Commit 201e0da2 authored by Guillaume Melquiond's avatar Guillaume Melquiond

Update parts of Coq realizations whose printing looks sane.

parent a9bccabd
......@@ -271,8 +271,7 @@ Defined.
(* Why3 goal *)
Lemma Nth_bw_and :
forall (v1:t) (v2:t) (n:Z),
((0%Z <= n)%Z /\ (n < size)%Z) ->
forall (v1:t) (v2:t) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
((nth (bw_and v1 v2) n) = (Init.Datatypes.andb (nth v1 n) (nth v2 n))).
symmetry.
apply nth_aux_map2 with (f := fun x y => x && y); easy.
......@@ -285,8 +284,7 @@ Defined.
(* Why3 goal *)
Lemma Nth_bw_or :
forall (v1:t) (v2:t) (n:Z),
((0%Z <= n)%Z /\ (n < size)%Z) ->
forall (v1:t) (v2:t) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
((nth (bw_or v1 v2) n) = (Init.Datatypes.orb (nth v1 n) (nth v2 n))).
symmetry.
apply nth_aux_map2; easy.
......@@ -299,8 +297,7 @@ Defined.
(* Why3 goal *)
Lemma Nth_bw_xor :
forall (v1:t) (v2:t) (n:Z),
((0%Z <= n)%Z /\ (n < size)%Z) ->
forall (v1:t) (v2:t) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
((nth (bw_xor v1 v2) n) = (Init.Datatypes.xorb (nth v1 n) (nth v2 n))).
symmetry.
apply nth_aux_map2; easy.
......@@ -313,8 +310,7 @@ Defined.
(* Why3 goal *)
Lemma Nth_bw_not :
forall (v:t) (n:Z),
((0%Z <= n)%Z /\ (n < size)%Z) ->
forall (v:t) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
((nth (bw_not v) n) = (Init.Datatypes.negb (nth v n))).
symmetry.
apply nth_aux_map; easy.
......@@ -342,17 +338,18 @@ Lemma bshiftRl_iter_nth : forall b s m,
Qed.
(* Why3 goal *)
Lemma Lsr_nth_low : forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z ->
((0%Z <= n)%Z -> (((n + s)%Z < size)%Z -> ((nth (lsr b s) n) = (nth b
(n + s)%Z)))).
Lemma Lsr_nth_low :
forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> (0%Z <= n)%Z ->
((n + s)%Z < size)%Z -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
intros b n s h1 h2 h3.
rewrite <-Z2Nat.id with (n := s) at 2; auto.
apply bshiftRl_iter_nth; omega.
Qed.
(* Why3 goal *)
Lemma Lsr_nth_high : forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z ->
((0%Z <= n)%Z -> ((size <= (n + s)%Z)%Z -> ((nth (lsr b s) n) = false))).
Lemma Lsr_nth_high :
forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> (0%Z <= n)%Z ->
(size <= (n + s)%Z)%Z -> ((nth (lsr b s) n) = false).
intros b n s h1 h2 h3.
unfold nth,lsr.
cut (nth_aux b (n + Z.of_nat (Z.to_nat s)) = false).
......@@ -445,9 +442,9 @@ Lemma BshiftRa_iter_nth_low : forall (b:t) (s:nat) (n:Z),
Qed.
(* Why3 goal *)
Lemma Asr_nth_low : forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z ->
(((0%Z <= n)%Z /\ (n < size)%Z) -> (((n + s)%Z < size)%Z -> ((nth (asr b s)
n) = (nth b (n + s)%Z)))).
Lemma Asr_nth_low :
forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> ((0%Z <= n)%Z /\ (n < size)%Z) ->
((n + s)%Z < size)%Z -> ((nth (asr b s) n) = (nth b (n + s)%Z)).
unfold nth, lsr.
intros.
assert ((n + s)%Z = (n + Z.of_nat (Z.to_nat s))%Z).
