Attention une mise à jour du serveur va être effectuée le vendredi 16 avril entre 12h et 12h30. Cette mise à jour va générer une interruption du service de quelques minutes.

Commit 201e0da2 authored by Guillaume Melquiond's avatar Guillaume Melquiond

Update parts of Coq realizations whose printing looks sane.

parent a9bccabd
......@@ -271,8 +271,7 @@ Defined.
(* Why3 goal *)
Lemma Nth_bw_and :
forall (v1:t) (v2:t) (n:Z),
((0%Z <= n)%Z /\ (n < size)%Z) ->
forall (v1:t) (v2:t) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
((nth (bw_and v1 v2) n) = (Init.Datatypes.andb (nth v1 n) (nth v2 n))).
symmetry.
apply nth_aux_map2 with (f := fun x y => x && y); easy.
......@@ -285,8 +284,7 @@ Defined.
(* Why3 goal *)
Lemma Nth_bw_or :
forall (v1:t) (v2:t) (n:Z),
((0%Z <= n)%Z /\ (n < size)%Z) ->
forall (v1:t) (v2:t) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
((nth (bw_or v1 v2) n) = (Init.Datatypes.orb (nth v1 n) (nth v2 n))).
symmetry.
apply nth_aux_map2; easy.
......@@ -299,8 +297,7 @@ Defined.
(* Why3 goal *)
Lemma Nth_bw_xor :
forall (v1:t) (v2:t) (n:Z),
((0%Z <= n)%Z /\ (n < size)%Z) ->
forall (v1:t) (v2:t) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
((nth (bw_xor v1 v2) n) = (Init.Datatypes.xorb (nth v1 n) (nth v2 n))).
symmetry.
apply nth_aux_map2; easy.
......@@ -313,8 +310,7 @@ Defined.
(* Why3 goal *)
Lemma Nth_bw_not :
forall (v:t) (n:Z),
((0%Z <= n)%Z /\ (n < size)%Z) ->
forall (v:t) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
((nth (bw_not v) n) = (Init.Datatypes.negb (nth v n))).
symmetry.
apply nth_aux_map; easy.
......@@ -342,17 +338,18 @@ Lemma bshiftRl_iter_nth : forall b s m,
Qed.
(* Why3 goal *)
Lemma Lsr_nth_low : forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z ->
((0%Z <= n)%Z -> (((n + s)%Z < size)%Z -> ((nth (lsr b s) n) = (nth b
(n + s)%Z)))).
Lemma Lsr_nth_low :
forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> (0%Z <= n)%Z ->
((n + s)%Z < size)%Z -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
intros b n s h1 h2 h3.
rewrite <-Z2Nat.id with (n := s) at 2; auto.
apply bshiftRl_iter_nth; omega.
Qed.
(* Why3 goal *)
Lemma Lsr_nth_high : forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z ->
((0%Z <= n)%Z -> ((size <= (n + s)%Z)%Z -> ((nth (lsr b s) n) = false))).
Lemma Lsr_nth_high :
forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> (0%Z <= n)%Z ->
(size <= (n + s)%Z)%Z -> ((nth (lsr b s) n) = false).
intros b n s h1 h2 h3.
unfold nth,lsr.
cut (nth_aux b (n + Z.of_nat (Z.to_nat s)) = false).
......@@ -445,9 +442,9 @@ Lemma BshiftRa_iter_nth_low : forall (b:t) (s:nat) (n:Z),
Qed.
(* Why3 goal *)
Lemma Asr_nth_low : forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z ->
(((0%Z <= n)%Z /\ (n < size)%Z) -> (((n + s)%Z < size)%Z -> ((nth (asr b s)
n) = (nth b (n + s)%Z)))).
Lemma Asr_nth_low :
forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> ((0%Z <= n)%Z /\ (n < size)%Z) ->
((n + s)%Z < size)%Z -> ((nth (asr b s) n) = (nth b (n + s)%Z)).
unfold nth, lsr.
intros.
assert ((n + s)%Z = (n + Z.of_nat (Z.to_nat s))%Z).
......@@ -491,9 +488,9 @@ Lemma BhiftRa_iter_nth_high : forall (b:t) (s:nat) (n:Z),
Qed.
(* Why3 goal *)
Lemma Asr_nth_high : forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z ->
(((0%Z <= n)%Z /\ (n < size)%Z) -> ((size <= (n + s)%Z)%Z -> ((nth (asr b
s) n) = (nth b (size - 1%Z)%Z)))).
