From f4c9c5d1cca545fae929a1c8985b4a138d9969ff Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Thu, 25 Sep 2025 11:37:56 +0200 Subject: [PATCH 01/56] Remove files that we don't want in hax-evit. --- .github/workflows/changelog.yml | 69 ------------- .github/workflows/gh_pages.yml | 39 ------- .github/workflows/playwright-docs.yml | 49 --------- .github/workflows/this-month-in-hax.yml | 39 ------- .utils/this-month-in-hax-skeleton.sh | 131 ------------------------ 5 files changed, 327 deletions(-) delete mode 100644 .github/workflows/changelog.yml delete mode 100644 .github/workflows/gh_pages.yml delete mode 100644 .github/workflows/playwright-docs.yml delete mode 100644 .github/workflows/this-month-in-hax.yml delete mode 100755 .utils/this-month-in-hax-skeleton.sh diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml deleted file mode 100644 index e344e55a4..000000000 --- a/.github/workflows/changelog.yml +++ /dev/null @@ -1,69 +0,0 @@ -name: Check Changelog Update - -on: - pull_request: - types: [opened, synchronize, reopened, edited] - if: github.actor != 'github-merge-queue[bot]' - -jobs: - check-changelog: - if: github.actor != 'github-merge-queue[bot]' - runs-on: ubuntu-latest - - steps: - - name: Check for [skip changelog] tag in PR body - id: skip_check - uses: actions/github-script@v7 - with: - script: | - const body = context.payload.pull_request.body || ""; - core.debug(body); - if (body.includes('[skip changelog]')) { - core.notice("Skipping changelog check because [skip changelog] was found in PR body."); - core.setOutput("skip", "true"); - } else { - core.setOutput("skip", "false"); - } - - - name: Checkout full git history - if: steps.skip_check.outputs.skip == 'false' - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Fetch base branch - if: steps.skip_check.outputs.skip == 'false' - run: git fetch origin ${{ github.base_ref }} - - - name: Check if CHANGELOG.md was updated - if: steps.skip_check.outputs.skip == 'false' - id: updated - run: | - git diff --name-only origin/${{ github.base_ref }} HEAD > changed_files.txt - echo "::group::Changed files" - cat changed_files.txt - echo "::endgroup::" - - if ! grep -q 'CHANGELOG.md' changed_files.txt; then - { - echo '**Missing `CHANGELOG.md` entry**' - echo '' - echo 'Please do one of the following:' - echo '- Add relevant changes to `CHANGELOG.md`' - echo '- Or add `[skip changelog]` to the pull request body' - echo '' - echo 'Once done, re-run this workflow by clicking **"Re-run jobs"**.' - echo '' - cat CONTRIBUTING.md | awk '/^### Changelog$/{f=1;next} /^##?#? /&&f{exit} f' | sed 's/^###\s*//' - } > error-message - cat error-message >> $GITHUB_STEP_SUMMARY - exit 1 - fi - - - name: Fail with markdown error - if: failure() - uses: actions/github-script@v7 - with: - script: | - const msg = require('fs').readFileSync('error-message', 'utf8'); - core.setFailed(msg); diff --git a/.github/workflows/gh_pages.yml b/.github/workflows/gh_pages.yml deleted file mode 100644 index 7c444b115..000000000 --- a/.github/workflows/gh_pages.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: Deploy to GH Pages - -on: - workflow_dispatch: - push: - branches: [main] - -jobs: - # Build job - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: DeterminateSystems/nix-installer-action@main - - name: Build documentation - run: nix build .#docs - - name: Upload static files as artifact - id: deployment - uses: actions/upload-pages-artifact@v3 - with: - path: result/ - # Deploy job - deploy: - needs: build - permissions: - pages: write # to deploy to Pages - id-token: write # to verify the deployment originates from an appropriate source - - # Deploy to the github-pages environment - environment: - name: github-pages - url: ${{ steps.deployment.outputs.page_url }} - - # Specify runner + deployment step - runs-on: ubuntu-latest - steps: - - name: Deploy to GitHub Pages - id: deployment - uses: actions/deploy-pages@v4 # or specific "vX.X.X" version tag for this action diff --git a/.github/workflows/playwright-docs.yml b/.github/workflows/playwright-docs.yml deleted file mode 100644 index 744ff2e16..000000000 --- a/.github/workflows/playwright-docs.yml +++ /dev/null @@ -1,49 +0,0 @@ -name: Playwright Docs Tests -on: - schedule: - - cron: '0 0 * * *' - workflow_dispatch: -jobs: - test: - timeout-minutes: 45 - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v5 - - uses: DeterminateSystems/determinate-nix-action@v3 - - uses: actions/setup-node@v5 - with: - node-version: lts/* - - name: Install dependencies - working-directory: docs/.test - run: npm ci - - name: Install Playwright Browsers - working-directory: docs/.test - run: npx playwright install --with-deps - - name: Replace version with commit hash - run: sed -i "s/const HAX_PLAYGROUND_FORCED_VERSION = false;/const HAX_PLAYGROUND_FORCED_VERSION = \"${GITHUB_SHA}\";/" hax_playground.js - working-directory: docs/javascripts - - name: Playground warmup and build docs - run: | - set -euo pipefail - - nix build .#docs & pid1=$! - curl -sS "https://hax-playground.cryspen.com/query/$GITHUB_SHA/fstar" \ - -X POST \ - -H 'User-Agent: bot' \ - -H 'Accept: application/json' \ - -H 'Content-Type: application/json' \ - --data-raw '[["src/lib.rs","fn f(){}"]]' & pid2=$! - - wait $pid1 || exit_code1=$? - wait $pid2 || exit_code2=$? - - exit ${exit_code1:-0} || exit ${exit_code2:-0} - - name: Run Playwright tests - working-directory: docs/.test - run: npx playwright test --reporter github,html --trace on - - uses: actions/upload-artifact@v4 - if: ${{ !cancelled() }} - with: - name: playwright-report - path: docs/.test/playwright-report/ - retention-days: 30 diff --git a/.github/workflows/this-month-in-hax.yml b/.github/workflows/this-month-in-hax.yml deleted file mode 100644 index 68e3df21c..000000000 --- a/.github/workflows/this-month-in-hax.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: Generate This Month in hax - -on: - workflow_dispatch: - schedule: - - cron: '0 4 1 * *' - -jobs: - generate: - permissions: - issues: write - contents: write - if: github.repository == 'cryspen/hax' - runs-on: ubuntu-latest - steps: - - name: Checkout repo - uses: actions/checkout@v5 - - - name: Run script and capture output - id: run_script - run: | - bash .utils/this-month-in-hax-skeleton.sh - env: - GH_TOKEN: ${{ github.token }} - - - name: Commit changes - run: | - git config user.name "github-actions[bot]" - git config user.email "41898282+github-actions[bot]@users.noreply.github.com" - git checkout -b $(cat this-month-in-hax-branch) - git add docs/blog - git commit -m "chore(blog): set up a skeleton for 'This Month in hax'" - git push --force origin $(cat this-month-in-hax-branch) - - - uses: JasonEtco/create-an-issue@v2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - filename: this-month-in-hax-issue.yml diff --git a/.utils/this-month-in-hax-skeleton.sh b/.utils/this-month-in-hax-skeleton.sh deleted file mode 100755 index 1313e589c..000000000 --- a/.utils/this-month-in-hax-skeleton.sh +++ /dev/null @@ -1,131 +0,0 @@ -#!/usr/bin/env bash -# This script creates a skeleton blog post for the "This Month in hax" blog series. -# It writes a new markdown file, and outputs a PR body. -# This script is an helper for the github action workflow "this-month-in-hax.yml". - -set -e - -# Go to the folder of blog posts -cd $(git rev-parse --show-toplevel)/docs/blog/posts/this-month-in-hax - -# By default, use `cryspen/hax`, and the month and year from two weeks ago -repo="--repo cryspen/hax" -month=$(date -d "14 days ago" +'%m') -year=$(date -d "14 days ago" +'%Y') - -# Set date formatting to English -export LC_ALL=C - -# Parse command line arguments. -all_args=("$@") -while [ $# -gt 0 ]; do - case "$1" in - -r | --repo) repo="--repo $2"; shift ;; - -m | --month) month=$2; shift ;; - -y | --year) year=$2; shift ;; - --author) author=$2; shift ;; - esac - shift -done - -report() { - # Calculate the first day of the month - start=$(date -u -d "$year-$month-01" +"%Y-%m-%dT%H:%M:%SZ") - - # Get the next month - end=$(date -u -d "$year-$month-01 + 1 month - 1 day" +"%Y-%m-%dT%H:%M:%SZ") - - # Get all closed PRs with number, title, and description - pr_data=$( - gh pr list $repo --state merged --limit 1000 \ - --json number,title,url,author,mergedAt \ - --jq "map(select(.mergedAt >= \"$start\" and .mergedAt <= \"$end\")) | .[] | {number, title, url, author}" | jq -s - ) - - echo "In $(date -d "$year-$month-01" +"%B"), we successfully merged **$(echo "$pr_data" | jq -r 'length')** pull requests**!" - echo "" - echo "" - echo "" - echo "### Full list of PRs" - - # Extract markdown list with jq - echo "$pr_data" | jq -r '.[] | . | "* \\#\(.number): [\(.title)](\(.url))"' - - echo "" - echo "### Contributors" - # Extract markdown list of authors with jq - echo "$pr_data" | jq -r 'map(.author.login) | unique | .[] | "* [@\(.)](https://github.com/\(.))"' -} - -# Available authors, and their GH handles -authors_and_handles() { - sort -u < $BLOG_POST_FILE ---- -authors: - - $author -title: "This Month in Hax: $(date -d "$year-$month-15" +"%B %Y")" -date: $(date +"%Y-%m-%d") ---- - -HEADER -report >> $BLOG_POST_FILE - -BLOG_POST="$(cat $BLOG_POST_FILE)" - -# Go to root -cd $(git rev-parse --show-toplevel) -BRANCH="this-month-in-hax-blog-post-$year-$month" -echo $BRANCH > this-month-in-hax-branch - -# Echo the author's handle -cat < this-month-in-hax-issue.yml ---- -title: Write This Month in Hax -assignees: $(handle_of $author) ---- - -This is an auto-generated issue for the "This Month in hax" blog series. - -Branch [\`$BRANCH\`](https://github.com/cryspen/hax/tree/$BRANCH) have been created with the following template: -\`\`\`md -$(echo "$BLOG_POST") -\`\`\` - -It is an skeleton blog post with the list of PRs pushed in $(date -d "$year-$month-01" +"%B %Y") and a list of contributor. - -Suggested person to pick this draft PR: @$(handle_of $author) - -## Action Items - - [ ] Write the blog article - - [ ] Release a new version of hax - - [ ] Follow \`PUBLISHING.md\` - - [ ] Create Github release -MESSAGE From a477550222aed4e571fc2f96020c7a0deb2a498c Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Wed, 3 Sep 2025 17:19:09 +0200 Subject: [PATCH 02/56] feat(rengine): view: add `lift` methods on `PathSegment<_>` --- .../src/ast/identifiers/global_id/view.rs | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/rust-engine/src/ast/identifiers/global_id/view.rs b/rust-engine/src/ast/identifiers/global_id/view.rs index 6675892e0..91d0daced 100644 --- a/rust-engine/src/ast/identifiers/global_id/view.rs +++ b/rust-engine/src/ast/identifiers/global_id/view.rs @@ -545,6 +545,26 @@ impl PathSegment { } } +impl PathSegment { + /// Lift a `PathSegment` of kind `ConstructorKind` to a `PathSegment` of kind `AnyKind`. + pub fn lift(&self) -> PathSegment { + self.clone().map(|kind, _| AnyKind::Constructor(kind)) + } +} +impl PathSegment { + /// Lift a `PathSegment` of kind `TypeDefKind` to a `PathSegment` of kind `AnyKind`. + pub fn lift(&self) -> PathSegment { + self.clone().map(|kind, _| AnyKind::TypeDef(kind)) + } +} +impl PathSegment { + /// Lift a `PathSegment` of kind `AssocItemContainerKind` to a `PathSegment` of kind `AnyKind`. + pub fn lift(&self) -> PathSegment { + self.clone() + .map(|kind, _| AnyKind::AssocItemContainer(kind)) + } +} + impl PathSegment { /// Maps the segment's `kind` while preserving all other fields. fn map(self, f: impl Fn(T, &DefId) -> U) -> PathSegment { From 82554f7898f3e8bafa34690a7bfe82ffdce53b6e Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Thu, 18 Sep 2025 11:54:59 +0200 Subject: [PATCH 03/56] feat(rengine): add an actual printer in the Rust backend --- rust-engine/src/backends/rust.rs | 820 ++++++++++++++++++++- rust-engine/src/backends/rust/renamings | 384 ++++++++++ rust-engine/src/backends/rust/renamings.rs | 86 +++ rust-engine/src/main.rs | 2 +- 4 files changed, 1265 insertions(+), 27 deletions(-) create mode 100644 rust-engine/src/backends/rust/renamings create mode 100644 rust-engine/src/backends/rust/renamings.rs diff --git a/rust-engine/src/backends/rust.rs b/rust-engine/src/backends/rust.rs index 62080d92e..8e8234b78 100644 --- a/rust-engine/src/backends/rust.rs +++ b/rust-engine/src/backends/rust.rs @@ -1,20 +1,56 @@ -//! A Rust backend for hax. -//! Note: for now, this contains only a minimal skeleton of Rust printer, which serves solely as an example printer. +//! A Rust backend (and printer) for hax. use super::prelude::*; +use crate::ast::identifiers::global_id::view::{PathSegment, View}; +use std::cell::RefCell; + +mod renamings; /// The Rust printer. -#[derive(Default)] -pub struct RustPrinter; +#[derive(Default, Clone)] +pub struct RustPrinter { + current_namespace: RefCell>>, +} impl_doc_allocator_for!(RustPrinter); impl Printer for RustPrinter { fn resugaring_phases() -> Vec> { - vec![] + vec![ + Box::new(crate::resugarings::FunctionsToConstants), + Box::new(crate::resugarings::Tuples), + ] } + + const NAME: &str = "Rust"; } -const INDENT: isize = 4; +impl RenderView for RustPrinter { + fn render_path_segment(&self, seg: &PathSegment) -> Vec { + if let AnyKind::Constructor(constructor_kind) = seg.kind() { + match constructor_kind { + global_id::view::ConstructorKind::Constructor { ty } => { + if let global_id::view::TypeDefKind::Struct = ty.kind() { + return vec![ + self.render_path_segment_payload(ty.lift().payload()) + .to_string(), + ]; + } + } + } + }; + default::render_path_segment(self, seg) + } + fn render(&self, view: &View) -> Rendered { + let (module_path, relative_path) = view.split_at_module(); + let path_segment = |seg| self.render_path_segment(seg); + let mut rendered = Rendered { + module: module_path.iter().flat_map(path_segment).collect(), + path: relative_path.iter().flat_map(path_segment).collect(), + }; + renamings::rename_rendered(&mut rendered); + rendered + } +} /// The Rust backend. pub struct RustBackend; @@ -22,38 +58,633 @@ pub struct RustBackend; impl Backend for RustBackend { type Printer = RustPrinter; - fn module_path(&self, _module: &Module) -> camino::Utf8PathBuf { - // TODO: dummy path for now, until we have GlobalId rendering (see #1599). - camino::Utf8PathBuf::from("dummy.rs") + fn module_path(&self, module: &Module) -> camino::Utf8PathBuf { + let printer = self.printer(); + let path = ::module(&printer, &module.ident.view()); + camino::Utf8PathBuf::from_iter(path).with_extension("rs") } } +const INDENT: isize = 4; + #[prepend_associated_functions_with(install_pretty_helpers!(self: Self))] // Note: the `const` wrapping makes my IDE and LSP happy. Otherwise, I don't get // autocompletion of methods in the impl block below. const _: () = { - // Boilerplate: define local macros to disambiguate otherwise `std` macros. - #[allow(unused)] - macro_rules! todo {($($tt:tt)*) => {disambiguated_todo!($($tt)*)};} - #[allow(unused)] - macro_rules! line {($($tt:tt)*) => {disambiguated_line!($($tt)*)};} - #[allow(unused)] - macro_rules! concat {($($tt:tt)*) => {disambiguated_concat!($($tt)*)};} + macro_rules! todo { + ($($tt:tt)*) => { + disambiguated_todo!($($tt)*) + }; + } + macro_rules! line { + ($($tt:tt)*) => { + disambiguated_line!($($tt)*) + }; + } + macro_rules! concat { + ($($tt:tt)*) => { + disambiguated_concat!($($tt)*) + }; + } + + macro_rules! sep { + ($l:expr, $it:expr, $r:expr, $sep:expr$(,)?) => { + docs![ + intersperse!($it, docs![$sep, line!()]), + docs![","].flat_alt(nil!()) + ] + .enclose(line_!(), line_!()) + .nest(INDENT) + .enclose($l, $r) + .group() + }; + ($l:expr, $it:expr, $r:expr$(,)?) => { + sep!($l, $it, $r, ",") + }; + } + + macro_rules! print_tuple { + ($into_docs:ident) => {{ + let mut docs: Vec<_> = $into_docs.iter().map(|typ| docs![typ]).collect(); + if docs.len() == 1 { + docs.push(nil![]) + } + sep!("(", docs, ")") + }}; + } + + macro_rules! sep_opt { + (@$l:expr, $it:expr, $($rest:tt)*) => { + { + let mut it = $it.into_iter().peekable(); + if it.peek().is_some() { + sep!($l, it, $($rest)*) + } else { + nil!() + } + } + }; + ($l:expr, $it:expr, $($rest:tt)*) => { + sep_opt!(@$l, $it, $($rest)*) + }; + } + + macro_rules! block { + ($body:expr) => { + docs![line!(), $body, line!()].group().nest(INDENT).braces() + }; + } + + impl<'a, 'b> RustPrinter { + fn generic_params( + &'a self, + generic_params: &'b [GenericParam], + ) -> DocBuilder<'a, Self, A> { + let generic_params = generic_params + .iter() + .filter(|p| !matches!(&p.kind, GenericParamKind::Lifetime if p.ident.0.to_string() == "_")) + .collect::>(); + sep_opt!("<", generic_params, ">") + } + fn where_clause( + &'a self, + constraints: &'b [GenericConstraint], + ) -> DocBuilder<'a, Self, A> { + if constraints.is_empty() { + return nil!(); + } + docs![ + line!(), + "where", + line!(), + intersperse!(constraints, docs![",", line!()]) + .nest(INDENT) + .group(), + line!(), + ] + .nest(INDENT) + .group() + } + fn attributes(&'a self, attrs: &'b [Attribute]) -> DocBuilder<'a, Self, A> { + concat!( + attrs + .iter() + .filter(|attr| match &attr.kind { + AttributeKind::Tool { .. } => false, + AttributeKind::DocComment { .. } => true, + }) + .map(|attr| docs![attr, hardline!()]) + ) + } + + fn id_name(&'a self, id: GlobalId) -> DocBuilder<'a, Self, A> { + let view = id.view(); + let path = ::render_strings(self, &view); + let name = path.last().unwrap().clone(); + docs![if name == "_" { + "___empty_name".into() + } else { + name + }] + } + } impl<'a, 'b, A: 'a + Clone> PrettyAst<'a, 'b, A> for RustPrinter { const NAME: &'static str = "Rust"; fn module(&'a self, module: &'b Module) -> DocBuilder<'a, Self, A> { - intersperse!(&module.items, docs![hardline!(), hardline!()]) + let previous = self.current_namespace.borrow().clone(); + let view = module.ident.view(); + let module_path = ::module(self, &view); + *self.current_namespace.borrow_mut() = Some(module_path); + let doc = intersperse!(&module.items, docs![hardline!(), hardline!()]); + *self.current_namespace.borrow_mut() = previous; + doc + } + + fn safety_kind(&'a self, safety_kind: &'b SafetyKind) -> DocBuilder<'a, Self, A> { + match safety_kind { + SafetyKind::Safe => nil!(), + SafetyKind::Unsafe => docs![text!("unsafe"), space!()], + } + } + fn param(&'a self, param: &'b Param) -> DocBuilder<'a, Self, A> { + docs![¶m.pat, ":", space!(), ¶m.ty] + } + fn binding_mode(&'a self, binding_mode: &'b BindingMode) -> DocBuilder<'a, Self, A> { + match binding_mode { + BindingMode::ByRef(BorrowKind::Mut) => docs!["ref mut", space!()], + BindingMode::ByRef(_) => docs!["ref", space!()], + _ => nil!(), + } + } + fn pat(&'a self, pat: &'b Pat) -> DocBuilder<'a, Self, A> { + match &*pat.kind { + PatKind::Wild => docs!["_"], + PatKind::Ascription { pat, ty } => docs![pat, ":", space!(), ty], + PatKind::Or { sub_pats } => { + intersperse!(sub_pats, docs![line!(), "|", line!()]) + } + PatKind::Array { args } => sep!("[", args, "]", "|"), + PatKind::Deref { sub_pat } => docs!["&", sub_pat], + PatKind::Constant { lit } => docs![lit], + PatKind::Binding { + mutable, + var, + mode, + sub_pat, + } => { + docs![ + if *mutable { + docs!["mut", space!()] + } else { + nil!() + }, + mode, + var, + sub_pat.as_ref().map(|pat| docs!["@", docs![pat]]), + ] + } + PatKind::Construct { .. } => todo!("resugaring"), + PatKind::Resugared(resugared_pat_kind) => docs![resugared_pat_kind], + PatKind::Error(_) => todo!("resugaring"), + } + } + fn primitive_ty(&'a self, primitive_ty: &'b PrimitiveTy) -> DocBuilder<'a, Self, A> { + match primitive_ty { + PrimitiveTy::Bool => docs!["bool"], + PrimitiveTy::Int(int_kind) => docs![int_kind], + PrimitiveTy::Float(float_kind) => docs![float_kind], + PrimitiveTy::Char => docs!["char"], + PrimitiveTy::Str => docs!["str"], + } + } + fn signedness(&'a self, signedness: &'b Signedness) -> DocBuilder<'a, Self, A> { + match signedness { + Signedness::Signed => docs!["i"], + Signedness::Unsigned => docs!["u"], + } + } + fn int_size(&'a self, int_size: &'b IntSize) -> DocBuilder<'a, Self, A> { + docs![match int_size { + IntSize::S8 => "8", + IntSize::S16 => "16", + IntSize::S32 => "32", + IntSize::S64 => "64", + IntSize::S128 => "128", + IntSize::SSize => "size", + }] + } + fn generic_param(&'a self, generic_param: &'b GenericParam) -> DocBuilder<'a, Self, A> { + docs![ + match &generic_param.kind { + GenericParamKind::Const { .. } => docs!["const", space!()], + _ => nil!(), + }, + &generic_param.ident, + match &generic_param.kind { + GenericParamKind::Const { ty } => docs![":", space!(), ty], + _ => nil!(), + } + ] + } + fn generic_constraint( + &'a self, + generic_constraint: &'b GenericConstraint, + ) -> DocBuilder<'a, Self, A> { + match generic_constraint { + GenericConstraint::Lifetime(s) => docs![s.clone()], + GenericConstraint::Type(impl_ident) => docs![impl_ident], + GenericConstraint::Projection(projection_predicate) => docs![projection_predicate], + } + } + fn impl_ident(&'a self, impl_ident: &'b ImplIdent) -> DocBuilder<'a, Self, A> { + let trait_goal = &impl_ident.goal; + let [self_ty, args @ ..] = &trait_goal.args[..] else { + panic!() + }; + docs![ + self_ty, + space!(), + ":", + space!(), + &trait_goal.trait_, + sep_opt!("<", args, ">"), + ] + } + + fn ty(&'a self, ty: &'b Ty) -> DocBuilder<'a, Self, A> { + match ty.kind() { + TyKind::Primitive(primitive_ty) => docs![primitive_ty], + // TyKind::Tuple(items) => intersperse!(items, docs![",", line!()]) + // .nest(INDENT) + // .group(), + TyKind::App { head, args } => docs![head, sep_opt!("<", args, ">")], + TyKind::Arrow { inputs, output } => { + docs!["fn", sep!("(", inputs, ")"), reflow!(" -> "), output] + } + TyKind::Ref { + inner, + mutable, + region: _, + } => docs![ + "&", + if *mutable { + docs!["mut", space!()] + } else { + nil!() + }, + inner + ], + TyKind::Param(local_id) => docs![local_id], + TyKind::Slice(ty) => docs![ty].brackets(), + TyKind::Array { ty, length } => { + docs![ty, ";", space!(), length.as_ref()].brackets() + } + TyKind::RawPointer => todo!(), + TyKind::AssociatedType { impl_, item } => docs![impl_, "::", item], + TyKind::Opaque(global_id) => docs![global_id], + TyKind::Dyn(dyn_trait_goals) => docs![ + "dyn", + docs![ + line!(), + intersperse!(dyn_trait_goals, docs![line!(), "+", space!()]) + ] + .group() + .hang(0) + ], + TyKind::Resugared(resugared_ty_kind) => docs![resugared_ty_kind], + TyKind::Error(_) => todo!("resugaring"), + } + } + fn resugared_ty_kind( + &'a self, + resugared_ty_kind: &'b ResugaredTyKind, + ) -> DocBuilder<'a, Self, A> { + match resugared_ty_kind { + ResugaredTyKind::Tuple(types) => print_tuple!(types), + } + } + fn literal(&'a self, literal: &'b Literal) -> DocBuilder<'a, Self, A> { + match literal { + Literal::String(symbol) => docs![symbol], + Literal::Char(ch) => text!(format!("{}", ch)), + Literal::Bool(b) => text!(format!("{}", b)), + Literal::Int { + value, + negative, + kind, + } => docs![if *negative { docs!["-"] } else { nil!() }, value, kind], + Literal::Float { + value, + negative, + kind, + } => docs![if *negative { docs!["-"] } else { nil!() }, value, kind], + } + } + fn int_kind(&'a self, int_kind: &'b IntKind) -> DocBuilder<'a, Self, A> { + docs![&int_kind.signedness, &int_kind.size] + } + fn trait_goal(&'a self, trait_goal: &'b TraitGoal) -> DocBuilder<'a, Self, A> { + let [self_ty, args @ ..] = &trait_goal.args[..] else { + panic!() + }; + docs![ + self_ty, + space!(), + "as", + space!(), + &trait_goal.trait_, + sep_opt!("<", args, ">"), + ] + .enclose("<", ">") + } + fn generic_value(&'a self, generic_value: &'b GenericValue) -> DocBuilder<'a, Self, A> { + match generic_value { + GenericValue::Ty(ty) => docs![ty], + GenericValue::Expr(expr) => docs![expr], + GenericValue::Lifetime => docs!["'_"], + } + } + fn arm(&'a self, arm: &'b Arm) -> DocBuilder<'a, Self, A> { + docs![ + &arm.pat, + arm.guard.as_ref().map(|guard| docs!["if", space!(), guard]), + reflow!(" => "), + block![&arm.body], + ] + } + fn expr(&'a self, expr: &'b Expr) -> DocBuilder<'a, Self, A> { + match &*expr.kind { + ExprKind::If { + condition, + then, + else_, + } => docs![ + "if", + space!(), + docs![condition].parens(), + space!(), + block![then], + else_ + .as_ref() + .map(|doc| docs![reflow!(" else "), block![doc]]) + .unwrap_or(nil!()) + ], + ExprKind::App { + head, + args, + generic_args, + bounds_impls: _, // this is implicit in Rust + trait_, + } => { + mod names { + pub use crate::names::rust_primitives::hax::{ + cast_op, deref_op, logical_op_and, logical_op_or, + }; + } + use ExprKind::GlobalId; + match (&*head.kind, &args[..]) { + (GlobalId(names::deref_op), [reference]) => { + Some(docs!["*", docs![reference].parens()]) + } + (GlobalId(names::cast_op), [value]) => { + Some(docs![docs![value].parens(), reflow!(" as "), &expr.ty]) + } + (GlobalId(names::logical_op_and), [lhs, rhs]) => Some(docs![ + docs![lhs].parens(), + reflow!(" && "), + docs![rhs].parens() + ]), + (GlobalId(names::logical_op_or), [lhs, rhs]) => Some(docs![ + docs![lhs].parens(), + reflow!(" || "), + docs![rhs].parens() + ]), + _ => None, + } + .unwrap_or_else(|| match (trait_, &*head.kind) { + (Some((trait_impl_expr, _trait_args)), GlobalId(head)) => { + docs![ + &trait_impl_expr.goal, + "::", + self.id_name(*head), + sep_opt!("::<", generic_args, ">"), + sep!("(", args, ")") + ] + } + _ => docs![ + head, + sep_opt!("::<", generic_args, ">"), + sep!("(", args, ")") + ], + }) + } + ExprKind::Literal(literal) => docs![literal], + ExprKind::Array(exprs) => sep!("[", exprs, "]"), + ExprKind::Construct { + constructor, + is_record, + fields, + // TODO: complete constructors with base + .. + } => { + let payload = fields.iter().map(|(id, value)| { + docs![ + if *is_record { + docs![id, ":", space!()] + } else { + nil!() + }, + value + ] + }); + docs![ + constructor, + if *is_record { + sep!("{", payload, "}") + } else { + sep!("(", payload, ")") + } + ] + } + ExprKind::Match { scrutinee, arms } => { + docs![ + "match", + space!(), + scrutinee, + space!(), + block!(intersperse!(arms, hardline!())), + ] + } + ExprKind::Borrow { mutable, inner } => { + docs!["&", if *mutable { reflow!["mut "] } else { nil!() }, inner] + } + ExprKind::AddressOf { mutable, inner } => docs![ + inner, + reflow!(" as *"), + if *mutable { reflow!["mut "] } else { nil!() }, + docs![&expr.ty] + ] + .parens(), + ExprKind::Deref(expr) => docs!["*", expr], + ExprKind::Let { lhs, rhs, body } => docs![ + "let", + space!(), + lhs, + space!(), + "=", + docs![line!(), rhs].group().nest(INDENT), + ";", + hardline!(), + body + ], + ExprKind::GlobalId(global_id) => docs![global_id], + ExprKind::LocalId(local_id) => docs![local_id], + ExprKind::Ascription { e, ty } => docs![e, ":", space!(), ty].parens(), + ExprKind::Assign { lhs, value } => docs![lhs, space!(), "=", space!(), value], + ExprKind::Loop { + body, + kind, + state: None, + control_flow: None, + label: None, + } => match &**kind { + LoopKind::UnconditionalLoop => docs!["loop", space!(), block![body]], + LoopKind::WhileLoop { condition } => { + docs!["while", space!(), condition, space!(), block![body]] + } + LoopKind::ForLoop { pat, iterator } => { + docs![ + "for", + space!(), + pat, + reflow!(" in "), + iterator, + space!(), + block![body] + ] + } + LoopKind::ForIndexLoop { + start, + end, + var, + var_ty: _, + } => docs![ + "for", + space!(), + var, + reflow!(" in "), + start, + "..", + end, + space!(), + block![body] + ], + }, + ExprKind::Loop { .. } => { + todo!("loop with explicit state or with a label") + } + ExprKind::Break { value, label: None } => docs!["break", space!(), value], + ExprKind::Break { .. } => todo!("break with a label"), + ExprKind::Return { value } => docs!["return", space!(), value], + ExprKind::Continue { label: None } => docs!["continue"], + ExprKind::Continue { .. } => todo!("continue with a label"), + ExprKind::Closure { + params, + body, + captures: _, + } => docs![ + intersperse!(params, docs![",", space!()]).enclose("|", "|"), + body + ], + ExprKind::Block { body, safety_mode } => { + docs![safety_mode, block![body]] + } + ExprKind::Quote { contents } => docs![contents], + ExprKind::Resugared(resugared_expr_kind) => docs![resugared_expr_kind], + ExprKind::Error { .. } => todo!("resugaring"), + } + } + fn resugared_expr_kind( + &'a self, + resugared_expr_kind: &'b ResugaredExprKind, + ) -> DocBuilder<'a, Self, A> { + match resugared_expr_kind { + ResugaredExprKind::BinOp { .. } => unreachable!("BinOp resugaring not active"), + ResugaredExprKind::Tuple(values) => print_tuple!(values), + } + } + + fn lhs(&'a self, lhs: &'b Lhs) -> DocBuilder<'a, Self, A> { + match lhs { + Lhs::LocalVar { var, ty: _ } => docs![var], + Lhs::ArbitraryExpr(expr) => docs![std::ops::Deref::deref(expr)], + Lhs::FieldAccessor { e, ty: _, field } => { + docs![std::ops::Deref::deref(e), ".", field] + } + Lhs::ArrayAccessor { e, ty: _, index } => { + docs![std::ops::Deref::deref(e), docs!(index).brackets()] + } + } + } + fn global_id(&'a self, global_id: &'b GlobalId) -> DocBuilder<'a, Self, A> { + let view = global_id.view(); + let module = ::module(self, &view); + if Some(module) == *self.current_namespace.borrow() { + let rendered = self.render(&view); + docs![rendered.path.join("::")] + } else { + docs![self.render_string(&view)] + } + } + fn variant(&'a self, variant: &'b Variant) -> DocBuilder<'a, Self, A> { + let payload = variant.arguments.iter().map(|(id, ty, attrs)| { + docs![ + self.attributes(attrs), + if variant.is_record { + docs![id, ":", space!()] + } else { + nil!() + }, + ty + ] + }); + + if variant.is_record { + sep!("{", payload, "}") + } else { + sep!("(", payload, ")") + } } fn item(&'a self, item: &'b Item) -> DocBuilder<'a, Self, A> { docs![&item.meta, item.kind()] } + fn resugared_item_kind( + &'a self, + resugared_item_kind: &'b ResugaredItemKind, + ) -> DocBuilder<'a, Self, A> { + match resugared_item_kind { + ResugaredItemKind::Constant { name, body, .. } => { + docs![ + "const", + space!(), + self.id_name(*name), + ":", + space!(), + &body.ty, + reflow!(" = "), + docs![body].braces(), + ";" + ] + } + } + } fn item_kind(&'a self, item_kind: &'b ItemKind) -> DocBuilder<'a, Self, A> { match item_kind { ItemKind::Fn { name, - generics: _, + generics, body, params, safety, @@ -62,16 +693,153 @@ const _: () = { safety, text!("fn"), space!(), - name, - intersperse!(params, docs![",", line!()]) - .enclose(line_!(), line_!()) - .nest(INDENT) - .parens() - .group(), - docs![line_!(), body, line_!(),].nest(INDENT).braces() + self.id_name(*name), + self.generic_params(&generics.params), + sep!("(", params, ")"), + reflow!(" -> "), + &body.ty, + space!(), + self.where_clause(&generics.constraints), + block![body] ] } - _ => todo!(), + ItemKind::TyAlias { + name, + generics: _, + ty, + } => docs!["type", space!(), name, space!(), "=", space!(), ty, ";"], + ItemKind::Type { + name, + generics, + variants, + is_struct, + } => match &variants[..] { + [variant] if *is_struct => { + docs![ + "struct", + space!(), + self.id_name(*name), + self.generic_params(&generics.params), + variant, + if variant.is_record { + nil!() + } else { + docs![";"] + } + ] + } + _ => { + docs![ + "enum", + space!(), + self.id_name(*name), + self.generic_params(&generics.params), + sep!( + "{", + variants.iter().map(|variant| docs![ + &variant.name, + space!(), + variant + ]), + "}", + ), + self.where_clause(&generics.constraints), + ] + } + }, + ItemKind::Trait { + name, + generics, + items, + } => docs![ + "trait", + space!(), + self.id_name(*name), + self.generic_params(&generics.params), + self.where_clause(&generics.constraints), + sep!("{", items, "}", nil!()), + ], + ItemKind::Impl { + generics, + self_ty, + of_trait: (trait_, trait_args), + items, + parent_bounds: _, + safety, + } => docs![ + safety, + "impl", + self.generic_params(&generics.params), + space!(), + trait_, + sep_opt!("<", trait_args[1..], ">"), + space!(), + "for", + space!(), + self_ty, + self.where_clause(&generics.constraints), + sep!("{", items, "}", nil!()), + ], + ItemKind::Alias { name, item } => { + docs!["type", self.id_name(*name), reflow!(" = "), item, ";"] + } + ItemKind::Use { .. } => nil!(), + ItemKind::Quote { quote, .. } => docs![quote], + ItemKind::Error { .. } => todo!