......@@ -491,9 +488,9 @@ Lemma BhiftRa_iter_nth_high : forall (b:t) (s:nat) (n:Z),
Qed.
(* Why3 goal *)
Lemma Asr_nth_high : forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z ->
(((0%Z <= n)%Z /\ (n < size)%Z) -> ((size <= (n + s)%Z)%Z -> ((nth (asr b
s) n) = (nth b (size - 1%Z)%Z)))).
Lemma Asr_nth_high :
forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> ((0%Z <= n)%Z /\ (n < size)%Z) ->
(size <= (n + s)%Z)%Z -> ((nth (asr b s) n) = (nth b (size - 1%Z)%Z)).
unfold nth, asr.
intros.
apply BhiftRa_iter_nth_high.
......@@ -529,8 +526,7 @@ Qed.
(* Why3 goal *)
Lemma Lsl_nth_high :
forall (b:t) (n:Z) (s:Z),
((0%Z <= s)%Z /\ ((s <= n)%Z /\ (n < size)%Z)) ->
forall (b:t) (n:Z) (s:Z), ((0%Z <= s)%Z /\ ((s <= n)%Z /\ (n < size)%Z)) ->
((nth (lsl b s) n) = (nth b (n - s)%Z)).
intros.
unfold lsl, nth.
......@@ -560,8 +556,8 @@ Qed.
(* Why3 goal *)
Lemma Lsl_nth_low :
forall (b:t) (n:Z) (s:Z),
((0%Z <= n)%Z /\ (n < s)%Z) -> ((nth (lsl b s) n) = false).
forall (b:t) (n:Z) (s:Z), ((0%Z <= n)%Z /\ (n < s)%Z) ->
((nth (lsl b s) n) = false).
intros.
apply Lsl_nth_low_aux.
rewrite Z2Nat.id; omega.
......@@ -1100,9 +1096,10 @@ Definition rotate_right : t -> Z -> t.
Defined.
(* Why3 goal *)
Lemma Nth_rotate_right : forall (v:t) (n:Z) (i:Z), ((0%Z <= i)%Z /\
(i < size)%Z) -> ((0%Z <= n)%Z -> ((nth (rotate_right v n) i) = (nth v
(int.EuclideanDivision.mod1 (i + n)%Z size)))).
Lemma Nth_rotate_right :
forall (v:t) (n:Z) (i:Z), ((0%Z <= i)%Z /\ (i < size)%Z) -> (0%Z <= n)%Z ->
((nth (rotate_right v n) i) =
(nth v (int.EuclideanDivision.mod1 (i + n)%Z size))).
intros v n i h1 h2.
revert h2; revert n.
apply Z_of_nat_prop.
......@@ -1123,9 +1120,10 @@ Definition rotate_left : t -> Z -> t.
Defined.
(* Why3 goal *)
Lemma Nth_rotate_left : forall (v:t) (n:Z) (i:Z), ((0%Z <= i)%Z /\
(i < size)%Z) -> ((0%Z <= n)%Z -> ((nth (rotate_left v n) i) = (nth v
(int.EuclideanDivision.mod1 (i - n)%Z size)))).
Lemma Nth_rotate_left :
forall (v:t) (n:Z) (i:Z), ((0%Z <= i)%Z /\ (i < size)%Z) -> (0%Z <= n)%Z ->
((nth (rotate_left v n) i) =
(nth v (int.EuclideanDivision.mod1 (i - n)%Z size))).
intros v n i h1 h2.
revert h2; revert n.
apply Z_of_nat_prop.
......@@ -1185,9 +1183,11 @@ Definition to_int : t -> Z.
Defined.
(* Why3 goal *)
Lemma to_int_def : forall (x:t), ((is_signed_positive x) ->
((to_int x) = (to_uint x))) /\ ((~ (is_signed_positive x)) ->
((to_int x) = (-(two_power_size - (to_uint x))%Z)%Z)).
