Commit ae1207f9 authored by Raphael Rieu-Helft's avatar Raphael Rieu-Helft
Browse files

Remove the need for the new assertions in reflection example

parent 95d5a31f
......@@ -30,7 +30,7 @@ val add (a b: t) : t
val mul (a b: t) : t
ensures { forall v: cvars. interp result v = interp a v * interp b v }
raises { Unknown -> true } (* removing this is ok ??? *)
raises { Unknown -> true }
val opp (a:t) : t
ensures { forall v: cvars. interp result v = - (interp a v) }
......@@ -687,7 +687,7 @@ use import real.RealInfix
use import real.FromInt
use import int.Abs
meta coercion function from_int
(*meta coercion function from_int*)
type t = (int, int)
type rvars = int -> real
......@@ -941,11 +941,11 @@ end
module MP64Coeffs
use mach.int.UInt64 as M
use import int.Int
use import real.RealInfix
use import real.FromInt
use import real.PowerReal
use RationalCoeffs as Q
use import int.Int
type evars = int -> int
......@@ -1173,9 +1173,7 @@ use LinearDecisionRationalMP as R
use import real.FromInt
use import real.PowerReal
use import real.RealInfix
axiom pow_from_int: forall x y: int. 0 <= x -> 0 <= y ->
pow (from_int x) (from_int y) = from_int (power x y)
use import int.Int
use import list.List
......@@ -1281,7 +1279,19 @@ goal g: forall i x c r: int.
goal g': forall a b i j: int.
0 <= i -> 0 <= j ->
(power radix i) * a = b ->
i = j ->
(power radix j) * a = b
i+1 = j ->
(power radix j) * a = radix*b
end
module TI
use import real.RealInfix
use import int.Int
(*constant y : real = 0.0 + 0.0*)
constant x : int = 0 + 0
goal g: True
end
\ No newline at end of file
......@@ -150,10 +150,10 @@
<proof prover="0" timelimit="5" memlimit="2000"><result status="valid" time="0.00" steps="8"/></proof>
</goal>
<goal name="VC sprod.2" expl="exceptional postcondition" proved="true">
<proof prover="0" timelimit="5" memlimit="2000"><result status="valid" time="0.00" steps="4"/></proof>
<proof prover="2"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="VC sprod.3" expl="exceptional postcondition" proved="true">
<proof prover="2"><result status="valid" time="0.01"/></proof>
<proof prover="0" timelimit="5" memlimit="2000"><result status="valid" time="0.00" steps="4"/></proof>
</goal>
</transf>
</goal>
......@@ -1164,7 +1164,7 @@
<proof prover="2"><result status="valid" time="0.07"/></proof>
</goal>
<goal name="VC linear_decision.13" expl="precondition" proved="true">
<proof prover="0"><result status="valid" time="0.01" steps="21"/></proof>
<proof prover="0"><result status="valid" time="0.02" steps="21"/></proof>
<proof prover="2"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="VC linear_decision.14" expl="precondition" proved="true">
......@@ -1174,24 +1174,24 @@
<proof prover="2"><result status="valid" time="0.06"/></proof>
</goal>
<goal name="VC linear_decision.16" expl="precondition" proved="true">
<proof prover="0"><result status="valid" time="0.02" steps="21"/></proof>
<proof prover="0"><result status="valid" time="0.01" steps="21"/></proof>
<proof prover="2"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="VC linear_decision.17" expl="precondition" proved="true">
<proof prover="0"><result status="valid" time="0.02" steps="39"/></proof>
</goal>
<goal name="VC linear_decision.18" expl="exceptional postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.01" steps="5"/></proof>
<proof prover="2"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="VC linear_decision.19" expl="exceptional postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.02" steps="5"/></proof>
<proof prover="2"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="VC linear_decision.20" expl="exceptional postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.02" steps="5"/></proof>
