Skip to content

Commit 835876b

Browse files
W95PspW95Psp
authored
Merge pull request #1520 from satiscugcat/main
Addition of integer function implementations in Core.Num.fsti, along with generic functions in Rust_primitives.Integer.fsti to support them.
2 parents 9d40f25 + fc5f2d9 commit 835876b

File tree

2 files changed

+99
-18
lines changed

2 files changed

+99
-18
lines changed

hax-lib/proof-libs/fstar/core/Core.Num.fsti

Lines changed: 80 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ let impl_u64__MIN: u64 = mk_u64 (minint u64_inttype)
1212
let impl_u128__MAX: u128 = mk_u128 (maxint u128_inttype)
1313
let impl_u128__MIN: u128 = mk_u128 (minint u128_inttype)
1414
let impl_usize__MAX: usize = mk_usize (maxint usize_inttype)
15+
1516
let impl_usize__MIN: usize = mk_usize (minint usize_inttype)
1617
let impl_i8__MAX: i8 = mk_i8 (maxint i8_inttype)
1718
let impl_i8__MIN: i8 = mk_i8 (minint i8_inttype)
@@ -26,6 +27,65 @@ let impl_i128__MIN: i128 = mk_i128 (minint i128_inttype)
2627
let impl_isize__MAX: isize = mk_isize (maxint isize_inttype)
2728
let impl_isize__MIN: isize = mk_isize (minint isize_inttype)
2829

30+
let impl_u8__BITS: u32 = mk_int 8
31+
let impl_u16__BITS: u32 = mk_int 16
32+
let impl_u32__BITS: u32 = mk_int 32
33+
let impl_u64__BITS: u32 = mk_int 64
34+
let impl_u128__BITS: u32 = mk_int 128
35+
let impl_i8__BITS: u32 = mk_int 8
36+
let impl_i16__BITS: u32 = mk_int 16
37+
let impl_i32__BITS: u32 = mk_int 32
38+
let impl_i64__BITS: u32 = mk_int 64
39+
let impl_i128__BITS: u32 = mk_int 128
40+
41+
42+
43+
let impl_u8__wrapping_add: u8 -> u8 -> u8 = add_mod
44+
let impl_u16__wrapping_add: u16 -> u16 -> u16 = add_mod
45+
let impl_u32__wrapping_add: u32 -> u32 -> u32 = add_mod
46+
let impl_u64__wrapping_add: u64 -> u64 -> u64 = add_mod
47+
let impl_u128__wrapping_add: u128 -> u128 -> u128 = add_mod
48+
let impl_i8__wrapping_add: i8 -> i8 -> i8 = add_mod
49+
let impl_i16__wrapping_add: i16 -> i16 -> i16 = add_mod
50+
let impl_i32__wrapping_add: i32 -> i32 -> i32 = add_mod
51+
let impl_i64__wrapping_add: i64 -> i64 -> i64 = add_mod
52+
let impl_i128__wrapping_add: i128 -> i128 -> i128 = add_mod
53+
54+
let impl_u8__saturating_add: u8 -> u8 -> u8 = add_sat
55+
let impl_u16__saturating_add: u16 -> u16 -> u16 = add_sat
56+
let impl_u32__saturating_add: u32 -> u32 -> u32 = add_sat
57+
let impl_u64__saturating_add: u64 -> u64 -> u64 = add_sat
58+
let impl_u128__saturating_add: u128 -> u128 -> u128 = add_sat
59+
let impl_i8__saturating_add: i8 -> i8 -> i8 = add_sat
60+
let impl_i16__saturating_add: i16 -> i16 -> i16 = add_sat
61+
let impl_i32__saturating_add: i32 -> i32 -> i32 = add_sat
62+
let impl_i64__saturating_add: i64 -> i64 -> i64 = add_sat
63+
let impl_i128__saturating_add: i128 -> i128 -> i128 = add_sat
64+
65+
66+
let impl_u8__wrapping_sub: u8 -> u8 -> u8 = sub_mod
67+
let impl_u16__wrapping_sub: u16 -> u16 -> u16 = sub_mod
68+
let impl_u32__wrapping_sub: u32 -> u32 -> u32 = sub_mod
69+
let impl_u64__wrapping_sub: u64 -> u64 -> u64 = sub_mod
70+
let impl_u128__wrapping_sub: u128 -> u128 -> u128 = sub_mod
71+
let impl_i8__wrapping_sub: i8 -> i8 -> i8 = sub_mod
72+
let impl_i16__wrapping_sub: i16 -> i16 -> i16 = sub_mod
73+
let impl_i32__wrapping_sub: i32 -> i32 -> i32 = sub_mod
74+
let impl_i64__wrapping_sub: i64 -> i64 -> i64 = sub_mod
75+
let impl_i128__wrapping_sub: i128 -> i128 -> i128 = sub_mod
76+
77+
78+
let impl_u8__saturating_sub: u8 -> u8 -> u8 = sub_sat
79+
let impl_u16__saturating_sub: u16 -> u16 -> u16 = sub_sat
80+
let impl_u32__saturating_sub: u32 -> u32 -> u32 = sub_sat
81+
let impl_u64__saturating_sub: u64 -> u64 -> u64 = sub_sat
82+
let impl_u128__saturating_sub: u128 -> u128 -> u128 = sub_sat
83+
let impl_i8__saturating_sub: i8 -> i8 -> i8 = sub_sat
84+
let impl_i16__saturating_sub: i16 -> i16 -> i16 = sub_sat
85+
let impl_i32__saturating_sub: i32 -> i32 -> i32 = sub_sat
86+
let impl_i64__saturating_sub: i64 -> i64 -> i64 = sub_sat
87+
let impl_i128__saturating_sub: i128 -> i128 -> i128 = sub_sat
88+
2989
let impl_u8__rem_euclid (x: u8) (y: u8 {v y <> 0}): u8 = x %! y
3090
let impl_u16__rem_euclid (x: u16) (y: u16 {v y <> 0}): u16 = x %! y
3191
let impl_u32__rem_euclid (x: u32) (y: u32 {v y <> 0}): u32 = x %! y
@@ -39,32 +99,40 @@ let impl_i64__rem_euclid (x: i64) (y: i64 {v y <> 0}): i64 = x %! y
3999
let impl_i128__rem_euclid (x: i128) (y: i128 {v y <> 0}): i128 = x %! y
40100
let impl_isize__rem_euclid (x: isize) (y: isize {v y <> 0}): isize = x %! y
41101