("resugaring"), + ItemKind::Resugared(resugared_item_kind) => docs![resugared_item_kind], + ItemKind::NotImplementedYet => docs!["/* `NotImplementedYet` item */"], + } + } + fn impl_item(&'a self, impl_item: &'b ImplItem) -> DocBuilder<'a, Self, A> { + match &impl_item.kind { + ImplItemKind::Type { + ty, + parent_bounds: _, + } => docs![ + &impl_item.meta, + reflow!("type "), + self.id_name(impl_item.ident), + reflow!(" = "), + ty, + ";" + ], + ImplItemKind::Fn { body, params } => docs![ + &impl_item.meta, + text!("fn"), + space!(), + self.id_name(impl_item.ident), + self.generic_params(&impl_item.generics.params), + sep!("(", params, ")"), + reflow!(" -> "), + &body.ty, + space!(), + self.where_clause(&impl_item.generics.constraints), + docs![line_!(), body, line_!(),].nest(INDENT).braces() + ], + ImplItemKind::Resugared(_resugared_impl_item_kind) => todo!(), + } + } + fn metadata(&'a self, metadata: &'b Metadata) -> DocBuilder<'a, Self, A> { + self.attributes(&metadata.attributes) + } + fn attribute(&'a self, attribute: &'b Attribute) -> DocBuilder<'a, Self, A> { + match &attribute.kind { + AttributeKind::Tool { .. } => nil!(), + AttributeKind::DocComment { kind, body } => match kind { + DocCommentKind::Line => { + intersperse!( + body.lines().map(|line| docs![format!("/// {line}")]), + hardline!() + ) + } + DocCommentKind::Block => { + docs![ + "/**", + intersperse!(body.lines().map(|line| line.to_string()), hardline!()), + "*/" + ] + } + }, } } } diff --git a/rust-engine/src/backends/rust/renamings b/rust-engine/src/backends/rust/renamings new file mode 100644 index 000000000..86ec62ff8 --- /dev/null +++ b/rust-engine/src/backends/rust/renamings @@ -0,0 +1,384 @@ +core:alloc:global:GlobalAlloc core:alloc:GlobalAlloc +core:marker:Sync core:prelude:v1:Sync +core:iter:adapters:SourceIter core:iter:SourceIter +core:ops:arith:Sub core:ops:Sub +core:slice:index:range core:slice:range +core:sync:exclusive:Exclusive core:sync:Exclusive +core:ops:bit:Shr core:ops:Shr +core:ffi:primitives:c_uchar core:ffi:c_uchar +core:range:iter:IterRangeFrom core:range:IterRangeFrom +core:fmt:builders:DebugStruct core:fmt:DebugStruct +core:macros:builtin:trace_macros core:prelude:v1:trace_macros +core:fmt:builders:from_fn core:fmt:from_fn +core:macros:builtin:assert core:prelude:v1:assert +core:macros:builtin:bench core:prelude:v1:bench +core:iter:adapters:chain:Chain core:iter:Chain +core:iter:traits:marker:TrustedStep core:iter:TrustedStep +core:slice:iter:RSplitMut core:slice:RSplitMut +core:iter:traits:collect:Extend core:iter:Extend +core:str:error:Utf8Error core:str:Utf8Error +core:ptr:metadata:Thin core:ptr:Thin +core:ops:arith:AddAssign core:ops:AddAssign +core:mem:drop core:prelude:v1:drop +core:async_iter:async_iter:IntoAsyncIterator core:async_iter:IntoAsyncIterator +core:iter:adapters:flatten:Flatten core:iter:Flatten +core:ops:unsize:DispatchFromDyn core:ops:DispatchFromDyn +core:marker:Send core:prelude:v1:Send +core:iter:traits:marker:InPlaceIterable core:iter:InPlaceIterable +core:panic:unwind_safe:UnwindSafe core:panic:UnwindSafe +core:hash:sip:SipHasher core:hash:SipHasher +core:slice:iter:ArrayChunks core:slice:ArrayChunks +core:slice:iter:SplitMut core:slice:SplitMut +core:num:nonzero:NonZeroUsize core:num:NonZeroUsize +core:slice:index:try_range core:slice:try_range +core:task:wake:RawWaker core:task:RawWaker +core:iter:adapters:rev:Rev core:iter:Rev +core:ffi:primitives:c_float core:ffi:c_float +core:convert:num:FloatToInt core:convert:FloatToInt +core:async_iter:from_iter:from_iter core:async_iter:from_iter +core:pin:unsafe_pinned:UnsafePinned core:pin:UnsafePinned +core:slice:iter:ChunksExact core:slice:ChunksExact +core:ffi:primitives:c_short core:ffi:c_short +core:iter:adapters:skip_while:SkipWhile core:iter:SkipWhile +core:macros:builtin:alloc_error_handler core:prelude:v1:alloc_error_handler +core:ops:arith:Rem core:ops:Rem +core:ops:range:RangeToInclusive core:range:RangeToInclusive +core:slice:iter:SplitN core:slice:SplitN +core:num:nonzero:NonZeroU32 core:num:NonZeroU32 +core:convert:From core:prelude:v1:From +core:ops:async_function:AsyncFnOnce core:ops:AsyncFnOnce +core:marker:variance:PhantomInvariant core:marker:PhantomInvariant +core:io:borrowed_buf:BorrowedBuf core:io:BorrowedBuf +core:iter:sources:repeat_n:RepeatN core:iter:RepeatN +core:marker:Copy core:prelude:v1:Copy +core:ops:function:FnOnce core:ops:FnOnce +core:ffi:primitives:c_ulong core:ffi:c_ulong +core:iter:sources:successors:Successors core:iter:Successors +core:ptr:non_null:NonNull core:ptr:NonNull +core:iter:adapters:fuse:Fuse core:iter:Fuse +core:macros:builtin:line core:prelude:v1:line +core:panic:panic_info:PanicMessage core:panic:PanicMessage +core:slice:iter:Chunks core:slice:Chunks +core:slice:iter:ChunksMut core:slice:ChunksMut +core:ffi:primitives:c_size_t core:ffi:c_size_t +core:slice:iter:RChunksExactMut core:slice:RChunksExactMut +core:slice:iter:RChunksMut core:slice:RChunksMut +core:future:join:join core:future:join +core:iter:adapters:chain:chain core:iter:chain +core:ub_checks:assert_unsafe_precondition core:ub_checks:assert_unsafe_precondition +core:ops:bit:BitOr core:ops:BitOr +core:convert:AsMut core:prelude:v1:AsMut +core:mem:transmutability:TransmuteFrom core:mem:TransmuteFrom +core:cell:lazy:LazyCell core:cell:LazyCell +core:macros:builtin:stringify core:prelude:v1:stringify +core:iter:adapters:map_windows:MapWindows core:iter:MapWindows +core:net:ip_addr:Ipv4Addr core:net:Ipv4Addr +core:ffi:va_list:VaListImpl core:ffi:VaListImpl +core:iter:adapters:take_while:TakeWhile core:iter:TakeWhile +core:slice:iter:RChunks core:slice:RChunks +core:slice:raw:from_raw_parts_mut core:slice:from_raw_parts_mut +core:str:converts:from_raw_parts core:str:from_raw_parts +core:ops:try_trait:Residual core:ops:Residual +core:iter:adapters:cycle:Cycle core:iter:Cycle +core:fmt:builders:DebugSet core:fmt:DebugSet +core:ops:range:RangeTo core:range:RangeTo +core:ops:bit:ShlAssign core:ops:ShlAssign +core:ops:function:FnMut core:ops:FnMut +core:str:iter:EscapeDebug core:str:EscapeDebug +core:ffi:c_str:CStr core:ffi:CStr +core:ops:deref:Receiver core:ops:Receiver +core:ffi:primitives:c_int core:ffi:c_int +core:iter:traits:iterator:Iterator core:iter:Iterator +core:ops:coroutine:CoroutineState core:ops:CoroutineState +core:macros:builtin:concat_bytes core:prelude:v1:concat_bytes +core:mem:transmutability:Assume core:mem:Assume +core:option:Option core:prelude:v1:Option +core:ops:range:Bound core:range:Bound +core:ffi:primitives:c_double core:ffi:c_double +core:macros:builtin:include_str core:prelude:v1:include_str +core:bstr:traits:impl_partial_eq core:bstr:impl_partial_eq +core:ops:range:RangeBounds core:range:RangeBounds +core:future:poll_fn:PollFn core:future:PollFn +core:slice:iter:SplitInclusiveMut core:slice:SplitInclusiveMut +core:hash:sip:SipHasher13 core:hash:SipHasher13 +core:macros:builtin:autodiff_forward core:autodiff:autodiff_forward +core:convert:TryFrom core:prelude:rust_future:TryFrom +core:slice:iter:RSplit core:slice:RSplit +core:iter:sources:repeat:repeat core:iter:repeat +core:future:pending:pending core:future:pending +core:slice:index:SliceIndex core:slice:SliceIndex +core:macros:cfg_select core:cfg_select +core:ptr:metadata:from_raw_parts_mut core:ptr:from_raw_parts_mut +core:char:decode:DecodeUtf16Error core:char:DecodeUtf16Error +core:ops:arith:MulAssign core:ops:MulAssign +core:future:async_drop:async_drop_in_place core:future:async_drop_in_place +core:num:nonzero:NonZeroI8 core:num:NonZeroI8 +core:ops:deref:DerefMut core:ops:DerefMut +core:iter:traits:marker:TrustedLen core:iter:TrustedLen +core:num:nonzero:NonZeroU128 core:num:NonZeroU128 +core:ptr:unique:Unique core:ptr:Unique +core:marker:variance:PhantomCovariant core:marker:PhantomCovariant +core:ops:arith:Div core:ops:Div +core:iter:adapters:map_while:MapWhile core:iter:MapWhile +core:net:ip_addr:Ipv6Addr core:net:Ipv6Addr +core:slice:iter:ArrayWindows core:slice:ArrayWindows +core:iter:adapters:zip:TrustedRandomAccess core:iter:TrustedRandomAccess +core:ptr:metadata:Pointee core:ptr:Pointee +core:ops:range:IntoBounds core:range:IntoBounds +core:ops:control_flow:ControlFlow core:ops:ControlFlow +core:ops:coroutine:Coroutine core:ops:Coroutine +core:macros:builtin:global_allocator core:prelude:v1:global_allocator +core:macros:builtin:define_opaque core:prelude:v1:define_opaque +core:macros:builtin:option_env core:prelude:v1:option_env +core:ptr:alignment:Alignment core:ptr:Alignment +core:ops:bit:BitAndAssign core:ops:BitAndAssign +core:io:borrowed_buf:BorrowedCursor core:io:BorrowedCursor +core:iter:adapters:intersperse:IntersperseWith core:iter:IntersperseWith +core:iter:sources:from_fn:FromFn core:iter:FromFn +core:intrinsics:transmute core:mem:transmute +core:ffi:primitives:c_long core:ffi:c_long +core:iter:sources:repeat_n:repeat_n core:iter:repeat_n +core:num:flt2dec:decoder:DecodableFloat core:num:flt2dec:DecodableFloat +core:iter:adapters:copied:Copied core:iter:Copied +core:ops:range:RangeFrom core:range:legacy:RangeFrom +core:num:flt2dec:decoder:FullDecoded core:num:flt2dec:FullDecoded +core:bstr:traits:impl_partial_eq_n core:bstr:impl_partial_eq_n +core:iter:adapters:step_by:StepBy core:iter:StepBy +core:slice:iter:Iter core:slice:Iter +core:slice:raw:from_mut core:slice:from_mut +core:unicode:unicode_data:conversions core:unicode:conversions +core:future:poll_fn:poll_fn core:future:poll_fn +core:ascii:ascii_char:AsciiChar core:ascii:AsciiChar +core:panic:location:Location core:panic:Location +core:macros:builtin:compile_error core:prelude:v1:compile_error +core:future:async_drop:AsyncDrop core:future:AsyncDrop +core:default:Default core:prelude:v1:Default +core:ops:arith:Mul core:ops:Mul +core:ffi:primitives:c_ptrdiff_t core:ffi:c_ptrdiff_t +core:iter:sources:successors:successors core:iter:successors +core:net:socket_addr:SocketAddrV4 core:net:SocketAddrV4 +core:alloc:layout:Layout core:alloc:Layout +core:iter:adapters:skip:Skip core:iter:Skip +core:future:ready:ready core:future:ready +core:str:converts:from_utf8 core:str:from_utf8 +core:num:nonzero:NonZeroI128 core:num:NonZeroI128 +core:iter:sources:from_fn:from_fn core:iter:from_fn +core:ops:try_trait:FromResidual core:ops:FromResidual +core:iter:range:Step core:range:Step +core:macros:builtin:env core:prelude:v1:env +core:str:iter:SplitAsciiWhitespace core:str:SplitAsciiWhitespace +core:core_simd:simd core:simd:simd +core:marker:variance:PhantomInvariantLifetime core:marker:PhantomInvariantLifetime +core:ops:arith:Add core:ops:Add +core:marker:variance:PhantomContravariantLifetime core:marker:PhantomContravariantLifetime +core:num:flt2dec:decoder:Decoded core:num:flt2dec:Decoded +core:ops:bit:BitOrAssign core:ops:BitOrAssign +core:async_iter:async_iter:AsyncIterator core:async_iter:AsyncIterator +core:slice:iter:RSplitNMut core:slice:RSplitNMut +core:mem:manually_drop:ManuallyDrop core:mem:ManuallyDrop +core:ops:arith:Neg core:ops:Neg +core:ops:deref:LegacyReceiver core:ops:LegacyReceiver +core:str:iter:EncodeUtf16 core:str:EncodeUtf16 +core:num:error:ParseIntError core:num:ParseIntError +core:ops:async_function:AsyncFnMut core:ops:AsyncFnMut +core:macros:builtin:cfg_accessible core:prelude:v1:cfg_accessible +core:ops:arith:RemAssign core:ops:RemAssign +core:iter:sources:from_coroutine:from_coroutine core:iter:from_coroutine +core:slice:ascii:is_ascii_simple core:slice:is_ascii_simple +core:ops:arith:SubAssign core:ops:SubAssign +core:mem:size_of core:prelude:v1:size_of +core:task:poll:Poll core:task:Poll +core:ops:unsize:CoerceUnsized core:ops:CoerceUnsized +core:char:methods:encode_utf8_raw core:char:encode_utf8_raw +core:fmt:macros:Debug core:fmt:Debug +core:future:into_future:IntoFuture core:future:IntoFuture +core:ffi:primitives:c_uint core:ffi:c_uint +core:iter:sources:generator:iter core:iter:iter +core:net:ip_addr:Ipv6MulticastScope core:net:Ipv6MulticastScope +core:panic:unwind_safe:RefUnwindSafe core:panic:RefUnwindSafe +core:fmt:num_buffer:NumBuffer core:fmt:NumBuffer +core:slice:iter:ChunksExactMut core:slice:ChunksExactMut +core:marker:Unpin core:prelude:v1:Unpin +core:ops:deref:Deref core:ops:Deref +core:num:nonzero:NonZeroU64 core:num:NonZeroU64 +core:iter:traits:double_ended:DoubleEndedIterator core:iter:DoubleEndedIterator +core:ops:index:Index core:ops:Index +core:ops:range:Range core:range:legacy:Range +core:str:validations:utf8_char_width core:str:utf8_char_width +core:convert:TryInto core:prelude:rust_future:TryInto +core:fmt:builders:DebugList core:fmt:DebugList +core:ffi:c_str:FromBytesUntilNulError core:ffi:FromBytesUntilNulError +core:slice:iter:SplitNMut core:slice:SplitNMut +core:slice:ascii:EscapeAscii core:slice:EscapeAscii +core:iter:sources:once_with:once_with core:iter:once_with +core:str:iter:SplitWhitespace core:str:SplitWhitespace +core:ops:range:OneSidedRangeBound core:ops:OneSidedRangeBound +core:iter:traits:accum:Product core:iter:Product +core:async_iter:from_iter:FromIter core:async_iter:FromIter +core:future:ready:Ready core:future:Ready +core:mem:align_of_val core:prelude:v1:align_of_val +core:macros:builtin:deref core:prelude:v1:deref +core:ops:bit:BitXor core:ops:BitXor +core:clone:Clone core:prelude:v1:Clone +core:ops:bit:Not core:ops:Not +core:marker:Sized core:prelude:v1:Sized +core:ops:index:IndexMut core:ops:IndexMut +core:macros:builtin:format_args_nl core:prelude:v1:format_args_nl +core:ffi:primitives:c_ushort core:ffi:c_ushort +core:iter:adapters:scan:Scan core:iter:Scan +core:fmt:builders:DebugTuple core:fmt:DebugTuple +core:iter:sources:once:once core:iter:once +core:ptr:metadata:DynMetadata core:ptr:DynMetadata +core:slice:iter:Split core:slice:Split +core:slice:iter:ChunkBy core:slice:ChunkBy +core:ffi:primitives:c_char core:ffi:c_char +core:iter:sources:once_with:OnceWith core:iter:OnceWith +core:iter:sources:repeat_with:repeat_with core:iter:repeat_with +core:str:converts:from_utf8_unchecked_mut core:str:from_utf8_unchecked_mut +core:task:wake:LocalWaker core:task:LocalWaker +core:panic:panic_info:PanicInfo core:panic:PanicInfo +core:marker:variance:PhantomContravariant core:marker:PhantomContravariant +core:iter:adapters:cloned:Cloned core:iter:Cloned +core:task:wake:Waker core:task:Waker +core:iter:traits:collect:FromIterator core:iter:FromIterator +core:num:nonzero:NonZeroU16 core:num:NonZeroU16 +core:future:pending:Pending core:future:Pending +core:ops:function:Fn core:ops:Fn +core:macros:builtin:file core:prelude:v1:file +core:intrinsics:ub_checks core:ub_checks:ub_checks +core:iter:adapters:filter:Filter core:iter:Filter +core:iter:traits:exact_size:ExactSizeIterator core:iter:ExactSizeIterator +core:marker:variance:variance core:marker:variance +core:iter:sources:repeat_with:RepeatWith core:iter:RepeatWith +core:char:methods:encode_utf16_raw core:char:encode_utf16_raw +core:iter:adapters:intersperse:Intersperse core:iter:Intersperse +core:iter:traits:accum:Sum core:iter:Sum +core:str:iter:CharIndices core:str:CharIndices +core:task:ready:ready core:task:ready +core:cmp:Eq core:prelude:v1:Eq +core:iter:sources:repeat:Repeat core:iter:Repeat +core:macros:builtin:format_args core:prelude:v1:format_args +core:ops:try_trait:Try core:ops:Try +core:ops:arith:DivAssign core:ops:DivAssign +core:result:Result core:prelude:v1:Result +core:iter:adapters:enumerate:Enumerate core:iter:Enumerate +core:net:ip_addr:IpAddr core:net:IpAddr +core:iter:traits:marker:FusedIterator core:iter:FusedIterator +core:convert:AsRef core:prelude:v1:AsRef +core:macros:builtin:test core:prelude:v1:test +core:iter:sources:empty:Empty core:iter:Empty +core:future:future:Future core:future:Future +core:fmt:builders:DebugMap core:fmt:DebugMap +core:str:lossy:Utf8Chunk core:str:Utf8Chunk +core:task:wake:RawWakerVTable core:task:RawWakerVTable +core:iter:adapters:zip:zip core:iter:zip +core:ptr:metadata:from_raw_parts core:ptr:from_raw_parts +core:ptr:metadata:metadata core:ptr:metadata +core:net:socket_addr:SocketAddr core:net:SocketAddr +core:slice:iter:SplitInclusive core:slice:SplitInclusive +core:ops:bit:BitAnd core:ops:BitAnd +core:iter:adapters:zip:TrustedRandomAccessNoCoerce core:iter:TrustedRandomAccessNoCoerce +core:iter:adapters:filter_map:FilterMap core:iter:FilterMap +core:slice:raw:from_ref core:slice:from_ref +core:core_arch:arch core:arch:arch +core:iter:adapters:peekable:Peekable core:iter:Peekable +core:cmp:Ord core:prelude:v1:Ord +core:ffi:primitives:c_longlong core:ffi:c_longlong +core:num:nonzero:ZeroablePrimitive core:num:ZeroablePrimitive +core:slice:iter:IterMut core:slice:IterMut +core:str:iter:Chars core:str:Chars +core:macros:builtin:cfg_eval core:prelude:v1:cfg_eval +core:range:iter:IterRangeInclusive core:range:IterRangeInclusive +core:macros:builtin:include core:prelude:v1:include +core:cell:once:OnceCell core:cell:OnceCell +core:macros:builtin:autodiff_reverse core:autodiff:autodiff_reverse +core:mem:size_of_val core:prelude:v1:size_of_val +core:marker:variance:PhantomCovariantLifetime core:marker:PhantomCovariantLifetime +core:macros:assert_matches core:assert_matches:assert_matches +core:ops:bit:ShrAssign core:ops:ShrAssign +core:macros:debug_assert_matches core:assert_matches:debug_assert_matches +core:ffi:va_list:VaList core:ffi:VaList +core:iter:sources:once:Once core:iter:Once +core:char:methods:encode_utf8_raw_unchecked core:char:encode_utf8_raw_unchecked +core:iter:sources:empty:empty core:iter:empty +core:iter:adapters:array_chunks:ArrayChunks core:iter:ArrayChunks +core:iter:traits:marker:TrustedFused core:iter:TrustedFused +core:array:iter:IntoIter core:array:IntoIter +core:ops:range:RangeInclusive core:range:legacy:RangeInclusive +core:slice:iter:RChunksExact core:slice:RChunksExact +core:macros:builtin:test_case core:prelude:v1:test_case +core:slice:raw:from_ptr_range core:slice:from_ptr_range +core:char:decode:DecodeUtf16 core:char:DecodeUtf16 +core:marker:variance:Variance core:marker:Variance +core:range:iter:IterRange core:range:IterRange +core:macros:builtin:type_ascribe core:prelude:v1:type_ascribe +core:net:parser:AddrParseError core:net:AddrParseError +core:str:converts:from_raw_parts_mut core:str:from_raw_parts_mut +core:str:converts:from_utf8_mut core:str:from_utf8_mut +core:fmt:num_buffer:NumBufferTrait core:fmt:NumBufferTrait +core:ffi:primitives:c_ulonglong core:ffi:c_ulonglong +core:prelude:v1 core:prelude:rust_future:v1 +core:mem:maybe_uninit:MaybeUninit core:mem:MaybeUninit +core:ops:bit:Shl core:ops:Shl +core:ops:range:OneSidedRange core:range:OneSidedRange +core:iter:traits:collect:IntoIterator core:iter:IntoIterator +core:slice:raw:from_raw_parts core:slice:from_raw_parts +core:str:iter:EscapeDefault core:str:EscapeDefault +core:macros:builtin:contracts_ensures core:contracts:contracts_ensures +core:slice:iter:ChunkByMut core:slice:ChunkByMut +core:str:validations:next_code_point core:str:next_code_point +core:num:error:IntErrorKind core:num:IntErrorKind +core:num:nonzero:NonZeroI16 core:num:NonZeroI16 +core:num:nonzero:NonZeroI64 core:num:NonZeroI64 +core:ops:async_function:AsyncFn core:ops:AsyncFn +core:char:convert:ParseCharError core:char:ParseCharError +core:num:nonzero:NonZeroIsize core:num:NonZeroIsize +core:ops:drop:Drop core:ops:Drop +core:char:convert:CharTryFromError core:char:CharTryFromError +core:ffi:va_list:VaArgSafe core:ffi:VaArgSafe +core:iter:sources:from_coroutine:FromCoroutine core:iter:FromCoroutine +core:slice:iter:ArrayChunksMut core:slice:ArrayChunksMut +core:bstr:traits:impl_partial_eq_ord core:bstr:impl_partial_eq_ord +core:str:converts:from_utf8_unchecked core:str:from_utf8_unchecked +core:str:iter:EscapeUnicode core:str:EscapeUnicode +core:str:traits:FromStr core:str:FromStr +core:task:wake:Context core:task:Context +core:ffi:primitives:c_ssize_t core:ffi:c_ssize_t +core:macros:builtin:derive_const core:prelude:v1:derive_const +core:alloc:layout:LayoutErr core:alloc:LayoutErr +core:fmt:builders:FromFn core:fmt:FromFn +core:slice:iter:Windows core:slice:Windows +core:ffi:primitives:c_schar core:ffi:c_schar +core:num:nonzero:NonZeroU8 core:num:NonZeroU8 +core:num:dec2flt:ParseFloatError core:num:ParseFloatError +core:unicode:unicode_data:case_ignorable:lookup core:unicode:lookup +core:cmp:PartialEq core:prelude:v1:PartialEq +core:iter:adapters:flatten:FlatMap core:iter:FlatMap +core:ops:bit:BitXorAssign core:ops:BitXorAssign +core:macros:builtin:cfg core:prelude:v1:cfg +core:iter:adapters:zip:Zip core:iter:Zip +core:num:nonzero:NonZeroI32 core:num:NonZeroI32 +core:convert:Into core:prelude:v1:Into +core:macros:builtin:concat core:prelude:v1:concat +core:mem:align_of core:prelude:v1:align_of +core:str:lossy:Utf8Chunks core:str:Utf8Chunks +core:macros:builtin:column core:prelude:v1:column +core:hash:macros:Hash core:hash:Hash +core:net:socket_addr:SocketAddrV6 core:net:SocketAddrV6 +core:macros:builtin:derive core:prelude:v1:derive +core:num:flt2dec:decoder:decode core:num:flt2dec:decode +core:macros:builtin:contracts_requires core:contracts:contracts_requires +core:slice:raw:from_mut_ptr_range core:slice:from_mut_ptr_range +core:task:wake:ContextBuilder core:task:ContextBuilder +core:num:nonzero:NonZero core:num:NonZero +core:ffi:c_str:FromBytesWithNulError core:ffi:FromBytesWithNulError +core:macros:builtin:log_syntax core:prelude:v1:log_syntax +core:ops:deref:DerefPure core:ops:DerefPure +core:cmp:PartialOrd core:prelude:v1:PartialOrd +core:iter:adapters:inspect:Inspect core:iter:Inspect +core:macros:builtin:module_path core:prelude:v1:module_path +core:iter:adapters:map:Map core:iter:Map +core:slice:iter:RSplitN core:slice:RSplitN +core:iter:adapters:take:Take core:iter:Take +core:macros:builtin:include_bytes core:prelude:v1:include_bytes +core:unicode:unicode_data:cased:lookup core:unicode:lookup diff --git a/rust-engine/src/backends/rust/renamings.rs b/rust-engine/src/backends/rust/renamings.rs new file mode 100644 index 000000000..9d286038b --- /dev/null +++ b/rust-engine/src/backends/rust/renamings.rs @@ -0,0 +1,86 @@ +use std::{collections::HashMap, fmt::Debug, hash::Hash, sync::LazyLock}; + +use crate::backends::prelude::Rendered; + +#[derive(Debug)] +struct Graph { + node: Option, + subtree: HashMap>>, +} + +impl Default for Graph { + fn default() -> Self { + Self { + node: Default::default(), + subtree: Default::default(), + } + } +} + +impl Graph { + fn create_path(&mut self, path: &[K]) -> &mut Graph { + let mut current = self; + for chunk in path { + current = current.subtree.entry(chunk.clone()).or_default(); + } + current + } + fn get_longest(&self, path: impl Iterator) -> Option<(Vec, &T)> { + let mut current = self; + let mut subpath = vec![]; + let mut results = vec![]; + + for chunk in path { + if let Some(sub) = current.subtree.get(&chunk) { + current = sub; + subpath.push(chunk.clone()); + if let Some(node) = ¤t.node { + results.push((subpath.clone(), node)); + } + } else { + break; + } + } + + results.pop() + } + fn from_iter(it: impl Iterator, T)>) -> Self { + let mut root = Self::default(); + for (path, value) in it { + root.create_path(&path).node = Some(value); + } + root + } +} + +static RENAMINGS: LazyLock>> = LazyLock::new(|| { + let str = include_str!("renamings"); + + Graph::from_iter(str.lines().map(|line| { + let (l, r) = line.split_once(" ").unwrap(); + ( + l.split(":").map(|s| s.to_string()).collect(), + r.split(":").collect(), + ) + })) +}); + +/// Rename a `Rendered` name according, so that we refer to public names of core, not private names. +pub(super) fn rename_rendered(rendered: &mut Rendered) { + let chunks = rendered + .module + .clone() + .into_iter() + .chain(rendered.path.clone()); + if let Some((chunks_slice, rename)) = RENAMINGS.get_longest(chunks) { + let rename: Vec = rename.iter().map(|s| s.to_string()).collect(); + if chunks_slice.len() >= rendered.module.len() { + let remainings = chunks_slice.len() - rendered.module.len(); + let (mod_part, path_part) = rename.split_at((rename.len() - remainings).max(1)); + rendered.module = mod_part.to_vec(); + rendered.path.splice(0..remainings, path_part.to_vec()); + } else { + rendered.module.splice(0..chunks_slice.len(), rename); + } + } +} diff --git a/rust-engine/src/main.rs b/rust-engine/src/main.rs index a022f4ca0..8a74cc918 100644 --- a/rust-engine/src/main.rs +++ b/rust-engine/src/main.rs @@ -15,7 +15,7 @@ fn main() { impl_infos: value.impl_infos, kind: hax_rust_engine::ocaml_engine::QueryKind::ImportThir { input: value.input, - apply_phases: !matches!(&value.backend.backend, Backend::GenerateRustEngineNames), + apply_phases: matches!(&value.backend.backend, Backend::Lean), translation_options: value.backend.translation_options, }, }; From 63790b4efd25ad8f77ed29cad910ebe48e4ece8b Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Thu, 18 Sep 2025 14:17:47 +0200 Subject: [PATCH 04/56] feat(examples): extract via the rust backend --- .gitignore | 1 + examples/barrett/Makefile | 15 +++++++++++---- .../barrett/proofs/rust/extraction/Cargo.toml | 11 +++++++++++ 3 files changed, 23 insertions(+), 4 deletions(-) create mode 100644 examples/barrett/proofs/rust/extraction/Cargo.toml diff --git a/.gitignore b/.gitignore index 1a36fe8a1..737f1d914 100644 --- a/.gitignore +++ b/.gitignore @@ -17,3 +17,4 @@ proof-libs/fstar/rust_primitives/#*# !**/proofs/fstar/extraction/*.fst !**/proofs/coq/extraction/*.v !**/proofs/lean/extraction/lakefile.toml +!**/proofs/rust/extraction/Cargo.toml diff --git a/examples/barrett/Makefile b/examples/barrett/Makefile index 29ce35672..69b3a5c9b 100644 --- a/examples/barrett/Makefile +++ b/examples/barrett/Makefile @@ -1,10 +1,17 @@ -.PHONY: default lean clean -default: lean +.PHONY: default fstar rust clean + +default: fstar rust make -C proofs/fstar/extraction -lean: - cargo hax into lean +fstar: + cargo hax into fstar + +rust: + cargo hax into rust + cd proofs/rust/extraction + cargo build clean: rm -f proofs/fstar/extraction/.depend rm -f proofs/fstar/extraction/*.fst + rm -f proofs/rust/extraction/*.rs diff --git a/examples/barrett/proofs/rust/extraction/Cargo.toml b/examples/barrett/proofs/rust/extraction/Cargo.toml new file mode 100644 index 000000000..541a1c4e6 --- /dev/null +++ b/examples/barrett/proofs/rust/extraction/Cargo.toml @@ -0,0 +1,11 @@ +[package] +name = "extraction" +version = "0.1.0" +edition = "2024" + +[lib] +path = "barrett.rs" + +[dependencies] + +[workspace] From 1422d78604e15e2f9ad45596a2b3d757fecc10a3 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Thu, 25 Sep 2025 14:20:22 +0200 Subject: [PATCH 05/56] fix(nix): allow file `renamings` --- cli/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/cli/default.nix b/cli/default.nix index 1613afd9e..40bca0b07 100644 --- a/cli/default.nix +++ b/cli/default.nix @@ -11,9 +11,10 @@ let src = lib.cleanSourceWith { src = craneLib.path ./..; filter = path: type: - builtins.isNull (builtins.match ".*/tests/.*" path) - && (craneLib.filterCargoSources path type - || is-webapp-static-asset path); + (builtins.isNull (builtins.match ".*/tests/.*" path) + && (craneLib.filterCargoSources path type + || is-webapp-static-asset path)) + || !(builtins.isNull (builtins.match ".*/renamings" path)); }; inherit buildInputs doCheck; doNotRemoveReferencesToRustToolchain = true; From 148cd20be23fd01d1af3c7f6e1475ad16e4b4fa4 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Thu, 18 Sep 2025 14:19:20 +0200 Subject: [PATCH 06/56] chore(changelog) --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 36c953376..a3d8c4a45 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,7 @@ Changes to the Rust Engine: - Printers now emit proper diagnostics (PR #1669) - Global identifiers are now interned (#1689) - Global identifiers are encapsulated properly, and provide easy destructuring as tuple identifiers (#1693) + - Add a proper Rust backend (evit fork: #114) Changes to the frontend: - Add an explicit `Self: Trait` clause to trait methods and consts (#1559) From 8a2612c1fb5ff32f537663719130a87443902cb7 Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Thu, 9 Oct 2025 17:30:08 +0200 Subject: [PATCH 07/56] Core models core::num + fix indexes for bound names. --- engine/lib/ast_utils.ml | 37 - engine/lib/import_thir.ml | 50 +- engine/lib/phases/phase_rewrite_local_self.ml | 47 +- hax-lib/core-models/Cargo.lock | 21 +- hax-lib/core-models/Cargo.toml | 3 + hax-lib/core-models/hax.sh | 2 +- .../core-models/rust_primitives/Cargo.toml | 7 + .../core-models/rust_primitives/src/lib.rs | 107 ++ hax-lib/core-models/src/core/hash.rs | 4 +- hax-lib/core-models/src/core/mem.rs | 5 + hax-lib/core-models/src/core/num/mod.rs | 328 +++++ hax-lib/core-models/src/core/ops.rs | 56 +- .../proof-libs/fstar/core/Core_models.Cmp.fst | 120 +- .../fstar/core/Core_models.Error.fsti | 9 +- .../fstar/core/Core_models.Marker.fst | 7 +- .../proof-libs/fstar/core/Core_models.Mem.fst | 12 + .../proof-libs/fstar/core/Core_models.Num.fst | 1123 +++++++++++++++++ .../fstar/core/Core_models.Num.fsti | 227 ---- .../fstar/core/Core_models.Ops.Function.fst | 40 +- .../fstar/core/Core_models.Option.fst | 36 +- .../fstar/core/Core_models.Result.fst | 10 +- .../Rust_primitives.Arithmetic.fsti | 208 +++ 22 files changed, 2011 insertions(+), 448 deletions(-) create mode 100644 hax-lib/core-models/rust_primitives/Cargo.toml create mode 100644 hax-lib/core-models/rust_primitives/src/lib.rs create mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Num.fst delete mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Num.fsti create mode 100644 hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Arithmetic.fsti diff --git a/engine/lib/ast_utils.ml b/engine/lib/ast_utils.ml index fad12a611..96fb0c6a4 100644 --- a/engine/lib/ast_utils.ml +++ b/engine/lib/ast_utils.ml @@ -213,43 +213,6 @@ module Make (F : Features.T) = struct expr e end - (** Rename impl expressions variables. By default, they are big and unique - identifiers, after this function, they are renamed into `iN` where `N` - is a short local unique identifier. *) - let rename_generic_constraints = - object - inherit [_] Visitors.map as super - - method! visit_generic_constraint - ((enabled, s) : bool * (string, string) Hashtbl.t) gc = - match gc with - | GCType { goal; name } when enabled -> - let new_name = - Hashtbl.find_or_add s name ~default:(fun () -> - "i" ^ Int.to_string (Hashtbl.length s)) - in - let goal = super#visit_trait_goal (enabled, s) goal in - GCType { goal; name = new_name } - | _ -> super#visit_generic_constraint (enabled, s) gc - - method! visit_trait_item (_, s) = super#visit_trait_item (true, s) - - method! visit_item' (_, s) item = - let enabled = - (* generic constraints on traits correspond to super - traits, those are not local and should NOT be renamed *) - [%matches? Trait _] item |> not - in - super#visit_item' (enabled, s) item - - method! visit_impl_expr_kind s ie = - match ie with - | LocalBound { id } -> - LocalBound - { id = Hashtbl.find (snd s) id |> Option.value ~default:id } - | _ -> super#visit_impl_expr_kind s ie - end - let drop_bodies = object inherit [_] Visitors.map as super diff --git a/engine/lib/import_thir.ml b/engine/lib/import_thir.ml index 287165106..5601b3727 100644 --- a/engine/lib/import_thir.ml +++ b/engine/lib/import_thir.ml @@ -1179,13 +1179,17 @@ end) : EXPR = struct match chunk with | AssocItem { item; predicate = { value = { trait_ref; _ }; _ }; index; _ } -> - let ident = { goal = c_trait_ref span trait_ref; name = index } in + let ident = + { goal = c_trait_ref span trait_ref; name = "i" ^ index } + in let item = Concrete_ident.of_def_id ~value:false item.value.def_id in let trait_ref = c_trait_ref span trait_ref in Projection { impl = { kind = item_kind; goal = trait_ref }; ident; item } | Parent { predicate = { value = { trait_ref; _ }; _ }; index; _ } -> - let ident = { goal = c_trait_ref span trait_ref; name = index } in + let ident = + { goal = c_trait_ref span trait_ref; name = "i" ^ index } + in let trait_ref = c_trait_ref span trait_ref in Parent { impl = { kind = item_kind; goal = trait_ref }; ident } in @@ -1195,7 +1199,7 @@ end) : EXPR = struct let args = List.map ~f:(c_generic_value