Commit e4746a0b authored by Guillaume Melquiond's avatar Guillaume Melquiond

Fix Coq proofs broken by the qualified-name changes.

parent a620a3e3
(* This file is generated by Why3's Coq driver *) (* This file is generated by Why3's Coq 8.4 driver *)
(* Beware! Only edit allowed sections below *) (* Beware! Only edit allowed sections below *)
Require Import ZArith. Require Import BuiltIn.
Require Import Rbase. Require BuiltIn.
Require Import ZOdiv. Require int.Int.
Axiom Abs_le : forall (x:Z) (y:Z), ((Zabs x) <= y)%Z <-> (((-y)%Z <= x)%Z /\ Require int.Abs.
(x <= y)%Z). Require int.ComputerDivision.
(* YOU MAY EDIT THE CONTEXT BELOW *)
(* DO NOT EDIT BELOW *)
(* Why3 goal *)
Theorem mod_div_unique : forall (x:Z) (y:Z) (q:Z) (r:Z), ((0%Z <= x)%Z /\ Theorem mod_div_unique : forall (x:Z) (y:Z) (q:Z) (r:Z), ((0%Z <= x)%Z /\
((0%Z < y)%Z /\ ((x = ((q * y)%Z + r)%Z) /\ ((0%Z <= r)%Z /\ ((0%Z < y)%Z /\ ((x = ((q * y)%Z + r)%Z) /\ ((0%Z <= r)%Z /\
(r < y)%Z)))) -> ((q = (ZOdiv x y)) /\ (r = (ZOmod x y))). (r < y)%Z)))) -> ((q = (ZArith.BinInt.Z.quot x y)) /\
(r = (ZArith.BinInt.Z.rem x y))).
(* Why3 intros x y q r (h1,(h2,(h3,(h4,h5)))). *)
(* YOU MAY EDIT THE PROOF BELOW *) (* YOU MAY EDIT THE PROOF BELOW *)
intros x y q r (H1,(H2,(H3,(H4,H5)))). intros x y q r (H1,(H2,(H3,(H4,H5)))).
apply ZOdiv_mod_unique_full. apply Zquot.Zquot_mod_unique_full.
2: rewrite H3; ring. 2: rewrite H3; ring.
red. red.
left. left.
rewrite Zabs_eq; auto with zarith. rewrite Zabs_eq; auto with zarith.
Qed. Qed.
(* DO NOT EDIT BELOW *)
(* This file is generated by Why3's Coq 8.4 driver *) (* This file is generated by Why3's Coq 8.4 driver *)
(* Beware! Only edit allowed sections below *) (* Beware! Only edit allowed sections below *)
Require Import BuiltIn. Require Import BuiltIn.
Require Import ZOdiv.
Require BuiltIn. Require BuiltIn.
Require int.Int. Require int.Int.
Require int.Abs. Require int.Abs.
...@@ -9,28 +8,29 @@ Require int.ComputerDivision. ...@@ -9,28 +8,29 @@ Require int.ComputerDivision.
Axiom mod_div_unique : forall (x:Z) (y:Z) (q:Z) (r:Z), ((0%Z <= x)%Z /\ Axiom mod_div_unique : forall (x:Z) (y:Z) (q:Z) (r:Z), ((0%Z <= x)%Z /\
((0%Z < y)%Z /\ ((x = ((q * y)%Z + r)%Z) /\ ((0%Z <= r)%Z /\ ((0%Z < y)%Z /\ ((x = ((q * y)%Z + r)%Z) /\ ((0%Z <= r)%Z /\
(r < y)%Z)))) -> ((q = (ZOdiv x y)) /\ (r = (ZOmod x y))). (r < y)%Z)))) -> ((q = (ZArith.BinInt.Z.quot x y)) /\
(r = (ZArith.BinInt.Z.rem x y))).
Import Zquot.
Open Scope Z_scope. Open Scope Z_scope.
(* Why3 goal *) (* Why3 goal *)
Theorem mod_succ_1 : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> Theorem mod_succ_1 : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
((~ ((ZOmod (x + 1%Z)%Z y) = 0%Z)) -> ((~ ((ZArith.BinInt.Z.rem (x + 1%Z)%Z y) = 0%Z)) ->
((ZOmod (x + 1%Z)%Z y) = ((ZOmod x y) + 1%Z)%Z)). ((ZArith.BinInt.Z.rem (x + 1%Z)%Z y) = ((ZArith.BinInt.Z.rem x y) + 1%Z)%Z)).
