsubsection {* Remainder *}
   413 
   414 lemma mod_less_divisor [simp]:
   415   fixes m n :: nat
   416   assumes "n > 0"
   417   shows "m mod n < (n::nat)"
   418   using assms divmod_rel unfolding divmod_rel_def by auto
   419 
   420 lemma mod_less_eq_dividend [simp]:
   421   fixes m n :: nat
   422   shows "m mod n \<le> m"
   423 proof (rule add_leD2)
   424   from mod_div_equality have "m div n * n + m mod n = m" .
   425   then show "m div n * n + m mod n \<le> m" by auto
   426 qed
   427 
   428 lemma mod_geq: "\<not> m < (n\<Colon>nat) \<Longrightarrow> m mod n = (m - n) mod n"
   429   by (simp add: le_mod_geq linorder_not_less)
   430 
   431 lemma mod_if: "m mod (n\<Colon>nat) = (if m < n then m else (m - n) mod n)"
   432   by (simp add: le_mod_geq)
   433 
   434 lemma mod_1 [simp]: "m mod Suc 0 = 0"
   435   by (induct m) (simp_all add: mod_geq)
   436 
   437 lemma mod_mult_distrib: "(m mod n) * (k\<Colon>nat) = (m * k) mod (n * k)"
   438   apply (cases "n = 0", simp)
   439   apply (cases "k = 0", simp)
   440   apply (induct m rule: nat_less_induct)
   441   apply (subst mod_if, simp)
   442   apply (simp add: mod_geq diff_mult_distrib)
   443   done
   444 
   445 lemma mod_mult_distrib2: "(k::nat) * (m mod n) = (k*m) mod (k*n)"
   446   by (simp add: mult_commute [of k] mod_mult_distrib)
   447 
   448 (* a simple rearrangement of mod_div_equality: *)
   449 lemma mult_div_cancel: "(n::nat) * (m div n) = m - (m mod n)"
   450   by (cut_tac a = m and b = n in mod_div_equality2, arith)
   451 
   452 lemma mod_le_divisor[simp]: "0 < n \<Longrightarrow> m mod n \<le> (n::nat)"
   453   apply (drule mod_less_divisor [where m = m])
   454   apply simp
   455   done
   456 
   457 subsubsection {* Quotient and Remainder *}
   458 
   459 lemma divmod_rel_mult1_eq:
   460   "[| divmod_rel b c q r; c > 0 |]
   461    ==> divmod_rel (a*b) c (a*q + a*r div c) (a*r mod c)"
   462 by (auto simp add: split_ifs mult_ac divmod_rel_def add_mult_distrib2)
   463 
   464 lemma div_mult1_eq: "(a*b) div c = a*(b div c) + a*(b mod c) div (c::nat)"
   465 apply (cases "c = 0", simp)
   466 apply (blast intro: divmod_rel [THEN divmod_rel_mult1_eq, THEN div_eq])
   467 done
   468 
   469 lemma mod_mult1_eq: "(a*b) mod c = a*(b mod c) mod (c::nat)"
   470 apply (cases "c = 0", simp)
   471 apply (blast intro: divmod_rel [THEN divmod_rel_mult1_eq, THEN mod_eq])
   472 done
   473 
   474 lemma mod_mult1_eq': "(a*b) mod (c::nat) = ((a mod c) * b) mod c"
   475   apply (rule trans)
   476    apply (rule_tac s = "b*a mod c" in trans)
   477     apply (rule_tac [2] mod_mult1_eq)
   478    apply (simp_all add: mult_commute)
   479   done
   480 
   481 lemma mod_mult_distrib_mod:
   482   "(a*b) mod (c::nat) = ((a mod c) * (b mod c)) mod c"
   483 apply (rule mod_mult1_eq' [THEN trans])
   484 apply (rule mod_mult1_eq)
   485 done
   486 
   487 lemma divmod_rel_add1_eq:
   488   "[| divmod_rel a c aq ar; divmod_rel b c bq br;  c > 0 |]
   489    ==> divmod_rel (a + b) c (aq + bq + (ar+br) div c) ((ar + br) mod c)"
   490 by (auto simp add: split_ifs mult_ac divmod_rel_def add_mult_distrib2)
   491 
   492 (*NOT suitable for rewriting: the RHS has an instance of the LHS*)
   493 lemma div_add1_eq:
   494   "(a+b) div (c::nat) = a div c + b div c + ((a mod c + b mod c) div c)"
   495 apply (cases "c = 0", simp)
   496 apply (blast intro: divmod_rel_add1_eq [THEN div_eq] divmod_rel)
