Commit f945cbf6 by Guillaume Melquiond

### Update parts of Coq realizations whose printing looks sane.

parent ecb58b34
 ... @@ -22,7 +22,7 @@ Require int.Int. ... @@ -22,7 +22,7 @@ Require int.Int. Lemma abs_def : Lemma abs_def : forall (x:Z), forall (x:Z), ((0%Z <= x)%Z -> ((ZArith.BinInt.Z.abs x) = x)) /\ ((0%Z <= x)%Z -> ((ZArith.BinInt.Z.abs x) = x)) /\ ((~ (0%Z <= x)%Z) -> ((ZArith.BinInt.Z.abs x) = (-x)%Z)). (~ (0%Z <= x)%Z -> ((ZArith.BinInt.Z.abs x) = (-x)%Z)). intros x. intros x. split ; intros H. split ; intros H. now apply Zabs_eq. now apply Zabs_eq. ... ...
 ... @@ -35,8 +35,8 @@ Qed. ... @@ -35,8 +35,8 @@ Qed. Lemma Div_bound : Lemma Div_bound : forall (x:Z) (y:Z), forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> ((0%Z <= (ZArith.BinInt.Z.quot x y))%Z /\ (0%Z <= (ZArith.BinInt.Z.quot x y))%Z /\ ((ZArith.BinInt.Z.quot x y) <= x)%Z). ((ZArith.BinInt.Z.quot x y) <= x)%Z. intros x y (Hx,Hy). intros x y (Hx,Hy). split. split. now apply Z.quot_pos. now apply Z.quot_pos. ... @@ -53,9 +53,9 @@ Qed. ... @@ -53,9 +53,9 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma Mod_bound : Lemma Mod_bound : forall (x:Z) (y:Z), forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ~ (y = 0%Z) -> (((-(ZArith.BinInt.Z.abs y))%Z < (ZArith.BinInt.Z.rem x y))%Z /\ ((-(ZArith.BinInt.Z.abs y))%Z < (ZArith.BinInt.Z.rem x y))%Z /\ ((ZArith.BinInt.Z.rem x y) < (ZArith.BinInt.Z.abs y))%Z). ((ZArith.BinInt.Z.rem x y) < (ZArith.BinInt.Z.abs y))%Z. intros x y Zy. intros x y Zy. destruct (Zle_or_lt 0 x) as [Hx|Hx]. destruct (Zle_or_lt 0 x) as [Hx|Hx]. refine ((fun H => conj (Zlt_le_trans _ 0 _ _ (proj1 H)) (proj2 H)) _). refine ((fun H => conj (Zlt_le_trans _ 0 _ _ (proj1 H)) (proj2 H)) _). ... @@ -103,7 +103,8 @@ Qed. ... @@ -103,7 +103,8 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma Rounds_toward_zero : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> Lemma Rounds_toward_zero : forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ((ZArith.BinInt.Z.abs ((ZArith.BinInt.Z.quot x y) * y)%Z) <= (ZArith.BinInt.Z.abs x))%Z. ((ZArith.BinInt.Z.abs ((ZArith.BinInt.Z.quot x y) * y)%Z) <= (ZArith.BinInt.Z.abs x))%Z. intros x y Zy. intros x y Zy. rewrite Zmult_comm. rewrite Zmult_comm. zify. zify. ... ...