(* Why3 intros x y (h1,h2) h3. *) (* Why3 intros x y (h1,h2) h3. *)
intros x y (Hx,Hy) H. intros x y (Hx,Hy) H.
assert (h: y>0) by omega. assert (h: y>0) by omega.
generalize (ZO_div_mod_eq x y); intro h1. generalize (Z_quot_rem_eq x y); intro h1.
generalize (ZO_div_mod_eq (x+1) y); intro h2. generalize (Z_quot_rem_eq (x+1) y); intro h2.
assert (h3:x = y * (ZOdiv (x + 1) y) + (ZOmod (x + 1) y - 1)) by omega. assert (h3:x = y * (Z.quot (x + 1) y) + (Z.rem (x + 1) y - 1)) by omega.
generalize (mod_div_unique x y (ZOdiv (x + 1) y) (ZOmod (x + 1) y - 1)). generalize (mod_div_unique x y (Z.quot (x + 1) y) (Z.rem (x + 1) y - 1)).
intuition. intuition.
destruct H1 ; auto with zarith. destruct H1 ; auto with zarith.
rewrite h3 at 1. rewrite h3 at 1.
ring. ring.
assert (0 <= ZOmod (x + 1) y < y). assert (0 <= Z.rem (x + 1) y < y).
apply Zquot.Zrem_lt_pos_pos; omega. apply Zrem_lt_pos_pos; omega.
omega. omega.
Qed. Qed.
(* This file is generated by Why3's Coq 8.4 driver *) (* This file is generated by Why3's Coq 8.4 driver *)
(* Beware! Only edit allowed sections below *) (* Beware! Only edit allowed sections below *)
Require Import BuiltIn. Require Import BuiltIn.
Require Import ZOdiv.
Require BuiltIn. Require BuiltIn.
Require int.Int. Require int.Int.
Require int.Abs. Require int.Abs.
...@@ -9,27 +8,30 @@ Require int.ComputerDivision. ...@@ -9,27 +8,30 @@ Require int.ComputerDivision.
Axiom mod_div_unique : forall (x:Z) (y:Z) (q:Z) (r:Z), ((0%Z <= x)%Z /\ Axiom mod_div_unique : forall (x:Z) (y:Z) (q:Z) (r:Z), ((0%Z <= x)%Z /\
((0%Z < y)%Z /\ ((x = ((q * y)%Z + r)%Z) /\ ((0%Z <= r)%Z /\ ((0%Z < y)%Z /\ ((x = ((q * y)%Z + r)%Z) /\ ((0%Z <= r)%Z /\
(r < y)%Z)))) -> ((q = (ZOdiv x y)) /\ (r = (ZOmod x y))). (r < y)%Z)))) -> ((q = (ZArith.BinInt.Z.quot x y)) /\
(r = (ZArith.BinInt.Z.rem x y))).
Axiom mod_succ_1 : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> Axiom mod_succ_1 : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
((~ ((ZOmod (x + 1%Z)%Z y) = 0%Z)) -> ((~ ((ZArith.BinInt.Z.rem (x + 1%Z)%Z y) = 0%Z)) ->
((ZOmod (x + 1%Z)%Z y) = ((ZOmod x y) + 1%Z)%Z)). ((ZArith.BinInt.Z.rem (x + 1%Z)%Z y) = ((ZArith.BinInt.Z.rem x y) + 1%Z)%Z)).
Import Zquot.
(* Why3 goal *) (* Why3 goal *)
Theorem mod_succ_2 : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) -> Theorem mod_succ_2 : forall (x:Z) (y:Z), ((0%Z <= x)%Z /\ (0%Z < y)%Z) ->
(((ZOmod (x + 1%Z)%Z y) = 0%Z) -> ((ZOmod x y) = (y - 1%Z)%Z)). (((ZArith.BinInt.Z.rem (x + 1%Z)%Z y) = 0%Z) ->
((ZArith.BinInt.Z.rem x y) = (y - 1%Z)%Z)).
(* Why3 intros x y (h1,h2) h3. *) (* Why3 intros x y (h1,h2) h3. *)
intros x y (Hx,Hy) H. intros x y (Hx,Hy) H.
generalize (ZO_div_mod_eq x y); intro h1. generalize (Z_quot_rem_eq x y); intro h1.
generalize (ZO_div_mod_eq (x+1) y); intro h2. generalize (Z_quot_rem_eq (x+1) y); intro h2.
assert (h3: (x = y * (ZOdiv (x + 1) y - 1) + (ZOmod (x + 1) y + y - 1))%Z). assert (h3: (x = y * (Z.quot (x + 1) y - 1) + (Z.rem (x + 1) y + y - 1))%Z).
ring_simplify; omega. ring_simplify; omega.
rewrite H in h3. rewrite H in h3.
generalize (mod_div_unique x y (ZOdiv (x + 1) y - 1) (0 + y - 1)). generalize (mod_div_unique x y (Z.quot (x + 1) y - 1) (0 + y - 1)).
intuition. intuition.
destruct H1; auto with zarith. destruct H1; auto with zarith.
rewrite h3 at 1. rewrite h3 at 1.
ring. ring.