<proof prover="2"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="VC linear_decision.21" expl="exceptional postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.01" steps="5"/></proof>
<proof prover="2"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="VC linear_decision.22" expl="assertion" proved="true">
......@@ -1222,10 +1222,10 @@
<proof prover="0"><result status="valid" time="0.02" steps="28"/></proof>
</goal>
<goal name="VC linear_decision.31" expl="exceptional postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.01" steps="5"/></proof>
<proof prover="2"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="VC linear_decision.32" expl="exceptional postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.01" steps="5"/></proof>
<proof prover="2"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="VC linear_decision.33" expl="exceptional postcondition" proved="true">
......@@ -1262,10 +1262,10 @@
<proof prover="2"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="VC linear_decision.44" expl="exceptional postcondition" proved="true">
<proof prover="2"><result status="valid" time="0.00"/></proof>
<proof prover="2"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="VC linear_decision.45" expl="exceptional postcondition" proved="true">
<proof prover="2"><result status="valid" time="0.01"/></proof>
<proof prover="2"><result status="valid" time="0.00"/></proof>
</goal>
<goal name="VC linear_decision.46" expl="exceptional postcondition" proved="true">
<proof prover="2"><result status="valid" time="0.00"/></proof>
......@@ -1357,25 +1357,25 @@
<proof prover="2"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="VC linear_decision.74" expl="exceptional postcondition" proved="true">
<proof prover="2"><result status="valid" time="0.01"/></proof>
<proof prover="2"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="VC linear_decision.75" expl="exceptional postcondition" proved="true">
<proof prover="2"><result status="valid" time="0.02"/></proof>
<proof prover="2"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="VC linear_decision.76" expl="exceptional postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.01" steps="5"/></proof>
<proof prover="2"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="VC linear_decision.77" expl="exceptional postcondition" proved="true">
<proof prover="2"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="VC linear_decision.78" expl="exceptional postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.01" steps="5"/></proof>
<proof prover="2"><result status="valid" time="0.02"/></proof>
</goal>
</transf>
</goal>
</theory>
<theory name="RationalCoeffs" proved="true" sum="fe1aa57a33f272e30e4522705a46736e">
<theory name="RationalCoeffs" proved="true" sum="be90a54c7865f871ccb2304590af5ef7">
<goal name="VC rzero" expl="VC for rzero" proved="true">
<proof prover="2"><result status="valid" time="0.02"/></proof>
</goal>
......@@ -1650,7 +1650,7 @@
</transf>
</goal>
</theory>
<theory name="LinearDecisionRational" proved="true" sum="3fdfbafa6a3d689800457f386065e60f">
<theory name="LinearDecisionRational" proved="true" sum="01b97d50e89b6a2127157a5cbf8d5f60">
<goal name="C.A.Assoc" proved="true">
<proof prover="2"><result status="valid" time="0.02"/></proof>
</goal>
......@@ -1735,7 +1735,7 @@
<proof prover="2"><result status="valid" time="0.02"/></proof>
</goal>
</theory>
<theory name="LinearDecisionInt" proved="true" sum="24c91d6dd18ab2a40e2af46ac09a7bd2">