 ... @@ -32,8 +32,7 @@ Defined. ... @@ -32,8 +32,7 @@ Defined. (* Why3 goal *) (* Why3 goal *) Lemma Div_mod : Lemma Div_mod : forall (x:Z) (y:Z), forall (x:Z) (y:Z), ~ (y = 0%Z) -> (x = ((y * (div x y))%Z + (mod1 x y))%Z). (~ (y = 0%Z)) -> (x = ((y * (div x y))%Z + (mod1 x y))%Z). intros x y Zy. intros x y Zy. unfold mod1, div. unfold mod1, div. case Z_le_dec ; intros H ; ring. case Z_le_dec ; intros H ; ring. ... @@ -42,8 +41,8 @@ Qed. ... @@ -42,8 +41,8 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma Mod_bound : Lemma Mod_bound : forall (x:Z) (y:Z), forall (x:Z) (y:Z), (~ (y = 0%Z)) -> ~ (y = 0%Z) -> ((0%Z <= (mod1 x y))%Z /\ ((mod1 x y) < (ZArith.BinInt.Z.abs y))%Z). (0%Z <= (mod1 x y))%Z /\ ((mod1 x y) < (ZArith.BinInt.Z.abs y))%Z. intros x y Zy. intros x y Zy. zify. zify. assert (H1 := Z_mod_neg x y). assert (H1 := Z_mod_neg x y). ... @@ -59,7 +58,7 @@ Qed. ... @@ -59,7 +58,7 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma Div_unique : forall (x:Z) (y:Z) (q:Z), (0%Z < y)%Z -> Lemma Div_unique : forall (x:Z) (y:Z) (q:Z), (0%Z < y)%Z -> ((((q * y)%Z <= x)%Z /\ (x < ((q * y)%Z + y)%Z)%Z) -> ((div x y) = q)). (((q * y)%Z <= x)%Z /\ (x < ((q * y)%Z + y)%Z)%Z) -> ((div x y) = q). intros x y q h1 (h2,h3). intros x y q h1 (h2,h3). assert (h:(~(y=0))%Z) by omega. assert (h:(~(y=0))%Z) by omega. generalize (Mod_bound x y h); intro h0. generalize (Mod_bound x y h); intro h0. ... @@ -82,8 +81,7 @@ Qed. ... @@ -82,8 +81,7 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma Div_bound : Lemma Div_bound : forall (x:Z) (y:Z), forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> (0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z. ((0%Z <= (div x y))%Z /\ ((div x y) <= x)%Z). intros x y (Hx,Hy). intros x y (Hx,Hy). unfold div. unfold div. case Z_le_dec ; intros H. case Z_le_dec ; intros H. ... @@ -161,7 +159,7 @@ rewrite Z_div_same_full; auto with zarith. ... @@ -161,7 +159,7 @@ rewrite Z_div_same_full; auto with zarith. Qed. Qed. (* Why3 goal *) (* Why3 goal *) Lemma Mod_0 : forall (y:Z), (~ (y = 0%Z)) -> ((mod1 0%Z y) = 0%Z). Lemma Mod_0 : forall (y:Z), ~ (y = 0%Z) -> ((mod1 0%Z y) = 0%Z). intros y Hy. intros y Hy. unfold mod1, div. unfold mod1, div. rewrite Zmod_0_l. rewrite Zmod_0_l. ... ...
 ... @@ -128,13 +128,13 @@ Qed. ... @@ -128,13 +128,13 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma Trans : Lemma Trans : forall (x:Z) (y:Z) (z:Z), (x <= y)%Z -> ((y <= z)%Z -> (x <= z)%Z). forall (x:Z) (y:Z) (z:Z), (x <= y)%Z -> (y <= z)%Z -> (x <= z)%Z. Proof. Proof. exact Zle_trans. exact Zle_trans. Qed. Qed. (* Why3 goal *) (* Why3 goal *) Lemma Antisymm : forall (x:Z) (y:Z), (x <= y)%Z -> ((y <= x)%Z -> (x = y)). Lemma Antisymm : forall (x:Z) (y:Z), (x <= y)%Z -> (y <= x)%Z -> (x = y). Proof. Proof. exact Zle_antisym. exact Zle_antisym. Qed. Qed. ... @@ -167,7 +167,7 @@ Qed. ... @@ -167,7 +167,7 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma CompatOrderMult : Lemma CompatOrderMult : forall (x:Z) (y:Z) (z:Z), forall (x:Z) (y:Z) (z:Z), (x <= y)%Z -> ((0%Z <= z)%Z -> ((x * z)%Z <= (y * z)%Z)%Z). (x <= y)%Z -> (0%Z <= z)%Z -> ((x * z)%Z <= (y * z)%Z)%Z. Proof. Proof. exact Zmult_le_compat_r. exact Zmult_le_compat_r. Qed. Qed. ... ...
