Commit b67fb7c0 authored by Andrei Paskevich's avatar Andrei Paskevich

update sessions

parent 61127a19
This source diff could not be displayed because it is too large. You can view the blob instead.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
......@@ -24,7 +24,7 @@
locfile="../arm.mlw"
loclnum="16" loccnumb="6" loccnume="20"
expl="VC for insertion_sort"
sum="0253f804b94902a25f1e77e1d4c459c1"
sum="7a48ddec008b758b68d1b8f7bf242745"
proved="false"
expanded="false"
shape="iainfix <=V6c45Aainfix =V7c9Aainfix <=c0V0iainfix <ainfix -c10V16ainfix -c10V5Aainfix <=c0ainfix -c10V5Aainfix <=ainfix *c2V12ainfix *ainfix -V16c2ainfix -V16c1Aainfix =V10ainfix -V16c2AainvV14Aainfix <=V16c11Aainfix <=c2V16Iainfix =V16ainfix +V5c1Fainfix <V22V11Aainfix <=c0V11Aainfix <=ainfix *c2V17ainfix +ainfix *ainfix -V5c2ainfix -V5c1ainfix *c2ainfix -V5V22Aainvamk arrayV0V21Aainfix <=V22V5Aainfix <=c1V22Iainfix =V22ainfix -V11c1FIainfix =V21asetV19V20agetV13V11Aainfix <=c0V0FAainfix <V20V0Aainfix <=c0V20Lainfix -V11c1Iainfix =V19asetV13V11agetV13V18Aainfix <=c0V0FAainfix <V11V0Aainfix <=c0V11Aainfix <V18V0Aainfix <=c0V18Lainfix -V11c1Aainfix <V11V0Aainfix <=c0V11Iainfix =V17ainfix +V12c1Fainfix <agetV13V11agetV13V15Aainfix <V11V0Aainfix <=c0V11Aainfix <V15V0Aainfix <=c0V15Aainfix <=c0V0Lainfix -V11c1Iainfix <=ainfix *c2V12ainfix +ainfix *ainfix -V5c2ainfix -V5c1ainfix *c2ainfix -V5V11AainvV14Aainfix <=V11V5Aainfix <=c1V11Lamk arrayV0V13FAainfix <=ainfix *c2V6ainfix +ainfix *ainfix -V5c2ainfix -V5c1ainfix *c2ainfix -V5V5AainvV9Aainfix <=V5V5Aainfix <=c1V5Iainfix =V10ainfix +V7c1Fainfix <=V5c10Iainfix <=ainfix *c2V6ainfix *ainfix -V5c2ainfix -V5c1Aainfix =V7ainfix -V5c2AainvV9Aainfix <=V5c11Aainfix <=c2V5Lamk arrayV0V8FAainfix <=ainfix *c2V1ainfix *ainfix -c2c2ainfix -c2c1Aainfix =V2ainfix -c2c2AainvV4Aainfix <=c2c11Aainfix <=c2c2Iainfix =V1c0Aainfix =V2c0AainvV4Aainfix <=c0V0Lamk arrayV0V3FF">
......@@ -50,7 +50,7 @@
locfile="../arm.mlw"
loclnum="120" loccnumb="6" loccnume="18"
expl="VC for path_init_l2"
sum="beb23c3645199bfd98a3ca8ba1a81b49"
sum="b7f073634088aae7b5aaf2b40c15baf4"
proved="true"
expanded="true"
shape="ainv_l2V5V0V2Iainfix =V5amixfix [<-]V1ainfix -V0c16V4FIainfix =V4c2FIainfix =V3c0FIainfix =V2c0FIainvV1AaseparationV0F">
......@@ -78,7 +78,7 @@
locfile="../arm.mlw"
loclnum="127" loccnumb="6" loccnume="18"
expl="VC for path_l2_exit"
sum="25c0115faf8097c35ae492323795ad51"
sum="7985bd31cb47c770cc076d13e2aa0786"
proved="true"
expanded="true"
shape="ainfix =V0c9Iainfix =V4aFalseIainfix <=V3c10qainfix =V4aTrueFIainfix =V3amixfix []V2ainfix -V1c16FIainv_l2V2V1V0AaseparationV1F">
......