Qed. Qed.
(* This file is generated by Why3's Coq 8.4 driver *) (* This file is generated by Why3's Coq 8.4 driver *)
(* Beware! Only edit allowed sections below *) (* Beware! Only edit allowed sections below *)
Require Import BuiltIn. Require Import BuiltIn.
Require Import ZOdiv.
Require BuiltIn. Require BuiltIn.
Require int.Int. Require int.Int.
Require int.Abs. Require int.Abs.
...@@ -14,18 +13,23 @@ Require number.Gcd. ...@@ -14,18 +13,23 @@ Require number.Gcd.
(* Why3 assumption *) (* Why3 assumption *)
Definition unit := unit. Definition unit := unit.
Axiom qtmark : Type.
Parameter qtmark_WhyType : WhyType qtmark.
Existing Instance qtmark_WhyType.
(* Why3 goal *) (* Why3 goal *)
Theorem WP_parameter_euclid : forall (u:Z) (v:Z), ((0%Z <= u)%Z /\ Theorem WP_parameter_euclid : forall (u:Z) (v:Z), ((0%Z <= u)%Z /\
(0%Z <= v)%Z) -> ((~ (v = 0%Z)) -> let o := (ZOmod u v) in (0%Z <= v)%Z) -> ((~ (v = 0%Z)) -> let o := (ZArith.BinInt.Z.rem u v) in
(((0%Z <= v)%Z /\ (0%Z <= o)%Z) -> ((number.Gcd.gcd v (((0%Z <= v)%Z /\ (0%Z <= o)%Z) -> ((number.Gcd.gcd v
o) = (number.Gcd.gcd u v)))). o) = (number.Gcd.gcd u v)))).
(* Why3 intros u v (h1,h2) h3 o (h4,h5). *)
Proof. Proof.
intuition. intuition.
symmetry. symmetry.
rewrite Gcd.Comm. rewrite Gcd.Comm.
rewrite Gcd.gcd_euclid with (q:=(ZOdiv u v)). rewrite Gcd.gcd_euclid with (q := Z.quot u v).
apply f_equal. apply f_equal.
rewrite (ZO_div_mod_eq u v) at 1. rewrite (Zquot.Z_quot_rem_eq u v) at 1.
ring. ring.
Qed. Qed.
(* This file is generated by Why3's Coq 8.4 driver *) (* This file is generated by Why3's Coq 8.4 driver *)
(* Beware! Only edit allowed sections below *) (* Beware! Only edit allowed sections below *)
Require Import BuiltIn. Require Import BuiltIn.
Require Import ZOdiv.
Require BuiltIn. Require BuiltIn.
Require int.Int. Require int.Int.
Require int.Abs. Require int.Abs.
...@@ -15,6 +14,10 @@ Require map.Map. ...@@ -15,6 +14,10 @@ Require map.Map.
(* Why3 assumption *) (* Why3 assumption *)
Definition unit := unit. Definition unit := unit.
Axiom qtmark : Type.
Parameter qtmark_WhyType : WhyType qtmark.
Existing Instance qtmark_WhyType.
(* Why3 assumption *) (* Why3 assumption *)
Definition lt_nat (x:Z) (y:Z): Prop := (0%Z <= y)%Z /\ (x < y)%Z. Definition lt_nat (x:Z) (y:Z): Prop := (0%Z <= y)%Z /\ (x < y)%Z.
...@@ -69,7 +72,7 @@ Definition set {a:Type} {a_WT:WhyType a} (a1:(@array a a_WT)) (i:Z) ...@@ -69,7 +72,7 @@ Definition set {a:Type} {a_WT:WhyType a} (a1:(@array a a_WT)) (i:Z)
(* Why3 assumption *) (* Why3 assumption *)
Definition make {a:Type} {a_WT:WhyType a} (n:Z) (v:a): (@array a a_WT) := Definition make {a:Type} {a_WT:WhyType a} (n:Z) (v:a): (@array a a_WT) :=
(mk_array n (map.Map.const v:(@map.Map.map Z _ a a_WT))). (mk_array n (map.Map.const v: (@map.Map.map Z _ a a_WT))).
(* Why3 assumption *) (* Why3 assumption *)
Definition no_prime_in (l:Z) (u:Z): Prop := forall (x:Z), ((l < x)%Z /\ Definition no_prime_in (l:Z) (u:Z): Prop := forall (x:Z), ((l < x)%Z /\
...@@ -100,11 +103,13 @@ apply Zge_le in H'. ...@@ -100,11 +103,13 @@ apply Zge_le in H'.
now apply Zmult_le_compat. now apply Zmult_le_compat.
Qed. Qed.
Import Zquot.
