Skip to content

Commit 3158389

Browse files
abentkampabentkamp
committed
feat(proof-libs): generalize shift_right_le
1 parent 6552666 commit 3158389

File tree

2 files changed

+7
-26
lines changed

2 files changed

+7
-26
lines changed

hax-lib/proof-libs/fstar/core/Core_models.Num.fsti

Lines changed: 0 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -156,31 +156,6 @@ val shift_right_trailing_zeros_nonzero_lemma_usize (a:usize) :
156156
(ensures (v (shift_right a (impl_usize__trailing_zeros a)) <> 0))
157157
[SMTPat (shift_right a (impl_usize__trailing_zeros a))]
158158

159-
val shift_right_trailing_zeros_le_lemma_u8 (a:u8) :
160-
Lemma (v (shift_right a (impl_u8__trailing_zeros a)) <= v a)
161-
[SMTPat (shift_right a (impl_u8__trailing_zeros a))]
162-
163-
val shift_right_trailing_zeros_le_lemma_u16 (a:u16) :
164-
Lemma (v (shift_right a (impl_u16__trailing_zeros a)) <= v a)
165-
[SMTPat (shift_right a (impl_u16__trailing_zeros a))]
166-
167-
val shift_right_trailing_zeros_le_lemma_u32 (a:u32) :
168-
Lemma (v (shift_right a (impl_u32__trailing_zeros a)) <= v a)
169-
[SMTPat (shift_right a (impl_u32__trailing_zeros a))]
170-
171-
val shift_right_trailing_zeros_le_lemma_u64 (a:u64) :
172-
Lemma (v (shift_right a (impl_u64__trailing_zeros a)) <= v a)
173-
[SMTPat (shift_right a (impl_u64__trailing_zeros a))]
174-
175-
val shift_right_trailing_zeros_le_lemma_u128 (a:u128) :
176-
Lemma (v (shift_right a (impl_u128__trailing_zeros a)) <= v a)
177-
[SMTPat (shift_right a (impl_u128__trailing_zeros a))]
178-
179-
val shift_right_trailing_zeros_le_lemma_usize (a:usize) :
180-
Lemma (v (shift_right a (impl_usize__trailing_zeros a)) <= v a)
181-
[SMTPat (shift_right a (impl_usize__trailing_zeros a))]
182-
183-
184159
let impl_i8__abs (a:i8{minint i8_inttype < v a}) : i8 = abs_int a
185160
let impl_i16__abs (a:i16{minint i16_inttype < v a}) : i16 = abs_int a
186161
let impl_i32__abs (a:i32{minint i32_inttype < v a}) : i32 = abs_int a

hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Integers.fsti

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -340,7 +340,13 @@ val shift_right_lemma (#t:inttype) (#t':inttype)
340340
(a:int_t t) (b:shiftval t t'):
341341
Lemma (v (shift_right #t #t' a b) == (v a / pow2 (v b)))
342342
[SMTPat (shift_right #t #t' a b)]
343-
343+
344+
val shift_right_le (#t:inttype) (#t':inttype)
345+
(a:int_t t) (b:shiftval t t'):
346+
Lemma (requires (unsigned t \/ v a >= 0))
347+
(ensures (v (shift_right #t #t' a b) <= v a))
348+
[SMTPat (shift_right #t #t' a b)]
349+
344350
val shift_left (#t:inttype) (#t':inttype)
345351
(a:int_t t) (b:shiftval t t') : int_t t
346352

0 commit comments

Comments
 (0)