Lemma Asr_nth_high :
forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> ((0%Z <= n)%Z /\ (n < size)%Z) ->
(size <= (n + s)%Z)%Z -> ((nth (asr b s) n) = (nth b (size - 1%Z)%Z)).
unfold nth, asr.
intros.
apply BhiftRa_iter_nth_high.
......@@ -529,8 +526,7 @@ Qed.
(* Why3 goal *)
Lemma Lsl_nth_high :
forall (b:t) (n:Z) (s:Z),
((0%Z <= s)%Z /\ ((s <= n)%Z /\ (n < size)%Z)) ->
forall (b:t) (n:Z) (s:Z), ((0%Z <= s)%Z /\ ((s <= n)%Z /\ (n < size)%Z)) ->
((nth (lsl b s) n) = (nth b (n - s)%Z)).
intros.
unfold lsl, nth.
......@@ -560,8 +556,8 @@ Qed.
(* Why3 goal *)
Lemma Lsl_nth_low :
forall (b:t) (n:Z) (s:Z),
((0%Z <= n)%Z /\ (n < s)%Z) -> ((nth (lsl b s) n) = false).
forall (b:t) (n:Z) (s:Z), ((0%Z <= n)%Z /\ (n < s)%Z) ->
((nth (lsl b s) n) = false).
intros.
apply Lsl_nth_low_aux.
rewrite Z2Nat.id; omega.
......@@ -1100,9 +1096,10 @@ Definition rotate_right : t -> Z -> t.
Defined.
(* Why3 goal *)
Lemma Nth_rotate_right : forall (v:t) (n:Z) (i:Z), ((0%Z <= i)%Z /\
(i < size)%Z) -> ((0%Z <= n)%Z -> ((nth (rotate_right v n) i) = (nth v
(int.EuclideanDivision.mod1 (i + n)%Z size)))).
Lemma Nth_rotate_right :
forall (v:t) (n:Z) (i:Z), ((0%Z <= i)%Z /\ (i < size)%Z) -> (0%Z <= n)%Z ->
((nth (rotate_right v n) i) =
(nth v (int.EuclideanDivision.mod1 (i + n)%Z size))).
intros v n i h1 h2.
revert h2; revert n.
apply Z_of_nat_prop.
......@@ -1123,9 +1120,10 @@ Definition rotate_left : t -> Z -> t.
Defined.
(* Why3 goal *)
Lemma Nth_rotate_left : forall (v:t) (n:Z) (i:Z), ((0%Z <= i)%Z /\
(i < size)%Z) -> ((0%Z <= n)%Z -> ((nth (rotate_left v n) i) = (nth v
(int.EuclideanDivision.mod1 (i - n)%Z size)))).
Lemma Nth_rotate_left :
forall (v:t) (n:Z) (i:Z), ((0%Z <= i)%Z /\ (i < size)%Z) -> (0%Z <= n)%Z ->
((nth (rotate_left v n) i) =
(nth v (int.EuclideanDivision.mod1 (i - n)%Z size))).
intros v n i h1 h2.
revert h2; revert n.
apply Z_of_nat_prop.
......@@ -1185,9 +1183,11 @@ Definition to_int : t -> Z.
Defined.
(* Why3 goal *)
Lemma to_int_def : forall (x:t), ((is_signed_positive x) ->
((to_int x) = (to_uint x))) /\ ((~ (is_signed_positive x)) ->
((to_int x) = (-(two_power_size - (to_uint x))%Z)%Z)).
Lemma to_int_def :
forall (x:t),
((is_signed_positive x) -> ((to_int x) = (to_uint x))) /\
(~ (is_signed_positive x) ->
((to_int x) = (-(two_power_size - (to_uint x))%Z)%Z)).
intros. split.
- unfold to_int, to_uint,is_signed_positive, twos_complement, size_nat.
intros.
......@@ -1331,8 +1331,9 @@ Qed.
(* end of to_uint helpers *)
(* Why3 goal *)
Lemma to_uint_of_int : forall (i:Z), ((0%Z <= i)%Z /\
(i < two_power_size)%Z) -> ((to_uint (of_int i)) = i).
Lemma to_uint_of_int :
forall (i:Z), ((0%Z <= i)%Z /\ (i < two_power_size)%Z) ->
((to_uint (of_int i)) = i).
intros i h1; destruct h1.
unfold to_uint, of_int.
rewrite bvec_to_nat_nat_to_bvec.