<theory name="LinearDecisionInt" proved="true" sum="20c3dcbe9955f88d9e1ec06237c9afba">
<goal name="VC eq" expl="VC for eq" proved="true">
<proof prover="2"><result status="valid" time="0.02"/></proof>
</goal>
......@@ -1833,7 +1833,7 @@
<proof prover="2"><result status="valid" time="0.06"/></proof>
</goal>
</theory>
<theory name="Test" proved="true" sum="f60a9d51ab3b0979984c34b51181f048">
<theory name="Test" proved="true" sum="b0118a308e50a39f8158806dd7782a8a">
<goal name="g" proved="true">
<transf name="introduce_premises" proved="true" >
<goal name="g.0" proved="true">
......@@ -1866,7 +1866,7 @@
</transf>
</goal>
</theory>
<theory name="TestInt" proved="true" sum="3662016b0713ac9e512166d8f4ab7d16">
<theory name="TestInt" proved="true" sum="20383588d133f3ec4f153cf625f8c976">
<goal name="g" proved="true">
<transf name="reflection_f" proved="true" arg1="int_decision">
<goal name="g.0" expl="reification check" proved="true">
......@@ -1895,7 +1895,7 @@
</transf>
</goal>
</theory>
<theory name="MP64Coeffs" proved="true" sum="4cdbfe284d6b8ce52395dd37551fb155">
<theory name="MP64Coeffs" proved="true" sum="59e49ba42437c8635bc3d6235c8d7438">
<goal name="VC mzero" expl="VC for mzero" proved="true">
<proof prover="2"><result status="valid" time="0.02"/></proof>
</goal>
......@@ -1943,13 +1943,13 @@
<proof prover="2"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="VC add_exp.4" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.04" steps="111"/></proof>
<proof prover="0"><result status="valid" time="0.03" steps="111"/></proof>
</goal>
<goal name="VC add_exp.5" expl="variant decrease" proved="true">
<proof prover="2"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="VC add_exp.6" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.02" steps="17"/></proof>
<proof prover="0"><result status="valid" time="0.04" steps="17"/></proof>
</goal>
<goal name="VC add_exp.7" expl="exceptional postcondition" proved="true">
<proof prover="2"><result status="valid" time="0.01"/></proof>
......@@ -1973,13 +1973,13 @@
<proof prover="2"><result status="valid" time="0.05"/></proof>
</goal>
<goal name="VC add_exp.14" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.03" steps="112"/></proof>
<proof prover="0"><result status="valid" time="0.04" steps="112"/></proof>
</goal>
<goal name="VC add_exp.15" expl="variant decrease" proved="true">
<proof prover="2"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="VC add_exp.16" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.04" steps="17"/></proof>
<proof prover="0"><result status="valid" time="0.02" steps="17"/></proof>
</goal>
<goal name="VC add_exp.17" expl="exceptional postcondition" proved="true">
<proof prover="2"><result status="valid" time="0.01"/></proof>
......@@ -2103,7 +2103,7 @@
<goal name="VC madd" expl="VC for madd" proved="true">
<transf name="split_goal_wp" proved="true" >
<goal name="VC madd.0" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.43" steps="142"/></proof>
<proof prover="0"><result status="valid" time="0.43" steps="163"/></proof>
</goal>
<goal name="VC madd.1" expl="postcondition" proved="true">
<proof prover="2"><result status="valid" time="0.04"/></proof>
......@@ -2190,10 +2190,10 @@
<goal name="VC meq" expl="VC for meq" proved="true">
<transf name="split_goal_wp" proved="true" >
<goal name="VC meq.0" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="1.03" steps="240"/></proof>
<proof prover="0"><result status="valid" time="0.80" steps="227"/></proof>
</goal>
<goal name="VC meq.1" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="1.19" steps="615"/></proof>
<proof prover="0"><result status="valid" time="1.19" steps="660"/></proof>