span) generic_args in Concrete { trait; args } | LocalBound { index; path; _ } -> - let init = LocalBound { id = index } in + let init = LocalBound { id = "i" ^ index } in List.fold ~init ~f:browse_path path | Dyn -> Dyn | SelfImpl { path; _ } -> List.fold ~init:Self ~f:browse_path path @@ -1292,7 +1296,7 @@ end) : EXPR = struct let trait = Concrete_ident.of_def_id ~value:false trait_ref.value.def_id in - Some (GCType { goal = { trait; args }; name = Int.to_string id }) + Some (GCType { goal = { trait; args }; name = "i" ^ Int.to_string id }) | Projection { impl_expr; assoc_item; ty } -> let impl = c_impl_expr span impl_expr in let assoc_item = @@ -1317,8 +1321,18 @@ end) : EXPR = struct in aux [] + let c_bounds span bounds = + List.fold_left ~init:(0, []) + ~f:(fun (i, clauses) c -> + match c_clause span i c with + | Some (GCType _ as c) -> (i + 1, c :: clauses) + | Some c -> (i, c :: clauses) + | None -> (i, clauses)) + bounds + |> snd |> List.rev + let c_generics (generics : Thir.generics) : generics = - let bounds = List.filter_mapi ~f:(c_clause generics.span) generics.bounds in + let bounds = c_bounds generics.span generics.bounds in { params = List.map ~f:c_generic_param generics.params; constraints = bounds |> list_dedup equal_generic_constraint; @@ -1353,7 +1367,7 @@ end) : EXPR = struct } | Type (bounds, None) -> let bounds = - List.filter_mapi ~f:(c_clause span) bounds + c_bounds span bounds |> List.filter_map ~f:(fun bound -> match bound with GCType impl -> Some impl | _ -> None) in @@ -1803,14 +1817,16 @@ and c_item_unwrapped ~ident ~type_only (item : Thir.item) : item list = { typ = c_ty item.span ty; parent_bounds = - List.filter_mapi - ~f:(fun i (clause, impl_expr, span) -> - let* bound = c_clause span i clause in - match bound with - | GCType trait_goal -> - Some (c_impl_expr span impl_expr, trait_goal) - | _ -> None) - parent_bounds; + List.fold_left ~init:(0, []) + ~f:(fun (i, clauses) (clause, impl_expr, span) -> + match c_clause span i clause with + | Some (GCType trait_goal) -> + ( i + 1, + (c_impl_expr span impl_expr, trait_goal) + :: clauses ) + | _ -> (i, clauses)) + parent_bounds + |> snd |> List.rev; }); ii_ident; ii_attrs = c_item_attrs item.attributes; @@ -1884,11 +1900,7 @@ let import_item ~type_only (item : Thir.item) : concrete_ident * (item list * Diagnostics.t list) = let ident = Concrete_ident.of_def_id ~value:false item.owner_id in let r, reports = - let f = - U.Mappers.rename_generic_constraints#visit_item - (true, Hashtbl.create (module String)) - >> U.Reducers.disambiguate_local_idents - in + let f = U.Reducers.disambiguate_local_idents in Diagnostics.Core.capture (fun _ -> c_item item ~ident ~type_only |> List.map ~f) in diff --git a/engine/lib/phases/phase_rewrite_local_self.ml b/engine/lib/phases/phase_rewrite_local_self.ml index aedfa119c..bbfb11783 100644 --- a/engine/lib/phases/phase_rewrite_local_self.ml +++ b/engine/lib/phases/phase_rewrite_local_self.ml @@ -15,36 +15,25 @@ module Make (F : Features.T) = let ditem i = match i.v with - | Trait { name; generics; _ } -> - let generic_eq (param : generic_param) (value : generic_value) = - (let* id = - match (param.kind, value) with - | GPConst _, GConst { e = LocalVar id; _ } -> Some id - | GPType, GType (TParam id) -> Some id - | GPLifetime _, GLifetime _ -> Some param.ident - | _ -> None - in - Some ([%eq: Ast.local_ident] id param.ident)) - |> Option.value ~default:false - in - let generics_eq params values = - match List.for_all2 ~f:generic_eq params values with - | List.Or_unequal_lengths.Ok v -> v - | List.Or_unequal_lengths.Unequal_lengths -> false - in - (object - inherit [_] U.Visitors.map as super + | Trait ({ items; _ } as t) -> + let items = + List.map + ~f: + ((object + inherit [_] U.Visitors.map as super - method! visit_impl_expr () ie = - match super#visit_impl_expr () ie with - | { kind = LocalBound _; goal = { args; trait } } - when [%eq: Ast.concrete_ident] trait name - && generics_eq generics.params args -> - { ie with kind = Self } - | ie -> ie - end) - #visit_item - () i + method! visit_impl_expr () ie = + match super#visit_impl_expr () ie with + | { kind = LocalBound { id }; _ } + when [%eq: string] id "i0" -> + { ie with kind = Self } + | ie -> ie + end) + #visit_trait_item + ()) + items + in + { i with v = Trait { t with items } } | _ -> i let ditems = List.map ~f:ditem diff --git a/hax-lib/core-models/Cargo.lock b/hax-lib/core-models/Cargo.lock index 9fc55a41b..656d62902 100644 --- a/hax-lib/core-models/Cargo.lock +++ b/hax-lib/core-models/Cargo.lock @@ -25,6 +25,8 @@ name = "core-models" version = "0.1.0" dependencies = [ "hax-lib", + "pastey", + "rust_primitives", ] [[package]] @@ -41,7 +43,7 @@ dependencies = [ [[package]] name = "hax-lib" -version = "0.3.2" +version = "0.3.4" dependencies = [ "hax-lib-macros", "num-bigint", @@ -50,7 +52,7 @@ dependencies = [ [[package]] name = "hax-lib-macros" -version = "0.3.2" +version = "0.3.4" dependencies = [ "hax-lib-macros-types", "proc-macro-error2", @@ -61,7 +63,7 @@ dependencies = [ [[package]] name = "hax-lib-macros-types" -version = "0.3.2" +version = "0.3.4" dependencies = [ "proc-macro2", "quote", @@ -138,6 +140,12 @@ version = "1.21.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" +[[package]] +name = "pastey" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "35fb2e5f958ec131621fdd531e9fc186ed768cbe395337403ae56c17a74c68ec" + [[package]] name = "proc-macro-error-attr2" version = "2.0.0" @@ -184,6 +192,13 @@ version = "5.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f" +[[package]] +name = "rust_primitives" +version = "0.1.0" +dependencies = [ + "pastey", +] + [[package]] name = "rustversion" version = "1.0.22" diff --git a/hax-lib/core-models/Cargo.toml b/hax-lib/core-models/Cargo.toml index a1461ed3e..186c6022a 100644 --- a/hax-lib/core-models/Cargo.toml +++ b/hax-lib/core-models/Cargo.toml @@ -5,9 +5,12 @@ edition = "2024" [dependencies] hax-lib = { "path" = ".." } +pastey = "0.1.1" +rust_primitives = { "path" = "rust_primitives" } # Workaround for https://github.com/rust-lang/cargo/issues/6745 [workspace] +members = ["rust_primitives"] [lints.rust] unexpected_cfgs = { level = "warn", check-cfg = ['cfg(hax)', 'cfg(hax_compilation)', 'cfg(hax_backend_fstar)'] } diff --git a/hax-lib/core-models/hax.sh b/hax-lib/core-models/hax.sh index 0a3e2276a..a685e90c5 100755 --- a/hax-lib/core-models/hax.sh +++ b/hax-lib/core-models/hax.sh @@ -3,7 +3,7 @@ set -e function extract_and_copy() { go_to "./" - HAX_CORE_MODELS_EXTRACTION_MODE=on cargo hax into -i '-**::ops::arith::** -**::convert::**' fstar --interfaces '+!**::num::* +!**::panicking::internal +!core_models::borrow +!core_models::default +!core_models::error +!core_models::hash +!core_models::hint +!core_models::num +!core_models::ops::bit' + HAX_CORE_MODELS_EXTRACTION_MODE=on cargo hax into -i '-**::rust_primitives::** -**::ops::arith::** -**::convert::**' fstar --interfaces '+!**::num::error +!**::panicking::internal +!core_models::borrow +!core_models::default +!core_models::error +!core_models::hash +!core_models::hint +!core_models::ops::bit' cp proofs/fstar/extraction/*.fst* ../proof-libs/fstar/core } diff --git a/hax-lib/core-models/rust_primitives/Cargo.toml b/hax-lib/core-models/rust_primitives/Cargo.toml new file mode 100644 index 000000000..f270a4443 --- /dev/null +++ b/hax-lib/core-models/rust_primitives/Cargo.toml @@ -0,0 +1,7 @@ +[package] +name = "rust_primitives" +version = "0.1.0" +edition = "2024" + +[dependencies] +pastey = "0.1.1" diff --git a/hax-lib/core-models/rust_primitives/src/lib.rs b/hax-lib/core-models/rust_primitives/src/lib.rs new file mode 100644 index 000000000..c743dfe0a --- /dev/null +++ b/hax-lib/core-models/rust_primitives/src/lib.rs @@ -0,0 +1,107 @@ +#![allow(unused_variables)] + +pub mod arithmetic { + use pastey::paste; + + macro_rules! arithmetic_ops { + ( + types: $t:ident, + ops: $($op:ident)*, + overflowing_ops: $($ov_op:ident)*, + ) => { + paste!{ + $(pub fn [<$op _ $t>](x: $t, y: $t) -> $t { + panic!() + })* + $(pub fn [<$ov_op _ $t>](x: $t, y: $t) -> ($t, bool) { + panic!() + })* + } + }; + + ( + types: $first_t:ident $($t:ident)+, + ops: $($op:ident)*, + overflowing_ops: $($ov_op:ident)*, + ) => { + arithmetic_ops!(types: $first_t, ops: $($op)*, overflowing_ops: $($ov_op)*,); + arithmetic_ops!(types: $($t)*, ops: $($op)*, overflowing_ops: $($ov_op)*,); + }; + + } + + macro_rules! all_ops { + ( + $($Self: ident)*, + $($Bytes: expr)*, + ) => { + paste! { + $( + pub fn [](x: $Self, exp: u32) -> $Self { + panic!() + } + pub fn [](x: $Self) -> u32 { + panic!() + } + pub fn [](x: $Self, n: u32) -> $Self { + panic!() + } + pub fn [](x: $Self, n: u32) -> $Self { + panic!() + } + pub fn [](x: $Self) -> u32 { + panic!() + } + pub fn [](x: $Self) -> u32 { + panic!() + } + pub fn [](bytes: [$Self; $Bytes]) -> $Self { + panic!() + } + pub fn [](bytes: [$Self; $Bytes]) -> $Self { + panic!() + } + pub fn [](bytes: $Self) -> [$Self; $Bytes] { + panic!() + } + pub fn [](bytes: $Self) -> [$Self; $Bytes] { + panic!() + })* + } + } + } + + macro_rules! signed_ops { + ($($Self: ident)*) => { + paste! { + $( + pub fn [](x: $Self) -> bool { + panic!() + } + )* + } + } + } + + // Dummy values, to be defined by backends + pub const SIZE_BYTES: usize = 0; + pub const SIZE_BITS: u32 = 0; + pub const USIZE_MAX: usize = 0; + pub const ISIZE_MAX: isize = 0; + pub const ISIZE_MIN: isize = 0; + + arithmetic_ops! { + types: u8 u16 u32 u64 u128 usize i8 i16 i32 i64 i128 isize, + ops: wrapping_add saturating_add wrapping_sub saturating_sub wrapping_mul saturating_mul rem_euclid, + overflowing_ops: overflowing_add overflowing_sub overflowing_mul, + } + + all_ops! { + u8 u16 u32 u64 u128 usize i8 i16 i32 i64 i128 isize, + 1 2 4 8 16 SIZE_BYTES 1 2 4 8 16 SIZE_BYTES, + } + + signed_ops! { + i8 i16 i32 i64 i128 isize + } +} diff --git a/hax-lib/core-models/src/core/hash.rs b/hax-lib/core-models/src/core/hash.rs index fb5f72dde..5fe4bbf8f 100644 --- a/hax-lib/core-models/src/core/hash.rs +++ b/hax-lib/core-models/src/core/hash.rs @@ -1,5 +1,5 @@ -trait Hasher {} +pub trait Hasher {} -trait Hash { +pub trait Hash { fn hash(&self, h: H) -> H; } diff --git a/hax-lib/core-models/src/core/mem.rs b/hax-lib/core-models/src/core/mem.rs index 7f1b71a0c..5200ecdd0 100644 --- a/hax-lib/core-models/src/core/mem.rs +++ b/hax-lib/core-models/src/core/mem.rs @@ -88,6 +88,11 @@ pub unsafe fn zeroed() -> T { panic!() } +#[hax_lib::opaque] +pub unsafe fn transmute(src: Src) -> Dst { + panic!() +} + mod manually_drop { pub struct ManuallyDrop { value: T, diff --git a/hax-lib/core-models/src/core/num/mod.rs b/hax-lib/core-models/src/core/num/mod.rs index a91e73517..6922751b5 100644 --- a/hax-lib/core-models/src/core/num/mod.rs +++ b/hax-lib/core-models/src/core/num/mod.rs @@ -1 +1,329 @@ +#![allow(non_camel_case_types, unused_variables)] + +use pastey::paste; + pub mod error; + +#[hax_lib::fstar::before("open Rust_primitives.Integers")] +#[hax_lib::fstar::before("open Rust_primitives.Arrays")] +use rust_primitives::arithmetic::*; + +macro_rules! uint_impl { + ( + $Self: ty, + $Name: ty, + $Max: expr, + $Bits: expr, + $Bytes: expr, + ) => { + #[hax_lib::attributes] + impl $Name { + pub const MIN: $Self = 0; + pub const MAX: $Self = $Max; + pub const BITS: core::primitive::u32 = $Bits; + fn wrapping_add(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn saturating_add(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn overflowing_add(x: $Self, y: $Self) -> ($Self, bool) { + paste! { [](x, y) } + } + fn wrapping_sub(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn saturating_sub(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn overflowing_sub(x: $Self, y: $Self) -> ($Self, bool) { + paste! { [](x, y) } + } + fn wrapping_mul(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn saturating_mul(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn overflowing_mul(x: $Self, y: $Self) -> ($Self, bool) { + paste! { [](x, y) } + } + #[hax_lib::requires(y != 0)] + fn rem_euclid(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn pow(x: $Self, exp: core::primitive::u32) -> $Self { + paste! { [](x, exp) } + } + fn count_ones(x: $Self) -> core::primitive::u32 { + paste! { [](x) } + } + #[hax_lib::opaque] + fn rotate_right(x: $Self, n: core::primitive::u32) -> $Self { + paste! { [](x, n) } + } + #[hax_lib::opaque] + fn rotate_left(x: $Self, n: core::primitive::u32) -> $Self { + paste! { [](x, n) } + } + #[hax_lib::opaque] + fn leading_zeros(x: $Self) -> core::primitive::u32 { + paste! { [](x) } + } + #[hax_lib::opaque] + fn ilog2(x: $Self) -> core::primitive::u32 { + paste! { [](x) } + } + #[hax_lib::opaque] + fn from_str_radix( + src: &str, + radix: core::primitive::u32, + ) -> Result<$Self, error::ParseIntError> { + crate::panicking::internal::panic() + } + #[hax_lib::opaque] + fn from_be_bytes(bytes: [$Self; $Bytes]) -> $Self { + paste! { [](bytes) } + } + #[hax_lib::opaque] + fn from_le_bytes(bytes: [$Self; $Bytes]) -> $Self { + paste! { [](bytes) } + } + #[hax_lib::opaque] + fn to_be_bytes(bytes: $Self) -> [$Self; $Bytes] { + paste! { [](bytes) } + } + #[hax_lib::opaque] + fn to_le_bytes(bytes: $Self) -> [$Self; $Bytes] { + paste! { [](bytes) } + } + } + }; +} + +macro_rules! iint_impl { + ( + $Self: ty, + $Name: ty, + $Max: expr, + $Min: expr, + $Bits: expr, + $Bytes: expr, + ) => { + #[hax_lib::attributes] + impl $Name { + pub const MIN: $Self = $Min; + pub const MAX: $Self = $Max; + pub const BITS: core::primitive::u32 = $Bits; + fn wrapping_add(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn saturating_add(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn overflowing_add(x: $Self, y: $Self) -> ($Self, bool) { + paste! { [](x, y) } + } + fn wrapping_sub(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn saturating_sub(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn overflowing_sub(x: $Self, y: $Self) -> ($Self, bool) { + paste! { [](x, y) } + } + fn wrapping_mul(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn saturating_mul(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn overflowing_mul(x: $Self, y: $Self) -> ($Self, bool) { + paste! { [](x, y) } + } + #[hax_lib::requires(y != 0)] + fn rem_euclid(x: $Self, y: $Self) -> $Self { + paste! { [](x, y) } + } + fn pow(x: $Self, exp: core::primitive::u32) -> $Self { + paste! { [](x, exp) } + } + fn count_ones(x: $Self) -> core::primitive::u32 { + paste! { [](x) } + } + #[hax_lib::requires(x > $Self::MIN)] + fn abs(x: $Self) -> bool { + paste! { [](x) } + } + #[hax_lib::opaque] + fn rotate_right(x: $Self, n: core::primitive::u32) -> $Self { + paste! { [](x, n) } + } + #[hax_lib::opaque] + fn rotate_left(x: $Self, n: core::primitive::u32) -> $Self { + paste! { [](x, n) } + } + #[hax_lib::opaque] + fn leading_zeros(x: $Self) -> core::primitive::u32 { + paste! { [](x) } + } + #[hax_lib::opaque] + fn ilog2(x: $Self) -> core::primitive::u32 { + paste! { [](x) } + } + #[hax_lib::opaque] + fn from_str_radix( + src: &str, + radix: core::primitive::u32, + ) -> Result<$Self, error::ParseIntError> { + crate::panicking::internal::panic() + } + #[hax_lib::opaque] + fn from_be_bytes(bytes: [$Self; $Bytes]) -> $Self { + paste! { [](bytes) } + } + #[hax_lib::opaque] + fn from_le_bytes(bytes: [$Self; $Bytes]) -> $Self { + paste! { [](bytes) } + } + #[hax_lib::opaque] + fn to_be_bytes(bytes: $Self) -> [$Self; $Bytes] { + paste! { [](bytes) } + } + #[hax_lib::opaque] + fn to_le_bytes(bytes: $Self) -> [$Self; $Bytes] { + paste! { [](bytes) } + } + } + }; +} + +// These types are a trick to define impls on the right names as +// it is forbidden to do it on primitive types +#[hax_lib::exclude] +pub struct u8; +#[hax_lib::exclude] +pub struct u16; +#[hax_lib::exclude] +pub struct u32; +#[hax_lib::exclude] +pub struct u64; +#[hax_lib::exclude] +pub struct u128; +#[hax_lib::exclude] +pub struct usize; +#[hax_lib::exclude] +pub struct i8; +#[hax_lib::exclude] +pub struct i16; +#[hax_lib::exclude] +pub struct i32; +#[hax_lib::exclude] +pub struct i64; +#[hax_lib::exclude] +pub struct i128; +#[hax_lib::exclude] +pub struct isize; + +uint_impl! { + core::primitive::u8, + u8, + 255, + 8, + 1, +} + +uint_impl! { + core::primitive::u16, + u16, + 65535, + 16, + 2, +} + +uint_impl! { + core::primitive::u32, + u32, + 4294967295, + 32, + 4, +} + +uint_impl! { + core::primitive::u64, + u64, + 18446744073709551615, + 64, + 8, +} + +uint_impl! { + core::primitive::u128, + u128, + 340282366920938463463374607431768211455, + 128, + 16, +} + +uint_impl! { + core::primitive::usize, + usize, + USIZE_MAX, + SIZE_BITS, + SIZE_BYTES, +} + +iint_impl! { + core::primitive::i8, + i8, + 127, + -128, + 8, + 1, +} + +iint_impl! { + core::primitive::i16, + i16, + 32767, + -32768, + 16, + 2, +} + +iint_impl! { + core::primitive::i32, + i32, + 2147483647, + -2147483648, + 32, + 4, +} + +iint_impl! { + core::primitive::i64, + i64, + 9223372036854775807, + -9223372036854775808, + 64, + 8, +} + +iint_impl! { + core::primitive::i128, + i128, + 170141183460469231731687303715884105727, + -170141183460469231731687303715884105728, + 128, + 16, +} + +iint_impl! { + core::primitive::isize, + isize, + ISIZE_MAX, + ISIZE_MIN, + SIZE_BITS, + SIZE_BYTES, +} diff --git a/hax-lib/core-models/src/core/ops.rs b/hax-lib/core-models/src/core/ops.rs index f27f9e939..fc48ead67 100644 --- a/hax-lib/core-models/src/core/ops.rs +++ b/hax-lib/core-models/src/core/ops.rs @@ -31,6 +31,26 @@ pub mod arith { type Output; fn div_assign(self, rhs: Rhs) -> Self::Output; } + + macro_rules! int_trait_impls { + ($($Self:ty)*) => { + $( + impl crate::ops::arith::AddAssign<$Self> for $Self { + type Output = $Self; + fn add_assign(self, rhs: $Self) -> $Self { + self + rhs + } + } + impl crate::ops::arith::SubAssign<$Self> for $Self { + type Output = $Self; + fn sub_assign(self, rhs: $Self) -> $Self { + self - rhs + } + })* + } + } + + int_trait_impls!(u8 u16 u32 u64); } pub mod bit { @@ -65,24 +85,6 @@ pub mod index { } pub mod function { - /* These instances provide implementations of the F* type classes corresponding to Fn traits for anonymous functions. - This ensures that passing a closure where something implementing Fn works when translated to F* */ - #[hax_lib::fstar::after( - "unfold instance fnonce_arrow t u - : t_FnOnce (t -> u) t = { - f_Output = u; - f_call_once_pre = (fun _ _ -> true); - f_call_once_post = (fun (x0: t -> u) (x1: t) (res: u) -> res == x0 x1); - f_call_once = (fun (x0: t -> u) (x1: t) -> x0 x1); - } -unfold instance fnonce_arrow_binder t u - : t_FnOnce (_:t -> u) t = { - f_Output = u; - f_call_once_pre = (fun _ _ -> true); - f_call_once_post = (fun (x0: (_:t -> u)) (x1: t) (res: u) -> res == x0 x1); - f_call_once = (fun (x0: (_:t -> u)) (x1: t) -> x0 x1); - } " - )] #[hax_lib::attributes] pub trait FnOnce { type Output; @@ -94,6 +96,24 @@ unfold instance fnonce_arrow_binder t u #[hax_lib::requires(true)] fn call(&self, args: Args) -> Self::Output; } + + /* These instances provide implementations of the F* type classes corresponding to Fn traits for anonymous functions. + This ensures that passing a closure where something implementing Fn works when translated to F* */ + #[hax_lib::fstar::after( + "unfold instance fnonce_arrow_binder t u + : t_FnOnce (_:t -> u) t = { + f_Output = u; + f_call_once_pre = (fun _ _ -> true); + f_call_once_post = (fun (x0: (_:t -> u)) (x1: t) (res: u) -> res == x0 x1); + f_call_once = (fun (x0: (_:t -> u)) (x1: t) -> x0 x1); + }" + )] + impl FnOnce for fn(Args) -> Out { + type Output = Out; + fn call_once(&self, args: Args) -> Out { + self(args) + } + } } mod try_trait { diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Cmp.fst b/hax-lib/proof-libs/fstar/core/Core_models.Cmp.fst index 496e4545b..87d0ee642 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Cmp.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Cmp.fst @@ -12,11 +12,11 @@ class t_PartialEq (v_Self: Type0) (v_Rhs: Type0) = { } class t_Eq (v_Self: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]_super_7793694353819391875:t_PartialEq v_Self v_Self + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:t_PartialEq v_Self v_Self } [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) {|i: t_Eq v_Self|} -> i._super_7793694353819391875 +let _ = fun (v_Self:Type0) {|i: t_Eq v_Self|} -> i._super_i0 type t_Ordering = | Ordering_Less : t_Ordering @@ -36,7 +36,7 @@ let t_Ordering_cast_to_repr (x: t_Ordering) : isize = | Ordering_Greater -> anon_const_Ordering_Greater__anon_const_0 class t_PartialOrd (v_Self: Type0) (v_Rhs: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]_super_4666540144042099734:t_PartialEq v_Self v_Rhs; + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:t_PartialEq v_Self v_Rhs; f_partial_cmp_pre:self_: v_Self -> other: v_Rhs -> pred: Type0{true ==> pred}; f_partial_cmp_post:v_Self -> v_Rhs -> Core_models.Option.t_Option t_Ordering -> Type0; f_partial_cmp:x0: v_Self -> x1: v_Rhs @@ -46,7 +46,7 @@ class t_PartialOrd (v_Self: Type0) (v_Rhs: Type0) = { } [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) (v_Rhs:Type0) {|i: t_PartialOrd v_Self v_Rhs|} -> i._super_4666540144042099734 +let _ = fun (v_Self:Type0) (v_Rhs:Type0) {|i: t_PartialOrd v_Self v_Rhs|} -> i._super_i0 class t_Neq (v_Self: Type0) (v_Rhs: Type0) = { f_neq_pre:self_: v_Self -> y: v_Rhs -> pred: Type0{true ==> pred}; @@ -219,8 +219,8 @@ let impl_1 (#v_T: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_Partia } class t_Ord (v_Self: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]_super_4518226736117889738:t_Eq v_Self; - [@@@ FStar.Tactics.Typeclasses.no_method]_super_13434448650954310000:t_PartialOrd v_Self v_Self; + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:t_Eq v_Self; + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i1:t_PartialOrd v_Self v_Self; f_cmp_pre:self_: v_Self -> other: v_Self -> pred: Type0{true ==> pred}; f_cmp_post:v_Self -> v_Self -> t_Ordering -> Type0; f_cmp:x0: v_Self -> x1: v_Self @@ -228,10 +228,10 @@ class t_Ord (v_Self: Type0) = { } [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) {|i: t_Ord v_Self|} -> i._super_4518226736117889738 +let _ = fun (v_Self:Type0) {|i: t_Ord v_Self|} -> i._super_i0 [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) {|i: t_Ord v_Self|} -> i._super_13434448650954310000 +let _ = fun (v_Self:Type0) {|i: t_Ord v_Self|} -> i._super_i1 let max (#v_T: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_Ord v_T) (v1 v2: v_T) : v_T = match f_cmp #v_T #FStar.Tactics.Typeclasses.solve v1 v2 <: t_Ordering with @@ -261,7 +261,7 @@ let impl_3 (#v_T: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_Partia let impl_2 (#v_T: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_PartialOrd v_T v_T) : t_PartialOrd (t_Reverse v_T) (t_Reverse v_T) = { - _super_4666540144042099734 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_partial_cmp_pre = (fun (self: t_Reverse v_T) (other: t_Reverse v_T) -> true); f_partial_cmp_post = @@ -279,14 +279,14 @@ let impl_2 (#v_T: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_Partia [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_4 (#v_T: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_Eq v_T) - : t_Eq (t_Reverse v_T) = { _super_7793694353819391875 = FStar.Tactics.Typeclasses.solve } + : t_Eq (t_Reverse v_T) = { _super_i0 = FStar.Tactics.Typeclasses.solve } [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_5 (#v_T: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_Ord v_T) : t_Ord (t_Reverse v_T) = { - _super_4518226736117889738 = FStar.Tactics.Typeclasses.solve; - _super_13434448650954310000 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; + _super_i1 = FStar.Tactics.Typeclasses.solve; f_cmp_pre = (fun (self: t_Reverse v_T) (other: t_Reverse v_T) -> true); f_cmp_post = (fun (self: t_Reverse v_T) (other: t_Reverse v_T) (out: t_Ordering) -> true); f_cmp @@ -306,7 +306,7 @@ let impl_6: t_PartialEq u8 u8 = [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_30: t_PartialOrd u8 u8 = { - _super_4666540144042099734 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_partial_cmp_pre = (fun (self: u8) (other: u8) -> true); f_partial_cmp_post = @@ -328,13 +328,13 @@ let impl_30: t_PartialOrd u8 u8 = } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_Eq_for_u8: t_Eq u8 = { _super_7793694353819391875 = FStar.Tactics.Typeclasses.solve } +let impl_Eq_for_u8: t_Eq u8 = { _super_i0 = FStar.Tactics.Typeclasses.solve } [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_Ord_for_u8: t_Ord u8 = { - _super_4518226736117889738 = FStar.Tactics.Typeclasses.solve; - _super_13434448650954310000 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; + _super_i1 = FStar.Tactics.Typeclasses.solve; f_cmp_pre = (fun (self: u8) (other: u8) -> true); f_cmp_post = @@ -362,7 +362,7 @@ let impl_8: t_PartialEq i8 i8 = [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_32: t_PartialOrd i8 i8 = { - _super_4666540144042099734 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_partial_cmp_pre = (fun (self: i8) (other: i8) -> true); f_partial_cmp_post = @@ -384,13 +384,13 @@ let impl_32: t_PartialOrd i8 i8 = } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_Eq_for_i8: t_Eq i8 = { _super_7793694353819391875 = FStar.Tactics.Typeclasses.solve } +let impl_Eq_for_i8: t_Eq i8 = { _super_i0 = FStar.Tactics.Typeclasses.solve } [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_Ord_for_i8: t_Ord i8 = { - _super_4518226736117889738 = FStar.Tactics.Typeclasses.solve; - _super_13434448650954310000 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; + _super_i1 = FStar.Tactics.Typeclasses.solve; f_cmp_pre = (fun (self: i8) (other: i8) -> true); f_cmp_post = @@ -418,7 +418,7 @@ let impl_10: t_PartialEq u16 u16 = [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_34: t_PartialOrd u16 u16 = { - _super_4666540144042099734 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_partial_cmp_pre = (fun (self: u16) (other: u16) -> true); f_partial_cmp_post = @@ -440,13 +440,13 @@ let impl_34: t_PartialOrd u16 u16 = } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_Eq_for_u16: t_Eq u16 = { _super_7793694353819391875 = FStar.Tactics.Typeclasses.solve } +let impl_Eq_for_u16: t_Eq u16 = { _super_i0 = FStar.Tactics.Typeclasses.solve } [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_Ord_for_u16: t_Ord u16 = { - _super_4518226736117889738 = FStar.Tactics.Typeclasses.solve; - _super_13434448650954310000 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; + _super_i1 = FStar.Tactics.Typeclasses.solve; f_cmp_pre = (fun (self: u16) (other: u16) -> true); f_cmp_post = @@ -474,7 +474,7 @@ let impl_12: t_PartialEq i16 i16 = [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_36: t_PartialOrd i16 i16 = { - _super_4666540144042099734 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_partial_cmp_pre = (fun (self: i16) (other: i16) -> true); f_partial_cmp_post = @@ -496,13 +496,13 @@ let impl_36: t_PartialOrd i16 i16 = } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_Eq_for_i16: t_Eq i16 = { _super_7793694353819391875 = FStar.Tactics.Typeclasses.solve } +let impl_Eq_for_i16: t_Eq i16 = { _super_i0 = FStar.Tactics.Typeclasses.solve } [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_Ord_for_i16: t_Ord i16 = { - _super_4518226736117889738 = FStar.Tactics.Typeclasses.solve; - _super_13434448650954310000 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; + _super_i1 = FStar.Tactics.Typeclasses.solve; f_cmp_pre = (fun (self: i16) (other: i16) -> true); f_cmp_post = @@ -530,7 +530,7 @@ let impl_14: t_PartialEq u32 u32 = [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_38: t_PartialOrd u32 u32 = { - _super_4666540144042099734 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_partial_cmp_pre = (fun (self: u32) (other: u32) -> true); f_partial_cmp_post = @@ -552,13 +552,13 @@ let impl_38: t_PartialOrd u32 u32 = } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_Eq_for_u32: t_Eq u32 = { _super_7793694353819391875 = FStar.Tactics.Typeclasses.solve } +let impl_Eq_for_u32: t_Eq u32 = { _super_i0 = FStar.Tactics.Typeclasses.solve } [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_Ord_for_u32: t_Ord u32 = { - _super_4518226736117889738 = FStar.Tactics.Typeclasses.solve; - _super_13434448650954310000 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; + _super_i1 = FStar.Tactics.Typeclasses.solve; f_cmp_pre = (fun (self: u32) (other: u32) -> true); f_cmp_post = @@ -586,7 +586,7 @@ let impl_16: t_PartialEq i32 i32 = [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_40: t_PartialOrd i32 i32 = { - _super_4666540144042099734 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_partial_cmp_pre = (fun (self: i32) (other: i32) -> true); f_partial_cmp_post = @@ -608,13 +608,13 @@ let impl_40: t_PartialOrd i32 i32 = } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_Eq_for_i32: t_Eq i32 = { _super_7793694353819391875 = FStar.Tactics.Typeclasses.solve } +let impl_Eq_for_i32: t_Eq i32 = { _super_i0 = FStar.Tactics.Typeclasses.solve } [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_Ord_for_i32: t_Ord i32 = { - _super_4518226736117889738 = FStar.Tactics.Typeclasses.solve; - _super_13434448650954310000 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; + _super_i1 = FStar.Tactics.Typeclasses.solve; f_cmp_pre = (fun (self: i32) (other: i32) -> true); f_cmp_post = @@ -642,7 +642,7 @@ let impl_18: t_PartialEq u64 u64 = [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_42: t_PartialOrd u64 u64 = { - _super_4666540144042099734 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_partial_cmp_pre = (fun (self: u64) (other: u64) -> true); f_partial_cmp_post = @@ -664,13 +664,13 @@ let impl_42: t_PartialOrd u64 u64 = } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_Eq_for_u64: t_Eq u64 = { _super_7793694353819391875 = FStar.Tactics.Typeclasses.solve } +let impl_Eq_for_u64: t_Eq u64 = { _super_i0 = FStar.Tactics.Typeclasses.solve } [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_Ord_for_u64: t_Ord u64 = { - _super_4518226736117889738 = FStar.Tactics.Typeclasses.solve; - _super_13434448650954310000 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; + _super_i1 = FStar.Tactics.Typeclasses.solve; f_cmp_pre = (fun (self: u64) (other: u64) -> true); f_cmp_post = @@ -698,7 +698,7 @@ let impl_20: t_PartialEq i64 i64 = [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_44: t_PartialOrd i64 i64 = { - _super_4666540144042099734 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_partial_cmp_pre = (fun (self: i64) (other: i64) -> true); f_partial_cmp_post = @@ -720,13 +720,13 @@ let impl_44: t_PartialOrd i64 i64 = } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_Eq_for_i64: t_Eq i64 = { _super_7793694353819391875 = FStar.Tactics.Typeclasses.solve } +let impl_Eq_for_i64: t_Eq i64 = { _super_i0 = FStar.Tactics.Typeclasses.solve } [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_Ord_for_i64: t_Ord i64 = { - _super_4518226736117889738 = FStar.Tactics.Typeclasses.solve; - _super_13434448650954310000 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; + _super_i1 = FStar.Tactics.Typeclasses.solve; f_cmp_pre = (fun (self: i64) (other: i64) -> true); f_cmp_post = @@ -754,7 +754,7 @@ let impl_22: t_PartialEq u128 u128 = [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_46: t_PartialOrd u128 u128 = { - _super_4666540144042099734 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_partial_cmp_pre = (fun (self: u128) (other: u128) -> true); f_partial_cmp_post = @@ -776,13 +776,13 @@ let impl_46: t_PartialOrd u128 u128 = } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_Eq_for_u128: t_Eq u128 = { _super_7793694353819391875 = FStar.Tactics.Typeclasses.solve } +let impl_Eq_for_u128: t_Eq u128 = { _super_i0 = FStar.Tactics.Typeclasses.solve } [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_Ord_for_u128: t_Ord u128 = { - _super_4518226736117889738 = FStar.Tactics.Typeclasses.solve; - _super_13434448650954310000 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; + _super_i1 = FStar.Tactics.Typeclasses.solve; f_cmp_pre = (fun (self: u128) (other: u128) -> true); f_cmp_post = @@ -810,7 +810,7 @@ let impl_24: t_PartialEq i128 i128 = [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_48: t_PartialOrd i128 i128 = { - _super_4666540144042099734 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_partial_cmp_pre = (fun (self: i128) (other: i128) -> true); f_partial_cmp_post = @@ -832,13 +832,13 @@ let impl_48: t_PartialOrd i128 i128 = } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_Eq_for_i128: t_Eq i128 = { _super_7793694353819391875 = FStar.Tactics.Typeclasses.solve } +let impl_Eq_for_i128: t_Eq i128 = { _super_i0 = FStar.Tactics.Typeclasses.solve } [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_Ord_for_i128: t_Ord i128 = { - _super_4518226736117889738 = FStar.Tactics.Typeclasses.solve; - _super_13434448650954310000 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; + _super_i1 = FStar.Tactics.Typeclasses.solve; f_cmp_pre = (fun (self: i128) (other: i128) -> true); f_cmp_post = @@ -866,7 +866,7 @@ let impl_26: t_PartialEq usize usize = [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_50: t_PartialOrd usize usize = { - _super_4666540144042099734 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_partial_cmp_pre = (fun (self: usize) (other: usize) -> true); f_partial_cmp_post = @@ -888,13 +888,13 @@ let impl_50: t_PartialOrd usize usize = } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_Eq_for_usize: t_Eq usize = { _super_7793694353819391875 = FStar.Tactics.Typeclasses.solve } +let impl_Eq_for_usize: t_Eq usize = { _super_i0 = FStar.Tactics.Typeclasses.solve } [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_Ord_for_usize: t_Ord usize = { - _super_4518226736117889738 = FStar.Tactics.Typeclasses.solve; - _super_13434448650954310000 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; + _super_i1 = FStar.Tactics.Typeclasses.solve; f_cmp_pre = (fun (self: usize) (other: usize) -> true); f_cmp_post = @@ -922,7 +922,7 @@ let impl_28: t_PartialEq isize isize = [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_52: t_PartialOrd isize isize = { - _super_4666540144042099734 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_partial_cmp_pre = (fun (self: isize) (other: isize) -> true); f_partial_cmp_post = @@ -944,13 +944,13 @@ let impl_52: t_PartialOrd isize isize = } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_Eq_for_isize: t_Eq isize = { _super_7793694353819391875 = FStar.Tactics.Typeclasses.solve } +let impl_Eq_for_isize: t_Eq isize = { _super_i0 = FStar.Tactics.Typeclasses.solve } [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_Ord_for_isize: t_Ord isize = { - _super_4518226736117889738 = FStar.Tactics.Typeclasses.solve; - _super_13434448650954310000 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; + _super_i1 = FStar.Tactics.Typeclasses.solve; f_cmp_pre = (fun (self: isize) (other: isize) -> true); f_cmp_post = diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Error.