Added a few more u128 correctness proofs

Author: fegge

MidenLean/Proofs/U128/And.lean

@@ -9,7 +9,7 @@ open MidenLean.StepLemmas
 open MidenLean.Tactics
 
 set_option maxHeartbeats 4000000 in
-/-- u128.and correctly computes bitwise AND of two 128-bit values.
+/-- `u128::and` correctly computes bitwise AND of two 128-bit values.
     Input stack:  [b0, b1, b2, b3, a0, a1, a2, a3] ++ rest
     Output stack: [b0 &&& a0, b1 &&& a1, b2 &&& a2, b3 &&& a3] ++ rest. -/
 theorem u128_and_correct

MidenLean/Proofs/U128/Clo.lean

@@ -0,0 +1,119 @@
+import MidenLean.Proofs.Tactics
+import MidenLean.Generated.U128
+
+namespace MidenLean.Proofs
+
+open MidenLean
+open MidenLean.StepLemmas
+open MidenLean.Tactics
+
+set_option maxHeartbeats 12000000 in
+/-- `u128::clo` correctly counts leading ones of a u128 value.
+    Input stack:  [a, b, c, d] ++ rest
+    Output stack: [result] ++ rest
+    where `a..d` are low-to-high u32 limbs and the result is the number of
+    leading one bits in the 128-bit value. -/
+theorem u128_clo_correct
+    (a b c d : Felt) (rest : List Felt) (s : MidenState)
+    (hs : s.stack = a :: b :: c :: d :: rest)
+    (ha : a.isU32 = true) (hb : b.isU32 = true)
+    (hc : c.isU32 = true) (hd : d.isU32 = true) :
+    exec 33 s Miden.Core.U128.clo =
+    some (s.withStack (
+      (if d == (4294967295 : Felt) then
+        if c == (4294967295 : Felt) then
+          if b == (4294967295 : Felt) then
+            Felt.ofNat (u32CountLeadingZeros (u32Max - 1 - a.val)) + 96
+          else
+            Felt.ofNat (u32CountLeadingZeros (u32Max - 1 - b.val)) + 64
+        else
+          Felt.ofNat (u32CountLeadingZeros (u32Max - 1 - c.val)) + 32
+      else
+        Felt.ofNat (u32CountLeadingZeros (u32Max - 1 - d.val))) :: rest)) := by
+  obtain ⟨stk, mem, locs, adv⟩ := s
+  simp only [MidenState.withStack] at hs ⊢
+  subst hs
+  unfold exec Miden.Core.U128.clo execWithEnv
+  simp only [List.foldlM]
+  miden_movup
+  miden_dup
+  rw [stepEqImm]
+  miden_bind
+  by_cases hd1 : d == (4294967295 : Felt)
+  · simp [hd1, MidenState.withStack]
+    unfold execWithEnv
+    simp only [List.foldlM]
+    rw [stepDrop]
+    miden_bind
+    miden_movup
+    miden_dup
+    rw [stepEqImm]
+    miden_bind
+    by_cases hc1 : c == (4294967295 : Felt)
+    · simp [hc1, MidenState.withStack]
+      unfold execWithEnv
+      simp only [List.foldlM]
+      rw [stepDrop]
+      miden_bind
+      miden_swap
+      miden_dup
+      rw [stepEqImm]
+      miden_bind
+      by_cases hb1 : b == (4294967295 : Felt)
+      · simp [hb1, MidenState.withStack]
+        unfold execWithEnv
+        simp only [List.foldlM]
+        rw [stepDrop]
+        miden_bind
+        rw [stepU32Clo (ha := ha)]
+        miden_bind
+        rw [stepAddImm]
+        have hc_eq : c = 4294967295 := by exact beq_iff_eq.mp hc1
+        have hb_eq : b = 4294967295 := by exact beq_iff_eq.mp hb1
+        simp [hc_eq, hb_eq]
+      · simp [hb1, MidenState.withStack]
+        unfold execWithEnv
+        simp only [List.foldlM]
+        simp (config := { decide := true }) only [bind, Bind.bind, Option.bind, pure, Pure.pure]
+        rw [stepSwap (hn := by decide) (htop := rfl) (hnth := rfl)]
+        miden_bind
+        rw [stepDrop]
+        miden_bind
+        rw [stepU32Clo (ha := hb)]
+        miden_bind
+        rw [stepAddImm]
+        have hc_eq : c = 4294967295 := by exact beq_iff_eq.mp hc1
+        have hb_ne : b ≠ 4294967295 := by
+          intro hb_eq
+          exact hb1 (by simp [hb_eq])
+        simp [hc_eq, hb_ne]
+    · simp [hc1, MidenState.withStack]
+      unfold execWithEnv
+      simp only [List.foldlM]
+      simp (config := { decide := true }) only [bind, Bind.bind, Option.bind, pure, Pure.pure]
+      miden_movdn
+      rw [stepDrop]
+      miden_bind
+      rw [stepDrop]
+      miden_bind
+      rw [stepU32Clo (ha := hc)]
+      miden_bind
+      rw [stepAddImm]
+      have hc_ne : c ≠ 4294967295 := by
+        intro hc_eq
+        exact hc1 (by simp [hc_eq])
+      simp [hc_ne]
+  · simp [hd1, MidenState.withStack]
+    unfold execWithEnv
+    simp only [List.foldlM]
+    simp (config := { decide := true }) only [bind, Bind.bind, Option.bind, pure, Pure.pure]
+    miden_movdn
+    rw [stepDrop]
+    miden_bind
+    rw [stepDrop]
+    miden_bind
+    rw [stepDrop]
+    miden_bind
+    rw [stepU32Clo (ha := hd)]
+
+end MidenLean.Proofs

