Commit 0fde67d6 authored by Raphael Rieu-Helft's avatar Raphael Rieu-Helft

Finish square root proof

parent b9405b26
......@@ -23,8 +23,8 @@
<proof prover="3"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="VC wmpn_add_1.3" expl="loop invariant init" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
<proof prover="5" timelimit="5"><result status="valid" time="0.04" steps="21"/></proof>
<proof prover="3"><result status="valid" time="0.06"/></proof>
<proof prover="5" timelimit="5"><result status="valid" time="0.08" steps="21"/></proof>
</goal>
<goal name="VC wmpn_add_1.4" expl="loop invariant init" proved="true">
<proof prover="5" timelimit="5"><result status="valid" time="0.01" steps="23"/></proof>
......@@ -34,7 +34,7 @@
<proof prover="5" timelimit="5"><result status="valid" time="0.04" steps="26"/></proof>
</goal>
<goal name="VC wmpn_add_1.6" expl="loop invariant init" proved="true">
<proof prover="5" timelimit="5"><result status="valid" time="0.06" steps="94"/></proof>
<proof prover="2"><result status="valid" time="0.16"/></proof>
</goal>
<goal name="VC wmpn_add_1.7" expl="loop invariant init" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
......@@ -75,7 +75,7 @@
<proof prover="2"><result status="valid" time="0.11"/></proof>
</goal>
<goal name="VC wmpn_add_1.16" expl="assertion" proved="true">
<proof prover="5"><result status="valid" time="0.68" steps="52"/></proof>
<proof prover="5"><result status="valid" time="0.43" steps="52"/></proof>
</goal>
<goal name="VC wmpn_add_1.17" expl="loop invariant init" proved="true">
<proof prover="2"><result status="valid" time="0.08"/></proof>
......@@ -96,7 +96,7 @@
<proof prover="2"><result status="valid" time="0.11"/></proof>
</goal>
<goal name="VC wmpn_add_1.23" expl="assertion" proved="true">
<proof prover="5"><result status="valid" time="1.13" steps="197"/></proof>
<proof prover="5"><result status="valid" time="0.82" steps="197"/></proof>
</goal>
<goal name="VC wmpn_add_1.24" expl="precondition" proved="true">
<proof prover="2"><result status="valid" time="0.04"/></proof>
......@@ -117,7 +117,7 @@
<proof prover="2"><result status="valid" time="0.09"/></proof>
</goal>
<goal name="VC wmpn_add_1.30" expl="loop invariant preservation" proved="true">
<proof prover="5"><result status="valid" time="0.81" steps="77"/></proof>
<proof prover="5"><result status="valid" time="0.55" steps="77"/></proof>
</goal>
<goal name="VC wmpn_add_1.31" expl="loop invariant preservation" proved="true">
<proof prover="2"><result status="valid" time="0.24"/></proof>
......@@ -214,11 +214,11 @@
<proof prover="2"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="VC wmpn_add_1.62" expl="loop invariant init" proved="true">
<proof prover="3"><result status="valid" time="0.06"/></proof>
<proof prover="5" timelimit="5"><result status="valid" time="0.08" steps="19"/></proof>
<proof prover="3"><result status="valid" time="0.03"/></proof>
<proof prover="5" timelimit="5"><result status="valid" time="0.04" steps="19"/></proof>
</goal>
<goal name="VC wmpn_add_1.63" expl="loop invariant init" proved="true">
<proof prover="2"><result status="valid" time="0.16"/></proof>
<proof prover="5" timelimit="5"><result status="valid" time="0.06" steps="83"/></proof>
</goal>
<goal name="VC wmpn_add_1.64" expl="loop invariant init" proved="true">
<proof prover="3"><result status="valid" time="0.02"/></proof>
......@@ -272,21 +272,21 @@
<goal name="VC wmpn_add_n" expl="VC for wmpn_add_n" proved="true">
<transf name="split_goal_right" proved="true" >
<goal name="VC wmpn_add_n.0" expl="loop invariant init" proved="true">
<transf name="split_goal_right" proved="true" >
<goal name="VC wmpn_add_n.0.0" expl="VC for wmpn_add_n" proved="true">