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Error.fsti index 24c99df95..d228f2750 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Error.fsti +++ b/hax-lib/proof-libs/fstar/core/Core_models.Error.fsti @@ -3,13 +3,12 @@ module Core_models.Error open FStar.Mul class t_Error (v_Self: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]_super_18019309172721036339:Core_models.Fmt.t_Display - v_Self; - [@@@ FStar.Tactics.Typeclasses.no_method]_super_8521698748556423861:Core_models.Fmt.t_Debug v_Self + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:Core_models.Fmt.t_Display v_Self; + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i1:Core_models.Fmt.t_Debug v_Self } [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) {|i: t_Error v_Self|} -> i._super_18019309172721036339 +let _ = fun (v_Self:Type0) {|i: t_Error v_Self|} -> i._super_i0 [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) {|i: t_Error v_Self|} -> i._super_8521698748556423861 +let _ = fun (v_Self:Type0) {|i: t_Error v_Self|} -> i._super_i1 diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Marker.fst b/hax-lib/proof-libs/fstar/core/Core_models.Marker.fst index 7813ee3fa..5caa150ba 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Marker.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Marker.fst @@ -3,12 +3,11 @@ module Core_models.Marker open FStar.Mul class t_Copy (v_Self: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]_super_15837849249852401974:Core_models.Clone.t_Clone - v_Self + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:Core_models.Clone.t_Clone v_Self } [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) {|i: t_Copy v_Self|} -> i._super_15837849249852401974 +let _ = fun (v_Self:Type0) {|i: t_Copy v_Self|} -> i._super_i0 class t_Send (v_Self: Type0) = { __marker_trait_t_Send:Prims.unit } @@ -31,4 +30,4 @@ let impl_2 (#v_T: Type0) : t_Sized v_T = { __marker_trait_t_Sized = () } let impl_3 (#v_T: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: Core_models.Clone.t_Clone v_T) - : t_Copy v_T = { _super_15837849249852401974 = FStar.Tactics.Typeclasses.solve } + : t_Copy v_T = { _super_i0 = FStar.Tactics.Typeclasses.solve } diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Mem.fst b/hax-lib/proof-libs/fstar/core/Core_models.Mem.fst index 53d9cf9ab..9b26df7e5 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Mem.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Mem.fst @@ -207,3 +207,15 @@ val zeroed__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never unfold let zeroed__panic_cold_explicit = zeroed__panic_cold_explicit' + +assume +val transmute': #v_Src: Type0 -> #v_Dst: Type0 -> src: v_Src -> v_Dst + +unfold +let transmute (#v_Src #v_Dst: Type0) = transmute' #v_Src #v_Dst + +assume +val transmute__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never + +unfold +let transmute__panic_cold_explicit = transmute__panic_cold_explicit' diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Num.fst b/hax-lib/proof-libs/fstar/core/Core_models.Num.fst new file mode 100644 index 000000000..6be75e0bb --- /dev/null +++ b/hax-lib/proof-libs/fstar/core/Core_models.Num.fst @@ -0,0 +1,1123 @@ +module Core_models.Num +#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" +open FStar.Mul + +open Rust_primitives.Integers + +open Rust_primitives.Arrays + +let impl_u8__MIN: u8 = mk_u8 0 + +let impl_u8__MAX: u8 = mk_u8 255 + +let impl_u8__BITS: u32 = mk_u32 8 + +let impl_u8__wrapping_add (x y: u8) : u8 = Rust_primitives.Arithmetic.wrapping_add_u8 x y + +let impl_u8__saturating_add (x y: u8) : u8 = Rust_primitives.Arithmetic.saturating_add_u8 x y + +let impl_u8__overflowing_add (x y: u8) : (u8 & bool) = + Rust_primitives.Arithmetic.overflowing_add_u8 x y + +let impl_u8__wrapping_sub (x y: u8) : u8 = Rust_primitives.Arithmetic.wrapping_sub_u8 x y + +let impl_u8__saturating_sub (x y: u8) : u8 = Rust_primitives.Arithmetic.saturating_sub_u8 x y + +let impl_u8__overflowing_sub (x y: u8) : (u8 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_u8 x y + +let impl_u8__wrapping_mul (x y: u8) : u8 = Rust_primitives.Arithmetic.wrapping_mul_u8 x y + +let impl_u8__saturating_mul (x y: u8) : u8 = Rust_primitives.Arithmetic.saturating_mul_u8 x y + +let impl_u8__overflowing_mul (x y: u8) : (u8 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_u8 x y + +let impl_u8__pow (x: u8) (exp: u32) : u8 = Rust_primitives.Arithmetic.pow_u8 x exp + +let impl_u8__count_ones (x: u8) : u32 = Rust_primitives.Arithmetic.count_ones_u8 x + +assume +val impl_u8__rotate_right': x: u8 -> n: u32 -> u8 + +unfold +let impl_u8__rotate_right = impl_u8__rotate_right' + +assume +val impl_u8__rotate_left': x: u8 -> n: u32 -> u8 + +unfold +let impl_u8__rotate_left = impl_u8__rotate_left' + +assume +val impl_u8__leading_zeros': x: u8 -> u32 + +unfold +let impl_u8__leading_zeros = impl_u8__leading_zeros' + +assume +val impl_u8__ilog2': x: u8 -> u32 + +unfold +let impl_u8__ilog2 = impl_u8__ilog2' + +assume +val impl_u8__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result u8 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_u8__from_str_radix = impl_u8__from_str_radix' + +assume +val impl_u8__from_be_bytes': bytes: t_Array u8 (mk_usize 1) -> u8 + +unfold +let impl_u8__from_be_bytes = impl_u8__from_be_bytes' + +assume +val impl_u8__from_le_bytes': bytes: t_Array u8 (mk_usize 1) -> u8 + +unfold +let impl_u8__from_le_bytes = impl_u8__from_le_bytes' + +assume +val impl_u8__to_be_bytes': bytes: u8 -> t_Array u8 (mk_usize 1) + +unfold +let impl_u8__to_be_bytes = impl_u8__to_be_bytes' + +assume +val impl_u8__to_le_bytes': bytes: u8 -> t_Array u8 (mk_usize 1) + +unfold +let impl_u8__to_le_bytes = impl_u8__to_le_bytes' + +let impl_u8__rem_euclid (x y: u8) : Prims.Pure u8 (requires y <>. mk_u8 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_u8 x y + +let impl_u16__MIN: u16 = mk_u16 0 + +let impl_u16__MAX: u16 = mk_u16 65535 + +let impl_u16__BITS: u32 = mk_u32 16 + +let impl_u16__wrapping_add (x y: u16) : u16 = Rust_primitives.Arithmetic.wrapping_add_u16 x y + +let impl_u16__saturating_add (x y: u16) : u16 = Rust_primitives.Arithmetic.saturating_add_u16 x y + +let impl_u16__overflowing_add (x y: u16) : (u16 & bool) = + Rust_primitives.Arithmetic.overflowing_add_u16 x y + +let impl_u16__wrapping_sub (x y: u16) : u16 = Rust_primitives.Arithmetic.wrapping_sub_u16 x y + +let impl_u16__saturating_sub (x y: u16) : u16 = Rust_primitives.Arithmetic.saturating_sub_u16 x y + +let impl_u16__overflowing_sub (x y: u16) : (u16 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_u16 x y + +let impl_u16__wrapping_mul (x y: u16) : u16 = Rust_primitives.Arithmetic.wrapping_mul_u16 x y + +let impl_u16__saturating_mul (x y: u16) : u16 = Rust_primitives.Arithmetic.saturating_mul_u16 x y + +let impl_u16__overflowing_mul (x y: u16) : (u16 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_u16 x y + +let impl_u16__pow (x: u16) (exp: u32) : u16 = Rust_primitives.Arithmetic.pow_u16 x exp + +let impl_u16__count_ones (x: u16) : u32 = Rust_primitives.Arithmetic.count_ones_u16 x + +assume +val impl_u16__rotate_right': x: u16 -> n: u32 -> u16 + +unfold +let impl_u16__rotate_right = impl_u16__rotate_right' + +assume +val impl_u16__rotate_left': x: u16 -> n: u32 -> u16 + +unfold +let impl_u16__rotate_left = impl_u16__rotate_left' + +assume +val impl_u16__leading_zeros': x: u16 -> u32 + +unfold +let impl_u16__leading_zeros = impl_u16__leading_zeros' + +assume +val impl_u16__ilog2': x: u16 -> u32 + +unfold +let impl_u16__ilog2 = impl_u16__ilog2' + +assume +val impl_u16__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result u16 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_u16__from_str_radix = impl_u16__from_str_radix' + +assume +val impl_u16__from_be_bytes': bytes: t_Array u16 (mk_usize 2) -> u16 + +unfold +let impl_u16__from_be_bytes = impl_u16__from_be_bytes' + +assume +val impl_u16__from_le_bytes': bytes: t_Array u16 (mk_usize 2) -> u16 + +unfold +let impl_u16__from_le_bytes = impl_u16__from_le_bytes' + +assume +val impl_u16__to_be_bytes': bytes: u16 -> t_Array u16 (mk_usize 2) + +unfold +let impl_u16__to_be_bytes = impl_u16__to_be_bytes' + +assume +val impl_u16__to_le_bytes': bytes: u16 -> t_Array u16 (mk_usize 2) + +unfold +let impl_u16__to_le_bytes = impl_u16__to_le_bytes' + +let impl_u16__rem_euclid (x y: u16) + : Prims.Pure u16 (requires y <>. mk_u16 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_u16 x y + +let impl_u32__MIN: u32 = mk_u32 0 + +let impl_u32__MAX: u32 = mk_u32 4294967295 + +let impl_u32__BITS: u32 = mk_u32 32 + +let impl_u32__wrapping_add (x y: u32) : u32 = Rust_primitives.Arithmetic.wrapping_add_u32 x y + +let impl_u32__saturating_add (x y: u32) : u32 = Rust_primitives.Arithmetic.saturating_add_u32 x y + +let impl_u32__overflowing_add (x y: u32) : (u32 & bool) = + Rust_primitives.Arithmetic.overflowing_add_u32 x y + +let impl_u32__wrapping_sub (x y: u32) : u32 = Rust_primitives.Arithmetic.wrapping_sub_u32 x y + +let impl_u32__saturating_sub (x y: u32) : u32 = Rust_primitives.Arithmetic.saturating_sub_u32 x y + +let impl_u32__overflowing_sub (x y: u32) : (u32 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_u32 x y + +let impl_u32__wrapping_mul (x y: u32) : u32 = Rust_primitives.Arithmetic.wrapping_mul_u32 x y + +let impl_u32__saturating_mul (x y: u32) : u32 = Rust_primitives.Arithmetic.saturating_mul_u32 x y + +let impl_u32__overflowing_mul (x y: u32) : (u32 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_u32 x y + +let impl_u32__pow (x exp: u32) : u32 = Rust_primitives.Arithmetic.pow_u32 x exp + +let impl_u32__count_ones (x: u32) : u32 = Rust_primitives.Arithmetic.count_ones_u32 x + +assume +val impl_u32__rotate_right': x: u32 -> n: u32 -> u32 + +unfold +let impl_u32__rotate_right = impl_u32__rotate_right' + +assume +val impl_u32__rotate_left': x: u32 -> n: u32 -> u32 + +unfold +let impl_u32__rotate_left = impl_u32__rotate_left' + +assume +val impl_u32__leading_zeros': x: u32 -> u32 + +unfold +let impl_u32__leading_zeros = impl_u32__leading_zeros' + +assume +val impl_u32__ilog2': x: u32 -> u32 + +unfold +let impl_u32__ilog2 = impl_u32__ilog2' + +assume +val impl_u32__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result u32 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_u32__from_str_radix = impl_u32__from_str_radix' + +assume +val impl_u32__from_be_bytes': bytes: t_Array u32 (mk_usize 4) -> u32 + +unfold +let impl_u32__from_be_bytes = impl_u32__from_be_bytes' + +assume +val impl_u32__from_le_bytes': bytes: t_Array u32 (mk_usize 4) -> u32 + +unfold +let impl_u32__from_le_bytes = impl_u32__from_le_bytes' + +assume +val impl_u32__to_be_bytes': bytes: u32 -> t_Array u32 (mk_usize 4) + +unfold +let impl_u32__to_be_bytes = impl_u32__to_be_bytes' + +assume +val impl_u32__to_le_bytes': bytes: u32 -> t_Array u32 (mk_usize 4) + +unfold +let impl_u32__to_le_bytes = impl_u32__to_le_bytes' + +let impl_u32__rem_euclid (x y: u32) + : Prims.Pure u32 (requires y <>. mk_u32 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_u32 x y + +let impl_u64__MIN: u64 = mk_u64 0 + +let impl_u64__MAX: u64 = mk_u64 18446744073709551615 + +let impl_u64__BITS: u32 = mk_u32 64 + +let impl_u64__wrapping_add (x y: u64) : u64 = Rust_primitives.Arithmetic.wrapping_add_u64 x y + +let impl_u64__saturating_add (x y: u64) : u64 = Rust_primitives.Arithmetic.saturating_add_u64 x y + +let impl_u64__overflowing_add (x y: u64) : (u64 & bool) = + Rust_primitives.Arithmetic.overflowing_add_u64 x y + +let impl_u64__wrapping_sub (x y: u64) : u64 = Rust_primitives.Arithmetic.wrapping_sub_u64 x y + +let impl_u64__saturating_sub (x y: u64) : u64 = Rust_primitives.Arithmetic.saturating_sub_u64 x y + +let impl_u64__overflowing_sub (x y: u64) : (u64 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_u64 x y + +let impl_u64__wrapping_mul (x y: u64) : u64 = Rust_primitives.Arithmetic.wrapping_mul_u64 x y + +let impl_u64__saturating_mul (x y: u64) : u64 = Rust_primitives.Arithmetic.saturating_mul_u64 x y + +let impl_u64__overflowing_mul (x y: u64) : (u64 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_u64 x y + +let impl_u64__pow (x: u64) (exp: u32) : u64 = Rust_primitives.Arithmetic.pow_u64 x exp + +let impl_u64__count_ones (x: u64) : u32 = Rust_primitives.Arithmetic.count_ones_u64 x + +assume +val impl_u64__rotate_right': x: u64 -> n: u32 -> u64 + +unfold +let impl_u64__rotate_right = impl_u64__rotate_right' + +assume +val impl_u64__rotate_left': x: u64 -> n: u32 -> u64 + +unfold +let impl_u64__rotate_left = impl_u64__rotate_left' + +assume +val impl_u64__leading_zeros': x: u64 -> u32 + +unfold +let impl_u64__leading_zeros = impl_u64__leading_zeros' + +assume +val impl_u64__ilog2': x: u64 -> u32 + +unfold +let impl_u64__ilog2 = impl_u64__ilog2' + +assume +val impl_u64__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result u64 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_u64__from_str_radix = impl_u64__from_str_radix' + +assume +val impl_u64__from_be_bytes': bytes: t_Array u64 (mk_usize 8) -> u64 + +unfold +let impl_u64__from_be_bytes = impl_u64__from_be_bytes' + +assume +val impl_u64__from_le_bytes': bytes: t_Array u64 (mk_usize 8) -> u64 + +unfold +let impl_u64__from_le_bytes = impl_u64__from_le_bytes' + +assume +val impl_u64__to_be_bytes': bytes: u64 -> t_Array u64 (mk_usize 8) + +unfold +let impl_u64__to_be_bytes = impl_u64__to_be_bytes' + +assume +val impl_u64__to_le_bytes': bytes: u64 -> t_Array u64 (mk_usize 8) + +unfold +let impl_u64__to_le_bytes = impl_u64__to_le_bytes' + +let impl_u64__rem_euclid (x y: u64) + : Prims.Pure u64 (requires y <>. mk_u64 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_u64 x y + +let impl_u128__MIN: u128 = mk_u128 0 + +let impl_u128__MAX: u128 = mk_u128 340282366920938463463374607431768211455 + +let impl_u128__BITS: u32 = mk_u32 128 + +let impl_u128__wrapping_add (x y: u128) : u128 = Rust_primitives.Arithmetic.wrapping_add_u128 x y + +let impl_u128__saturating_add (x y: u128) : u128 = + Rust_primitives.Arithmetic.saturating_add_u128 x y + +let impl_u128__overflowing_add (x y: u128) : (u128 & bool) = + Rust_primitives.Arithmetic.overflowing_add_u128 x y + +let impl_u128__wrapping_sub (x y: u128) : u128 = Rust_primitives.Arithmetic.wrapping_sub_u128 x y + +let impl_u128__saturating_sub (x y: u128) : u128 = + Rust_primitives.Arithmetic.saturating_sub_u128 x y + +let impl_u128__overflowing_sub (x y: u128) : (u128 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_u128 x y + +let impl_u128__wrapping_mul (x y: u128) : u128 = Rust_primitives.Arithmetic.wrapping_mul_u128 x y + +let impl_u128__saturating_mul (x y: u128) : u128 = + Rust_primitives.Arithmetic.saturating_mul_u128 x y + +let impl_u128__overflowing_mul (x y: u128) : (u128 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_u128 x y + +let impl_u128__pow (x: u128) (exp: u32) : u128 = Rust_primitives.Arithmetic.pow_u128 x exp + +let impl_u128__count_ones (x: u128) : u32 = Rust_primitives.Arithmetic.count_ones_u128 x + +assume +val impl_u128__rotate_right': x: u128 -> n: u32 -> u128 + +unfold +let impl_u128__rotate_right = impl_u128__rotate_right' + +assume +val impl_u128__rotate_left': x: u128 -> n: u32 -> u128 + +unfold +let impl_u128__rotate_left = impl_u128__rotate_left' + +assume +val impl_u128__leading_zeros': x: u128 -> u32 + +unfold +let impl_u128__leading_zeros = impl_u128__leading_zeros' + +assume +val impl_u128__ilog2': x: u128 -> u32 + +unfold +let impl_u128__ilog2 = impl_u128__ilog2' + +assume +val impl_u128__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result u128 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_u128__from_str_radix = impl_u128__from_str_radix' + +assume +val impl_u128__from_be_bytes': bytes: t_Array u128 (mk_usize 16) -> u128 + +unfold +let impl_u128__from_be_bytes = impl_u128__from_be_bytes' + +assume +val impl_u128__from_le_bytes': bytes: t_Array u128 (mk_usize 16) -> u128 + +unfold +let impl_u128__from_le_bytes = impl_u128__from_le_bytes' + +assume +val impl_u128__to_be_bytes': bytes: u128 -> t_Array u128 (mk_usize 16) + +unfold +let impl_u128__to_be_bytes = impl_u128__to_be_bytes' + +assume +val impl_u128__to_le_bytes': bytes: u128 -> t_Array u128 (mk_usize 16) + +unfold +let impl_u128__to_le_bytes = impl_u128__to_le_bytes' + +let impl_u128__rem_euclid (x y: u128) + : Prims.Pure u128 (requires y <>. mk_u128 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_u128 x y + +let impl_usize__MIN: usize = mk_usize 0 + +let impl_usize__MAX: usize = Rust_primitives.Arithmetic.v_USIZE_MAX + +let impl_usize__BITS: u32 = Rust_primitives.Arithmetic.v_SIZE_BITS + +let impl_usize__wrapping_add (x y: usize) : usize = + Rust_primitives.Arithmetic.wrapping_add_usize x y + +let impl_usize__saturating_add (x y: usize) : usize = + Rust_primitives.Arithmetic.saturating_add_usize x y + +let impl_usize__overflowing_add (x y: usize) : (usize & bool) = + Rust_primitives.Arithmetic.overflowing_add_usize x y + +let impl_usize__wrapping_sub (x y: usize) : usize = + Rust_primitives.Arithmetic.wrapping_sub_usize x y + +let impl_usize__saturating_sub (x y: usize) : usize = + Rust_primitives.Arithmetic.saturating_sub_usize x y + +let impl_usize__overflowing_sub (x y: usize) : (usize & bool) = + Rust_primitives.Arithmetic.overflowing_sub_usize x y + +let impl_usize__wrapping_mul (x y: usize) : usize = + Rust_primitives.Arithmetic.wrapping_mul_usize x y + +let impl_usize__saturating_mul (x y: usize) : usize = + Rust_primitives.Arithmetic.saturating_mul_usize x y + +let impl_usize__overflowing_mul (x y: usize) : (usize & bool) = + Rust_primitives.Arithmetic.overflowing_mul_usize x y + +let impl_usize__pow (x: usize) (exp: u32) : usize = Rust_primitives.Arithmetic.pow_usize x exp + +let impl_usize__count_ones (x: usize) : u32 = Rust_primitives.Arithmetic.count_ones_usize x + +assume +val impl_usize__rotate_right': x: usize -> n: u32 -> usize + +unfold +let impl_usize__rotate_right = impl_usize__rotate_right' + +assume +val impl_usize__rotate_left': x: usize -> n: u32 -> usize + +unfold +let impl_usize__rotate_left = impl_usize__rotate_left' + +assume +val impl_usize__leading_zeros': x: usize -> u32 + +unfold +let impl_usize__leading_zeros = impl_usize__leading_zeros' + +assume +val impl_usize__ilog2': x: usize -> u32 + +unfold +let impl_usize__ilog2 = impl_usize__ilog2' + +assume +val impl_usize__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result usize Core_models.Num.Error.t_ParseIntError + +unfold +let impl_usize__from_str_radix = impl_usize__from_str_radix' + +assume +val impl_usize__from_be_bytes': bytes: t_Array usize (mk_usize 0) -> usize + +unfold +let impl_usize__from_be_bytes = impl_usize__from_be_bytes' + +assume +val impl_usize__from_le_bytes': bytes: t_Array usize (mk_usize 0) -> usize + +unfold +let impl_usize__from_le_bytes = impl_usize__from_le_bytes' + +assume +val impl_usize__to_be_bytes': bytes: usize -> t_Array usize (mk_usize 0) + +unfold +let impl_usize__to_be_bytes = impl_usize__to_be_bytes' + +assume +val impl_usize__to_le_bytes': bytes: usize -> t_Array usize (mk_usize 0) + +unfold +let impl_usize__to_le_bytes = impl_usize__to_le_bytes' + +let impl_usize__rem_euclid (x y: usize) + : Prims.Pure usize (requires y <>. mk_usize 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_usize x y + +let impl_i8__MIN: i8 = mk_i8 (-128) + +let impl_i8__MAX: i8 = mk_i8 127 + +let impl_i8__BITS: u32 = mk_u32 8 + +let impl_i8__wrapping_add (x y: i8) : i8 = Rust_primitives.Arithmetic.wrapping_add_i8 x y + +let impl_i8__saturating_add (x y: i8) : i8 = Rust_primitives.Arithmetic.saturating_add_i8 x y + +let impl_i8__overflowing_add (x y: i8) : (i8 & bool) = + Rust_primitives.Arithmetic.overflowing_add_i8 x y + +let impl_i8__wrapping_sub (x y: i8) : i8 = Rust_primitives.Arithmetic.wrapping_sub_i8 x y + +let impl_i8__saturating_sub (x y: i8) : i8 = Rust_primitives.Arithmetic.saturating_sub_i8 x y + +let impl_i8__overflowing_sub (x y: i8) : (i8 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_i8 x y + +let impl_i8__wrapping_mul (x y: i8) : i8 = Rust_primitives.Arithmetic.wrapping_mul_i8 x y + +let impl_i8__saturating_mul (x y: i8) : i8 = Rust_primitives.Arithmetic.saturating_mul_i8 x y + +let impl_i8__overflowing_mul (x y: i8) : (i8 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_i8 x y + +let impl_i8__pow (x: i8) (exp: u32) : i8 = Rust_primitives.Arithmetic.pow_i8 x exp + +let impl_i8__count_ones (x: i8) : u32 = Rust_primitives.Arithmetic.count_ones_i8 x + +assume +val impl_i8__rotate_right': x: i8 -> n: u32 -> i8 + +unfold +let impl_i8__rotate_right = impl_i8__rotate_right' + +assume +val impl_i8__rotate_left': x: i8 -> n: u32 -> i8 + +unfold +let impl_i8__rotate_left = impl_i8__rotate_left' + +assume +val impl_i8__leading_zeros': x: i8 -> u32 + +unfold +let impl_i8__leading_zeros = impl_i8__leading_zeros' + +assume +val impl_i8__ilog2': x: i8 -> u32 + +unfold +let impl_i8__ilog2 = impl_i8__ilog2' + +assume +val impl_i8__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result i8 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_i8__from_str_radix = impl_i8__from_str_radix' + +assume +val impl_i8__from_be_bytes': bytes: t_Array i8 (mk_usize 1) -> i8 + +unfold +let impl_i8__from_be_bytes = impl_i8__from_be_bytes' + +assume +val impl_i8__from_le_bytes': bytes: t_Array i8 (mk_usize 1) -> i8 + +unfold +let impl_i8__from_le_bytes = impl_i8__from_le_bytes' + +assume +val impl_i8__to_be_bytes': bytes: i8 -> t_Array i8 (mk_usize 1) + +unfold +let impl_i8__to_be_bytes = impl_i8__to_be_bytes' + +assume +val impl_i8__to_le_bytes': bytes: i8 -> t_Array i8 (mk_usize 1) + +unfold +let impl_i8__to_le_bytes = impl_i8__to_le_bytes' + +let impl_i8__rem_euclid (x y: i8) : Prims.Pure i8 (requires y <>. mk_i8 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_i8 x y + +let impl_i8__abs (x: i8) : Prims.Pure bool (requires x >. impl_i8__MIN) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.abs_i8 x + +let impl_i16__MIN: i16 = mk_i16 (-32768) + +let impl_i16__MAX: i16 = mk_i16 32767 + +let impl_i16__BITS: u32 = mk_u32 16 + +let impl_i16__wrapping_add (x y: i16) : i16 = Rust_primitives.Arithmetic.wrapping_add_i16 x y + +let impl_i16__saturating_add (x y: i16) : i16 = Rust_primitives.Arithmetic.saturating_add_i16 x y + +let impl_i16__overflowing_add (x y: i16) : (i16 & bool) = + Rust_primitives.Arithmetic.overflowing_add_i16 x y + +let impl_i16__wrapping_sub (x y: i16) : i16 = Rust_primitives.Arithmetic.wrapping_sub_i16 x y + +let impl_i16__saturating_sub (x y: i16) : i16 = Rust_primitives.Arithmetic.saturating_sub_i16 x y + +let impl_i16__overflowing_sub (x y: i16) : (i16 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_i16 x y + +let impl_i16__wrapping_mul (x y: i16) : i16 = Rust_primitives.Arithmetic.wrapping_mul_i16 x y + +let impl_i16__saturating_mul (x y: i16) : i16 = Rust_primitives.Arithmetic.saturating_mul_i16 x y + +let impl_i16__overflowing_mul (x y: i16) : (i16 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_i16 x y + +let impl_i16__pow (x: i16) (exp: u32) : i16 = Rust_primitives.Arithmetic.pow_i16 x exp + +let impl_i16__count_ones (x: i16) : u32 = Rust_primitives.Arithmetic.count_ones_i16 x + +assume +val impl_i16__rotate_right': x: i16 -> n: u32 -> i16 + +unfold +let impl_i16__rotate_right = impl_i16__rotate_right' + +assume +val impl_i16__rotate_left': x: i16 -> n: u32 -> i16 + +unfold +let impl_i16__rotate_left = impl_i16__rotate_left' + +assume +val impl_i16__leading_zeros': x: i16 -> u32 + +unfold +let impl_i16__leading_zeros = impl_i16__leading_zeros' + +assume +val impl_i16__ilog2': x: i16 -> u32 + +unfold +let impl_i16__ilog2 = impl_i16__ilog2' + +assume +val impl_i16__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result i16 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_i16__from_str_radix = impl_i16__from_str_radix' + +assume +val impl_i16__from_be_bytes': bytes: t_Array i16 (mk_usize 2) -> i16 + +unfold +let impl_i16__from_be_bytes = impl_i16__from_be_bytes' + +assume +val impl_i16__from_le_bytes': bytes: t_Array i16 (mk_usize 2) -> i16 + +unfold +let impl_i16__from_le_bytes = impl_i16__from_le_bytes' + +assume +val impl_i16__to_be_bytes': bytes: i16 -> t_Array i16 (mk_usize 2) + +unfold +let impl_i16__to_be_bytes = impl_i16__to_be_bytes' + +assume +val impl_i16__to_le_bytes': bytes: i16 -> t_Array i16 (mk_usize 2) + +unfold +let impl_i16__to_le_bytes = impl_i16__to_le_bytes' + +let impl_i16__rem_euclid (x y: i16) + : Prims.Pure i16 (requires y <>. mk_i16 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_i16 x y + +let impl_i16__abs (x: i16) : Prims.Pure bool (requires x >. impl_i16__MIN) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.abs_i16 x + +let impl_i32__MIN: i32 = mk_i32 (-2147483648) + +let impl_i32__MAX: i32 = mk_i32 2147483647 + +let impl_i32__BITS: u32 = mk_u32 32 + +let impl_i32__wrapping_add (x y: i32) : i32 = Rust_primitives.Arithmetic.wrapping_add_i32 x y + +let impl_i32__saturating_add (x y: i32) : i32 = Rust_primitives.Arithmetic.saturating_add_i32 x y + +let impl_i32__overflowing_add (x y: i32) : (i32 & bool) = + Rust_primitives.Arithmetic.overflowing_add_i32 x y + +let impl_i32__wrapping_sub (x y: i32) : i32 = Rust_primitives.Arithmetic.wrapping_sub_i32 x y + +let impl_i32__saturating_sub (x y: i32) : i32 = Rust_primitives.Arithmetic.saturating_sub_i32 x y + +let impl_i32__overflowing_sub (x y: i32) : (i32 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_i32 x y + +let impl_i32__wrapping_mul (x y: i32) : i32 = Rust_primitives.Arithmetic.wrapping_mul_i32 x y + +let impl_i32__saturating_mul (x y: i32) : i32 = Rust_primitives.Arithmetic.saturating_mul_i32 x y + +let impl_i32__overflowing_mul (x y: i32) : (i32 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_i32 x y + +let impl_i32__pow (x: i32) (exp: u32) : i32 = Rust_primitives.Arithmetic.pow_i32 x exp + +let impl_i32__count_ones (x: i32) : u32 = Rust_primitives.Arithmetic.count_ones_i32 x + +assume +val impl_i32__rotate_right': x: i32 -> n: u32 -> i32 + +unfold +let impl_i32__rotate_right = impl_i32__rotate_right' + +assume +val impl_i32__rotate_left': x: i32 -> n: u32 -> i32 + +unfold +let impl_i32__rotate_left = impl_i32__rotate_left' + +assume +val impl_i32__leading_zeros': x: i32 -> u32 + +unfold +let impl_i32__leading_zeros = impl_i32__leading_zeros' + +assume +val impl_i32__ilog2': x: i32 -> u32 + +unfold +let impl_i32__ilog2 = impl_i32__ilog2' + +assume +val impl_i32__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result i32 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_i32__from_str_radix = impl_i32__from_str_radix' + +assume +val impl_i32__from_be_bytes': bytes: t_Array i32 (mk_usize 4) -> i32 + +unfold +let impl_i32__from_be_bytes = impl_i32__from_be_bytes' + +assume +val impl_i32__from_le_bytes': bytes: t_Array i32 (mk_usize 4) -> i32 + +unfold +let impl_i32__from_le_bytes = impl_i32__from_le_bytes' + +assume +val impl_i32__to_be_bytes': bytes: i32 -> t_Array i32 (mk_usize 4) + +unfold +let impl_i32__to_be_bytes = impl_i32__to_be_bytes' + +assume +val impl_i32__to_le_bytes': bytes: i32 -> t_Array i32 (mk_usize 4) + +unfold +let impl_i32__to_le_bytes = impl_i32__to_le_bytes' + +let impl_i32__rem_euclid (x y: i32) + : Prims.Pure i32 (requires y <>. mk_i32 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_i32 x y + +let impl_i32__abs (x: i32) : Prims.Pure bool (requires x >. impl_i32__MIN) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.abs_i32 x + +let impl_i64__MIN: i64 = mk_i64 (-9223372036854775808) + +let impl_i64__MAX: i64 = mk_i64 9223372036854775807 + +let impl_i64__BITS: u32 = mk_u32 64 + +let impl_i64__wrapping_add (x y: i64) : i64 = Rust_primitives.Arithmetic.wrapping_add_i64 x y + +let impl_i64__saturating_add (x y: i64) : i64 = Rust_primitives.Arithmetic.saturating_add_i64 x y + +let impl_i64__overflowing_add (x y: i64) : (i64 & bool) = + Rust_primitives.Arithmetic.overflowing_add_i64 x y + +let impl_i64__wrapping_sub (x y: i64) : i64 = Rust_primitives.Arithmetic.wrapping_sub_i64 x y + +let impl_i64__saturating_sub (x y: i64) : i64 = Rust_primitives.Arithmetic.saturating_sub_i64 x y + +let impl_i64__overflowing_sub (x y: i64) : (i64 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_i64 x y + +let impl_i64__wrapping_mul (x y: i64) : i64 = Rust_primitives.Arithmetic.wrapping_mul_i64 x y + +let impl_i64__saturating_mul (x y: i64) : i64 = Rust_primitives.Arithmetic.saturating_mul_i64 x y + +let impl_i64__overflowing_mul (x y: i64) : (i64 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_i64 x y + +let impl_i64__pow (x: i64) (exp: u32) : i64 = Rust_primitives.Arithmetic.pow_i64 x exp + +let impl_i64__count_ones (x: i64) : u32 = Rust_primitives.Arithmetic.count_ones_i64 x + +assume +val impl_i64__rotate_right': x: i64 -> n: u32 -> i64 + +unfold +let impl_i64__rotate_right = impl_i64__rotate_right' + +assume +val impl_i64__rotate_left': x: i64 -> n: u32 -> i64 + +unfold +let impl_i64__rotate_left = impl_i64__rotate_left' + +assume +val impl_i64__leading_zeros': x: i64 -> u32 + +unfold +let impl_i64__leading_zeros = impl_i64__leading_zeros' + +assume +val impl_i64__ilog2': x: i64 -> u32 + +unfold +let impl_i64__ilog2 = impl_i64__ilog2' + +assume +val impl_i64__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result i64 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_i64__from_str_radix = impl_i64__from_str_radix' + +assume +val impl_i64__from_be_bytes': bytes: t_Array i64 (mk_usize 8) -> i64 + +unfold +let impl_i64__from_be_bytes = impl_i64__from_be_bytes' + +assume +val impl_i64__from_le_bytes': bytes: t_Array i64 (mk_usize 8) -> i64 + +unfold +let impl_i64__from_le_bytes = impl_i64__from_le_bytes' + +assume +val impl_i64__to_be_bytes': bytes: i64 -> t_Array i64 (mk_usize 8) + +unfold +let impl_i64__to_be_bytes = impl_i64__to_be_bytes' + +assume +val impl_i64__to_le_bytes': bytes: i64 -> t_Array i64 (mk_usize 8) + +unfold +let impl_i64__to_le_bytes = impl_i64__to_le_bytes' + +let impl_i64__rem_euclid (x y: i64) + : Prims.Pure i64 (requires y <>. mk_i64 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_i64 x y + +let impl_i64__abs (x: i64) : Prims.Pure bool (requires x >. impl_i64__MIN) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.abs_i64 x + +let impl_i128__MIN: i128 = mk_i128 (-170141183460469231731687303715884105728) + +let impl_i128__MAX: i128 = mk_i128 170141183460469231731687303715884105727 + +let impl_i128__BITS: u32 = mk_u32 128 + +let impl_i128__wrapping_add (x y: i128) : i128 = Rust_primitives.Arithmetic.wrapping_add_i128 x y + +let impl_i128__saturating_add (x y: i128) : i128 = + Rust_primitives.Arithmetic.saturating_add_i128 x y + +let impl_i128__overflowing_add (x y: i128) : (i128 & bool) = + Rust_primitives.Arithmetic.overflowing_add_i128 x y + +let impl_i128__wrapping_sub (x y: i128) : i128 = Rust_primitives.Arithmetic.wrapping_sub_i128 x y + +let impl_i128__saturating_sub (x y: i128) : i128 = + Rust_primitives.Arithmetic.saturating_sub_i128 x y + +let impl_i128__overflowing_sub (x y: i128) : (i128 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_i128 x y + +let impl_i128__wrapping_mul (x y: i128) : i128 = Rust_primitives.Arithmetic.wrapping_mul_i128 x y + +let impl_i128__saturating_mul (x y: i128) : i128 = + Rust_primitives.Arithmetic.saturating_mul_i128 x y + +let impl_i128__overflowing_mul (x y: i128) : (i128 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_i128 x y + +let impl_i128__pow (x: i128) (exp: u32) : i128 = Rust_primitives.Arithmetic.pow_i128 x exp + +let impl_i128__count_ones (x: i128) : u32 = Rust_primitives.Arithmetic.count_ones_i128 x + +assume +val impl_i128__rotate_right': x: i128 -> n: u32 -> i128 + +unfold +let impl_i128__rotate_right = impl_i128__rotate_right' + +assume +val impl_i128__rotate_left': x: i128 -> n: u32 -> i128 + +unfold +let impl_i128__rotate_left = impl_i128__rotate_left' + +assume +val impl_i128__leading_zeros': x: i128 -> u32 + +unfold +let impl_i128__leading_zeros = impl_i128__leading_zeros' + +assume +val impl_i128__ilog2': x: i128 -> u32 + +unfold +let impl_i128__ilog2 = impl_i128__ilog2' + +assume +val impl_i128__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result i128 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_i128__from_str_radix = impl_i128__from_str_radix' + +assume +val impl_i128__from_be_bytes': bytes: t_Array i128 (mk_usize 16) -> i128 + +unfold +let impl_i128__from_be_bytes = impl_i128__from_be_bytes' + +assume +val impl_i128__from_le_bytes': bytes: t_Array i128 (mk_usize 16) -> i128 + +unfold +let impl_i128__from_le_bytes = impl_i128__from_le_bytes' + +assume +val impl_i128__to_be_bytes': bytes: i128 -> t_Array i128 (mk_usize 16) + +unfold +let impl_i128__to_be_bytes = impl_i128__to_be_bytes' + +assume +val impl_i128__to_le_bytes': bytes: i128 -> t_Array i128 (mk_usize 16) + +unfold +let impl_i128__to_le_bytes = impl_i128__to_le_bytes' + +let impl_i128__rem_euclid (x y: i128) + : Prims.Pure i128 (requires y <>. mk_i128 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_i128 x y + +let impl_i128__abs (x: i128) + : Prims.Pure bool (requires x >. impl_i128__MIN) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.abs_i128 x + +let impl_isize__MIN: isize = Rust_primitives.Arithmetic.v_ISIZE_MIN + +let impl_isize__MAX: isize = Rust_primitives.Arithmetic.v_ISIZE_MAX + +let impl_isize__BITS: u32 = Rust_primitives.Arithmetic.v_SIZE_BITS + +let impl_isize__wrapping_add (x y: isize) : isize = + Rust_primitives.Arithmetic.wrapping_add_isize x y + +let impl_isize__saturating_add (x y: isize) : isize = + Rust_primitives.Arithmetic.saturating_add_isize x y + +let impl_isize__overflowing_add (x y: isize) : (isize & bool) = + Rust_primitives.Arithmetic.overflowing_add_isize x y + +let impl_isize__wrapping_sub (x y: isize) : isize = + Rust_primitives.Arithmetic.wrapping_sub_isize x y + +let impl_isize__saturating_sub (x y: isize) : isize = + Rust_primitives.Arithmetic.saturating_sub_isize x y + +let impl_isize__overflowing_sub (x y: isize) : (isize & bool) = + Rust_primitives.Arithmetic.overflowing_sub_isize x y + +let impl_isize__wrapping_mul (x y: isize) : isize = + Rust_primitives.Arithmetic.wrapping_mul_isize x y + +let impl_isize__saturating_mul (x y: isize) : isize = + Rust_primitives.Arithmetic.saturating_mul_isize x y + +let impl_isize__overflowing_mul (x y: isize) : (isize & bool) = + Rust_primitives.Arithmetic.overflowing_mul_isize x y + +let impl_isize__pow (x: isize) (exp: u32) : isize = Rust_primitives.Arithmetic.pow_isize x exp + +let impl_isize__count_ones (x: isize) : u32 = Rust_primitives.Arithmetic.count_ones_isize x + +assume +val impl_isize__rotate_right': x: isize -> n: u32 -> isize + +unfold +let impl_isize__rotate_right = impl_isize__rotate_right' + +assume +val impl_isize__rotate_left': x: isize -> n: u32 -> isize + +unfold +let impl_isize__rotate_left = impl_isize__rotate_left' + +assume +val impl_isize__leading_zeros': x: isize -> u32 + +unfold +let impl_isize__leading_zeros = impl_isize__leading_zeros' + +assume +val impl_isize__ilog2': x: isize -> u32 + +unfold +let impl_isize__ilog2 = impl_isize__ilog2' + +assume +val impl_isize__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result isize Core_models.Num.Error.t_ParseIntError + +unfold +let impl_isize__from_str_radix = impl_isize__from_str_radix' + +assume +val impl_isize__from_be_bytes': bytes: t_Array isize (mk_usize 0) -> isize + +unfold +let impl_isize__from_be_bytes = impl_isize__from_be_bytes' + +assume +val impl_isize__from_le_bytes': bytes: t_Array isize (mk_usize 0) -> isize + +unfold +let impl_isize__from_le_bytes = impl_isize__from_le_bytes' + +assume +val impl_isize__to_be_bytes': bytes: isize -> t_Array isize (mk_usize 0) + +unfold +let impl_isize__to_be_bytes = impl_isize__to_be_bytes' + +assume +val impl_isize__to_le_bytes': bytes: isize -> t_Array isize (mk_usize 0) + +unfold +let impl_isize__to_le_bytes = impl_isize__to_le_bytes' + +let impl_isize__rem_euclid (x y: isize) + : Prims.Pure isize (requires y <>. mk_isize 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_isize x y + +let impl_isize__abs (x: isize) + : Prims.Pure bool (requires x >. impl_isize__MIN) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.abs_isize x diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Num.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Num.fsti deleted file mode 100644 index a3a53eed3..000000000 --- a/hax-lib/proof-libs/fstar/core/Core_models.Num.fsti +++ /dev/null @@ -1,227 +0,0 @@ -module Core_models.Num -open Rust_primitives - -let impl_u8__MAX: u8 = mk_u8 (maxint u8_inttype) -let impl_u8__MIN: u8 = mk_u8 (minint u8_inttype) -let impl_u16__MAX: u16 = mk_u16 (maxint u16_inttype) -let impl_u16__MIN: u16 = mk_u16 (minint u16_inttype) -let impl_u32__MAX: u32 = mk_u32 (maxint u32_inttype) -let impl_u32__MIN: u32 = mk_u32 (minint u32_inttype) -let impl_u64__MAX: u64 = mk_u64 (maxint u64_inttype) -let impl_u64__MIN: u64 = mk_u64 (minint u64_inttype) -let impl_u128__MAX: u128 = mk_u128 (maxint u128_inttype) -let impl_u128__MIN: u128 = mk_u128 (minint u128_inttype) -let impl_usize__MAX: usize = mk_usize (maxint usize_inttype) - -let impl_usize__MIN: usize = mk_usize (minint usize_inttype) -let impl_i8__MAX: i8 = mk_i8 (maxint i8_inttype) -let impl_i8__MIN: i8 = mk_i8 (minint i8_inttype) -let impl_i16__MAX: i16 = mk_i16 (maxint i16_inttype) -let impl_i16__MIN: i16 = mk_i16 (minint i16_inttype) -let impl_i32__MAX: i32 = mk_i32 (maxint i32_inttype) -let impl_i32__MIN: i32 = mk_i32 (minint i32_inttype) -let impl_i64__MAX: i64 = mk_i64 (maxint i64_inttype) -let impl_i64__MIN: i64 = mk_i64 (minint i64_inttype) -let impl_i128__MAX: i128 = mk_i128 (maxint i128_inttype) -let impl_i128__MIN: i128 = mk_i128 (minint i128_inttype) -let impl_isize__MAX: isize = mk_isize (maxint isize_inttype) -let impl_isize__MIN: isize = mk_isize (minint isize_inttype) - -let impl_u8__BITS: u32 = mk_int 8 -let impl_u16__BITS: u32 = mk_int 16 -let impl_u32__BITS: u32 = mk_int 32 -let impl_u64__BITS: u32 = mk_int 64 -let impl_u128__BITS: u32 = mk_int 128 -let impl_i8__BITS: u32 = mk_int 8 -let impl_i16__BITS: u32 = mk_int 16 -let impl_i32__BITS: u32 = mk_int 32 -let impl_i64__BITS: u32 = mk_int 64 -let impl_i128__BITS: u32 = mk_int 128 - - - -let impl_u8__wrapping_add: u8 -> u8 -> u8 = add_mod -let impl_u16__wrapping_add: u16 -> u16 -> u16 = add_mod -let impl_u32__wrapping_add: u32 -> u32 -> u32 = add_mod -let impl_u64__wrapping_add: u64 -> u64 -> u64 = add_mod -let impl_u128__wrapping_add: u128 -> u128 -> u128 = add_mod -let impl_i8__wrapping_add: i8 -> i8 -> i8 = add_mod -let impl_i16__wrapping_add: i16 -> i16 -> i16 = add_mod -let impl_i32__wrapping_add: i32 -> i32 -> i32 = add_mod -let impl_i64__wrapping_add: i64 -> i64 -> i64 = add_mod -let impl_i128__wrapping_add: i128 -> i128 -> i128 = add_mod - -let impl_u8__saturating_add: u8 -> u8 -> u8 = add_sat -let impl_u16__saturating_add: u16 -> u16 -> u16 = add_sat -let impl_u32__saturating_add: u32 -> u32 -> u32 = add_sat -let impl_u64__saturating_add: u64 -> u64 -> u64 = add_sat -let impl_u128__saturating_add: u128 -> u128 -> u128 = add_sat -let impl_i8__saturating_add: i8 -> i8 -> i8 = add_sat -let impl_i16__saturating_add: i16 -> i16 -> i16 = add_sat -let impl_i32__saturating_add: i32 -> i32 -> i32 = add_sat -let impl_i64__saturating_add: i64 -> i64 -> i64 = add_sat -let impl_i128__saturating_add: i128 -> i128 -> i128 = add_sat - - -let impl_u8__wrapping_sub: u8 -> u8 -> u8 = sub_mod -let impl_u16__wrapping_sub: u16 -> u16 -> u16 = sub_mod -let impl_u32__wrapping_sub: u32 -> u32 -> u32 = sub_mod -let impl_u64__wrapping_sub: u64 -> u64 -> u64 = sub_mod -let impl_u128__wrapping_sub: u128 -> u128 -> u128 = sub_mod -let impl_i8__wrapping_sub: i8 -> i8 -> i8 = sub_mod -let impl_i16__wrapping_sub: i16 -> i16 -> i16 = sub_mod -let impl_i32__wrapping_sub: i32 -> i32 -> i32 = sub_mod -let impl_i64__wrapping_sub: i64 -> i64 -> i64 = sub_mod -let impl_i128__wrapping_sub: i128 -> i128 -> i128 = sub_mod - - -let impl_u8__saturating_sub: u8 -> u8 -> u8 = sub_sat -let impl_u16__saturating_sub: u16 -> u16 -> u16 = sub_sat -let impl_u32__saturating_sub: u32 -> u32 -> u32 = sub_sat -let impl_u64__saturating_sub: u64 -> u64 -> u64 = sub_sat -let impl_u128__saturating_sub: u128 -> u128 -> u128 = sub_sat -let impl_i8__saturating_sub: i8 -> i8 -> i8 = sub_sat -let impl_i16__saturating_sub: i16 -> i16 -> i16 = sub_sat -let impl_i32__saturating_sub: i32 -> i32 -> i32 = sub_sat -let impl_i64__saturating_sub: i64 -> i64 -> i64 = sub_sat -let impl_i128__saturating_sub: i128 -> i128 -> i128 = sub_sat - -let impl_u8__rem_euclid (x: u8) (y: u8 {v y <> 0}): u8 = x %! y -let impl_u16__rem_euclid (x: u16) (y: u16 {v y <> 0}): u16 = x %! y -let impl_u32__rem_euclid (x: u32) (y: u32 {v y <> 0}): u32 = x %! y -let impl_u64__rem_euclid (x: u64) (y: u64 {v y <> 0}): u64 = x %! y -let impl_u128__rem_euclid (x: u128) (y: u128 {v y <> 0}): u128 = x %! y -let impl_usize__rem_euclid (x: usize) (y: usize {v y <> 0}): usize = x %! y -let impl_i8__rem_euclid (x: i8) (y: i8 {v y <> 0}): i8 = x %! y -let impl_i16__rem_euclid (x: i16) (y: i16 {v y <> 0}): i16 = x %! y -let impl_i32__rem_euclid (x: i32) (y: i32 {v y <> 0}): i32 = x %! y -let impl_i64__rem_euclid (x: i64) (y: i64 {v y <> 0}): i64 = x %! y -let impl_i128__rem_euclid (x: i128) (y: i128 {v y <> 0}): i128 = x %! y -let impl_isize__rem_euclid (x: isize) (y: isize {v y <> 0}): isize = x %! y - - - -let impl_u8__overflowing_mul: u8 -> u8 -> u8 * bool = mul_overflow -let impl_u16__overflowing_mul: u16 -> u16 -> u16 * bool = mul_overflow -let impl_u32__overflowing_mul: u32 -> u32 -> u32 * bool = mul_overflow -let impl_u64__overflowing_mul: u64 -> u64 -> u64 * bool = mul_overflow -let impl_u128__overflowing_mul: u128 -> u128 -> u128 * bool = mul_overflow -let impl_i8__overflowing_mul: i8 -> i8 -> i8 * bool = mul_overflow -let impl_i16__overflowing_mul: i16 -> i16 -> i16 * bool = mul_overflow -let impl_i32__overflowing_mul: i32 -> i32 -> i32 * bool = mul_overflow -let impl_i64__overflowing_mul: i64 -> i64 -> i64 * bool = mul_overflow -let impl_i128__overflowing_mul: i128 -> i128 -> i128 * bool = mul_overflow - -val impl_u16__to_be_bytes: u16 -> t_Array u8 (sz 2) -val impl_usize__to_be_bytes: usize -> t_Array u8 (sz 8) -val impl_u8__to_be_bytes: u8 -> t_Array u8 (sz 1) -val impl_u16__from_be_bytes: t_Array u8 (sz 2) -> u16 -val impl_u8__from_be_bytes: t_Array u8 (sz 1) -> u8 -val impl_usize__from_be_bytes: t_Array u8 (sz 8) -> usize - -let impl_i8__abs (a:i8{minint i8_inttype < v a}) : i8 = abs_int a -let impl_i16__abs (a:i16{minint i16_inttype < v a}) : i16 = abs_int a -let impl_i32__abs (a:i32{minint i32_inttype < v a}) : i32 = abs_int a -let impl_i64__abs (a:i64{minint i64_inttype < v a}) : i64 = abs_int a -let impl_i128__abs (a:i128{minint i128_inttype < v a}) : i128 = abs_int a - - -let impl_i16__wrapping_mul: i16 -> i16 -> i16 = mul_mod - - -val impl_u32__rotate_left: u32 -> u32 -> u32 -val impl_u32__from_le_bytes: t_Array u8 (sz 4) -> u32 -val impl_u32__from_be_bytes: t_Array u8 (sz 4) -> u32 -val impl_u32__to_le_bytes: u32 -> t_Array u8 (sz 4) -val impl_u32__to_be_bytes: u32 -> t_Array u8 (sz 4) -val impl_u32__rotate_right: u32 -> u32 -> u32 - - -val impl_u64__rotate_left: u64 -> u32 -> u64 -val impl_u64__from_le_bytes: t_Array u8 (sz 8) -> u64 -val impl_u64__from_be_bytes: t_Array u8 (sz 8) -> u64 -val impl_u64__to_le_bytes: u64 -> t_Array u8 (sz 8) -val impl_u64__to_be_bytes: u64 -> t_Array u8 (sz 8) -val impl_u64__rotate_right: u64 -> u64 -> u64 -let impl_u64__overflowing_sub (x y: u64): u64 * bool - = let sub = v x - v y in - let borrow = sub < 0 in - let out = if borrow then pow2 64 + sub else sub in - (mk_u64 out, borrow) - -let impl_i64__wrapping_mul: i64 -> i64 -> i64 = mul_mod - -val impl_u128__rotate_left: u128 -> u128 -> u128 -val impl_u128__from_le_bytes: t_Array u8 (sz 16) -> u128 -val impl_u128__from_be_bytes: t_Array u8 (sz 16) -> u128 -val impl_u128__to_le_bytes: u128 -> t_Array u8 (sz 16) -val impl_u128__to_be_bytes: u128 -> t_Array u8 (sz 16) -val impl_u128__rotate_right: u128 -> u128 -> u128 - -val impl_u8__pow: u8 -> u32 -> u8 -val impl_u16__pow (base: u16) (exponent: u32): result : u16 {v base == 2 /\ v exponent < 16 ==> result == mk_u16 (pow2 (v exponent))} -val impl_u32__pow (base: u32) (exponent: u32): result : u32 {v base == 2 /\ v exponent <= 16 ==> result == mk_u32 (pow2 (v exponent))} -val impl_u64__pow: u64 -> u32 -> u64 -val impl_u128__pow: u128 -> u32 -> u128 -val impl_i16__pow (base: i16) (exponent: u32): result: i16 {v base == 2 /\ v exponent < 15 ==> (Math.Lemmas.pow2_lt_compat 15 (v exponent); result == mk_i16 (pow2 (v exponent)))} -val impl_i32__pow (base: i32) (exponent: u32): result: i32 {v base == 2 /\ v exponent <= 16 ==> result == mk_i32 (pow2 (v exponent))} - - -val impl_u8__count_ones: u8 -> r:u32{v r <= 8} -val impl_i32__count_ones: i32 -> r:u32{v r <= 32} - -val impl_u8__from_str_radix: string -> u32 -> Core_models.Result.t_Result u8 Core_models.Num.Error.t_ParseIntError - -val impl_usize__ilog2: i32 -> u32 -val impl_usize__leading_zeros: usize -> u32 - -open Core_models.Ops.Arith -unfold instance add_assign_num_refined_refined t ($phi1 $phi2: int_t t -> bool) - : t_AddAssign (x: int_t t {phi1 x}) (y: int_t t {phi2 y}) = { - f_add_assign_pre = (fun (x: int_t t {phi1 x}) (y: int_t t {phi2 y}) -> phi1 (x +. y)); - f_add_assign_post = (fun x y r -> x +. y = r); - f_add_assign = (fun x y -> x +. y); - } -unfold instance add_assign_num_lhs_refined t ($phi1: int_t t -> bool) - : t_AddAssign (x: int_t t {phi1 x}) (y: int_t t) = { - f_add_assign_pre = (fun (x: int_t t {phi1 x}) (y: int_t t) -> phi1 (x +. y)); - f_add_assign_post = (fun x y r -> x +. y = r); - f_add_assign = (fun x y -> x +. y); - } -unfold instance add_assign_num_rhs_refined t ($phi1: int_t t -> bool) - : t_AddAssign (x: int_t t) (y: int_t t {phi1 y}) = { - f_add_assign_pre = (fun (x: int_t t) (y: int_t t {phi1 y}) -> true); - f_add_assign_post = (fun x y r -> x +. y = r); - f_add_assign = (fun x y -> x +. y); - } -unfold instance add_assign_num t - : t_AddAssign (x: int_t t) (y: int_t t) = { - f_add_assign_pre = (fun (x: int_t t) (y: int_t t) -> true); - f_add_assign_post = (fun x y r -> x +. y = r); - f_add_assign = (fun x y -> x +. y); - } - -unfold instance sub_assign_num_refined_refined t ($phi1 $phi2: int_t t -> bool) - : t_SubAssign (x: int_t t {phi1 x}) (y: int_t t {phi2 y}) = { - f_sub_assign_pre = (fun (x: int_t t {phi1 x}) (y: int_t t {phi2 y}) -> phi1 (x -. y)); - f_sub_assign_post = (fun x y r -> x -. y = r); - f_sub_assign = (fun x y -> x -. y); - } -unfold instance sub_assign_num_lhs_refined t ($phi1: int_t t -> bool) - : t_SubAssign (x: int_t t {phi1 x}) (y: int_t t) = { - f_sub_assign_pre = (fun (x: int_t t {phi1 x}) (y: int_t t) -> phi1 (x -. y)); - f_sub_assign_post = (fun x y r -> x -. y = r); - f_sub_assign = (fun x y -> x -. y); - } -unfold instance sub_assign_num_rhs_refined t ($phi1: int_t t -> bool) - : t_SubAssign (x: int_t t) (y: int_t t {phi1 y}) = { - f_sub_assign_pre = (fun (x: int_t t) (y: int_t t {phi1 y}) -> true); - f_sub_assign_post = (fun x y r -> x -. y = r); - f_sub_assign = (fun x y -> x -. y); - } -unfold instance sub_assign_num t - : t_SubAssign (x: int_t t) (y: int_t t) = { - f_sub_assign_pre = (fun (x: int_t t) (y: int_t t) -> true); - f_sub_assign_post = (fun x y r -> x -. y = r); - f_sub_assign = (fun x y -> x -. y); - } diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fst b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fst index 42d1cd403..f9393bc3a 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fst @@ -10,13 +10,26 @@ class t_FnOnce (v_Self: Type0) (v_Args: Type0) = { -> Prims.Pure f_Output (f_call_once_pre x0 x1) (fun result -> f_call_once_post x0 x1 result) } -unfold instance fnonce_arrow t u - : t_FnOnce (t -> u) t = { - f_Output = u; - f_call_once_pre = (fun _ _ -> true); - f_call_once_post = (fun (x0: t -> u) (x1: t) (res: u) -> res == x0 x1); - f_call_once = (fun (x0: t -> u) (x1: t) -> x0 x1); - } +class t_Fn (v_Self: Type0) (v_Args: Type0) = { + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:t_FnOnce v_Self v_Args; + f_call_pre:self_: v_Self -> args: v_Args -> pred: Type0{true ==> pred}; + f_call_post:v_Self -> v_Args -> (_super_i0).f_Output -> Type0; + f_call:x0: v_Self -> x1: v_Args + -> Prims.Pure (_super_i0).f_Output (f_call_pre x0 x1) (fun result -> f_call_post x0 x1 result) +} + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let _ = fun (v_Self:Type0) (v_Args:Type0) {|i: t_Fn v_Self v_Args|} -> i._super_i0 + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl (#v_Args #v_Out: Type0) : t_FnOnce (v_Args -> v_Out) v_Args = + { + f_Output = v_Out; + f_call_once_pre = (fun (self: (v_Args -> v_Out)) (args: v_Args) -> true); + f_call_once_post = (fun (self: (v_Args -> v_Out)) (args: v_Args) (out: v_Out) -> true); + f_call_once = fun (self: (v_Args -> v_Out)) (args: v_Args) -> self args + } + unfold instance fnonce_arrow_binder t u : t_FnOnce (_:t -> u) t = { f_Output = u; @@ -24,16 +37,3 @@ unfold instance fnonce_arrow_binder t u f_call_once_post = (fun (x0: (_:t -> u)) (x1: t) (res: u) -> res == x0 x1); f_call_once = (fun (x0: (_:t -> u)) (x1: t) -> x0 x1); } - -class t_Fn (v_Self: Type0) (v_Args: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]_super_17771448556265749037:t_FnOnce v_Self v_Args; - f_call_pre:self_: v_Self -> args: v_Args -> pred: Type0{true ==> pred}; - f_call_post:v_Self -> v_Args -> (_super_17771448556265749037).f_Output -> Type0; - f_call:x0: v_Self -> x1: v_Args - -> Prims.Pure (_super_17771448556265749037).f_Output - (f_call_pre x0 x1) - (fun result -> f_call_post x0 x1 result) -} - -[@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) (v_Args:Type0) {|i: t_Fn v_Self v_Args|} -> i._super_17771448556265749037 diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Option.fst b/hax-lib/proof-libs/fstar/core/Core_models.Option.fst index 89d8c28c2..9dcf0b245 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Option.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Option.fst @@ -45,9 +45,9 @@ let impl__unwrap_or (#v_T: Type0) (self: t_Option v_T) (v_default: v_T) : v_T = let impl__unwrap_or_else (#v_T #v_F: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] - i1: + i0: Core_models.Ops.Function.t_FnOnce v_F Prims.unit) - (#_: unit{i1.Core_models.Ops.Function.f_Output == v_T}) + (#_: unit{i0.Core_models.Ops.Function.f_Output == v_T}) (self: t_Option v_T) (f: v_F) : v_T = @@ -62,7 +62,7 @@ let impl__unwrap_or_else let impl__unwrap_or_default (#v_T: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] i2: Core_models.Default.t_Default v_T) + (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: Core_models.Default.t_Default v_T) (self: t_Option v_T) : v_T = match self <: t_Option v_T with @@ -71,8 +71,8 @@ let impl__unwrap_or_default let impl__map (#v_T #v_U #v_F: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] i3: Core_models.Ops.Function.t_FnOnce v_F v_T) - (#_: unit{i3.Core_models.Ops.Function.f_Output == v_U}) + (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: Core_models.Ops.Function.t_FnOnce v_F v_T) + (#_: unit{i0.Core_models.Ops.Function.f_Output == v_U}) (self: t_Option v_T) (f: v_F) : t_Option v_U = @@ -86,8 +86,8 @@ let impl__map let impl__map_or (#v_T #v_U #v_F: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] i3: Core_models.Ops.Function.t_FnOnce v_F v_T) - (#_: unit{i3.Core_models.Ops.Function.f_Output == v_U}) + (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: Core_models.Ops.Function.t_FnOnce v_F v_T) + (#_: unit{i0.Core_models.Ops.Function.f_Output == v_U}) (self: t_Option v_T) (v_default: v_U) (f: v_F) @@ -99,12 +99,12 @@ let impl__map_or let impl__map_or_else (#v_T #v_U #v_D #v_F: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] i4: Core_models.Ops.Function.t_FnOnce v_F v_T) - (#_: unit{i4.Core_models.Ops.Function.f_Output == v_U}) + (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: Core_models.Ops.Function.t_FnOnce v_F v_T) + (#_: unit{i0.Core_models.Ops.Function.f_Output == v_U}) (#[FStar.Tactics.Typeclasses.tcresolve ()] - i5: + i1: Core_models.Ops.Function.t_FnOnce v_D Prims.unit) - (#_: unit{i5.Core_models.Ops.Function.f_Output == v_U}) + (#_: unit{i1.Core_models.Ops.Function.f_Output == v_U}) (self: t_Option v_T) (v_default: v_D) (f: v_F) @@ -121,9 +121,9 @@ let impl__map_or_else let impl__map_or_default (#v_T #v_U #v_F: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] i3: Core_models.Ops.Function.t_FnOnce v_F v_T) - (#_: unit{i3.Core_models.Ops.Function.f_Output == v_U}) - (#[FStar.Tactics.Typeclasses.tcresolve ()] i6: Core_models.Default.t_Default v_U) + (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: Core_models.Ops.Function.t_FnOnce v_F v_T) + (#_: unit{i0.Core_models.Ops.Function.f_Output == v_U}) + (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Core_models.Default.t_Default v_U) (self: t_Option v_T) (f: v_F) : v_U = @@ -141,9 +141,9 @@ let impl__ok_or (#v_T #v_E: Type0) (self: t_Option v_T) (err: v_E) let impl__ok_or_else (#v_T #v_E #v_F: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] - i7: + i0: Core_models.Ops.Function.t_FnOnce v_F Prims.unit) - (#_: unit{i7.Core_models.Ops.Function.f_Output == v_E}) + (#_: unit{i0.Core_models.Ops.Function.f_Output == v_E}) (self: t_Option v_T) (err: v_F) : Core_models.Result.t_Result v_T v_E = @@ -161,8 +161,8 @@ let impl__ok_or_else let impl__and_then (#v_T #v_U #v_F: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] i3: Core_models.Ops.Function.t_FnOnce v_F v_T) - (#_: unit{i3.Core_models.Ops.Function.f_Output == t_Option v_U}) + (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: Core_models.Ops.Function.t_FnOnce v_F v_T) + (#_: unit{i0.Core_models.Ops.Function.f_Output == t_Option v_U}) (self: t_Option v_T) (f: v_F) : t_Option v_U = diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Result.fst b/hax-lib/proof-libs/fstar/core/Core_models.Result.fst index 7c04935bb..c5b9f61c8 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Result.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Result.fst @@ -35,10 +35,10 @@ let impl__map_or let impl__map_or_else (#v_T #v_E #v_U #v_D #v_F: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Core_models.Ops.Function.t_FnOnce v_F v_T) + (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: Core_models.Ops.Function.t_FnOnce v_F v_T) + (#_: unit{i0.Core_models.Ops.Function.f_Output == v_U}) + (#[FStar.Tactics.Typeclasses.tcresolve ()] i1: Core_models.Ops.Function.t_FnOnce v_D v_E) (#_: unit{i1.Core_models.Ops.Function.f_Output == v_U}) - (#[FStar.Tactics.Typeclasses.tcresolve ()] i2: Core_models.Ops.Function.t_FnOnce v_D v_E) - (#_: unit{i2.Core_models.Ops.Function.f_Output == v_U}) (self: t_Result v_T v_E) (v_default: v_D) (f: v_F) @@ -51,8 +51,8 @@ let impl__map_or_else let impl__map_err (#v_T #v_E #v_O #v_F: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] i3: Core_models.Ops.Function.t_FnOnce v_O v_E) - (#_: unit{i3.Core_models.Ops.Function.f_Output == v_F}) + (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: Core_models.Ops.Function.t_FnOnce v_O v_E) + (#_: unit{i0.Core_models.Ops.Function.f_Output == v_F}) (self: t_Result v_T v_E) (op: v_O) : t_Result v_T v_F = diff --git a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Arithmetic.fsti b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Arithmetic.fsti new file mode 100644 index 000000000..e39c552be --- /dev/null +++ b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Arithmetic.fsti @@ -0,0 +1,208 @@ +module Rust_primitives.Arithmetic + +open FStar.Mul +open Rust_primitives.Integers + +let wrapping_add_u8 : u8 -> u8 -> u8 = add_mod +let saturating_add_u8 : u8 -> u8 -> u8 = add_sat +val overflowing_add_u8 : u8 -> u8 -> u8 & bool +let wrapping_sub_u8 : u8 -> u8 -> u8 = sub_mod +let saturating_sub_u8 : u8 -> u8 -> u8 = sub_sat +let overflowing_sub_u8 (x y: u8): u8 & bool + = let sub = v x - v y in + let borrow = sub < 0 in + let out = if borrow then pow2 8 + sub else sub in + (mk_u8 out, borrow) +let wrapping_mul_u8 : u8 -> u8 -> u8 = mul_mod +val saturating_mul_u8 : u8 -> u8 -> u8 +let overflowing_mul_u8 : u8 -> u8 -> u8 & bool = mul_overflow +let rem_euclid_u8 (x: u8) (y: u8 {v y <> 0}): u8 = x %! y +val pow_u8 : u8 -> u32 -> u8 +val count_ones_u8 : u8 -> r:u32{v r <= 8} + +let wrapping_add_u16 : u16 -> u16 -> u16 = add_mod +let saturating_add_u16 : u16 -> u16 -> u16 = add_sat +val overflowing_add_u16 : u16 -> u16 -> u16 & bool +let wrapping_sub_u16 : u16 -> u16 -> u16 = sub_mod +let saturating_sub_u16 : u16 -> u16 -> u16 = sub_sat +let overflowing_sub_u16 (x y: u16): u16 & bool + = let sub = v x - v y in + let borrow = sub < 0 in + let out = if borrow then pow2 16 + sub else sub in + (mk_u16 out, borrow) +let wrapping_mul_u16 : u16 -> u16 -> u16 = mul_mod +val saturating_mul_u16 : u16 -> u16 -> u16 +let overflowing_mul_u16 : u16 -> u16 -> u16 & bool = mul_overflow +let rem_euclid_u16 (x: u16) (y: u16 {v y <> 0}): u16 = x %! y +val pow_u16 : u16 -> u32 -> u16 +val count_ones_u16 : u16 -> r:u32{v r <= 16} + +let wrapping_add_u32 : u32 -> u32 -> u32 = add_mod +let saturating_add_u32 : u32 -> u32 -> u32 = add_sat +val overflowing_add_u32 : u32 -> u32 -> u32 & bool +let wrapping_sub_u32 : u32 -> u32 -> u32 = sub_mod +let saturating_sub_u32 : u32 -> u32 -> u32 = sub_sat +let overflowing_sub_u32 (x y: u32): u32 & bool + = let sub = v x - v y in + let borrow = sub < 0 in + let out = if borrow then pow2 32 + sub else sub in + (mk_u32 out, borrow) +let wrapping_mul_u32 : u32 -> u32 -> u32 = mul_mod +val saturating_mul_u32 : u32 -> u32 -> u32 +let overflowing_mul_u32 : u32 -> u32 -> u32 & bool = mul_overflow +let rem_euclid_u32 (x: u32) (y: u32 {v y <> 0}): u32 = x %! y +val pow_u32 : u32 -> u32 -> u32 +val count_ones_u32 : u32 -> r:u32{v r <= 32} + +let wrapping_add_u64 : u64 -> u64 -> u64 = add_mod +let saturating_add_u64 : u64 -> u64 -> u64 = add_sat +val overflowing_add_u64 : u64 -> u64 -> u64 & bool +let wrapping_sub_u64 : u64 -> u64 -> u64 = sub_mod +let saturating_sub_u64 : u64 -> u64 -> u64 = sub_sat +let overflowing_sub_u64 (x y: u64): u64 & bool + = let sub = v x - v y in + let borrow = sub < 0 in + let out = if borrow then pow2 64 + sub else sub in + (mk_u64 out, borrow) +let wrapping_mul_u64 : u64 -> u64 -> u64 = mul_mod +val saturating_mul_u64 : u64 -> u64 -> u64 +let overflowing_mul_u64 : u64 -> u64 -> u64 & bool = mul_overflow +let rem_euclid_u64 (x: u64) (y: u64 {v y <> 0}): u64 = x %! y +val pow_u64 : u64 -> u32 -> u64 +val count_ones_u64 : u64 -> r:u32{v r <= 64} + +let wrapping_add_u128 : u128 -> u128 -> u128 = add_mod +let saturating_add_u128 : u128 -> u128 -> u128 = add_sat +val overflowing_add_u128 : u128 -> u128 -> u128 & bool +let wrapping_sub_u128 : u128 -> u128 -> u128 = sub_mod +let saturating_sub_u128 : u128 -> u128 -> u128 = sub_sat +let overflowing_sub_u128 (x y: u128): u128 & bool + = let sub = v x - v y in + let borrow = sub < 0 in + let out = if borrow then pow2 128 + sub else sub in + (mk_u128 out, borrow) +let wrapping_mul_u128 : u128 -> u128 -> u128 = mul_mod +val saturating_mul_u128 : u128 -> u128 -> u128 +let overflowing_mul_u128 : u128 -> u128 -> u128 & bool = mul_overflow +let rem_euclid_u128 (x: u128) (y: u128 {v y <> 0}): u128 = x %! y +val pow_u128 : u128 -> u32 -> u128 +val count_ones_u128 : u128 -> r:u32{v r <= 128} + +let wrapping_add_usize : usize -> usize -> usize = add_mod +let saturating_add_usize : usize -> usize -> usize = add_sat +val overflowing_add_usize : usize -> usize -> usize & bool +let wrapping_sub_usize : usize -> usize -> usize = sub_mod +let saturating_sub_usize : usize -> usize -> usize = sub_sat +let overflowing_sub_usize (x y: usize): usize & bool + = let sub = v x - v y in + let borrow = sub < 0 in + let out = if borrow then pow2 size + sub else sub in + (mk_usize out, borrow) +let wrapping_mul_usize : usize -> usize -> usize = mul_mod +val saturating_mul_usize : usize -> usize -> usize +let overflowing_mul_usize : usize -> usize -> usize & bool = mul_overflow +let rem_euclid_usize (x: usize) (y: usize {v y <> 0}): usize = x %! y +val pow_usize : usize -> u32 -> usize +val count_ones_usize : usize -> r:u32{v r <= SIZE_BITS} + +let wrapping_add_i8 : i8 -> i8 -> i8 = add_mod +let saturating_add_i8 : i8 -> i8 -> i8 = add_sat +val overflowing_add_i8 : i8 -> i8 -> i8 & bool +let wrapping_sub_i8 : i8 -> i8 -> i8 = sub_mod +let saturating_sub_i8 : i8 -> i8 -> i8 = sub_sat +let overflowing_sub_i8 (x y: i8): i8 & bool + = let sub = v x - v y in + let borrow = sub < 0 in + let out = if borrow then pow2 8 + sub else sub in + (mk_i8 out, borrow) +let wrapping_mul_i8 : i8 -> i8 -> i8 = mul_mod +val saturating_mul_i8 : i8 -> i8 -> i8 +let overflowing_mul_i8 : i8 -> i8 -> i8 & bool = mul_overflow +let rem_euclid_i8 (x: i8) (y: i8 {v y <> 0}): i8 = x %! y +val pow_i8 : i8 -> u32 -> i8 +val count_ones_i8 : i8 -> r:u32{v r <= 8} + +let wrapping_add_i16 : i16 -> i16 -> i16 = add_mod +let saturating_add_i16 : i16 -> i16 -> i16 = add_sat +val overflowing_add_i16 : i16 -> i16 -> i16 & bool +let wrapping_sub_i16 : i16 -> i16 -> i16 = sub_mod +let