commit by user andrea

[helm.git] / weblib / Cerco / ASM / Utils.ma

include "basics/list2.ma".
include "basics/types.ma".
include "arithmetics/nat.ma".

include "Cerco/utilities/pair.ma".
include "Cerco/ASM/JMCoercions.ma".

(* let's implement a daemon not used by automation *)
inductive DAEMONXXX: Type[0] ≝ K1DAEMONXXX: DAEMONXXX | K2DAEMONXXX: DAEMONXXX.
axiom IMPOSSIBLE: \ 5a href="cic:/matita/Cerco/ASM/Utils/DAEMONXXX.con(0,1,0)"\ 6K1DAEMONXXX\ 5/a\ 6 \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a href="cic:/matita/Cerco/ASM/Utils/DAEMONXXX.con(0,2,0)"\ 6K2DAEMONXXX\ 5/a\ 6.
example daemon: \ 5a href="cic:/matita/basics/logic/False.ind(1,0,0)"\ 6False\ 5/a\ 6. generalize in match \ 5a href="cic:/matita/Cerco/ASM/Utils/IMPOSSIBLE.dec"\ 6IMPOSSIBLE\ 5/a\ 6; #IMPOSSIBLE destruct(IMPOSSIBLE) qed.
example not_implemented: \ 5a href="cic:/matita/basics/logic/False.ind(1,0,0)"\ 6False\ 5/a\ 6. cases \ 5a href="cic:/matita/Cerco/ASM/Utils/daemon.def(2)" title="null"\ 6daemon\ 5/a\ 6 qed.

notation "⊥" with precedence 90
  for @{ match ? in False with [ ] }.

definition ltb ≝
  λm, n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6.
    \ 5a href="cic:/matita/arithmetics/nat/leb.fix(0,0,1)"\ 6leb\ 5/a\ 6 (\ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 m) n.
    
definition geb ≝
  λm, n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6.
    \ 5a href="cic:/matita/Cerco/ASM/Utils/ltb.def(2)"\ 6ltb\ 5/a\ 6 n m.

definition gtb ≝
  λm, n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6.
    \ 5a href="cic:/matita/Cerco/ASM/Utils/ltb.def(2)"\ 6ltb\ 5/a\ 6 n m.

(* dpm: unless I'm being stupid, this isn't defined in the stdlib? *)
let rec eq_nat (n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (m: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) on n: \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"\ 6bool\ 5/a\ 6 ≝
  match n with
  [ O ⇒ match m with [ O ⇒ \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6 | _ ⇒ \ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"\ 6false\ 5/a\ 6 ]
  | S n' ⇒ match m with [ S m' ⇒ eq_nat n' m' | _ ⇒ \ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"\ 6false\ 5/a\ 6 ]
  ].

let rec forall
  (A: Type[0]) (f: A → \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"\ 6bool\ 5/a\ 6) (l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A)
    on l ≝
  match l with
  [ nil        ⇒ \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6
  | cons hd tl ⇒ f hd \ 5a title="boolean and" href="cic:/fakeuri.def(1)"\ 6∧\ 5/a\ 6 forall A f tl
  ].

let rec prefix
  (A: Type[0]) (k: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A)
    on l ≝
  match l with
  [ nil ⇒ \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ]
  | cons hd tl ⇒
    match k with
    [ O ⇒ \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ]
    | S k' ⇒ hd \ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6:\ 5/a\ 6: prefix A k' tl
    ]
  ].

let rec fold_left2
  (A: Type[0]) (B: Type[0]) (C: Type[0]) (f: A → B → C → A) (accu: A)
  (left: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 B) (right: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 C) (proof: \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6left| \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6right|)
    on left: A ≝
  match left return λx. \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6x| \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6right| → A with
  [ nil ⇒ λnil_prf.
    match right return λx. \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6\ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ]| \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6x| → A with
    [ nil ⇒ λnil_nil_prf. accu
    | cons hd tl ⇒ λcons_nil_absrd. ?
    ] nil_prf
  | cons hd tl ⇒ λcons_prf.
    match right return λx. \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6hd\ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6:\ 5/a\ 6:tl| \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6x| → A with
    [ nil ⇒ λcons_nil_absrd. ?
    | cons hd' tl' ⇒ λcons_cons_prf.
        fold_left2 …  f (f accu hd hd') tl tl' ?
    ] cons_prf
  ] proof.
  [ 1: normalize in cons_nil_absrd;
       destruct(cons_nil_absrd)
  | 2: normalize in cons_nil_absrd;
       destruct(cons_nil_absrd)
  | 3: normalize in cons_cons_prf;
       @\ 5a href="cic:/matita/arithmetics/nat/injective_S.def(4)"\ 6injective_S\ 5/a\ 6
       assumption
  ]
qed. 

let rec remove_n_first_internal
  (i: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (A: Type[0]) (l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) (n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6)
    on l ≝
  match l with
  [ nil ⇒ \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ]
  | cons hd tl ⇒
    match \ 5a href="cic:/matita/Cerco/ASM/Utils/eq_nat.fix(0,0,1)"\ 6eq_nat\ 5/a\ 6 i n with
    [ true ⇒ l
    | _ ⇒ remove_n_first_internal (\ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 i) A tl n
    ]
  ].

definition remove_n_first ≝
  λA: Type[0].
  λn: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6.
  λl: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A.
    \ 5a href="cic:/matita/Cerco/ASM/Utils/remove_n_first_internal.fix(0,2,2)"\ 6remove_n_first_internal\ 5/a\ 6 \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6 A l n.
    
let rec foldi_from_until_internal
  (A: Type[0]) (i: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (res: ?) (rem: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) (m: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (f: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6 → \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A → A → \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A)
    on rem ≝
  match rem with
  [ nil ⇒ res
  | cons e tl ⇒
    match \ 5a href="cic:/matita/Cerco/ASM/Utils/geb.def(3)"\ 6geb\ 5/a\ 6 i m with
    [ true ⇒ res
    | _ ⇒ foldi_from_until_internal A (\ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 i) (f i res e) tl m f
    ]
  ].