(* Why3 goal *) (* Why3 goal *)
Theorem WP_parameter_prime_numbers : forall (m:Z), (2%Z <= m)%Z -> Theorem WP_parameter_prime_numbers : forall (m:Z), (2%Z <= m)%Z ->
((0%Z <= m)%Z -> ((0%Z <= m)%Z -> (((0%Z <= 0%Z)%Z /\ (0%Z < m)%Z) -> ((0%Z <= m)%Z -> ((0%Z <= m)%Z -> (((0%Z <= 0%Z)%Z /\ (0%Z < m)%Z) ->
forall (p:(@map.Map.map Z _ Z _)), ((0%Z <= m)%Z /\ forall (p:(@map.Map.map Z _ Z _)), ((0%Z <= m)%Z /\
(p = (map.Map.set (map.Map.const 0%Z:(@map.Map.map Z _ Z _)) 0%Z 2%Z))) -> (p = (map.Map.set (map.Map.const 0%Z: (@map.Map.map Z _ Z _)) 0%Z 2%Z))) ->
(((0%Z <= 1%Z)%Z /\ (1%Z < m)%Z) -> forall (p1:(@map.Map.map Z _ Z _)), (((0%Z <= 1%Z)%Z /\ (1%Z < m)%Z) -> forall (p1:(@map.Map.map Z _ Z _)),
((0%Z <= m)%Z /\ (p1 = (map.Map.set p 1%Z 3%Z))) -> let o := (m - 1%Z)%Z in ((0%Z <= m)%Z /\ (p1 = (map.Map.set p 1%Z 3%Z))) -> let o := (m - 1%Z)%Z in
((2%Z <= o)%Z -> forall (n:Z) (p2:(@map.Map.map Z _ Z _)), forall (j:Z), ((2%Z <= o)%Z -> forall (n:Z) (p2:(@map.Map.map Z _ Z _)), forall (j:Z),
...@@ -118,10 +123,15 @@ Theorem WP_parameter_prime_numbers : forall (m:Z), (2%Z <= m)%Z -> ...@@ -118,10 +123,15 @@ Theorem WP_parameter_prime_numbers : forall (m:Z), (2%Z <= m)%Z ->
((number.Parity.odd n1) /\ ((no_prime_in (map.Map.get p3 (j - 1%Z)%Z) ((number.Parity.odd n1) /\ ((no_prime_in (map.Map.get p3 (j - 1%Z)%Z)
n1) /\ forall (i:Z), ((0%Z <= i)%Z /\ (i < k)%Z) -> n1) /\ forall (i:Z), ((0%Z <= i)%Z /\ (i < k)%Z) ->
~ (number.Divisibility.divides (map.Map.get p3 i) n1))))))) -> ~ (number.Divisibility.divides (map.Map.get p3 i) n1))))))) ->
(((0%Z <= k)%Z /\ (k < m)%Z) -> ((~ ((ZOmod n1 (map.Map.get p3 (((0%Z <= k)%Z /\ (k < m)%Z) ->
k)) = 0%Z)) -> (((0%Z <= k)%Z /\ (k < m)%Z) -> (((0%Z <= k)%Z /\ ((~ ((ZArith.BinInt.Z.rem n1 (map.Map.get p3 k)) = 0%Z)) ->
(k < m)%Z) -> ((~ ((map.Map.get p3 k) < (ZOdiv n1 (map.Map.get p3 (((0%Z <= k)%Z /\ (k < m)%Z) -> (((0%Z <= k)%Z /\ (k < m)%Z) ->
((~ ((map.Map.get p3 k) < (ZArith.BinInt.Z.quot n1 (map.Map.get p3
k)))%Z) -> (number.Prime.prime n1)))))))))))). k)))%Z) -> (number.Prime.prime n1)))))))))))).
(* Why3 intros m h1 h2 h3 (h4,h5) p (h6,h7) (h8,h9) p1 (h10,h11) o h12 n p2 j
(h13,h14) (h15,((h16,h17),(h18,h19))) k n1 p3
(h20,((h21,h22),(h23,((h24,h25),(h26,(h27,h28)))))) (h29,h30) h31
(h32,h33) (h34,h35) h36. *)
intros m h1 h2 h3 (h4,h5) p (h6,h7) (h8,h9) p1 (h10,h11) o h12 n p2 j intros m h1 h2 h3 (h4,h5) p (h6,h7) (h8,h9) p1 (h10,h11) o h12 n p2 j
(h13,h14) (h15,((h16,h17),(h18,h19))) k n1 p3 (h13,h14) (h15,((h16,h17),(h18,h19))) k n1 p3
(h20,((h21,h22),(h23,((h24,h25),(h26,(h27,h28)))))) (h29,h30) h31 (h20,((h21,h22),(h23,((h24,h25),(h26,(h27,h28)))))) (h29,h30) h31
...@@ -133,21 +143,21 @@ rewrite <- p0. apply sorted; omega. ...@@ -133,21 +143,21 @@ rewrite <- p0. apply sorted; omega.
