Skip to content

Commit a1f6fc2

Browse files
mtzguidomtzguido
committed
Remove unused _underspec functions in signed integers
If these were exposed for Int{8,16,32,64}, they would be UB. Remove them.
1 parent f4eefdd commit a1f6fc2

2 files changed

Lines changed: 0 additions & 46 deletions

File tree

ulib/FStar.Int.fst

Lines changed: 0 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -34,24 +34,6 @@ let pow2_values x =
3434
| 64 -> assert_norm (pow2 64 == 18446744073709551616)
3535
| _ -> ()
3636

37-
let incr_underspec #n a =
38-
if a < max_int n then a + 1 else 0
39-
40-
let decr_underspec #n a =
41-
if a > min_int n then a - 1 else 0
42-
43-
let add_underspec #n a b =
44-
if fits (a+b) n then a + b else 0
45-
46-
let sub_underspec #n a b =
47-
if fits (a-b) n then a - b else 0
48-
49-
let mul_underspec #n a b =
50-
if fits (a*b) n then a * b else 0
51-
52-
let div_underspec #n a b =
53-
if fits (a /- b) n then a /- b else 0
54-
5537
let div_size #n a b =
5638
FStar.Math.Lib.slash_decr_axiom (abs a) (abs b)
5739

ulib/FStar.Int.fsti

Lines changed: 0 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -88,14 +88,6 @@ let decr (#n:pos) (a:int_t n)
8888
(requires (b2t (a > min_int n))) (ensures (fun _ -> True))
8989
= a - 1
9090

91-
val incr_underspec: #n:pos -> a:int_t n -> Pure (int_t n)
92-
(requires (b2t (a < max_int n)))
93-
(ensures (fun b -> a + 1 = b))
94-
95-
val decr_underspec: #n:pos -> a:int_t n -> Pure (int_t n)
96-
(requires (b2t (a > min_int n)))
97-
(ensures (fun b -> a - 1 = b))
98-
9991
let incr_mod (#n:pos) (a:int_t n) : Tot (int_t n) =
10092
(a + 1) % (pow2 (n-1))
10193

@@ -109,11 +101,6 @@ let add (#n:pos) (a:int_t n) (b:int_t n)
109101
(ensures (fun _ -> True))
110102
= a + b
111103

112-
val add_underspec: #n:pos -> a:int_t n -> b:int_t n -> Pure (int_t n)
113-
(requires True)
114-
(ensures (fun c ->
115-
size (a + b) n ==> a + b = c))
116-
117104
#push-options "--fuel 1"
118105

119106
let add_mod (#n:pos) (a:int_t n) (b:int_t n) : Tot (int_t n) =
@@ -126,11 +113,6 @@ let sub (#n:pos) (a:int_t n) (b:int_t n)
126113
(ensures (fun _ -> True))
127114
= a - b
128115

129-
val sub_underspec: #n:pos -> a:int_t n -> b:int_t n -> Pure (int_t n)
130-
(requires True)
131-
(ensures (fun c ->
132-
size (a - b) n ==> a - b = c))
133-
134116
let sub_mod (#n:pos) (a:int_t n) (b:int_t n) : Tot (int_t n) =
135117
(a - b) @% (pow2 n)
136118

@@ -141,11 +123,6 @@ let mul (#n:pos) (a:int_t n) (b:int_t n)
141123
(ensures (fun _ -> True))
142124
= a * b
143125

144-
val mul_underspec: #n:pos -> a:int_t n -> b:int_t n -> Pure (int_t n)
145-
(requires True)
146-
(ensures (fun c ->
147-
size (a * b) n ==> a * b = c))
148-
149126
let mul_mod (#n:pos) (a:int_t n) (b:int_t n) : Tot (int_t n) =
150127
(a * b) @% (pow2 n)
151128

@@ -158,11 +135,6 @@ let div (#n:pos) (a:int_t n) (b:int_t n{b <> 0})
158135
(ensures (fun c -> b <> 0 ==> a /- b = c))
159136
= a /- b
160137

161-
val div_underspec: #n:pos -> a:int_t n -> b:int_t n{b <> 0} -> Pure (int_t n)
162-
(requires True)
163-
(ensures (fun c ->
164-
(b <> 0 /\ size (a /- b) n) ==> a /- b = c))
165-
166138
val div_size: #n:pos -> a:int_t n{min_int n < a} -> b:int_t n{b <> 0} ->
167139
Lemma (requires (size a n)) (ensures (size (a / b) n))
168140

0 commit comments

Comments
 (0)