-(**************************************************************************)
-(* ___ *)
-(* ||M|| *)
-(* ||A|| A project by Andrea Asperti *)
-(* ||T|| *)
-(* ||I|| Developers: *)
-(* ||T|| A.Asperti, C.Sacerdoti Coen, *)
-(* ||A|| E.Tassi, S.Zacchiroli *)
-(* \ / *)
-(* \ / Matita is distributed under the terms of the *)
-(* v GNU Lesser General Public License Version 2.1 *)
-(* *)
-(**************************************************************************)
-
-set "baseuri" "cic:/matita/nat/div_and_mod".
-
-include "datatypes/constructors.ma".
-include "nat/minus.ma".
-
-let rec mod_aux t m n: nat \def
-match (leb (S m) n) with
-[ true \Rightarrow m
-| false \Rightarrow
- match t with
- [O \Rightarrow m (* if t is large enough this case never happens *)
- |(S t1) \Rightarrow mod_aux t1 (m-n) n
- ]
-].
-
-definition mod: nat \to nat \to nat \def
-\lambda m,n.mod_aux m m n.
-
-interpretation "natural remainder" 'module x y =
- (cic:/matita/nat/div_and_mod/mod.con x y).
-
-lemma O_to_mod_aux: \forall m,n. mod_aux O m n = m.
-intros.
-simplify.elim (leb (S m) n);reflexivity.
-qed.
-
-lemma lt_to_mod_aux: \forall t,m,n. m < n \to mod_aux (S t) m n = m.
-intros.
-change with
-( match (leb (S m) n) with
- [ true \Rightarrow m | false \Rightarrow mod_aux t (m-n) n] = m).
-rewrite > (le_to_leb_true ? ? H).
-reflexivity.
-qed.
-
-lemma le_to_mod_aux: \forall t,m,n. n \le m \to
-mod_aux (S t) m n = mod_aux t (m-n) n.
-intros.
-change with
-(match (leb (S m) n) with
-[ true \Rightarrow m | false \Rightarrow mod_aux t (m-n) n] = mod_aux t (m-n) n).
-apply (leb_elim (S m) n);intro
- [apply False_ind.apply (le_to_not_lt ? ? H).apply H1
- |reflexivity
- ]
-qed.
-
-let rec div_aux p m n : nat \def
-match (leb (S m) n) with
-[ true \Rightarrow O
-| false \Rightarrow
- match p with
- [O \Rightarrow O
- |(S q) \Rightarrow S (div_aux q (m-n) n)]].
-
-definition div : nat \to nat \to nat \def
-\lambda n,m.div_aux n n m.
-
-interpretation "natural divide" 'divide x y =
- (cic:/matita/nat/div_and_mod/div.con x y).
-
-theorem lt_mod_aux_m_m:
-\forall n. O < n \to \forall t,m. m \leq t \to (mod_aux t m n) < n.
-intros 3.
-elim t
- [rewrite > O_to_mod_aux.
- apply (le_n_O_elim ? H1).
- assumption
- |apply (leb_elim (S m) n);intros
- [rewrite > lt_to_mod_aux[assumption|assumption]
- |rewrite > le_to_mod_aux
- [apply H1.
- apply le_plus_to_minus.
- apply (trans_le ? ? ? H2).
- apply (lt_O_n_elim ? H).intro.
- rewrite < plus_n_Sm.
- apply le_S_S.
- apply le_plus_n_r
- |apply not_lt_to_le.
- assumption
- ]
- ]
- ]
-qed.
-
-theorem lt_mod_m_m: \forall n,m. O < m \to (n \mod m) < m.
-intros.unfold mod.
-apply lt_mod_aux_m_m[assumption|apply le_n]
-qed.
-
-lemma mod_aux_O: \forall p,n:nat. mod_aux p n O = n.
-intros.
-elim p
- [reflexivity
- |simplify.rewrite < minus_n_O.assumption
- ]
-qed.
-
-theorem div_aux_mod_aux: \forall m,p,n:nat.
-(n=(div_aux p n m)*m + (mod_aux p n m)).
-intro.
-apply (nat_case m)
- [intros.rewrite < times_n_O.simplify.apply sym_eq.apply mod_aux_O
- |intros 2.elim p
- [simplify.elim (leb n m1);reflexivity
- |simplify.apply (leb_elim n1 m1);intro
- [reflexivity
- |simplify.
- rewrite > assoc_plus.
- rewrite < (H (n1-(S m1))).
- change with (n1=(S m1)+(n1-(S m1))).
- rewrite < sym_plus.
- apply plus_minus_m_m.
- change with (m1 < n1).
