Fix some style issues

README.md

@@ -103,10 +103,10 @@ $ ./build.sh
 * [DateDurationSign_year_sign_dominates](theories/Section7/DateDurationSign.v)
 * [CompareISODate_eq_zero](theories/Section3/CompareISODate.v)
 * [CompareISODate_eq_implies_eq_zero](theories/Section3/CompareISODate.v)
+* [CompareTimeRecord_eq_zero](theories/Section4/CompareTimeRecord.v)
 
 ### Unproven
 * [TemporalDateToString_without_calendar_satisfies_rfc3339](theories/Section3/TemporalDateToString.v)
 * [ISODateTimeToString_without_calendar_satisfies_rfc3339](theories/Section5/ISODateTimeToString.v)
 * [AddTime_adding_zero_no_change](theories/Section4/AddTime.v)
-* [CompareTimeRecord_eq_zero](theories/Section4/CompareTimeRecord.v)
 * [CompareTimeRecord_eq_implies_eq_zero](theories/Section4/CompareTimeRecord.v)

theories/Basic.v

@@ -158,3 +158,5 @@ Proof.
   easy.
   easy.
 Qed.
+
+Lemma zero_le_two : 0 <= 2. Proof. easy. Qed.

theories/Grammar.v

@@ -49,19 +49,19 @@ Module Grammar.
   Definition Equiv (a b : grammar) := forall s, generates a s <-> generates b s.
 
   Module Equiv.
-    Theorem refl : reflexive grammar Equiv.
+    Lemma refl : reflexive grammar Equiv.
     Proof.
       unfold reflexive, Equiv.
       split; intros; assumption.
     Qed.
 
-    Theorem symm : symmetric grammar Equiv.
+    Lemma symm : symmetric grammar Equiv.
     Proof.
       unfold symmetric, Equiv.
       split; apply H.
     Qed.
 
-    Theorem trans : transitive grammar Equiv.
+    Lemma trans : transitive grammar Equiv.
     Proof.
       unfold transitive, Equiv.
       split.
@@ -76,7 +76,7 @@ Module Grammar.
       as Equiv_rel.
   End Equiv.
 
-  Theorem alternative_assoc :
+  Lemma alternative_assoc :
     forall a b c,
     Equiv (alternative (alternative a b) c) (alternative a (alternative b c)).
   Proof.
@@ -95,7 +95,7 @@ Module Grammar.
         apply gen_alt_r; assumption.
   Qed.
 
-  Theorem alternative_comm :
+  Lemma alternative_comm :
     forall a b, Equiv (alternative a b) (alternative b a).
   Proof.
     split.
@@ -113,7 +113,7 @@ Module Grammar.
         assumption.
   Qed.
 
-  Theorem alternative_nothing : forall a, Equiv a (alternative a nothing).
+  Lemma alternative_nothing : forall a, Equiv a (alternative a nothing).
   Proof.
     split.
     - intros.
@@ -125,7 +125,7 @@ Module Grammar.
       + inversion H.
   Qed.
 
-  Theorem sequence_assoc :
+  Lemma sequence_assoc :
     forall a b c,
     Equiv (sequence (sequence a b) c) (sequence a (sequence b c)).
   Proof.
@@ -146,7 +146,7 @@ Module Grammar.
       + assumption.
   Qed.
 
-  Theorem sequence_empty_l : forall a, Equiv a (sequence empty a).
+  Lemma sequence_empty_l : forall a, Equiv a (sequence empty a).
   Proof.
     split.
     - intros.
@@ -160,7 +160,7 @@ Module Grammar.
       assumption.
   Qed.
 
-  Theorem sequence_empty_r : forall a, Equiv a (sequence a empty).
+  Lemma sequence_empty_r : forall a, Equiv a (sequence a empty).
   Proof.
     split.
     - intros.
@@ -175,7 +175,7 @@ Module Grammar.
       assumption.
   Qed.
 