42-
let impl_u8__wrapping_add: u8 -> u8 -> u8 = add_mod
43-
let impl_u8__wrapping_sub: u8 -> u8 -> u8 = sub_mod
44-
let impl_u16__wrapping_add: u16 -> u16 -> u16 = add_mod
102+
103+
104+
let impl_u8__overflowing_mul: u8 -> u8 -> u8 * bool = mul_overflow
105+
let impl_u16__overflowing_mul: u16 -> u16 -> u16 * bool = mul_overflow
106+
let impl_u32__overflowing_mul: u32 -> u32 -> u32 * bool = mul_overflow
107+
let impl_u64__overflowing_mul: u64 -> u64 -> u64 * bool = mul_overflow
108+
let impl_u128__overflowing_mul: u128 -> u128 -> u128 * bool = mul_overflow
109+
let impl_i8__overflowing_mul: i8 -> i8 -> i8 * bool = mul_overflow
110+
let impl_i16__overflowing_mul: i16 -> i16 -> i16 * bool = mul_overflow
111+
let impl_i32__overflowing_mul: i32 -> i32 -> i32 * bool = mul_overflow
112+
let impl_i64__overflowing_mul: i64 -> i64 -> i64 * bool = mul_overflow
113+
let impl_i128__overflowing_mul: i128 -> i128 -> i128 * bool = mul_overflow
114+
45115
val impl_u16__to_be_bytes: u16 -> t_Array u8 (sz 2)
46116
val impl_u16__from_be_bytes: t_Array u8 (sz 2) -> u16
47117

48-
let impl_i32__wrapping_add: i32 -> i32 -> i32 = add_mod
49-
let impl_i32__wrapping_sub: i32 -> i32 -> i32 = sub_mod
118+
let impl_i8__abs (a:i8{minint i8_inttype < v a}) : i8 = abs_int a
119+
let impl_i16__abs (a:i16{minint i16_inttype < v a}) : i16 = abs_int a
50120
let impl_i32__abs (a:i32{minint i32_inttype < v a}) : i32 = abs_int a
51-
val impl_i32__overflowing_mul: i32 -> i32 -> i32 * bool
121+
let impl_i64__abs (a:i64{minint i64_inttype < v a}) : i64 = abs_int a
122+
let impl_i128__abs (a:i128{minint i128_inttype < v a}) : i128 = abs_int a
123+
52124

53-
let impl_i16__wrapping_add: i16 -> i16 -> i16 = add_mod
54-
let impl_i16__wrapping_sub: i16 -> i16 -> i16 = sub_mod
55125
let impl_i16__wrapping_mul: i16 -> i16 -> i16 = mul_mod
56-
val impl_i16__overflowing_mul: i16 -> i16 -> i16 * bool
57126