 ... @@ -22,7 +22,7 @@ Require int.Int. ... @@ -22,7 +22,7 @@ Require int.Int. Lemma min_def : Lemma min_def : forall (x:Z) (y:Z), forall (x:Z) (y:Z), ((x <= y)%Z -> ((ZArith.BinInt.Z.min x y) = x)) /\ ((x <= y)%Z -> ((ZArith.BinInt.Z.min x y) = x)) /\ ((~ (x <= y)%Z) -> ((ZArith.BinInt.Z.min x y) = y)). (~ (x <= y)%Z -> ((ZArith.BinInt.Z.min x y) = y)). Proof. Proof. intros x y. intros x y. split ; intros H. split ; intros H. ... @@ -38,7 +38,7 @@ Qed. ... @@ -38,7 +38,7 @@ Qed. Lemma max_def : Lemma max_def : forall (x:Z) (y:Z), forall (x:Z) (y:Z), ((x <= y)%Z -> ((ZArith.BinInt.Z.max x y) = y)) /\ ((x <= y)%Z -> ((ZArith.BinInt.Z.max x y) = y)) /\ ((~ (x <= y)%Z) -> ((ZArith.BinInt.Z.max x y) = x)). (~ (x <= y)%Z -> ((ZArith.BinInt.Z.max x y) = x)). Proof. Proof. intros x y. intros x y. split ; intros H. split ; intros H. ... ...
 ... @@ -67,7 +67,7 @@ Qed. ... @@ -67,7 +67,7 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma Numof_bounds : Lemma Numof_bounds : forall (p:(Z -> bool)) (a:Z) (b:Z), forall (p:(Z -> bool)) (a:Z) (b:Z), (a < b)%Z -> ((0%Z <= (numof p a b))%Z /\ ((numof p a b) <= (b - a)%Z)%Z). (a < b)%Z -> (0%Z <= (numof p a b))%Z /\ ((numof p a b) <= (b - a)%Z)%Z. Proof. Proof. intros p a b h1. intros p a b h1. unfold numof. unfold numof. ... @@ -125,8 +125,9 @@ Proof. ... @@ -125,8 +125,9 @@ Proof. Qed. Qed. (* Why3 goal *) (* Why3 goal *) Lemma Numof_left_no_add : forall (p:(Z -> bool)) (a:Z) (b:Z), (a < b)%Z -> Lemma Numof_left_no_add : ((~ ((p a) = true)) -> ((numof p a b) = (numof p (a + 1%Z)%Z b))). forall (p:(Z -> bool)) (a:Z) (b:Z), (a < b)%Z -> ~ ((p a) = true) -> ((numof p a b) = (numof p (a + 1%Z)%Z b)). Proof. Proof. intros p a b h1 h2. intros p a b h1 h2. rewrite Numof_append with (b := (a+1)%Z) by omega. rewrite Numof_append with (b := (a+1)%Z) by omega. ... @@ -169,8 +170,8 @@ Qed. ... @@ -169,8 +170,8 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma Full : forall (p:(Z -> bool)) (a:Z) (b:Z), (a <= b)%Z -> Lemma Full : forall (p:(Z -> bool)) (a:Z) (b:Z), (a <= b)%Z -> ((forall (n:Z), ((a <= n)%Z /\ (n < b)%Z) -> ((p n) = true)) -> ((numof p a (forall (n:Z), ((a <= n)%Z /\ (n < b)%Z) -> ((p n) = true)) -> b) = (b - a)%Z)). ((numof p a b) = (b - a)%Z). Proof. Proof. intros p a b h1. intros p a b h1. pattern b. pattern b. ... @@ -234,7 +235,7 @@ Qed. ... @@ -234,7 +235,7 @@ Qed. Lemma numof_strictly_increasing : Lemma numof_strictly_increasing : forall (p:(Z -> bool)) (i:Z) (j:Z) (k:Z) (l:Z), forall (p:(Z -> bool)) (i:Z) (j:Z) (k:Z) (l:Z), ((i <= j)%Z /\ ((j <= k)%Z /\ (k < l)%Z)) -> ((i <= j)%Z /\ ((j <= k)%Z /\ (k < l)%Z)) -> (((p k) = true) -> ((numof p i j) < (numof p i l))%Z). ((p k) = true) -> ((numof p i j) < (numof p i l))%Z. Proof. Proof. intros p i j k l (h1,(h2,h3)) h4. intros p i j k l (h1,(h2,h3)) h4. rewrite (Numof_append p i j l) by omega. rewrite (Numof_append p i j l) by omega. ... @@ -243,9 +244,11 @@ apply numof_pos with (k := k); auto with zarith. ... @@ -243,9 +244,11 @@ apply numof_pos with (k := k); auto with zarith. Qed. Qed. (* Why3 goal *) (* Why3 goal *) Lemma numof_change_any : forall (p1:(Z -> bool)) (p2:(Z -> bool)) (a:Z) Lemma numof_change_any : (b:Z), (forall (j:Z), ((a <= j)%Z /\ (j < b)%Z) -> (((p1 j) = true) -> ((p2 forall (p1:(Z -> bool)) (p2:(Z -> bool)) (a:Z) (b:Z), j) = true))) -> ((numof p1 a b) <= (numof p2 a b))%Z. (forall (j:Z), ((a <= j)%Z /\ (j < b)%Z) -> ((p1 j) = true) -> ((p2 j) = true)) -> ((numof p1 a b) <= (numof p2 a b))%Z. Proof. Proof. intros p1 p2 a b. intros p1 p2 a b. case (Z_lt_le_dec a b); intro; [|rewrite Numof_empty, Numof_empty; omega]. case (Z_lt_le_dec a b); intro; [|rewrite Numof_empty, Numof_empty; omega]. ... @@ -265,10 +268,12 @@ Proof. ... @@ -265,10 +268,12 @@ Proof. Qed. Qed. (* Why3 goal *) (* Why3 goal *) Lemma numof_change_some : forall (p1:(Z -> bool)) (p2:(Z -> bool)) (a:Z) Lemma numof_change_some : (b:Z) (i:Z), ((a <= i)%Z /\ (i < b)%Z) -> ((forall (j:Z), ((a <= j)%Z /\ forall (p1:(Z -> bool)) (p2:(Z -> bool)) (a:Z) (b:Z) (i:Z), (j < b)%Z) -> (((p1 j) = true) -> ((p2 j) = true))) -> ((~ ((p1 ((a <= i)%Z /\ (i < b)%Z) -> i) = true)) -> (((p2 i) = true) -> ((numof p1 a b) < (numof p2 a b))%Z))). (forall (j:Z), ((a <= j)%Z /\ (j < b)%Z) -> ((p1 j) = true) -> ((p2 j) = true)) -> ~ ((p1 i) = true) -> ((p2 i) = true) -> ((numof p1 a b) < (numof p2 a b))%Z. Proof. Proof. intros p1 p2 a b i (h1,h2) h3 h4 h5. intros p1 p2 a b i (h1,h2) h3 h4 h5. generalize (Z_le_lt_eq_dec _ _ (numof_change_any p1 p2 a b h3)). generalize (Z_le_lt_eq_dec _ _ (numof_change_any p1 p2 a b h3)). ... @@ -293,7 +298,7 @@ Qed. ... @@ -293,7 +298,7 @@ Qed. Lemma numof_change_equiv : Lemma numof_change_equiv : forall (p1:(Z -> bool)) (p2:(Z -> bool)) (a:Z) (b:Z), forall (p1:(Z -> bool)) (p2:(Z -> bool)) (a:Z) (b:Z), (forall (j:Z), (forall (j:Z), ((a <= j)%Z /\ (j < b)%Z) -> (((p1 j) = true) <-> ((p2 j) = true))) -> ((a <= j)%Z /\ (j < b)%Z) -> ((p1 j) = true) <-> ((p2 j) = true)) -> ((numof p2 a b) = (numof p1 a b)). ((numof p2 a b) = (numof p1 a b)). Proof. Proof. intros p1 p2 a b h1. intros p1 p2 a b h1. ... ...
