lean2/library/data/nat/sub.lean

--- Copyright (c) 2014 Floris van Doorn. All rights reserved.
--- Released under Apache 2.0 license as described in the file LICENSE.
--- Author: Floris van Doorn

-- data.nat.sub
-- ============
--
-- Subtraction on the natural numbers, as well as min, max, and distance.

import data.nat.order
import tools.fake_simplifier

open nat eq.ops tactic
open helper_tactics
open fake_simplifier

namespace nat

-- subtraction
-- -----------

definition sub (n m : ℕ) : nat := rec n (fun m x, pred x) m
infixl `-` := sub

theorem sub_zero_right (n : ℕ) : n - 0 = n

theorem sub_succ_right (n m : ℕ) : n - succ m = pred (n - m)

irreducible sub

theorem sub_zero_left (n : ℕ) : 0 - n = 0 :=
induction_on n !sub_zero_right
  (take k : nat,
    assume IH : 0 - k = 0,
    calc
      0 - succ k = pred (0 - k) : !sub_succ_right
             ... = pred 0       : {IH}
             ... = 0            : pred.zero)

theorem sub_succ_succ (n m : ℕ) : succ n - succ m = n - m :=
induction_on m
  (calc
    succ n - 1 = pred (succ n - 0) : !sub_succ_right
           ... = pred (succ n)     : {!sub_zero_right}
           ... = n                 : !pred.succ
           ... = n - 0             : !sub_zero_right⁻¹)
  (take k : nat,
    assume IH : succ n - succ k = n - k,
    calc
      succ n - succ (succ k) = pred (succ n - succ k) : !sub_succ_right
                         ... = pred (n - k)           : {IH}
                         ... = n - succ k             : !sub_succ_right⁻¹)

theorem sub_self (n : ℕ) : n - n = 0 :=
induction_on n !sub_zero_right (take k IH, !sub_succ_succ ⬝ IH)

theorem sub_add_add_right (n k m : ℕ) : (n + k) - (m + k) = n - m :=
induction_on k
  (calc
    (n + 0) - (m + 0) = n - (m + 0) : {!add.zero_right}
                  ... = n - m       : {!add.zero_right})
  (take l : nat,
    assume IH : (n + l) - (m + l) = n - m,
    calc
      (n + succ l) - (m + succ l) = succ (n + l) - (m + succ l) : {!add.succ_right}
                              ... = succ (n + l) - succ (m + l) : {!add.succ_right}
                              ... = (n + l) - (m + l)           : !sub_succ_succ
                              ... =  n - m                      : IH)

theorem sub_add_add_left (k n m : ℕ) : (k + n) - (k + m) = n - m :=
!add.comm ▸ !add.comm ▸ !sub_add_add_right

theorem sub_add_left (n m : ℕ) : n + m - m = n :=
induction_on m
  (!add.zero_right⁻¹ ▸ !sub_zero_right)
  (take k : ℕ,
    assume IH : n + k - k = n,
    calc
      n + succ k - succ k = succ (n + k) - succ k : {!add.succ_right}
                      ... = n + k - k             : !sub_succ_succ
                      ... = n                     : IH)

-- TODO: add_sub_inv'
theorem sub_add_left2 (n m : ℕ) : n + m - n = m :=
!add.comm ▸ !sub_add_left

theorem sub_sub (n m k : ℕ) : n - m - k = n - (m + k) :=
induction_on k
  (calc
    n - m - 0 = n - m        : !sub_zero_right
          ... =  n - (m + 0) : {!add.zero_right⁻¹})
  (take l : nat,
    assume IH : n - m - l = n - (m + l),
    calc
      n - m - succ l = pred (n - m - l)   : !sub_succ_right
                 ... = pred (n - (m + l)) : {IH}
                 ... = n - succ (m + l)   : !sub_succ_right⁻¹
                 ... = n - (m + succ l)   : {!add.succ_right⁻¹})