saturating_sub_i16 : i16 -> i16 -> i16 = sub_sat +let overflowing_sub_i16 (x y: i16): i16 & bool + = let sub = v x - v y in + let borrow = sub < 0 in + let out = if borrow then pow2 16 + sub else sub in + (mk_i16 out, borrow) +let wrapping_mul_i16 : i16 -> i16 -> i16 = mul_mod +val saturating_mul_i16 : i16 -> i16 -> i16 +let overflowing_mul_i16 : i16 -> i16 -> i16 & bool = mul_overflow +let rem_euclid_i16 (x: i16) (y: i16 {v y <> 0}): i16 = x %! y +val pow_i16 : i16 -> u32 -> i16 +val count_ones_i16 : i16 -> r:u32{v r <= 16} + +let wrapping_add_i32 : i32 -> i32 -> i32 = add_mod +let saturating_add_i32 : i32 -> i32 -> i32 = add_sat +val overflowing_add_i32 : i32 -> i32 -> i32 & bool +let wrapping_sub_i32 : i32 -> i32 -> i32 = sub_mod +let saturating_sub_i32 : i32 -> i32 -> i32 = sub_sat +let overflowing_sub_i32 (x y: i32): i32 & bool + = let sub = v x - v y in + let borrow = sub < 0 in + let out = if borrow then pow2 32 + sub else sub in + (mk_i32 out, borrow) +let wrapping_mul_i32 : i32 -> i32 -> i32 = mul_mod +val saturating_mul_i32 : i32 -> i32 -> i32 +let overflowing_mul_i32 : i32 -> i32 -> i32 & bool = mul_overflow +let rem_euclid_i32 (x: i32) (y: i32 {v y <> 0}): i32 = x %! y +val pow_i32 : i32 -> u32 -> i32 +val count_ones_i32 : i32 -> r:u32{v r <= 32} + +let wrapping_add_i64 : i64 -> i64 -> i64 = add_mod +let saturating_add_i64 : i64 -> i64 -> i64 = add_sat +val overflowing_add_i64 : i64 -> i64 -> i64 & bool +let wrapping_sub_i64 : i64 -> i64 -> i64 = sub_mod +let saturating_sub_i64 : i64 -> i64 -> i64 = sub_sat +let overflowing_sub_i64 (x y: i64): i64 & bool + = let sub = v x - v y in + let borrow = sub < 0 in + let out = if borrow then pow2 64 + sub else sub in + (mk_i64 out, borrow) +let wrapping_mul_i64 : i64 -> i64 -> i64 = mul_mod +val saturating_mul_i64 : i64 -> i64 -> i64 +let overflowing_mul_i64 : i64 -> i64 -> i64 & bool = mul_overflow +let rem_euclid_i64 (x: i64) (y: i64 {v y <> 0}): i64 = x %! y +val pow_i64 : i64 -> u32 -> i64 +val count_ones_i64 : i64 -> r:u32{v r <= 64} + +let wrapping_add_i128 : i128 -> i128 -> i128 = add_mod +let saturating_add_i128 : i128 -> i128 -> i128 = add_sat +val overflowing_add_i128 : i128 -> i128 -> i128 & bool +let wrapping_sub_i128 : i128 -> i128 -> i128 = sub_mod +let saturating_sub_i128 : i128 -> i128 -> i128 = sub_sat +let overflowing_sub_i128 (x y: i128): i128 & bool + = let sub = v x - v y in + let borrow = sub < 0 in + let out = if borrow then pow2 128 + sub else sub in + (mk_i128 out, borrow) +let wrapping_mul_i128 : i128 -> i128 -> i128 = mul_mod +val saturating_mul_i128 : i128 -> i128 -> i128 +let overflowing_mul_i128 : i128 -> i128 -> i128 & bool = mul_overflow +let rem_euclid_i128 (x: i128) (y: i128 {v y <> 0}): i128 = x %! y +val pow_i128 : i128 -> u32 -> i128 +val count_ones_i128 : i128 -> r:u32{v r <= 128} + +let wrapping_add_isize : isize -> isize -> isize = add_mod +let saturating_add_isize : isize -> isize -> isize = add_sat +val overflowing_add_isize : isize -> isize -> isize & bool +let wrapping_sub_isize : isize -> isize -> isize = sub_mod +let saturating_sub_isize : isize -> isize -> isize = sub_sat +let overflowing_sub_isize (x y: isize): isize & bool + = let sub = v x - v y in + let borrow = sub < 0 in + let out = if borrow then pow2 size + sub else sub in + (mk_isize out, borrow) +let wrapping_mul_isize : isize -> isize -> isize = mul_mod +val saturating_mul_isize : isize -> isize -> isize +let overflowing_mul_isize : isize -> isize -> isize & bool = mul_overflow +let rem_euclid_isize (x: isize) (y: isize {v y <> 0}): isize = x %! y +val pow_isize : isize -> u32 -> isize +val count_ones_isize : isize -> r:u32{v r <= SIZE_BITS} From f3f7bc076c3d7da2885ef889a044046c9472ea66 Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Tue, 14 Oct 2025 14:00:11 +0200 Subject: [PATCH 08/56] Fixes and additions for core models integers. --- engine/backends/fstar/fstar_backend.ml | 7 +- hax-lib/core-models/hax.sh | 2 +- .../core-models/rust_primitives/src/lib.rs | 2 +- hax-lib/core-models/src/core/convert.rs | 69 +- hax-lib/core-models/src/core/num/mod.rs | 2 +- hax-lib/core-models/src/core/ops.rs | 28 +- hax-lib/macros/src/utils.rs | 2 +- .../fstar/core/Core_models.Convert.fst | 1268 +++++++++++++++-- .../proof-libs/fstar/core/Core_models.Num.fst | 12 +- .../fstar/core/Core_models.Ops.Arith.fst | 217 +++ .../fstar/core/Core_models.Ops.Arith.fsti | 67 - .../fstar/core/Core_models.Ops.Bit.fsti | 6 +- .../fstar/core/Core_models.Ops.Function.fst | 2 +- .../fstar/core/Core_models.Ops.Index.fst | 2 +- .../fstar/core/Core_models.Ops.Try_trait.fst | 4 +- .../Rust_primitives.Arithmetic.fsti | 53 +- .../Rust_primitives.Integers.fsti | 2 +- .../proofs/fstar/extraction/Hax_lib.Int.fst | 160 ++- .../proofs/fstar/extraction/Hax_lib.Prop.fst | 53 +- hax-lib/proofs/fstar/extraction/Hax_lib.fst | 34 +- 20 files changed, 1741 insertions(+), 251 deletions(-) create mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fst delete mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fsti diff --git a/engine/backends/fstar/fstar_backend.ml b/engine/backends/fstar/fstar_backend.ml index 76334758a..0a9d4477e 100644 --- a/engine/backends/fstar/fstar_backend.ml +++ b/engine/backends/fstar/fstar_backend.ml @@ -1353,7 +1353,10 @@ struct (* { typ = TApp { ident = i.ti_ident } }) *) (* bounds *) (* in *) - (F.id name, None, [], t) + ( F.id name, + None, + [ F.term @@ F.AST.Var FStar_Parser_Const.no_method_lid ], + t ) :: List.map ~f:(fun { goal = { trait; args }; name = impl_ident_name } @@ -1592,7 +1595,7 @@ struct (* This helps f* in type class resolution *) let constraints_export = constraints_fields - |> List.map ~f:(fun (super_name, _, _, typ) -> + |> List.map ~f:(fun (super_name, _, attrs, typ) -> let super_name = FStar_Ident.string_of_id super_name in let tc_name = FStar_Ident.string_of_id name_id in let typ = FStar_Parser_AST.term_to_string typ in diff --git a/hax-lib/core-models/hax.sh b/hax-lib/core-models/hax.sh index a685e90c5..6f358affe 100755 --- a/hax-lib/core-models/hax.sh +++ b/hax-lib/core-models/hax.sh @@ -3,7 +3,7 @@ set -e function extract_and_copy() { go_to "./" - HAX_CORE_MODELS_EXTRACTION_MODE=on cargo hax into -i '-**::rust_primitives::** -**::ops::arith::** -**::convert::**' fstar --interfaces '+!**::num::error +!**::panicking::internal +!core_models::borrow +!core_models::default +!core_models::error +!core_models::hash +!core_models::hint +!core_models::ops::bit' + HAX_CORE_MODELS_EXTRACTION_MODE=on cargo hax into fstar --interfaces '+!**::num::error +!**::panicking::internal +!core_models::borrow +!core_models::default +!core_models::error +!core_models::hash +!core_models::hint +!core_models::ops::bit' cp proofs/fstar/extraction/*.fst* ../proof-libs/fstar/core } diff --git a/hax-lib/core-models/rust_primitives/src/lib.rs b/hax-lib/core-models/rust_primitives/src/lib.rs index c743dfe0a..415919731 100644 --- a/hax-lib/core-models/rust_primitives/src/lib.rs +++ b/hax-lib/core-models/rust_primitives/src/lib.rs @@ -75,7 +75,7 @@ pub mod arithmetic { ($($Self: ident)*) => { paste! { $( - pub fn [](x: $Self) -> bool { + pub fn [](x: $Self) -> $Self { panic!() } )* diff --git a/hax-lib/core-models/src/core/convert.rs b/hax-lib/core-models/src/core/convert.rs index a277f22ab..05fca05f4 100644 --- a/hax-lib/core-models/src/core/convert.rs +++ b/hax-lib/core-models/src/core/convert.rs @@ -1,25 +1,32 @@ +#[hax_lib::fstar::before("open Rust_primitives.Integers")] use super::result::Result; +#[hax_lib::attributes] trait TryInto { type Error; + #[hax_lib::requires(true)] fn try_into(self) -> Result; } +#[hax_lib::attributes] trait Into { + #[hax_lib::requires(true)] fn into(self) -> T; } +#[hax_lib::attributes] trait From { + #[hax_lib::requires(true)] fn from(x: T) -> Self; } +#[hax_lib::attributes] trait TryFrom: Sized { type Error; + #[hax_lib::requires(true)] fn try_from(x: T) -> Result; } -// TODO add impls for integer types and for Infallible - impl> Into for T { fn into(self) -> U { U::from(self) @@ -57,3 +64,61 @@ impl AsRef for T { self } } + +macro_rules! int_from { + ( + $($From_t: ident)*, + $($To_t: ident)*, + ) => { + $( + impl From<$From_t> for $To_t { + fn from(x: $From_t) -> $To_t { + x as $To_t + } + } + )* + } +} + +use super::num::error::TryFromIntError; + +macro_rules! int_try_from { + ( + $($From_t: ident)*, + $($To_t: ident)*, + ) => { + $( + impl TryFrom<$From_t> for $To_t { + type Error = TryFromIntError; + fn try_from(x: $From_t) -> Result<$To_t, TryFromIntError> { + if x > ($To_t::MAX as $From_t) || x < ($To_t::MIN as $From_t) { + Result::Err(TryFromIntError(())) + } else { + Result::Ok(x as $To_t) + } + } + } + )* + } +} + +int_from! { + u8 u8 u16 u8 u16 u32 usize u8 u16 u32 u64 usize u8 u16 u32, + u16 u32 u32 u64 u64 u64 u64 u128 u128 u128 u128 u128 usize usize usize, +} + +int_from! { + i8 i8 i16 i8 i16 i32 isize i8 i16 i32 i64 isize i8 i16 i32, + i16 i32 i32 i64 i64 i64 i64 i128 i128 i128 i128 i128 isize isize isize, +} + +int_try_from! { + u16 u32 u32 u64 u64 u64 u64 u128 u128 u128 u128 u128 usize usize usize, + u8 u8 u16 u8 u16 u32 usize u8 u16 u32 u64 usize u8 u16 u32, +} + +int_try_from! { + i16 i32 i32 i64 i64 i64 i64 i128 i128 i128 i128 i128 isize isize isize, + i8 i8 i16 i8 i16 i32 isize i8 i16 i32 i64 isize i8 i16 i32, +} +// Add conversions between sized / unsized diff --git a/hax-lib/core-models/src/core/num/mod.rs b/hax-lib/core-models/src/core/num/mod.rs index 6922751b5..703513d27 100644 --- a/hax-lib/core-models/src/core/num/mod.rs +++ b/hax-lib/core-models/src/core/num/mod.rs @@ -153,7 +153,7 @@ macro_rules! iint_impl { paste! { [](x) } } #[hax_lib::requires(x > $Self::MIN)] - fn abs(x: $Self) -> bool { + fn abs(x: $Self) -> $Self { paste! { [](x) } } #[hax_lib::opaque] diff --git a/hax-lib/core-models/src/core/ops.rs b/hax-lib/core-models/src/core/ops.rs index fc48ead67..cbb05afed 100644 --- a/hax-lib/core-models/src/core/ops.rs +++ b/hax-lib/core-models/src/core/ops.rs @@ -15,36 +15,36 @@ pub mod arith { type Output; fn div(self, rhs: Rhs) -> Self::Output; } + #[hax_lib::fstar::before("open Rust_primitives.Integers")] pub trait AddAssign { - type Output; - fn add_assign(self, rhs: Rhs) -> Self::Output; + fn add_assign(&mut self, rhs: Rhs); } pub trait SubAssign { - type Output; - fn sub_assign(self, rhs: Rhs) -> Self::Output; + fn sub_assign(&mut self, rhs: Rhs); } pub trait MulAssign { - type Output; - fn mul_assign(self, rhs: Rhs) -> Self::Output; + fn mul_assign(&mut self, rhs: Rhs); } pub trait DivAssign { - type Output; - fn div_assign(self, rhs: Rhs) -> Self::Output; + fn div_assign(&mut self, rhs: Rhs); } macro_rules! int_trait_impls { ($($Self:ty)*) => { + use hax_lib::ToInt; $( + #[hax_lib::attributes] impl crate::ops::arith::AddAssign<$Self> for $Self { - type Output = $Self; - fn add_assign(self, rhs: $Self) -> $Self { - self + rhs + #[hax_lib::requires(self.to_int() + rhs.to_int() <= $Self::MAX.to_int())] + fn add_assign(&mut self, rhs: $Self) { + *self = *self + rhs } } + #[hax_lib::attributes] impl crate::ops::arith::SubAssign<$Self> for $Self { - type Output = $Self; - fn sub_assign(self, rhs: $Self) -> $Self { - self - rhs + #[hax_lib::requires(self.to_int() - rhs.to_int() >= 0.to_int())] + fn sub_assign(&mut self, rhs: $Self) { + *self = *self - rhs } })* } diff --git a/hax-lib/macros/src/utils.rs b/hax-lib/macros/src/utils.rs index 237b669af..e420d304a 100644 --- a/hax-lib/macros/src/utils.rs +++ b/hax-lib/macros/src/utils.rs @@ -302,7 +302,7 @@ pub fn make_fn_decoration( FnDecorationKind::Decreases | FnDecorationKind::SMTPat => { syn::parse_quote! { -> () } } - _ => syn::parse_quote! { -> impl Into<::hax_lib::Prop> }, + _ => syn::parse_quote! { -> impl std::convert::Into<::hax_lib::Prop> }, }; sig }; diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Convert.fst b/hax-lib/proof-libs/fstar/core/Core_models.Convert.fst index 31c5f6742..9d36102b8 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Convert.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Convert.fst @@ -1,113 +1,1199 @@ - module Core_models.Convert -open Rust_primitives +#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" +open FStar.Mul -class t_TryInto self t = { - [@@@FStar.Tactics.Typeclasses.no_method] - f_Error: Type0; - f_try_into: self -> Core_models.Result.t_Result t f_Error -} +open Rust_primitives.Integers -instance impl_6 (t: Type0) (len: usize): t_TryInto (t_Slice t) (t_Array t len) = { - f_Error = Core_models.Array.t_TryFromSliceError; - f_try_into = (fun (s: t_Slice t) -> - if Core_models.Slice.impl__len s = len - then Core_models.Result.Result_Ok (s <: t_Array t len) - else Core_models.Result.Result_Err Core_models.Array.TryFromSliceError - ) +class t_Into (v_Self: Type0) (v_T: Type0) = { + f_into_pre:self_: v_Self -> pred: Type0{true ==> pred}; + f_into_post:v_Self -> v_T -> Type0; + f_into:x0: v_Self -> Prims.Pure v_T (f_into_pre x0) (fun result -> f_into_post x0 result) } -instance impl_6_refined (t: Type0) (len: usize): t_TryInto (s: t_Slice t {Core_models.Slice.impl__len s == len}) (t_Array t len) = { - f_Error = Core_models.Array.t_TryFromSliceError; - f_try_into = (fun (s: t_Slice t {Core_models.Slice.impl__len s == len}) -> - Core_models.Result.Result_Ok (s <: t_Array t len) - ) +class t_From (v_Self: Type0) (v_T: Type0) = { + f_from_pre:x: v_T -> pred: Type0{true ==> pred}; + f_from_post:v_T -> v_Self -> Type0; + f_from:x0: v_T -> Prims.Pure v_Self (f_from_pre x0) (fun result -> f_from_post x0 result) } -class t_Into self t = { - f_into_pre: self -> bool; - f_into_post: self -> t -> bool; - f_into: self -> t; -} +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl (#v_T #v_U: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_From v_U v_T) + : t_Into v_T v_U = + { + f_into_pre = (fun (self: v_T) -> true); + f_into_post = (fun (self: v_T) (out: v_U) -> true); + f_into = fun (self: v_T) -> f_from #v_U #v_T #FStar.Tactics.Typeclasses.solve self + } -class t_From self t = { - f_from_pre: t -> bool; - f_from_post: t -> self -> bool; - f_from: t -> self; -} +type t_Infallible = | Infallible : t_Infallible -class t_TryFrom self t = { - [@@@FStar.Tactics.Typeclasses.no_method] - f_Error: Type0; - f_try_from_pre: t -> bool; - f_try_from_post: t -> Core_models.Result.t_Result self f_Error -> bool; - f_try_from: t -> Core_models.Result.t_Result self f_Error; -} +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_3 (#v_T: Type0) : t_From v_T v_T = + { + f_from_pre = (fun (x: v_T) -> true); + f_from_post = (fun (x: v_T) (out: v_T) -> true); + f_from = fun (x: v_T) -> x + } -instance integer_try_from (t:inttype) (t':inttype) : t_TryFrom (int_t t) (int_t t') = { - f_Error = Core_models.Num.Error.t_TryFromIntError; - f_try_from_pre = (fun _ -> true); - f_try_from_post = (fun _ _ -> true); - f_try_from = (fun (x: int_t t') -> - if range (v #t' x) t - then Core_models.Result.Result_Ok (Rust_primitives.Integers.cast #t' #t x) - else Core_models.Result.Result_Err (Core_models.Num.Error.TryFromIntError ()) - ) +class t_AsRef (v_Self: Type0) (v_T: Type0) = { + f_as_ref_pre:v_Self -> Type0; + f_as_ref_post:v_Self -> v_T -> Type0; + f_as_ref:x0: v_Self -> Prims.Pure v_T (f_as_ref_pre x0) (fun result -> f_as_ref_post x0 result) } -instance integer_into - (t:inttype) (t':inttype { minint t >= minint t' /\ maxint t <= maxint t' }) - : t_From (int_t t') (int_t t) - = { - f_from_pre = (fun _ -> true); - f_from_post = (fun _ _ -> true); - f_from = (fun (x: int_t t) -> Rust_primitives.Integers.cast #t #t' x); - } - -instance into_from_from a b {| t_From a b |}: t_Into b a = { - f_into_pre = (fun _ -> true); - f_into_post = (fun _ _ -> true); - f_into = (fun x -> f_from x) -} +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_4 (#v_T: Type0) : t_AsRef v_T v_T = + { + f_as_ref_pre = (fun (self: v_T) -> true); + f_as_ref_post = (fun (self: v_T) (out: v_T) -> true); + f_as_ref = fun (self: v_T) -> self + } -type t_Infallible = _:unit{False} +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_5: t_From u16 u8 = + { + f_from_pre = (fun (x: u8) -> true); + f_from_post = (fun (x: u8) (out: u16) -> true); + f_from = fun (x: u8) -> cast (x <: u8) <: u16 + } -instance try_from_from_from a b {| t_From a b |}: t_TryFrom a b = { - f_Error = t_Infallible; - f_try_from_pre = (fun _ -> true); - f_try_from_post = (fun _ _ -> true); - f_try_from = (fun x -> Core_models.Result.Result_Ok (f_from x)) -} +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_6: t_From u32 u8 = + { + f_from_pre = (fun (x: u8) -> true); + f_from_post = (fun (x: u8) (out: u32) -> true); + f_from = fun (x: u8) -> cast (x <: u8) <: u32 + } [@@ FStar.Tactics.Typeclasses.tcinstance] -let try_into_from_try_from a b {| i1: t_TryFrom a b |}: t_TryInto b a = { - f_Error = i1.f_Error; - f_try_into = (fun x -> f_try_from x) -} +let impl_7: t_From u32 u16 = + { + f_from_pre = (fun (x: u16) -> true); + f_from_post = (fun (x: u16) (out: u32) -> true); + f_from = fun (x: u16) -> cast (x <: u16) <: u32 + } -instance integer_try_into (t:inttype) (t':inttype) : t_TryInto (int_t t) (int_t t') = { - f_Error = Core_models.Num.Error.t_TryFromIntError; - f_try_into = (fun (x: int_t t) -> - if range (v #t x) t' - then Core_models.Result.Result_Ok (Rust_primitives.Integers.cast #t #t' x) - else Core_models.Result.Result_Err (Core_models.Num.Error.TryFromIntError ()) - ) -} +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_8: t_From u64 u8 = + { + f_from_pre = (fun (x: u8) -> true); + f_from_post = (fun (x: u8) (out: u64) -> true); + f_from = fun (x: u8) -> cast (x <: u8) <: u64 + } -instance from_id a: t_From a a = { - f_from_pre = (fun _ -> true); - f_from_post = (fun _ _ -> true); - f_from = (fun x -> x) -} +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_9: t_From u64 u16 = + { + f_from_pre = (fun (x: u16) -> true); + f_from_post = (fun (x: u16) (out: u64) -> true); + f_from = fun (x: u16) -> cast (x <: u16) <: u64 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_10: t_From u64 u32 = + { + f_from_pre = (fun (x: u32) -> true); + f_from_post = (fun (x: u32) (out: u64) -> true); + f_from = fun (x: u32) -> cast (x <: u32) <: u64 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_11: t_From u64 usize = + { + f_from_pre = (fun (x: usize) -> true); + f_from_post = (fun (x: usize) (out: u64) -> true); + f_from = fun (x: usize) -> cast (x <: usize) <: u64 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_12: t_From u128 u8 = + { + f_from_pre = (fun (x: u8) -> true); + f_from_post = (fun (x: u8) (out: u128) -> true); + f_from = fun (x: u8) -> cast (x <: u8) <: u128 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_13: t_From u128 u16 = + { + f_from_pre = (fun (x: u16) -> true); + f_from_post = (fun (x: u16) (out: u128) -> true); + f_from = fun (x: u16) -> cast (x <: u16) <: u128 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_14: t_From u128 u32 = + { + f_from_pre = (fun (x: u32) -> true); + f_from_post = (fun (x: u32) (out: u128) -> true); + f_from = fun (x: u32) -> cast (x <: u32) <: u128 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_15: t_From u128 u64 = + { + f_from_pre = (fun (x: u64) -> true); + f_from_post = (fun (x: u64) (out: u128) -> true); + f_from = fun (x: u64) -> cast (x <: u64) <: u128 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_16: t_From u128 usize = + { + f_from_pre = (fun (x: usize) -> true); + f_from_post = (fun (x: usize) (out: u128) -> true); + f_from = fun (x: usize) -> cast (x <: usize) <: u128 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_17: t_From usize u8 = + { + f_from_pre = (fun (x: u8) -> true); + f_from_post = (fun (x: u8) (out: usize) -> true); + f_from = fun (x: u8) -> cast (x <: u8) <: usize + } -class t_AsRef self t = { - f_as_ref_pre: self -> bool; - f_as_ref_post: self -> t -> bool; - f_as_ref: self -> t; +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_18: t_From usize u16 = + { + f_from_pre = (fun (x: u16) -> true); + f_from_post = (fun (x: u16) (out: usize) -> true); + f_from = fun (x: u16) -> cast (x <: u16) <: usize + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_19: t_From usize u32 = + { + f_from_pre = (fun (x: u32) -> true); + f_from_post = (fun (x: u32) (out: usize) -> true); + f_from = fun (x: u32) -> cast (x <: u32) <: usize + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_20: t_From i16 i8 = + { + f_from_pre = (fun (x: i8) -> true); + f_from_post = (fun (x: i8) (out: i16) -> true); + f_from = fun (x: i8) -> cast (x <: i8) <: i16 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_21: t_From i32 i8 = + { + f_from_pre = (fun (x: i8) -> true); + f_from_post = (fun (x: i8) (out: i32) -> true); + f_from = fun (x: i8) -> cast (x <: i8) <: i32 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_22: t_From i32 i16 = + { + f_from_pre = (fun (x: i16) -> true); + f_from_post = (fun (x: i16) (out: i32) -> true); + f_from = fun (x: i16) -> cast (x <: i16) <: i32 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_23: t_From i64 i8 = + { + f_from_pre = (fun (x: i8) -> true); + f_from_post = (fun (x: i8) (out: i64) -> true); + f_from = fun (x: i8) -> cast (x <: i8) <: i64 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_24: t_From i64 i16 = + { + f_from_pre = (fun (x: i16) -> true); + f_from_post = (fun (x: i16) (out: i64) -> true); + f_from = fun (x: i16) -> cast (x <: i16) <: i64 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_25: t_From i64 i32 = + { + f_from_pre = (fun (x: i32) -> true); + f_from_post = (fun (x: i32) (out: i64) -> true); + f_from = fun (x: i32) -> cast (x <: i32) <: i64 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_26: t_From i64 isize = + { + f_from_pre = (fun (x: isize) -> true); + f_from_post = (fun (x: isize) (out: i64) -> true); + f_from = fun (x: isize) -> cast (x <: isize) <: i64 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_27: t_From i128 i8 = + { + f_from_pre = (fun (x: i8) -> true); + f_from_post = (fun (x: i8) (out: i128) -> true); + f_from = fun (x: i8) -> cast (x <: i8) <: i128 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_28: t_From i128 i16 = + { + f_from_pre = (fun (x: i16) -> true); + f_from_post = (fun (x: i16) (out: i128) -> true); + f_from = fun (x: i16) -> cast (x <: i16) <: i128 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_29: t_From i128 i32 = + { + f_from_pre = (fun (x: i32) -> true); + f_from_post = (fun (x: i32) (out: i128) -> true); + f_from = fun (x: i32) -> cast (x <: i32) <: i128 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_30: t_From i128 i64 = + { + f_from_pre = (fun (x: i64) -> true); + f_from_post = (fun (x: i64) (out: i128) -> true); + f_from = fun (x: i64) -> cast (x <: i64) <: i128 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_31: t_From i128 isize = + { + f_from_pre = (fun (x: isize) -> true); + f_from_post = (fun (x: isize) (out: i128) -> true); + f_from = fun (x: isize) -> cast (x <: isize) <: i128 + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_32: t_From isize i8 = + { + f_from_pre = (fun (x: i8) -> true); + f_from_post = (fun (x: i8) (out: isize) -> true); + f_from = fun (x: i8) -> cast (x <: i8) <: isize + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_33: t_From isize i16 = + { + f_from_pre = (fun (x: i16) -> true); + f_from_post = (fun (x: i16) (out: isize) -> true); + f_from = fun (x: i16) -> cast (x <: i16) <: isize + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_34: t_From isize i32 = + { + f_from_pre = (fun (x: i32) -> true); + f_from_post = (fun (x: i32) (out: isize) -> true); + f_from = fun (x: i32) -> cast (x <: i32) <: isize + } + +class t_TryInto (v_Self: Type0) (v_T: Type0) = { + [@@@ FStar.Tactics.Typeclasses.no_method]f_Error:Type0; + f_try_into_pre:self_: v_Self -> pred: Type0{true ==> pred}; + f_try_into_post:v_Self -> Core_models.Result.t_Result v_T f_Error -> Type0; + f_try_into:x0: v_Self + -> Prims.Pure (Core_models.Result.t_Result v_T f_Error) + (f_try_into_pre x0) + (fun result -> f_try_into_post x0 result) } -instance as_ref_id a: t_AsRef a a = { - f_as_ref_pre = (fun _ -> true); - f_as_ref_post = (fun _ _ -> true); - f_as_ref = (fun x -> x) +class t_TryFrom (v_Self: Type0) (v_T: Type0) = { + [@@@ FStar.Tactics.Typeclasses.no_method]f_Error:Type0; + f_try_from_pre:x: v_T -> pred: Type0{true ==> pred}; + f_try_from_post:v_T -> Core_models.Result.t_Result v_Self f_Error -> Type0; + f_try_from:x0: v_T + -> Prims.Pure (Core_models.Result.t_Result v_Self f_Error) + (f_try_from_pre x0) + (fun result -> f_try_from_post x0 result) } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_1 (#v_T #v_U: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_From v_U v_T) + : t_TryFrom v_U v_T = + { + f_Error = t_Infallible; + f_try_from_pre = (fun (x: v_T) -> true); + f_try_from_post = (fun (x: v_T) (out: Core_models.Result.t_Result v_U t_Infallible) -> true); + f_try_from + = + fun (x: v_T) -> + Core_models.Result.Result_Ok (f_from #v_U #v_T #FStar.Tactics.Typeclasses.solve x) + <: + Core_models.Result.t_Result v_U t_Infallible + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_2 (#v_T #v_U: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_TryFrom v_U v_T) + : t_TryInto v_T v_U = + { + f_Error = i0.f_Error; + f_try_into_pre = (fun (self: v_T) -> true); + f_try_into_post = (fun (self: v_T) (out: Core_models.Result.t_Result v_U i0.f_Error) -> true); + f_try_into = fun (self: v_T) -> f_try_from #v_U #v_T #FStar.Tactics.Typeclasses.solve self + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_35: t_TryFrom u8 u16 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: u16) -> true); + f_try_from_post + = + (fun (x: u16) (out: Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: u16) -> + if + x >. (cast (Core_models.Num.impl_u8__MAX <: u8) <: u16) || + x <. (cast (Core_models.Num.impl_u8__MIN <: u8) <: u16) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: u16) <: u8) + <: + Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_36: t_TryFrom u8 u32 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: u32) -> true); + f_try_from_post + = + (fun (x: u32) (out: Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: u32) -> + if + x >. (cast (Core_models.Num.impl_u8__MAX <: u8) <: u32) || + x <. (cast (Core_models.Num.impl_u8__MIN <: u8) <: u32) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: u32) <: u8) + <: + Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_37: t_TryFrom u16 u32 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: u32) -> true); + f_try_from_post + = + (fun (x: u32) (out: Core_models.Result.t_Result u16 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: u32) -> + if + x >. (cast (Core_models.Num.impl_u16__MAX <: u16) <: u32) || + x <. (cast (Core_models.Num.impl_u16__MIN <: u16) <: u32) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result u16 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: u32) <: u16) + <: + Core_models.Result.t_Result u16 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_38: t_TryFrom u8 u64 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: u64) -> true); + f_try_from_post + = + (fun (x: u64) (out: Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: u64) -> + if + x >. (cast (Core_models.Num.impl_u8__MAX <: u8) <: u64) || + x <. (cast (Core_models.Num.impl_u8__MIN <: u8) <: u64) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: u64) <: u8) + <: + Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_39: t_TryFrom u16 u64 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: u64) -> true); + f_try_from_post + = + (fun (x: u64) (out: Core_models.Result.t_Result u16 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: u64) -> + if + x >. (cast (Core_models.Num.impl_u16__MAX <: u16) <: u64) || + x <. (cast (Core_models.Num.impl_u16__MIN <: u16) <: u64) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result u16 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: u64) <: u16) + <: + Core_models.Result.t_Result u16 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_40: t_TryFrom u32 u64 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: u64) -> true); + f_try_from_post + = + (fun (x: u64) (out: Core_models.Result.t_Result u32 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: u64) -> + if + x >. (cast (Core_models.Num.impl_u32__MAX <: u32) <: u64) || + x <. (cast (Core_models.Num.impl_u32__MIN <: u32) <: u64) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result u32 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: u64) <: u32) + <: + Core_models.Result.t_Result u32 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_41: t_TryFrom usize u64 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: u64) -> true); + f_try_from_post + = + (fun + (x: u64) + (out: Core_models.Result.t_Result usize Core_models.Num.Error.t_TryFromIntError) + -> + true); + f_try_from + = + fun (x: u64) -> + if + x >. (cast (Core_models.Num.impl_usize__MAX <: usize) <: u64) || + x <. (cast (Core_models.Num.impl_usize__MIN <: usize) <: u64) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result usize Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: u64) <: usize) + <: + Core_models.Result.t_Result usize Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_42: t_TryFrom u8 u128 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: u128) -> true); + f_try_from_post + = + (fun (x: u128) (out: Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: u128) -> + if + x >. (cast (Core_models.Num.impl_u8__MAX <: u8) <: u128) || + x <. (cast (Core_models.Num.impl_u8__MIN <: u8) <: u128) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: u128) <: u8) + <: + Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_43: t_TryFrom u16 u128 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: u128) -> true); + f_try_from_post + = + (fun (x: u128) (out: Core_models.Result.t_Result u16 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: u128) -> + if + x >. (cast (Core_models.Num.impl_u16__MAX <: u16) <: u128) || + x <. (cast (Core_models.Num.impl_u16__MIN <: u16) <: u128) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result u16 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: u128) <: u16) + <: + Core_models.Result.t_Result u16 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_44: t_TryFrom u32 u128 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: u128) -> true); + f_try_from_post + = + (fun (x: u128) (out: Core_models.Result.t_Result u32 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: u128) -> + if + x >. (cast (Core_models.Num.impl_u32__MAX <: u32) <: u128) || + x <. (cast (Core_models.Num.impl_u32__MIN <: u32) <: u128) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result u32 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: u128) <: u32) + <: + Core_models.Result.t_Result u32 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_45: t_TryFrom u64 u128 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: u128) -> true); + f_try_from_post + = + (fun (x: u128) (out: Core_models.Result.t_Result u64 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: u128) -> + if + x >. (cast (Core_models.Num.impl_u64__MAX <: u64) <: u128) || + x <. (cast (Core_models.Num.impl_u64__MIN <: u64) <: u128) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result u64 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: u128) <: u64) + <: + Core_models.Result.t_Result u64 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_46: t_TryFrom usize u128 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: u128) -> true); + f_try_from_post + = + (fun + (x: u128) + (out: Core_models.Result.t_Result usize Core_models.Num.Error.t_TryFromIntError) + -> + true); + f_try_from + = + fun (x: u128) -> + if + x >. (cast (Core_models.Num.impl_usize__MAX <: usize) <: u128) || + x <. (cast (Core_models.Num.impl_usize__MIN <: usize) <: u128) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result usize Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: u128) <: usize) + <: + Core_models.Result.t_Result usize Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_47: t_TryFrom u8 usize = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: usize) -> true); + f_try_from_post + = + (fun (x: usize) (out: Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: usize) -> + if + x >. (cast (Core_models.Num.impl_u8__MAX <: u8) <: usize) || + x <. (cast (Core_models.Num.impl_u8__MIN <: u8) <: usize) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: usize) <: u8) + <: + Core_models.Result.t_Result u8 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_48: t_TryFrom u16 usize = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: usize) -> true); + f_try_from_post + = + (fun + (x: usize) + (out: Core_models.Result.t_Result u16 Core_models.Num.Error.t_TryFromIntError) + -> + true); + f_try_from + = + fun (x: usize) -> + if + x >. (cast (Core_models.Num.impl_u16__MAX <: u16) <: usize) || + x <. (cast (Core_models.Num.impl_u16__MIN <: u16) <: usize) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result u16 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: usize) <: u16) + <: + Core_models.Result.t_Result u16 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_49: t_TryFrom u32 usize = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: usize) -> true); + f_try_from_post + = + (fun + (x: usize) + (out: Core_models.Result.t_Result u32 Core_models.Num.Error.t_TryFromIntError) + -> + true); + f_try_from + = + fun (x: usize) -> + if + x >. (cast (Core_models.Num.impl_u32__MAX <: u32) <: usize) || + x <. (cast (Core_models.Num.impl_u32__MIN <: u32) <: usize) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result u32 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: usize) <: u32) + <: + Core_models.Result.t_Result u32 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_50: t_TryFrom i8 i16 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: i16) -> true); + f_try_from_post + = + (fun (x: i16) (out: Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: i16) -> + if + x >. (cast (Core_models.Num.impl_i8__MAX <: i8) <: i16) || + x <. (cast (Core_models.Num.impl_i8__MIN <: i8) <: i16) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: i16) <: i8) + <: + Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_51: t_TryFrom i8 i32 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: i32) -> true); + f_try_from_post + = + (fun (x: i32) (out: Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: i32) -> + if + x >. (cast (Core_models.Num.impl_i8__MAX <: i8) <: i32) || + x <. (cast (Core_models.Num.impl_i8__MIN <: i8) <: i32) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: i32) <: i8) + <: + Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_52: t_TryFrom i16 i32 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: i32) -> true); + f_try_from_post + = + (fun (x: i32) (out: Core_models.Result.t_Result i16 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: i32) -> + if + x >. (cast (Core_models.Num.impl_i16__MAX <: i16) <: i32) || + x <. (cast (Core_models.Num.impl_i16__MIN <: i16) <: i32) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result i16 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: i32) <: i16) + <: + Core_models.Result.t_Result i16 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_53: t_TryFrom i8 i64 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: i64) -> true); + f_try_from_post + = + (fun (x: i64) (out: Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: i64) -> + if + x >. (cast (Core_models.Num.impl_i8__MAX <: i8) <: i64) || + x <. (cast (Core_models.Num.impl_i8__MIN <: i8) <: i64) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: i64) <: i8) + <: + Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_54: t_TryFrom i16 i64 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: i64) -> true); + f_try_from_post + = + (fun (x: i64) (out: Core_models.Result.t_Result i16 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: i64) -> + if + x >. (cast (Core_models.Num.impl_i16__MAX <: i16) <: i64) || + x <. (cast (Core_models.Num.impl_i16__MIN <: i16) <: i64) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result i16 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: i64) <: i16) + <: + Core_models.Result.t_Result i16 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_55: t_TryFrom i32 i64 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: i64) -> true); + f_try_from_post + = + (fun (x: i64) (out: Core_models.Result.t_Result i32 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: i64) -> + if + x >. (cast (Core_models.Num.impl_i32__MAX <: i32) <: i64) || + x <. (cast (Core_models.Num.impl_i32__MIN <: i32) <: i64) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result i32 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: i64) <: i32) + <: + Core_models.Result.t_Result i32 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_56: t_TryFrom isize i64 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: i64) -> true); + f_try_from_post + = + (fun + (x: i64) + (out: Core_models.Result.t_Result isize Core_models.Num.Error.t_TryFromIntError) + -> + true); + f_try_from + = + fun (x: i64) -> + if + x >. (cast (Core_models.Num.impl_isize__MAX <: isize) <: i64) || + x <. (cast (Core_models.Num.impl_isize__MIN <: isize) <: i64) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result isize Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: i64) <: isize) + <: + Core_models.Result.t_Result isize Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_57: t_TryFrom i8 i128 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: i128) -> true); + f_try_from_post + = + (fun (x: i128) (out: Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: i128) -> + if + x >. (cast (Core_models.Num.impl_i8__MAX <: i8) <: i128) || + x <. (cast (Core_models.Num.impl_i8__MIN <: i8) <: i128) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: i128) <: i8) + <: + Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_58: t_TryFrom i16 i128 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: i128) -> true); + f_try_from_post + = + (fun (x: i128) (out: Core_models.Result.t_Result i16 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: i128) -> + if + x >. (cast (Core_models.Num.impl_i16__MAX <: i16) <: i128) || + x <. (cast (Core_models.Num.impl_i16__MIN <: i16) <: i128) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result i16 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: i128) <: i16) + <: + Core_models.Result.t_Result i16 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_59: t_TryFrom i32 i128 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: i128) -> true); + f_try_from_post + = + (fun (x: i128) (out: Core_models.Result.t_Result i32 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: i128) -> + if + x >. (cast (Core_models.Num.impl_i32__MAX <: i32) <: i128) || + x <. (cast (Core_models.Num.impl_i32__MIN <: i32) <: i128) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result i32 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: i128) <: i32) + <: + Core_models.Result.t_Result i32 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_60: t_TryFrom i64 i128 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: i128) -> true); + f_try_from_post + = + (fun (x: i128) (out: Core_models.Result.t_Result i64 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: i128) -> + if + x >. (cast (Core_models.Num.impl_i64__MAX <: i64) <: i128) || + x <. (cast (Core_models.Num.impl_i64__MIN <: i64) <: i128) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result i64 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: i128) <: i64) + <: + Core_models.Result.t_Result i64 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_61: t_TryFrom isize i128 = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: i128) -> true); + f_try_from_post + = + (fun + (x: i128) + (out: Core_models.Result.t_Result isize Core_models.Num.Error.t_TryFromIntError) + -> + true); + f_try_from + = + fun (x: i128) -> + if + x >. (cast (Core_models.Num.impl_isize__MAX <: isize) <: i128) || + x <. (cast (Core_models.Num.impl_isize__MIN <: isize) <: i128) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result isize Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: i128) <: isize) + <: + Core_models.Result.t_Result isize Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_62: t_TryFrom i8 isize = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: isize) -> true); + f_try_from_post + = + (fun (x: isize) (out: Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError) -> + true); + f_try_from + = + fun (x: isize) -> + if + x >. (cast (Core_models.Num.impl_i8__MAX <: i8) <: isize) || + x <. (cast (Core_models.Num.impl_i8__MIN <: i8) <: isize) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: isize) <: i8) + <: + Core_models.Result.t_Result i8 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_63: t_TryFrom i16 isize = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: isize) -> true); + f_try_from_post + = + (fun + (x: isize) + (out: Core_models.Result.t_Result i16 Core_models.Num.Error.t_TryFromIntError) + -> + true); + f_try_from + = + fun (x: isize) -> + if + x >. (cast (Core_models.Num.impl_i16__MAX <: i16) <: isize) || + x <. (cast (Core_models.Num.impl_i16__MIN <: i16) <: isize) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result i16 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: isize) <: i16) + <: + Core_models.Result.t_Result i16 Core_models.Num.Error.t_TryFromIntError + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_64: t_TryFrom i32 isize = + { + f_Error = Core_models.Num.Error.t_TryFromIntError; + f_try_from_pre = (fun (x: isize) -> true); + f_try_from_post + = + (fun + (x: isize) + (out: Core_models.Result.t_Result i32 Core_models.Num.Error.t_TryFromIntError) + -> + true); + f_try_from + = + fun (x: isize) -> + if + x >. (cast (Core_models.Num.impl_i32__MAX <: i32) <: isize) || + x <. (cast (Core_models.Num.impl_i32__MIN <: i32) <: isize) + then + Core_models.Result.Result_Err + (Core_models.Num.Error.TryFromIntError (() <: Prims.unit) + <: + Core_models.Num.Error.t_TryFromIntError) + <: + Core_models.Result.t_Result i32 Core_models.Num.Error.t_TryFromIntError + else + Core_models.Result.Result_Ok (cast (x <: isize) <: i32) + <: + Core_models.Result.t_Result i32 Core_models.Num.Error.t_TryFromIntError + } diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Num.fst b/hax-lib/proof-libs/fstar/core/Core_models.Num.fst index 6be75e0bb..395c6c496 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Num.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Num.fst @@ -643,7 +643,7 @@ let impl_i8__to_le_bytes = impl_i8__to_le_bytes' let impl_i8__rem_euclid (x y: i8) : Prims.Pure i8 (requires y <>. mk_i8 0) (fun _ -> Prims.l_True) = Rust_primitives.Arithmetic.rem_euclid_i8 x y -let impl_i8__abs (x: i8) : Prims.Pure bool (requires x >. impl_i8__MIN) (fun _ -> Prims.l_True) = +let impl_i8__abs (x: i8) : Prims.Pure i8 (requires x >. impl_i8__MIN) (fun _ -> Prims.l_True) = Rust_primitives.Arithmetic.abs_i8 x let impl_i16__MIN: i16 = mk_i16 (-32768) @@ -736,7 +736,7 @@ let impl_i16__rem_euclid (x y: i16) : Prims.Pure i16 (requires y <>. mk_i16 0) (fun _ -> Prims.l_True) = Rust_primitives.Arithmetic.rem_euclid_i16 x y -let impl_i16__abs (x: i16) : Prims.Pure bool (requires x >. impl_i16__MIN) (fun _ -> Prims.l_True) = +let impl_i16__abs (x: i16) : Prims.Pure i16 (requires x >. impl_i16__MIN) (fun _ -> Prims.l_True) = Rust_primitives.Arithmetic.abs_i16 x let impl_i32__MIN: i32 = mk_i32 (-2147483648) @@ -829,7 +829,7 @@ let impl_i32__rem_euclid (x y: i32) : Prims.Pure i32 (requires y <>. mk_i32 0) (fun _ -> Prims.l_True) = Rust_primitives.Arithmetic.rem_euclid_i32 x y -let impl_i32__abs (x: i32) : Prims.Pure bool (requires x >. impl_i32__MIN) (fun _ -> Prims.l_True) = +let impl_i32__abs (x: i32) : Prims.Pure i32 (requires x >. impl_i32__MIN) (fun _ -> Prims.l_True) = Rust_primitives.Arithmetic.abs_i32 x let impl_i64__MIN: i64 = mk_i64 (-9223372036854775808) @@ -922,7 +922,7 @@ let impl_i64__rem_euclid (x y: i64) : Prims.Pure i64 (requires y <>. mk_i64 0) (fun _ -> Prims.l_True) = Rust_primitives.Arithmetic.rem_euclid_i64 x y -let impl_i64__abs (x: i64) : Prims.Pure bool (requires x >. impl_i64__MIN) (fun _ -> Prims.l_True) = +let impl_i64__abs (x: i64) : Prims.Pure i64 (requires x >. impl_i64__MIN) (fun _ -> Prims.l_True) = Rust_primitives.Arithmetic.abs_i64 x let impl_i128__MIN: i128 = mk_i128 (-170141183460469231731687303715884105728) @@ -1019,7 +1019,7 @@ let impl_i128__rem_euclid (x y: i128) Rust_primitives.Arithmetic.rem_euclid_i128 x y let impl_i128__abs (x: i128) - : Prims.Pure bool (requires x >. impl_i128__MIN) (fun _ -> Prims.l_True) = + : Prims.Pure i128 (requires x >. impl_i128__MIN) (fun _ -> Prims.l_True) = Rust_primitives.Arithmetic.abs_i128 x let impl_isize__MIN: isize = Rust_primitives.Arithmetic.v_ISIZE_MIN @@ -1119,5 +1119,5 @@ let impl_isize__rem_euclid (x y: isize) Rust_primitives.Arithmetic.rem_euclid_isize x y let impl_isize__abs (x: isize) - : Prims.Pure bool (requires x >. impl_isize__MIN) (fun _ -> Prims.l_True) = + : Prims.Pure isize (requires x >. impl_isize__MIN) (fun _ -> Prims.l_True) = Rust_primitives.Arithmetic.abs_isize x diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fst b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fst new file mode 100644 index 000000000..77ea71252 --- /dev/null +++ b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fst @@ -0,0 +1,217 @@ +module Core_models.Ops.Arith +#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" +open FStar.Mul + +open Rust_primitives.Integers + +class t_AddAssign (v_Self: Type0) (v_Rhs: Type0) = { + f_add_assign_pre:v_Self -> v_Rhs -> Type0; + f_add_assign_post:v_Self -> v_Rhs -> v_Self -> Type0; + f_add_assign:x0: v_Self -> x1: v_Rhs + -> Prims.Pure v_Self (f_add_assign_pre x0 x1) (fun result -> f_add_assign_post x0 x1 result) +} + +class t_SubAssign (v_Self: Type0) (v_Rhs: Type0) = { + f_sub_assign_pre:v_Self -> v_Rhs -> Type0; + f_sub_assign_post:v_Self -> v_Rhs -> v_Self -> Type0; + f_sub_assign:x0: v_Self -> x1: v_Rhs + -> Prims.Pure v_Self (f_sub_assign_pre x0 x1) (fun result -> f_sub_assign_post x0 x1 result) +} + +class t_MulAssign (v_Self: Type0) (v_Rhs: Type0) = { + f_mul_assign_pre:v_Self -> v_Rhs -> Type0; + f_mul_assign_post:v_Self -> v_Rhs -> v_Self -> Type0; + f_mul_assign:x0: v_Self -> x1: v_Rhs + -> Prims.Pure v_Self (f_mul_assign_pre x0 x1) (fun result -> f_mul_assign_post x0 x1 result) +} + +class t_DivAssign (v_Self: Type0) (v_Rhs: Type0) = { + f_div_assign_pre:v_Self -> v_Rhs -> Type0; + f_div_assign_post:v_Self -> v_Rhs -> v_Self -> Type0; + f_div_assign:x0: v_Self -> x1: v_Rhs + -> Prims.Pure v_Self (f_div_assign_pre x0 x1) (fun result -> f_div_assign_post x0 x1 result) +} + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl: t_AddAssign u8 u8 = + { + f_add_assign_pre + = + (fun (self_: u8) (rhs: u8) -> + ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) + + (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) + <: + Hax_lib.Int.t_Int) <= + (Rust_primitives.Hax.Int.from_machine Core_models.Num.impl_u8__MAX <: Hax_lib.Int.t_Int)); + f_add_assign_post = (fun (self: u8) (rhs: u8) (out: u8) -> true); + f_add_assign + = + fun (self: u8) (rhs: u8) -> + let self:u8 = self +! rhs in + self + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_1: t_SubAssign u8 u8 = + { + f_sub_assign_pre + = + (fun (self_: u8) (rhs: u8) -> + ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) - + (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) + <: + Hax_lib.Int.t_Int) >= + (Rust_primitives.Hax.Int.from_machine (mk_i32 0) <: Hax_lib.Int.t_Int)); + f_sub_assign_post = (fun (self: u8) (rhs: u8) (out: u8) -> true); + f_sub_assign + = + fun (self: u8) (rhs: u8) -> + let self:u8 = self -! rhs in + self + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_2: t_AddAssign u16 u16 = + { + f_add_assign_pre + = + (fun (self_: u16) (rhs: u16) -> + ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) + + (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) + <: + Hax_lib.Int.t_Int) <= + (Rust_primitives.Hax.Int.from_machine Core_models.Num.impl_u16__MAX <: Hax_lib.Int.t_Int)); + f_add_assign_post = (fun (self: u16) (rhs: u16) (out: u16) -> true); + f_add_assign + = + fun (self: u16) (rhs: u16) -> + let self:u16 = self +! rhs in + self + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_3: t_SubAssign u16 u16 = + { + f_sub_assign_pre + = + (fun (self_: u16) (rhs: u16) -> + ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) - + (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) + <: + Hax_lib.Int.t_Int) >= + (Rust_primitives.Hax.Int.from_machine (mk_i32 0) <: Hax_lib.Int.t_Int)); + f_sub_assign_post = (fun (self: u16) (rhs: u16) (out: u16) -> true); + f_sub_assign + = + fun (self: u16) (rhs: u16) -> + let self:u16 = self -! rhs in + self + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_4: t_AddAssign u32 u32 = + { + f_add_assign_pre + = + (fun (self_: u32) (rhs: u32) -> + ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) + + (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) + <: + Hax_lib.Int.t_Int) <= + (Rust_primitives.Hax.Int.from_machine Core_models.Num.impl_u32__MAX <: Hax_lib.Int.t_Int)); + f_add_assign_post = (fun (self: u32) (rhs: u32) (out: u32) -> true); + f_add_assign + = + fun (self: u32) (rhs: u32) -> + let self:u32 = self +! rhs in + self + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_5: t_SubAssign u32 u32 = + { + f_sub_assign_pre + = + (fun (self_: u32) (rhs: u32) -> + ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) - + (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) + <: + Hax_lib.Int.t_Int) >= + (Rust_primitives.Hax.Int.from_machine (mk_i32 0) <: Hax_lib.Int.t_Int)); + f_sub_assign_post = (fun (self: u32) (rhs: u32) (out: u32) -> true); + f_sub_assign + = + fun (self: u32) (rhs: u32) -> + let self:u32 = self -! rhs in + self + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_6: t_AddAssign u64 u64 = + { + f_add_assign_pre + = + (fun (self_: u64) (rhs: u64) -> + ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) + + (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) + <: + Hax_lib.Int.t_Int) <= + (Rust_primitives.Hax.Int.from_machine Core_models.Num.impl_u64__MAX <: Hax_lib.Int.t_Int)); + f_add_assign_post = (fun (self: u64) (rhs: u64) (out: u64) -> true); + f_add_assign + = + fun (self: u64) (rhs: u64) -> + let self:u64 = self +! rhs in + self + } + +[@@ FStar.Tactics.Typeclasses.tcinstance] +let impl_7: t_SubAssign u64 u64 = + { + f_sub_assign_pre + = + (fun (self_: u64) (rhs: u64) -> + ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) - + (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) + <: + Hax_lib.Int.t_Int) >= + (Rust_primitives.Hax.Int.from_machine (mk_i32 0) <: Hax_lib.Int.t_Int)); + f_sub_assign_post = (fun (self: u64) (rhs: u64) (out: u64) -> true); + f_sub_assign + = + fun (self: u64) (rhs: u64) -> + let self:u64 = self -! rhs in + self + } + +class t_Add (v_Self: Type0) (v_Rhs: Type0) = { + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; + f_add_pre:v_Self -> v_Rhs -> Type0; + f_add_post:v_Self -> v_Rhs -> f_Output -> Type0; + f_add:x0: v_Self -> x1: v_Rhs + -> Prims.Pure f_Output (f_add_pre x0 x1) (fun result -> f_add_post x0 x1 result) +} + +class t_Sub (v_Self: Type0) (v_Rhs: Type0) = { + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; + f_sub_pre:v_Self -> v_Rhs -> Type0; + f_sub_post:v_Self -> v_Rhs -> f_Output -> Type0; + f_sub:x0: v_Self -> x1: v_Rhs + -> Prims.Pure f_Output (f_sub_pre x0 x1) (fun result -> f_sub_post x0 x1 result) +} + +class t_Mul (v_Self: Type0) (v_Rhs: Type0) = { + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; + f_mul_pre:v_Self -> v_Rhs -> Type0; + f_mul_post:v_Self -> v_Rhs -> f_Output -> Type0; + f_mul:x0: v_Self -> x1: v_Rhs + -> Prims.Pure f_Output (f_mul_pre x0 x1) (fun result -> f_mul_post x0 x1 result) +} + +class t_Div (v_Self: Type0) (v_Rhs: Type0) = { + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; + f_div_pre:v_Self -> v_Rhs -> Type0; + f_div_post:v_Self -> v_Rhs -> f_Output -> Type0; + f_div:x0: v_Self -> x1: v_Rhs + -> Prims.Pure f_Output (f_div_pre x0 x1) (fun result -> f_div_post x0 x1 result) +} diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fsti deleted file mode 100644 index 8d7d05d60..000000000 --- a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fsti +++ /dev/null @@ -1,67 +0,0 @@ -module Core_models.Ops.Arith -open Rust_primitives -open Hax_lib.Prop - -class t_Add self rhs = { - [@@@ Tactics.Typeclasses.no_method] - f_Output: Type; - f_add_pre: self -> rhs -> t_Prop; - f_add_post: self -> rhs -> f_Output -> t_Prop; - f_add: x:self -> y:rhs -> Pure f_Output (f_add_pre x y) (fun r -> f_add_post x y r); -} - -class t_Sub self rhs = { - [@@@ Tactics.Typeclasses.no_method] - f_Output: Type; - f_sub_pre: self -> rhs -> t_Prop; - f_sub_post: self -> rhs -> f_Output -> t_Prop; - f_sub: x:self -> y:rhs -> Pure f_Output (f_sub_pre x y) (fun r -> f_sub_post x y r); -} - -class t_Mul self rhs = { - [@@@ Tactics.Typeclasses.no_method] - f_Output: Type; - f_mul_pre: self -> rhs -> t_Prop; - f_mul_post: self -> rhs -> f_Output -> t_Prop; - f_mul: x:self -> y:rhs -> Pure f_Output (f_mul_pre x y) (fun r -> f_mul_post x y r); -} - -class t_Div self rhs = { - [@@@ Tactics.Typeclasses.no_method] - f_Output: Type; - f_div_pre: self -> rhs -> t_Prop; - f_div_post: self -> rhs -> f_Output -> t_Prop; - f_div: x:self -> y:rhs -> Pure f_Output (f_div_pre x y) (fun r -> f_div_post x y r); -} - -class t_AddAssign self rhs = { - f_add_assign_pre: self -> rhs -> t_Prop; - f_add_assign_post: self -> rhs -> self -> t_Prop; - f_add_assign: x:self -> y:rhs -> Pure self (f_add_assign_pre x y) (fun r -> f_add_assign_post x y r); -} - -class t_SubAssign self rhs = { - f_sub_assign_pre: self -> rhs -> t_Prop; - f_sub_assign_post: self -> rhs -> self -> t_Prop; - f_sub_assign: x:self -> y:rhs -> Pure self (f_sub_assign_pre x y) (fun r -> f_sub_assign_post x y r); -} - -class t_MulAssign self rhs = { - f_mul_assign_pre: self -> rhs -> t_Prop; - f_mul_assign_post: self -> rhs -> self -> t_Prop; - f_mul_assign: x:self -> y:rhs -> Pure self (f_mul_assign_pre x y) (fun r -> f_mul_assign_post x y r); -} - -class t_DivAssign self rhs = { - f_div_assign_pre: self -> rhs -> t_Prop; - f_div_assign_post: self -> rhs -> self -> t_Prop; - f_div_assign: x:self -> y:rhs -> Pure self (f_div_assign_pre x y) (fun r -> f_div_assign_post x y r); -} - -let f_neg #t x = zero #t -! x - -/// Type class implementations -[@FStar.Tactics.Typeclasses.tcinstance] -val impl_float_f_mul : t_Mul float float -[@FStar.Tactics.Typeclasses.tcinstance] -val impl_float_f_add : t_Add float float diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Bit.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Bit.fsti index e4e7ee473..631e3f6b1 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Bit.fsti +++ b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Bit.fsti @@ -3,7 +3,7 @@ module Core_models.Ops.Bit open FStar.Mul class t_Shr (v_Self: Type0) (v_Rhs: Type0) = { - f_Output:Type0; + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; f_shr_pre:v_Self -> v_Rhs -> Type0; f_shr_post:v_Self -> v_Rhs -> f_Output -> Type0; f_shr:x0: v_Self -> x1: v_Rhs @@ -11,7 +11,7 @@ class t_Shr (v_Self: Type0) (v_Rhs: Type0) = { } class t_BitXor (v_Self: Type0) (v_Rhs: Type0) = { - f_Output:Type0; + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; f_bitxor_pre:v_Self -> v_Rhs -> Type0; f_bitxor_post:v_Self -> v_Rhs -> f_Output -> Type0; f_bitxor:x0: v_Self -> x1: v_Rhs @@ -19,7 +19,7 @@ class t_BitXor (v_Self: Type0) (v_Rhs: Type0) = { } class t_BitAnd (v_Self: Type0) (v_Rhs: Type0) = { - f_Output:Type0; + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; f_bitand_pre:v_Self -> v_Rhs -> Type0; f_bitand_post:v_Self -> v_Rhs -> f_Output -> Type0; f_bitand:x0: v_Self -> x1: v_Rhs diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fst b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fst index f9393bc3a..ba55b68d7 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fst @@ -3,7 +3,7 @@ module Core_models.Ops.Function open FStar.Mul class t_FnOnce (v_Self: Type0) (v_Args: Type0) = { - f_Output:Type0; + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; f_call_once_pre:self_: v_Self -> args: v_Args -> pred: Type0{true ==> pred}; f_call_once_post:v_Self -> v_Args -> f_Output -> Type0; f_call_once:x0: v_Self -> x1: v_Args diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Index.fst b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Index.fst index 875f68e36..3957752ff 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Index.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Index.fst @@ -5,7 +5,7 @@ open FStar.Mul open Rust_primitives.Integers class t_Index (v_Self: Type0) (v_Idx: Type0) = { - f_Output:Type0; + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; f_index_pre:v_Self -> v_Idx -> Type0; f_index_post:v_Self -> v_Idx -> f_Output -> Type0; f_index:x0: v_Self -> x1: v_Idx diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Try_trait.fst b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Try_trait.fst index 9120aa49c..d4e09ef72 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Try_trait.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Try_trait.fst @@ -10,8 +10,8 @@ class t_FromResidual (v_Self: Type0) (v_R: Type0) = { } class t_Try (v_Self: Type0) = { - f_Output:Type0; - f_Residual:Type0; + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; + [@@@ FStar.Tactics.Typeclasses.no_method]f_Residual:Type0; f_from_output_pre:f_Output -> Type0; f_from_output_post:f_Output -> v_Self -> Type0; f_from_output:x0: f_Output diff --git a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Arithmetic.fsti b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Arithmetic.fsti index e39c552be..d18c0ecab 100644 --- a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Arithmetic.fsti +++ b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Arithmetic.fsti @@ -96,113 +96,100 @@ let saturating_sub_usize : usize -> usize -> usize = sub_sat let overflowing_sub_usize (x y: usize): usize & bool = let sub = v x - v y in let borrow = sub < 0 in - let out = if borrow then pow2 size + sub else sub in + let out = if borrow then pow2 size_bits + sub else sub in (mk_usize out, borrow) let wrapping_mul_usize : usize -> usize -> usize = mul_mod val saturating_mul_usize : usize -> usize -> usize let overflowing_mul_usize : usize -> usize -> usize & bool = mul_overflow let rem_euclid_usize (x: usize) (y: usize {v y <> 0}): usize = x %! y val pow_usize : usize -> u32 -> usize -val count_ones_usize : usize -> r:u32{v r <= SIZE_BITS} +val count_ones_usize : usize -> r:u32{v r <= size_bits} let wrapping_add_i8 : i8 -> i8 -> i8 = add_mod let saturating_add_i8 : i8 -> i8 -> i8 = add_sat val overflowing_add_i8 : i8 -> i8 -> i8 & bool let wrapping_sub_i8 : i8 -> i8 -> i8 = sub_mod let saturating_sub_i8 : i8 -> i8 -> i8 = sub_sat -let overflowing_sub_i8 (x y: i8): i8 & bool - = let sub = v x - v y in - let borrow = sub < 0 in - let out = if borrow then pow2 8 + sub else sub in - (mk_i8 out, borrow) +val overflowing_sub_i8 (x y: i8): i8 & bool let wrapping_mul_i8 : i8 -> i8 -> i8 = mul_mod val saturating_mul_i8 : i8 -> i8 -> i8 let overflowing_mul_i8 : i8 -> i8 -> i8 & bool = mul_overflow let rem_euclid_i8 (x: i8) (y: i8 {v y <> 0}): i8 = x %! y val pow_i8 : i8 -> u32 -> i8 val count_ones_i8 : i8 -> r:u32{v r <= 8} +val abs_i8 : i8 -> i8 let wrapping_add_i16 : i16 -> i16 -> i16 = add_mod let saturating_add_i16 : i16 -> i16 -> i16 = add_sat val overflowing_add_i16 : i16 -> i16 -> i16 & bool let wrapping_sub_i16 : i16 -> i16 -> i16 = sub_mod let saturating_sub_i16 : i16 -> i16 -> i16 = sub_sat -let overflowing_sub_i16 (x y: i16): i16 & bool - = let sub = v x - v y in - let borrow = sub < 0 in - let out = if borrow then pow2 16 + sub else sub in - (mk_i16 out, borrow) +val overflowing_sub_i16 (x y: i16): i16 & bool let wrapping_mul_i16 : i16 -> i16 -> i16 = mul_mod val saturating_mul_i16 : i16 -> i16 -> i16 let overflowing_mul_i16 : i16 -> i16 -> i16 & bool = mul_overflow let rem_euclid_i16 (x: i16) (y: i16 {v y <> 0}): i16 = x %! y val pow_i16 : i16 -> u32 -> i16 val count_ones_i16 : i16 -> r:u32{v r <= 16} +val abs_i16 : i16 -> i16 let wrapping_add_i32 : i32 -> i32 -> i32 = add_mod let saturating_add_i32 : i32 -> i32 -> i32 = add_sat val overflowing_add_i32 : i32 -> i32 -> i32 & bool let wrapping_sub_i32 : i32 -> i32 -> i32 = sub_mod let saturating_sub_i32 : i32 -> i32 -> i32 = sub_sat -let overflowing_sub_i32 (x y: i32): i32 & bool - = let sub = v x - v y in - let borrow = sub < 0 in - let out = if borrow then pow2 32 + sub else sub in - (mk_i32 out, borrow) +val overflowing_sub_i32 (x y: i32): i32 & bool let wrapping_mul_i32 : i32 -> i32 -> i32 = mul_mod val saturating_mul_i32 : i32 -> i32 -> i32 let overflowing_mul_i32 : i32 -> i32 -> i32 & bool = mul_overflow let rem_euclid_i32 (x: i32) (y: i32 {v y <> 0}): i32 = x %! y val pow_i32 : i32 -> u32 -> i32 val count_ones_i32 : i32 -> r:u32{v r <= 32} +val abs_i32 : i32 -> i32 let wrapping_add_i64 : i64 -> i64 -> i64 = add_mod let saturating_add_i64 : i64 -> i64 -> i64 = add_sat val overflowing_add_i64 : i64 -> i64 -> i64 & bool let wrapping_sub_i64 : i64 -> i64 -> i64 = sub_mod let saturating_sub_i64 : i64 -> i64 -> i64 = sub_sat -let overflowing_sub_i64 (x y: i64): i64 & bool - = let sub = v x - v y in - let borrow = sub < 0 in - let out = if borrow then pow2 64 + sub else sub in - (mk_i64 out, borrow) +val overflowing_sub_i64 (x y: i64): i64 & bool let wrapping_mul_i64 : i64 -> i64 -> i64 = mul_mod val saturating_mul_i64 : i64 -> i64 -> i64 let overflowing_mul_i64 : i64 -> i64 -> i64 & bool = mul_overflow let rem_euclid_i64 (x: i64) (y: i64 {v y <> 0}): i64 = x %! y val pow_i64 : i64 -> u32 -> i64 val count_ones_i64 : i64 -> r:u32{v r <= 64} +val abs_i64 : i64 -> i64 let wrapping_add_i128 : i128 -> i128 -> i128 = add_mod let saturating_add_i128 : i128 -> i128 -> i128 = add_sat val overflowing_add_i128 : i128 -> i128 -> i128 & bool let wrapping_sub_i128 : i128 -> i128 -> i128 = sub_mod let saturating_sub_i128 : i128 -> i128 -> i128 = sub_sat -let overflowing_sub_i128 (x y: i128): i128 & bool - = let sub = v x - v y in - let borrow = sub < 0 in - let out = if borrow then pow2 128 + sub else sub in - (mk_i128 out, borrow) +val overflowing_sub_i128 (x y: i128): i128 & bool let wrapping_mul_i128 : i128 -> i128 -> i128 = mul_mod val saturating_mul_i128 : i128 -> i128 -> i128 let overflowing_mul_i128 : i128 -> i128 -> i128 & bool = mul_overflow let rem_euclid_i128 (x: i128) (y: i128 {v y <> 0}): i128 = x %! y val pow_i128 : i128 -> u32 -> i128 val count_ones_i128 : i128 -> r:u32{v r <= 128} +val abs_i128 : i128 -> i128 let wrapping_add_isize : isize -> isize -> isize = add_mod let saturating_add_isize : isize -> isize -> isize = add_sat val overflowing_add_isize : isize -> isize -> isize & bool let wrapping_sub_isize : isize -> isize -> isize = sub_mod let saturating_sub_isize : isize -> isize -> isize = sub_sat -let overflowing_sub_isize (x y: isize): isize & bool - = let sub = v x - v y in - let borrow = sub < 0 in - let out = if borrow then pow2 size + sub else sub in - (mk_isize out, borrow) +val overflowing_sub_isize (x y: isize): isize & bool let wrapping_mul_isize : isize -> isize -> isize = mul_mod val saturating_mul_isize : isize -> isize -> isize let overflowing_mul_isize : isize -> isize -> isize & bool = mul_overflow let rem_euclid_isize (x: isize) (y: isize {v y <> 0}): isize = x %! y val pow_isize : isize -> u32 -> isize -val count_ones_isize : isize -> r:u32{v r <= SIZE_BITS} +val count_ones_isize : isize -> r:u32{v r <= size_bits} +val abs_isize : isize -> isize + +let v_USIZE_MAX = mk_usize max_usize +let v_ISIZE_MAX = mk_isize max_isize +let v_ISIZE_MIN = mk_isize (minint ISIZE) +let v_SIZE_BITS = mk_u32 size_bits diff --git a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Integers.fsti