Commit 201e0da2 authored by Guillaume Melquiond's avatar Guillaume Melquiond

Update parts of Coq realizations whose printing looks sane.

parent a9bccabd
...@@ -271,8 +271,7 @@ Defined. ...@@ -271,8 +271,7 @@ Defined.
(* Why3 goal *) (* Why3 goal *)
Lemma Nth_bw_and : Lemma Nth_bw_and :
forall (v1:t) (v2:t) (n:Z), forall (v1:t) (v2:t) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
((0%Z <= n)%Z /\ (n < size)%Z) ->
((nth (bw_and v1 v2) n) = (Init.Datatypes.andb (nth v1 n) (nth v2 n))). ((nth (bw_and v1 v2) n) = (Init.Datatypes.andb (nth v1 n) (nth v2 n))).
symmetry. symmetry.
apply nth_aux_map2 with (f := fun x y => x && y); easy. apply nth_aux_map2 with (f := fun x y => x && y); easy.
...@@ -285,8 +284,7 @@ Defined. ...@@ -285,8 +284,7 @@ Defined.
(* Why3 goal *) (* Why3 goal *)
Lemma Nth_bw_or : Lemma Nth_bw_or :
forall (v1:t) (v2:t) (n:Z), forall (v1:t) (v2:t) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
((0%Z <= n)%Z /\ (n < size)%Z) ->
((nth (bw_or v1 v2) n) = (Init.Datatypes.orb (nth v1 n) (nth v2 n))). ((nth (bw_or v1 v2) n) = (Init.Datatypes.orb (nth v1 n) (nth v2 n))).
symmetry. symmetry.
apply nth_aux_map2; easy. apply nth_aux_map2; easy.
...@@ -299,8 +297,7 @@ Defined. ...@@ -299,8 +297,7 @@ Defined.
(* Why3 goal *) (* Why3 goal *)
Lemma Nth_bw_xor : Lemma Nth_bw_xor :
forall (v1:t) (v2:t) (n:Z), forall (v1:t) (v2:t) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
((0%Z <= n)%Z /\ (n < size)%Z) ->
((nth (bw_xor v1 v2) n) = (Init.Datatypes.xorb (nth v1 n) (nth v2 n))). ((nth (bw_xor v1 v2) n) = (Init.Datatypes.xorb (nth v1 n) (nth v2 n))).
symmetry. symmetry.
apply nth_aux_map2; easy. apply nth_aux_map2; easy.
...@@ -313,8 +310,7 @@ Defined. ...@@ -313,8 +310,7 @@ Defined.
(* Why3 goal *) (* Why3 goal *)
Lemma Nth_bw_not : Lemma Nth_bw_not :
forall (v:t) (n:Z), forall (v:t) (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) ->
((0%Z <= n)%Z /\ (n < size)%Z) ->
((nth (bw_not v) n) = (Init.Datatypes.negb (nth v n))). ((nth (bw_not v) n) = (Init.Datatypes.negb (nth v n))).
symmetry. symmetry.
apply nth_aux_map; easy. apply nth_aux_map; easy.
...@@ -342,17 +338,18 @@ Lemma bshiftRl_iter_nth : forall b s m, ...@@ -342,17 +338,18 @@ Lemma bshiftRl_iter_nth : forall b s m,
Qed. Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Lsr_nth_low : forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> Lemma Lsr_nth_low :
((0%Z <= n)%Z -> (((n + s)%Z < size)%Z -> ((nth (lsr b s) n) = (nth b forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> (0%Z <= n)%Z ->
(n + s)%Z)))). ((n + s)%Z < size)%Z -> ((nth (lsr b s) n) = (nth b (n + s)%Z)).
intros b n s h1 h2 h3. intros b n s h1 h2 h3.
rewrite <-Z2Nat.id with (n := s) at 2; auto. rewrite <-Z2Nat.id with (n := s) at 2; auto.
apply bshiftRl_iter_nth; omega. apply bshiftRl_iter_nth; omega.
Qed. Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Lsr_nth_high : forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> Lemma Lsr_nth_high :
((0%Z <= n)%Z -> ((size <= (n + s)%Z)%Z -> ((nth (lsr b s) n) = false))). forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> (0%Z <= n)%Z ->
(size <= (n + s)%Z)%Z -> ((nth (lsr b s) n) = false).
intros b n s h1 h2 h3. intros b n s h1 h2 h3.
unfold nth,lsr. unfold nth,lsr.
cut (nth_aux b (n + Z.of_nat (Z.to_nat s)) = false). cut (nth_aux b (n + Z.of_nat (Z.to_nat s)) = false).