</goal>
</transf>
</goal>
......@@ -2211,7 +2211,7 @@
</transf>
</goal>
</theory>
<theory name="LinearDecisionRationalMP" proved="true" sum="3f23216855f0f36c1c69c71e34d8bf26">
<theory name="LinearDecisionRationalMP" proved="true" sum="8adbbf7895d3da34c95836be563db5e0">
<goal name="C.A.Assoc" proved="true">
<proof prover="2"><result status="valid" time="0.02"/></proof>
</goal>
......@@ -2285,7 +2285,7 @@
<proof prover="2"><result status="valid" time="0.01"/></proof>
</goal>
</theory>
<theory name="LinearDecisionIntMP" proved="true" sum="c03ba7b7d32ac379944673f2e0218325">
<theory name="LinearDecisionIntMP" proved="true" sum="7688c56eccbff8d73d48e0fb2b031e10">
<goal name="VC mpzero" expl="VC for mpzero" proved="true">
<proof prover="2"><result status="valid" time="0.02"/></proof>
</goal>
......@@ -2388,7 +2388,7 @@
<proof prover="2"><result status="valid" time="0.06"/></proof>
</goal>
<goal name="VC m.0.1" expl="assertion" proved="true">
<proof prover="3"><result status="valid" time="3.58"/></proof>
<proof prover="3"><result status="valid" time="4.10"/></proof>
</goal>
<goal name="VC m.0.2" expl="assertion" proved="true">
<proof prover="0"><result status="valid" time="0.08" steps="68"/></proof>
......@@ -2438,7 +2438,7 @@
<proof prover="2"><result status="valid" time="0.10"/></proof>
</goal>
</theory>
<theory name="TestMP" sum="9b0a49c04203c7831ce301e44e6b0b10">
<theory name="TestMP" proved="true" sum="affc07b7daa8e76697c500d698debc64">
<goal name="g" proved="true">
<transf name="reflection_f" proved="true" arg1="mp_decision">
<goal name="g.0" expl="reification check" proved="true">
......@@ -2480,7 +2480,43 @@
</goal>
</transf>
</goal>
<goal name="g&#39;">
<goal name="g&#39;" proved="true">
<transf name="subst" proved="true" arg1="j">
<goal name="g&#39;.0" proved="true">
<transf name="reflection_f" proved="true" arg1="mp_decision">
<goal name="g&#39;.0.0" expl="reification check" proved="true">
<proof prover="0"><result status="valid" time="0.03" steps="26"/></proof>
</goal>
<goal name="g&#39;.0.1" proved="true">
<proof prover="2"><result status="valid" time="0.08"/></proof>
</goal>
<goal name="g&#39;.0.2" proved="true">
<proof prover="2"><result status="valid" time="0.06"/></proof>
</goal>
<goal name="g&#39;.0.3" proved="true">
<transf name="compute_in_goal" proved="true" >
<goal name="g&#39;.0.3.0" proved="true">
<proof prover="2"><result status="valid" time="0.05"/></proof>
</goal>
</transf>
</goal>
<goal name="g&#39;.0.4" proved="true">
<transf name="compute_in_goal" proved="true" >
<goal name="g&#39;.0.4.0" proved="true">
<proof prover="2"><result status="valid" time="0.05"/></proof>
</goal>
</transf>
</goal>
<goal name="g&#39;.0.5" proved="true">
<proof prover="2"><result status="valid" time="0.02"/></proof>
</goal>
</transf>
</goal>
</transf>
</goal>
</theory>
<theory name="TI" sum="f65ffb4d889019a8435ba0d47668c91d">
<goal name="g">
</goal>
</theory>
</file>
......
......@@ -432,14 +432,11 @@ module N
variant { sz - !i }
label StartLoop in
lx := get_ofs x !i;
assert { (pelts x)[offset x + !i] = !lx };
let (res, carry) = add_with_carry !lx !c limb_zero in
set_ofs r !i res;
assert { value r !i + (power radix !i) * !c =
value x !i + y };
assert { res + radix * carry = !lx + !c }; (* add_with_carry post *)
c := carry;
assert { (pelts r)[offset r + !i] = res };
value_tail r !i;
value_tail x !i;
assert { value r (!i+1) + (power radix (!i+1)) * !c
......
......@@ -2,7 +2,7 @@
module TestInt32
use import int.Int
use import mach.int.Int32
use import mach.int.Int32BV
let mask_111 (x: int32) : int32
ensures { 0 <= to_int result < 8 }
......