 ... @@ -32,7 +32,7 @@ Lemma nth_def : ... @@ -32,7 +32,7 @@ Lemma nth_def : | Init.Datatypes.nil => ((nth n l) = Init.Datatypes.None) | Init.Datatypes.nil => ((nth n l) = Init.Datatypes.None) | (Init.Datatypes.cons x r) => | (Init.Datatypes.cons x r) => ((n = 0%Z) -> ((nth n l) = (Init.Datatypes.Some x))) /\ ((n = 0%Z) -> ((nth n l) = (Init.Datatypes.Some x))) /\ ((~ (n = 0%Z)) -> ((nth n l) = (nth (n - 1%Z)%Z r))) (~ (n = 0%Z) -> ((nth n l) = (nth (n - 1%Z)%Z r))) end. end. Proof. Proof. intros a a_WT n l. intros a a_WT n l. ... ...
 ... @@ -38,7 +38,7 @@ Lemma num_occ_def : ... @@ -38,7 +38,7 @@ Lemma num_occ_def : | Init.Datatypes.nil => ((num_occ x l) = 0%Z) | Init.Datatypes.nil => ((num_occ x l) = 0%Z) | (Init.Datatypes.cons y r) => | (Init.Datatypes.cons y r) => ((x = y) -> ((num_occ x l) = (1%Z + (num_occ x r))%Z)) /\ ((x = y) -> ((num_occ x l) = (1%Z + (num_occ x r))%Z)) /\ ((~ (x = y)) -> ((num_occ x l) = (0%Z + (num_occ x r))%Z)) (~ (x = y) -> ((num_occ x l) = (0%Z + (num_occ x r))%Z)) end. end. Proof. Proof. intros a a_WT x [|y r]. intros a a_WT x [|y r]. ... ...
 ... @@ -44,7 +44,7 @@ Qed. ... @@ -44,7 +44,7 @@ Qed. Lemma Permut_trans : Lemma Permut_trans : forall {a:Type} {a_WT:WhyType a}, forall {a:Type} {a_WT:WhyType a}, forall (l1:(list a)) (l2:(list a)) (l3:(list a)), forall (l1:(list a)) (l2:(list a)) (l3:(list a)), (permut l1 l2) -> ((permut l2 l3) -> (permut l1 l3)). (permut l1 l2) -> (permut l2 l3) -> (permut l1 l3). Proof. Proof. intros a a_WT l1 l2 l3 h1 h2 x. intros a a_WT l1 l2 l3 h1 h2 x. now rewrite h1. now rewrite h1. ... @@ -119,7 +119,7 @@ Qed. ... @@ -119,7 +119,7 @@ Qed. Lemma Permut_mem : Lemma Permut_mem : forall {a:Type} {a_WT:WhyType a}, forall {a:Type} {a_WT:WhyType a}, forall (x:a) (l1:(list a)) (l2:(list a)), forall (x:a) (l1:(list a)) (l2:(list a)), (permut l1 l2) -> ((list.Mem.mem x l1) -> (list.Mem.mem x l2)). (permut l1 l2) -> (list.Mem.mem x l1) -> (list.Mem.mem x l2). Proof. Proof. intros a a_WT x l1 l2 h1 h2. intros a a_WT x l1 l2 h1 h2. apply NumOcc.Mem_Num_Occ. apply NumOcc.Mem_Num_Occ. ... ...
 ... @@ -46,7 +46,7 @@ Lemma set_def : ... @@ -46,7 +46,7 @@ Lemma set_def : forall {a:Type} {a_WT:WhyType a} {b:Type} {b_WT:WhyType b}, forall {a:Type} {a_WT:WhyType a} {b:Type} {b_WT:WhyType b}, forall (f:(a -> b)) (x:a) (v:b) (y:a), forall (f:(a -> b)) (x:a) (v:b) (y:a), ((y = x) -> (((set f x v) y) = v)) /\ ((y = x) -> (((set f x v) y) = v)) /\ ((~ (y = x)) -> (((set f x v) y) = (f y))). (~ (y = x) -> (((set f x v) y) = (f y))). Proof. Proof. intros a a_WT b b_WT f x v y. intros a a_WT b b_WT f x v y. unfold set. unfold set. ... ...