...@@ -445,9 +442,9 @@ Lemma BshiftRa_iter_nth_low : forall (b:t) (s:nat) (n:Z), ...@@ -445,9 +442,9 @@ Lemma BshiftRa_iter_nth_low : forall (b:t) (s:nat) (n:Z),
Qed. Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Asr_nth_low : forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> Lemma Asr_nth_low :
(((0%Z <= n)%Z /\ (n < size)%Z) -> (((n + s)%Z < size)%Z -> ((nth (asr b s) forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> ((0%Z <= n)%Z /\ (n < size)%Z) ->
n) = (nth b (n + s)%Z)))). ((n + s)%Z < size)%Z -> ((nth (asr b s) n) = (nth b (n + s)%Z)).
unfold nth, lsr. unfold nth, lsr.
intros. intros.
assert ((n + s)%Z = (n + Z.of_nat (Z.to_nat s))%Z). assert ((n + s)%Z = (n + Z.of_nat (Z.to_nat s))%Z).
...@@ -491,9 +488,9 @@ Lemma BhiftRa_iter_nth_high : forall (b:t) (s:nat) (n:Z), ...@@ -491,9 +488,9 @@ Lemma BhiftRa_iter_nth_high : forall (b:t) (s:nat) (n:Z),
Qed. Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Asr_nth_high : forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> Lemma Asr_nth_high :
(((0%Z <= n)%Z /\ (n < size)%Z) -> ((size <= (n + s)%Z)%Z -> ((nth (asr b forall (b:t) (n:Z) (s:Z), (0%Z <= s)%Z -> ((0%Z <= n)%Z /\ (n < size)%Z) ->
s) n) = (nth b (size - 1%Z)%Z)))). (size <= (n + s)%Z)%Z -> ((nth (asr b s) n) = (nth b (size - 1%Z)%Z)).
unfold nth, asr. unfold nth, asr.
intros. intros.
apply BhiftRa_iter_nth_high. apply BhiftRa_iter_nth_high.
...@@ -529,8 +526,7 @@ Qed. ...@@ -529,8 +526,7 @@ Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Lsl_nth_high : Lemma Lsl_nth_high :
forall (b:t) (n:Z) (s:Z), forall (b:t) (n:Z) (s:Z), ((0%Z <= s)%Z /\ ((s <= n)%Z /\ (n < size)%Z)) ->
((0%Z <= s)%Z /\ ((s <= n)%Z /\ (n < size)%Z)) ->
((nth (lsl b s) n) = (nth b (n - s)%Z)). ((nth (lsl b s) n) = (nth b (n - s)%Z)).
intros. intros.
unfold lsl, nth. unfold lsl, nth.
...@@ -560,8 +556,8 @@ Qed. ...@@ -560,8 +556,8 @@ Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Lsl_nth_low : Lemma Lsl_nth_low :
forall (b:t) (n:Z) (s:Z), forall (b:t) (n:Z) (s:Z), ((0%Z <= n)%Z /\ (n < s)%Z) ->
((0%Z <= n)%Z /\ (n < s)%Z) -> ((nth (lsl b s) n) = false). ((nth (lsl b s) n) = false).
intros. intros.
apply Lsl_nth_low_aux. apply Lsl_nth_low_aux.
rewrite Z2Nat.id; omega. rewrite Z2Nat.id; omega.
...@@ -1100,9 +1096,10 @@ Definition rotate_right : t -> Z -> t. ...@@ -1100,9 +1096,10 @@ Definition rotate_right : t -> Z -> t.
Defined. Defined.
(* Why3 goal *) (* Why3 goal *)
Lemma Nth_rotate_right : forall (v:t) (n:Z) (i:Z), ((0%Z <= i)%Z /\ Lemma Nth_rotate_right :
(i < size)%Z) -> ((0%Z <= n)%Z -> ((nth (rotate_right v n) i) = (nth v forall (v:t) (n:Z) (i:Z), ((0%Z <= i)%Z /\ (i < size)%Z) -> (0%Z <= n)%Z ->
(int.EuclideanDivision.mod1 (i + n)%Z size)))). ((nth (rotate_right v n) i) =
(nth v (int.EuclideanDivision.mod1 (i + n)%Z size))).
intros v n i h1 h2. intros v n i h1 h2.
revert h2; revert n. revert h2; revert n.
apply Z_of_nat_prop. apply Z_of_nat_prop.