......@@ -24,7 +24,7 @@
locfile="../assigning_meanings_to_programs.mlw"
loclnum="12" loccnumb="6" loccnume="9"
expl="VC for sum"
sum="6ec85216e9bf59221efb91729e5526a9"
sum="a22a8b12b1c0d38016349831b652911b"
proved="true"
expanded="true"
shape="iainfix =V3asumV1c1ainfix +V2c1ainfix <ainfix -V2V6ainfix -V2V4Aainfix <=c0ainfix -V2V4Aainfix =V5asumV1c1V6Aainfix <=V6ainfix +V2c1Aainfix <=c1V6Iainfix =V6ainfix +V4c1FIainfix =V5ainfix +V3agetV1V4FAainfix <V4V0Aainfix <=c0V4ainfix <=V4V2Iainfix =V3asumV1c1V4Aainfix <=V4ainfix +V2c1Aainfix <=c1V4FAainfix =c0asumV1c1c1Aainfix <=c1ainfix +V2c1Aainfix <=c1c1Iainfix <V2V0Aainfix <=c0V2Aainfix <=c0V0F">
......
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
(* This file is generated by Why3's Coq driver *)
(* This file is generated by Why3's Coq 8.4 driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require bool.Bool.
Require int.Int.
Require int.Abs.
Require int.EuclideanDivision.
......@@ -148,13 +149,24 @@ Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z).
Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
Axiom Div_pow : forall (x:Z) (i:Z), (((pow2 (i - 1%Z)%Z) <= x)%Z /\
(x < (pow2 i))%Z) -> ((int.EuclideanDivision.div x
(pow2 (i - 1%Z)%Z)) = 1%Z).
Axiom Div_mult_inst : forall (x:Z) (z:Z), (0%Z < x)%Z ->
((int.EuclideanDivision.div ((x * 1%Z)%Z + z)%Z
x) = (1%Z + (int.EuclideanDivision.div z x))%Z).
Axiom Div_pow2 : forall (x:Z) (i:Z), (((-(pow2 i))%Z <= x)%Z /\
(x < (-(pow2 (i - 1%Z)%Z))%Z)%Z) -> ((int.EuclideanDivision.div x
(pow2 (i - 1%Z)%Z)) = (-2%Z)%Z).
Axiom Div_double : forall (x:Z) (y:Z), ((0%Z < y)%Z /\ ((y <= x)%Z /\
(x < (2%Z * y)%Z)%Z)) -> ((int.EuclideanDivision.div x y) = 1%Z).
Axiom Div_pow : forall (x:Z) (i:Z), (0%Z < i)%Z ->
((((pow2 (i - 1%Z)%Z) <= x)%Z /\ (x < (pow2 i))%Z) ->
((int.EuclideanDivision.div x (pow2 (i - 1%Z)%Z)) = 1%Z)).
Axiom Div_double_neg : forall (x:Z) (y:Z), ((((-2%Z)%Z * y)%Z <= x)%Z /\
((x < (-y)%Z)%Z /\ ((-y)%Z < 0%Z)%Z)) -> ((int.EuclideanDivision.div x
y) = (-2%Z)%Z).
Axiom Div_pow2 : forall (x:Z) (i:Z), (0%Z < i)%Z ->
((((-(pow2 i))%Z <= x)%Z /\ (x < (-(pow2 (i - 1%Z)%Z))%Z)%Z) ->
((int.EuclideanDivision.div x (pow2 (i - 1%Z)%Z)) = (-2%Z)%Z)).
Axiom Mod_pow2_gen : forall (x:Z) (i:Z) (k:Z), ((0%Z <= k)%Z /\ (k < i)%Z) ->
((int.EuclideanDivision.mod1 (int.EuclideanDivision.div (x + (pow2 i))%Z
......@@ -182,7 +194,7 @@ Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> ((nth bvone
n) = true).
(* Why3 assumption *)
Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
Definition eq (v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
(n < size)%Z) -> ((nth v1 n) = (nth v2 n)).
Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2).
......@@ -255,19 +267,19 @@ Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
Parameter to_nat_sub: bv -> Z -> Z -> Z.
Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), (((0%Z <= i)%Z /\
(i <= j)%Z) /\ (j < size)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j
Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
((i <= j)%Z /\ (j < size)%Z)) -> (((nth b j) = false) -> ((to_nat_sub b j
i) = (to_nat_sub b (j - 1%Z)%Z i))).
Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), (((0%Z <= i)%Z /\
(i <= j)%Z) /\ (j < size)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j
Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
((i <= j)%Z /\ (j < size)%Z)) -> (((nth b j) = true) -> ((to_nat_sub b j
i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)).
Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z ->
((to_nat_sub b j i) = 0%Z).
Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), (((j < size)%Z /\
(i <= j)%Z) /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\
Axiom to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((j < size)%Z /\
((i <= j)%Z /\ (0%Z <= i)%Z)) -> ((forall (k:Z), ((k <= j)%Z /\
(i < k)%Z) -> ((nth b k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b
i 0%Z))).
......@@ -279,14 +291,14 @@ Require Import Why3.
Open Scope Z_scope.
(* Why3 goal *)
Theorem to_nat_of_one : forall (b:bv) (i:Z) (j:Z), (((j < size)%Z /\
(i <= j)%Z) /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\
Theorem to_nat_of_one : forall (b:bv) (i:Z) (j:Z), ((j < size)%Z /\
((i <= j)%Z /\ (0%Z <= i)%Z)) -> ((forall (k:Z), ((k <= j)%Z /\
(i <= k)%Z) -> ((nth b k) = true)) -> ((to_nat_sub b j
i) = ((pow2 ((j - i)%Z + 1%Z)%Z) - 1%Z)%Z)).
intros b i j ((Hj,Hij),Hi).
(* Why3 intros b i j (h1,(h2,h3)) h4. *)
intros b i j (Hj,(Hij,Hi)).
generalize Hij Hj.
pattern j; apply Zlt_lower_bound_ind with (z:=i); auto.
why3 "cvc3" timelimit 3.
Qed.
(* This file is generated by Why3's Coq driver *)
(* This file is generated by Why3's Coq 8.4 driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
Require bool.Bool.
Require int.Int.
Require int.Abs.
Require int.EuclideanDivision.
......@@ -148,13 +149,24 @@ Axiom pow2_62 : ((pow2 62%Z) = 4611686018427387904%Z).
Axiom pow2_63 : ((pow2 63%Z) = 9223372036854775808%Z).
Axiom Div_pow : forall (x:Z) (i:Z), (((pow2 (i - 1%Z)%Z) <= x)%Z /\
(x < (pow2 i))%Z) -> ((int.EuclideanDivision.div x
(pow2 (i - 1%Z)%Z)) = 1%Z).
Axiom Div_mult_inst : forall (x:Z) (z:Z), (0%Z < x)%Z ->
((int.EuclideanDivision.div ((x * 1%Z)%Z + z)%Z
x) = (1%Z + (int.EuclideanDivision.div z x))%Z).
Axiom Div_pow2 : forall (x:Z) (i:Z), (((-(pow2 i))%Z <= x)%Z /\
(x < (-(pow2 (i - 1%Z)%Z))%Z)%Z) -> ((int.EuclideanDivision.div x
(pow2 (i - 1%Z)%Z)) = (-2%Z)%Z).
Axiom Div_double : forall (x:Z) (y:Z), ((0%Z < y)%Z /\ ((y <= x)%Z /\
(x < (2%Z * y)%Z)%Z)) -> ((int.EuclideanDivision.div x y) = 1%Z).
Axiom Div_pow : forall (x:Z) (i:Z), (0%Z < i)%Z ->
((((pow2 (i - 1%Z)%Z) <= x)%Z /\ (x < (pow2 i))%Z) ->
((int.EuclideanDivision.div x (pow2 (i - 1%Z)%Z)) = 1%Z)).
Axiom Div_double_neg : forall (x:Z) (y:Z), ((((-2%Z)%Z * y)%Z <= x)%Z /\
((x < (-y)%Z)%Z /\ ((-y)%Z < 0%Z)%Z)) -> ((int.EuclideanDivision.div x
y) = (-2%Z)%Z).
Axiom Div_pow2 : forall (x:Z) (i:Z), (0%Z < i)%Z ->
((((-(pow2 i))%Z <= x)%Z /\ (x < (-(pow2 (i - 1%Z)%Z))%Z)%Z) ->
((int.EuclideanDivision.div x (pow2 (i - 1%Z)%Z)) = (-2%Z)%Z)).