definition foldi_from_until ≝
  λA,n,m,f,a,l. \ 5a href="cic:/matita/Cerco/ASM/Utils/foldi_from_until_internal.fix(0,3,4)"\ 6foldi_from_until_internal\ 5/a\ 6 A \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6 a (\ 5a href="cic:/matita/Cerco/ASM/Utils/remove_n_first.def(3)"\ 6remove_n_first\ 5/a\ 6 A n l) m f.

definition foldi_from ≝
  λA: Type[0].
  λn.
  λf.
  λa.
  λl.
    \ 5a href="cic:/matita/Cerco/ASM/Utils/foldi_from_until.def(5)"\ 6foldi_from_until\ 5/a\ 6 A n (\ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6l|) f a l. 

definition foldi_until ≝
  λA: Type[0].
  λm.
  λf.
  λa.
  λl.
    \ 5a href="cic:/matita/Cerco/ASM/Utils/foldi_from_until.def(5)"\ 6foldi_from_until\ 5/a\ 6 A \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6 m f a l.

definition foldi ≝
  λA: Type[0].
  λf.
  λa.
  λl.
    \ 5a href="cic:/matita/Cerco/ASM/Utils/foldi_from_until.def(5)"\ 6foldi_from_until\ 5/a\ 6 A \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6 (\ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6l|) f a l.

definition hd_safe ≝
  λA: Type[0].
  λl: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A.
  λproof: \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6 \ 5a title="natural 'less than'" href="cic:/fakeuri.def(1)"\ 6<\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6l|.
  match l return λx. \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6 \ 5a title="natural 'less than'" href="cic:/fakeuri.def(1)"\ 6<\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6x| → A with
  [ nil ⇒ λnil_absrd. ?
  | cons hd tl ⇒ λcons_prf. hd
  ] proof.
  normalize in nil_absrd;
  cases(\ 5a href="cic:/matita/arithmetics/nat/not_le_Sn_O.def(3)"\ 6not_le_Sn_O\ 5/a\ 6 \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6)
  #HYP
  cases(HYP nil_absrd)
qed.

definition tail_safe ≝
  λA: Type[0].
  λl: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A.
  λproof: \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6 \ 5a title="natural 'less than'" href="cic:/fakeuri.def(1)"\ 6<\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6l|.
  match l return λx. \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6 \ 5a title="natural 'less than'" href="cic:/fakeuri.def(1)"\ 6<\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6x| → \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A with
  [ nil ⇒ λnil_absrd. ?
  | cons hd tl ⇒ λcons_prf. tl
  ] proof.
  normalize in nil_absrd;
  cases(\ 5a href="cic:/matita/arithmetics/nat/not_le_Sn_O.def(3)"\ 6not_le_Sn_O\ 5/a\ 6 \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6)
  #HYP
  cases(HYP nil_absrd)
qed.

let rec split
  (A: Type[0]) (l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) (index: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (proof: index \ 5a title="natural 'less or equal to'" href="cic:/fakeuri.def(1)"\ 6≤\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6l|)
    on index ≝
  match index return λx. x \ 5a title="natural 'less or equal to'" href="cic:/fakeuri.def(1)"\ 6≤\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6l| → (\ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) \ 5a title="Product" href="cic:/fakeuri.def(1)"\ 6×\ 5/a\ 6 (\ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) with
  [ O ⇒ λzero_prf. \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6\ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6], l〉
  | S index' ⇒ λsucc_prf.
    match l return λx. \ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 index' \ 5a title="natural 'less or equal to'" href="cic:/fakeuri.def(1)"\ 6≤\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6x| → (\ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) \ 5a title="Product" href="cic:/fakeuri.def(1)"\ 6×\ 5/a\ 6 (\ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) with
    [ nil ⇒ λnil_absrd. ?
    | cons hd tl ⇒ λcons_prf.
      let 〈l1, l2〉 ≝ split A tl index' ? in
        \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6hd \ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6:\ 5/a\ 6: l1, l2〉
    ] succ_prf
  ] proof.
  [1: normalize in nil_absrd;
      cases(\ 5a href="cic:/matita/arithmetics/nat/not_le_Sn_O.def(3)"\ 6not_le_Sn_O\ 5/a\ 6 index')
      #HYP
      cases(HYP nil_absrd)
  |2: normalize in cons_prf;
      @\ 5a href="cic:/matita/arithmetics/nat/le_S_S_to_le.def(5)"\ 6le_S_S_to_le\ 5/a\ 6
      assumption
  ]
qed.

let rec nth_safe
  (elt_type: Type[0]) (index: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (the_list: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 elt_type)
  (proof: index \ 5a title="natural 'less than'" href="cic:/fakeuri.def(1)"\ 6<\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6 the_list |)
    on index ≝
  match index return λs. s \ 5a title="natural 'less than'" href="cic:/fakeuri.def(1)"\ 6<\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6 the_list | → elt_type with
  [ O ⇒
    match the_list return λt. \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6 \ 5a title="natural 'less than'" href="cic:/fakeuri.def(1)"\ 6<\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6 t | → elt_type with
    [ nil        ⇒ λnil_absurd. ?
    | cons hd tl ⇒ λcons_proof. hd
    ]
  | S index' ⇒
    match the_list return λt. \ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 index' \ 5a title="natural 'less than'" href="cic:/fakeuri.def(1)"\ 6<\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6 t | → elt_type with
    [ nil ⇒ λnil_absurd. ?
    | cons hd tl ⇒
      λcons_proof. nth_safe elt_type index' tl ?
    ]
  ] proof.
  [ normalize in nil_absurd;
    cases (\ 5a href="cic:/matita/arithmetics/nat/not_le_Sn_O.def(3)"\ 6not_le_Sn_O\ 5/a\ 6 \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6)
    #ABSURD
    elim (ABSURD nil_absurd)
  | normalize in nil_absurd;
    cases (\ 5a href="cic:/matita/arithmetics/nat/not_le_Sn_O.def(3)"\ 6not_le_Sn_O\ 5/a\ 6 (\ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 index'))
    #ABSURD
    elim (ABSURD nil_absurd)
  | normalize in cons_proof
    @\ 5a href="cic:/matita/arithmetics/nat/le_S_S_to_le.def(5)"\ 6le_S_S_to_le\ 5/a\ 6
    assumption
  ]
qed.