...@@ -1123,9 +1120,10 @@ Definition rotate_left : t -> Z -> t. ...@@ -1123,9 +1120,10 @@ Definition rotate_left : t -> Z -> t.
Defined. Defined.
(* Why3 goal *) (* Why3 goal *)
Lemma Nth_rotate_left : forall (v:t) (n:Z) (i:Z), ((0%Z <= i)%Z /\ Lemma Nth_rotate_left :
(i < size)%Z) -> ((0%Z <= n)%Z -> ((nth (rotate_left v n) i) = (nth v forall (v:t) (n:Z) (i:Z), ((0%Z <= i)%Z /\ (i < size)%Z) -> (0%Z <= n)%Z ->
(int.EuclideanDivision.mod1 (i - n)%Z size)))). ((nth (rotate_left v n) i) =
(nth v (int.EuclideanDivision.mod1 (i - n)%Z size))).
intros v n i h1 h2. intros v n i h1 h2.
revert h2; revert n. revert h2; revert n.
apply Z_of_nat_prop. apply Z_of_nat_prop.
...@@ -1185,9 +1183,11 @@ Definition to_int : t -> Z. ...@@ -1185,9 +1183,11 @@ Definition to_int : t -> Z.
Defined. Defined.
(* Why3 goal *) (* Why3 goal *)
Lemma to_int_def : forall (x:t), ((is_signed_positive x) -> Lemma to_int_def :
((to_int x) = (to_uint x))) /\ ((~ (is_signed_positive x)) -> forall (x:t),
((to_int x) = (-(two_power_size - (to_uint x))%Z)%Z)). ((is_signed_positive x) -> ((to_int x) = (to_uint x))) /\
(~ (is_signed_positive x) ->
((to_int x) = (-(two_power_size - (to_uint x))%Z)%Z)).
intros. split. intros. split.
- unfold to_int, to_uint,is_signed_positive, twos_complement, size_nat. - unfold to_int, to_uint,is_signed_positive, twos_complement, size_nat.
intros. intros.
...@@ -1331,8 +1331,9 @@ Qed. ...@@ -1331,8 +1331,9 @@ Qed.
(* end of to_uint helpers *) (* end of to_uint helpers *)
(* Why3 goal *) (* Why3 goal *)
Lemma to_uint_of_int : forall (i:Z), ((0%Z <= i)%Z /\ Lemma to_uint_of_int :
(i < two_power_size)%Z) -> ((to_uint (of_int i)) = i). forall (i:Z), ((0%Z <= i)%Z /\ (i < two_power_size)%Z) ->
((to_uint (of_int i)) = i).
intros i h1; destruct h1. intros i h1; destruct h1.
unfold to_uint, of_int. unfold to_uint, of_int.
rewrite bvec_to_nat_nat_to_bvec. rewrite bvec_to_nat_nat_to_bvec.
...@@ -1462,18 +1463,21 @@ Definition add : t -> t -> t. ...@@ -1462,18 +1463,21 @@ Definition add : t -> t -> t.
Defined. Defined.
(* Why3 goal *) (* Why3 goal *)
Lemma to_uint_add : forall (v1:t) (v2:t), ((to_uint (add v1 Lemma to_uint_add :
v2)) = (int.EuclideanDivision.mod1 ((to_uint v1) + (to_uint v2))%Z forall (v1:t) (v2:t),
two_power_size)). ((to_uint (add v1 v2)) =
(int.EuclideanDivision.mod1 ((to_uint v1) + (to_uint v2))%Z
two_power_size)).
intros v1 v2. intros v1 v2.
apply to_uint_of_int. apply to_uint_of_int.
apply mod1_in_range2. apply mod1_in_range2.
Qed. Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma to_uint_add_bounded : forall (v1:t) (v2:t), Lemma to_uint_add_bounded :
(((to_uint v1) + (to_uint v2))%Z < two_power_size)%Z -> ((to_uint (add v1 forall (v1:t) (v2:t),
v2)) = ((to_uint v1) + (to_uint v2))%Z). (((to_uint v1) + (to_uint v2))%Z < two_power_size)%Z ->
((to_uint (add v1 v2)) = ((to_uint v1) + (to_uint v2))%Z).
intros v1 v2 h1. intros v1 v2 h1.
rewrite <-(mod1_out (to_uint v1 + to_uint v2) two_power_size). rewrite <-(mod1_out (to_uint v1 + to_uint v2) two_power_size).
apply to_uint_add. apply to_uint_add.