Axiom Mod_pow2_gen : forall (x:Z) (i:Z) (k:Z), ((0%Z <= k)%Z /\ (k < i)%Z) ->
((int.EuclideanDivision.mod1 (int.EuclideanDivision.div (x + (pow2 i))%Z
......@@ -182,7 +194,7 @@ Axiom Nth_one : forall (n:Z), ((0%Z <= n)%Z /\ (n < size)%Z) -> ((nth bvone
n) = true).
(* Why3 assumption *)
Definition eq(v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
Definition eq (v1:bv) (v2:bv): Prop := forall (n:Z), ((0%Z <= n)%Z /\
(n < size)%Z) -> ((nth v1 n) = (nth v2 n)).
Axiom extensionality : forall (v1:bv) (v2:bv), (eq v1 v2) -> (v1 = v2).
......@@ -255,12 +267,12 @@ Axiom lsl_nth_low : forall (b:bv) (n:Z) (s:Z), ((0%Z <= n)%Z /\
Parameter to_nat_sub: bv -> Z -> Z -> Z.
Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), (((0%Z <= i)%Z /\
(i <= j)%Z) /\ (j < size)%Z) -> (((nth b j) = false) -> ((to_nat_sub b j
Axiom to_nat_sub_zero : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
((i <= j)%Z /\ (j < size)%Z)) -> (((nth b j) = false) -> ((to_nat_sub b j
i) = (to_nat_sub b (j - 1%Z)%Z i))).
Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), (((0%Z <= i)%Z /\
(i <= j)%Z) /\ (j < size)%Z) -> (((nth b j) = true) -> ((to_nat_sub b j
Axiom to_nat_sub_one : forall (b:bv) (j:Z) (i:Z), ((0%Z <= i)%Z /\
((i <= j)%Z /\ (j < size)%Z)) -> (((nth b j) = true) -> ((to_nat_sub b j
i) = ((pow2 (j - i)%Z) + (to_nat_sub b (j - 1%Z)%Z i))%Z)).
Axiom to_nat_sub_high : forall (b:bv) (j:Z) (i:Z), (j < i)%Z ->
......@@ -273,11 +285,12 @@ Ltac ae := why3 "alt-ergo" timelimit 3.
Open Scope Z_scope.
(* Why3 goal *)
Theorem to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), (((j < size)%Z /\
(i <= j)%Z) /\ (0%Z <= i)%Z) -> ((forall (k:Z), ((k <= j)%Z /\
Theorem to_nat_of_zero2 : forall (b:bv) (i:Z) (j:Z), ((j < size)%Z /\
((i <= j)%Z /\ (0%Z <= i)%Z)) -> ((forall (k:Z), ((k <= j)%Z /\
(i < k)%Z) -> ((nth b k) = false)) -> ((to_nat_sub b j 0%Z) = (to_nat_sub b
i 0%Z))).
intros b i j ((Hj,Hij),Hipos).
(* Why3 intros b i j (h1,(h2,h3)) h4. *)
intros b i j (Hj,(Hij,Hipos)).
generalize Hj.
pattern j; apply Zlt_lower_bound_ind with (z:=i); auto.
clear j Hj Hij.
......@@ -289,4 +302,3 @@ intros Hbits Hnth.
rewrite to_nat_sub_zero; auto with zarith.
Qed.