apply Prime.small_divisors; auto. apply Prime.small_divisors; auto.
omega. omega.
intros. intros.
generalize (ZO_div_mod_eq n1 (Map.get p3 k)). intro div. generalize (Z_quot_rem_eq n1 (Map.get p3 k)). intro div.
assert (ne1: (0 <= n1 /\ Map.get p3 k <> 0)%Z) by omega. assert (ne1: (0 <= n1 /\ Map.get p3 k <> 0)%Z) by omega.
assert (mod1: (0 <= ZOmod n1 (Map.get p3 k))%Z). assert (mod1: (0 <= Z.rem n1 (Map.get p3 k))%Z).
destruct (not_Zeq_inf _ _ (proj2 ne1)) as [Zm|Zm]. destruct (not_Zeq_inf _ _ (proj2 ne1)) as [Zm|Zm].
now apply ZOmod_lt_pos_neg. now apply Zrem_lt_pos_neg.
now apply ZOmod_lt_pos_pos. now apply Zrem_lt_pos_pos.
assert (mod2: (ZOmod n1 (Map.get p3 k) < Map.get p3 k)%Z). assert (mod2: (Z.rem n1 (Map.get p3 k) < Map.get p3 k)%Z).
apply ZOmod_lt_pos_pos ; omega. apply Zrem_lt_pos_pos ; omega.
assert (d <= Map.get p3 k)%Z. assert (d <= Map.get p3 k)%Z.
assert (d < Map.get p3 k+1)%Z. 2: omega. assert (d < Map.get p3 k+1)%Z. 2: omega.
apply Zle_sqrt; try omega. apply Zle_sqrt; try omega.
assert (2 < Map.get p3 k)%Z. assert (2 < Map.get p3 k)%Z.
rewrite <- p0. apply sorted; omega. rewrite <- p0. apply sorted; omega.
apply Zle_lt_trans with n1; try omega. apply Zle_lt_trans with n1; try omega.
assert (Map.get p3 k * (ZOdiv n1 (Map.get p3 k)) <= Map.get p3 k * Map.get p3 k)%Z. assert (Map.get p3 k * (Z.quot n1 (Map.get p3 k)) <= Map.get p3 k * Map.get p3 k)%Z.
apply Zmult_le_compat_l; try omega. apply Zmult_le_compat_l; try omega.
replace ((Map.get p3 k + 1) * (Map.get p3 k + 1))%Z with (Map.get p3 k * Map.get p3 k + 2 * Map.get p3 k + 1)%Z by ring. replace ((Map.get p3 k + 1) * (Map.get p3 k + 1))%Z with (Map.get p3 k * Map.get p3 k + 2 * Map.get p3 k + 1)%Z by ring.
omega. omega.
......
(* This file is generated by Why3's Coq 8.4 driver *) (* This file is generated by Why3's Coq 8.4 driver *)
(* Beware! Only edit allowed sections below *) (* Beware! Only edit allowed sections below *)
Require Import BuiltIn. Require Import BuiltIn.
Require Import ZOdiv.
Require BuiltIn. Require BuiltIn.
Require int.Int. Require int.Int.
Require int.Abs. Require int.Abs.
...@@ -15,6 +14,10 @@ Require map.Map. ...@@ -15,6 +14,10 @@ Require map.Map.
(* Why3 assumption *) (* Why3 assumption *)
Definition unit := unit. Definition unit := unit.
Axiom qtmark : Type.
Parameter qtmark_WhyType : WhyType qtmark.
Existing Instance qtmark_WhyType.
(* Why3 assumption *) (* Why3 assumption *)
Definition lt_nat (x:Z) (y:Z): Prop := (0%Z <= y)%Z /\ (x < y)%Z. Definition lt_nat (x:Z) (y:Z): Prop := (0%Z <= y)%Z /\ (x < y)%Z.
...@@ -69,7 +72,7 @@ Definition set {a:Type} {a_WT:WhyType a} (a1:(@array a a_WT)) (i:Z) ...@@ -69,7 +72,7 @@ Definition set {a:Type} {a_WT:WhyType a} (a1:(@array a a_WT)) (i:Z)
(* Why3 assumption *) (* Why3 assumption *)
Definition make {a:Type} {a_WT:WhyType a} (n:Z) (v:a): (@array a a_WT) := Definition make {a:Type} {a_WT:WhyType a} (n:Z) (v:a): (@array a a_WT) :=
(mk_array n (map.Map.const v:(@map.Map.map Z _ a a_WT))). (mk_array n (map.Map.const v: (@map.Map.map Z _ a a_WT))).