...@@ -1486,9 +1490,11 @@ Definition sub : t -> t -> t. ...@@ -1486,9 +1490,11 @@ Definition sub : t -> t -> t.
Defined. Defined.
(* Why3 goal *) (* Why3 goal *)
Lemma to_uint_sub : forall (v1:t) (v2:t), ((to_uint (sub v1 Lemma to_uint_sub :
v2)) = (int.EuclideanDivision.mod1 ((to_uint v1) - (to_uint v2))%Z forall (v1:t) (v2:t),
two_power_size)). ((to_uint (sub v1 v2)) =
(int.EuclideanDivision.mod1 ((to_uint v1) - (to_uint v2))%Z
two_power_size)).
intros v1 v2. intros v1 v2.
apply to_uint_of_int, mod1_in_range2. apply to_uint_of_int, mod1_in_range2.
Qed. Qed.
...@@ -1524,9 +1530,11 @@ Definition mul : t -> t -> t. ...@@ -1524,9 +1530,11 @@ Definition mul : t -> t -> t.
Defined. Defined.
(* Why3 goal *) (* Why3 goal *)
Lemma to_uint_mul : forall (v1:t) (v2:t), ((to_uint (mul v1 Lemma to_uint_mul :
v2)) = (int.EuclideanDivision.mod1 ((to_uint v1) * (to_uint v2))%Z forall (v1:t) (v2:t),
two_power_size)). ((to_uint (mul v1 v2)) =
(int.EuclideanDivision.mod1 ((to_uint v1) * (to_uint v2))%Z
two_power_size)).
intros v1 v2. intros v1 v2.
apply to_uint_of_int, mod1_in_range2. apply to_uint_of_int, mod1_in_range2.
Qed. Qed.
...@@ -1634,9 +1642,11 @@ Lemma lsl_bv_is_lsl : ...@@ -1634,9 +1642,11 @@ Lemma lsl_bv_is_lsl :
Qed. Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma to_uint_lsl : forall (v:t) (n:t), ((to_uint (lsl_bv v Lemma to_uint_lsl :
n)) = (int.EuclideanDivision.mod1 ((to_uint v) * (bv.Pow2int.pow2 (to_uint n)))%Z forall (v:t) (n:t),
two_power_size)). ((to_uint (lsl_bv v n)) =
(int.EuclideanDivision.mod1
((to_uint v) * (bv.Pow2int.pow2 (to_uint n)))%Z two_power_size)).
intros v n. intros v n.
apply to_uint_lsl_aux. apply to_uint_lsl_aux.
Qed. Qed.
...@@ -1735,8 +1745,7 @@ Qed. ...@@ -1735,8 +1745,7 @@ Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Nth_bv_is_nth2 : Lemma Nth_bv_is_nth2 :
forall (x:t) (i:Z), forall (x:t) (i:Z), ((0%Z <= i)%Z /\ (i < two_power_size)%Z) ->
((0%Z <= i)%Z /\ (i < two_power_size)%Z) ->
((nth_bv x (of_int i)) = (nth x i)). ((nth_bv x (of_int i)) = (nth x i)).
intros x i h1. intros x i h1.
rewrite <-Nth_bv_is_nth. rewrite <-Nth_bv_is_nth.
......
...@@ -38,8 +38,7 @@ Qed. ...@@ -38,8 +38,7 @@ Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Power_sum : Lemma Power_sum :
forall (n:Z) (m:Z), forall (n:Z) (m:Z), ((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
((0%Z <= n)%Z /\ (0%Z <= m)%Z) ->
((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z). ((pow2 (n + m)%Z) = ((pow2 n) * (pow2 m))%Z).
unfold pow2. unfold pow2.
intros n m [H1 H2]. intros n m [H1 H2].
......
...@@ -67,27 +67,32 @@ Qed. ...@@ -67,27 +67,32 @@ Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Round_monotonic : Lemma Round_monotonic :
forall (m:floating_point.Rounding.mode) (x:R) (y:R), forall (m:floating_point.Rounding.mode) (x:R) (y:R), (x <= y)%R ->
(x <= y)%R -> ((round m x) <= (round m y))%R. ((round m x) <= (round m y))%R.
now apply Round_monotonic. now apply Round_monotonic.
Qed. Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Round_idempotent : forall (m1:floating_point.Rounding.mode) Lemma Round_idempotent :
(m2:floating_point.Rounding.mode) (x:R), ((round m1 (round m2 forall (m1:floating_point.Rounding.mode) (m2:floating_point.Rounding.mode)
x)) = (round m2 x)). (x:R),
((round m1 (round m2 x)) = (round m2 x)).
now apply Round_idempotent. now apply Round_idempotent.
Qed. Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Round_value : forall (m:floating_point.Rounding.mode) Lemma Round_value :
(x:floating_point.DoubleFormat.double), ((round m (value x)) = (value x)). forall (m:floating_point.Rounding.mode)
(x:floating_point.DoubleFormat.double),
((round m (value x)) = (value x)).
now apply Round_value. now apply Round_value.
Qed. Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Bounded_value : forall (x:floating_point.DoubleFormat.double), Lemma Bounded_value :
((Reals.Rbasic_fun.Rabs (value x)) <= (9007199254740991 * 19958403095347198116563727130368385660674512604354575415025472424372118918689640657849579654926357010893424468441924952439724379883935936607391717982848314203200056729510856765175377214443629871826533567445439239933308104551208703888888552684480441575071209068757560416423584952303440099278848)%R)%R. forall (x:floating_point.DoubleFormat.double),
((Reals.Rbasic_fun.Rabs (value x)) <=
(9007199254740991 * 19958403095347198116563727130368385660674512604354575415025472424372118918689640657849579654926357010893424468441924952439724379883935936607391717982848314203200056729510856765175377214443629871826533567445439239933308104551208703888888552684480441575071209068757560416423584952303440099278848)%R)%R.
now apply Bounded_value. now apply Bounded_value.
Qed. Qed.
...@@ -137,8 +142,8 @@ Defined. ...@@ -137,8 +142,8 @@ Defined.
(* Why3 goal *) (* Why3 goal *)
Lemma Round_logic_def : Lemma Round_logic_def :
forall (m:floating_point.Rounding.mode) (x:R), forall (m:floating_point.Rounding.mode) (x:R), (no_overflow m x) ->
(no_overflow m x) -> ((value (round_logic m x)) = (round m x)). ((value (round_logic m x)) = (round m x)).
Proof. Proof.
exact (Round_logic_def 53 1024 (refl_equal true) (refl_equal true)). exact (Round_logic_def 53 1024 (refl_equal true) (refl_equal true)).
Qed. Qed.
......
...@@ -65,7 +65,8 @@ Qed. ...@@ -65,7 +65,8 @@ Qed.
Lemma Bounded_real_no_overflow : Lemma Bounded_real_no_overflow :
forall (m:floating_point.Rounding.mode) (x:R), forall (m:floating_point.Rounding.mode) (x:R),
((Reals.Rbasic_fun.Rabs x) <= ((Reals.Rbasic_fun.Rabs x) <=
(33554430 * 10141204801825835211973625643008)%R)%R -> no_overflow m x. (33554430 * 10141204801825835211973625643008)%R)%R ->
no_overflow m x.
intros m x Hx. intros m x Hx.
unfold no_overflow. unfold no_overflow.
rewrite max_single_eq in *. rewrite max_single_eq in *.
...@@ -74,22 +75,25 @@ Qed. ...@@ -74,22 +75,25 @@ Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Round_monotonic : Lemma Round_monotonic :
forall (m:floating_point.Rounding.mode) (x:R) (y:R), forall (m:floating_point.Rounding.mode) (x:R) (y:R), (x <= y)%R ->
(x <= y)%R -> ((round m x) <= (round m y))%R. ((round m x) <= (round m y))%R.
apply Round_monotonic. apply Round_monotonic.
easy. easy.
Qed. Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Round_idempotent : forall (m1:floating_point.Rounding.mode) Lemma Round_idempotent :
(m2:floating_point.Rounding.mode) (x:R), ((round m1 (round m2 forall (m1:floating_point.Rounding.mode) (m2:floating_point.Rounding.mode)
x)) = (round m2 x)). (x:R),
((round m1 (round m2 x)) = (round m2 x)).
now apply Round_idempotent. now apply Round_idempotent.
Qed. Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Round_value : forall (m:floating_point.Rounding.mode) Lemma Round_value :
(x:floating_point.SingleFormat.single), ((round m (value x)) = (value x)). forall (m:floating_point.Rounding.mode)
(x:floating_point.SingleFormat.single),
((round m (value x)) = (value x)).
now apply Round_value. now apply Round_value.
Qed. Qed.
...@@ -148,8 +152,8 @@ Defined. ...@@ -148,8 +152,8 @@ Defined.
(* Why3 goal *) (* Why3 goal *)
Lemma Round_logic_def : Lemma Round_logic_def :
forall (m:floating_point.Rounding.mode) (x:R), forall (m:floating_point.Rounding.mode) (x:R), (no_overflow m x) ->
(no_overflow m x) -> ((value (round_logic m x)) = (round m x)). ((value (round_logic m x)) = (round m x)).
Proof. Proof.
intros m x. intros m x.
unfold no_overflow. unfold no_overflow.
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
...@@ -25,7 +25,8 @@ Require Import Zquot. ...@@ -25,7 +25,8 @@ Require Import Zquot.
(* mod1 is replaced with (ZArith.BinInt.Z.rem x x1) by the coq driver *) (* mod1 is replaced with (ZArith.BinInt.Z.rem x x1) by the coq driver *)
(* Why3 goal *) (* Why3 goal *)
Lemma Div_mod : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> Lemma Div_mod :
forall (x:Z) (y:Z), ~ (y = 0%Z) ->
(x = ((y * (ZArith.BinInt.Z.quot x y))%Z + (ZArith.BinInt.Z.rem x y))%Z). (x = ((y * (ZArith.BinInt.Z.quot x y))%Z + (ZArith.BinInt.Z.rem x y))%Z).
intros x y _. intros x y _.
apply Z.quot_rem'. apply Z.quot_rem'.
...@@ -33,8 +34,7 @@ Qed. ...@@ -33,8 +34,7 @@ Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Div_bound : Lemma Div_bound :
forall (x:Z) (y:Z), forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
(0%Z <= (ZArith.BinInt.Z.quot x y))%Z /\ (0%Z <= (ZArith.BinInt.Z.quot x y))%Z /\
((ZArith.BinInt.Z.quot x y) <= x)%Z. ((ZArith.BinInt.Z.quot x y) <= x)%Z.
intros x y (Hx,Hy). intros x y (Hx,Hy).
...@@ -52,8 +52,7 @@ Qed. ...@@ -52,8 +52,7 @@ Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Mod_bound : Lemma Mod_bound :
forall (x:Z) (y:Z), forall (x:Z) (y:Z), ~ (y = 0%Z) ->
~ (y = 0%Z) ->
((-(ZArith.BinInt.Z.abs y))%Z < (ZArith.BinInt.Z.rem x y))%Z /\ ((-(ZArith.BinInt.Z.abs y))%Z < (ZArith.BinInt.Z.rem x y))%Z /\
((ZArith.BinInt.Z.rem x y) < (ZArith.BinInt.Z.abs y))%Z. ((ZArith.BinInt.Z.rem x y) < (ZArith.BinInt.Z.abs y))%Z.
intros x y Zy. intros x y Zy.
...@@ -69,16 +68,16 @@ Qed. ...@@ -69,16 +68,16 @@ Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Div_sign_pos : Lemma Div_sign_pos :
forall (x:Z) (y:Z), forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
((0%Z <= x)%Z /\ (0%Z < y)%Z) -> (0%Z <= (ZArith.BinInt.Z.quot x y))%Z. (0%Z <= (ZArith.BinInt.Z.quot x y))%Z.
intros x y (Hx, Hy). intros x y (Hx, Hy).
now apply Z.quot_pos. now apply Z.quot_pos.
Qed. Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Div_sign_neg : Lemma Div_sign_neg :
forall (x:Z) (y:Z), forall (x:Z) (y:Z), ((x <= 0%Z)%Z /\ (0%Z < y)%Z) ->
((x <= 0%Z)%Z /\ (0%Z < y)%Z) -> ((ZArith.BinInt.Z.quot x y) <= 0%Z)%Z. ((ZArith.BinInt.Z.quot x y) <= 0%Z)%Z.
intros x y (Hx, Hy). intros x y (Hx, Hy).
generalize (Z.quot_pos (-x) y). generalize (Z.quot_pos (-x) y).
rewrite Zquot_opp_l. rewrite Zquot_opp_l.
...@@ -87,22 +86,23 @@ Qed. ...@@ -87,22 +86,23 @@ Qed.
(* Why3 goal *) (* Why3 goal *)
Lemma Mod_sign_pos : Lemma Mod_sign_pos :
forall (x:Z) (y:Z), forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ ~ (y = 0%Z)) ->
((0%Z <= x)%Z /\ ~ (y = 0%Z)) -> (0%Z <= (ZArith.BinInt.Z.rem x y))%Z. (0%Z <= (ZArith.BinInt.Z.rem x y))%Z.
intros x y (Hx, Zy). intros x y (Hx, Zy).