......@@ -151,7 +151,19 @@ let rec reify_term renv t rt =
| Papp (cs, _) -> t_app cs [trv] rty
| Pvar _ -> trv
| _ -> assert false in
let t = t_label ?loc:t.t_loc Slab.empty t in
let rec rm t =
let t = match t.t_node with
| Tapp (f,tl) -> t_app f (List.map rm tl) t.t_ty
| Tvar _ | Tconst _ -> t
| Tif (f,t1,t2) -> t_if (rm f) (rm t1) (rm t2)
| Tbinop (op,f1,f2) -> t_binary op (rm f1) (rm f2)
| Tnot f1 -> t_not (rm f1)
| Ttrue | Tfalse -> t
| _ -> t (* FIXME some cases missing *)
in
t_label ?loc:t.t_loc Slab.empty t
in
let t = rm t in
(* remove labels to identify terms that are equal modulo labels *)
if Mterm.mem t renv.store
then
......@@ -274,22 +286,24 @@ let rec reify_term renv t rt =
let (renv, rg) = invert_interp renv leq t in
let renv = { renv with subst = Mvs.add g rg renv.subst } in
if debug then Format.printf "filling context@.";
let rec add_to_ctx (renv, ctx) e =
try
match e.t_node with
| Tquant _ | Teps _ -> (renv, ctx)
| Tbinop (Tand,e1,e2) ->
add_to_ctx (add_to_ctx (renv, ctx) e1) e2
| _ ->
let (renv,req) = invert_interp renv leq e in
(renv,(t_app cons [req; ctx] (Some ty_list_g)))
with
| NoReification -> renv,ctx
in
let renv, ctx =
task_fold
(fun (renv,ctx) td ->
match td.td_node with
| Decl {d_node = Dprop (Paxiom, _, e)}
->
begin try
(match e.t_node with
| Tquant _ | Teps _ | Tbinop _ -> renv, ctx
| _ ->
let (renv,req) = invert_interp renv leq e in
(renv,(t_app cons [req; ctx] (Some ty_list_g))))
with
| NoReification -> renv,ctx
(* | TypeMismatch _ -> raise NoReification*)
end
-> add_to_ctx (renv, ctx) e
| _-> renv,ctx)
(renv, (t_app nil [] (Some ty_list_g))) renv.task in
{ renv with subst = Mvs.add l ctx renv.subst }
......
......@@ -37,7 +37,7 @@ module C
val incr (p:ptr 'a) (ofs:int32) : ptr 'a
requires { p.offset + ofs <= plength p }
ensures { result.offset = p.offset + Int32.to_int ofs }
ensures { result.offset = p.offset + ofs }
ensures { plength result = plength p }
ensures { pelts result = pelts p }
ensures { result.data = p.data }
......@@ -48,8 +48,8 @@ module C
ensures { result = (pelts p)[p.offset] }
let get_ofs (p:ptr 'a) (ofs:int32) : 'a
requires { 0 <= p.offset + Int32.to_int ofs < plength p }
ensures { result = (pelts p)[p.offset + Int32.to_int ofs] }
requires { 0 <= p.offset + ofs < plength p }
ensures { result = (pelts p)[p.offset + ofs] }
= get (incr p ofs)
val set (p:ptr 'a) (v:'a) : unit
......@@ -58,9 +58,10 @@ module C
writes { p.data.elts }
let set_ofs (p:ptr 'a) (ofs:int32) (v:'a) : unit
requires { 0 <= p.offset + Int32.to_int ofs < plength p }
requires { 0 <= p.offset + ofs < plength p }
ensures { pelts p = Map.set (pelts (old p))
(p.offset + Int32.to_int ofs) v }
(p.offset + ofs) v }
ensures { (pelts p)[p.offset + ofs] = v }
writes { p.data.elts }
=
set (incr p ofs) v
......@@ -78,7 +79,7 @@ module C
val malloc (sz:uint32) : ptr 'a
requires { sz > 0 }
ensures { plength result = UInt32.to_int sz \/ plength result = 0 }
ensures { plength result = sz \/ plength result = 0 }
ensures { result.offset = 0 }
val free (p:ptr 'a) : unit
......@@ -87,16 +88,16 @@ module C
ensures { plength p = 0 }
val realloc (p:ptr 'a) (sz:int32) : ptr 'a
requires { Int32.to_int sz > 0 } (* for simplicity, though 0 is legal in C *)
requires { sz > 0 } (* for simplicity, though 0 is legal in C *)
requires { p.offset = 0 }
requires { plength p > 0 }
writes { p.data }
ensures { plength result = Int32.to_int sz \/ plength result = 0 }
ensures { plength result = Int32.to_int sz -> plength p = 0 }
ensures { plength result = Int32.to_int sz ->
forall i:int. 0 <= i < plength (old p) /\ i < Int32.to_int sz ->
ensures { plength result = sz \/ plength result = 0 }
ensures { plength result = sz -> plength p = 0 }
ensures { plength result = sz ->
forall i:int. 0 <= i < plength (old p) /\ i < sz ->
(pelts result)[i] = (pelts (old p))[i] }
ensures { plength result <> Int32.to_int sz -> p = old p }
ensures { plength result <> sz -> p = old p }
val predicate is_not_null (p:ptr 'a) : bool
ensures { result <-> plength p <> 0 }
......