<proof prover="5" timelimit="5" memlimit="2000"><result status="valid" time="0.03" steps="10"/></proof>
</goal>
<goal name="VC wmpn_add_n.0.1" expl="VC for wmpn_add_n" proved="true">
<proof prover="0"><result status="valid" time="0.02"/></proof>
</goal>
</transf>
<proof prover="3"><result status="valid" time="0.03"/></proof>
<proof prover="5" timelimit="5"><result status="valid" time="0.10" steps="11"/></proof>
</goal>
<goal name="VC wmpn_add_n.1" expl="loop invariant init" proved="true">
<proof prover="5" timelimit="5"><result status="valid" time="0.03" steps="67"/></proof>
</goal>
<goal name="VC wmpn_add_n.2" expl="loop invariant init" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
<proof prover="5" timelimit="5"><result status="valid" time="0.10" steps="13"/></proof>
<transf name="split_goal_right" proved="true" >
<goal name="VC wmpn_add_n.2.0" expl="VC for wmpn_add_n" proved="true">
<proof prover="5" timelimit="5" memlimit="2000"><result status="valid" time="0.03" steps="13"/></proof>
</goal>
<goal name="VC wmpn_add_n.2.1" expl="VC for wmpn_add_n" proved="true">
<proof prover="0"><result status="valid" time="0.02"/></proof>
</goal>
</transf>
</goal>
<goal name="VC wmpn_add_n.3" expl="loop invariant init" proved="true">
<proof prover="3"><result status="valid" time="0.01"/></proof>
......@@ -379,13 +379,13 @@
<goal name="VC wmpn_add" expl="VC for wmpn_add" proved="true">
<transf name="split_goal_right" proved="true" >
<goal name="VC wmpn_add.0" expl="loop invariant init" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
<proof prover="5" timelimit="5"><result status="valid" time="0.07" steps="12"/></proof>
</goal>
<goal name="VC wmpn_add.1" expl="loop invariant init" proved="true">
<proof prover="5"><result status="valid" time="0.03" steps="75"/></proof>
</goal>
<goal name="VC wmpn_add.2" expl="loop invariant init" proved="true">
<proof prover="5" timelimit="5"><result status="valid" time="0.07" steps="14"/></proof>
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="VC wmpn_add.3" expl="loop invariant init" proved="true">
<proof prover="3"><result status="valid" time="0.01"/></proof>
......@@ -488,7 +488,7 @@
<goal name="VC wmpn_add.26" expl="precondition" proved="true">
<transf name="split_goal_right" proved="true" >
<goal name="VC wmpn_add.26.0" expl="VC for wmpn_add" proved="true">
<proof prover="0"><result status="valid" time="5.27"/></proof>
<proof prover="0"><result status="valid" time="4.39"/></proof>
</goal>
<goal name="VC wmpn_add.26.1" expl="VC for wmpn_add" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
......@@ -505,7 +505,7 @@
<proof prover="2"><result status="valid" time="0.10"/></proof>
</goal>
<goal name="VC wmpn_add.30" expl="integer overflow" proved="true">
<proof prover="5" timelimit="5"><result status="valid" time="0.18" steps="67"/></proof>
<proof prover="5" timelimit="5"><result status="valid" time="0.02" steps="67"/></proof>
</goal>
<goal name="VC wmpn_add.31" expl="assertion" proved="true">
<proof prover="2"><result status="valid" time="0.21"/></proof>
......@@ -529,7 +529,7 @@
<proof prover="2"><result status="valid" time="0.11"/></proof>
</goal>
<goal name="VC wmpn_add.38" expl="precondition" proved="true">
<proof prover="5" timelimit="5"><result status="valid" time="0.40" steps="82"/></proof>
<proof prover="5" timelimit="5"><result status="valid" time="0.25" steps="82"/></proof>
</goal>
<goal name="VC wmpn_add.39" expl="precondition" proved="true">
<proof prover="2"><result status="valid" time="0.14"/></proof>
......@@ -541,10 +541,10 @@
<proof prover="3"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="VC wmpn_add.42" expl="assertion" proved="true">
<proof prover="0"><result status="valid" time="1.08"/></proof>
<proof prover="0"><result status="valid" time="0.85"/></proof>