theorem succ_sub_sub (n m k : ℕ) : succ n - m - succ k = n - m - k :=
calc
  succ n - m - succ k = succ n - (m + succ k) : !sub_sub
                  ... = succ n - succ (m + k) : {!add.succ_right}
                  ... = n - (m + k)           : !sub_succ_succ
                  ... = n - m - k             : !sub_sub⁻¹

theorem sub_add_right_eq_zero (n m : ℕ) : n - (n + m) = 0 :=
calc
  n - (n + m) = n - n - m : !sub_sub⁻¹
          ... = 0 - m     : {!sub_self}
          ... = 0         : !sub_zero_left

theorem sub_comm (m n k : ℕ) : m - n - k = m - k - n :=
calc
  m - n - k = m - (n + k) : !sub_sub
        ... = m - (k + n) : {!add.comm}
        ... = m - k - n   : !sub_sub⁻¹

theorem sub_one (n : ℕ) : n - 1 = pred n :=
calc
  n - 1 = pred (n - 0) : !sub_succ_right
    ... = pred n       : {!sub_zero_right}

theorem succ_sub_one (n : ℕ) : succ n - 1 = n :=
!sub_succ_succ ⬝ !sub_zero_right

-- add_rewrite sub_add_left

-- ### interaction with multiplication

theorem mul_pred_left (n m : ℕ) : pred n * m = n * m - m :=
induction_on n
  (calc
    pred 0 * m = 0 * m     : {pred.zero}
           ... = 0         : !mul.zero_left
           ... = 0 - m     : !sub_zero_left⁻¹
           ... = 0 * m - m : {!mul.zero_left⁻¹})
  (take k : nat,
    assume IH : pred k * m = k * m - m,
    calc
      pred (succ k) * m = k * m          : {!pred.succ}
                    ... = k * m + m - m  : !sub_add_left⁻¹
                    ... = succ k * m - m : {!mul.succ_left⁻¹})

theorem mul_pred_right (n m : ℕ) : n * pred m = n * m - n :=
calc n * pred m = pred m * n : !mul.comm
            ... = m * n - n  : !mul_pred_left
            ... = n * m - n  : {!mul.comm}

theorem mul_sub_distr_right (n m k : ℕ) : (n - m) * k = n * k - m * k :=
induction_on m
  (calc
    (n - 0) * k = n * k         : {!sub_zero_right}
            ... = n * k - 0     : !sub_zero_right⁻¹
            ... = n * k - 0 * k : {!mul.zero_left⁻¹})
  (take l : nat,
    assume IH : (n - l) * k = n * k - l * k,
    calc
      (n - succ l) * k = pred (n - l) * k     : {!sub_succ_right}
                   ... = (n - l) * k - k      : !mul_pred_left
                   ... = n * k - l * k - k    : {IH}
                   ... = n * k - (l * k + k)  : !sub_sub
                   ... = n * k - (succ l * k) : {!mul.succ_left⁻¹})

theorem mul_sub_distr_left (n m k : ℕ) : n * (m - k) = n * m - n * k :=
calc
  n * (m - k) = (m - k) * n   : !mul.comm
          ... = m * n - k * n : !mul_sub_distr_right
          ... = n * m - k * n : {!mul.comm}
          ... = n * m - n * k : {!mul.comm}

-- ### interaction with inequalities

theorem succ_sub {m n : ℕ} : m ≥ n → succ m - n  = succ (m - n) :=
sub_induction n m
  (take k,
    assume H : 0 ≤ k,
    calc
      succ k - 0 = succ k       : !sub_zero_right
             ... = succ (k - 0) : {!sub_zero_right⁻¹})
  (take k,
    assume H : succ k ≤ 0,
    absurd H !not_succ_zero_le)
  (take k l,
    assume IH : k ≤ l → succ l - k = succ (l - k),
    take H : succ k ≤ succ l,
    calc
      succ (succ l) - succ k = succ l - k             : !sub_succ_succ
                         ... = succ (l - k)           : IH (succ_le_cancel H)
                         ... = succ (succ l - succ k) : {!sub_succ_succ⁻¹})