definition last_safe ≝
  λelt_type: Type[0].
  λthe_list: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 elt_type.
  λproof   : \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6 \ 5a title="natural 'less than'" href="cic:/fakeuri.def(1)"\ 6<\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6 the_list |.
    \ 5a href="cic:/matita/Cerco/ASM/Utils/nth_safe.fix(0,1,6)"\ 6nth_safe\ 5/a\ 6 elt_type (\ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6the_list| \ 5a title="natural minus" href="cic:/fakeuri.def(1)"\ 6-\ 5/a\ 6 \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 61\ 5/a\ 6) the_list ?.
  normalize /\ 5span class="autotactic"\ 62\ 5span class="autotrace"\ 6 trace \ 5a href="cic:/matita/arithmetics/nat/lt_plus_to_minus.def(12)"\ 6lt_plus_to_minus\ 5/a\ 6\ 5/span\ 6\ 5/span\ 6/
qed. 

let rec reduce 
  (A: Type[0]) (B: Type[0]) (left: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) (right: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 B) on left ≝
  match left with
  [ nil ⇒ \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6\ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6\ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ], \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ]〉, \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6\ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ], right〉〉
  | cons hd tl ⇒
    match right with
    [ nil ⇒ \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6\ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6\ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ], left〉, \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6\ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ], \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ]〉〉
    | cons hd' tl' ⇒
      let 〈cleft, cright〉 ≝ reduce A B tl tl' in
      let 〈commonl, restl〉 ≝ cleft in
      let 〈commonr, restr〉 ≝ cright in
        \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6\ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6hd \ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6:\ 5/a\ 6: commonl, restl〉, \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6hd' \ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6:\ 5/a\ 6: commonr, restr〉〉
    ]
  ].

(*
axiom reduce_strong:
  ∀A: Type[0].
  ∀left: list A.
  ∀right: list A.
    Σret: ((list A) × (list A)) × ((list A) × (list A)). | \fst (\fst ret) | = | \fst (\snd ret) |.
*)

(*
let rec reduce_strong
  (A: Type[0]) (B: Type[0]) (left: list A) (right: list B)
    on left : Σret: ((list A) × (list A)) × ((list B) × (list B)). |\fst (\fst ret)| = |\fst (\snd ret)|  ≝
  match left with
  [ nil ⇒ 〈〈[ ], [ ]〉, 〈[ ], right〉〉
  | cons hd tl ⇒
    match right with
    [ nil ⇒ 〈〈[ ], left〉, 〈[ ], [ ]〉〉
    | cons hd' tl' ⇒
      let 〈cleft, cright〉 ≝ reduce_strong A B tl tl' in
      let 〈commonl, restl〉 ≝ cleft in
      let 〈commonr, restr〉 ≝ cright in
        〈〈hd :: commonl, restl〉, 〈hd' :: commonr, restr〉〉
    ]
  ].
  [ 1: normalize %
  | 2: normalize %
  | 3: normalize
       generalize in match (sig2 … (reduce_strong A B tl tl1));
       >p2 >p3 >p4 normalize in ⊢ (% → ?)
       #HYP //
  ]
qed.*)
    
let rec map2_opt
  (A: Type[0]) (B: Type[0]) (C: Type[0]) (f: A → B → C)
  (left: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) (right: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 B) on left ≝
  match left with
  [ nil ⇒
    match right with
    [ nil ⇒ \ 5a href="cic:/matita/basics/types/option.con(0,2,1)"\ 6Some\ 5/a\ 6 ? (\ 5a href="cic:/matita/basics/list/list.con(0,1,1)"\ 6nil\ 5/a\ 6 C)
    | _ ⇒ \ 5a href="cic:/matita/basics/types/option.con(0,1,1)"\ 6None\ 5/a\ 6 ?
    ]
  | cons hd tl ⇒
    match right with
    [ nil ⇒ \ 5a href="cic:/matita/basics/types/option.con(0,1,1)"\ 6None\ 5/a\ 6 ?
    | cons hd' tl' ⇒
      match map2_opt A B C f tl tl' with
      [ None ⇒ \ 5a href="cic:/matita/basics/types/option.con(0,1,1)"\ 6None\ 5/a\ 6 ?
      | Some tail ⇒ \ 5a href="cic:/matita/basics/types/option.con(0,2,1)"\ 6Some\ 5/a\ 6 ? (f hd hd' \ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6:\ 5/a\ 6: tail)
      ]
    ]
  ].

let rec map2
  (A: Type[0]) (B: Type[0]) (C: Type[0]) (f: A → B → C)
  (left: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) (right: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 B) (proof: \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6 left | \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6 right |) on left ≝
  match left return λx. \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6 x | \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6 right | → \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 C with
  [ nil ⇒
    match right return λy. \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6 \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6] | \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6 y | → \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 C with
    [ nil ⇒ λnil_prf. \ 5a href="cic:/matita/basics/list/list.con(0,1,1)"\ 6nil\ 5/a\ 6 C
    | _ ⇒ λcons_absrd. ?
    ]
  | cons hd tl ⇒
    match right return λy. \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6 hd\ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6:\ 5/a\ 6:tl | \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a title="norm" href="cic:/fakeuri.def(1)"\ 6|\ 5/a\ 6 y | → \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 C with
    [ nil ⇒ λnil_absrd. ?
    | cons hd' tl' ⇒ λcons_prf. (f hd hd') \ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6:\ 5/a\ 6: map2 A B C f tl tl' ?
    ]
  ] proof.
  [1: normalize in cons_absrd;
      destruct(cons_absrd)
  |2: normalize in nil_absrd;
      destruct(nil_absrd)
  |3: normalize in cons_prf;
      destruct(cons_prf)
      assumption
  ]
qed.
  