   497 done
   498 
   499 lemma mod_add1_eq: "(a+b) mod (c::nat) = (a mod c + b mod c) mod c"
   500 apply (cases "c = 0", simp)
   501 apply (blast intro: divmod_rel_add1_eq [THEN mod_eq] divmod_rel)
   502 done
   503 
   504 lemma mod_lemma: "[| (0::nat) < c; r < b |] ==> b * (q mod c) + r < b * c"
   505   apply (cut_tac m = q and n = c in mod_less_divisor)
   506   apply (drule_tac [2] m = "q mod c" in less_imp_Suc_add, auto)
   507   apply (erule_tac P = "%x. ?lhs < ?rhs x" in ssubst)
   508   apply (simp add: add_mult_distrib2)
   509   done
   510 
   511 lemma divmod_rel_mult2_eq: "[| divmod_rel a b q r;  0 < b;  0 < c |]
   512       ==> divmod_rel a (b*c) (q div c) (b*(q mod c) + r)"
   513   by (auto simp add: mult_ac divmod_rel_def add_mult_distrib2 [symmetric] mod_lemma)
   514 
   515 lemma div_mult2_eq: "a div (b*c) = (a div b) div (c::nat)"
   516   apply (cases "b = 0", simp)
   517   apply (cases "c = 0", simp)
   518   apply (force simp add: divmod_rel [THEN divmod_rel_mult2_eq, THEN div_eq])
   519   done
   520 
   521 lemma mod_mult2_eq: "a mod (b*c) = b*(a div b mod c) + a mod (b::nat)"
   522   apply (cases "b = 0", simp)
   523   apply (cases "c = 0", simp)
   524   apply (auto simp add: mult_commute divmod_rel [THEN divmod_rel_mult2_eq, THEN mod_eq])
   525   done
   526 
   527 
   528 subsubsection{*Cancellation of Common Factors in Division*}
   529 
   530 lemma div_mult_mult_lemma:
   531     "[| (0::nat) < b;  0 < c |] ==> (c*a) div (c*b) = a div b"
   532   by (auto simp add: div_mult2_eq)
   533 
   534 lemma div_mult_mult1 [simp]: "(0::nat) < c ==> (c*a) div (c*b) = a div b"
   535   apply (cases "b = 0")
   536   apply (auto simp add: linorder_neq_iff [of b] div_mult_mult_lemma)
   537   done
   538 
   539 lemma div_mult_mult2 [simp]: "(0::nat) < c ==> (a*c) div (b*c) = a div b"
   540   apply (drule div_mult_mult1)
   541   apply (auto simp add: mult_commute)
   542   done
   543 
   544 
   545 subsubsection{*Further Facts about Quotient and Remainder*}
   546 
   547 lemma div_1 [simp]: "m div Suc 0 = m"
   548   by (induct m) (simp_all add: div_geq)
   549 
   550 
   551 (* Monotonicity of div in first argument *)
   552 lemma div_le_mono [rule_format (no_asm)]:
   553     "\<forall>m::nat. m \<le> n --> (m div k) \<le> (n div k)"
   554 apply (case_tac "k=0", simp)
   555 apply (induct "n" rule: nat_less_induct, clarify)
   556 apply (case_tac "n<k")
   557 (* 1  case n<k *)
   558 apply simp
   559 (* 2  case n >= k *)
   560 apply (case_tac "m<k")
   561 (* 2.1  case m<k *)
   562 apply simp
   563 (* 2.2  case m>=k *)
   564 apply (simp add: div_geq diff_le_mono)
   565 done
   566 
   567 (* Antimonotonicity of div in second argument *)
   568 lemma div_le_mono2: "!!m::nat. [| 0<m; m\<le>n |] ==> (k div n) \<le> (k div m)"
   569 apply (subgoal_tac "0<n")
   570  prefer 2 apply simp
   571 apply (induct_tac k rule: nat_less_induct)
   572 apply (rename_tac "k")
   573 apply (case_tac "k<n", simp)
   574 apply (subgoal_tac "~ (k<m) ")
   575  prefer 2 apply simp
   576 apply (simp add: div_geq)
   577 apply (subgoal_tac "(k-n) div n \<le> (k-m) div n")
   578  prefer 2
   579  apply (blast intro: div_le_mono diff_le_mono2)
   580 apply (rule le_trans, simp)
   581 apply (simp)
   582 done
   583 
   584 lemma div_le_dividend [simp]: "m div n \<le> (m::nat)"
   585 apply (case_tac "n=0", simp)