theorem le_imp_sub_eq_zero {n m : ℕ} (H : n ≤ m) : n - m = 0 :=
obtain (k : ℕ) (Hk : n + k = m), from le_elim H, Hk ▸ !sub_add_right_eq_zero

theorem add_sub_le {n m : ℕ} : n ≤ m → n + (m - n) = m :=
sub_induction n m
  (take k,
    assume H : 0 ≤ k,
    calc
      0 + (k - 0) = k - 0 : !add.zero_left
              ... = k     : !sub_zero_right)
  (take k, assume H : succ k ≤ 0, absurd H !not_succ_zero_le)
  (take k l,
    assume IH : k ≤ l → k + (l - k) = l,
    take H : succ k ≤ succ l,
    calc
      succ k + (succ l - succ k) = succ k + (l - k)   : {!sub_succ_succ}
                             ... = succ (k + (l - k)) : !add.succ_left
                             ... = succ l             : {IH (succ_le_cancel H)})

theorem add_sub_ge_left {n m : ℕ} : n ≥ m → n - m + m = n :=
!add.comm ▸ !add_sub_le

theorem add_sub_ge {n m : ℕ} (H : n ≥ m) : n + (m - n) = n :=
calc
  n + (m - n) = n + 0 : {le_imp_sub_eq_zero H}
          ... = n     : !add.zero_right

theorem add_sub_le_left {n m : ℕ} : n ≤ m → n - m + m = m :=
!add.comm ▸ add_sub_ge

theorem le_add_sub_left (n m : ℕ) : n ≤ n + (m - n) :=
or.elim !le_total
  (assume H : n ≤ m, (add_sub_le H)⁻¹ ▸ H)
  (assume H : m ≤ n, (add_sub_ge H)⁻¹ ▸ !le_refl)

theorem le_add_sub_right (n m : ℕ) : m ≤ n + (m - n) :=
or.elim !le_total
  (assume H : n ≤ m, (add_sub_le H)⁻¹ ▸ !le_refl)
  (assume H : m ≤ n, (add_sub_ge H)⁻¹ ▸ H)

theorem sub_split {P : ℕ → Prop} {n m : ℕ} (H1 : n ≤ m → P 0) (H2 : ∀k, m + k = n -> P k)
  : P (n - m) :=
or.elim !le_total
  (assume H3 : n ≤ m, (le_imp_sub_eq_zero H3)⁻¹ ▸ (H1 H3))
  (assume H3 : m ≤ n, H2 (n - m) (add_sub_le H3))

theorem sub_le_self (n m : ℕ) : n - m ≤ n :=
sub_split
  (assume H : n ≤ m, !zero_le)
  (take k : ℕ, assume H : m + k = n, le_intro (!add.comm ▸ H))

theorem le_elim_sub {n m : ℕ} (H : n ≤ m) : ∃k, m - k = n :=
obtain (k : ℕ) (Hk : n + k = m), from le_elim H,
exists_intro k
  (calc
    m - k = n + k - k : {Hk⁻¹}
      ... = n         : !sub_add_left)

theorem add_sub_assoc {m k : ℕ} (H : k ≤ m) (n : ℕ) : n + m - k = n + (m - k) :=
have l1 : k ≤ m → n + m - k = n + (m - k), from
  sub_induction k m
    (take m : ℕ,
      assume H : 0 ≤ m,
      calc
        n + m - 0 = n + m       : !sub_zero_right
              ... = n + (m - 0) : {!sub_zero_right⁻¹})
    (take k : ℕ, assume H : succ k ≤ 0, absurd H !not_succ_zero_le)
    (take k m,
      assume IH : k ≤ m → n + m - k = n + (m - k),
      take H : succ k ≤ succ m,
      calc
        n + succ m - succ k = succ (n + m) - succ k : {!add.succ_right}
                        ... = n + m - k             : !sub_succ_succ
                        ... = n + (m - k)           : IH (succ_le_cancel H)
                        ... = n + (succ m - succ k) : {!sub_succ_succ⁻¹}),
l1 H