......@@ -46,7 +46,7 @@
name="nth_one1"
locfile="../double.why"
loclnum="73" loccnumb="8" loccnume="16"
sum="53e20bd87a3e79b72c5512963842d539"
sum="9426856b7db1eaa0a7fbf98d0a1d6511"
proved="true"
expanded="true"
shape="ainfix =anthaoneV0aFalseIainfix &lt;=V0c51Aainfix &lt;=c0V0F">
......@@ -63,7 +63,7 @@
name="nth_one2"
locfile="../double.why"
loclnum="74" loccnumb="8" loccnume="16"
sum="5c6b679bdaf6e72da6f008127d4dae8b"
sum="b1c633079fda4d75118758023d1bd9d6"
proved="true"
expanded="true"
shape="ainfix =anthaoneV0aTrueIainfix &lt;=V0c61Aainfix &lt;=c52V0F">
......@@ -80,7 +80,7 @@
name="nth_one3"
locfile="../double.why"
loclnum="75" loccnumb="8" loccnume="16"
sum="46bc15aba4d6b67856522de76992c667"
sum="7b13e3cc4204cfbf0bcadc9604a16925"
proved="true"
expanded="false"
shape="ainfix =anthaoneV0aFalseIainfix &lt;=V0c63Aainfix &lt;=c62V0F">
......@@ -97,7 +97,7 @@
name="sign_one"
locfile="../double.why"
loclnum="77" loccnumb="8" loccnume="16"
sum="ab82e666da6cf4defbf0468de247ca8e"
sum="bdda75f77974f193214e8a50e2cd6d59"
proved="true"
expanded="false"
shape="ainfix =asignaoneaFalse">
......@@ -146,7 +146,7 @@
name="exp_one"
locfile="../double.why"
loclnum="78" loccnumb="8" loccnume="15"
sum="d0092b130cd4ba2ae1480e7e7a7fb7d5"
sum="0c3504d58a9734848a0cbc03bc51d27d"
proved="true"
expanded="false"
shape="ainfix =aexpaonec1023">
......@@ -172,7 +172,7 @@
name="mantissa_one"
locfile="../double.why"
loclnum="79" loccnumb="8" loccnume="20"
sum="645707f7b8a77e5360f0735d5a5b932d"
sum="e7fa2f72bb2aada4371ebb33b3cc263e"
proved="true"
expanded="false"
shape="ainfix =amantissaaonec0">
......@@ -205,7 +205,7 @@
name="double_value_of_1"
locfile="../double.why"
loclnum="81" loccnumb="8" loccnume="25"
sum="ba4b977489801faa24193df21c2ca712"
sum="a43ae53878e69bc2d59a96e436eb69b9"
proved="true"
expanded="false"
shape="ainfix =adouble_of_bv64aonec1.0">
......
......@@ -39,7 +39,7 @@
name="Nth_j"
locfile="../neg_as_xor.why"
loclnum="13" loccnumb="8" loccnume="13"
sum="a7d9cf0929603ad3efb0168530924828"
sum="b0c07d6787ca3814d68d37a55958ed88"
proved="true"
expanded="true"
shape="ainfix =anthajV0aFalseIainfix &lt;=V0c62Aainfix &lt;=c0V0F">
......@@ -56,7 +56,7 @@
name="sign_of_j"
locfile="../neg_as_xor.why"
loclnum="15" loccnumb="8" loccnume="17"
sum="db878064435f19d2d1ff550e668e5ef7"
sum="11d2d005ac052841fddb064ceec1a224"
proved="true"
expanded="true"
shape="ainfix =asignajaTrue">
......@@ -73,7 +73,7 @@
name="mantissa_of_j"
locfile="../neg_as_xor.why"
loclnum="16" loccnumb="8" loccnume="21"
sum="9bc445592e04784060be698711ed7011"
sum="0ec22cf2da947df79bbac64e800d2037"
proved="true"
expanded="true"
shape="ainfix =amantissaajc0">
......@@ -122,7 +122,7 @@
name="exp_of_j"
locfile="../neg_as_xor.why"
loclnum="17" loccnumb="8" loccnume="16"
sum="43cea4ec0bdced8115798182e3eec086"
sum="d3fd5439e0a062e21d4b47d51da10f85"
proved="true"
expanded="true"
shape="ainfix =aexpajc0">
......@@ -171,7 +171,7 @@