   586 apply (subgoal_tac "m div n \<le> m div 1", simp)
   587 apply (rule div_le_mono2)
   588 apply (simp_all (no_asm_simp))
   589 done
   590 
   591 (* Similar for "less than" *)
   592 lemma div_less_dividend [rule_format]:
   593      "!!n::nat. 1<n ==> 0 < m --> m div n < m"
   594 apply (induct_tac m rule: nat_less_induct)
   595 apply (rename_tac "m")
   596 apply (case_tac "m<n", simp)
   597 apply (subgoal_tac "0<n")
   598  prefer 2 apply simp
   599 apply (simp add: div_geq)
   600 apply (case_tac "n<m")
   601  apply (subgoal_tac "(m-n) div n < (m-n) ")
   602   apply (rule impI less_trans_Suc)+
   603 apply assumption
   604   apply (simp_all)
   605 done
   606 
   607 declare div_less_dividend [simp]
   608 
   609 text{*A fact for the mutilated chess board*}
   610 lemma mod_Suc: "Suc(m) mod n = (if Suc(m mod n) = n then 0 else Suc(m mod n))"
   611 apply (case_tac "n=0", simp)
   612 apply (induct "m" rule: nat_less_induct)
   613 apply (case_tac "Suc (na) <n")
   614 (* case Suc(na) < n *)
   615 apply (frule lessI [THEN less_trans], simp add: less_not_refl3)
   616 (* case n \<le> Suc(na) *)
   617 apply (simp add: linorder_not_less le_Suc_eq mod_geq)
   618 apply (auto simp add: Suc_diff_le le_mod_geq)
   619 done
   620 
   621 lemma nat_mod_div_trivial [simp]: "m mod n div n = (0 :: nat)"
   622   by (cases "n = 0") auto
   623 
   624 lemma nat_mod_mod_trivial [simp]: "m mod n mod n = (m mod n :: nat)"
   625   by (cases "n = 0") auto
   626 
   627 
   628 subsubsection {* The Divides Relation *}
   629 
   630 lemma dvd_1_left [iff]: "Suc 0 dvd k"
   631   unfolding dvd_def by simp
   632 
   633 lemma dvd_1_iff_1 [simp]: "(m dvd Suc 0) = (m = Suc 0)"
   634   by (simp add: dvd_def)
   635 
   636 lemma dvd_anti_sym: "[| m dvd n; n dvd m |] ==> m = (n::nat)"
   637   unfolding dvd_def
   638   by (force dest: mult_eq_self_implies_10 simp add: mult_assoc mult_eq_1_iff)
   639 
   640 text {* @{term "op dvd"} is a partial order *}
   641 
   642 class_interpretation dvd: order ["op dvd" "\<lambda>n m \<Colon> nat. n dvd m \<and> \<not> m dvd n"]
   643   proof qed (auto intro: dvd_refl dvd_trans dvd_anti_sym)
   644 
   645 lemma dvd_diff: "[| k dvd m; k dvd n |] ==> k dvd (m-n :: nat)"
   646   unfolding dvd_def
   647   by (blast intro: diff_mult_distrib2 [symmetric])
   648 
   649 lemma dvd_diffD: "[| k dvd m-n; k dvd n; n\<le>m |] ==> k dvd (m::nat)"
   650   apply (erule linorder_not_less [THEN iffD2, THEN add_diff_inverse, THEN subst])
   651   apply (blast intro: dvd_add)
   652   done
   653 
   654 lemma dvd_diffD1: "[| k dvd m-n; k dvd m; n\<le>m |] ==> k dvd (n::nat)"
   655   by (drule_tac m = m in dvd_diff, auto)
   656 
   657 lemma dvd_reduce: "(k dvd n + k) = (k dvd (n::nat))"
   658   apply (rule iffI)
   659    apply (erule_tac [2] dvd_add)
   660    apply (rule_tac [2] dvd_refl)
   661   apply (subgoal_tac "n = (n+k) -k")
   662    prefer 2 apply simp
   663   apply (erule ssubst)
   664   apply (erule dvd_diff)
   665   apply (rule dvd_refl)
   666   done
   667 
   668 lemma dvd_mod: "!!n::nat. [| f dvd m; f dvd n |] ==> f dvd m mod n"
   669   unfolding dvd_def
   670   apply (case_tac "n = 0", auto)
   671   apply (blast intro: mod_mult_distrib2 [symmetric])
   672   done
   673 
   674 lemma dvd_mod_imp_dvd: "[| (k::nat) dvd m mod n;  k dvd n |] ==> k dvd m"
   675   apply (subgoal_tac "k dvd (m div n) *n + m mod n")
   676    apply (simp add: mod_div_equality)