theorem sub_eq_zero_imp_le {n m : ℕ} : n - m = 0 → n ≤ m :=
sub_split
  (assume H1 : n ≤ m, assume H2 : 0 = 0, H1)
  (take k : ℕ,
    assume H1 : m + k = n,
    assume H2 : k = 0,
    have H3 : n = m, from !add.zero_right ▸ H2 ▸ H1⁻¹,
    H3 ▸ !le_refl)

theorem sub_sub_split {P : ℕ → ℕ → Prop} {n m : ℕ} (H1 : ∀k, n = m + k -> P k 0)
  (H2 : ∀k, m = n + k → P 0 k) : P (n - m) (m - n) :=
or.elim !le_total
  (assume H3 : n ≤ m,
    le_imp_sub_eq_zero H3⁻¹ ▸  (H2 (m - n) (add_sub_le H3⁻¹)))
  (assume H3 : m ≤ n,
    le_imp_sub_eq_zero H3⁻¹ ▸ (H1 (n - m) (add_sub_le H3⁻¹)))

theorem sub_intro {n m k : ℕ} (H : n + m = k) : k - n = m :=
have H2 : k - n + n = m + n, from
  calc
    k - n + n = k     : add_sub_ge_left (le_intro H)
          ... = n + m : H⁻¹
          ... = m + n : !add.comm,
add.cancel_right H2

theorem sub_lt {x y : ℕ} (xpos : x > 0) (ypos : y > 0) : x - y < x :=
obtain (x' : ℕ) (xeq : x = succ x'), from pos_imp_eq_succ xpos,
obtain (y' : ℕ) (yeq : y = succ y'), from pos_imp_eq_succ ypos,
have xsuby_eq : x - y = x' - y', from calc
  x - y = succ x' - y       : {xeq}
    ... = succ x' - succ y' : {yeq}
    ... = x' - y'           : !sub_succ_succ,
have H1 : x' - y' ≤ x', from !sub_le_self,
have H2 : x' < succ x', from !self_lt_succ,
show x - y < x, from xeq⁻¹ ▸ xsuby_eq⁻¹ ▸ le_lt_trans H1 H2

theorem sub_le_right {n m : ℕ} (H : n ≤ m) (k : nat) : n - k ≤ m - k :=
obtain (l : ℕ) (Hl : n + l = m), from le_elim H,
or.elim !le_total
  (assume H2 : n ≤ k, (le_imp_sub_eq_zero H2)⁻¹ ▸ !zero_le)
  (assume H2 : k ≤ n,
    have H3 : n - k + l = m - k, from
      calc
        n - k + l = l + (n - k) : by simp
              ... = l + n - k   : (add_sub_assoc H2 l)⁻¹
              ... = n + l - k   : {!add.comm}
              ... = m - k       : {Hl},
    le_intro H3)

theorem sub_le_left {n m : ℕ} (H : n ≤ m) (k : nat) : k - m ≤ k - n :=
obtain (l : ℕ) (Hl : n + l = m), from le_elim H,
sub_split
  (assume H2 : k ≤ m, !zero_le)
  (take m' : ℕ,
    assume Hm : m + m' = k,
    have H3 : n ≤ k, from le_trans H (le_intro Hm),
    have H4 : m' + l + n = k - n + n, from
      calc
        m' + l + n = n + l + m' : by simp
               ... = m + m'     : {Hl}
               ... = k          : Hm
               ... = k - n + n  : (add_sub_ge_left H3)⁻¹,
    le_intro (add.cancel_right H4))

-- theorem sub_lt_cancel_right {n m k : ℕ) (H : n - k < m - k) : n < m
-- :=
--   _

-- theorem sub_lt_cancel_left {n m k : ℕ) (H : n - m < n - k) : k < m
-- :=
--   _

theorem sub_triangle_inequality (n m k : ℕ) : n - k ≤ (n - m) + (m - k) :=
sub_split
  (assume H : n ≤ m, !add.zero_left⁻¹ ▸ sub_le_right H k)
  (take mn : ℕ,
    assume Hmn : m + mn = n,
    sub_split
      (assume H : m ≤ k,
        have H2 : n - k ≤ n - m, from sub_le_left H n,
        have H3 : n - k ≤ mn, from sub_intro Hmn ▸ H2,
        show n - k ≤ mn + 0, from !add.zero_right⁻¹ ▸ H3)
      (take km : ℕ,
        assume Hkm : k + km = m,
        have H : k + (mn + km) = n, from
          calc
            k + (mn + km) = k + km + mn : by simp
                      ... = m + mn      : {Hkm}
                      ... = n           : Hmn,
        have H2 : n - k = mn + km, from sub_intro H,
        H2 ▸ !le_refl))


-- add_rewrite sub_self mul_sub_distr_left mul_sub_distr_right


-- Max, min, iteration, and absolute difference
-- --------------------------------------------

definition max (n m : ℕ) : ℕ := n + (m - n)
definition min (n m : ℕ) : ℕ := m - (m - n)

theorem max_le {n m : ℕ} (H : n ≤ m) : n + (m - n) = m := add_sub_le H

theorem max_ge {n m : ℕ} (H : n ≥ m) : n + (m - n) = n := add_sub_ge H

theorem left_le_max (n m : ℕ) : n ≤ n + (m - n) := !le_add_sub_left

theorem right_le_max (n m : ℕ) : m ≤ max n m := !le_add_sub_right

-- ### absolute difference

-- This section is still incomplete

definition dist (n m : ℕ) := (n - m) + (m - n)

theorem dist_comm (n m : ℕ) : dist n m = dist m n :=
!add.comm

theorem dist_self (n : ℕ) : dist n n = 0 :=
calc
  (n - n) + (n - n) = 0 + 0 : by simp
                ... = 0     : by simp

theorem dist_eq_zero {n m : ℕ} (H : dist n m = 0) : n = m :=
have H2 : n - m = 0, from add.eq_zero_left H,
have H3 : n ≤ m, from sub_eq_zero_imp_le H2,
have H4 : m - n = 0, from add.eq_zero_right H,
have H5 : m ≤ n, from sub_eq_zero_imp_le H4,
le_antisym H3 H5

theorem dist_le {n m : ℕ} (H : n ≤ m) : dist n m = m - n :=
calc
  dist n m = 0 + (m - n) : {le_imp_sub_eq_zero H}
       ... = m - n       : !add.zero_left

theorem dist_ge {n m : ℕ} (H : n ≥ m) : dist n m = n - m :=
!dist_comm ▸ dist_le H

theorem dist_zero_right (n : ℕ) : dist n 0 = n :=
dist_ge !zero_le ⬝ !sub_zero_right

theorem dist_zero_left (n : ℕ) : dist 0 n = n :=
dist_le !zero_le ⬝ !sub_zero_right

theorem dist_intro {n m k : ℕ} (H : n + m = k) : dist k n = m :=
calc
  dist k n = k - n : dist_ge (le_intro H)
           ... = m : sub_intro H

theorem dist_add_right (n k m : ℕ) : dist (n + k) (m + k) = dist n m :=
calc
  dist (n + k) (m + k) = ((n+k) - (m+k)) + ((m+k)-(n+k)) : rfl
                   ... = (n - m) + ((m + k) - (n + k))   : {!sub_add_add_right}
                   ... = (n - m) + (m - n)               : {!sub_add_add_right}

theorem dist_add_left (k n m : ℕ) : dist (k + n) (k + m) = dist n m :=
!add.comm ▸ !add.comm ▸ !dist_add_right

