Skip to content

Commit b6d6a34

Browse files
satiscugcatsatiscugcat
committed
Added implementations for saturating add and saturating sub
1 parent 0a31176 commit b6d6a34

File tree

2 files changed

+40
-0
lines changed

2 files changed

+40
-0
lines changed

hax-lib/proof-libs/fstar/core/Core.Num.fsti

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,18 @@ let impl_i32__wrapping_add: i32 -> i32 -> i32 = add_mod
5050
let impl_i64__wrapping_add: i64 -> i64 -> i64 = add_mod
5151
let impl_i128__wrapping_add: i128 -> i128 -> i128 = add_mod
5252

53+
let impl_u8__saturating_add: u8 -> u8 -> u8 = add_sat
54+
let impl_u16__saturating_add: u16 -> u16 -> u16 = add_sat
55+
let impl_u32__saturating_add: u32 -> u32 -> u32 = add_sat
56+
let impl_u64__saturating_add: u64 -> u64 -> u64 = add_sat
57+
let impl_u128__saturating_add: u128 -> u128 -> u128 = add_sat
58+
let impl_i8__saturating_add: i8 -> i8 -> i8 = add_sat
59+
let impl_i16__saturating_add: i16 -> i16 -> i16 = add_sat
60+
let impl_i32__saturating_add: i32 -> i32 -> i32 = add_sat
61+
let impl_i64__saturating_add: i64 -> i64 -> i64 = add_sat
62+
let impl_i128__saturating_add: i128 -> i128 -> i128 = add_sat
63+
64+
5365
let impl_u8__wrapping_sub: u8 -> u8 -> u8 = sub_mod
5466
let impl_u16__wrapping_sub: u16 -> u16 -> u16 = sub_mod
5567
let impl_u32__wrapping_sub: u32 -> u32 -> u32 = sub_mod
@@ -61,6 +73,18 @@ let impl_i32__wrapping_sub: i32 -> i32 -> i32 = sub_mod
6173
let impl_i64__wrapping_sub: i64 -> i64 -> i64 = sub_mod
6274
let impl_i128__wrapping_sub: i128 -> i128 -> i128 = sub_mod
6375

76+
77+
let impl_u8__saturating_sub: u8 -> u8 -> u8 = sub_sat
78+
let impl_u16__saturating_sub: u16 -> u16 -> u16 = sub_sat
79+
let impl_u32__saturating_sub: u32 -> u32 -> u32 = sub_sat
80+
let impl_u64__saturating_sub: u64 -> u64 -> u64 = sub_sat
81+
let impl_u128__saturating_sub: u128 -> u128 -> u128 = sub_sat
82+
let impl_i8__saturating_sub: i8 -> i8 -> i8 = sub_sat
83+
let impl_i16__saturating_sub: i16 -> i16 -> i16 = sub_sat
84+
let impl_i32__saturating_sub: i32 -> i32 -> i32 = sub_sat
85+
let impl_i64__saturating_sub: i64 -> i64 -> i64 = sub_sat
86+
let impl_i128__saturating_sub: i128 -> i128 -> i128 = sub_sat
87+
6488
let impl_u8__rem_euclid (x: u8) (y: u8 {v y <> 0}): u8 = x %! y
6589
let impl_u16__rem_euclid (x: u16) (y: u16 {v y <> 0}): u16 = x %! y
6690
let impl_u32__rem_euclid (x: u32) (y: u32 {v y <> 0}): u32 = x %! y

hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Integers.fsti

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -186,6 +186,22 @@ let cast_identity_lemma
186186
let add_mod (#t:inttype) (a:int_t t) (b:int_t t) =
187187
mk_int #t ((v a + v b) @%. t)
188188

189+
let add_sat (#t:inttype) (a:int_t t) (b:int_t t) =
190+
mk_int #t (if (v a + v b) <= minint t
191+
then minint t
192+
else
193+
if (v a + v b) >= maxint t
194+
then maxint t
195+
else (v a + v b))
196+
197+
let sub_sat (#t:inttype) (a:int_t t) (b:int_t t) =
198+
mk_int #t (if (v a - v b) <= minint t
199+
then minint t
200+
else
201+
if (v a - v b) >= maxint t
202+
then maxint t
203+
else v a - v b)
204+
189205
let add (#t:inttype) (a:int_t t)
190206
(b:int_t t{range (v a + v b) t}) =
191207
mk_int #t (v a + v b)

0 commit comments

Comments
 (0)