-  Theorem sequence_nothing_l : forall a, Equiv nothing (sequence nothing a).
+  Lemma sequence_nothing_l : forall a, Equiv nothing (sequence nothing a).
   Proof.
     split.
     - intros.
@@ -185,7 +185,7 @@ Module Grammar.
       inversion H.
   Qed.
 
-  Theorem sequence_nothing_r : forall a, Equiv nothing (sequence a nothing).
+  Lemma sequence_nothing_r : forall a, Equiv nothing (sequence a nothing).
   Proof.
     split.
     - intros.
@@ -195,7 +195,7 @@ Module Grammar.
       inversion H0.
   Qed.
 
-  Theorem unfold_star : forall a, Equiv (star a) (maybe (sequence a (star a))).
+  Lemma unfold_star : forall a, Equiv (star a) (maybe (sequence a (star a))).
   Proof.
     split.
     - intros.
@@ -210,7 +210,7 @@ Module Grammar.
       + apply gen_star_r; assumption.
   Qed.
 
-  Theorem sequence_alternative_distrib_l :
+  Lemma sequence_alternative_distrib_l :
     forall a b c,
     Equiv (sequence a (alternative b c)) (alternative (sequence a b) (sequence a c)).
   Proof.
@@ -234,7 +234,7 @@ Module Grammar.
         assumption.
   Qed.
 
-  Theorem sequence_alternative_distrib_r :
+  Lemma sequence_alternative_distrib_r :
     forall a b c,
     Equiv (sequence (alternative a b) c) (alternative (sequence a c) (sequence b c)).
   Proof.

theories/Section12/ISODaysInMonth.v

@@ -15,7 +15,7 @@ Ltac2 Notation lia := lia0 ().
      month (an integer in the inclusive interval from 1 to 12) and returns a
      positive integer. <<*)
 Definition ISODaysInMonth (year month : Z) (h : 1 <= month <= 12) : Z.
-  ltac1:(refine (
+  refine open_constr:(
     match month as m return (month = m -> Z) with
     (*>> 1. If month is 1, 3, 5, 7, 8, 10, or 12, return 31. <<*)
     | 1 | 3 | 5 | 7 | 8 | 10 | 12 => fun _ => 31
@@ -27,7 +27,7 @@ Definition ISODaysInMonth (year month : Z) (h : 1 <= month <= 12) : Z.
         (*>> 4. Return 28 + MathematicalInLeapYear(EpochTimeForYear(year)). <<*)
         28 + MathematicalInLeapYear (EpochTimeForYear year)
     end eq_refl
-  )).
+  ).
 
   (* Proof of the assert *)
   all: lia.

theories/Section13/DateEquations.v

@@ -92,7 +92,7 @@ Proof.
       * easy.
 Qed.
 
-Theorem EpochTimeForYear_monotonic :
+Lemma EpochTimeForYear_monotonic :
     forall y0 y1,
     y0 < y1 -> EpochTimeForYear y0 < EpochTimeForYear y1.
 Proof.
@@ -113,14 +113,12 @@ Program Fixpoint FindYearForwards (t y : Z) (h : EpochTimeForYear y < t)
   end.
 
 Next Obligation.
-Proof.
   rewrite <- Z.compare_lt_iff.
   symmetry.
   exact Heq_anonymous.
 Qed.
 
 Next Obligation.
-Proof.
   rewrite <- Z2Nat.inj_lt.
 
   (* t - EpochTimeForYear (y + 1) < t - EpochTimeForYear y *)
@@ -151,14 +149,12 @@ Program Fixpoint FindYearBackwards (t y : Z) (h : t < EpochTimeForYear y)
   end.
 
 Next Obligation.
-Proof.
   rewrite <- Z.compare_lt_iff.
   symmetry.
   exact Heq_anonymous.
 Qed.
 
 Next Obligation.
-Proof.
   rewrite <- Z2Nat.inj_lt.
 
   (* EpochTimeForYear (y - 1) - t < EpochTimeForYear y - t *)
@@ -189,14 +185,12 @@ Program Definition EpochTimeToEpochYear (t : Z) : Z :=
   end.
 
 Next Obligation.
-Proof.
   apply Z.gt_lt.
   symmetry.
   exact Heq_anonymous.
 Qed.
 
 Next Obligation.
-Proof.
   symmetry.
   exact Heq_anonymous.
 Qed.

theories/Section13/FormatTimeString.v

@@ -2,6 +2,7 @@ From Stdlib Require Import
   ZArith
   Strings.String.
 From Temporal Require Import
+  Basic
   StringUtil
   Section13.FormatFractionalSeconds
   Section13.PrecisionPrime

theories/Section3/ISODateRecord.v

@@ -17,7 +17,7 @@ Record ISODateRecord : Type :=
   }.
 
 (* This seems to be the case but the spec does not explicitly state it yet. *)
-Theorem ISODateRecord_IsValidISODate :
+Lemma ISODateRecord_IsValidISODate :
   forall (date : ISODateRecord),
   IsValidISODate (year date) (month date) (day date) = true.
 Admitted.

theories/Section3/RegulateISODate.v

@@ -47,35 +47,30 @@ Next Obligation. Proof. apply ISODaysInMonth_at_least_1. Qed.
 Next Obligation. Proof. apply clamp_between_lower_and_upper. Qed.
 
 Next Obligation.
-Proof.
   split.
   - apply clamp_between_lower_and_upper.
   - apply clamp_upper_le.
     apply ISODaysInMonth_range.
 Qed.
 
 Next Obligation.
-Proof.
   refine (IsValidISODate_month_day_range year _ _ _ _).
   apply clamp_between_lower_and_upper.
 Qed.
 
 Next Obligation.
-Proof.
   destruct overflow.
   - contradiction.
   - reflexivity.
 Qed.
 
 Next Obligation.
-Proof.
   symmetry in Heq_anonymous.
   destruct (IsValidISODate_true year month day Heq_anonymous).
   assumption.
 Qed.
 
 Next Obligation.
-Proof.
   symmetry in Heq_anonymous.
   destruct (IsValidISODate_true year month day Heq_anonymous).
   destruct H.

theories/Section4/AddTime.v

@@ -10,12 +10,9 @@ Definition AddTime (time : TimeRecord) (timeDuration : Z) (timeDuration_valid :
   BalanceTime (hour time) (minute time) (second time) (millisecond time) (microsecond time) (nanosecond time + timeDuration).
   (*>> 2. NOTE: If using floating points to implement this operation, add the time components separately before balancing to avoid errors with unsafe integers. <<*)
 
-Lemma zero_timeDuration_valid :
-  MinTimeDuration <= 0 <= MaxTimeDuration.
+Lemma zero_timeDuration_valid : MinTimeDuration <= 0 <= MaxTimeDuration.
 Proof.
-  split.
-  easy.
-  easy.
+  split; easy.
 Qed.
 
 Theorem AddTime_adding_zero_no_change :

theories/Section4/BalanceTime.v

@@ -46,16 +46,14 @@ Program Definition BalanceTime (hour minute second millisecond microsecond nanos
   CreateTimeRecord hour'' minute'' second'' millisecond'' microsecond'' nanosecond' (Some deltaDays) _ _ _ _ _ _ _.
 
 (* DeltaDaysValid (Some deltaDays) *)
-Next Obligation.
-Proof.
-Admitted.
+Next Obligation. Admitted.
 