</goal>
<goal name="VC wmpn_add.43" expl="assertion" proved="true">
<proof prover="5" timelimit="5"><result status="valid" time="0.42" steps="78"/></proof>
<proof prover="5" timelimit="5"><result status="valid" time="0.26" steps="78"/></proof>
</goal>
<goal name="VC wmpn_add.44" expl="integer overflow" proved="true">
<proof prover="5" timelimit="5"><result status="valid" time="0.28" steps="96"/></proof>
......@@ -563,7 +563,7 @@
</transf>
</goal>
<goal name="VC wmpn_add.48" expl="loop invariant preservation" proved="true">
<proof prover="5"><result status="valid" time="0.51" steps="83"/></proof>
<proof prover="5"><result status="valid" time="0.32" steps="83"/></proof>
</goal>
<goal name="VC wmpn_add.49" expl="loop invariant preservation" proved="true">
<proof prover="2"><result status="valid" time="0.13"/></proof>
......@@ -633,7 +633,7 @@
<proof prover="3"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="VC wmpn_add.70" expl="assertion" proved="true">
<proof prover="0"><result status="valid" time="1.26"/></proof>
<proof prover="0"><result status="valid" time="0.86"/></proof>
</goal>
<goal name="VC wmpn_add.71" expl="assertion" proved="true">
<proof prover="5"><result status="valid" time="0.07" steps="59"/></proof>
......@@ -700,13 +700,13 @@
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="VC wmpn_add.90" expl="assertion" proved="true">
<proof prover="0" timelimit="10"><result status="valid" time="1.10"/></proof>
<proof prover="0" timelimit="10"><result status="valid" time="0.85"/></proof>
</goal>
<goal name="VC wmpn_add.91" expl="assertion" proved="true">
<proof prover="5"><result status="valid" time="0.02" steps="47"/></proof>
</goal>
<goal name="VC wmpn_add.92" expl="integer overflow" proved="true">
<proof prover="5" timelimit="5"><result status="valid" time="0.02" steps="65"/></proof>
<proof prover="5" timelimit="5"><result status="valid" time="0.04" steps="65"/></proof>
</goal>
<goal name="VC wmpn_add.93" expl="loop variant decrease" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
......@@ -737,13 +737,13 @@
<goal name="VC wmpn_add_in_place" expl="VC for wmpn_add_in_place" proved="true">
<transf name="split_goal_right" proved="true" >
<goal name="VC wmpn_add_in_place.0" expl="loop invariant init" proved="true">
<proof prover="2" timelimit="5" memlimit="2000"><result status="valid" time="0.06"/></proof>
<proof prover="2" timelimit="5" memlimit="2000"><result status="valid" time="0.07"/></proof>
</goal>
<goal name="VC wmpn_add_in_place.1" expl="loop invariant init" proved="true">
<proof prover="5" timelimit="5" memlimit="2000"><result status="valid" time="0.04" steps="62"/></proof>
</goal>
<goal name="VC wmpn_add_in_place.2" expl="loop invariant init" proved="true">
<proof prover="2" timelimit="5" memlimit="2000"><result status="valid" time="0.07"/></proof>
<proof prover="2" timelimit="5" memlimit="2000"><result status="valid" time="0.06"/></proof>
</goal>
<goal name="VC wmpn_add_in_place.3" expl="loop invariant init" proved="true">
<proof prover="0"><result status="valid" time="0.01"/></proof>
......@@ -908,7 +908,7 @@
<proof prover="5" timelimit="5" memlimit="2000"><result status="valid" time="0.38" steps="60"/></proof>
</goal>
<goal name="VC wmpn_add_in_place.42.2" expl="VC for wmpn_add_in_place" proved="true">
<proof prover="5"><result status="valid" time="0.40" steps="85"/></proof>
<proof prover="5"><result status="valid" time="0.25" steps="85"/></proof>
</goal>
<goal name="VC wmpn_add_in_place.42.3" expl="VC for wmpn_add_in_place" proved="true">
<proof prover="2"><result status="valid" time="0.03"/></proof>
......@@ -955,7 +955,7 @@
<proof prover="2"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="VC wmpn_add_in_place.56" expl="loop invariant preservation" proved="true">