MidenLean/Proofs/U128/Clz.lean

@@ -0,0 +1,119 @@
+import MidenLean.Proofs.Tactics
+import MidenLean.Generated.U128
+
+namespace MidenLean.Proofs
+
+open MidenLean
+open MidenLean.StepLemmas
+open MidenLean.Tactics
+
+set_option maxHeartbeats 12000000 in
+/-- `u128::clz` correctly counts leading zeros of a u128 value.
+    Input stack:  [a, b, c, d] ++ rest
+    Output stack: [result] ++ rest
+    where `a..d` are low-to-high u32 limbs and the result is the number of
+    leading zero bits in the 128-bit value. -/
+theorem u128_clz_correct
+    (a b c d : Felt) (rest : List Felt) (s : MidenState)
+    (hs : s.stack = a :: b :: c :: d :: rest)
+    (ha : a.isU32 = true) (hb : b.isU32 = true)
+    (hc : c.isU32 = true) (hd : d.isU32 = true) :
+    exec 33 s Miden.Core.U128.clz =
+    some (s.withStack (
+      (if d == (0 : Felt) then
+        if c == (0 : Felt) then
+          if b == (0 : Felt) then
+            Felt.ofNat (u32CountLeadingZeros a.val) + 96
+          else
+            Felt.ofNat (u32CountLeadingZeros b.val) + 64
+        else
+          Felt.ofNat (u32CountLeadingZeros c.val) + 32
+      else
+        Felt.ofNat (u32CountLeadingZeros d.val)) :: rest)) := by
+  obtain ⟨stk, mem, locs, adv⟩ := s
+  simp only [MidenState.withStack] at hs ⊢
+  subst hs
+  unfold exec Miden.Core.U128.clz execWithEnv
+  simp only [List.foldlM]
+  miden_movup
+  miden_dup
+  rw [stepEqImm]
+  miden_bind
+  by_cases hd0 : d == (0 : Felt)
+  · simp [hd0, MidenState.withStack]
+    unfold execWithEnv
+    simp only [List.foldlM]
+    rw [stepDrop]
+    miden_bind
+    miden_movup
+    miden_dup
+    rw [stepEqImm]
+    miden_bind
+    by_cases hc0 : c == (0 : Felt)
+    · simp [hc0, MidenState.withStack]
+      unfold execWithEnv
+      simp only [List.foldlM]
+      rw [stepDrop]
+      miden_bind
+      miden_swap
+      miden_dup
+      rw [stepEqImm]
+      miden_bind
+      by_cases hb0 : b == (0 : Felt)
+      · simp [hb0, MidenState.withStack]
+        unfold execWithEnv
+        simp only [List.foldlM]
+        rw [stepDrop]
+        miden_bind
+        rw [stepU32Clz (ha := ha)]
+        miden_bind
+        rw [stepAddImm]
+        have hc_eq : c = 0 := by exact beq_iff_eq.mp hc0
+        have hb_eq : b = 0 := by exact beq_iff_eq.mp hb0
+        simp [hc_eq, hb_eq]
+      · simp [hb0, MidenState.withStack]
+        unfold execWithEnv
+        simp only [List.foldlM]
+        simp (config := { decide := true }) only [bind, Bind.bind, Option.bind, pure, Pure.pure]
+        rw [stepSwap (hn := by decide) (htop := rfl) (hnth := rfl)]
+        miden_bind
+        rw [stepDrop]
+        miden_bind
+        rw [stepU32Clz (ha := hb)]
+        miden_bind
+        rw [stepAddImm]
+        have hc_eq : c = 0 := by exact beq_iff_eq.mp hc0
+        have hb_ne : b ≠ 0 := by
+          intro hb_eq
+          exact hb0 (by simp [hb_eq])
+        simp [hc_eq, hb_ne]
+    · simp [hc0, MidenState.withStack]
+      unfold execWithEnv
+      simp only [List.foldlM]
+      simp (config := { decide := true }) only [bind, Bind.bind, Option.bind, pure, Pure.pure]
+      miden_movdn
+      rw [stepDrop]
+      miden_bind
+      rw [stepDrop]
+      miden_bind
+      rw [stepU32Clz (ha := hc)]
+      miden_bind
+      rw [stepAddImm]
+      have hc_ne : c ≠ 0 := by
+        intro hc_eq
+        exact hc0 (by simp [hc_eq])
+      simp [hc_ne]
+  · simp [hd0, MidenState.withStack]
+    unfold execWithEnv
+    simp only [List.foldlM]
+    simp (config := { decide := true }) only [bind, Bind.bind, Option.bind, pure, Pure.pure]
+    miden_movdn
+    rw [stepDrop]
+    miden_bind
+    rw [stepDrop]
+    miden_bind
+    rw [stepDrop]
+    miden_bind
+    rw [stepU32Clz (ha := hd)]
+
+end MidenLean.Proofs