 ... @@ -233,12 +233,12 @@ Definition surjective (a:(Z -> Z)) (n:Z) : Prop := ... @@ -233,12 +233,12 @@ Definition surjective (a:(Z -> Z)) (n:Z) : Prop := (* Why3 assumption *) (* Why3 assumption *) Definition range (a:(Z -> Z)) (n:Z) : Prop := Definition range (a:(Z -> Z)) (n:Z) : Prop := forall (i:Z), forall (i:Z), ((0%Z <= i)%Z /\ (i < n)%Z) -> ((0%Z <= (a i))%Z /\ ((a i) < n)%Z). ((0%Z <= i)%Z /\ (i < n)%Z) -> (0%Z <= (a i))%Z /\ ((a i) < n)%Z. (* Why3 goal *) (* Why3 goal *) Lemma injective_surjective : Lemma injective_surjective : forall (a:(Z -> Z)) (n:Z), forall (a:(Z -> Z)) (n:Z), (injective a n) -> ((range a n) -> (surjective a n)). (injective a n) -> (range a n) -> (surjective a n). Proof. Proof. unfold injective, range, surjective. unfold injective, range, surjective. intros a n h1 h2. intros a n h1 h2. ... ...
 ... @@ -135,7 +135,7 @@ Qed. ... @@ -135,7 +135,7 @@ Qed. Lemma occ_bounds : Lemma occ_bounds : forall {a:Type} {a_WT:WhyType a}, forall {a:Type} {a_WT:WhyType a}, forall (v:a) (m:(Z -> a)) (l:Z) (u:Z), forall (v:a) (m:(Z -> a)) (l:Z) (u:Z), (l <= u)%Z -> ((0%Z <= (occ v m l u))%Z /\ ((occ v m l u) <= (u - l)%Z)%Z). (l <= u)%Z -> (0%Z <= (occ v m l u))%Z /\ ((occ v m l u) <= (u - l)%Z)%Z. Proof. Proof. intros a a_WT v m l u h1. intros a a_WT v m l u h1. cut (0 <= u - l)%Z. 2: omega. cut (0 <= u - l)%Z. 2: omega. ... ...
 ... @@ -76,7 +76,7 @@ Qed. ... @@ -76,7 +76,7 @@ Qed. Lemma Euclid : Lemma Euclid : forall (p:Z) (a:Z) (b:Z), forall (p:Z) (a:Z) (b:Z), ((number.Prime.prime p) /\ (number.Divisibility.divides p (a * b)%Z)) -> ((number.Prime.prime p) /\ (number.Divisibility.divides p (a * b)%Z)) -> ((number.Divisibility.divides p a) \/ (number.Divisibility.divides p b)). (number.Divisibility.divides p a) \/ (number.Divisibility.divides p b). intros p a b (h1,h2). intros p a b (h1,h2). apply Znumtheory.prime_mult; auto. apply Znumtheory.prime_mult; auto. now rewrite <- Prime.prime_is_Zprime. now rewrite <- Prime.prime_is_Zprime. ... ...
