Commit bbb659aa by MARCHE Claude

### updated example isqrt

parent 94223ac7
 ... ... @@ -33,7 +33,9 @@ module Simple = let count = ref 0 in let sum = ref 1 in while !sum <= x do invariant { !count >= 0 /\ x >= sqr !count /\ !sum = sqr (!count+1) } invariant { !count >= 0 } invariant { x >= sqr !count } invariant { !sum = sqr (!count+1) } variant { x - !count } count := !count + 1; sum := !sum + 2 * !count + 1 ... ... @@ -72,19 +74,20 @@ module NewtonMethod y := !z; z := div (div x !z + !z) 2; (* A few hints to prove preservation of the last invariant *) let ghost a = div x !y in assert { x < a * !y + !y }; assert { a + !y <= 2 * !z + 1 }; assert { 0 <= a + !y + 1 }; assert { sqr (a + !y + 1) <= sqr (2 * !z + 2) }; assert { 4 * (sqr (!z + 1) - x) assert { x < sqr (!z + 1) by let a = div x !y in x < a * !y + !y so a + !y <= 2 * !z + 1 so sqr (a + !y + 1) <= sqr (2 * !z + 2) so 4 * (sqr (!z + 1) - x) = sqr (2 * !z + 2) - 4 * x >= sqr (a + !y + 1) - 4 * x > sqr (a + !y + 1) - 4 * (a * !y + !y) = sqr (a + 1 - !y) >= 0 } done; assert { !y * !y <= div x !y * !y by !y <= div x !y }; assert { !y * !y <= div x !y * !y by !y <= div x !y }; !y end
 ... ... @@ -3,33 +3,45 @@ "http://why3.lri.fr/why3session.dtd"> ... ... @@ -38,9 +50,9 @@ ... ... @@ -54,7 +66,7 @@ ... ... @@ -63,51 +75,67 @@ ... ...
No preview for this file type
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!