<proof prover="5"><result status="valid" time="0.32" steps="85"/></proof>
<proof prover="5"><result status="valid" time="0.18" steps="85"/></proof>
</goal>
<goal name="VC wmpn_add_in_place.57" expl="loop invariant preservation" proved="true">
<proof prover="2"><result status="valid" time="0.10"/></proof>
......@@ -1087,7 +1087,7 @@
</transf>
</goal>
<goal name="VC wmpn_incr.21" expl="assertion" proved="true">
<proof prover="5"><result status="valid" time="0.60" steps="56"/></proof>
<proof prover="5"><result status="valid" time="0.43" steps="56"/></proof>
</goal>
<goal name="VC wmpn_incr.22" expl="precondition" proved="true">
<proof prover="2"><result status="valid" time="0.12"/></proof>
......@@ -1115,7 +1115,7 @@
<proof prover="2"><result status="valid" time="0.10"/></proof>
</goal>
<goal name="VC wmpn_incr.26" expl="postcondition" proved="true">
<proof prover="5"><result status="valid" time="0.70" steps="60"/></proof>
<proof prover="5"><result status="valid" time="0.52" steps="60"/></proof>
</goal>
<goal name="VC wmpn_incr.27" expl="postcondition" proved="true">
<proof prover="2"><result status="valid" time="0.26"/></proof>
......@@ -1190,10 +1190,10 @@
<proof prover="2"><result status="valid" time="0.09"/></proof>
</goal>
<goal name="VC wmpn_incr.44" expl="precondition" proved="true">
<proof prover="2"><result status="valid" time="0.03"/></proof>
<proof prover="3"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="VC wmpn_incr.45" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.01"/></proof>
<proof prover="2"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="VC wmpn_incr.46" expl="assertion" proved="true">
<proof prover="2"><result status="valid" time="0.06"/></proof>
......@@ -1212,7 +1212,7 @@
<goal name="VC wmpn_incr_1" expl="VC for wmpn_incr_1" proved="true">
<transf name="split_vc" proved="true" >
<goal name="VC wmpn_incr_1.0" expl="loop invariant init" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
<proof prover="3"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="VC wmpn_incr_1.1" expl="loop invariant init" proved="true">
<proof prover="3"><result status="valid" time="0.02"/></proof>
......@@ -1221,7 +1221,7 @@
<proof prover="3"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="VC wmpn_incr_1.3" expl="loop invariant init" proved="true">
<proof prover="3"><result status="valid" time="0.02"/></proof>
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="VC wmpn_incr_1.4" expl="loop invariant init" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
......@@ -1266,7 +1266,7 @@
<proof prover="5"><result status="valid" time="0.04" steps="56"/></proof>
</goal>
<goal name="VC wmpn_incr_1.18" expl="integer overflow" proved="true">
<proof prover="3"><result status="valid" time="0.32"/></proof>
<proof prover="3"><result status="valid" time="0.26"/></proof>
</goal>
<goal name="VC wmpn_incr_1.19" expl="assertion" proved="true">
<transf name="split_vc" proved="true" >
......@@ -1288,7 +1288,7 @@
</transf>
</goal>
<goal name="VC wmpn_incr_1.20" expl="loop variant decrease" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="VC wmpn_incr_1.21" expl="loop invariant preservation" proved="true">
<proof prover="5"><result status="valid" time="0.07" steps="118"/></proof>
......@@ -1303,7 +1303,7 @@
<proof prover="3"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="VC wmpn_incr_1.25" expl="loop invariant preservation" proved="true">
<proof prover="5"><result status="valid" time="0.02" steps="50"/></proof>
<proof prover="5"><result status="valid" time="0.05" steps="50"/></proof>
</goal>
<goal name="VC wmpn_incr_1.26" expl="loop invariant preservation" proved="true">