name="int_of_bv"
locfile="../neg_as_xor.why"
loclnum="18" loccnumb="8" loccnume="17"
sum="13b8c9db73db1dac2c7bad49f600634e"
sum="062b16a1b9b8983f80b40b9ca9c1b7c1"
proved="true"
expanded="true"
shape="ainfix =adouble_of_bv64ajc0.0">
......@@ -220,7 +220,7 @@
name="MainResultBits"
locfile="../neg_as_xor.why"
loclnum="20" loccnumb="8" loccnume="22"
sum="b8c642e5737eee9e8f8dede7b5d40cd8"
sum="e67e8ff64626154fd727262483f22583"
proved="true"
expanded="true"
shape="ainfix =anthabw_xorV0ajV1anthV0V1Iainfix &lt;V1c63Aainfix &lt;=c0V1FF">
......@@ -245,7 +245,7 @@
name="MainResultSign"
locfile="../neg_as_xor.why"
loclnum="23" loccnumb="8" loccnume="22"
sum="75b0e6c8ac543c3dd0ddec53a5fb9557"
sum="aa318a184dd710f5d456887f3f3c9e06"
proved="true"
expanded="true"
shape="ainfix =anthabw_xorV0ajc63anotbanthV0c63F">
......@@ -270,7 +270,7 @@
name="Sign_of_xor_j"
locfile="../neg_as_xor.why"
loclnum="25" loccnumb="8" loccnume="21"
sum="8728de3c3203b4e08ad9c90f5a6bbb65"
sum="16129089ff40de7b992dc83878b2e424"
proved="true"
expanded="true"
shape="ainfix =asignabw_xorV0ajanotbasignV0F">
......@@ -319,7 +319,7 @@
name="Exp_of_xor_j"
locfile="../neg_as_xor.why"
loclnum="27" loccnumb="8" loccnume="20"
sum="455b0069043d71e599dfecc63a8758c0"
sum="1d7f25cf0479a1b4653fb5da53c80932"
proved="true"
expanded="true"
shape="ainfix =aexpabw_xorV0ajaexpV0F">
......@@ -360,7 +360,7 @@
name="Mantissa_of_xor_j"
locfile="../neg_as_xor.why"
loclnum="29" loccnumb="8" loccnume="25"
sum="1f02e9a2a57fd9292ecd416dbb186109"
sum="358f2775fb8ab653ffd112e0011f0f81"
proved="true"
expanded="true"
shape="ainfix =amantissaabw_xorV0ajamantissaV0F">
......@@ -401,7 +401,7 @@
name="MainResultZero"
locfile="../neg_as_xor.why"
loclnum="31" loccnumb="8" loccnume="22"
sum="5789944886ff89f58121bdc8ffd2305f"
sum="8e35ab4f8feaafcd296967f7b268407d"
proved="true"
expanded="true"
shape="ainfix =adouble_of_bv64abw_xorV0ajaprefix -.adouble_of_bv64V0Iainfix =amantissaV0c0Aainfix =c0aexpV0F">
......@@ -427,7 +427,7 @@
memlimit="1000"
obsolete="false"
archived="false">
<result status="valid" time="1.24"/>
<result status="valid" time="1.48"/>
</proof>
<proof
prover="4"
......@@ -443,14 +443,14 @@
memlimit="1000"
obsolete="false"
archived="false">
<result status="valid" time="1.27"/>
<result status="valid" time="1.01"/>
</proof>
</goal>
<goal
name="sign_neg"
locfile="../neg_as_xor.why"
loclnum="34" loccnumb="8" loccnume="16"
sum="dd4faf3f836502c1a4c2eb22b26cac84"
sum="e9e9f43e43315e87befdb1f4ae28558f"
proved="true"
expanded="true"
shape="ainfix =asign_valueanotbasignV0aprefix -.asign_valueasignV0F">
......@@ -475,7 +475,7 @@
name="MainResult"
locfile="../neg_as_xor.why"
loclnum="36" loccnumb="8" loccnume="18"
sum="3117fcfa34ff1753af99b6998919c4e6"
sum="13c0b40c682017066c953ef3e8d2b1b2"
proved="true"
expanded="true"
shape="ainfix =adouble_of_bv64abw_xorV0ajaprefix -.adouble_of_bv64V0Iainfix &lt;aexpV0c2047Aainfix &lt;c0aexpV0F">
......