-Next Obligation. Proof. refine (mod_pos_bound 24 _ _). easy. Qed.
-Next Obligation. Proof. refine (mod_pos_bound 60 _ _). easy. Qed.
-Next Obligation. Proof. refine (mod_pos_bound 60 _ _). easy. Qed.
-Next Obligation. Proof. refine (mod_pos_bound 1000 _ _). easy. Qed.
-Next Obligation. Proof. refine (mod_pos_bound 1000 _ _). easy. Qed.
-Next Obligation. Proof. refine (mod_pos_bound 1000 _ _). easy. Qed.
+Next Obligation. refine (mod_pos_bound 24 _ _). easy. Qed.
+Next Obligation. refine (mod_pos_bound 60 _ _). easy. Qed.
+Next Obligation. refine (mod_pos_bound 60 _ _). easy. Qed.
+Next Obligation. refine (mod_pos_bound 1000 _ _). easy. Qed.
+Next Obligation. refine (mod_pos_bound 1000 _ _). easy. Qed.
+Next Obligation. refine (mod_pos_bound 1000 _ _). easy. Qed.
 
 Lemma mod_if_range :
   forall e u otherwise, 0 < u -> otherwise = true ->

theories/Section4/CompareTimeRecord.v

@@ -47,7 +47,12 @@ Proof.
 Qed.
 
 Theorem CompareTimeRecord_eq_zero : forall time, CompareTimeRecord time time = 0.
-Admitted.
+Proof.
+  intros.
+  unfold CompareTimeRecord.
+  repeat (rewrite Z.gtb_ltb, Z.ltb_irrefl).
+  reflexivity.
+Qed.
 
 Theorem CompareTimeRecord_eq_implies_eq_zero :
   forall (d1 d2 h1 h2 m1 m2 s1 s2 ms1 ms2 us1 us2 ns1 ns2 : Z),

theories/Section4/CreateTimeRecord.v

@@ -33,7 +33,6 @@ Program Definition CreateTimeRecord (hour minute second millisecond microsecond
   mkTimeRecord deltaDays' _ hour hour_valid minute minute_valid second second_valid millisecond millisecond_valid microsecond microsecond_valid nanosecond nanosecond_valid.
 
 Next Obligation.
-Proof.
   unfold IsValidTime.
   destruct_with_eqn ((hour <? 0) || (hour >? 23)); try lia.
   destruct_with_eqn ((minute <? 0) || (minute >? 59)); try lia.
@@ -44,7 +43,6 @@ Proof.
 Qed.
 
 Next Obligation.
-Proof.
   destruct deltaDays.
   unfold DeltaDaysValid in days_valid.
   assumption.

theories/Section4/TimeRecord.v

@@ -33,7 +33,7 @@ Record TimeRecord :=
     nanosecond_valid : 0 <= nanosecond <= 999;
   }.
 
-Theorem TimeRecord_IsValidTime :
+Lemma TimeRecord_IsValidTime :
   forall (t : TimeRecord),
   IsValidTime (hour t) (minute t) (second t) (millisecond t) (microsecond t) (nanosecond t) = true.
 Proof.

theories/Section5/Notes/CombineISODateAndTime.v

@@ -28,6 +28,7 @@ Proof.
   rewrite CompareISODate_eq_zero.
   apply CompareTimeRecord_ignores_days.
 Qed.
+
 Theorem ISODateTimeToString_holds :
   With (fun i0 i1 => ISODateTimeToString i0 = ISODateTimeToString i1).
 Proof.

theories/Section7/DateDurationSign.v

@@ -77,7 +77,7 @@ Proof.
   intros.
   unfold DateDurationSign.
   simpl.
-  rewrite <-Z.ltb_lt in H.
+  rewrite <- Z.ltb_lt in H.
   rewrite H.
   reflexivity.
 Qed.

theories/StringUtil.v

@@ -42,8 +42,6 @@ Definition ToZeroPaddedDecimalString (n minLength : Z) (n_valid : 0 <= n) (minLe
   let S := Z_to_string n in
   StringPad S minLength "0" START minLength_valid.
 
-Lemma zero_le_two : 0 <= 2. Proof. easy. Qed.
-
 Close Scope Z.
 
 Lemma append_assoc :