   677   apply (simp only: dvd_add dvd_mult)
   678   done
   679 
   680 lemma dvd_mod_iff: "k dvd n ==> ((k::nat) dvd m mod n) = (k dvd m)"
   681   by (blast intro: dvd_mod_imp_dvd dvd_mod)
   682 
   683 lemma dvd_mult_cancel: "!!k::nat. [| k*m dvd k*n; 0<k |] ==> m dvd n"
   684   unfolding dvd_def
   685   apply (erule exE)
   686   apply (simp add: mult_ac)
   687   done
   688 
   689 lemma dvd_mult_cancel1: "0<m ==> (m*n dvd m) = (n = (1::nat))"
   690   apply auto
   691    apply (subgoal_tac "m*n dvd m*1")
   692    apply (drule dvd_mult_cancel, auto)
   693   done
   694 
   695 lemma dvd_mult_cancel2: "0<m ==> (n*m dvd m) = (n = (1::nat))"
   696   apply (subst mult_commute)
   697   apply (erule dvd_mult_cancel1)
   698   done
   699 
   700 lemma dvd_imp_le: "[| k dvd n; 0 < n |] ==> k \<le> (n::nat)"
   701   apply (unfold dvd_def, clarify)
   702   apply (simp_all (no_asm_use) add: zero_less_mult_iff)
   703   apply (erule conjE)
   704   apply (rule le_trans)
   705    apply (rule_tac [2] le_refl [THEN mult_le_mono])
   706    apply (erule_tac [2] Suc_leI, simp)
   707   done
   708 
   709 lemma dvd_mult_div_cancel: "n dvd m ==> n * (m div n) = (m::nat)"
   710   apply (subgoal_tac "m mod n = 0")
   711    apply (simp add: mult_div_cancel)
   712   apply (simp only: dvd_eq_mod_eq_0)
   713   done
   714 
   715 lemma le_imp_power_dvd: "!!i::nat. m \<le> n ==> i^m dvd i^n"
   716   apply (unfold dvd_def)
   717   apply (erule linorder_not_less [THEN iffD2, THEN add_diff_inverse, THEN subst])
   718   apply (simp add: power_add)
   719   done
   720 
   721 lemma mod_add_left_eq: "((a::nat) + b) mod c = (a mod c + b) mod c"
   722   apply (rule trans [symmetric])
   723    apply (rule mod_add1_eq, simp)
   724   apply (rule mod_add1_eq [symmetric])
   725   done
   726 
   727 lemma mod_add_right_eq: "(a+b) mod (c::nat) = (a + (b mod c)) mod c"
   728   apply (rule trans [symmetric])
   729    apply (rule mod_add1_eq, simp)
   730   apply (rule mod_add1_eq [symmetric])
   731   done
   732 
   733 lemma nat_zero_less_power_iff [simp]: "(x^n > 0) = (x > (0::nat) | n=0)"
   734   by (induct n) auto
   735 
   736 lemma power_le_dvd [rule_format]: "k^j dvd n --> i\<le>j --> k^i dvd (n::nat)"
   737   apply (induct j)
   738    apply (simp_all add: le_Suc_eq)
   739   apply (blast dest!: dvd_mult_right)
   740   done
   741 
   742 lemma power_dvd_imp_le: "[|i^m dvd i^n;  (1::nat) < i|] ==> m \<le> n"
   743   apply (rule power_le_imp_le_exp, assumption)
   744   apply (erule dvd_imp_le, simp)
   745   done
   746 
   747 lemma mod_eq_0_iff: "(m mod d = 0) = (\<exists>q::nat. m = d*q)"
   748   by (auto simp add: dvd_eq_mod_eq_0 [symmetric] dvd_def)
   749 
   750 lemmas mod_eq_0D [dest!] = mod_eq_0_iff [THEN iffD1]
   751 
   752 (*Loses information, namely we also have r<d provided d is nonzero*)
   753 lemma mod_eqD: "(m mod d = r) ==> \<exists>q::nat. m = r + q*d"
   754   apply (cut_tac a = m in mod_div_equality)
   755   apply (simp only: add_ac)
   756   apply (blast intro: sym)
   757   done
   758 
   759 lemma split_div:
   760  "P(n div k :: nat) =
   761  ((k = 0 \<longrightarrow> P 0) \<and> (k \<noteq> 0 \<longrightarrow> (!i. !j<k. n = k*i + j \<longrightarrow> P i)))"
   762  (is "?P = ?Q" is "_ = (_ \<and> (_ \<longrightarrow> ?R))")
   763 proof
   764   assume P: ?P
   765   show ?Q
   766   proof (cases)
   767     assume "k = 0"
   768     with P show ?Q by simp
   769   next
   770     assume not0: "k \<noteq> 0"
   771     thus ?Q
   772     proof (simp, intro allI impI)
   773       fix i j
   774       assume n: "n = k*i + j" and j: "j < k"
   775       show "P i"
   776       proof (cases)
   777         assume "i = 0"
   778         with n j P show "P i" by simp
   779       next
   780         assume "i \<noteq> 0"
   781         with not0 n j P show "P i" by(simp add:add_ac)
   782       qed
   783     qed
   784   qed
   785 next
   786   assume Q: ?Q
   787   show ?P
   788   proof (cases)
   789     assume "k = 0"
   790     with Q show ?P by simp
   791   next
   792     assume not0: "k \<noteq> 0"
   793     with Q have R: ?R by simp
   794     from not0 R[THEN spec,of "n div k",THEN spec, of "n mod k"]
   795     show ?P by simp
   796   qed
   797 qed
   798 
   799 lemma split_div_lemma:
   800   assumes "0 < n"
   801   shows "n * q \<le> m \<and> m < n * Suc q \<longleftrightarrow> q = ((m\<Colon>nat) div n)" (is "?lhs \<longleftrightarrow> ?rhs")
   802 proof
   803   assume ?rhs
   804   with mult_div_cancel have nq: "n * q = m - (m mod n)" by simp
   805   then have A: "n * q \<le> m" by simp
   806   have "n - (m mod n) > 0" using mod_less_divisor assms by auto
   807   then have "m < m + (n - (m mod n))" by simp
   808   then have "m < n + (m - (m mod n))" by simp
   809   with nq have "m < n + n * q" by simp
   810   then have B: "m < n * Suc q" by simp
   811   from A B show ?lhs ..
   812 next
   813   assume P: ?lhs
   814   then have "divmod_rel m n q (m - n * q)"
   815     unfolding divmod_rel_def by (auto simp add: mult_ac)
   816   then show ?rhs using divmod_rel by (rule divmod_rel_unique_div)
   817 qed
   818 
   819 theorem split_div':
   820   "P ((m::nat) div n) = ((n = 0 \<and> P 0) \<or>
   821    (\<exists>q. (n * q \<le> m \<and> m < n * (Suc q)) \<and> P q))"
   822   apply (case_tac "0 < n")
   823   apply (simp only: add: split_div_lemma)
   824   apply simp_all
   825   done
   826 
   827 lemma split_mod:
   828  "P(n mod k :: nat) =
   829  ((k = 0 \<longrightarrow> P n) \<and> (k \<noteq> 0 \<longrightarrow> (!i. !j<k. n = k*i + j \<longrightarrow> P j)))"
   830  (is "?P = ?Q" is "_ = (_ \<and> (_ \<longrightarrow> ?R))")
   831 proof
   832   assume P: ?P
   833   show ?Q
   834   proof (cases)
   835     assume "k = 0"
   836     with P show ?Q by simp
   837   next
   838     assume not0: "k \<noteq> 0"
   839     thus ?Q
   840     proof (simp, intro allI impI)
   841       fix i j
   842       assume "n = k*i + j" "j < k"
   843       thus "P j" using not0 P by(simp add:add_ac mult_ac)
   844     qed
   845   qed
   846 next
   847   assume Q: ?Q
   848   show ?P
   849   proof (cases)
   850     assume "k = 0"
   851     with Q show ?P by simp
   852   next
   853     assume not0: "k \<noteq> 0"
   854     with Q have R: ?R by simp
   855     from not0 R[THEN spec,of "n div k",THEN spec, of "n mod k"]
   856     show ?P by simp
   857   qed
   858 qed
   859 
   860 theorem mod_div_equality': "(m::nat) mod n = m - (m div n) * n"
   861   apply (rule_tac P="%x. m mod n = x - (m div n) * n" in
   862     subst [OF mod_div_equality [of _ n]])
   863   apply arith
   864   done
   865 
   866 lemma div_mod_equality':
   867   fixes m n :: nat
   868   shows "m div n * n = m - m mod n"
   869 proof -
   870   have "m mod n \<le> m mod n" ..