let rec nub_by_internal (A: Type[0]) (f: A → A → \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"\ 6bool\ 5/a\ 6) (l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) (n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) on n ≝
  match n with
  [ O ⇒
    match l with
    [ nil ⇒ \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ]
    | cons hd tl ⇒ l
    ]
  | S n ⇒
    match l with
    [ nil ⇒ \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ]
    | cons hd tl ⇒
      hd \ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6:\ 5/a\ 6: nub_by_internal A f (\ 5a href="cic:/matita/basics/list/filter.def(2)"\ 6filter\ 5/a\ 6 ? (λy. \ 5a href="cic:/matita/basics/bool/notb.def(1)"\ 6notb\ 5/a\ 6 (f y hd)) tl) n
    ]
  ].
  
definition nub_by ≝
  λA: Type[0].
  λf: A → A → \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"\ 6bool\ 5/a\ 6.
  λl: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A.
    \ 5a href="cic:/matita/Cerco/ASM/Utils/nub_by_internal.fix(0,3,3)"\ 6nub_by_internal\ 5/a\ 6 A f l (\ 5a href="cic:/matita/basics/list2/length.fix(0,1,1)"\ 6length\ 5/a\ 6 ? l).
  
let rec member (A: Type[0]) (eq: A → A → \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"\ 6bool\ 5/a\ 6) (a: A) (l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) on l ≝
  match l with
  [ nil ⇒ \ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"\ 6false\ 5/a\ 6
  | cons hd tl ⇒ \ 5a href="cic:/matita/basics/bool/orb.def(1)"\ 6orb\ 5/a\ 6 (eq a hd) (member A eq a tl)
  ].
  
let rec take (A: Type[0]) (n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) on n: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A ≝
  match n with
  [ O ⇒ \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ]
  | S n ⇒
    match l with
    [ nil ⇒ \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ]
    | cons hd tl ⇒ hd \ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6:\ 5/a\ 6: take A n tl
    ]
  ].
  
let rec drop (A: Type[0]) (n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) on n ≝
  match n with
  [ O ⇒ l
  | S n ⇒
    match l with
    [ nil ⇒ \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ]
    | cons hd tl ⇒ drop A n tl
    ]
  ].
  
definition list_split ≝
  λA: Type[0].
  λn: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6.
  λl: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A.
    \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6\ 5a href="cic:/matita/Cerco/ASM/Utils/take.fix(0,1,1)"\ 6take\ 5/a\ 6 A n l, \ 5a href="cic:/matita/Cerco/ASM/Utils/drop.fix(0,1,1)"\ 6drop\ 5/a\ 6 A n l〉.
  
let rec mapi_internal (A: Type[0]) (B: Type[0]) (n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (f: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6 → A → B)
                      (l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) on l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 B ≝
  match l with
  [ nil ⇒ \ 5a href="cic:/matita/basics/list/list.con(0,1,1)"\ 6nil\ 5/a\ 6 ?
  | cons hd tl ⇒ (f n hd) \ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6:\ 5/a\ 6: (mapi_internal A B (n \ 5a title="natural plus" href="cic:/fakeuri.def(1)"\ 6+\ 5/a\ 6 \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 61\ 5/a\ 6) f tl)
  ].  

definition mapi ≝
  λA, B: Type[0].
  λf: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6 → A → B.
  λl: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A.
    \ 5a href="cic:/matita/Cerco/ASM/Utils/mapi_internal.fix(0,4,2)"\ 6mapi_internal\ 5/a\ 6 A B \ 5a title="natural number" href="cic:/fakeuri.def(1)"\ 60\ 5/a\ 6 f l.

let rec zip_pottier
  (A: Type[0]) (B: Type[0]) (left: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) (right: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 B)
    on left ≝
  match left with
  [ nil ⇒ \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ]
  | cons hd tl ⇒
    match right with
    [ nil ⇒ \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ]
    | cons hd' tl' ⇒ \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6hd, hd'〉 \ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6:\ 5/a\ 6: zip_pottier A B tl tl'
    ]
  ].

(*
let rec zip_safe
  (A: Type[0]) (B: Type[0]) (left: list A) (right: list B) (prf: |left| = |right|)
    on left ≝
  match left return λx. |x| = |right| → list (A × B) with
  [ nil ⇒ λnil_prf.
    match right return λx. |[ ]| = |x| → list (A × B) with
    [ nil ⇒ λnil_nil_prf. [ ]
    | cons hd tl ⇒ λnil_cons_absrd. ?
    ] nil_prf
  | cons hd tl ⇒ λcons_prf.
    match right return λx. |hd::tl| = |x| → list (A × B) with
    [ nil ⇒ λcons_nil_absrd. ?
    | cons hd' tl' ⇒ λcons_cons_prf. 〈hd, hd'〉 :: zip_safe A B tl tl' ?
    ] cons_prf
  ] prf.
  [ 1: normalize in nil_cons_absrd;
       destruct(nil_cons_absrd)
  | 2: normalize in cons_nil_absrd;
       destruct(cons_nil_absrd)
  | 3: normalize in cons_cons_prf;
       @injective_S
       assumption
  ]
qed. *)

let rec zip (A: Type[0]) (B: Type[0]) (l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) (r: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 B) on l: \ 5a href="cic:/matita/basics/types/option.ind(1,0,1)"\ 6option\ 5/a\ 6 (\ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 (A \ 5a title="Product" href="cic:/fakeuri.def(1)"\ 6×\ 5/a\ 6 B)) ≝
  match l with
  [ nil ⇒ \ 5a href="cic:/matita/basics/types/option.con(0,2,1)"\ 6Some\ 5/a\ 6 ? (\ 5a href="cic:/matita/basics/list/list.con(0,1,1)"\ 6nil\ 5/a\ 6 (A \ 5a title="Product" href="cic:/fakeuri.def(1)"\ 6×\ 5/a\ 6 B))
  | cons hd tl ⇒
    match r with
    [ nil ⇒ \ 5a href="cic:/matita/basics/types/option.con(0,1,1)"\ 6None\ 5/a\ 6 ?
    | cons hd' tl' ⇒
      match zip ? ? tl tl' with
      [ None ⇒ \ 5a href="cic:/matita/basics/types/option.con(0,1,1)"\ 6None\ 5/a\ 6 ?
      | Some tail ⇒ \ 5a href="cic:/matita/basics/types/option.con(0,2,1)"\ 6Some\ 5/a\ 6 ? (\ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6hd, hd'〉 \ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6:\ 5/a\ 6: tail)
      ]
    ]
  ].

let rec foldl (A: Type[0]) (B: Type[0]) (f: A → B → A) (a: A) (l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 B) on l ≝
  match l with
  [ nil ⇒ a
  | cons hd tl ⇒ foldl A B f (f a hd) tl
  ].

lemma foldl_step:
 ∀A:Type[0].
  ∀B: Type[0].
   ∀H: A → B → A.
    ∀acc: A.
     ∀pre: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 B.
      ∀hd:B.
       \ 5a href="cic:/matita/Cerco/ASM/Utils/foldl.fix(0,4,1)"\ 6foldl\ 5/a\ 6 A B H acc (pre\ 5a title="append" href="cic:/fakeuri.def(1)"\ 6@\ 5/a\ 6\ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6hd]) \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 (H (\ 5a href="cic:/matita/Cerco/ASM/Utils/foldl.fix(0,4,1)"\ 6foldl\ 5/a\ 6 A B H acc pre) hd).
 #A #B #H #acc #pre generalize in match acc; -acc; elim pre
  [ normalize; //
  | #hd #tl #IH #acc #X normalize; @IH ]
qed.

lemma foldl_append:
 ∀A:Type[0].
  ∀B: Type[0].
   ∀H: A → B → A.
    ∀acc: A.
     ∀suff,pre: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 B.
      \ 5a href="cic:/matita/Cerco/ASM/Utils/foldl.fix(0,4,1)"\ 6foldl\ 5/a\ 6 A B H acc (pre\ 5a title="append" href="cic:/fakeuri.def(1)"\ 6@\ 5/a\ 6suff) \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 (\ 5a href="cic:/matita/Cerco/ASM/Utils/foldl.fix(0,4,1)"\ 6foldl\ 5/a\ 6 A B H (\ 5a href="cic:/matita/Cerco/ASM/Utils/foldl.fix(0,4,1)"\ 6foldl\ 5/a\ 6 A B H acc pre) suff).
 #A #B #H #acc #suff elim suff
  [ #pre >\ 5a href="cic:/matita/basics/list/append_nil.def(4)"\ 6append_nil\ 5/a\ 6 %
  | #hd #tl #IH #pre whd in ⊢ (???%) <(\ 5a href="cic:/matita/Cerco/ASM/Utils/foldl_step.def(2)"\ 6foldl_step\ 5/a\ 6 … H ??) applyS (IH (pre\ 5a title="append" href="cic:/fakeuri.def(1)"\ 6@\ 5/a\ 6\ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6hd])) ] 
qed.

definition flatten ≝
  λA: Type[0].
  λl: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 (\ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A).
    \ 5a href="cic:/matita/basics/list/foldr.fix(0,4,1)"\ 6foldr\ 5/a\ 6 ? ? (\ 5a href="cic:/matita/basics/list/append.fix(0,1,1)"\ 6append\ 5/a\ 6 ?) \ 5a title="nil" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 ] l.

let rec rev (A: Type[0]) (l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 A) on l ≝ 
  match l with
  [ nil ⇒ \ 5a href="cic:/matita/basics/list/list.con(0,1,1)"\ 6nil\ 5/a\ 6 A
  | cons hd tl ⇒ (rev A tl) \ 5a title="append" href="cic:/fakeuri.def(1)"\ 6@\ 5/a\ 6 \ 5a title="cons" href="cic:/fakeuri.def(1)"\ 6[\ 5/a\ 6 hd ]
  ].

(*
lemma append_length:
  ∀A: Type[0].
  ∀l, r: list A.
    |(l @ r)| = |l| + |r|.
  #A #L #R
  elim L
  [ %
  | #HD #TL #IH
    normalize >IH %
  ]
qed.

lemma append_nil:
  ∀A: Type[0].
  ∀l: list A.
    l @ [ ] = l.
  #A #L
  elim L //
qed.

lemma rev_append:
  ∀A: Type[0].
  ∀l, r: list A.
    rev A (l @ r) = rev A r @ rev A l.
  #A #L #R
  elim L
  [ normalize >append_nil %
  | #HD #TL #IH
    normalize >IH
    @associative_append
  ]
qed.

lemma rev_length:
  ∀A: Type[0].
  ∀l: list A.
    |rev A l| = |l|.
  #A #L
  elim L
  [ %
  | #HD #TL #IH
    normalize
    >(append_length A (rev A TL) [HD])
    normalize /2/
  ]
qed.

lemma nth_append_first:
 ∀A:Type[0].
 ∀n:nat.∀l1,l2:list A.∀d:A.
   n < |l1| → nth n A (l1@l2) d = nth n A l1 d.
 #A #n #l1 #l2 #d
 generalize in match n; -n; elim l1
 [ normalize #k #Hk @⊥ @(absurd … Hk) @not_le_Sn_O
 | #h #t #Hind #k normalize
   cases k -k 
   [ #Hk normalize @refl
   | #k #Hk normalize @(Hind k) @le_S_S_to_le @Hk
   ]  
 ]
qed.

lemma nth_append_second: 
 ∀A: Type[0].∀n.∀l1,l2:list A.∀d.n ≥ length A l1 ->
  nth n A (l1@l2) d = nth (n - length A l1) A l2 d.
 #A #n #l1 #l2 #d
 generalize in match n; -n; elim l1
 [ normalize #k #Hk <(minus_n_O) @refl
 | #h #t #Hind #k normalize 
   cases k -k;
   [ #Hk @⊥ @(absurd (S (|t|) ≤ 0)) [ @Hk | @not_le_Sn_O ]
   | #k #Hk normalize @(Hind k) @le_S_S_to_le @Hk
   ] 
 ]
qed.*)

    
notation > "'if' term 19 e 'then' term 19 t 'else' term 48 f" non associative with precedence 19
 for @{ match $e in bool with [ true ⇒ $t | false ⇒ $f]  }.
notation < "hvbox('if' \nbsp term 19 e \nbsp break 'then' \nbsp term 19 t \nbsp break 'else' \nbsp term 48 f \nbsp)" non associative with precedence 19
 for @{ match $e with [ true ⇒ $t | false ⇒ $f]  }.

let rec fold_left_i_aux (A: Type[0]) (B: Type[0])
                        (f: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6 → A → B → A) (x: A) (i: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (l: \ 5a href="cic:/matita/basics/list/list.ind(1,0,1)"\ 6list\ 5/a\ 6 B) on l ≝
  match l with
    [ nil ⇒ x
    | cons hd tl ⇒ fold_left_i_aux A B f (f i x hd) (\ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 i) tl
    ].

definition fold_left_i ≝ λA,B,f,x. \ 5a href="cic:/matita/Cerco/ASM/Utils/fold_left_i_aux.fix(0,5,1)"\ 6fold_left_i_aux\ 5/a\ 6 A B f x \ 5a href="cic:/matita/arithmetics/nat/nat.con(0,1,0)"\ 6O\ 5/a\ 6.

(* notation "hvbox(t\lceil o \mapsto h\rceil )"
  with precedence 45
  for @{ match (? : $o=$h) with [ refl \Rightarrow $t ] }. *)

definition function_apply ≝
  λA, B: Type[0].
  λf: A → B.
  λa: A.
    f a.
    
notation "f break $ x"
  left associative with precedence 99
  for @{ 'function_apply $f $x }.
  
interpretation "Function application" 'function_apply f x = (function_apply ? ? f x).
    
notation "f break $ x"
  left associative with precedence 99
  for @{ 'function_apply $f $x }.
  
interpretation "Function application" 'function_apply f x = (function_apply ? ? f x).

let rec iterate (A: Type[0]) (f: A → A) (a: A) (n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) on n ≝
  match n with
    [ O ⇒ a
    | S o ⇒ f (iterate A f a o)
    ].

(* Yeah, I probably ought to do something more general... *)
notation "hvbox(\langle term 19 a, break term 19 b, break term 19 c\rangle)" 
with precedence 90 for @{ 'triple $a $b $c}.
interpretation "Triple construction" 'triple x y z = (pair ? ? (pair ? ? x y) z).

notation "hvbox(\langle term 19 a, break term 19 b, break term 19 c, break term 19 d\rangle)"
with precedence 90 for @{ 'quadruple $a $b $c $d}.
interpretation "Quadruple construction" 'quadruple w x y z = (pair ? ? (pair ? ? w x) (pair ? ? y z)).

notation > "hvbox('let' 〈ident w,ident x,ident y,ident z〉 ≝ t 'in' s)"
 with precedence 10
for @{ match $t with [ pair ${fresh wx} ${fresh yz} ⇒ match ${fresh wx} with [ pair ${ident w} ${ident x} ⇒ match ${fresh yz} with [ pair ${ident y} ${ident z} ⇒ $s ] ] ] }.

notation > "hvbox('let' 〈ident x,ident y,ident z〉 ≝ t 'in' s)"
 with precedence 10
for @{ match $t with [ pair ${fresh xy} ${ident z} ⇒ match ${fresh xy} with [ pair ${ident x} ${ident y} ⇒ $s ] ] }.

notation < "hvbox('let' \nbsp hvbox(〈ident x,ident y〉\nbsp ≝ break t \nbsp 'in' \nbsp) break s)"
 with precedence 10
for @{ match $t with [ pair (${ident x}:$ignore) (${ident y}:$ignora) ⇒ $s ] }.

axiom pair_elim':
  ∀A,B,C: Type[0].
  ∀T: A → B → C.
  ∀p.
  ∀P: A\ 5a title="Product" href="cic:/fakeuri.def(1)"\ 6×\ 5/a\ 6B → C → Prop.
    (∀lft, rgt. p \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6lft,rgt〉 → P \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6lft,rgt〉 (T lft rgt)) →
      P p (let 〈lft, rgt〉 ≝ p in T lft rgt).

axiom pair_elim'':
  ∀A,B,C,C': Type[0].
  ∀T: A → B → C.
  ∀T': A → B → C'.
  ∀p.
  ∀P: A\ 5a title="Product" href="cic:/fakeuri.def(1)"\ 6×\ 5/a\ 6B → C → C' → Prop.
    (∀lft, rgt. p \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6lft,rgt〉 → P \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6lft,rgt〉 (T lft rgt) (T' lft rgt)) →
      P p (let 〈lft, rgt〉 ≝ p in T lft rgt) (let 〈lft, rgt〉 ≝ p in T' lft rgt).

lemma pair_destruct_1:
 ∀A,B.∀a:A.∀b:B.∀c. \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6a,b〉 \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 c → a \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a title="pair pi1" href="cic:/fakeuri.def(1)"\ 6\fst\ 5/a\ 6 c.
 #A #B #a #b *; /\ 5span class="autotactic"\ 62\ 5span class="autotrace"\ 6 trace \ 5a href="cic:/matita/basics/logic/trans_eq.def(4)"\ 6trans_eq\ 5/a\ 6\ 5/span\ 6\ 5/span\ 6/
qed.

lemma pair_destruct_2:
 ∀A,B.∀a:A.∀b:B.∀c. \ 5a title="Pair construction" href="cic:/fakeuri.def(1)"\ 6〈\ 5/a\ 6a,b〉 \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 c → b \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a title="pair pi2" href="cic:/fakeuri.def(1)"\ 6\snd\ 5/a\ 6 c.
 #A #B #a #b *; /\ 5span class="autotactic"\ 62\ 5span class="autotrace"\ 6 trace \ 5a href="cic:/matita/basics/logic/trans_eq.def(4)"\ 6trans_eq\ 5/a\ 6\ 5/span\ 6\ 5/span\ 6/
qed.


let rec exclusive_disjunction (b: \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"\ 6bool\ 5/a\ 6) (c: \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"\ 6bool\ 5/a\ 6) on b ≝
  match b with
    [ true ⇒
      match c with
        [ false ⇒ \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6
        | true ⇒ \ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"\ 6false\ 5/a\ 6
        ]
    | false ⇒
      match c with
        [ false ⇒ \ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"\ 6false\ 5/a\ 6
        | true ⇒ \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6
        ]
    ].

(* dpm: conflicts with library definitions
interpretation "Nat less than" 'lt m n = (ltb m n).
interpretation "Nat greater than" 'gt m n = (gtb m n).
interpretation "Nat greater than eq" 'geq m n = (geb m n).
*)

let rec division_aux (m: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (n : \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (p: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) ≝
  match \ 5a href="cic:/matita/Cerco/ASM/Utils/ltb.def(2)"\ 6ltb\ 5/a\ 6 n (\ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 p) with
    [ true ⇒ \ 5a href="cic:/matita/arithmetics/nat/nat.con(0,1,0)"\ 6O\ 5/a\ 6
    | false ⇒
      match m with
        [ O ⇒ \ 5a href="cic:/matita/arithmetics/nat/nat.con(0,1,0)"\ 6O\ 5/a\ 6
        | (S q) ⇒ \ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 (division_aux q (n \ 5a title="natural minus" href="cic:/fakeuri.def(1)"\ 6-\ 5/a\ 6 (\ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 p)) p)
        ]
    ].
    
definition division ≝
  λm, n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6.
    match n with
      [ O ⇒ \ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 m
      | S o ⇒ \ 5a href="cic:/matita/Cerco/ASM/Utils/division_aux.fix(0,0,3)"\ 6division_aux\ 5/a\ 6 m m o
      ].
      
notation "hvbox(n break ÷ m)"
  right associative with precedence 47
  for @{ 'division $n $m }.
  
interpretation "Nat division" 'division n m = (division n m).

let rec modulus_aux (m: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (p: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) ≝
  match \ 5a href="cic:/matita/arithmetics/nat/leb.fix(0,0,1)"\ 6leb\ 5/a\ 6 n p with
    [ true ⇒ n
    | false ⇒
      match m with
        [ O ⇒ n
        | S o ⇒ modulus_aux o (n \ 5a title="natural minus" href="cic:/fakeuri.def(1)"\ 6-\ 5/a\ 6 (\ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 p)) p
        ]
    ].
    
definition modulus ≝
  λm, n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6.
    match n with
      [ O ⇒ m
      | S o ⇒ \ 5a href="cic:/matita/Cerco/ASM/Utils/modulus_aux.fix(0,0,2)"\ 6modulus_aux\ 5/a\ 6 m m o
      ].
    
notation "hvbox(n break 'mod' m)"
  right associative with precedence 47
  for @{ 'modulus $n $m }.
  
interpretation "Nat modulus" 'modulus m n = (modulus m n).

definition divide_with_remainder ≝
  λm, n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6.
    \ 5a href="cic:/matita/basics/types/Prod.con(0,1,2)"\ 6pair\ 5/a\ 6 ? ? (m \ 5a title="Nat division" href="cic:/fakeuri.def(1)"\ 6÷\ 5/a\ 6 n) (\ 5a href="cic:/matita/Cerco/ASM/Utils/modulus.def(3)"\ 6modulus\ 5/a\ 6 m n).
    
let rec exponential (m: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) (n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6) on n ≝
  match n with
    [ O ⇒ \ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 \ 5a href="cic:/matita/arithmetics/nat/nat.con(0,1,0)"\ 6O\ 5/a\ 6
    | S o ⇒ m \ 5a title="natural times" href="cic:/fakeuri.def(1)"\ 6*\ 5/a\ 6 exponential m o
    ].

interpretation "Nat exponential" 'exp n m = (exponential n m).
    
notation "hvbox(a break ⊎ b)"
 left associative with precedence 50
for @{ 'disjoint_union $a $b }.
interpretation "sum" 'disjoint_union A B = (Sum A B).

theorem less_than_or_equal_monotone:
  ∀m, n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6.
    m \ 5a title="natural 'less or equal to'" href="cic:/fakeuri.def(1)"\ 6≤\ 5/a\ 6 n → (\ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 m) \ 5a title="natural 'less or equal to'" href="cic:/fakeuri.def(1)"\ 6≤\ 5/a\ 6 (\ 5a href="cic:/matita/arithmetics/nat/nat.con(0,2,0)"\ 6S\ 5/a\ 6 n).
 #m #n #H
 elim H
 /\ 5span class="autotactic"\ 62\ 5span class="autotrace"\ 6 trace \ 5a href="cic:/matita/arithmetics/nat/le.con(0,1,1)"\ 6le_n\ 5/a\ 6, \ 5a href="cic:/matita/arithmetics/nat/le.con(0,2,1)"\ 6le_S\ 5/a\ 6\ 5/span\ 6\ 5/span\ 6/
qed.

theorem less_than_or_equal_b_complete:
  ∀m, n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6.
    \ 5a href="cic:/matita/arithmetics/nat/leb.fix(0,0,1)"\ 6leb\ 5/a\ 6 m n \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"\ 6false\ 5/a\ 6 → \ 5a title="logical not" href="cic:/fakeuri.def(1)"\ 6¬\ 5/a\ 6(m \ 5a title="natural 'less or equal to'" href="cic:/fakeuri.def(1)"\ 6≤\ 5/a\ 6 n).
 #m;
 elim m;
 normalize
 [ #n #H
   destruct
 | #y #H1 #z
   cases z
   normalize
   [ #H
     /\ 5span class="autotactic"\ 62\ 5span class="autotrace"\ 6 trace {}\ 5/span\ 6\ 5/span\ 6/
   | /\ 5span class="autotactic"\ 63\ 5span class="autotrace"\ 6 trace \ 5a href="cic:/matita/arithmetics/nat/not_le_to_not_le_S_S.def(5)"\ 6not_le_to_not_le_S_S\ 5/a\ 6\ 5/span\ 6\ 5/span\ 6/    
   ]
 ]
qed.