......@@ -1462,18 +1463,21 @@ Definition add : t -> t -> t.
Defined.
(* Why3 goal *)
Lemma to_uint_add : forall (v1:t) (v2:t), ((to_uint (add v1
v2)) = (int.EuclideanDivision.mod1 ((to_uint v1) + (to_uint v2))%Z
two_power_size)).
Lemma to_uint_add :
forall (v1:t) (v2:t),
((to_uint (add v1 v2)) =
(int.EuclideanDivision.mod1 ((to_uint v1) + (to_uint v2))%Z
two_power_size)).
intros v1 v2.
apply to_uint_of_int.
apply mod1_in_range2.
Qed.
(* Why3 goal *)
Lemma to_uint_add_bounded : forall (v1:t) (v2:t),
(((to_uint v1) + (to_uint v2))%Z < two_power_size)%Z -> ((to_uint (add v1
v2)) = ((to_uint v1) + (to_uint v2))%Z).
Lemma to_uint_add_bounded :
forall (v1:t) (v2:t),
(((to_uint v1) + (to_uint v2))%Z < two_power_size)%Z ->
((to_uint (add v1 v2)) = ((to_uint v1) + (to_uint v2))%Z).
intros v1 v2 h1.
rewrite <-(mod1_out (to_uint v1 + to_uint v2) two_power_size).
apply to_uint_add.
......@@ -1486,9 +1490,11 @@ Definition sub : t -> t -> t.
Defined.
(* Why3 goal *)
Lemma to_uint_sub : forall (v1:t) (v2:t), ((to_uint (sub v1
v2)) = (int.EuclideanDivision.mod1 ((to_uint v1) - (to_uint v2))%Z
two_power_size)).
Lemma to_uint_sub :
forall (v1:t) (v2:t),
((to_uint (sub v1 v2)) =
(int.EuclideanDivision.mod1 ((to_uint v1) - (to_uint v2))%Z
two_power_size)).
intros v1 v2.
apply to_uint_of_int, mod1_in_range2.
Qed.
......@@ -1524,9 +1530,11 @@ Definition mul : t -> t -> t.
Defined.
(* Why3 goal *)
Lemma to_uint_mul : forall (v1:t) (v2:t), ((to_uint (mul v1
v2)) = (int.EuclideanDivision.mod1 ((to_uint v1) * (to_uint v2))%Z
two_power_size)).
Lemma to_uint_mul :
forall (v1:t) (v2:t),
((to_uint (mul v1 v2)) =
(int.EuclideanDivision.mod1 ((to_uint v1) * (to_uint v2))%Z
two_power_size)).
intros v1 v2.
apply to_uint_of_int, mod1_in_range2.
Qed.
......@@ -1634,9 +1642,11 @@ Lemma lsl_bv_is_lsl :
Qed.
(* Why3 goal *)
Lemma to_uint_lsl : forall (v:t) (n:t), ((to_uint (lsl_bv v
n)) = (int.EuclideanDivision.mod1 ((to_uint v) * (bv.Pow2int.pow2 (to_uint n)))%Z
two_power_size)).
Lemma to_uint_lsl :
forall (v:t) (n:t),
((to_uint (lsl_bv v n)) =
(int.EuclideanDivision.mod1
((to_uint v) * (bv.Pow2int.pow2 (to_uint n)))%Z two_power_size)).
intros v n.
apply to_uint_lsl_aux.
Qed.
......@@ -1735,8 +1745,7 @@ Qed.
(* Why3 goal *)
Lemma Nth_bv_is_nth2 :
forall (x:t) (i:Z),
((0%Z <= i)%Z /\ (i < two_power_size)%Z) ->
forall (x:t) (i:Z), ((0%Z <= i)%Z /\ (i < two_power_size)%Z) ->
((nth_bv x (of_int i)) = (nth x i)).
intros x i h1.
rewrite <-Nth_bv_is_nth.
......
......@@ -38,8 +38,7 @@ Qed.
(* Why3 goal *)
Lemma Power_sum :
forall (n:Z) (m:Z),
((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
unfold pow2.
intros n m [H1 H2].
......
......@@ -67,27 +67,32 @@ Qed.
(* Why3 goal *)
Lemma Round_monotonic :
forall (m:floating_point.Rounding.mode) (x:R) (y:R),
(x <= y)%R -> ((round m x) <= (round m y))%R.
forall (m:floating_point.Rounding.mode) (x:R) (y:R), (x <= y)%R ->
((round m x) <= (round m y))%R.
now apply Round_monotonic.