......@@ -2395,7 +2395,7 @@
memlimit="1000"
obsolete="false"
archived="false">
<result status="valid" time="1.64"/>
<result status="valid" time="1.33"/>
</proof>
</goal>
<goal
......@@ -3237,7 +3237,7 @@
name="Div_double"
locfile="../power2.why"
loclnum="90" loccnumb="8" loccnume="18"
sum="1fcb539eabe84fdefeff2f4f139265f3"
sum="bda4ae1019d1849b5d9cccb5a863b4ac"
proved="true"
expanded="false"
shape="ainfix =adivV0V1c1Iainfix &lt;V0ainfix *c2V1Aainfix &lt;=V1V0Aainfix &lt;c0V1F">
......@@ -3254,7 +3254,7 @@
name="Div_pow"
locfile="../power2.why"
loclnum="93" loccnumb="8" loccnume="15"
sum="11153dee5e26877e1fa13aa25ffb1921"
sum="d2fc073ce351900def835eb86b4496ad"
proved="true"
expanded="false"
shape="ainfix =adivV0apow2ainfix -V1c1c1Iainfix &lt;V0apow2V1Aainfix &lt;=apow2ainfix -V1c1V0Iainfix &gt;V1c0F">
......@@ -3287,7 +3287,7 @@
name="Div_double_neg"
locfile="../power2.why"
loclnum="96" loccnumb="8" loccnume="22"
sum="d05676ffe390734a5735e4d84a38010f"
sum="bfcff34bf93ddec105c5c4dbc51c88c7"
proved="true"
expanded="false"
shape="ainfix =adivV0V1aprefix -c2Iainfix &lt;aprefix -V1c0Aainfix &lt;V0aprefix -V1Aainfix &lt;=ainfix *aprefix -c2V1V0F">
......@@ -3320,7 +3320,7 @@
name="Div_pow2"
locfile="../power2.why"
loclnum="99" loccnumb="8" loccnume="16"
sum="a7add2d0ed8fdd1e97b35f4634aa331f"
sum="8d27808b5e05937f232478240c70d2e0"
proved="true"
expanded="false"
shape="ainfix =adivV0apow2ainfix -V1c1aprefix -c2Iainfix &lt;V0aprefix -apow2ainfix -V1c1Aainfix &lt;=aprefix -apow2V1V0Iainfix &gt;V1c0F">
......@@ -3353,7 +3353,7 @@
name="Mod_pow2_gen"
locfile="../power2.why"
loclnum="106" loccnumb="8" loccnume="20"
sum="bc634ba4115c31b26b0a26fa8a42fe8f"
sum="71b1e029d6b788847da1f624fbed9c2e"
proved="true"
expanded="false"
shape="ainfix =amodadivainfix +V0apow2V1apow2V2c2amodadivV0apow2V2c2Iainfix &lt;V2V1Aainfix &lt;=c0V2F">
......@@ -3746,7 +3746,7 @@
name="Pow2_int_real"
locfile="../power2.why"
loclnum="149" loccnumb="8" loccnume="21"
sum="88542aa636d052e2f3db12855142a25f"
sum="bad4162471b2f59ad9373295192dd218"
proved="true"
expanded="false"
shape="ainfix =apow2V0afrom_intapow2V0Iainfix &gt;=V0c0F">
......
......@@ -35,7 +35,7 @@
name="l_false"
locfile="../fsetint.why"
loclnum="5" loccnumb="9" loccnume="16"
sum="0158150de9c97af9dd9820938313b4d5"
sum="4cae098d8b82a679b1a74d2c84737019"
proved="false"
expanded="true"
shape="f">
......@@ -91,7 +91,7 @@
name="mem_integer"
locfile="../fsetint.why"
loclnum="13" loccnumb="8" loccnume="19"
sum="3658829cdb3f859e8fd24937b2513f62"
sum="205c151a38877b7f91313916922d7186"
proved="false"
expanded="true"
shape="amemV0aintegerF">
......@@ -140,7 +140,7 @@
name="foo"
locfile="../fsetint.why"
loclnum="15" loccnumb="7" loccnume="10"
sum="99afe7ade68f07f16139a57d95d5df7e"
sum="89b296fe229e48a8d6ac3a1be7f7b47a"
proved="false"
expanded="true"
shape="f">
......
......@@ -39,7 +39,7 @@
name="G1"
locfile="../array.why"
loclnum="4" loccnumb="7" loccnume="9"
sum="6a5e4bcc7b588bfa5e78aaa401a74340"
sum="3980f0191b1d60ae46edc59a32d239c5"
proved="true"
expanded="true"
shape="ainfix =agetasetV2V1V0V1V0FF">
......@@ -96,7 +96,7 @@
name="G2"
locfile="../array.why"
loclnum="6" loccnumb="7" loccnume="9"
sum="92e7e0f02caa5e51b6a592a13189bad2"
sum="2388ea470ff7fd77de49c85055b8a1e1"
proved="true"
expanded="true"
shape="ainfix =agetasetV4V0V3V2V1Iainfix =agetV4V2V1INainfix =V2V0FF">
......@@ -153,7 +153,7 @@
name="G3"
locfile="../array.why"
loclnum="10" loccnumb="7" loccnume="9"
sum="49164e5453d62978cc5152486def35e3"
sum="52dab61db769bd21f1d4fdf5e82f7b79"
proved="true"
expanded="true"
shape="ainfix =agetasetV2c1V1c0V0Iainfix =agetV2c0V0FF">
......@@ -210,7 +210,7 @@
name="G4"
locfile="../array.why"
loclnum="13" loccnumb="7" loccnume="9"
sum="4a5d48e8598b6b2f27a4febc5b896b91"
sum="8da484126da43881b2ddf56a6f81d7bc"
proved="true"
expanded="true"
shape="ainfix =agetasetasetV2c1V1c0V0c1V1FF">
......