theorem less_than_or_equal_b_correct:
  ∀m, n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6.
    \ 5a href="cic:/matita/arithmetics/nat/leb.fix(0,0,1)"\ 6leb\ 5/a\ 6 m n \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6 → m \ 5a title="natural 'less or equal to'" href="cic:/fakeuri.def(1)"\ 6≤\ 5/a\ 6 n.
 #m
 elim m
 //
 #y #H1 #z
 cases z
 normalize
 [ #H
   destruct
 | #n #H lapply (H1 … H) /\ 5span class="autotactic"\ 62\ 5span class="autotrace"\ 6 trace \ 5a href="cic:/matita/Cerco/ASM/Utils/less_than_or_equal_monotone.def(2)"\ 6less_than_or_equal_monotone\ 5/a\ 6\ 5/span\ 6\ 5/span\ 6/
 ]
qed.

definition less_than_or_equal_b_elim:
 ∀m, n: \ 5a href="cic:/matita/arithmetics/nat/nat.ind(1,0,0)"\ 6nat\ 5/a\ 6.
 ∀P: \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"\ 6bool\ 5/a\ 6 → Type[0].
   (m \ 5a title="natural 'less or equal to'" href="cic:/fakeuri.def(1)"\ 6≤\ 5/a\ 6 n → P \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6) → (\ 5a title="logical not" href="cic:/fakeuri.def(1)"\ 6¬\ 5/a\ 6(m \ 5a title="natural 'less or equal to'" href="cic:/fakeuri.def(1)"\ 6≤\ 5/a\ 6 n) → P \ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"\ 6false\ 5/a\ 6) → P (\ 5a href="cic:/matita/arithmetics/nat/leb.fix(0,0,1)"\ 6leb\ 5/a\ 6 m n).
 #m #n #P #H1 #H2;
 lapply (\ 5a href="cic:/matita/Cerco/ASM/Utils/less_than_or_equal_b_correct.def(3)"\ 6less_than_or_equal_b_correct\ 5/a\ 6 m n)
 lapply (\ 5a href="cic:/matita/Cerco/ASM/Utils/less_than_or_equal_b_complete.def(6)"\ 6less_than_or_equal_b_complete\ 5/a\ 6 m n)
 cases (\ 5a href="cic:/matita/arithmetics/nat/leb.fix(0,0,1)"\ 6leb\ 5/a\ 6 m n)
 /\ 5span class="autotactic"\ 63\ 5span class="autotrace"\ 6 trace {}\ 5/span\ 6\ 5/span\ 6/
qed.

lemma inclusive_disjunction_true:
  ∀b, c: \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"\ 6bool\ 5/a\ 6.
    (\ 5a href="cic:/matita/basics/bool/orb.def(1)"\ 6orb\ 5/a\ 6 b c) \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6 → b \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6 \ 5a title="logical or" href="cic:/fakeuri.def(1)"\ 6∨\ 5/a\ 6 c \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6.
  # b
  # c
  elim b
  [ normalize
    # H
    @ \ 5a href="cic:/matita/basics/logic/Or.con(0,1,2)"\ 6or_introl\ 5/a\ 6
    %
  | normalize
    /\ 5span class="autotactic"\ 62\ 5span class="autotrace"\ 6 trace \ 5a href="cic:/matita/basics/logic/Or.con(0,2,2)"\ 6or_intror\ 5/a\ 6\ 5/span\ 6\ 5/span\ 6/
  ]
qed.

lemma conjunction_true:
  ∀b, c: \ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"\ 6bool\ 5/a\ 6.
    \ 5a href="cic:/matita/basics/bool/andb.def(1)"\ 6andb\ 5/a\ 6 b c \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6 → b \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6 \ 5a title="logical and" href="cic:/fakeuri.def(1)"\ 6∧\ 5/a\ 6 c \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6.
  # b
  # c
  elim b
  normalize
  [ /\ 5span class="autotactic"\ 62\ 5span class="autotrace"\ 6 trace \ 5a href="cic:/matita/basics/logic/And.con(0,1,2)"\ 6conj\ 5/a\ 6\ 5/span\ 6\ 5/span\ 6/
  | # K
    destruct
  ]
qed.

lemma eq_true_false: \ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"\ 6false\ 5/a\ 6\ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6\ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6 → \ 5a href="cic:/matita/basics/logic/False.ind(1,0,0)"\ 6False\ 5/a\ 6.
 # K
 destruct
qed.

lemma inclusive_disjunction_b_true: ∀b. \ 5a href="cic:/matita/basics/bool/orb.def(1)"\ 6orb\ 5/a\ 6 b \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6 \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,1,0)"\ 6true\ 5/a\ 6.
 # b
 cases b
 %
qed.

definition bool_to_Prop ≝
 λb. match b with [ true ⇒ \ 5a href="cic:/matita/basics/logic/True.ind(1,0,0)"\ 6True\ 5/a\ 6 | false ⇒ \ 5a href="cic:/matita/basics/logic/False.ind(1,0,0)"\ 6False\ 5/a\ 6 ].

coercion bool_to_Prop: ∀b:\ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"\ 6bool\ 5/a\ 6. Prop ≝ \ 5a href="cic:/matita/Cerco/ASM/Utils/bool_to_Prop.def(1)"\ 6bool_to_Prop\ 5/a\ 6 on _b:\ 5a href="cic:/matita/basics/bool/bool.ind(1,0,0)"\ 6bool\ 5/a\ 6 to Type[0]. 

lemma eq_false_to_notb: ∀b. b \ 5a title="leibnitz's equality" href="cic:/fakeuri.def(1)"\ 6=\ 5/a\ 6 \ 5a href="cic:/matita/basics/bool/bool.con(0,2,0)"\ 6false\ 5/a\ 6 → \ 5a title="boolean not" href="cic:/fakeuri.def(1)"\ 6¬\ 5/a\ 6 b.
 *; /\ 5span class="autotactic"\ 62\ 5span class="autotrace"\ 6 trace \ 5a href="cic:/matita/basics/logic/True.con(0,1,0)"\ 6I\ 5/a\ 6\ 5/span\ 6\ 5/span\ 6/
qed.