<proof prover="5"><result status="valid" time="0.02" steps="66"/></proof>
......@@ -1339,7 +1339,7 @@
<proof prover="5"><result status="valid" time="0.03" steps="43"/></proof>
</goal>
<goal name="VC wmpn_incr_1.37" expl="integer overflow" proved="true">
<proof prover="3"><result status="valid" time="0.26"/></proof>
<proof prover="3"><result status="valid" time="0.32"/></proof>
</goal>
<goal name="VC wmpn_incr_1.38" expl="assertion" proved="true">
<transf name="split_vc" proved="true" >
......@@ -1361,7 +1361,7 @@
</transf>
</goal>
<goal name="VC wmpn_incr_1.39" expl="loop variant decrease" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="VC wmpn_incr_1.40" expl="loop invariant preservation" proved="true">
<proof prover="5"><result status="valid" time="0.06" steps="114"/></proof>
......@@ -1376,7 +1376,7 @@
<proof prover="3"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="VC wmpn_incr_1.44" expl="loop invariant preservation" proved="true">
<proof prover="5"><result status="valid" time="0.05" steps="49"/></proof>
<proof prover="5"><result status="valid" time="0.02" steps="49"/></proof>
</goal>
<goal name="VC wmpn_incr_1.45" expl="loop invariant preservation" proved="true">
<proof prover="5"><result status="valid" time="0.04" steps="65"/></proof>
......@@ -1465,7 +1465,7 @@
<proof prover="2"><result status="valid" time="0.12"/></proof>
</goal>
<goal name="VC wmpn_add_1_in_place.15" expl="assertion" proved="true">
<proof prover="2"><result status="valid" time="1.15"/></proof>
<proof prover="2"><result status="valid" time="0.67"/></proof>
</goal>
<goal name="VC wmpn_add_1_in_place.16" expl="precondition" proved="true">
<proof prover="2"><result status="valid" time="0.04"/></proof>
......@@ -1480,7 +1480,7 @@
<proof prover="2"><result status="valid" time="0.13"/></proof>
</goal>
<goal name="VC wmpn_add_1_in_place.20" expl="assertion" proved="true">
<proof prover="5"><result status="valid" time="0.62" steps="52"/></proof>
<proof prover="5"><result status="valid" time="0.44" steps="52"/></proof>
</goal>
<goal name="VC wmpn_add_1_in_place.21" expl="precondition" proved="true">
<proof prover="2"><result status="valid" time="0.05"/></proof>
......@@ -1495,7 +1495,7 @@
<proof prover="2"><result status="valid" time="0.14"/></proof>
</goal>
<goal name="VC wmpn_add_1_in_place.25" expl="postcondition" proved="true">
<proof prover="5"><result status="valid" time="0.85" steps="56"/></proof>
<proof prover="5"><result status="valid" time="0.48" steps="56"/></proof>
</goal>
<goal name="VC wmpn_add_1_in_place.26" expl="postcondition" proved="true">
<proof prover="2"><result status="valid" time="0.07"/></proof>
......@@ -1507,7 +1507,7 @@
<proof prover="2"><result status="valid" time="0.08"/></proof>
</goal>
<goal name="VC wmpn_add_1_in_place.29" expl="assertion" proved="true">
<proof prover="5"><result status="valid" time="0.70" steps="66"/></proof>
<proof prover="5"><result status="valid" time="0.48" steps="66"/></proof>
</goal>
<goal name="VC wmpn_add_1_in_place.30" expl="loop variant decrease" proved="true">
<proof prover="2"><result status="valid" time="0.09"/></proof>
......@@ -1549,10 +1549,10 @@
<proof prover="2"><result status="valid" time="0.10"/></proof>
</goal>
<goal name="VC wmpn_add_1_in_place.43" expl="precondition" proved="true">
<proof prover="2"><result status="valid" time="0.06"/></proof>
<proof prover="2"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="VC wmpn_add_1_in_place.44" expl="precondition" proved="true">
<proof prover="2"><result status="valid" time="0.04"/></proof>
<proof prover="2"><result status="valid" time="0.06"/></proof>
</goal>
<goal name="VC wmpn_add_1_in_place.45" expl="assertion" proved="true">
<proof prover="2"><result status="valid" time="0.05"/></proof>
......