58-
let impl_u32__wrapping_add: u32 -> u32 -> u32 = add_mod
127+
59128
val impl_u32__rotate_left: u32 -> u32 -> u32
60129
val impl_u32__from_le_bytes: t_Array u8 (sz 4) -> u32
61130
val impl_u32__from_be_bytes: t_Array u8 (sz 4) -> u32
62131
val impl_u32__to_le_bytes: u32 -> t_Array u8 (sz 4)
63132
val impl_u32__to_be_bytes: u32 -> t_Array u8 (sz 4)
64133
val impl_u32__rotate_right: u32 -> u32 -> u32
65-
let impl_u32__BITS: u32 = mk_int 32
66134

67-
let impl_u64__wrapping_add: u64 -> u64 -> u64 = add_mod
135+
68136
val impl_u64__rotate_left: u32 -> u32 -> u32
69137
val impl_u64__from_le_bytes: t_Array u8 (sz 8) -> u64
70138
val impl_u64__from_be_bytes: t_Array u8 (sz 8) -> u64
@@ -77,12 +145,8 @@ let impl_u64__overflowing_sub (x y: u64): u64 * bool
77145
let out = if borrow then pow2 64 + sub else sub in
78146
(mk_u64 out, borrow)
79147

80-
let impl_i64__wrapping_add: i64 -> i64 -> i64 = add_mod
81-
let impl_i64__wrapping_sub: i64 -> i64 -> i64 = sub_mod
82148
let impl_i64__wrapping_mul: i64 -> i64 -> i64 = mul_mod
83149

84-
let impl_u128__wrapping_add: u128 -> u128 -> u128 = add_mod
85-
let impl_u128__wrapping_sub: u128 -> u128 -> u128 = sub_mod
86150
val impl_u128__rotate_left: u128 -> u128 -> u128
87151
val impl_u128__from_le_bytes: t_Array u8 (sz 16) -> u128
88152
val impl_u128__from_be_bytes: t_Array u8 (sz 16) -> u128
@@ -98,8 +162,6 @@ val impl_u128__pow: u128 -> u32 -> u128
98162
val impl_i16__pow (base: i16) (exponent: u32): result: i16 {v base == 2 /\ v exponent < 15 ==> (Math.Lemmas.pow2_lt_compat 15 (v exponent); result == mk_i16 (pow2 (v exponent)))}
99163
val impl_i32__pow (base: i32) (exponent: u32): result: i32 {v base == 2 /\ v exponent <= 16 ==> result == mk_i32 (pow2 (v exponent))}
100164

101-
let impl_i128__wrapping_add: i128 -> i128 -> i128 = add_mod
102-
let impl_i128__wrapping_sub: i128 -> i128 -> i128 = sub_mod
103165

104166
val impl_u8__count_ones: u8 -> r:u32{v r <= 8}
105167
val impl_i32__count_ones: i32 -> r:u32{v r <= 32}

hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Integers.fsti

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -186,6 +186,22 @@ let cast_identity_lemma
186186
let add_mod (#t:inttype) (a:int_t t) (b:int_t t) =
187187
mk_int #t ((v a + v b) @%. t)
188188

189+
let add_sat (#t:inttype) (a:int_t t) (b:int_t t) =
190+
mk_int #t (if (v a + v b) <= minint t
191+
then minint t
192+
else
193+
if (v a + v b) >= maxint t
194+
then maxint t
195+
else (v a + v b))
196+
197+
let sub_sat (#t:inttype) (a:int_t t) (b:int_t t) =
198+
mk_int #t (if (v a - v b) <= minint t
199+
then minint t
200+
else
201+
if (v a - v b) >= maxint t
202+
then maxint t
203+
else v a - v b)
204+
189205
let add (#t:inttype) (a:int_t t)
190206
(b:int_t t{range (v a + v b) t}) =
191207
mk_int #t (v a + v b)
@@ -197,6 +213,9 @@ let mul_mod (#t:inttype) (a:int_t t)
197213
(b:int_t t) =
198214
mk_int #t (v a * v b @%. t)
199215

216+
let mul_overflow (#t:inttype) (a:int_t t)
217+
(b:int_t t) =
218+
(mk_int #t (v a * v b @%. t), (v a * v b > maxint t || v a * v b < maxint t))
200219
let mul (#t:inttype) (a:int_t t)
201220
(b:int_t t{range (v a * v b) t}) =
202221
mk_int #t (v a * v b)

0 commit comments

Comments
 (0)