......@@ -120,38 +120,42 @@ module Unsigned
axiom zero_unsigned_is_zero : to_int zero_unsigned = 0
constant radix : int
axiom radix_def : radix = max+1
val add_mod (x y:t) : t
ensures { to_int result = mod (to_int x + to_int y) (max+1) }
val add_with_carry (x y:t) (c:t) : (t,t)
requires { 0 <= to_int c <= 1 }
returns { (r,d) ->
to_int r + (max+1) * to_int d =
to_int r + radix * to_int d =
to_int x + to_int y + to_int c
/\ 0 <= to_int d <= 1 }
val sub_mod (x y:t) : t
ensures { to_int result = mod (to_int x - to_int y) (max+1) }
ensures { to_int result = mod (to_int x - to_int y) radix }
val sub_with_borrow (x y:t) (b:t) : (t,t)
requires { 0 <= to_int b <= 1 }
returns { (r, d) ->
to_int r - (max+1) * to_int d =
to_int r - radix * to_int d =
to_int x - to_int y - to_int b
/\ 0 <= to_int d <= 1 }
val add3 (x y z:t) : (t,t)
returns { (r,d) ->
to_int r + (max+1) * to_int d =
to_int r + radix * to_int d =
to_int x + to_int y + to_int z
/\ 0 <= to_int d <= 2 }
val mul_mod (x y:t) : t
ensures { to_int result = mod (to_int x * to_int y) (max+1) }
ensures { to_int result = mod (to_int x * to_int y) radix }
val mul_double (x y:t) : (t,t)
returns { (r,d) ->
to_int r + (max+1) * to_int d =
to_int r + radix * to_int d =
to_int x * to_int y }
end
......@@ -210,6 +214,19 @@ module Int32
*)
end
module Int32BV
use export Int32
use bv.BV32
val to_bv (x: int32) : BV32.t
ensures { BV32.to_int result = to_int x }
val of_bv (x: BV32.t) : int32
ensures { to_int result = BV32.to_int x }
end
module UInt32
use import int.Int
......@@ -227,6 +244,8 @@ module UInt32
clone export Unsigned with
type t = uint32,
constant max = uint32'maxInt,
constant radix = radix,
goal radix_def,
function to_int = uint32'int,
lemma zero_unsigned_is_zero,
lemma to_int_in_bounds,
......@@ -458,12 +477,14 @@ module UInt64
clone export Unsigned with
type t = uint64,
constant max = uint64'maxInt,
constant radix = radix,
goal radix_def,
function to_int = uint64'int,
lemma zero_unsigned_is_zero,
lemma to_int_in_bounds,
lemma extensionality
val lsld (x cnt:uint64) : (uint64,uint64)
val lsld (x cnt:uint64) : (uint64,uint64)
requires { 0 < to_int cnt < 64 }
returns { (r,d) -> to_int r + (max_uint64+1) * to_int d =
(power 2 (to_int cnt)) * to_int x }
......
......@@ -302,6 +302,13 @@ theory PowerReal
lemma Pow_half:
forall x:real. x > 0.0 -> pow x 0.5 = sqrt x
use import FromInt
use import int.Power
axiom pow_from_int: forall x y: int. Int.(<=) 0 x -> Int.(<=) 0 y ->
pow (from_int x) (from_int y) = from_int (power x y)
end
(** {2 Trigonometric Functions}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment