From 0bc2d3e1f26680b205893979e5bdfc9c956ae8ca Mon Sep 17 00:00:00 2001
From: Tej Chajed <tchajed@gmail.com>
Date: Thu, 11 Jan 2024 21:43:51 -0600
Subject: [PATCH] Add more assertions to nonlin proofs

---
 src/nonlin/arith.dfy | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/nonlin/arith.dfy b/src/nonlin/arith.dfy
index 4fe6abf..f45ecbd 100644
--- a/src/nonlin/arith.dfy
+++ b/src/nonlin/arith.dfy
@@ -84,7 +84,12 @@ module Arith {
 
   lemma div_incr_auto()
     ensures forall x:nat, y:nat, k:nat | 0 < k && x < k * y :: x / k < y
-  {}
+  {
+    forall x:nat, y:nat, k:nat | 0 < k && x < k * y
+     ensures x / k < y {
+      div_incr(x, y, k);
+    }
+  }
 
   lemma div_positive(x: nat, y: int)
     requires 0 < y
@@ -146,6 +151,7 @@ module Arith {
     if x/k <= y/k { return; }
     // if x/k > y/k we'll derive a contradiction
     assert x/k - y/k >= 1;
+    mul_r_incr(1, x/k - y/k, k);
     assert (x/k - y/k) * k >= k;
     assert false;
   }
@@ -183,7 +189,9 @@ module Arith {
     if x/k == y/k {
       assert false;
     }
-    assert x/k < y/k;
+    assert x/k < y/k by {
+      div_increasing(x, y, k);
+    }
     assert x/k + 1 <= y/k;
     calc {
       x + k;