(* Why3 assumption *) (* Why3 assumption *)
Definition no_prime_in (l:Z) (u:Z): Prop := forall (x:Z), ((l < x)%Z /\ Definition no_prime_in (l:Z) (u:Z): Prop := forall (x:Z), ((l < x)%Z /\
...@@ -91,11 +94,13 @@ Axiom exists_prime : forall (p:(@array Z _)) (u:Z), (1%Z <= u)%Z -> ...@@ -91,11 +94,13 @@ Axiom exists_prime : forall (p:(@array Z _)) (u:Z), (1%Z <= u)%Z ->
Axiom Bertrand_postulate : forall (p:Z), (number.Prime.prime p) -> Axiom Bertrand_postulate : forall (p:Z), (number.Prime.prime p) ->
~ (no_prime_in p (2%Z * p)%Z). ~ (no_prime_in p (2%Z * p)%Z).
Import Zquot.
(* Why3 goal *) (* Why3 goal *)
Theorem WP_parameter_prime_numbers : forall (m:Z), (2%Z <= m)%Z -> Theorem WP_parameter_prime_numbers : forall (m:Z), (2%Z <= m)%Z ->
((0%Z <= m)%Z -> ((0%Z <= m)%Z -> (((0%Z <= 0%Z)%Z /\ (0%Z < m)%Z) -> ((0%Z <= m)%Z -> ((0%Z <= m)%Z -> (((0%Z <= 0%Z)%Z /\ (0%Z < m)%Z) ->
forall (p:(@map.Map.map Z _ Z _)), ((0%Z <= m)%Z /\ forall (p:(@map.Map.map Z _ Z _)), ((0%Z <= m)%Z /\
(p = (map.Map.set (map.Map.const 0%Z:(@map.Map.map Z _ Z _)) 0%Z 2%Z))) -> (p = (map.Map.set (map.Map.const 0%Z: (@map.Map.map Z _ Z _)) 0%Z 2%Z))) ->
(((0%Z <= 1%Z)%Z /\ (1%Z < m)%Z) -> forall (p1:(@map.Map.map Z _ Z _)), (((0%Z <= 1%Z)%Z /\ (1%Z < m)%Z) -> forall (p1:(@map.Map.map Z _ Z _)),
((0%Z <= m)%Z /\ (p1 = (map.Map.set p 1%Z 3%Z))) -> let o := (m - 1%Z)%Z in ((0%Z <= m)%Z /\ (p1 = (map.Map.set p 1%Z 3%Z))) -> let o := (m - 1%Z)%Z in
((2%Z <= o)%Z -> forall (n:Z) (p2:(@map.Map.map Z _ Z _)), forall (j:Z), ((2%Z <= o)%Z -> forall (n:Z) (p2:(@map.Map.map Z _ Z _)), forall (j:Z),
...@@ -109,9 +114,10 @@ Theorem WP_parameter_prime_numbers : forall (m:Z), (2%Z <= m)%Z -> ...@@ -109,9 +114,10 @@ Theorem WP_parameter_prime_numbers : forall (m:Z), (2%Z <= m)%Z ->
((number.Parity.odd n1) /\ ((no_prime_in (map.Map.get p3 (j - 1%Z)%Z) ((number.Parity.odd n1) /\ ((no_prime_in (map.Map.get p3 (j - 1%Z)%Z)
n1) /\ forall (i:Z), ((0%Z <= i)%Z /\ (i < k)%Z) -> n1) /\ forall (i:Z), ((0%Z <= i)%Z /\ (i < k)%Z) ->
~ (number.Divisibility.divides (map.Map.get p3 i) n1))))))) -> ~ (number.Divisibility.divides (map.Map.get p3 i) n1))))))) ->
(((0%Z <= k)%Z /\ (k < m)%Z) -> ((~ ((ZOmod n1 (map.Map.get p3 (((0%Z <= k)%Z /\ (k < m)%Z) ->
k)) = 0%Z)) -> (((0%Z <= k)%Z /\ (k < m)%Z) -> (((0%Z <= k)%Z /\ ((~ ((ZArith.BinInt.Z.rem n1 (map.Map.get p3 k)) = 0%Z)) ->
(k < m)%Z) -> (((map.Map.get p3 k) < (ZOdiv n1 (map.Map.get p3 k)))%Z -> (((0%Z <= k)%Z /\ (k < m)%Z) -> (((0%Z <= k)%Z /\ (k < m)%Z) ->
(((map.Map.get p3 k) < (ZArith.BinInt.Z.quot n1 (map.Map.get p3 k)))%Z ->
((k + 1%Z)%Z < j)%Z))))))))))). ((k + 1%Z)%Z < j)%Z))))))))))).