MidenLean/Proofs/U128/Common.lean

@@ -11,7 +11,11 @@ def u128ProcEnv : ProcEnv := fun name =>
   | "overflowing_sub" => some Miden.Core.U128.overflowing_sub
   | "overflowing_mul" => some Miden.Core.U128.overflowing_mul
   | "gt" => some Miden.Core.U128.gt
+  | "gte" => some Miden.Core.U128.gte
   | "lt" => some Miden.Core.U128.lt
+  | "lte" => some Miden.Core.U128.lte
+  | "max" => some Miden.Core.U128.max
+  | "min" => some Miden.Core.U128.min
   | "wrapping_mul" => some Miden.Core.U128.wrapping_mul
   | "shr_k0" => some Miden.Core.U128.shr_k0
   | "shr_k1" => some Miden.Core.U128.shr_k1
@@ -22,4 +26,34 @@ def u128ProcEnv : ProcEnv := fun name =>
   | "divmod" => some Miden.Core.U128.divmod
   | _ => none
 
+def u128Sub0 (a0 b0 : Felt) : Nat × Nat :=
+  u32OverflowingSub a0.val b0.val
+
+def u128Sub1 (a1 b1 : Felt) : Nat × Nat :=
+  u32OverflowingSub a1.val b1.val
+
+def u128Borrow1 (a0 a1 b0 b1 : Felt) : Felt :=
+  if decide ((u128Sub1 a1 b1).2 < (u128Sub0 a0 b0).1) || decide (a1.val < b1.val) then
+    1
+  else
+    0
+
+def u128Sub2 (a2 b2 : Felt) : Nat × Nat :=
+  u32OverflowingSub a2.val b2.val
+
+def u128Borrow2 (a0 a1 a2 b0 b1 b2 : Felt) : Felt :=
+  if decide ((u128Sub2 a2 b2).2 < (u128Borrow1 a0 a1 b0 b1).val) || decide (a2.val < b2.val) then
+    1
+  else
+    0
+
+def u128Sub3 (a3 b3 : Felt) : Nat × Nat :=
+  u32OverflowingSub a3.val b3.val
+
+def u128LtBool (a0 a1 a2 a3 b0 b1 b2 b3 : Felt) : Bool :=
+  decide ((u128Sub3 a3 b3).2 < (u128Borrow2 a0 a1 a2 b0 b1 b2).val) || decide (a3.val < b3.val)
+
+def u128GtBool (a0 a1 a2 a3 b0 b1 b2 b3 : Felt) : Bool :=
+  u128LtBool b0 b1 b2 b3 a0 a1 a2 a3
+
 end MidenLean.Proofs