-- add_rewrite dist_self dist_add_right dist_add_left dist_zero_left dist_zero_right

theorem dist_ge_add_right {n m : ℕ} (H : n ≥ m) : dist n m + m = n :=
calc
  dist n m + m = n - m + m : {dist_ge H}
           ... = n         : add_sub_ge_left H

theorem dist_eq_intro {n m k l : ℕ} (H : n + m = k + l) : dist n k = dist l m :=
calc
  dist n k = dist (n + m) (k + m) : !dist_add_right⁻¹
       ... = dist (k + l) (k + m) : {H}
       ... = dist l m             : !dist_add_left

theorem dist_sub_move_add {n m : ℕ} (H : n ≥ m) (k : ℕ) : dist (n - m) k = dist n (k + m) :=
have H2 : n - m + (k + m) = k + n, from
  calc
    n - m + (k + m) = n - m + m + k : by simp
                ... = n + k         : {add_sub_ge_left H}
                ... = k + n         : by simp,
dist_eq_intro H2

theorem dist_sub_move_add' {k m : ℕ} (H : k ≥ m) (n : ℕ) : dist n (k - m) = dist (n + m) k :=
(dist_sub_move_add H n ▸ !dist_comm) ▸ !dist_comm

--triangle inequality formulated with dist
theorem triangle_inequality (n m k : ℕ) : dist n k ≤ dist n m + dist m k :=
have H : (n - m) + (m - k) + ((k - m) + (m - n)) = (n - m) + (m - n) + ((m - k) + (k - m)),
  by simp,
H ▸ add_le !sub_triangle_inequality !sub_triangle_inequality

theorem dist_add_le_add_dist (n m k l : ℕ) : dist (n + m) (k + l) ≤ dist n k + dist m l :=
have H : dist (n + m) (k + m) + dist (k + m) (k + l) = dist n k + dist m l, from
  !dist_add_left ▸ !dist_add_right ▸ rfl,
H ▸ !triangle_inequality

--interaction with multiplication

theorem dist_mul_left (k n m : ℕ) : dist (k * n) (k * m) = k * dist n m :=
have H : ∀n m, dist n m = n - m + (m - n), from take n m, rfl,
by simp

theorem dist_mul_right (n k m : ℕ) : dist (n * k) (m * k) = dist n m * k :=
have H : ∀n m, dist n m = n - m + (m - n), from take n m, rfl,
by simp

-- add_rewrite dist_mul_right dist_mul_left dist_comm

--needed to prove of_nat a * of_nat b = of_nat (a * b) in int
theorem dist_mul_dist (n m k l : ℕ) : dist n m * dist k l = dist (n * k + m * l) (n * l + m * k) :=
have aux : ∀k l, k ≥ l → dist n m * dist k l = dist (n * k + m * l) (n * l + m * k), from
  take k l : ℕ,
  assume H : k ≥ l,
  have H2 : m * k ≥ m * l, from mul_le_left H m,
  have H3 : n * l + m * k ≥ m * l, from le_trans H2 !le_add_left,
  calc
    dist n m * dist k l = dist n m * (k - l)       : {dist_ge H}
      ... = dist (n * (k - l)) (m * (k - l))       : !dist_mul_right⁻¹
      ... = dist (n * k - n * l) (m * k - m * l)   : by simp
      ... = dist (n * k) (m * k - m * l + n * l)   : dist_sub_move_add (mul_le_left H n) _
      ... = dist (n * k) (n * l + (m * k - m * l)) : {!add.comm}
      ... = dist (n * k) (n * l + m * k - m * l)   : {(add_sub_assoc H2 (n * l))⁻¹}
      ... = dist (n * k + m * l) (n * l + m * k)   : dist_sub_move_add' H3 _,
or.elim !le_total
  (assume H : k ≤ l, !dist_comm ▸ !dist_comm ▸ aux l k H)
  (assume H : l ≤ k, aux k l H)

end nat