Qed.
(* Why3 goal *)
Lemma Round_idempotent : forall (m1:floating_point.Rounding.mode)
(m2:floating_point.Rounding.mode) (x:R), ((round m1 (round m2
x)) = (round m2 x)).
Lemma Round_idempotent :
forall (m1:floating_point.Rounding.mode) (m2:floating_point.Rounding.mode)
(x:R),
((round m1 (round m2 x)) = (round m2 x)).
now apply Round_idempotent.
Qed.
(* Why3 goal *)
Lemma Round_value : forall (m:floating_point.Rounding.mode)
(x:floating_point.DoubleFormat.double), ((round m (value x)) = (value x)).
Lemma Round_value :
forall (m:floating_point.Rounding.mode)
(x:floating_point.DoubleFormat.double),
((round m (value x)) = (value x)).
now apply Round_value.
Qed.
(* Why3 goal *)
Lemma Bounded_value : forall (x:floating_point.DoubleFormat.double),
((Reals.Rbasic_fun.Rabs (value x)) <= (9007199254740991 * 19958403095347198116563727130368385660674512604354575415025472424372118918689640657849579654926357010893424468441924952439724379883935936607391717982848314203200056729510856765175377214443629871826533567445439239933308104551208703888888552684480441575071209068757560416423584952303440099278848)%R)%R.
Lemma Bounded_value :
forall (x:floating_point.DoubleFormat.double),
((Reals.Rbasic_fun.Rabs (value x)) <=
(9007199254740991 * 19958403095347198116563727130368385660674512604354575415025472424372118918689640657849579654926357010893424468441924952439724379883935936607391717982848314203200056729510856765175377214443629871826533567445439239933308104551208703888888552684480441575071209068757560416423584952303440099278848)%R)%R.
now apply Bounded_value.
Qed.
......@@ -137,8 +142,8 @@ Defined.
(* Why3 goal *)
Lemma Round_logic_def :
forall (m:floating_point.Rounding.mode) (x:R),
(no_overflow m x) -> ((value (round_logic m x)) = (round m x)).
forall (m:floating_point.Rounding.mode) (x:R), (no_overflow m x) ->
((value (round_logic m x)) = (round m x)).
Proof.
exact (Round_logic_def 53 1024 (refl_equal true) (refl_equal true)).
Qed.
......
......@@ -65,7 +65,8 @@ Qed.
Lemma Bounded_real_no_overflow :
forall (m:floating_point.Rounding.mode) (x:R),
((Reals.Rbasic_fun.Rabs x) <=
(33554430 * 10141204801825835211973625643008)%R)%R -> no_overflow m x.
(33554430 * 10141204801825835211973625643008)%R)%R ->
no_overflow m x.
intros m x Hx.
unfold no_overflow.
rewrite max_single_eq in *.
......@@ -74,22 +75,25 @@ Qed.
(* Why3 goal *)
Lemma Round_monotonic :
forall (m:floating_point.Rounding.mode) (x:R) (y:R),
(x <= y)%R -> ((round m x) <= (round m y))%R.
forall (m:floating_point.Rounding.mode) (x:R) (y:R), (x <= y)%R ->
((round m x) <= (round m y))%R.
apply Round_monotonic.
easy.
Qed.
(* Why3 goal *)
Lemma Round_idempotent : forall (m1:floating_point.Rounding.mode)
(m2:floating_point.Rounding.mode) (x:R), ((round m1 (round m2
x)) = (round m2 x)).
Lemma Round_idempotent :
forall (m1:floating_point.Rounding.mode) (m2:floating_point.Rounding.mode)
(x:R),
((round m1 (round m2 x)) = (round m2 x)).
now apply Round_idempotent.
Qed.
(* Why3 goal *)
Lemma Round_value : forall (m:floating_point.Rounding.mode)
(x:floating_point.SingleFormat.single), ((round m (value x)) = (value x)).
Lemma Round_value :
forall (m:floating_point.Rounding.mode)
(x:floating_point.SingleFormat.single),
((round m (value x)) = (value x)).
now apply Round_value.
Qed.
......@@ -148,8 +152,8 @@ Defined.
(* Why3 goal *)
Lemma Round_logic_def :
forall (m:floating_point.Rounding.mode) (x:R),
(no_overflow m x) -> ((value (round_logic m x)) = (round m x)).
forall (m:floating_point.Rounding.mode) (x:R), (no_overflow m x) ->
((value (round_logic m x)) = (round m x)).
Proof.
intros m x.
unfold no_overflow.
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
......@@ -25,7 +25,8 @@ Require Import Zquot.
(* mod1 is replaced with (ZArith.BinInt.Z.rem x x1) by the coq driver *)
(* Why3 goal *)
Lemma Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) ->
Lemma Div_mod :
forall (x:Z) (y:Z), ~ (y = 0%Z) ->
(x = ((y * (ZArith.BinInt.Z.quot x y))%Z + (ZArith.BinInt.Z.rem x y))%Z).
intros x y _.
apply Z.quot_rem'.
......@@ -33,8 +34,7 @@ Qed.
(* Why3 goal *)
Lemma Div_bound :
forall (x:Z) (y:Z),
((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
(0%Z <= (ZArith.BinInt.Z.quot x y))%Z /\
((ZArith.BinInt.Z.quot x y) <= x)%Z.
intros x y (Hx,Hy).
......@@ -52,8 +52,7 @@ Qed.
(* Why3 goal *)
Lemma Mod_bound :
forall (x:Z) (y:Z),
~ (y = 0%Z) ->
forall (x:Z) (y:Z), ~ (y = 0%Z) ->
((-(ZArith.BinInt.Z.abs y))%Z < (ZArith.BinInt.Z.rem x y))%Z /\
((ZArith.BinInt.Z.rem x y) < (ZArith.BinInt.Z.abs y))%Z.
intros x y Zy.
......@@ -69,16 +68,16 @@ Qed.
(* Why3 goal *)
Lemma Div_sign_pos :
forall (x:Z) (y:Z),
((0%Z <= x)%Z /\ (0%Z < y)%Z) -> (0%Z <= (ZArith.BinInt.Z.quot x y))%Z.
forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
(0%Z <= (ZArith.BinInt.Z.quot x y))%Z.
intros x y (Hx, Hy).
now apply Z.quot_pos.
Qed.
(* Why3 goal *)
Lemma Div_sign_neg :
forall (x:Z) (y:Z),
((x <= 0%Z)%Z /\ (0%Z < y)%Z) -> ((ZArith.BinInt.Z.quot x y) <= 0%Z)%Z.
forall (x:Z) (y:Z), ((x <= 0%Z)%Z /\ (0%Z < y)%Z) ->
((ZArith.BinInt.Z.quot x y) <= 0%Z)%Z.
intros x y (Hx, Hy).
generalize (Z.quot_pos (-x) y).
rewrite Zquot_opp_l.
......@@ -87,22 +86,23 @@ Qed.
(* Why3 goal *)
Lemma Mod_sign_pos :
forall (x:Z) (y:Z),
((0%Z <= x)%Z /\ ~ (y = 0%Z)) -> (0%Z <= (ZArith.BinInt.Z.rem x y))%Z.
forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ ~ (y = 0%Z)) ->
(0%Z <= (ZArith.BinInt.Z.rem x y))%Z.
intros x y (Hx, Zy).
now apply Zrem_lt_pos.
Qed.
(* Why3 goal *)
Lemma Mod_sign_neg :
forall (x:Z) (y:Z),
((x <= 0%Z)%Z /\ ~ (y = 0%Z)) -> ((ZArith.BinInt.Z.rem x y) <= 0%Z)%Z.
forall (x:Z) (y:Z), ((x <= 0%Z)%Z /\ ~ (y = 0%Z)) ->
((ZArith.BinInt.Z.rem x y) <= 0%Z)%Z.
intros x y (Hx, Zy).
now apply Zrem_lt_neg.
Qed.
(* Why3 goal *)
Lemma Rounds_toward_zero : forall (x:Z) (y:Z), (~ (y = 0%Z)) ->
Lemma Rounds_toward_zero :
forall (x:Z) (y:Z), ~ (y = 0%Z) ->
((ZArith.BinInt.Z.abs ((ZArith.BinInt.Z.quot x y) * y)%Z) <=
(ZArith.BinInt.Z.abs x))%Z.
intros x y Zy.
......@@ -125,15 +125,15 @@ Qed.