   871   from div_mod_equality have 
   872     "m div n * n + m mod n - m mod n = m - m mod n" by simp
   873   with diff_add_assoc [OF `m mod n \<le> m mod n`, of "m div n * n"] have
   874     "m div n * n + (m mod n - m mod n) = m - m mod n"
   875     by simp
   876   then show ?thesis by simp
   877 qed
   878 
   879 
   880 subsubsection {*An ``induction'' law for modulus arithmetic.*}
   881 
   882 lemma mod_induct_0:
   883   assumes step: "\<forall>i<p. P i \<longrightarrow> P ((Suc i) mod p)"
   884   and base: "P i" and i: "i<p"
   885   shows "P 0"
   886 proof (rule ccontr)
   887   assume contra: "\<not>(P 0)"
   888   from i have p: "0<p" by simp
   889   have "\<forall>k. 0<k \<longrightarrow> \<not> P (p-k)" (is "\<forall>k. ?A k")
   890   proof
   891     fix k
   892     show "?A k"
   893     proof (induct k)
   894       show "?A 0" by simp  -- "by contradiction"
   895     next
   896       fix n
   897       assume ih: "?A n"
   898       show "?A (Suc n)"
   899       proof (clarsimp)
   900         assume y: "P (p - Suc n)"
   901         have n: "Suc n < p"
   902         proof (rule ccontr)
   903           assume "\<not>(Suc n < p)"
   904           hence "p - Suc n = 0"
   905             by simp
   906           with y contra show "False"
   907             by simp
   908         qed
   909         hence n2: "Suc (p - Suc n) = p-n" by arith
   910         from p have "p - Suc n < p" by arith
   911         with y step have z: "P ((Suc (p - Suc n)) mod p)"
   912           by blast
   913         show "False"
   914         proof (cases "n=0")
   915           case True
   916           with z n2 contra show ?thesis by simp
   917         next
   918           case False
   919           with p have "p-n < p" by arith
   920           with z n2 False ih show ?thesis by simp
   921         qed
   922       qed
   923     qed
   924   qed
   925   moreover
   926   from i obtain k where "0<k \<and> i+k=p"
   927     by (blast dest: less_imp_add_positive)
   928   hence "0<k \<and> i=p-k" by auto
   929   moreover
   930   note base
   931   ultimately
   932   show "False" by blast
   933 qed
   934 
   935 lemma mod_induct:
   936   assumes step: "\<forall>i<p. P i \<longrightarrow> P ((Suc i) mod p)"
   937   and base: "P i" and i: "i<p" and j: "j<p"
   938   shows "P j"
   939 proof -
   940   have "\<forall>j<p. P j"
   941   proof
   942     fix j
   943     show "j<p \<longrightarrow> P j" (is "?A j")
   944     proof (induct j)
   945       from step base i show "?A 0"
   946         by (auto elim: mod_induct_0)
   947     next
   948       fix k
   949       assume ih: "?A k"
   950       show "?A (Suc k)"
   951       proof
   952         assume suc: "Suc k < p"
   953         hence k: "k<p" by simp
   954         with ih have "P k" ..
   955         with step k have "P (Suc k mod p)"
   956           by blast
   957         moreover
   958         from suc have "Suc k mod p = Suc k"
   959           by simp
   960         ultimately
   961         show "P (Suc k)" by simp
   962       qed
   963     qed
   964   qed
   965   with j show ?thesis by blast
   966 qed
   967 
   968 end