......@@ -76,7 +76,7 @@
</transf>
</goal>
<goal name="VC wmpn_cmp.16" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
<proof prover="0"><result status="valid" time="0.16"/></proof>
</goal>
<goal name="VC wmpn_cmp.17" expl="assertion" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
......@@ -103,7 +103,7 @@
</transf>
</goal>
<goal name="VC wmpn_cmp.21" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.16"/></proof>
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="VC wmpn_cmp.22" expl="loop variant decrease" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
......
This diff is collapsed.
This diff is collapsed.
......@@ -78,6 +78,14 @@ module Lemmas
meta remove_prop axiom prod_compat_lr
let lemma simp_compat_strict_l (a b c:int)
requires { 0 <= a * b < a * c }
requires { 0 < a }
ensures { b < c }
= ()
meta remove_prop axiom simp_compat_strict_l
(** {3 Integer value of a natural number} *)
(** `value_sub x n m` denotes the integer represented by
......
......@@ -6,11 +6,12 @@
<prover id="1" name="CVC3" version="2.4.1" timelimit="5" steplimit="0" memlimit="1000"/>
<prover id="2" name="CVC4" version="1.5" timelimit="1" steplimit="0" memlimit="1000"/>
<prover id="3" name="Z3" version="4.5.0" timelimit="5" steplimit="0" memlimit="1000"/>
<prover id="4" name="CVC4" version="1.6" timelimit="1" steplimit="0" memlimit="1000"/>
<prover id="5" name="Alt-Ergo" version="2.0.0" timelimit="5" steplimit="0" memlimit="1000"/>
<file>
<file proved="true">
<path name=".."/>
<path name="lemmas.mlw"/>
<theory name="Lemmas">
<theory name="Lemmas" proved="true">
<goal name="VC map_eq_shift" expl="VC for map_eq_shift" proved="true">
<transf name="split_goal_right" proved="true" >
<goal name="VC map_eq_shift.0" expl="postcondition" proved="true">
......@@ -61,7 +62,11 @@
<goal name="VC prod_compat_strict_lr" expl="VC for prod_compat_strict_lr" proved="true">
<proof prover="2"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="VC prod_compat_lr" expl="VC for prod_compat_lr">
<goal name="VC prod_compat_lr" expl="VC for prod_compat_lr" proved="true">
<proof prover="4"><result status="valid" time="0.30"/></proof>
</goal>
<goal name="VC simp_compat_strict_l" expl="VC for simp_compat_strict_l" proved="true">
<proof prover="4"><result status="valid" time="0.24"/></proof>
</goal>
<goal name="VC value_sub" expl="VC for value_sub" proved="true">
<transf name="split_goal_right" proved="true" >
......
......@@ -28,6 +28,35 @@ module Logical
ensures { mod (x * y + z) x = mod z x }
=
()
let lsl_mod_ext (x cnt: limb) : limb
requires { 0 <= cnt < Limb.length }
ensures { result = mod (x * power 2 cnt) radix }
ensures { result <= radix - power 2 cnt }
=
let r = lsl_mod x cnt in
let ghost p = power 2 (Limb.to_int cnt) in
let ghost q = power 2 (Limb.length - Limb.to_int cnt) in
assert { p * q = radix };
let ghost d = div (Limb.to_int x * p) radix in
assert { d * q >= 0 by d >= 0 so q >= 0 };
assert { mod r p = 0
by x * p = d * radix + r
so mod (x * p) p = mod (p * x + 0) p = mod 0 p = 0
so mod (d * radix + r) p = 0
so d * radix + r = p * (d * q) + r
so mod (d * radix + r) p = mod (p * (d * q) + r) p = mod r p };
assert { r <= radix - p
by mod r p = 0
so r < radix
so radix = p * power 2 (Limb.length - cnt)
so mod radix p = mod (p * q + 0) p = mod 0 p = 0
so let d1 = div r p in
let d2 = div radix p in
(r <= radix - p by
r = p * d1 so radix = p * d2 so p * d1 < p * d2 so p > 0
so d1 < d2 so d1 <= d2 - 1
so p * d1 <= p * (d2 - 1) = radix - p) };
r
let lsld_ext (x cnt:limb) : (limb,limb)
requires { 0 <= cnt < Limb.length }
......