- apply not_le_to_lt.exact H1.
- ]
- ]
- ]
-qed.
-
-theorem div_mod: \forall n,m:nat. O < m \to n=(n / m)*m+(n \mod m).
-intros.apply (div_aux_mod_aux m n n).
-qed.
-
-inductive div_mod_spec (n,m,q,r:nat) : Prop \def
-div_mod_spec_intro: r < m \to n=q*m+r \to (div_mod_spec n m q r).
-
-(*
-definition div_mod_spec : nat \to nat \to nat \to nat \to Prop \def
-\lambda n,m,q,r:nat.r < m \land n=q*m+r).
-*)
-
-theorem div_mod_spec_to_not_eq_O: \forall n,m,q,r.(div_mod_spec n m q r) \to m \neq O.
-intros 4.unfold Not.intros.elim H.absurd (le (S r) O)
- [rewrite < H1.assumption|exact (not_le_Sn_O r)]
-qed.
-
-theorem div_mod_spec_div_mod:
-\forall n,m. O < m \to (div_mod_spec n m (n / m) (n \mod m)).
-intros.autobatch.
-(*
-apply div_mod_spec_intro.
-apply lt_mod_m_m.assumption.
-apply div_mod.assumption.
-*)
-qed.
-
-theorem div_mod_spec_to_eq :\forall a,b,q,r,q1,r1.
-(div_mod_spec a b q r) \to (div_mod_spec a b q1 r1) \to q = q1.
-intros.elim H.elim H1.
-apply (nat_compare_elim q q1);intro
- [apply False_ind.
- cut ((q1-q)*b+r1 = r)
- [cut (b \leq (q1-q)*b+r1)
- [cut (b \leq r)
- [apply (lt_to_not_le r b H2 Hcut2)
- |elim Hcut.assumption
- ]
- |autobatch depth=4. apply (trans_le ? ((q1-q)*b))
- [apply le_times_n.
- apply le_SO_minus.exact H6
- |rewrite < sym_plus.
- apply le_plus_n
- ]
- ]
- |rewrite < sym_times.
- rewrite > distr_times_minus.
- rewrite > plus_minus
- [autobatch.
- (*
- rewrite > sym_times.
- rewrite < H5.
- rewrite < sym_times.
- apply plus_to_minus.
- apply H3
- *)
- |autobatch.
- (*
- apply le_times_r.
- apply lt_to_le.
- apply H6
- *)
- ]
- ]
-(* eq case *)
- |assumption.
-(* the following case is symmetric *)
-intro.
-apply False_ind.
-cut (eq nat ((q-q1)*b+r) r1).
-cut (b \leq (q-q1)*b+r).
-cut (b \leq r1).
-apply (lt_to_not_le r1 b H4 Hcut2).
-elim Hcut.assumption.
-apply (trans_le ? ((q-q1)*b)).
-apply le_times_n.
-apply le_SO_minus.exact H6.
-rewrite < sym_plus.
-apply le_plus_n.
-rewrite < sym_times.
-rewrite > distr_times_minus.
-rewrite > plus_minus.
-rewrite > sym_times.
-rewrite < H3.
-rewrite < sym_times.
-apply plus_to_minus.
-apply H5.
-apply le_times_r.
-apply lt_to_le.
-apply H6.
-qed.
-
-theorem div_mod_spec_to_eq2 :\forall a,b,q,r,q1,r1.
-(div_mod_spec a b q r) \to (div_mod_spec a b q1 r1) \to
-(eq nat r r1).
-intros.elim H.elim H1.
-apply (inj_plus_r (q*b)).
-rewrite < H3.
-rewrite > (div_mod_spec_to_eq a b q r q1 r1 H H1).
-assumption.
-qed.
-
-theorem div_mod_spec_times : \forall n,m:nat.div_mod_spec ((S n)*m) (S n) m O.
-intros.constructor 1.
-unfold lt.apply le_S_S.apply le_O_n.
-rewrite < plus_n_O.rewrite < sym_times.reflexivity.
-qed.
-
-(* some properties of div and mod *)
-theorem div_times: \forall n,m:nat. ((S n)*m) / (S n) = m.
-intros.
-apply (div_mod_spec_to_eq ((S n)*m) (S n) ? ? ? O).
-goal 15. (* ?11 is closed with the following tactics *)
-apply div_mod_spec_div_mod.
-unfold lt.apply le_S_S.apply le_O_n.
-apply div_mod_spec_times.
-qed.
-
-theorem div_n_n: \forall n:nat. O < n \to n / n = S O.
-intros.
-apply (div_mod_spec_to_eq n n (n / n) (n \mod n) (S O) O).
