symm/chacha-x86ish-sse2.S: Fix mathematical errors in commentary.

The commentary proving the correctness for the general solution of
`gfreduce_quadsolve' was wrong in a number of details that somehow
managed to cancel out.  The claim is correct, and now the proof has been
fixed, with somewhat expanded calculations making the tricks easier to
notice.

diff --git a/math/gfreduce.c b/math/gfreduce.c
index 99f3bea59a1b75efa29dadedcceb2a4b63393b79..f29c104887dbfc7ed70283db3dcb50f572bf5983 100644 (file)
--- a/math/gfreduce.c
+++ b/math/gfreduce.c
@@ -554,12 +554,16 @@ mp *gfreduce_quadsolve(const gfreduce *r, mp *d, mp *x)
      *
      * Choose %$\rho \inr \gf{2^m}$% with %$\Tr(\rho) = 1$%.  Let
      * %$z = \sum_{0\le i<m} \rho^{2^i} \sum_{0\le j<i} x^{2^j} = {}$%
+     * %$\sum_{1\le i<m} \rho^{2^i} (x + \sum_{1\le j<i} x^{2^j} = {}$%
      * %$\rho^2 x + \rho^4 (x + x^2) + \rho^8 (x + x^2 + x^4) + \cdots + {}$%
      * %$\rho^{2^{m-1}} (x + x^2 + x^{2^{m-2}})$%.  Then %$z^2 = {}$%
      * %$\sum_{0\le i<m} \rho^{2^{i+1}} \sum_{0\le j<i} x^{2^{j+1}} = {}$%
-     * %$\sum_{1\le i\le m} \rho^{2^i} \sum_{1\le j\le i} x^{2^j}$% and,
-     * somewhat miraculously, %$z^2 + z = \sum_{0\le i<m} \rho^{2^i} x + {}$%
-     * %$\rho \sum_{1\le i<m} x^{2^i} = x \Tr(\rho) + \rho \Tr(x)$%.  Again,
+     * %$\sum_{1\le i\le m} \rho^{2^i} \sum_{1\le j<i} x^{2^j} = {}$%
+     * %$\sum_{1\le i<m} \rho^{2^i} \sum_{1\le j<i} x^{2^j} + {}$%
+     * %$\rho^{2^m} \sum_{1\le j<m} x^{2^j}$%; and, somewhat miraculously,
+     * %$z^2 + z = \sum_{1\le i<m} \rho^{2^i} x + {}$%
+     * %$\rho \sum_{1\le i<m} x^{2^i} = x (\Tr(\rho) + \rho) + {}$%
+     * %$\rho (\Tr(x) + x) = x \Tr(\rho) + \rho \Tr(x)$%.  Again,
      * this gives us the root we want whenever %$\Tr(x) = 0$%.
      *
      * The loop below calculates %$w = \Tr(\rho)$% and %$z$% simultaneously,