Lemma to_int_def :
forall (x:t),
((is_signed_positive x) -> ((to_int x) = (to_uint x))) /\
(~ (is_signed_positive x) ->
((to_int x) = (-(two_power_size - (to_uint x))%Z)%Z)).
intros. split.
- unfold to_int, to_uint,is_signed_positive, twos_complement, size_nat.
intros.
......@@ -1331,8 +1331,9 @@ Qed.
(* end of to_uint helpers *)
(* Why3 goal *)
Lemma to_uint_of_int : forall (i:Z), ((0%Z <= i)%Z /\
(i < two_power_size)%Z) -> ((to_uint (of_int i)) = i).
Lemma to_uint_of_int :
forall (i:Z), ((0%Z <= i)%Z /\ (i < two_power_size)%Z) ->
((to_uint (of_int i)) = i).
intros i h1; destruct h1.
unfold to_uint, of_int.
rewrite bvec_to_nat_nat_to_bvec.
......@@ -1462,18 +1463,21 @@ Definition add : t -> t -> t.
Defined.
(* Why3 goal *)
Lemma to_uint_add : forall (v1:t) (v2:t), ((to_uint (add v1
v2)) = (int.EuclideanDivision.mod1 ((to_uint v1) + (to_uint v2))%Z
two_power_size)).
Lemma to_uint_add :
forall (v1:t) (v2:t),
((to_uint (add v1 v2)) =
(int.EuclideanDivision.mod1 ((to_uint v1) + (to_uint v2))%Z
two_power_size)).
intros v1 v2.
apply to_uint_of_int.
apply mod1_in_range2.
Qed.
(* Why3 goal *)
Lemma to_uint_add_bounded : forall (v1:t) (v2:t),
(((to_uint v1) + (to_uint v2))%Z < two_power_size)%Z -> ((to_uint (add v1
v2)) = ((to_uint v1) + (to_uint v2))%Z).
Lemma to_uint_add_bounded :
forall (v1:t) (v2:t),
(((to_uint v1) + (to_uint v2))%Z < two_power_size)%Z ->
((to_uint (add v1 v2)) = ((to_uint v1) + (to_uint v2))%Z).
intros v1 v2 h1.
rewrite <-(mod1_out (to_uint v1 + to_uint v2) two_power_size).
apply to_uint_add.
......@@ -1486,9 +1490,11 @@ Definition sub : t -> t -> t.
Defined.
(* Why3 goal *)
Lemma to_uint_sub : forall (v1:t) (v2:t), ((to_uint (sub v1
v2)) = (int.EuclideanDivision.mod1 ((to_uint v1) - (to_uint v2))%Z
two_power_size)).
Lemma to_uint_sub :
forall (v1:t) (v2:t),
((to_uint (sub v1 v2)) =
(int.EuclideanDivision.mod1 ((to_uint v1) - (to_uint v2))%Z
two_power_size)).
intros v1 v2.
apply to_uint_of_int, mod1_in_range2.
Qed.
......@@ -1524,9 +1530,11 @@ Definition mul : t -> t -> t.
Defined.
(* Why3 goal *)
Lemma to_uint_mul : forall (v1:t) (v2:t), ((to_uint (mul v1
v2)) = (int.EuclideanDivision.mod1 ((to_uint v1) * (to_uint v2))%Z
two_power_size)).
Lemma to_uint_mul :
forall (v1:t) (v2:t),
((to_uint (mul v1 v2)) =
(int.EuclideanDivision.mod1 ((to_uint v1) * (to_uint v2))%Z
two_power_size)).
intros v1 v2.
apply to_uint_of_int, mod1_in_range2.
Qed.
......@@ -1634,9 +1642,11 @@ Lemma lsl_bv_is_lsl :
Qed.
(* Why3 goal *)
Lemma to_uint_lsl : forall (v:t) (n:t), ((to_uint (lsl_bv v
n)) = (int.EuclideanDivision.mod1 ((to_uint v) * (bv.Pow2int.pow2 (to_uint n)))%Z
two_power_size)).
