X-Git-Url: http://matita.cs.unibo.it/gitweb/?a=blobdiff_plain;f=helm%2Fsoftware%2Fmatita%2Fnlibrary%2Farithmetics%2Fnat.ma;h=d4ba1135e241626f551b5bca4b55c0a43f7d01e5;hb=a4cd6a8a1d6a008518c12daca794b9e811c1dee5;hp=b6683b267801bac94d220ad5ca573ac644eaf1a5;hpb=8899a3f240f62633f4df58b2ee358fa285a82d1d;p=helm.git

diff --git a/helm/software/matita/nlibrary/arithmetics/nat.ma b/helm/software/matita/nlibrary/arithmetics/nat.ma
index b6683b267..d4ba1135e 100644
--- a/helm/software/matita/nlibrary/arithmetics/nat.ma
+++ b/helm/software/matita/nlibrary/arithmetics/nat.ma
@@ -12,12 +12,11 @@
 (*                                                                        *)
 (**************************************************************************)
 
-(* include "higher_order_defs/functions.ma". *)
 include "hints_declaration.ma".
 include "basics/functions.ma".
-include "basics/eq.ma". 
+include "basics/eq.ma".
 
-ninductive nat : Type[0] ≝
+ninductive nat : Type ≝
   | O : nat
   | S : nat → nat.
   
@@ -36,7 +35,7 @@ ncoercion nat_to_pos: ∀n:nat. n ≠0 →pos ≝ mk_pos on
 *)
 
 ndefinition pred ≝
- λn. match n with [ O ⇒  O | (S p) ⇒ p].
+ λn. match n with [ O ⇒ O | S p ⇒ p].
 
 ntheorem pred_Sn : ∀n. n = pred (S n).
 //; nqed.
@@ -49,18 +48,18 @@ ntheorem inj_S : \forall n,m:nat.(S n)=(S m) \to n=m.
 //. nqed. *)
 
 ntheorem not_eq_S: ∀n,m:nat. n ≠ m → S n ≠ S m.
-/2/; nqed.
+/3/; nqed.
 
 ndefinition not_zero: nat → Prop ≝
  λn: nat. match n with
   [ O ⇒ False | (S p) ⇒ True ].
 
 ntheorem not_eq_O_S : ∀n:nat. O ≠ S n.
-#n; #eqOS; nchange with (not_zero O); nrewrite > eqOS; //.
+#n; napply nmk; #eqOS; nchange with (not_zero O); nrewrite > eqOS; //.
 nqed.
 
-ntheorem not_eq_n_Sn : ∀n:nat. n ≠ S n.
-#n; nelim n; /2/; nqed.
+ntheorem not_eq_n_Sn: ∀n:nat. n ≠ S n.
+#n; nelim n;/2/; nqed.
 
 ntheorem nat_case:
  ∀n:nat.∀P:nat → Prop. 
@@ -76,11 +75,11 @@ ntheorem nat_elim2 :
 #R; #ROn; #RSO; #RSS; #n; nelim n;//;
 #n0; #Rn0m; #m; ncases m;/2/; nqed.
 
-ntheorem decidable_eq_nat : \forall n,m:nat.decidable (n=m).
+ntheorem decidable_eq_nat : ∀n,m:nat.decidable (n=m).
 napply nat_elim2; #n;
  ##[ ncases n; /2/;
  ##| /3/;
- ##| #m; #Hind; ncases Hind; /3/;
+ ##| #m; #Hind; ncases Hind;/3/;
  ##]
 nqed. 
 
@@ -112,9 +111,10 @@ ntheorem plus_Sn_m1: ∀n,m:nat. S m + n = n + S m.
 #n; nelim n; nnormalize; //; nqed.
 *)
 
-(*
-ntheorem plus_n_SO : ∀n:nat. S n = n+S O.
-//; nqed. *)
+(* deleterio?
+ntheorem plus_n_1 : ∀n:nat. S n = n+1.
+//; nqed.
+*)
 
 ntheorem symmetric_plus: symmetric ? plus.
 #n; nelim n; nnormalize; //; nqed. 
@@ -123,7 +123,7 @@ ntheorem associative_plus : associative nat plus.
 #n; nelim n; nnormalize; //; nqed.
 
 ntheorem assoc_plus1: ∀a,b,c. c + (b + a) = b + c + a.
-//; nqed.
+//; nqed. 
 
 ntheorem injective_plus_r: ∀n:nat.injective nat nat (λm.n+m).
 #n; nelim n; nnormalize; /3/; nqed.
@@ -159,7 +159,7 @@ ntheorem times_n_Sm : ∀n,m:nat. n+(n*m) = n*(S m).
 #n; nelim n; nnormalize; //; nqed.
 
 ntheorem symmetric_times : symmetric nat times. 
-#n; nelim n; nnormalize; //; nqed.
+#n; nelim n; nnormalize; //; nqed. 
 
 (* variant sym_times : \forall n,m:nat. n*m = m*n \def
 symmetric_times. *)
@@ -167,9 +167,9 @@ symmetric_times. *)
 ntheorem distributive_times_plus : distributive nat times plus.
 #n; nelim n; nnormalize; //; nqed.
 
