diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Camlcoq.ml | 2 | ||||
-rw-r--r-- | lib/Integers.v | 26 |
2 files changed, 25 insertions, 3 deletions
diff --git a/lib/Camlcoq.ml b/lib/Camlcoq.ml index 63a31181..5c25796e 100644 --- a/lib/Camlcoq.ml +++ b/lib/Camlcoq.ml @@ -272,6 +272,8 @@ let coqint_of_camlint : int32 -> Integers.Int.int = Z.of_uint32 let camlint64_of_coqint : Integers.Int64.int -> int64 = Z.to_int64 let coqint_of_camlint64 : int64 -> Integers.Int64.int = Z.of_uint64 (* interpret the int64 as unsigned so that result Z is in range for int *) +let camlint64_of_ptrofs : Integers.Ptrofs.int -> int64 = + fun x -> Z.to_int64 (Integers.Ptrofs.signed x) (* Atoms (positive integers representing strings) *) diff --git a/lib/Integers.v b/lib/Integers.v index 8fd09dd1..b1fa982d 100644 --- a/lib/Integers.v +++ b/lib/Integers.v @@ -796,6 +796,12 @@ Proof. unfold signed. rewrite unsigned_zero. apply zlt_true. generalize half_modulus_pos; omega. Qed. +Theorem signed_one: zwordsize > 1 -> signed one = 1. +Proof. + intros. unfold signed. rewrite unsigned_one. apply zlt_true. + change 1 with (two_p 0). rewrite half_modulus_power. apply two_p_monotone_strict. omega. +Qed. + Theorem signed_mone: signed mone = -1. Proof. unfold signed. rewrite unsigned_mone. @@ -1844,6 +1850,15 @@ Proof. destruct (testbit x i); destruct (testbit y i); reflexivity || discriminate. Qed. +Theorem xor_is_zero: forall x y, eq (xor x y) zero = eq x y. +Proof. + intros. predSpec eq eq_spec (xor x y) zero. +- apply xor_zero_equal in H. subst y. rewrite eq_true; auto. +- predSpec eq eq_spec x y. ++ elim H; subst y; apply xor_idem. ++ auto. +Qed. + Theorem and_xor_distrib: forall x y z, and x (xor y z) = xor (and x y) (and x z). @@ -2933,6 +2948,13 @@ Proof. - apply Zquot_Zdiv_pos; omega. Qed. +Theorem shrx_zero: + forall x, zwordsize > 1 -> shrx x zero = x. +Proof. + intros. unfold shrx. rewrite shl_zero. unfold divs. rewrite signed_one by auto. + rewrite Z.quot_1_r. apply repr_signed. +Qed. + Theorem shrx_shr: forall x y, ltu y (repr (zwordsize - 1)) = true -> @@ -4080,9 +4102,7 @@ Qed. Theorem shrx'_zero: forall x, shrx' x Int.zero = x. Proof. - intros. unfold shrx'. rewrite shl'_one_two_p. unfold divs. - change (signed (repr (two_p (Int.unsigned Int.zero)))) with 1. - rewrite Z.quot_1_r. apply repr_signed. + intros. change (shrx' x Int.zero) with (shrx x zero). apply shrx_zero. compute; auto. Qed. Theorem shrx'_shr_2: |