diff options
| author | James Pollard <james@pollard.dev> | 2020-06-28 22:02:44 +0100 |
|---|---|---|
| committer | James Pollard <james@pollard.dev> | 2020-06-28 22:02:44 +0100 |
| commit | e9b4b89bd491fa91640ef56ccdacc6ecccc03908 (patch) | |
| tree | 91ea1e128dfdd87c6cbb97cffa6dbbf1f63a068a /src/common | |
| parent | accf4b273525412801dc21c893d41c890c9fed6d (diff) | |
| download | vericert-e9b4b89bd491fa91640ef56ccdacc6ecccc03908.tar.gz vericert-e9b4b89bd491fa91640ef56ccdacc6ecccc03908.zip | |
Finish first IStore proof (modulo some admissions).
Diffstat (limited to 'src/common')
| -rw-r--r-- | src/common/IntegerExtra.v | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/src/common/IntegerExtra.v b/src/common/IntegerExtra.v index ec1fb07..8df70d9 100644 --- a/src/common/IntegerExtra.v +++ b/src/common/IntegerExtra.v @@ -140,23 +140,23 @@ Module PtrofsExtra. congruence. Qed. - Lemma divs_unsigned : + Lemma divu_unsigned : forall x y, - 0 <= Ptrofs.signed x -> - 0 < Ptrofs.signed y -> - Ptrofs.unsigned (Ptrofs.divs x y) = Ptrofs.signed x / Ptrofs.signed y. + 0 < Ptrofs.unsigned y -> + Ptrofs.unsigned x < Ptrofs.max_unsigned -> + Ptrofs.unsigned (Ptrofs.divu x y) = Ptrofs.unsigned x / Ptrofs.unsigned y. Proof. intros. - unfold Ptrofs.divs. - rewrite Ptrofs.unsigned_repr. - apply Z.quot_div_nonneg; lia. + unfold Ptrofs.divu. + rewrite Ptrofs.unsigned_repr; auto. split. - apply Z.quot_pos; lia. - apply Zquot.Zquot_le_upper_bound; try lia. + apply Z.div_pos; auto. + apply Ptrofs.unsigned_range. + apply Z.div_le_upper_bound; auto. eapply Z.le_trans. - 2: { apply ZBinary.Z.le_mul_diag_r; simplify; try lia. } - pose proof (Ptrofs.signed_range x). - simplify; lia. + apply Z.lt_le_incl. exact H0. + rewrite Z.mul_comm. + apply Z.le_mul_diag_r; simplify; lia. Qed. Lemma mul_unsigned : |