-ntheorem distributive_times_plus_r:  
-\forall a,b,c:nat. (b+c)*a = b*a + c*a.
-//; nqed.
+ntheorem distributive_times_plus_r :
+  ∀a,b,c:nat. (b+c)*a = b*a + c*a.
+//; nqed. 
 
 ntheorem associative_times: associative nat times.
 #n; nelim n; nnormalize; //; nqed.
@@ -220,13 +220,16 @@ interpretation "natural 'less than'" 'lt x y = (lt x y).
 
 interpretation "natural 'not less than'" 'nless x y = (Not (lt x y)).
 
-ndefinition ge: nat \to nat \to Prop \def
-\lambda n,m:nat.m \leq n.
+(* nlemma eq_lt: ∀n,m. (n < m) = (S n ≤ m).
+//; nqed. *)
+
+ndefinition ge: nat → nat → Prop ≝
+λn,m:nat.m ≤ n.
 
 interpretation "natural 'greater or equal to'" 'geq x y = (ge x y).
 
-ndefinition gt: nat \to nat \to Prop \def
-\lambda n,m:nat.m<n.
+ndefinition gt: nat → nat → Prop ≝
+λn,m:nat.m<n.
 
 interpretation "natural 'greater than'" 'gt x y = (gt x y).
 
@@ -240,6 +243,7 @@ nqed.
 ntheorem trans_le: \forall n,m,p:nat. n \leq m \to m \leq p \to n \leq p
 \def transitive_le. *)
 
+
 ntheorem transitive_lt: transitive nat lt.
 #a; #b; #c; #ltab; #ltbc;nelim ltbc;/2/;nqed.
 
@@ -259,24 +263,30 @@ ntheorem le_n_Sn : ∀n:nat. n ≤ S n.
 ntheorem le_pred_n : ∀n:nat. pred n ≤ n.
 #n; nelim n; //; nqed.
 
+(* XXX global problem 
+nlemma my_trans_le : ∀x,y,z:nat.x ≤ y → y ≤ z → x ≤ z. 
+napply transitive_le.
+nqed. *)
+
 ntheorem monotonic_pred: monotonic ? le pred.
-#n; #m; #lenm; nelim lenm; /2/; nqed.
+#n; #m; #lenm; nelim lenm; /2/;nqed.
 
 ntheorem le_S_S_to_le: ∀n,m:nat. S n ≤ S m → n ≤ m.
 /2/; nqed.
 
-ntheorem lt_S_S_to_lt: ∀n,m. S n < S m \to n < m.
+(* this are instances of the le versions 
+ntheorem lt_S_S_to_lt: ∀n,m. S n < S m → n < m.
 /2/; nqed. 
 
 ntheorem lt_to_lt_S_S: ∀n,m. n < m → S n < S m.
-/2/; nqed.
+/2/; nqed. *)
 
 ntheorem lt_to_not_zero : ∀n,m:nat. n < m → not_zero m.
 #n; #m; #Hlt; nelim Hlt;//; nqed.
 
 (* lt vs. le *)
 ntheorem not_le_Sn_O: ∀ n:nat. S n ≰ O.
-#n; #Hlen0; napply (lt_to_not_zero ?? Hlen0); nqed.
+#n; napply nmk; #Hlen0; napply (lt_to_not_zero ?? Hlen0); nqed.
 
 ntheorem not_le_to_not_le_S_S: ∀ n,m:nat. n ≰ m → S n ≰ S m.
 /3/; nqed.
@@ -286,7 +296,7 @@ ntheorem not_le_S_S_to_not_le: ∀ n,m:nat. S n ≰ S m → n ≰ m.
 
 ntheorem decidable_le: ∀n,m. decidable (n≤m).
 napply nat_elim2; #n; /2/;
-#m; #dec; ncases dec;/3/; nqed.
+#m; *; /3/; nqed.
 
 ntheorem decidable_lt: ∀n,m. decidable (n < m).
 #n; #m; napply decidable_le ; nqed.
@@ -294,14 +304,16 @@ ntheorem decidable_lt: ∀n,m. decidable (n < m).
 ntheorem not_le_Sn_n: ∀n:nat. S n ≰ n.
 #n; nelim n; /2/; nqed.
 
+(* this is le_S_S_to_le
 ntheorem lt_S_to_le: ∀n,m:nat. n < S m → n ≤ m.
 /2/; nqed.
+*)
 
 ntheorem not_le_to_lt: ∀n,m. n ≰ m → m < n.
 napply nat_elim2; #n;
  ##[#abs; napply False_ind;/2/;
  ##|/2/;
- ##|#m;#Hind;#HnotleSS; napply lt_to_lt_S_S;/3/;
+ ##|#m;#Hind;#HnotleSS; napply le_S_S;/3/;
  ##]
 nqed.
 
@@ -309,12 +321,15 @@ ntheorem lt_to_not_le: ∀n,m. n < m → m ≰ n.
 #n; #m; #Hltnm; nelim Hltnm;/3/; nqed.
 
 ntheorem not_lt_to_le: ∀n,m:nat. n ≮ m → m ≤ n.
-#n; #m; #Hnlt; napply lt_S_to_le;
+/4/; nqed.
+
+(*
+#n; #m; #Hnlt; napply le_S_S_to_le;/2/;
 (* something strange here: /2/ fails *)
-napply not_le_to_lt; napply Hnlt; nqed. 
+napply not_le_to_lt; napply Hnlt; nqed. *)
 
 ntheorem le_to_not_lt: ∀n,m:nat. n ≤ m → m ≮ n.
-/2/; nqed.
+#n; #m; #H;napply lt_to_not_le; /2/; (* /3/ *) nqed.
 
 (* lt and le trans *)
 
@@ -343,7 +358,8 @@ qed. *)
 
 ntheorem lt_O_n_elim: ∀n:nat. O < n → 
   ∀P:nat → Prop.(∀m:nat.P (S m)) → P n.
-#n; nelim n; //; #abs; napply False_ind; /2/; nqed.
+#n; nelim n; //; #abs; napply False_ind;/2/;
+nqed.
 
 (*
 theorem lt_pred: \forall n,m. 
@@ -382,7 +398,7 @@ ntheorem le_to_or_lt_eq: ∀n,m:nat. n ≤ m → n < m ∨ n = m.
 
 (* not eq *)
 ntheorem lt_to_not_eq : ∀n,m:nat. n < m → n ≠ m.
-/2/; nqed.
+#n; #m; #H; napply not_to_not;/2/; nqed.
 
 (*not lt 
 ntheorem eq_to_not_lt: ∀a,b:nat. a = b → a ≮ b.
@@ -411,14 +427,18 @@ qed. *)
 
 ntheorem not_eq_to_le_to_lt: ∀n,m. n≠m → n≤m → n<m.
 #n; #m; #Hneq; #Hle; ncases (le_to_or_lt_eq ?? Hle); //;
-#Heq; nelim (Hneq Heq); nqed.
+#Heq; /3/; nqed.
+(*
+nelim (Hneq Heq); nqed. *)
 
 (* le elimination *)
 ntheorem le_n_O_to_eq : ∀n:nat. n ≤ O → O=n.
-#n; ncases n; //; #a ; #abs; nelim (not_le_Sn_O ? abs); nqed.
+#n; ncases n; //; #a ; #abs;
+napply False_ind; /2/;nqed.
 
 ntheorem le_n_O_elim: ∀n:nat. n ≤ O → ∀P: nat →Prop. P O → P n.
-#n; ncases n; //; #a; #abs; nelim (not_le_Sn_O ? abs); nqed. 
+#n; ncases n; //; #a; #abs; 
+napply False_ind; /2/; nqed. 
 
 ntheorem le_n_Sm_elim : ∀n,m:nat.n ≤ S m → 
 ∀P:Prop. (S n ≤ S m → P) → (n=S m → P) → P.
@@ -427,9 +447,10 @@ ntheorem le_n_Sm_elim : ∀n,m:nat.n ≤ S m →
 (* le and eq *)
 
 ntheorem le_to_le_to_eq: ∀n,m. n ≤ m → m ≤ n → n = m.
-napply nat_elim2; /3/; nqed.
+napply nat_elim2; /4/;
+nqed. 
 
-ntheorem lt_O_S : \forall n:nat. O < S n.
+ntheorem lt_O_S : ∀n:nat. O < S n.
 /2/; nqed.
 
 (*
@@ -467,7 +488,7 @@ nelim n;
  ##[#q; #HleO; (* applica male *) 
     napply (le_n_O_elim ? HleO);
     napply H; #p; #ltpO;
-    napply False_ind; /2/; 
+    napply False_ind; /2/; (* 3 *)
  ##|#p; #Hind; #q; #HleS; 
     napply H; #a; #lta; napply Hind;
     napply le_S_S_to_le;/2/;
@@ -528,30 +549,38 @@ apply le_to_or_lt_eq.apply H6.
 qed.
 *)
 
-(******************* monotonicity ******************************)
+(*********************** monotonicity ***************************)
 ntheorem monotonic_le_plus_r: 
 ∀n:nat.monotonic nat le (λm.n + m).
 #n; #a; #b; nelim n; nnormalize; //;
 #m; #H; #leab;napply le_S_S; /2/; nqed.
 
+(*
 ntheorem le_plus_r: ∀p,n,m:nat. n ≤ m → p + n ≤ p + m
-≝ monotonic_le_plus_r.
+≝ monotonic_le_plus_r. *)
 
 ntheorem monotonic_le_plus_l: 
 ∀m:nat.monotonic nat le (λn.n + m).
 /2/; nqed.
 
+(*
 ntheorem le_plus_l: \forall p,n,m:nat. n \le m \to n + p \le m + p
-\def monotonic_le_plus_l. 
+\def monotonic_le_plus_l. *)
 
-ntheorem le_plus: ∀n1,n2,m1,m2:nat. n1 ≤ n2  \to m1 ≤ m2 
+ntheorem le_plus: ∀n1,n2,m1,m2:nat. n1 ≤ n2  → m1 ≤ m2 
 → n1 + m1 ≤ n2 + m2.
-#n1; #n2; #m1; #m2; #len; #lem; napply transitive_le;
+#n1; #n2; #m1; #m2; #len; #lem; napply (transitive_le ? (n1+m2));
 /2/; nqed.
 
 ntheorem le_plus_n :∀n,m:nat. m ≤ n + m.
 /2/; nqed. 
 
+nlemma le_plus_a: ∀a,n,m. n ≤ m → n ≤ a + m.
+/2/; nqed.
+
+nlemma le_plus_b: ∀b,n,m. n + b ≤ m → n ≤ m.
+/2/; nqed.
+
 ntheorem le_plus_n_r :∀n,m:nat. m ≤ m + n.
 /2/; nqed.
 
@@ -559,88 +588,564 @@ ntheorem eq_plus_to_le: ∀n,m,p:nat.n=m+p → m ≤ n.
 //; nqed.
 
 ntheorem le_plus_to_le: ∀a,n,m. a + n ≤ a + m → n ≤ m.
-#a; nelim a; /3/; nqed.
-
-(* times 
-theorem monotonic_le_times_r: 
-\forall n:nat.monotonic nat le (\lambda m. n * m).
-simplify.intros.elim n.
-simplify.apply le_O_n.
-simplify.apply le_plus.
-assumption.
-assumption.
-qed.
+#a; nelim a; nnormalize; /3/; nqed. 
 
-theorem le_times_r: \forall p,n,m:nat. n \le m \to p*n \le p*m
-\def monotonic_le_times_r.
+ntheorem le_plus_to_le_r: ∀a,n,m. n + a ≤ m +a → n ≤ m.
+/2/; nqed. 
 
-theorem monotonic_le_times_l: 
-\forall m:nat.monotonic nat le (\lambda n.n*m).
-simplify.intros.
-rewrite < sym_times.rewrite < (sym_times m).
-apply le_times_r.assumption.
-qed.
+(* plus & lt *)
+
+ntheorem monotonic_lt_plus_r: 
+∀n:nat.monotonic nat lt (λm.n+m).
+/2/; nqed.
+
+(*
+variant lt_plus_r: \forall n,p,q:nat. p < q \to n + p < n + q \def
+monotonic_lt_plus_r. *)
+
+ntheorem monotonic_lt_plus_l: 
+∀n:nat.monotonic nat lt (λm.m+n).
+/2/; nqed.
+
+(*
+variant lt_plus_l: \forall n,p,q:nat. p < q \to p + n < q + n \def
+monotonic_lt_plus_l. *)
+
+ntheorem lt_plus: ∀n,m,p,q:nat. n < m → p < q → n + p < m + q.
+#n; #m; #p; #q; #ltnm; #ltpq;
+napply (transitive_lt ? (n+q));/2/; nqed.
+
+ntheorem lt_plus_to_lt_l :∀n,p,q:nat. p+n < q+n → p<q.
+/2/; nqed.
+
+ntheorem lt_plus_to_lt_r :∀n,p,q:nat. n+p < n+q → p<q.
+/2/; nqed.
 
+(*
+ntheorem le_to_lt_to_lt_plus: ∀a,b,c,d:nat.
+a ≤ c → b < d → a + b < c+d.
+(* bello /2/ un po' lento *)
+#a; #b; #c; #d; #leac; #lebd; 
+nnormalize; napplyS le_plus; //; nqed.
+*)
+
+(* times *)
+ntheorem monotonic_le_times_r: 
+∀n:nat.monotonic nat le (λm. n * m).
+#n; #x; #y; #lexy; nelim n; nnormalize;//;(* lento /2/;*)
+#a; #lea; napply le_plus; //;
+nqed.
+
+(*
+ntheorem le_times_r: \forall p,n,m:nat. n \le m \to p*n \le p*m
+\def monotonic_le_times_r. *)
+
+(*
+ntheorem monotonic_le_times_l: 
+∀m:nat.monotonic nat le (λn.n*m).
+/2/; nqed.
+*)
+
+(*
 theorem le_times_l: \forall p,n,m:nat. n \le m \to n*p \le m*p
-\def monotonic_le_times_l.
+\def monotonic_le_times_l. *)
+
+ntheorem le_times: ∀n1,n2,m1,m2:nat. 
+n1 ≤ n2  → m1 ≤ m2 → n1*m1 ≤ n2*m2.
+#n1; #n2; #m1; #m2; #len; #lem; 
+napply (transitive_le ? (n1*m2)); (* /2/ slow *)
+ ##[ napply monotonic_le_times_r;//; 
+ ##| napplyS monotonic_le_times_r;//;
+ ##]
+nqed.
+
+(* interesssante *)
+ntheorem lt_times_n: ∀n,m:nat. O < n → m ≤ n*m.
+#n; #m; #H; /2/; nqed.
+
+ntheorem le_times_to_le: 
+∀a,n,m. O < a → a * n ≤ a * m → n ≤ m.
+#a; napply nat_elim2; nnormalize;
+  ##[//;
+  ##|#n; #H1; #H2; 
+     napply (transitive_le ? (a*S n));/2/;
+  ##|#n; #m; #H; #lta; #le;
+     napply le_S_S; napply H; /2/;
+  ##]
+nqed.
+
+ntheorem le_S_times_2: ∀n,m.O < m → n ≤ m → S n ≤ 2*m.
+#n; #m; #posm; #lenm;  (* interessante *)
+napplyS (le_plus n m); //; nqed.
+
+(* times & lt *)
+(*
+ntheorem lt_O_times_S_S: ∀n,m:nat.O < (S n)*(S m).
+intros.simplify.unfold lt.apply le_S_S.apply le_O_n.
+qed. *)
 
-theorem le_times: \forall n1,n2,m1,m2:nat. n1 \le n2  \to m1 \le m2 
-\to n1*m1 \le n2*m2.
+(*
+ntheorem lt_times_eq_O: \forall a,b:nat.
+O < a → a * b = O → b = O.
 intros.
-apply (trans_le ? (n2*m1)).
-apply le_times_l.assumption.
-apply le_times_r.assumption.
-qed.
+apply (nat_case1 b)
+[ intros.
+  reflexivity
+| intros.
+  rewrite > H2 in H1.
+  rewrite > (S_pred a) in H1
+  [ apply False_ind.
+    apply (eq_to_not_lt O ((S (pred a))*(S m)))
+    [ apply sym_eq.
+      assumption
+    | apply lt_O_times_S_S
+    ]
+  | assumption
+  ]
+]
+qed. 
 
-theorem le_times_n: \forall n,m:nat.(S O) \le n \to m \le n*m.
-intros.elim H.simplify.
-elim (plus_n_O ?).apply le_n.
-simplify.rewrite < sym_plus.apply le_plus_n.
+theorem O_lt_times_to_O_lt: \forall a,c:nat.
+O \lt (a * c) \to O \lt a.
+intros.
+apply (nat_case1 a)
+[ intros.
+  rewrite > H1 in H.
+  simplify in H.
+  assumption
+| intros.
+  apply lt_O_S
+]
 qed.
 
-theorem le_times_to_le: 
-\forall a,n,m. S O \le a \to a * n \le a * m \to n \le m.
-intro.
-apply nat_elim2;intros
-  [apply le_O_n
+lemma lt_times_to_lt_O: \forall i,n,m:nat. i < n*m \to O < m.
+intros.
+elim (le_to_or_lt_eq O ? (le_O_n m))
+  [assumption
   |apply False_ind.
-   rewrite < times_n_O in H1.
-   generalize in match H1.
-   apply (lt_O_n_elim ? H).
-   intros.
-   simplify in H2.
-   apply (le_to_not_lt ? ? H2).
-   apply lt_O_S
-  |apply le_S_S.
-   apply H
+   rewrite < H1 in H.
+   rewrite < times_n_O in H.
+   apply (not_le_Sn_O ? H)
+  ]
+qed. *)
+
+(*
+ntheorem monotonic_lt_times_r: 
+∀n:nat.monotonic nat lt (λm.(S n)*m).
+/2/; 
+simplify.
+intros.elim n.
+simplify.rewrite < plus_n_O.rewrite < plus_n_O.assumption.
+apply lt_plus.assumption.assumption.
+qed. *)
+
+ntheorem monotonic_lt_times_l: 
+  ∀c:nat. O < c → monotonic nat lt (λt.(t*c)).
+#c; #posc; #n; #m; #ltnm;
+nelim ltnm; nnormalize;
+  ##[/2/; 
+  ##|#a; #_; #lt1; napply (transitive_le ??? lt1);//;
+  ##]
+nqed.
+
+ntheorem monotonic_lt_times_r: 
+  ∀c:nat. O < c → monotonic nat lt (λt.(c*t)).
+/2/; nqed.
+
+ntheorem lt_to_le_to_lt_times: 
+∀n,m,p,q:nat. n < m → p ≤ q → O < q → n*p < m*q.
+#n; #m; #p; #q; #ltnm; #lepq; #posq;
+napply (le_to_lt_to_lt ? (n*q));
+  ##[napply monotonic_le_times_r;//;
+  ##|napply monotonic_lt_times_l;//;
+  ##]
+nqed.
+
+ntheorem lt_times:∀n,m,p,q:nat. n<m → p<q → n*p < m*q.
+#n; #m; #p; #q; #ltnm; #ltpq;
+napply lt_to_le_to_lt_times;/2/;
+nqed.
+
+ntheorem lt_times_n_to_lt_l: 
+∀n,p,q:nat. p*n < q*n → p < q.
+#n; #p; #q; #Hlt;
+nelim (decidable_lt p q);//;
+#nltpq; napply False_ind; 
+napply (absurd ? ? (lt_to_not_le ? ? Hlt));
+napplyS monotonic_le_times_r;/2/;
+nqed.
+
+ntheorem lt_times_n_to_lt_r: 
+∀n,p,q:nat. n*p < n*q → p < q.
+/2/; nqed.
+
+(*
+theorem nat_compare_times_l : \forall n,p,q:nat. 
+nat_compare p q = nat_compare ((S n) * p) ((S n) * q).
+intros.apply nat_compare_elim.intro.
+apply nat_compare_elim.
+intro.reflexivity.
+intro.absurd (p=q).
+apply (inj_times_r n).assumption.
+apply lt_to_not_eq. assumption.
+intro.absurd (q<p).
+apply (lt_times_to_lt_r n).assumption.
+apply le_to_not_lt.apply lt_to_le.assumption.
+intro.rewrite < H.rewrite > nat_compare_n_n.reflexivity.
+intro.apply nat_compare_elim.intro.
+absurd (p<q).
+apply (lt_times_to_lt_r n).assumption.
+apply le_to_not_lt.apply lt_to_le.assumption.
+intro.absurd (q=p).
+symmetry.
+apply (inj_times_r n).assumption.
+apply lt_to_not_eq.assumption.
+intro.reflexivity.
+qed. *)
+
+(* times and plus 
+theorem lt_times_plus_times: \forall a,b,n,m:nat. 
+a < n \to b < m \to a*m + b < n*m.
+intros 3.
+apply (nat_case n)
+  [intros.apply False_ind.apply (not_le_Sn_O ? H)
+  |intros.simplify.
+   rewrite < sym_plus.
+   unfold.
+   change with (S b+a*m1 \leq m1+m*m1).
+   apply le_plus
     [assumption
-    |rewrite < times_n_Sm in H2.
-     rewrite < times_n_Sm in H2.
-     apply (le_plus_to_le a).
-     assumption
+    |apply le_times
+      [apply le_S_S_to_le.assumption
+      |apply le_n
+      ]
     ]
   ]
+qed. *)
+
+(************************** minus ******************************)
+
+nlet rec minus n m ≝ 
+ match n with 
+ [ O ⇒ O
+ | S p ⇒ 
+	match m with
+	  [ O ⇒ S p
+    | S q ⇒ minus p q ]].
+        
+interpretation "natural minus" 'minus x y = (minus x y).
+
+ntheorem minus_S_S: ∀n,m:nat.S n - S m = n -m.
+//; nqed.
+
+ntheorem minus_O_n: ∀n:nat.O=O-n.
+#n; ncases n; //; nqed.
+
+ntheorem minus_n_O: ∀n:nat.n=n-O.
+#n; ncases n; //; nqed.
+
+ntheorem minus_n_n: ∀n:nat.O=n-n.
+#n; nelim n; //; nqed.
+
+ntheorem minus_Sn_n: ∀n:nat. S O = (S n)-n.
+#n; nelim n; nnormalize; //; nqed.
+
+ntheorem minus_Sn_m: ∀m,n:nat. m ≤ n → S n -m = S (n-m).
+(* qualcosa da capire qui 
+#n; #m; #lenm; nelim lenm; napplyS refl_eq. *)
+napply nat_elim2; 
+  ##[//
+  ##|#n; #abs; napply False_ind; /2/ 
+  ##|#n; #m; #Hind; #c; napplyS Hind; /2/;
+  ##]
+nqed.
+
+ntheorem not_eq_to_le_to_le_minus: 
+  ∀n,m.n ≠ m → n ≤ m → n ≤ m - 1.
+#n; #m; ncases m;//; #m; nnormalize;
+#H; #H1; napply le_S_S_to_le;
+napplyS (not_eq_to_le_to_lt n (S m) H H1);
+nqed.
+
+ntheorem eq_minus_S_pred: ∀n,m. n - (S m) = pred(n -m).
+napply nat_elim2; nnormalize; //; nqed.
+
+ntheorem plus_minus:
+∀m,n,p:nat. m ≤ n → (n-m)+p = (n+p)-m.
+napply nat_elim2; 
+  ##[//
+  ##|#n; #p; #abs; napply False_ind; /2/;
+  ##|nnormalize;/3/;
+  ##]
+nqed.
+
+ntheorem minus_plus_m_m: ∀n,m:nat.n = (n+m)-m.
+#n; #m; napplyS (plus_minus m m n); //; nqed.
+
+ntheorem plus_minus_m_m: ∀n,m:nat.
+  m ≤ n → n = (n-m)+m.
+#n; #m; #lemn; napplyS sym_eq; 
+napplyS (plus_minus m n m); //; nqed.
+
+ntheorem le_plus_minus_m_m: ∀n,m:nat. n ≤ (n-m)+m.
+#n; nelim n;
+  ##[//
+  ##|#a; #Hind; #m; ncases m;//;  
+     nnormalize; #n;/2/;  
+  ##]
+nqed.
+
+ntheorem minus_to_plus :∀n,m,p:nat.
+  m ≤ n → n-m = p → n = m+p.
+#n; #m; #p; #lemn; #eqp; napplyS plus_minus_m_m; //;
+nqed.
+
+ntheorem plus_to_minus :∀n,m,p:nat.n = m+p → n-m = p.
+(* /4/ done in 43.5 *)
+#n; #m; #p; #eqp; 
+napply sym_eq;
+napplyS (minus_plus_m_m p m);
+nqed.
+
+ntheorem minus_pred_pred : ∀n,m:nat. O < n → O < m → 
+pred n - pred m = n - m.
+#n; #m; #posn; #posm;
+napply (lt_O_n_elim n posn); 
+napply (lt_O_n_elim m posm);//.
+nqed.
+
+(*
+theorem eq_minus_n_m_O: \forall n,m:nat.
+n \leq m \to n-m = O.
+intros 2.
+apply (nat_elim2 (\lambda n,m.n \leq m \to n-m = O)).
+intros.simplify.reflexivity.
+intros.apply False_ind.
+apply not_le_Sn_O;
+[2: apply H | skip].
+intros.
+simplify.apply H.apply le_S_S_to_le. apply H1.
+qed.
+
+theorem le_SO_minus: \forall n,m:nat.S n \leq m \to S O \leq m-n.
+intros.elim H.elim (minus_Sn_n n).apply le_n.
+rewrite > minus_Sn_m.
+apply le_S.assumption.
+apply lt_to_le.assumption.
 qed.
 
-theorem le_S_times_SSO: \forall n,m.O < m \to
-n \le m \to S n \le (S(S O))*m.
+theorem minus_le_S_minus_S: \forall n,m:nat. m-n \leq S (m-(S n)).
 intros.
-simplify.
-rewrite > plus_n_O.
-simplify.rewrite > plus_n_Sm.
-apply le_plus
-  [assumption
-  |rewrite < plus_n_O.
-   assumption
-  ]
+apply (nat_elim2 (\lambda n,m.m-n \leq S (m-(S n)))).
+intro.elim n1.simplify.apply le_n_Sn.
+simplify.rewrite < minus_n_O.apply le_n.
+intros.simplify.apply le_n_Sn.
+intros.simplify.apply H.
 qed.
-(*0 and times *)
-theorem O_lt_const_to_le_times_const:  \forall a,c:nat.
-O \lt c \to a \le a*c.
+
+theorem lt_minus_S_n_to_le_minus_n : \forall n,m,p:nat. m-(S n) < p \to m-n \leq p. 
+intros 3.intro.
+(* autobatch *)
+(* end auto($Revision: 9739 $) proof: TIME=1.33 SIZE=100 DEPTH=100 *)
+apply (trans_le (m-n) (S (m-(S n))) p).
+apply minus_le_S_minus_S.
+assumption.
+qed.
+
+theorem le_minus_m: \forall n,m:nat. n-m \leq n.
+intros.apply (nat_elim2 (\lambda m,n. n-m \leq n)).
+intros.rewrite < minus_n_O.apply le_n.
+intros.simplify.apply le_n.
+intros.simplify.apply le_S.assumption.
+qed.
+
+theorem lt_minus_m: \forall n,m:nat. O < n \to O < m \to n-m \lt n.
+intros.apply (lt_O_n_elim n H).intro.
+apply (lt_O_n_elim m H1).intro.
+simplify.unfold lt.apply le_S_S.apply le_minus_m.
+qed.
+
+theorem minus_le_O_to_le: \forall n,m:nat. n-m \leq O \to n \leq m.
+intros 2.
+apply (nat_elim2 (\lambda n,m:nat.n-m \leq O \to n \leq m)).
+intros.apply le_O_n.
+simplify.intros. assumption.
+simplify.intros.apply le_S_S.apply H.assumption.
+qed.
+*)
+
+(* monotonicity and galois *)
+
+ntheorem monotonic_le_minus_l: 
+∀p,q,n:nat. q ≤ p → q-n ≤ p-n.
+napply nat_elim2; #p; #q;
+  ##[#lePO; napply (le_n_O_elim ? lePO);//;
+  ##|//;
+  ##|#Hind; #n; ncases n;
+    ##[//;
+    ##|#a; #leSS; napply Hind; /2/;
+    ##]
+  ##]
+nqed.
+
+ntheorem le_minus_to_plus: ∀n,m,p. n-m ≤ p → n≤ p+m.
+#n; #m; #p; #lep;
+napply transitive_le;
+  ##[##|napply le_plus_minus_m_m
+  ##|napply monotonic_le_plus_l;//;
+  ##]
+nqed.
+
+ntheorem le_plus_to_minus: ∀n,m,p. n ≤ p+m → n-m ≤ p.
+#n; #m; #p; #lep;
+(* bello *)
+napplyS monotonic_le_minus_l;//;
+(* /2/; *)
+nqed.
+
+ntheorem monotonic_le_minus_r: 
+∀p,q,n:nat. q ≤ p → n-p ≤ n-q.
+#p; #q; #n; #lepq;
+napply le_plus_to_minus;
+napply (transitive_le ??? (le_plus_minus_m_m ? q));/2/;
+nqed.
+
+(*********************** boolean arithmetics ********************) 
+include "basics/bool.ma".
+
+nlet rec eqb n m ≝ 
+match n with 
+  [ O ⇒ match m with [ O ⇒ true | S q ⇒ false] 
+  | S p ⇒ match m with [ O ⇒ false | S q ⇒ eqb p q]
+  ].
+	   
+(*
+ntheorem eqb_to_Prop: ∀n,m:nat. 
+match (eqb n m) with
+[ true  \Rightarrow n = m 
+| false \Rightarrow n \neq m].
 intros.
-rewrite > (times_n_SO a) in \vdash (? % ?).
-apply le_times
-[ apply le_n
-| assumption
-]
-qed. *)
\ No newline at end of file
+apply (nat_elim2
+(\lambda n,m:nat.match (eqb n m) with
+[ true  \Rightarrow n = m 
+| false \Rightarrow n \neq m])).
+intro.elim n1.
+simplify.reflexivity.
+simplify.apply not_eq_O_S.
+intro.
+simplify.unfold Not.
+intro. apply (not_eq_O_S n1).apply sym_eq.assumption.
+intros.simplify.
+generalize in match H.
+elim ((eqb n1 m1)).
+simplify.apply eq_f.apply H1.
+simplify.unfold Not.intro.apply H1.apply inj_S.assumption.
+qed.
+*)
+
+ntheorem eqb_elim : ∀ n,m:nat.∀ P:bool → Prop.
+(n=m → (P true)) → (n ≠ m → (P false)) → (P (eqb n m)). 
+napply nat_elim2; 
+  ##[#n; ncases n; nnormalize; /3/; 
+  ##|nnormalize; /3/;
+  ##|nnormalize; /4/; 
+  ##] 
+nqed.
+
+ntheorem eqb_n_n: ∀n. eqb n n = true.
+#n; nelim n; nnormalize; //.
+nqed. 
+
+ntheorem eqb_true_to_eq: ∀n,m:nat. eqb n m = true → n = m.
+#n; #m; napply (eqb_elim n m);//;
+#_; #abs; napply False_ind; /2/;
+nqed.
+
+ntheorem eqb_false_to_not_eq: ∀n,m:nat. eqb n m = false → n ≠ m.
+#n; #m; napply (eqb_elim n m);/2/;
+nqed.
+
+ntheorem eq_to_eqb_true: ∀n,m:nat.
+  n = m → eqb n m = true.
+//; nqed.
+
+ntheorem not_eq_to_eqb_false: ∀n,m:nat.
+  n ≠  m → eqb n m = false.
+#n; #m; #noteq; 
+napply eqb_elim;//;
+#Heq; napply False_ind; /2/; 
+nqed.
+
+nlet rec leb n m ≝ 
+match n with 
+    [ O ⇒ true
+    | (S p) ⇒
+	match m with 
+        [ O ⇒ false
+	      | (S q) ⇒ leb p q]].
+
+ntheorem leb_elim: ∀n,m:nat. ∀P:bool → Prop. 
+(n ≤ m → P true) → (n ≰ m → P false) → P (leb n m).
+napply nat_elim2; nnormalize;
+  ##[/2/
+  ##|/3/;
+  ##|#n; #m; #Hind; #P; #Pt; #Pf; napply Hind;
+    ##[#lenm; napply Pt; napply le_S_S;//;
+    ##|#nlenm; napply Pf; /2/; 
+    ##]
+  ##]
+nqed.
+
+ntheorem leb_true_to_le:∀n,m.leb n m = true → n ≤ m.
+#n; #m; napply leb_elim;
+  ##[//;
+  ##|#_; #abs; napply False_ind; /2/;
+  ##]
+nqed.
+
+ntheorem leb_false_to_not_le:∀n,m.
+  leb n m = false → n ≰ m.
+#n; #m; napply leb_elim;
+  ##[#_; #abs; napply False_ind; /2/;
+  ##|//;
+  ##]
+nqed.
+
+ntheorem le_to_leb_true: ∀n,m. n ≤ m → leb n m = true.
+#n; #m; napply leb_elim; //;
+#H; #H1; napply False_ind; /2/;
+nqed.
+
+ntheorem not_le_to_leb_false: ∀n,m. n ≰ m → leb n m = false.
+#n; #m; napply leb_elim; //;
+#H; #H1; napply False_ind; /2/;
+nqed.
+
+ntheorem lt_to_leb_false: ∀n,m. m < n → leb n m = false.
+/3/; nqed.
+
+(* serve anche ltb? 
+ndefinition ltb ≝λn,m. leb (S n) m.
+
+ntheorem ltb_elim: ∀n,m:nat. ∀P:bool → Prop. 
+(n < m → P true) → (n ≮ m → P false) → P (ltb n m).
+#n; #m; #P; #Hlt; #Hnlt;
+napply leb_elim; /3/; nqed.
+
+ntheorem ltb_true_to_lt:∀n,m.ltb n m = true → n < m.
+#n; #m; #Hltb; napply leb_true_to_le; nassumption;
+nqed.
+
+ntheorem ltb_false_to_not_lt:∀n,m.
+  ltb n m = false → n ≮ m.
+#n; #m; #Hltb; napply leb_false_to_not_le; nassumption;
+nqed.
+
+ntheorem lt_to_ltb_true: ∀n,m. n < m → ltb n m = true.
+#n; #m; #Hltb; napply le_to_leb_true; nassumption;
+nqed.
+
+ntheorem le_to_ltb_false: ∀n,m. m \le n → ltb n m = false.
+#n; #m; #Hltb; napply lt_to_leb_false; /2/;
+nqed. *)
+