This diff is collapsed.
This source diff could not be displayed because it is too large. You can view the blob instead.
(* This file is generated by Why3's Coq driver *)
(* This file is generated by Why3's Coq 8.4 driver *)
(* Beware! Only edit allowed sections below *)
Require Import BuiltIn.
Require BuiltIn.
......@@ -16,52 +16,54 @@ Existing Instance ref_WhyType.
Implicit Arguments mk_ref [[a] [a_WT]].
(* Why3 assumption *)
Definition contents {a:Type} {a_WT:WhyType a}(v:(ref a)): a :=
Definition contents {a:Type} {a_WT:WhyType a} (v:(@ref a a_WT)): a :=
match v with
| (mk_ref x) => x
end.
(* Why3 assumption *)
Inductive array (a:Type) {a_WT:WhyType a} :=
| mk_array : Z -> (map.Map.map Z a) -> array a.
Inductive array
(a:Type) {a_WT:WhyType a} :=
| mk_array : Z -> (@map.Map.map Z _ a a_WT) -> array a.
Axiom array_WhyType : forall (a:Type) {a_WT:WhyType a}, WhyType (array a).
Existing Instance array_WhyType.
Implicit Arguments mk_array [[a] [a_WT]].
(* Why3 assumption *)
Definition elts {a:Type} {a_WT:WhyType a}(v:(array a)): (map.Map.map Z a) :=
match v with
Definition elts {a:Type} {a_WT:WhyType a} (v:(@array a a_WT)): (@map.Map.map
Z _ a a_WT) := match v with
| (mk_array x x1) => x1
end.
(* Why3 assumption *)
Definition length {a:Type} {a_WT:WhyType a}(v:(array a)): Z :=
Definition length {a:Type} {a_WT:WhyType a} (v:(@array a a_WT)): Z :=
match v with
| (mk_array x x1) => x
end.
(* Why3 assumption *)
Definition get {a:Type} {a_WT:WhyType a}(a1:(array a)) (i:Z): a :=
Definition get {a:Type} {a_WT:WhyType a} (a1:(@array a a_WT)) (i:Z): a :=
(map.Map.get (elts a1) i).
(* Why3 assumption *)
Definition set {a:Type} {a_WT:WhyType a}(a1:(array a)) (i:Z) (v:a): (array
a) := (mk_array (length a1) (map.Map.set (elts a1) i v)).
Definition set {a:Type} {a_WT:WhyType a} (a1:(@array a a_WT)) (i:Z)
(v:a): (@array a a_WT) := (mk_array (length a1) (map.Map.set (elts a1) i
v)).
(* Why3 assumption *)
Definition make {a:Type} {a_WT:WhyType a}(n:Z) (v:a): (array a) :=
(mk_array n (map.Map.const v:(map.Map.map Z a))).
Definition make {a:Type} {a_WT:WhyType a} (n:Z) (v:a): (@array a a_WT) :=
(mk_array n (map.Map.const v:(@map.Map.map Z _ a a_WT))).
(* Why3 assumption *)
Definition decrease1(a:(array Z)): Prop := forall (i:Z), ((0%Z <= i)%Z /\
Definition decrease1 (a:(@array Z _)): Prop := forall (i:Z), ((0%Z <= i)%Z /\
(i < ((length a) - 1%Z)%Z)%Z) -> (((get a i) - 1%Z)%Z <= (get a
(i + 1%Z)%Z))%Z.
(* Why3 goal *)
Theorem decrease1_induction : forall (a:(array Z)), (decrease1 a) ->
forall (i:Z) (j:Z), (((0%Z <= i)%Z /\ (i <= j)%Z) /\ (j < (length a))%Z) ->