-apply div_mod_spec_div_mod.assumption.
-constructor 1.assumption.
-rewrite < plus_n_O.simplify.rewrite < plus_n_O.reflexivity.
-qed.
-
-theorem eq_div_O: \forall n,m. n < m \to n / m = O.
-intros.
-apply (div_mod_spec_to_eq n m (n/m) (n \mod m) O n).
-apply div_mod_spec_div_mod.
-apply (le_to_lt_to_lt O n m).
-apply le_O_n.assumption.
-constructor 1.assumption.reflexivity.
-qed.
-
-theorem mod_n_n: \forall n:nat. O < n \to n \mod n = O.
-intros.
-apply (div_mod_spec_to_eq2 n n (n / n) (n \mod n) (S O) O).
-apply div_mod_spec_div_mod.assumption.
-constructor 1.assumption.
-rewrite < plus_n_O.simplify.rewrite < plus_n_O.reflexivity.
-qed.
-
-theorem mod_S: \forall n,m:nat. O < m \to S (n \mod m) < m \to
-((S n) \mod m) = S (n \mod m).
-intros.
-apply (div_mod_spec_to_eq2 (S n) m ((S n) / m) ((S n) \mod m) (n / m) (S (n \mod m))).
-apply div_mod_spec_div_mod.assumption.
-constructor 1.assumption.rewrite < plus_n_Sm.
-apply eq_f.
-apply div_mod.
-assumption.
-qed.
-
-theorem mod_O_n: \forall n:nat.O \mod n = O.
-intro.elim n.simplify.reflexivity.
-simplify.reflexivity.
-qed.
-
-theorem lt_to_eq_mod:\forall n,m:nat. n < m \to n \mod m = n.
-intros.
-apply (div_mod_spec_to_eq2 n m (n/m) (n \mod m) O n).
-apply div_mod_spec_div_mod.
-apply (le_to_lt_to_lt O n m).apply le_O_n.assumption.
-constructor 1.
-assumption.reflexivity.
-qed.
-
-(* injectivity *)
-theorem injective_times_r: \forall n:nat.injective nat nat (\lambda m:nat.(S n)*m).
-change with (\forall n,p,q:nat.(S n)*p = (S n)*q \to p=q).
-intros.
-rewrite < (div_times n).
-rewrite < (div_times n q).
-apply eq_f2.assumption.
-reflexivity.
-qed.
-
-variant inj_times_r : \forall n,p,q:nat.(S n)*p = (S n)*q \to p=q \def
-injective_times_r.
-
-theorem lt_O_to_injective_times_r: \forall n:nat. O < n \to injective nat nat (\lambda m:nat.n*m).
-simplify.
-intros 4.
-apply (lt_O_n_elim n H).intros.
-apply (inj_times_r m).assumption.
-qed.
-
-variant inj_times_r1:\forall n. O < n \to \forall p,q:nat.n*p = n*q \to p=q
-\def lt_O_to_injective_times_r.
-
-theorem injective_times_l: \forall n:nat.injective nat nat (\lambda m:nat.m*(S n)).
-simplify.
-intros.
-apply (inj_times_r n x y).
-rewrite < sym_times.
-rewrite < (sym_times y).
-assumption.
-qed.
-
-variant inj_times_l : \forall n,p,q:nat. p*(S n) = q*(S n) \to p=q \def
-injective_times_l.
-
-theorem lt_O_to_injective_times_l: \forall n:nat. O < n \to injective nat nat (\lambda m:nat.m*n).
-simplify.
-intros 4.
-apply (lt_O_n_elim n H).intros.
-apply (inj_times_l m).assumption.
-qed.
-
-variant inj_times_l1:\forall n. O < n \to \forall p,q:nat.p*n = q*n \to p=q
-\def lt_O_to_injective_times_l.
-
-(* n_divides computes the pair (div,mod) *)
-
-(* p is just an upper bound, acc is an accumulator *)
-let rec n_divides_aux p n m acc \def
- match n \mod m with
- [ O \Rightarrow
- match p with
- [ O \Rightarrow pair nat nat acc n
- | (S p) \Rightarrow n_divides_aux p (n / m) m (S acc)]
- | (S a) \Rightarrow pair nat nat acc n].
-
-(* n_divides n m = <q,r> if m divides n q times, with remainder r *)
-definition n_divides \def \lambda n,m:nat.n_divides_aux n n m O.
-
-(*a simple variant of div_times theorem *)
-theorem div_times_ltO: \forall a,b:nat. O \lt b \to
-a*b/b = a.
-intros.
-rewrite > sym_times.
-rewrite > (S_pred b H).
-apply div_times.
-qed.