 ... @@ -24,7 +24,7 @@ Require number.Parity. ... @@ -24,7 +24,7 @@ Require number.Parity. (* Why3 assumption *) (* Why3 assumption *) Definition divides (d:Z) (n:Z) : Prop := Definition divides (d:Z) (n:Z) : Prop := ((d = 0%Z) -> (n = 0%Z)) /\ ((d = 0%Z) -> (n = 0%Z)) /\ ((~ (d = 0%Z)) -> ((ZArith.BinInt.Z.rem n d) = 0%Z)). (~ (d = 0%Z) -> ((ZArith.BinInt.Z.rem n d) = 0%Z)). *) *) ... @@ -100,7 +100,7 @@ Qed. ... @@ -100,7 +100,7 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma divides_plusr : Lemma divides_plusr : forall (a:Z) (b:Z) (c:Z), forall (a:Z) (b:Z) (c:Z), (divides a b) -> ((divides a c) -> (divides a (b + c)%Z)). (divides a b) -> (divides a c) -> (divides a (b + c)%Z). Proof. Proof. exact Zdivide_plus_r. exact Zdivide_plus_r. Qed. Qed. ... @@ -108,7 +108,7 @@ Qed. ... @@ -108,7 +108,7 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma divides_minusr : Lemma divides_minusr : forall (a:Z) (b:Z) (c:Z), forall (a:Z) (b:Z) (c:Z), (divides a b) -> ((divides a c) -> (divides a (b - c)%Z)). (divides a b) -> (divides a c) -> (divides a (b - c)%Z). Proof. Proof. exact Zdivide_minus_l. exact Zdivide_minus_l. Qed. Qed. ... @@ -142,7 +142,7 @@ Qed. ... @@ -142,7 +142,7 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma divides_n_1 : Lemma divides_n_1 : forall (n:Z), (divides n 1%Z) -> ((n = 1%Z) \/ (n = (-1%Z)%Z)). forall (n:Z), (divides n 1%Z) -> (n = 1%Z) \/ (n = (-1%Z)%Z). Proof. Proof. exact Zdivide_1. exact Zdivide_1. Qed. Qed. ... @@ -150,14 +150,14 @@ Qed. ... @@ -150,14 +150,14 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma divides_antisym : Lemma divides_antisym : forall (a:Z) (b:Z), forall (a:Z) (b:Z), (divides a b) -> ((divides b a) -> ((a = b) \/ (a = (-b)%Z))). (divides a b) -> (divides b a) -> (a = b) \/ (a = (-b)%Z). Proof. Proof. exact Zdivide_antisym. exact Zdivide_antisym. Qed. Qed. (* Why3 goal *) (* Why3 goal *) Lemma divides_trans : Lemma divides_trans : forall (a:Z) (b:Z) (c:Z), (divides a b) -> ((divides b c) -> (divides a c)). forall (a:Z) (b:Z) (c:Z), (divides a b) -> (divides b c) -> (divides a c). Proof. Proof. exact Zdivide_trans. exact Zdivide_trans. Qed. Qed. ... @@ -172,8 +172,9 @@ Qed. ... @@ -172,8 +172,9 @@ Qed. Import EuclideanDivision. Import EuclideanDivision. (* Why3 goal *) (* Why3 goal *) Lemma mod_divides_euclidean : forall (a:Z) (b:Z), (~ (b = 0%Z)) -> Lemma mod_divides_euclidean : (((int.EuclideanDivision.mod1 a b) = 0%Z) -> (divides b a)). forall (a:Z) (b:Z), ~ (b = 0%Z) -> ((int.EuclideanDivision.mod1 a b) = 0%Z) -> (divides b a). Proof. Proof. intros a b Zb H. intros a b Zb H. exists (div a b). exists (div a b). ... @@ -183,8 +184,9 @@ ring. ... @@ -183,8 +184,9 @@ ring. Qed. Qed. (* Why3 goal *) (* Why3 goal *) Lemma divides_mod_euclidean : forall (a:Z) (b:Z), (~ (b = 0%Z)) -> ((divides Lemma divides_mod_euclidean : b a) -> ((int.EuclideanDivision.mod1 a b) = 0%Z)). forall (a:Z) (b:Z), ~ (b = 0%Z) -> (divides b a) -> ((int.EuclideanDivision.mod1 a b) = 0%Z). Proof. Proof. intros a b Zb H. intros a b Zb H. assert (Zmod a b = Z0). assert (Zmod a b = Z0). ... @@ -200,7 +202,7 @@ Qed. ... @@ -200,7 +202,7 @@ Qed. (* Why3 goal *) (* Why3 goal *) Lemma mod_divides_computer : Lemma mod_divides_computer : forall (a:Z) (b:Z), forall (a:Z) (b:Z), (~ (b = 0%Z)) -> (((ZArith.BinInt.Z.rem a b) = 0%Z) -> (divides b a)). ~ (b = 0%Z) -> ((ZArith.BinInt.Z.rem a b) = 0%Z) -> (divides b a). Proof. Proof. intros a b Zb H.