Lemma to_uint_lsl :
forall (v:t) (n:t),
((to_uint (lsl_bv v n)) =
(int.EuclideanDivision.mod1
((to_uint v) * (bv.Pow2int.pow2 (to_uint n)))%Z two_power_size)).
intros v n.
apply to_uint_lsl_aux.
Qed.
......@@ -1735,8 +1745,7 @@ Qed.
(* Why3 goal *)
Lemma Nth_bv_is_nth2 :
forall (x:t) (i:Z),
((0%Z <= i)%Z /\ (i < two_power_size)%Z) ->
forall (x:t) (i:Z), ((0%Z <= i)%Z /\ (i < two_power_size)%Z) ->
((nth_bv x (of_int i)) = (nth x i)).
intros x i h1.
rewrite <-Nth_bv_is_nth.
......
......@@ -38,8 +38,7 @@ Qed.
(* Why3 goal *)
Lemma Power_sum :
forall (n:Z) (m:Z),
((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
unfold pow2.
intros n m [H1 H2].
......
......@@ -67,27 +67,32 @@ Qed.
(* Why3 goal *)
Lemma Round_monotonic :
forall (m:floating_point.Rounding.mode) (x:R) (y:R),
(x <= y)%R -> ((round m x) <= (round m y))%R.
forall (m:floating_point.Rounding.mode) (x:R) (y:R), (x <= y)%R ->
((round m x) <= (round m y))%R.
now apply Round_monotonic.
Qed.
(* Why3 goal *)
Lemma Round_idempotent : forall (m1:floating_point.Rounding.mode)
(m2:floating_point.Rounding.mode) (x:R), ((round m1 (round m2
x)) = (round m2 x)).
Lemma Round_idempotent :
forall (m1:floating_point.Rounding.mode) (m2:floating_point.Rounding.mode)
(x:R),
((round m1 (round m2 x)) = (round m2 x)).
now apply Round_idempotent.
Qed.
(* Why3 goal *)
Lemma Round_value : forall (m:floating_point.Rounding.mode)
(x:floating_point.DoubleFormat.double), ((round m (value x)) = (value x)).
Lemma Round_value :
forall (m:floating_point.Rounding.mode)
(x:floating_point.DoubleFormat.double),
((round m (value x)) = (value x)).
now apply Round_value.
Qed.
(* Why3 goal *)
Lemma Bounded_value : forall (x:floating_point.DoubleFormat.double),
((Reals.Rbasic_fun.Rabs (value x)) <= (9007199254740991 * 19958403095347198116563727130368385660674512604354575415025472424372118918689640657849579654926357010893424468441924952439724379883935936607391717982848314203200056729510856765175377214443629871826533567445439239933308104551208703888888552684480441575071209068757560416423584952303440099278848)%R)%R.
Lemma Bounded_value :
forall (x:floating_point.DoubleFormat.double),
((Reals.Rbasic_fun.Rabs (value x)) <=
(9007199254740991 * 19958403095347198116563727130368385660674512604354575415025472424372118918689640657849579654926357010893424468441924952439724379883935936607391717982848314203200056729510856765175377214443629871826533567445439239933308104551208703888888552684480441575071209068757560416423584952303440099278848)%R)%R.
now apply Bounded_value.
Qed.
......@@ -137,8 +142,8 @@ Defined.
(* Why3 goal *)
Lemma Round_logic_def :
forall (m:floating_point.Rounding.mode) (x:R),
(no_overflow m x) -> ((value (round_logic m x)) = (round m x)).
forall (m:floating_point.Rounding.mode) (x:R), (no_overflow m x) ->
((value (round_logic m x)) = (round m x)).
Proof.
exact (Round_logic_def 53 1024 (refl_equal true) (refl_equal true)).
Qed.
......
......@@ -65,7 +65,8 @@ Qed.
Lemma Bounded_real_no_overflow :
forall (m:floating_point.Rounding.mode) (x:R),
((Reals.Rbasic_fun.Rabs x) <=
(33554430 * 10141204801825835211973625643008)%R)%R -> no_overflow m x.
(33554430 * 10141204801825835211973625643008)%R)%R ->
no_overflow m x.
intros m x Hx.
unfold no_overflow.
rewrite max_single_eq in *.
......@@ -74,22 +75,25 @@ Qed.
(* Why3 goal *)
Lemma Round_monotonic :
forall (m:floating_point.Rounding.mode) (x:R) (y:R),
(x <= y)%R -> ((round m x) <= (round m y))%R.
forall (m:floating_point.Rounding.mode) (x:R) (y:R), (x <= y)%R ->
((round m x) <= (round m y))%R.
apply Round_monotonic.
easy.
Qed.
(* Why3 goal *)
Lemma Round_idempotent : forall (m1:floating_point.Rounding.mode)
(m2:floating_point.Rounding.mode) (x:R), ((round m1 (round m2
x)) = (round m2 x)).
Lemma Round_idempotent :
forall (m1:floating_point.Rounding.mode) (m2:floating_point.Rounding.mode)
(x:R),
((round m1 (round m2 x)) = (round m2 x)).
now apply Round_idempotent.
Qed.
(* Why3 goal *)
Lemma Round_value : forall (m:floating_point.Rounding.mode)
(x:floating_point.SingleFormat.single), ((round m (value x)) = (value x)).
Lemma Round_value :
forall (m:floating_point.Rounding.mode)
(x:floating_point.SingleFormat.single),
((round m (value x)) = (value x)).
now apply Round_value.
Qed.
......@@ -148,8 +152,8 @@ Defined.
(* Why3 goal *)
Lemma Round_logic_def :
forall (m:floating_point.Rounding.mode) (x:R),
(no_overflow m x) -> ((value (round_logic m x)) = (round m x)).
forall (m:floating_point.Rounding.mode) (x:R), (no_overflow m x) ->
((value (round_logic m x)) = (round m x)).
Proof.
intros m x.
unfold no_overflow.
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
......@@ -25,7 +25,8 @@ Require Import Zquot.
(* mod1 is replaced with (ZArith.BinInt.Z.rem x x1) by the coq driver *)
(* Why3 goal *)
Lemma Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) ->
Lemma Div_mod :
forall (x:Z) (y:Z), ~ (y = 0%Z) ->
(x = ((y * (ZArith.BinInt.Z.quot x y))%Z + (ZArith.BinInt.Z.rem x y))%Z).
intros x y _.
apply Z.quot_rem'.
......@@ -33,8 +34,7 @@ Qed.
(* Why3 goal *)
Lemma Div_bound :
forall (x:Z) (y:Z),
((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
(0%Z <= (ZArith.BinInt.Z.quot x y))%Z /\
((ZArith.BinInt.Z.quot x y) <= x)%Z.
intros x y (Hx,Hy).
......@@ -52,8 +52,7 @@ Qed.
(* Why3 goal *)
Lemma Mod_bound :
forall (x:Z) (y:Z),
~ (y = 0%Z) ->
forall (x:Z) (y:Z), ~ (y = 0%Z) ->
((-(ZArith.BinInt.Z.abs y))%Z < (ZArith.BinInt.Z.rem x y))%Z /\
((ZArith.BinInt.Z.rem x y) < (ZArith.BinInt.Z.abs y))%Z.
intros x y Zy.
......@@ -69,16 +68,16 @@ Qed.
(* Why3 goal *)
Lemma Div_sign_pos :
forall (x:Z) (y:Z),
((0%Z <= x)%Z /\ (0%Z < y)%Z) -> (0%Z <= (ZArith.BinInt.Z.quot x y))%Z.
forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
(0%Z <= (ZArith.BinInt.Z.quot x y))%Z.
intros x y (Hx, Hy).
now apply Z.quot_pos.
Qed.
(* Why3 goal *)
Lemma Div_sign_neg :
forall (x:Z) (y:Z),
((x <= 0%Z)%Z /\ (0%Z < y)%Z) -> ((ZArith.BinInt.Z.quot x y) <= 0%Z)%Z.
forall (x:Z) (y:Z), ((x <= 0%Z)%Z /\ (0%Z < y)%Z) ->
((ZArith.BinInt.Z.quot x y) <= 0%Z)%Z.
intros x y (Hx, Hy).
generalize (Z.quot_pos (-x) y).
rewrite Zquot_opp_l.
......@@ -87,22 +86,23 @@ Qed.
(* Why3 goal *)
Lemma Mod_sign_pos :
forall (x:Z) (y:Z),
((0%Z <= x)%Z /\ ~ (y = 0%Z)) -> (0%Z <= (ZArith.BinInt.Z.rem x y))%Z.
forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ ~ (y = 0%Z)) ->
(0%Z <= (ZArith.BinInt.Z.rem x y))%Z.
intros x y (Hx, Zy).
now apply Zrem_lt_pos.
Qed.
(* Why3 goal *)
Lemma Mod_sign_neg :
forall (x:Z) (y:Z),
((x <= 0%Z)%Z /\ ~ (y = 0%Z)) -> ((ZArith.BinInt.Z.rem x y) <= 0%Z)%Z.
forall (x:Z) (y:Z), ((x <= 0%Z)%Z /\ ~ (y = 0%Z)) ->
((ZArith.BinInt.Z.rem x y) <= 0%Z)%Z.
intros x y (Hx, Zy).
now apply Zrem_lt_neg.
Qed.
(* Why3 goal *)
Lemma Rounds_toward_zero : forall (x:Z) (y:Z), (~ (y = 0%Z)) ->
Lemma Rounds_toward_zero :
forall (x:Z) (y:Z), ~ (y = 0%Z) ->
((ZArith.BinInt.Z.abs ((ZArith.BinInt.Z.quot x y) * y)%Z) <=
(ZArith.BinInt.Z.abs x))%Z.
intros x y Zy.
......@@ -125,15 +125,15 @@ Qed.
(* Why3 goal *)
Lemma Div_inf :
forall (x:Z) (y:Z),
((0%Z <= x)%Z /\ (x < y)%Z) -> ((ZArith.BinInt.Z.quot x y) = 0%Z).
forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (x < y)%Z) ->
((ZArith.BinInt.Z.quot x y) = 0%Z).
exact Z.quot_small.
Qed.
(* Why3 goal *)
Lemma Mod_inf :
forall (x:Z) (y:Z),
((0%Z <= x)%Z /\ (x < y)%Z) -> ((ZArith.BinInt.Z.rem x y) = x).
forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (x < y)%Z) ->
((ZArith.BinInt.Z.rem x y) = x).
exact Z.rem_small.
Qed.
......
......@@ -40,8 +40,7 @@ Qed.
(* Why3 goal *)
Lemma Mod_bound :
forall (x:Z) (y:Z),
~ (y = 0%Z) ->
forall (x:Z) (y:Z), ~ (y = 0%Z) ->
(0%Z <= (mod1 x y))%Z /\ ((mod1 x y) < (ZArith.BinInt.Z.abs y))%Z.
intros x y Zy.
zify.
......@@ -57,7 +56,8 @@ omega.
Qed.
(* Why3 goal *)
Lemma Div_unique : forall (x:Z) (y:Z) (q:Z), (0%Z < y)%Z ->
Lemma Div_unique :
forall (x:Z) (y:Z) (q:Z), (0%Z < y)%Z ->
(((q * y)%Z <= x)%Z /\ (x < ((q * y)%Z + y)%Z)%Z) -> ((div x y) = q).
intros x y q h1 (h2,h3).
assert (h:(~(y=0))%Z) by omega.
......@@ -80,8 +80,8 @@ Qed.
(* Why3 goal *)
Lemma Div_bound :
forall (x:Z) (y:Z),
((0%Z <= x)%Z /\ (0%Z < y)%Z) -> (0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z.
forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
(0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z.
intros x y (Hx,Hy).
unfold div.
case Z_le_dec ; intros H.
......@@ -127,8 +127,8 @@ Qed.
(* Why3 goal *)
Lemma Div_inf_neg :
forall (x:Z) (y:Z),
((0%Z < x)%Z /\ (x <= y)%Z) -> ((div (-x)%Z y) = (-1%Z)%Z).
forall (x:Z) (y:Z), ((0%Z < x)%Z /\ (x <= y)%Z) ->
((div (-x)%Z y) = (-1%Z)%Z).
intros x y Hxy.
assert (h: (x < y \/ x = y)%Z) by omega.
destruct h.
......@@ -207,8 +207,8 @@ Open Scope Z_scope.
(* Why3 goal *)
Lemma Div_mult :
forall (x:Z) (y:Z) (z:Z),
(0%Z < x)%Z -> ((div ((x * y)%Z + z)%Z x) = (y + (div z x))%Z).
forall (x:Z) (y:Z) (z:Z), (0%Z < x)%Z ->
((div ((x * y)%Z + z)%Z x) = (y + (div z x))%Z).
intros x y z h.
unfold div.
destruct (Z_le_dec 0 (z mod x)).
......@@ -221,8 +221,8 @@ Qed.
(* Why3 goal *)
Lemma Mod_mult :
forall (x:Z) (y:Z) (z:Z),
(0%Z < x)%Z -> ((mod1 ((x * y)%Z + z)%Z x) = (mod1 z x)).
forall (x:Z) (y:Z) (z:Z), (0%Z < x)%Z ->
((mod1 ((x * y)%Z + z)%Z x) = (mod1 z x)).
intros x y z h.
unfold mod1.
rewrite Div_mult.
......
......@@ -53,8 +53,8 @@ Qed.
(* Why3 goal *)
Lemma Power_s :
forall (x:t) (n:Z),
(0%Z <= n)%Z -> ((power x (n + 1%Z)%Z) = (infix_as x (power x n))).
forall (x:t) (n:Z), (0%Z <= n)%Z ->
((power x (n + 1%Z)%Z) = (infix_as x (power x n))).
Proof.
intros x n h1.
unfold power.
......@@ -64,8 +64,8 @@ Qed.
(* Why3 goal *)
Lemma Power_s_alt :
forall (x:t) (n:Z),
(0%Z < n)%Z -> ((power x n) = (infix_as x (power x (n - 1%Z)%Z))).
forall (x:t) (n:Z), (0%Z < n)%Z ->
((power x n) = (infix_as x (power x (n - 1%Z)%Z))).
Proof.
intros x n h1.
rewrite <- Power_s; auto with zarith.
......@@ -79,8 +79,9 @@ exact Unit_def_r.
Qed.
(* Why3 goal *)
Lemma Power_sum : forall (x:t) (n:Z) (m:Z), (0%Z <= n)%Z -> ((0%Z <= m)%Z ->
((power x (n + m)%Z) = (infix_as (power x n) (power x m)))).
Lemma Power_sum :
forall (x:t) (n:Z) (m:Z), (0%Z <= n)%Z -> (0%Z <= m)%Z ->
((power x (n + m)%Z) = (infix_as (power x n) (power x m))).
Proof.
intros x n m Hn Hm.
revert n Hn.
......@@ -94,8 +95,9 @@ now rewrite <- Assoc, <- Power_s.
Qed.
(* Why3 goal *)
Lemma Power_mult : forall (x:t) (n:Z) (m:Z), (0%Z <= n)%Z -> ((0%Z <= m)%Z ->
((power x (n * m)%Z) = (power (power x n) m))).
Lemma Power_mult :
forall (x:t) (n:Z) (m:Z), (0%Z <= n)%Z -> (0%Z <= m)%Z ->
((power x (n * m)%Z) = (power (power x n) m)).