......@@ -72,7 +72,7 @@
<proof prover="2"><result status="valid" time="0.07"/></proof>
</goal>
<goal name="VC wmpn_mul_1.6" expl="assertion" proved="true">
<proof prover="2"><result status="valid" time="0.05"/></proof>
<proof prover="2"><result status="valid" time="0.20"/></proof>
</goal>
<goal name="VC wmpn_mul_1.7" expl="precondition" proved="true">
<proof prover="2"><result status="valid" time="0.04"/></proof>
......@@ -350,10 +350,10 @@
<goal name="VC wmpn_mul_n.2" expl="loop invariant init" proved="true">
<transf name="split_goal_right" proved="true" >
<goal name="VC wmpn_mul_n.2.0" expl="VC for wmpn_mul_n" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
<proof prover="2" timelimit="5" memlimit="2000"><result status="valid" time="0.06"/></proof>
</goal>
<goal name="VC wmpn_mul_n.2.1" expl="VC for wmpn_mul_n" proved="true">
<proof prover="2" timelimit="5" memlimit="2000"><result status="valid" time="0.06"/></proof>
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
</transf>
</goal>
......@@ -439,7 +439,7 @@
<proof prover="5" timelimit="1"><result status="valid" time="0.12" steps="54"/></proof>
</goal>
<goal name="VC wmpn_mul_n.17" expl="assertion" proved="true">
<proof prover="3"><result status="valid" time="4.35"/></proof>
<proof prover="3"><result status="valid" time="4.90"/></proof>
</goal>
<goal name="VC wmpn_mul_n.18" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.02"/></proof>
......@@ -492,12 +492,12 @@
<goal name="VC wmpn_mul_n.30" expl="assertion" proved="true">
<transf name="split_goal_right" proved="true" >
<goal name="VC wmpn_mul_n.30.0" expl="assertion" proved="true">
<proof prover="0" timelimit="10"><result status="valid" time="0.74"/></proof>
<proof prover="0" timelimit="10"><result status="valid" time="1.10"/></proof>
</goal>
</transf>
</goal>
<goal name="VC wmpn_mul_n.31" expl="assertion" proved="true">
<proof prover="5" timelimit="1"><result status="valid" time="0.04" steps="80"/></proof>
<proof prover="5" timelimit="1"><result status="valid" time="0.16" steps="80"/></proof>
</goal>
<goal name="VC wmpn_mul_n.32" expl="assertion" proved="true">
<transf name="split_goal_right" proved="true" >
......@@ -522,10 +522,10 @@
<goal name="VC wmpn_mul_n.34.0.0.0.0.0" expl="assertion" proved="true">
<transf name="reflection_f" proved="true" arg1="mp_decision">
<goal name="VC wmpn_mul_n.34.0.0.0.0.0.0" expl="assertion" proved="true">
<proof prover="0"><result status="valid" time="0.30"/></proof>
<proof prover="0"><result status="valid" time="0.49"/></proof>
</goal>
<goal name="VC wmpn_mul_n.34.0.0.0.0.0.1" proved="true">
<proof prover="2" timelimit="5"><result status="valid" time="0.24"/></proof>
<proof prover="2" timelimit="5"><result status="valid" time="0.45"/></proof>
</goal>
</transf>
</goal>
......@@ -582,7 +582,7 @@
</transf>
</goal>
<goal name="VC wmpn_mul_n.45" expl="loop invariant preservation" proved="true">
<proof prover="2" timelimit="5"><result status="valid" time="0.44"/></proof>
<proof prover="2" timelimit="5"><result status="valid" time="0.67"/></proof>
</goal>
<goal name="VC wmpn_mul_n.46" expl="postcondition" proved="true">
<proof prover="5" memlimit="2000"><result status="valid" time="0.02" steps="38"/></proof>
......@@ -598,23 +598,7 @@