(* Why3 intros m h1 h2 h3 (h4,h5) p (h6,h7) (h8,h9) p1 (h10,h11) o h12 n p2 j (* Why3 intros m h1 h2 h3 (h4,h5) p (h6,h7) (h8,h9) p1 (h10,h11) o h12 n p2 j
(h13,h14) (h15,((h16,h17),(h18,h19))) k n1 p3 (h13,h14) (h15,((h16,h17),(h18,h19))) k n1 p3
...@@ -127,14 +133,14 @@ subst k. ...@@ -127,14 +133,14 @@ subst k.
assert (2 < Map.get p3 (j-1))%Z. assert (2 < Map.get p3 (j-1))%Z.
red in h23. destruct h23 as (hh1, (hh2, _)). red in h23. destruct h23 as (hh1, (hh2, _)).
rewrite <- hh1. apply hh2; omega. rewrite <- hh1. apply hh2; omega.
generalize (ZO_div_mod_eq n1 (Map.get p3 (j-1))%Z). intro div. generalize (Z_quot_rem_eq n1 (Map.get p3 (j-1))%Z). intro div.
assert (ne1: (0 <= n1 /\ Map.get p3 (j-1) <> 0)%Z) by omega. assert (ne1: (0 <= n1 /\ Map.get p3 (j-1) <> 0)%Z) by omega.
assert (mod_: (0 <= ZOmod n1 (Map.get p3 (j-1)))%Z). assert (mod_: (0 <= Z.rem n1 (Map.get p3 (j-1)))%Z).
destruct (not_Zeq_inf _ _ (proj2 ne1)) as [Zm|Zm]. destruct (not_Zeq_inf _ _ (proj2 ne1)) as [Zm|Zm].
now apply ZOmod_lt_pos_neg. now apply Zrem_lt_pos_neg.
now apply ZOmod_lt_pos_pos. now apply Zrem_lt_pos_pos.
assert (n1 > Map.get p3 (j - 1) * Map.get p3 (j-1))%Z. assert (n1 > Map.get p3 (j - 1) * Map.get p3 (j-1))%Z.
assert (Map.get p3 (j - 1) * (ZOdiv n1 (Map.get p3 (j - 1))) > Map.get p3 (j - 1) * Map.get p3 (j-1))%Z. assert (Map.get p3 (j - 1) * (Z.quot n1 (Map.get p3 (j - 1))) > Map.get p3 (j - 1) * Map.get p3 (j-1))%Z.
apply Zmult_gt_compat_l. apply Zmult_gt_compat_l.
omega. omega.
apply Zlt_gt. apply Zlt_gt.
......
(* This file is generated by Why3's Coq driver *) (* This file is generated by Why3's Coq 8.4 driver *)
(* Beware! Only edit allowed sections below *) (* Beware! Only edit allowed sections below *)
Require Import BuiltIn. Require Import BuiltIn.
Require Import R_sqrt. Require Reals.R_sqrt.
Require BuiltIn. Require BuiltIn.
Require real.Real. Require real.Real.
Require real.Square. Require real.Square.
...@@ -11,24 +11,26 @@ Definition dot (x1:R) (x2:R) (y1:R) (y2:R): R := ...@@ -11,24 +11,26 @@ Definition dot (x1:R) (x2:R) (y1:R) (y2:R): R :=
((x1 * y1)%R + (x2 * y2)%R)%R. ((x1 * y1)%R + (x2 * y2)%R)%R.
(* Why3 assumption *) (* Why3 assumption *)
Definition norm2 (x1:R) (x2:R): R := ((Rsqr x1) + (Rsqr x2))%R. Definition norm2 (x1:R) (x2:R): R :=
((Reals.RIneq.Rsqr x1) + (Reals.RIneq.Rsqr x2))%R.
Axiom norm2_pos : forall (x1:R) (x2:R), (0%R <= (norm2 x1 x2))%R. Axiom norm2_pos : forall (x1:R) (x2:R), (0%R <= (norm2 x1 x2))%R.
Axiom Lagrange : forall (a1:R) (a2:R) (b1:R) (b2:R), (((norm2 a1 Axiom Lagrange : forall (a1:R) (a2:R) (b1:R) (b2:R), (((norm2 a1
a2) * (norm2 b1 b2))%R = ((Rsqr (dot a1 a2 b1 a2) * (norm2 b1 b2))%R = ((Reals.RIneq.Rsqr (dot a1 a2 b1
b2)) + (Rsqr ((a1 * b2)%R - (a2 * b1)%R)%R))%R). b2)) + (Reals.RIneq.Rsqr ((a1 * b2)%R - (a2 * b1)%R)%R))%R).
Axiom CauchySchwarz_aux : forall (x1:R) (x2:R) (y1:R) (y2:R), ((Rsqr (dot x1 Axiom CauchySchwarz_aux : forall (x1:R) (x2:R) (y1:R) (y2:R),
x2 y1 y2)) <= ((norm2 x1 x2) * (norm2 y1 y2))%R)%R. ((Reals.RIneq.Rsqr (dot x1 x2 y1 y2)) <= ((norm2 x1 x2) * (norm2 y1
y2))%R)%R.