(* Why3 goal *)
Lemma Div_inf :
forall (x:Z) (y:Z),
((0%Z <= x)%Z /\ (x < y)%Z) -> ((ZArith.BinInt.Z.quot x y) = 0%Z).
forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (x < y)%Z) ->
((ZArith.BinInt.Z.quot x y) = 0%Z).
exact Z.quot_small.
Qed.
(* Why3 goal *)
Lemma Mod_inf :
forall (x:Z) (y:Z),
((0%Z <= x)%Z /\ (x < y)%Z) -> ((ZArith.BinInt.Z.rem x y) = x).
forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (x < y)%Z) ->
((ZArith.BinInt.Z.rem x y) = x).
exact Z.rem_small.
Qed.
......
......@@ -40,8 +40,7 @@ Qed.
(* Why3 goal *)
Lemma Mod_bound :
forall (x:Z) (y:Z),
~ (y = 0%Z) ->
forall (x:Z) (y:Z), ~ (y = 0%Z) ->
(0%Z <= (mod1 x y))%Z /\ ((mod1 x y) < (ZArith.BinInt.Z.abs y))%Z.
intros x y Zy.
zify.
......@@ -57,7 +56,8 @@ omega.
Qed.
(* Why3 goal *)
Lemma Div_unique : forall (x:Z) (y:Z) (q:Z), (0%Z < y)%Z ->
Lemma Div_unique :
forall (x:Z) (y:Z) (q:Z), (0%Z < y)%Z ->
(((q * y)%Z <= x)%Z /\ (x < ((q * y)%Z + y)%Z)%Z) -> ((div x y) = q).
intros x y q h1 (h2,h3).
assert (h:(~(y=0))%Z) by omega.
......@@ -80,8 +80,8 @@ Qed.
(* Why3 goal *)
Lemma Div_bound :
forall (x:Z) (y:Z),
((0%Z <= x)%Z /\ (0%Z < y)%Z) -> (0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z.
forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
(0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z.
intros x y (Hx,Hy).
unfold div.
case Z_le_dec ; intros H.
......@@ -127,8 +127,8 @@ Qed.
(* Why3 goal *)
Lemma Div_inf_neg :
forall (x:Z) (y:Z),
((0%Z < x)%Z /\ (x <= y)%Z) -> ((div (-x)%Z y) = (-1%Z)%Z).
forall (x:Z) (y:Z), ((0%Z < x)%Z /\ (x <= y)%Z) ->
((div (-x)%Z y) = (-1%Z)%Z).
intros x y Hxy.
assert (h: (x < y \/ x = y)%Z) by omega.
destruct h.
......@@ -207,8 +207,8 @@ Open Scope Z_scope.
(* Why3 goal *)
Lemma Div_mult :
forall (x:Z) (y:Z) (z:Z),
(0%Z < x)%Z -> ((div ((x * y)%Z + z)%Z x) = (y + (div z x))%Z).
forall (x:Z) (y:Z) (z:Z), (0%Z < x)%Z ->
((div ((x * y)%Z + z)%Z x) = (y + (div z x))%Z).
intros x y z h.
unfold div.
destruct (Z_le_dec 0 (z mod x)).
......@@ -221,8 +221,8 @@ Qed.
(* Why3 goal *)
Lemma Mod_mult :
forall (x:Z) (y:Z) (z:Z),
(0%Z < x)%Z -> ((mod1 ((x * y)%Z + z)%Z x) = (mod1 z x)).
forall (x:Z) (y:Z) (z:Z), (0%Z < x)%Z ->
((mod1 ((x * y)%Z + z)%Z x) = (mod1 z x)).
intros x y z h.
unfold mod1.
rewrite Div_mult.
......
......@@ -53,8 +53,8 @@ Qed.
(* Why3 goal *)
Lemma Power_s :
forall (x:t) (n:Z),
(0%Z <= n)%Z -> ((power x (n + 1%Z)%Z) = (infix_as x (power x n))).
forall (x:t) (n:Z), (0%Z <= n)%Z ->
((power x (n + 1%Z)%Z) = (infix_as x (power x n))).
Proof.
intros x n h1.
unfold power.
......@@ -64,8 +64,8 @@ Qed.
(* Why3 goal *)
Lemma Power_s_alt :
forall (x:t) (n:Z),
(0%Z < n)%Z -> ((power x n) = (infix_as x (power x (n - 1%Z)%Z))).
forall (x:t) (n:Z), (0%Z < n)%Z ->
((power x n) = (infix_as x (power x (n - 1%Z)%Z))).
Proof.
intros x n h1.