<proof prover="5" timelimit="20"><result status="valid" time="0.00" steps="27"/></proof>
</goal>
<goal name="VC wmpn_addmul_n.1" expl="loop invariant init" proved="true">
<transf name="split_goal_right" proved="true" >
<goal name="VC wmpn_addmul_n.1.0" expl="VC for wmpn_addmul_n" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="VC wmpn_addmul_n.1.1" expl="VC for wmpn_addmul_n" proved="true">
<proof prover="1"><result status="valid" time="0.09"/></proof>
<transf name="introduce_premises" proved="true" >
<goal name="VC wmpn_addmul_n.1.1.0" expl="VC for wmpn_addmul_n" proved="true">
<transf name="inline_goal" proved="true" >
<goal name="VC wmpn_addmul_n.1.1.0.0" expl="VC for wmpn_addmul_n" proved="true">
<proof prover="0" timelimit="20" memlimit="1000"><result status="valid" time="0.08"/></proof>
</goal>
</transf>
</goal>
</transf>
</goal>
</transf>
<proof prover="5" timelimit="20"><result status="valid" time="0.06" steps="18"/></proof>
</goal>
<goal name="VC wmpn_addmul_n.2" expl="loop invariant init" proved="true">
<proof prover="5" timelimit="1"><result status="valid" time="0.03" steps="90"/></proof>
......@@ -644,7 +628,23 @@
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="VC wmpn_addmul_n.7" expl="loop invariant init" proved="true">
<proof prover="5" timelimit="20"><result status="valid" time="0.06" steps="21"/></proof>
<transf name="split_goal_right" proved="true" >
<goal name="VC wmpn_addmul_n.7.0" expl="VC for wmpn_addmul_n" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="VC wmpn_addmul_n.7.1" expl="VC for wmpn_addmul_n" proved="true">
<proof prover="1"><result status="valid" time="0.09"/></proof>
<transf name="introduce_premises" proved="true" >
<goal name="VC wmpn_addmul_n.7.1.0" expl="VC for wmpn_addmul_n" proved="true">
<transf name="inline_goal" proved="true" >
<goal name="VC wmpn_addmul_n.7.1.0.0" expl="VC for wmpn_addmul_n" proved="true">
<proof prover="0" timelimit="20" memlimit="1000"><result status="valid" time="0.08"/></proof>
</goal>
</transf>
</goal>
</transf>
</goal>
</transf>
</goal>
<goal name="VC wmpn_addmul_n.8" expl="loop invariant init" proved="true">
<proof prover="5" timelimit="20"><result status="valid" time="0.05" steps="23"/></proof>
......@@ -656,7 +656,7 @@
<proof prover="5"><result status="valid" time="0.02" steps="34"/></proof>
</goal>
<goal name="VC wmpn_addmul_n.11" expl="assertion" proved="true">
<proof prover="0"><result status="valid" time="2.72"/></proof>
<proof prover="0"><result status="valid" time="3.97"/></proof>
</goal>
<goal name="VC wmpn_addmul_n.12" expl="precondition" proved="true">
<proof prover="5"><result status="valid" time="0.03" steps="52"/></proof>
......@@ -691,7 +691,7 @@
<proof prover="5" timelimit="20"><result status="valid" time="0.02" steps="49"/></proof>
</goal>
<goal name="VC wmpn_addmul_n.17" expl="assertion" proved="true">
<proof prover="2" timelimit="5"><result status="valid" time="0.15"/></proof>
<proof prover="2" timelimit="5"><result status="valid" time="0.28"/></proof>
</goal>
<goal name="VC wmpn_addmul_n.18" expl="precondition" proved="true">
<proof prover="5" timelimit="1"><result status="valid" time="0.05" steps="66"/></proof>
......@@ -732,7 +732,7 @@
<proof prover="5" timelimit="1"><result status="valid" time="0.02" steps="72"/></proof>
</goal>