(* Why3 assumption *) (* Why3 assumption *)
Definition norm (x1:R) (x2:R): R := (sqrt (norm2 x1 x2)). Definition norm (x1:R) (x2:R): R := (Reals.R_sqrt.sqrt (norm2 x1 x2)).
Axiom norm_pos : forall (x1:R) (x2:R), (0%R <= (norm x1 x2))%R. Axiom norm_pos : forall (x1:R) (x2:R), (0%R <= (norm x1 x2))%R.
Axiom sqr_le_sqrt : forall (x:R) (y:R), ((Rsqr x) <= y)%R -> Axiom sqr_le_sqrt : forall (x:R) (y:R), ((Reals.RIneq.Rsqr x) <= y)%R ->
(x <= (sqrt y))%R. (x <= (Reals.R_sqrt.sqrt y))%R.
Require Import Why3. Require Import Why3.
Ltac ae := why3 "Alt-Ergo,0.95.1," timelimit 3. Ltac ae := why3 "Alt-Ergo,0.95.1," timelimit 3.
...@@ -36,14 +38,13 @@ Ltac ae := why3 "Alt-Ergo,0.95.1," timelimit 3. ...@@ -36,14 +38,13 @@ Ltac ae := why3 "Alt-Ergo,0.95.1," timelimit 3.
(* Why3 goal *) (* Why3 goal *)
Theorem CauchySchwarz : forall (x1:R) (x2:R) (y1:R) (y2:R), ((dot x1 x2 y1 Theorem CauchySchwarz : forall (x1:R) (x2:R) (y1:R) (y2:R), ((dot x1 x2 y1
y2) <= ((norm x1 x2) * (norm y1 y2))%R)%R. y2) <= ((norm x1 x2) * (norm y1 y2))%R)%R.
(* intros x1 x2 y1 y2. *) (* Why3 intros x1 x2 y1 y2. *)
intros x1 x2 y1 y2. intros x1 x2 y1 y2.
unfold norm. unfold norm.
rewrite <- sqrt_mult. rewrite <- R_sqrt.sqrt_mult.
apply sqr_le_sqrt. apply sqr_le_sqrt.
ae. ae.
ae. ae.
ae. ae.
Qed. Qed.
(* This file is generated by Why3's Coq driver *) (* This file is generated by Why3's Coq 8.4 driver *)
(* Beware! Only edit allowed sections below *) (* Beware! Only edit allowed sections below *)
Require Import BuiltIn. Require Import BuiltIn.
Require Import R_sqrt. Require Reals.R_sqrt.
Require BuiltIn. Require BuiltIn.
Require real.Real. Require real.Real.
Require real.Square. Require real.Square.
...@@ -11,30 +11,34 @@ Definition dot (x1:R) (x2:R) (y1:R) (y2:R): R := ...@@ -11,30 +11,34 @@ Definition dot (x1:R) (x2:R) (y1:R) (y2:R): R :=
((x1 * y1)%R + (x2 * y2)%R)%R. ((x1 * y1)%R + (x2 * y2)%R)%R.
(* Why3 assumption *) (* Why3 assumption *)
Definition norm2 (x1:R) (x2:R): R := ((Rsqr x1) + (Rsqr x2))%R. Definition norm2 (x1:R) (x2:R): R :=
((Reals.RIneq.Rsqr x1) + (Reals.RIneq.Rsqr x2))%R.
Axiom norm2_pos : forall (x1:R) (x2:R), (0%R <= (norm2 x1 x2))%R. Axiom norm2_pos : forall (x1:R) (x2:R), (0%R <= (norm2 x1 x2))%R.
Axiom Lagrange : forall (a1:R) (a2:R) (b1:R) (b2:R), (((norm2 a1 Axiom Lagrange : forall (a1:R) (a2:R) (b1:R) (b2:R), (((norm2 a1
a2) * (norm2 b1 b2))%R = ((Rsqr (dot a1 a2 b1 a2) * (norm2 b1 b2))%R = ((Reals.RIneq.Rsqr (dot a1 a2 b1
b2)) + (Rsqr ((a1 * b2)%R - (a2 * b1)%R)%R))%R). b2)) + (Reals.RIneq.Rsqr ((a1 * b2)%R - (a2 * b1)%R)%R))%R).
Axiom CauchySchwarz_aux : forall (x1:R) (x2:R) (y1:R) (y2:R), ((Rsqr (dot x1 Axiom CauchySchwarz_aux : forall (x1:R) (x2:R) (y1:R) (y2:R),
x2 y1 y2)) <= ((norm2 x1 x2) * (norm2 y1 y2))%R)%R. ((Reals.RIneq.Rsqr (dot x1 x2 y1 y2)) <= ((norm2 x1 x2) * (norm2 y1
y2))%R)%R.