b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Integers.fsti index a838876cd..c0e04c6d9 100644 --- a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Integers.fsti +++ b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Integers.fsti @@ -177,7 +177,7 @@ let cast_identity_lemma (n: int_t a) : Lemma (cast_mod #b #a (cast_mod #a #b n) == n) [SMTPat (cast_mod #b #a (cast_mod #a #b n))] - = () + = admit () #pop-options /// Arithmetic operations diff --git a/hax-lib/proofs/fstar/extraction/Hax_lib.Int.fst b/hax-lib/proofs/fstar/extraction/Hax_lib.Int.fst index 4c9cca877..4a5b12702 100644 --- a/hax-lib/proofs/fstar/extraction/Hax_lib.Int.fst +++ b/hax-lib/proofs/fstar/extraction/Hax_lib.Int.fst @@ -1,22 +1,150 @@ module Hax_lib.Int - +#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" +open FStar.Mul open Core_models -unfold type t_Int = int +include Hax_lib.Bundle {t_Int as t_Int} + +include Hax_lib.Bundle {Int as Int} + +include Hax_lib.Bundle {impl_8 as impl_8} + +include Hax_lib.Bundle {impl_9 as impl_9} + +include Hax_lib.Bundle {impl_10 as impl_10} + +include Hax_lib.Bundle {impl_11 as impl_11} + +include Hax_lib.Bundle {impl_12 as impl_12} + +include Hax_lib.Bundle {impl_13 as impl_13} + +include Hax_lib.Bundle {impl_14 as impl_14} + +include Hax_lib.Bundle {impl_15 as impl_15} + +include Hax_lib.Bundle {impl as impl} + +include Hax_lib.Bundle {impl_1__new as impl_Int__new} + +include Hax_lib.Bundle {impl_1__get as impl_Int__get} + +include Hax_lib.Bundle {impl_2 as impl_2} + +include Hax_lib.Bundle {impl_3 as impl_3} + +include Hax_lib.Bundle {impl_4 as impl_4} + +include Hax_lib.Bundle {impl_5 as impl_5} + +include Hax_lib.Bundle {impl_6 as impl_6} + +include Hax_lib.Bundle {impl_7__pow2 as impl_Int__pow2} + +include Hax_lib.Bundle {impl_7__e_unsafe_from_str as impl_Int__e_unsafe_from_str} + +include Hax_lib.Bundle {impl_7__rem_euclid as impl_Int__rem_euclid} + +include Hax_lib.Bundle {t_ToInt as t_ToInt} + +include Hax_lib.Bundle {f_to_int_pre as f_to_int_pre} + +include Hax_lib.Bundle {f_to_int_post as f_to_int_post} + +include Hax_lib.Bundle {f_to_int as f_to_int} + +include Hax_lib.Bundle {impl_16 as impl_16} + +include Hax_lib.Bundle {impl_17 as impl_ToInt_for_u8} + +include Hax_lib.Bundle {impl_18 as impl_18} + +include Hax_lib.Bundle {impl_19 as impl_ToInt_for_u16} + +include Hax_lib.Bundle {impl_20 as impl_20} + +include Hax_lib.Bundle {impl_21 as impl_ToInt_for_u32} + +include Hax_lib.Bundle {impl_22 as impl_22} + +include Hax_lib.Bundle {impl_23 as impl_ToInt_for_u64} + +include Hax_lib.Bundle {impl_24 as impl_24} + +include Hax_lib.Bundle {impl_25 as impl_ToInt_for_u128} + +include Hax_lib.Bundle {impl_26 as impl_26} + +include Hax_lib.Bundle {impl_27 as impl_ToInt_for_usize} + +include Hax_lib.Bundle {impl_28 as impl_28} + +include Hax_lib.Bundle {impl_29 as impl_ToInt_for_i8} + +include Hax_lib.Bundle {impl_30 as impl_30} + +include Hax_lib.Bundle {impl_31 as impl_ToInt_for_i16} + +include Hax_lib.Bundle {impl_32 as impl_32} + +include Hax_lib.Bundle {impl_33 as impl_ToInt_for_i32} + +include Hax_lib.Bundle {impl_34 as impl_34} + +include Hax_lib.Bundle {impl_35 as impl_ToInt_for_i64} + +include Hax_lib.Bundle {impl_36 as impl_36} + +include Hax_lib.Bundle {impl_37 as impl_ToInt_for_i128} + +include Hax_lib.Bundle {impl_38 as impl_38} + +include Hax_lib.Bundle {impl_39 as impl_ToInt_for_isize} + +include Hax_lib.Bundle {impl_40 as impl_40} + +include Hax_lib.Bundle {impl_41__to_u8 as impl_Int__to_u8} + +include Hax_lib.Bundle {impl_42 as impl_42} + +include Hax_lib.Bundle {impl_43__to_u16 as impl_Int__to_u16} + +include Hax_lib.Bundle {impl_44 as impl_44} + +include Hax_lib.Bundle {impl_45__to_u32 as impl_Int__to_u32} + +include Hax_lib.Bundle {impl_46 as impl_46} + +include Hax_lib.Bundle {impl_47__to_u64 as impl_Int__to_u64} + +include Hax_lib.Bundle {impl_48 as impl_48} + +include Hax_lib.Bundle {impl_49__to_u128 as impl_Int__to_u128} + +include Hax_lib.Bundle {impl_50 as impl_50} + +include Hax_lib.Bundle {impl_51__to_usize as impl_Int__to_usize} + +include Hax_lib.Bundle {impl_52 as impl_52} + +include Hax_lib.Bundle {impl_53__to_i8 as impl_Int__to_i8} + +include Hax_lib.Bundle {impl_54 as impl_54} + +include Hax_lib.Bundle {impl_55__to_i16 as impl_Int__to_i16} + +include Hax_lib.Bundle {impl_56 as impl_56} + +include Hax_lib.Bundle {impl_57__to_i32 as impl_Int__to_i32} + +include Hax_lib.Bundle {impl_58 as impl_58} + +include Hax_lib.Bundle {impl_59__to_i64 as impl_Int__to_i64} + +include Hax_lib.Bundle {impl_60 as impl_60} -unfold let impl_Int__to_u8 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n -unfold let impl_Int__to_u16 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n -unfold let impl_Int__to_u32 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n -unfold let impl_Int__to_u64 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n -unfold let impl_Int__to_u128 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n -unfold let impl_Int__to_usize (#t:inttype) (n:range_t t) : int_t t = mk_int #t n +include Hax_lib.Bundle {impl_61__to_i128 as impl_Int__to_i128} -unfold let impl_Int__to_i8 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n -unfold let impl_Int__to_i16 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n -unfold let impl_Int__to_i32 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n -unfold let impl_Int__to_i64 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n -unfold let impl_Int__to_i128 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n -unfold let impl_Int__to_isize (#t:inttype) (n:range_t t) : int_t t = mk_int #t n +include Hax_lib.Bundle {impl_62 as impl_62} -unfold let impl_Int__pow2 (n: nat) = pow2 n -unfold let impl_Int__rem_euclid = (%) +include Hax_lib.Bundle {impl_63__to_isize as impl_Int__to_isize} diff --git a/hax-lib/proofs/fstar/extraction/Hax_lib.Prop.fst b/hax-lib/proofs/fstar/extraction/Hax_lib.Prop.fst index 3ccc865fa..63eba54eb 100644 --- a/hax-lib/proofs/fstar/extraction/Hax_lib.Prop.fst +++ b/hax-lib/proofs/fstar/extraction/Hax_lib.Prop.fst @@ -1,3 +1,54 @@ module Hax_lib.Prop +#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" +open FStar.Mul +open Core_models -unfold type t_Prop = Type0 +include Hax_lib.Prop.Bundle {t_Prop as t_Prop} + +include Hax_lib.Prop.Bundle {Prop as Prop} + +include Hax_lib.Prop.Bundle {impl_7 as impl_7} + +include Hax_lib.Prop.Bundle {impl_8 as impl_8} + +include Hax_lib.Prop.Bundle {impl_9 as impl_9} + +include Hax_lib.Prop.Bundle {impl__from_bool as impl_Prop__from_bool} + +include Hax_lib.Prop.Bundle {impl__and as impl_Prop__and} + +include Hax_lib.Prop.Bundle {impl__or as impl_Prop__or} + +include Hax_lib.Prop.Bundle {impl__not as impl_Prop__not} + +include Hax_lib.Prop.Bundle {impl__eq as impl_Prop__eq} + +include Hax_lib.Prop.Bundle {impl__ne as impl_Prop__ne} + +include Hax_lib.Prop.Bundle {impl__implies as impl_Prop__implies} + +include Hax_lib.Prop.Bundle {impl_1 as impl_1} + +include Hax_lib.Prop.Bundle {t_ToProp as t_ToProp} + +include Hax_lib.Prop.Bundle {f_to_prop_pre as f_to_prop_pre} + +include Hax_lib.Prop.Bundle {f_to_prop_post as f_to_prop_post} + +include Hax_lib.Prop.Bundle {f_to_prop as f_to_prop} + +include Hax_lib.Prop.Bundle {impl_2 as impl_ToProp_for_bool} + +include Hax_lib.Prop.Bundle {impl_3 as impl_3} + +include Hax_lib.Prop.Bundle {impl_4 as impl_4} + +include Hax_lib.Prop.Bundle {impl_5 as impl_5} + +include Hax_lib.Prop.Bundle {impl_6 as impl_6} + +include Hax_lib.Prop.Bundle {v_forall as v_forall} + +include Hax_lib.Prop.Bundle {v_exists as v_exists} + +include Hax_lib.Prop.Bundle {implies as implies} diff --git a/hax-lib/proofs/fstar/extraction/Hax_lib.fst b/hax-lib/proofs/fstar/extraction/Hax_lib.fst index c1a7ef8e0..c06c4717f 100644 --- a/hax-lib/proofs/fstar/extraction/Hax_lib.fst +++ b/hax-lib/proofs/fstar/extraction/Hax_lib.fst @@ -1,12 +1,32 @@ module Hax_lib #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" -open FStar.Tactics +open FStar.Mul +open Core_models -val v_assert (p: bool) : Pure unit (requires p) (ensures (fun x -> p)) -let v_assert (v__formula: bool) = () +include Hax_lib.Bundle {v_assert as v_assert} -val assert_prop (p: Type0) : Pure unit (requires p) (ensures (fun x -> p)) -let assert_prop (v__formula: Type0) = () +include Hax_lib.Bundle {assert_prop as assert_prop} -val v_assume (p: Type0) : Pure unit (requires True) (ensures (fun x -> p)) -let v_assume (v__formula: Type0) = assume v__formula +include Hax_lib.Bundle {v_assume as v_assume} + +include Hax_lib.Bundle {v_inline as v_inline} + +include Hax_lib.Bundle {inline_unsafe as inline_unsafe} + +include Hax_lib.Bundle {any_to_unit as any_to_unit} + +include Hax_lib.Bundle {e_internal_loop_invariant as e_internal_loop_invariant} + +include Hax_lib.Bundle {e_internal_while_loop_invariant as e_internal_while_loop_invariant} + +include Hax_lib.Bundle {e_internal_loop_decreases as e_internal_loop_decreases} + +include Hax_lib.Bundle {t_Refinement as t_Refinement} + +include Hax_lib.Bundle {t_RefineAs as t_RefineAs} + +include Hax_lib.Bundle {f_into_checked_pre as f_into_checked_pre} + +include Hax_lib.Bundle {f_into_checked_post as f_into_checked_post} + +include Hax_lib.Bundle {f_into_checked as f_into_checked} From 64d25b800f8e71ab671a40e4d00ce17ddda5ae88 Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Tue, 14 Oct 2025 14:16:16 +0200 Subject: [PATCH 09/56] Update snapshots. --- ...oolchain__attribute-opaque into-fstar.snap | 6 +-- .../toolchain__interface-only into-fstar.snap | 2 +- .../toolchain__traits into-fstar.snap | 52 ++++++++++--------- 3 files changed, 31 insertions(+), 29 deletions(-) diff --git a/test-harness/src/snapshots/toolchain__attribute-opaque into-fstar.snap b/test-harness/src/snapshots/toolchain__attribute-opaque into-fstar.snap index 82fb6fa2f..eb683d208 100644 --- a/test-harness/src/snapshots/toolchain__attribute-opaque into-fstar.snap +++ b/test-harness/src/snapshots/toolchain__attribute-opaque into-fstar.snap @@ -121,7 +121,7 @@ val ff_pre_post (x y: bool) result =. y) class t_T (v_Self: Type0) = { - f_U:Type0; + [@@@ FStar.Tactics.Typeclasses.no_method]f_U:Type0; f_c:u8; f_d_pre:Prims.unit -> Type0; f_d_post:Prims.unit -> Prims.unit -> Type0; @@ -135,14 +135,14 @@ class t_T (v_Self: Type0) = { val impl_T_for_u8:t_T u8 class t_TrGeneric (v_Self: Type0) (v_U: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]_super_0:Core_models.Clone.t_Clone v_U; + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:Core_models.Clone.t_Clone v_U; f_f_pre:v_U -> Type0; f_f_post:v_U -> v_Self -> Type0; f_f:x0: v_U -> Prims.Pure v_Self (f_f_pre x0) (fun result -> f_f_post x0 result) } [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) (v_U:Type0) {|i: t_TrGeneric v_Self v_U|} -> i._super_0 +let _ = fun (v_Self:Type0) (v_U:Type0) {|i: t_TrGeneric v_Self v_U|} -> i._super_i0 [@@ FStar.Tactics.Typeclasses.tcinstance] val impl_2 (#v_U: Type0) {| i0: Core_models.Clone.t_Clone v_U |} : t_TrGeneric i32 v_U diff --git a/test-harness/src/snapshots/toolchain__interface-only into-fstar.snap b/test-harness/src/snapshots/toolchain__interface-only into-fstar.snap index 232cf84af..55e0a0da4 100644 --- a/test-harness/src/snapshots/toolchain__interface-only into-fstar.snap +++ b/test-harness/src/snapshots/toolchain__interface-only into-fstar.snap @@ -101,7 +101,7 @@ unfold let ff_generic (v_X: usize) (#v_U: Type0) = ff_generic' v_X #v_U class t_T (v_Self: Type0) = { - f_Assoc:Type0; + [@@@ FStar.Tactics.Typeclasses.no_method]f_Assoc:Type0; f_d_pre:Prims.unit -> Type0; f_d_post:Prims.unit -> Prims.unit -> Type0; f_d:x0: Prims.unit -> Prims.Pure Prims.unit (f_d_pre x0) (fun result -> f_d_post x0 result) diff --git a/test-harness/src/snapshots/toolchain__traits into-fstar.snap b/test-harness/src/snapshots/toolchain__traits into-fstar.snap index a19114d75..9b558fdbf 100644 --- a/test-harness/src/snapshots/toolchain__traits into-fstar.snap +++ b/test-harness/src/snapshots/toolchain__traits into-fstar.snap @@ -32,17 +32,19 @@ module Traits.Block_size open FStar.Mul open Core_models -class t_BlockSizeUser (v_Self: Type0) = { f_BlockSize:Type0 } +class t_BlockSizeUser (v_Self: Type0) = { + [@@@ FStar.Tactics.Typeclasses.no_method]f_BlockSize:Type0 +} class t_ParBlocksSizeUser (v_Self: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]_super_0:t_BlockSizeUser v_Self + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:t_BlockSizeUser v_Self } [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) {|i: t_ParBlocksSizeUser v_Self|} -> i._super_0 +let _ = fun (v_Self:Type0) {|i: t_ParBlocksSizeUser v_Self|} -> i._super_i0 class t_BlockBackend (v_Self: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]_super_0:t_ParBlocksSizeUser v_Self; + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:t_ParBlocksSizeUser v_Self; f_proc_block_pre:Alloc.Vec.t_Vec _ Alloc.Alloc.t_Global -> Type0; f_proc_block_post:Alloc.Vec.t_Vec _ Alloc.Alloc.t_Global -> Prims.unit -> Type0; f_proc_block:x0: Alloc.Vec.t_Vec _ Alloc.Alloc.t_Global @@ -50,7 +52,7 @@ class t_BlockBackend (v_Self: Type0) = { } [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) {|i: t_BlockBackend v_Self|} -> i._super_0 +let _ = fun (v_Self:Type0) {|i: t_BlockBackend v_Self|} -> i._super_i0 ''' "Traits.Default_traits_parameters.fst" = ''' module Traits.Default_traits_parameters @@ -61,12 +63,12 @@ open Core_models class t_Bar (v_Self: Type0) (v_T: Type0) = { __marker_trait_t_Bar:Prims.unit } class t_Foo (v_Self: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]_super_0:t_Bar v_Self f_U; - f_U:Type0 + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:t_Bar v_Self f_U; + [@@@ FStar.Tactics.Typeclasses.no_method]f_U:Type0 } [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) {|i: t_Foo v_Self|} -> i._super_0 +let _ = fun (v_Self:Type0) {|i: t_Foo v_Self|} -> i._super_i0 ''' "Traits.For_clauses.Issue_495_.Minimized_3_.fst" = ''' module Traits.For_clauses.Issue_495_.Minimized_3_ @@ -175,7 +177,7 @@ module Traits.Impl_expr_in_goal open FStar.Mul open Core_models -class t_T1 (v_Self: Type0) = { f_Assoc:Type0 } +class t_T1 (v_Self: Type0) = { [@@@ FStar.Tactics.Typeclasses.no_method]f_Assoc:Type0 } class t_T2 (v_Self: Type0) = { __marker_trait_t_T2:Prims.unit } @@ -436,13 +438,13 @@ let associated_function_caller () class t_SubTrait (v_Self: Type0) (v_TypeArg: Type0) (v_ConstArg: usize) = { - [@@@ FStar.Tactics.Typeclasses.no_method]_super_0:t_Trait v_Self v_TypeArg v_ConstArg; - f_AssocType:Type0; - f_AssocType_0:t_Trait f_AssocType v_TypeArg v_ConstArg + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:t_Trait v_Self v_TypeArg v_ConstArg; + [@@@ FStar.Tactics.Typeclasses.no_method]f_AssocType:Type0; + f_AssocType_i0:t_Trait f_AssocType v_TypeArg v_ConstArg } [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) (v_TypeArg:Type0) (v_ConstArg:usize) {|i: t_SubTrait v_Self v_TypeArg v_ConstArg|} -> i._super_0 +let _ = fun (v_Self:Type0) (v_TypeArg:Type0) (v_ConstArg:usize) {|i: t_SubTrait v_Self v_TypeArg v_ConstArg|} -> i._super_i0 ''' "Traits.Interlaced_consts_types.fst" = ''' module Traits.Interlaced_consts_types @@ -517,17 +519,17 @@ open FStar.Mul open Core_models class t_Trait1 (v_Self: Type0) = { - f_T:Type0; - f_T_0:t_Trait1 f_T + [@@@ FStar.Tactics.Typeclasses.no_method]f_T:Type0; + f_T_i0:t_Trait1 f_T } class t_Trait2 (v_Self: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]_super_0:t_Trait1 v_Self; - f_U:Type0 + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:t_Trait1 v_Self; + [@@@ FStar.Tactics.Typeclasses.no_method]f_U:Type0 } [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) {|i: t_Trait2 v_Self|} -> i._super_0 +let _ = fun (v_Self:Type0) {|i: t_Trait2 v_Self|} -> i._super_i0 ''' "Traits.Type_alias_bounds_issue_707_.fst" = ''' module Traits.Type_alias_bounds_issue_707_ @@ -637,7 +639,7 @@ open FStar.Mul open Core_models class t_SuperTrait (v_Self: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]_super_0:Core_models.Clone.t_Clone v_Self; + [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:Core_models.Clone.t_Clone v_Self; f_function_of_super_trait_pre:v_Self -> Type0; f_function_of_super_trait_post:v_Self -> u32 -> Type0; f_function_of_super_trait:x0: v_Self @@ -647,12 +649,12 @@ class t_SuperTrait (v_Self: Type0) = { } [@@ FStar.Tactics.Typeclasses.tcinstance] -let _ = fun (v_Self:Type0) {|i: t_SuperTrait v_Self|} -> i._super_0 +let _ = fun (v_Self:Type0) {|i: t_SuperTrait v_Self|} -> i._super_i0 [@@ FStar.Tactics.Typeclasses.tcinstance] let impl: t_SuperTrait i32 = { - _super_0 = FStar.Tactics.Typeclasses.solve; + _super_i0 = FStar.Tactics.Typeclasses.solve; f_function_of_super_trait_pre = (fun (self: i32) -> true); f_function_of_super_trait_post = (fun (self: i32) (out: u32) -> true); f_function_of_super_trait @@ -744,8 +746,8 @@ let uuse_iimpl_trait (_: Prims.unit) : Prims.unit = () class t_Foo (v_Self: Type0) = { - f_AssocType:Type0; - f_AssocType_0:t_SuperTrait f_AssocType; + [@@@ FStar.Tactics.Typeclasses.no_method]f_AssocType:Type0; + f_AssocType_i0:t_SuperTrait f_AssocType; f_N:usize; f_assoc_f_pre:Prims.unit -> Type0; f_assoc_f_post:Prims.unit -> Prims.unit -> Type0; @@ -765,7 +767,7 @@ class t_Foo (v_Self: Type0) = { } class t_Lang (v_Self: Type0) = { - f_Var:Type0; + [@@@ FStar.Tactics.Typeclasses.no_method]f_Var:Type0; f_s_pre:v_Self -> i32 -> Type0; f_s_post:v_Self -> i32 -> (v_Self & f_Var) -> Type0; f_s:x0: v_Self -> x1: i32 @@ -783,7 +785,7 @@ let g (#v_T: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_Foo v_T) (x let impl_Foo_for_tuple_: t_Foo Prims.unit = { f_AssocType = i32; - f_AssocType_0 = FStar.Tactics.Typeclasses.solve; + f_AssocType_i0 = FStar.Tactics.Typeclasses.solve; f_N = mk_usize 32; f_assoc_f_pre = (fun (_: Prims.unit) -> true); f_assoc_f_post = (fun (_: Prims.unit) (out: Prims.unit) -> true); From 32d3ed2569eed7aa7929502c865a510258fc937b Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Tue, 14 Oct 2025 14:52:58 +0200 Subject: [PATCH 10/56] Remove dependency from fstar rust_primitives to core_models. --- engine/backends/fstar/fstar_backend.ml | 2 +- examples/Cargo.lock | 8 +- hax-lib/core-models/hax.sh | 2 +- hax-lib/core-models/src/core/cmp.rs | 2 - hax-lib/core-models/src/core/convert.rs | 1 - hax-lib/core-models/src/core/fmt.rs | 4 - hax-lib/core-models/src/core/mem.rs | 1 - hax-lib/core-models/src/core/num/mod.rs | 2 - hax-lib/core-models/src/core/ops.rs | 3 - hax-lib/core-models/src/core/option.rs | 1 - .../fstar/core/Core_models.Borrow.fsti | 1 + .../fstar/core/Core_models.Clone.fst | 1 + .../proof-libs/fstar/core/Core_models.Cmp.fst | 3 +- .../fstar/core/Core_models.Convert.fst | 3 +- .../fstar/core/Core_models.Default.fsti | 1 + .../fstar/core/Core_models.Error.fsti | 1 + .../fstar/core/Core_models.Fmt.Rt.fst | 55 - .../fstar/core/Core_models.Fmt.Rt.fsti | 46 + ...re_models.Fmt.fst => Core_models.Fmt.fsti} | 23 +- .../fstar/core/Core_models.Hash.fsti | 1 + .../fstar/core/Core_models.Hint.fsti | 1 + .../fstar/core/Core_models.Marker.fst | 1 + ...fst => Core_models.Mem.Manually_drop.fsti} | 1 + .../proof-libs/fstar/core/Core_models.Mem.fst | 221 ---- .../fstar/core/Core_models.Mem.fsti | 101 ++ .../fstar/core/Core_models.Num.Error.fsti | 1 + .../proof-libs/fstar/core/Core_models.Num.fst | 1123 ----------------- .../fstar/core/Core_models.Num.fsti | 724 +++++++++++ .../fstar/core/Core_models.Ops.Arith.fst | 217 ---- .../fstar/core/Core_models.Ops.Arith.fsti | 88 ++ .../fstar/core/Core_models.Ops.Bit.fsti | 1 + .../core/Core_models.Ops.Control_flow.fst | 1 + ...tion.fst => Core_models.Ops.Function.fsti} | 9 +- .../fstar/core/Core_models.Ops.Index.fst | 3 +- .../fstar/core/Core_models.Ops.Try_trait.fst | 1 + .../fstar/core/Core_models.Option.fst | 3 +- .../core/Core_models.Panicking.Internal.fsti | 1 + .../fstar/core/Core_models.Panicking.fst | 1 + .../fstar/core/Core_models.Result.fst | 1 + .../Rust_primitives.Integers.fsti | 9 +- .../fstar/rust_primitives/Rust_primitives.fst | 22 - 41 files changed, 988 insertions(+), 1703 deletions(-) delete mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Fmt.Rt.fst create mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Fmt.Rt.fsti rename hax-lib/proof-libs/fstar/core/{Core_models.Fmt.fst => Core_models.Fmt.fsti} (62%) rename hax-lib/proof-libs/fstar/core/{Core_models.Mem.Manually_drop.fst => Core_models.Mem.Manually_drop.fsti} (87%) delete mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Mem.fst create mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Mem.fsti delete mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Num.fst create mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Num.fsti delete mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fst create mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fsti rename hax-lib/proof-libs/fstar/core/{Core_models.Ops.Function.fst => Core_models.Ops.Function.fsti} (83%) diff --git a/engine/backends/fstar/fstar_backend.ml b/engine/backends/fstar/fstar_backend.ml index 0a9d4477e..58a280fd2 100644 --- a/engine/backends/fstar/fstar_backend.ml +++ b/engine/backends/fstar/fstar_backend.ml @@ -1930,7 +1930,7 @@ let fstar_headers (bo : BackendOptions.t) (mod_name : string) = (if hax_core_models_extraction && String.is_prefix ~prefix:"Core_models" mod_name - then [] + then [ "open Rust_primitives" ] else [ "open Core_models" ]) |> String.concat ~sep:"\n" diff --git a/examples/Cargo.lock b/examples/Cargo.lock index e17260173..5dfcbc65a 100644 --- a/examples/Cargo.lock +++ b/examples/Cargo.lock @@ -252,7 +252,7 @@ checksum = "f93e7192158dbcda357bdec5fb5788eebf8bbac027f3f33e719d29135ae84156" [[package]] name = "hax-bounded-integers" -version = "0.3.2" +version = "0.3.4" dependencies = [ "duplicate", "hax-lib", @@ -261,7 +261,7 @@ dependencies = [ [[package]] name = "hax-lib" -version = "0.3.2" +version = "0.3.4" dependencies = [ "hax-lib-macros", "num-bigint", @@ -270,7 +270,7 @@ dependencies = [ [[package]] name = "hax-lib-macros" -version = "0.3.2" +version = "0.3.4" dependencies = [ "hax-lib-macros-types", "proc-macro-error2", @@ -281,7 +281,7 @@ dependencies = [ [[package]] name = "hax-lib-macros-types" -version = "0.3.2" +version = "0.3.4" dependencies = [ "proc-macro2", "quote", diff --git a/hax-lib/core-models/hax.sh b/hax-lib/core-models/hax.sh index 6f358affe..938a37fff 100755 --- a/hax-lib/core-models/hax.sh +++ b/hax-lib/core-models/hax.sh @@ -3,7 +3,7 @@ set -e function extract_and_copy() { go_to "./" - HAX_CORE_MODELS_EXTRACTION_MODE=on cargo hax into fstar --interfaces '+!**::num::error +!**::panicking::internal +!core_models::borrow +!core_models::default +!core_models::error +!core_models::hash +!core_models::hint +!core_models::ops::bit' + HAX_CORE_MODELS_EXTRACTION_MODE=on cargo hax into fstar --interfaces '+!**::num::error +!**::panicking::internal +!core_models::borrow +!core_models::default +!core_models::error +!core_models::hash +!core_models::hint +!core_models::ops::bit +!core_models::ops::arith +!core_models::ops::function +!core_models::fmt +!core_models::fmt::rt +!core_models::mem +!core_models::mem::* +!core_models::num' cp proofs/fstar/extraction/*.fst* ../proof-libs/fstar/core } diff --git a/hax-lib/core-models/src/core/cmp.rs b/hax-lib/core-models/src/core/cmp.rs index 9eec6cca0..cbc93194d 100644 --- a/hax-lib/core-models/src/core/cmp.rs +++ b/hax-lib/core-models/src/core/cmp.rs @@ -1,7 +1,5 @@ use crate::option::Option; -// TODO try to remove this -#[hax_lib::fstar::before("open Rust_primitives.Integers")] #[hax_lib::attributes] pub trait PartialEq where diff --git a/hax-lib/core-models/src/core/convert.rs b/hax-lib/core-models/src/core/convert.rs index 05fca05f4..5e67d2874 100644 --- a/hax-lib/core-models/src/core/convert.rs +++ b/hax-lib/core-models/src/core/convert.rs @@ -1,4 +1,3 @@ -#[hax_lib::fstar::before("open Rust_primitives.Integers")] use super::result::Result; #[hax_lib::attributes] diff --git a/hax-lib/core-models/src/core/fmt.rs b/hax-lib/core-models/src/core/fmt.rs index c0e84cd28..8b2cbb3e8 100644 --- a/hax-lib/core-models/src/core/fmt.rs +++ b/hax-lib/core-models/src/core/fmt.rs @@ -23,10 +23,6 @@ impl Debug for T { } mod rt { - #[hax_lib::fstar::before( - "open Rust_primitives.Arrays -open Rust_primitives.Integers" - )] #[hax_lib::opaque] // The internals of this are not important in this model enum ArgumentType<'a> { diff --git a/hax-lib/core-models/src/core/mem.rs b/hax-lib/core-models/src/core/mem.rs index 5200ecdd0..099785869 100644 --- a/hax-lib/core-models/src/core/mem.rs +++ b/hax-lib/core-models/src/core/mem.rs @@ -1,6 +1,5 @@ #![allow(unused_variables)] -#[hax_lib::fstar::before("open Rust_primitives.Integers")] #[hax_lib::opaque] pub fn forget(t: T) { panic!() diff --git a/hax-lib/core-models/src/core/num/mod.rs b/hax-lib/core-models/src/core/num/mod.rs index 703513d27..006a9bbe0 100644 --- a/hax-lib/core-models/src/core/num/mod.rs +++ b/hax-lib/core-models/src/core/num/mod.rs @@ -4,8 +4,6 @@ use pastey::paste; pub mod error; -#[hax_lib::fstar::before("open Rust_primitives.Integers")] -#[hax_lib::fstar::before("open Rust_primitives.Arrays")] use rust_primitives::arithmetic::*; macro_rules! uint_impl { diff --git a/hax-lib/core-models/src/core/ops.rs b/hax-lib/core-models/src/core/ops.rs index cbb05afed..41454b2a7 100644 --- a/hax-lib/core-models/src/core/ops.rs +++ b/hax-lib/core-models/src/core/ops.rs @@ -15,7 +15,6 @@ pub mod arith { type Output; fn div(self, rhs: Rhs) -> Self::Output; } - #[hax_lib::fstar::before("open Rust_primitives.Integers")] pub trait AddAssign { fn add_assign(&mut self, rhs: Rhs); } @@ -76,8 +75,6 @@ pub mod control_flow { } pub mod index { - // TODO remove - #[hax_lib::fstar::before("open Rust_primitives.Integers")] trait Index { type Output; fn index(&self, i: Idx) -> &Self::Output; diff --git a/hax-lib/core-models/src/core/option.rs b/hax-lib/core-models/src/core/option.rs index 1c8b7fc71..6c212987f 100644 --- a/hax-lib/core-models/src/core/option.rs +++ b/hax-lib/core-models/src/core/option.rs @@ -3,7 +3,6 @@ pub enum Option { None, } -#[hax_lib::fstar::before("open Rust_primitives.Integers")] use super::default::Default; use super::ops::function::*; use super::result::Result::*; diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Borrow.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Borrow.fsti index 2de84228f..878c2c69a 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Borrow.fsti +++ b/hax-lib/proof-libs/fstar/core/Core_models.Borrow.fsti @@ -1,6 +1,7 @@ module Core_models.Borrow #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives class t_Borrow (v_Self: Type0) (v_Borrowed: Type0) = { f_borrow_pre:v_Self -> Type0; diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Clone.fst b/hax-lib/proof-libs/fstar/core/Core_models.Clone.fst index 6e852fecb..7fc8ffedb 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Clone.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Clone.fst @@ -1,6 +1,7 @@ module Core_models.Clone #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives class t_Clone self = { f_clone_pre: self -> Type0; diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Cmp.fst b/hax-lib/proof-libs/fstar/core/Core_models.Cmp.fst index 87d0ee642..5cd360036 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Cmp.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Cmp.fst @@ -1,8 +1,7 @@ module Core_models.Cmp #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul - -open Rust_primitives.Integers +open Rust_primitives class t_PartialEq (v_Self: Type0) (v_Rhs: Type0) = { f_eq_pre:self_: v_Self -> other: v_Rhs -> pred: Type0{true ==> pred}; diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Convert.fst b/hax-lib/proof-libs/fstar/core/Core_models.Convert.fst index 9d36102b8..193cdd0c7 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Convert.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Convert.fst @@ -1,8 +1,7 @@ module Core_models.Convert #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul - -open Rust_primitives.Integers +open Rust_primitives class t_Into (v_Self: Type0) (v_T: Type0) = { f_into_pre:self_: v_Self -> pred: Type0{true ==> pred}; diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Default.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Default.fsti index 43f7cf718..2c7087635 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Default.fsti +++ b/hax-lib/proof-libs/fstar/core/Core_models.Default.fsti @@ -1,6 +1,7 @@ module Core_models.Default #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives class t_Default (v_Self: Type0) = { f_default_pre:x: Prims.unit diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Error.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Error.fsti index d228f2750..18a1ff7ca 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Error.fsti +++ b/hax-lib/proof-libs/fstar/core/Core_models.Error.fsti @@ -1,6 +1,7 @@ module Core_models.Error #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives class t_Error (v_Self: Type0) = { [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:Core_models.Fmt.t_Display v_Self; diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Fmt.Rt.fst b/hax-lib/proof-libs/fstar/core/Core_models.Fmt.Rt.fst deleted file mode 100644 index 671f0d579..000000000 --- a/hax-lib/proof-libs/fstar/core/Core_models.Fmt.Rt.fst +++ /dev/null @@ -1,55 +0,0 @@ -module Core_models.Fmt.Rt -#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" -open FStar.Mul - -open Rust_primitives.Arrays -open Rust_primitives.Integers - -assume -val t_ArgumentType': eqtype - -unfold -let t_ArgumentType = t_ArgumentType' - -type t_Argument = { f_ty:t_ArgumentType } - -let impl__new_display (#v_T: Type0) (x: v_T) : t_Argument = - Core_models.Panicking.Internal.panic #t_Argument () - -let impl__new_debug (#v_T: Type0) (x: v_T) : t_Argument = - Core_models.Panicking.Internal.panic #t_Argument () - -let impl_1__new_binary (#v_T: Type0) (x: v_T) : t_Argument = - Core_models.Panicking.Internal.panic #t_Argument () - -let impl_1__new_lower_hex (#v_T: Type0) (x: v_T) : t_Argument = - Core_models.Panicking.Internal.panic #t_Argument () - -let impl_1__new_const (#v_T #v_U: Type0) (x: v_T) (y: v_U) : Core_models.Fmt.t_Arguments = - Core_models.Panicking.Internal.panic #Core_models.Fmt.t_Arguments () - -let impl_1__new_v1 (#v_T #v_U #v_V #v_W: Type0) (x: v_T) (y: v_U) (z: v_V) (t: v_W) - : Core_models.Fmt.t_Arguments = - Core_models.Panicking.Internal.panic #Core_models.Fmt.t_Arguments () - -let impl_1__none (_: Prims.unit) : t_Array t_Argument (mk_usize 0) = - let list:Prims.list t_Argument = [] in - FStar.Pervasives.assert_norm (Prims.eq2 (List.Tot.length list) 0); - Rust_primitives.Hax.array_of_list 0 list - -let impl_4__new_v1_formatted (#v_T: Type0) (x: v_T) : t_Argument = - Core_models.Panicking.Internal.panic #t_Argument () - -type t_Count = - | Count_Is : u16 -> t_Count - | Count_Param : u16 -> t_Count - | Count_Implied : t_Count - -type t_Placeholder = { - f_position:usize; - f_flags:u32; - f_precision:t_Count; - f_width:t_Count -} - -type t_UnsafeArg = | UnsafeArg : t_UnsafeArg diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Fmt.Rt.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Fmt.Rt.fsti new file mode 100644 index 000000000..4dce8cbe7 --- /dev/null +++ b/hax-lib/proof-libs/fstar/core/Core_models.Fmt.Rt.fsti @@ -0,0 +1,46 @@ +module Core_models.Fmt.Rt +#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" +open FStar.Mul +open Rust_primitives + +val t_ArgumentType:eqtype + +type t_Argument = { f_ty:t_ArgumentType } + +val impl__new_display (#v_T: Type0) (x: v_T) + : Prims.Pure t_Argument Prims.l_True (fun _ -> Prims.l_True) + +val impl__new_debug (#v_T: Type0) (x: v_T) + : Prims.Pure t_Argument Prims.l_True (fun _ -> Prims.l_True) + +val impl_1__new_binary (#v_T: Type0) (x: v_T) + : Prims.Pure t_Argument Prims.l_True (fun _ -> Prims.l_True) + +val impl_1__new_lower_hex (#v_T: Type0) (x: v_T) + : Prims.Pure t_Argument Prims.l_True (fun _ -> Prims.l_True) + +val impl_1__new_const (#v_T #v_U: Type0) (x: v_T) (y: v_U) + : Prims.Pure Core_models.Fmt.t_Arguments Prims.l_True (fun _ -> Prims.l_True) + +val impl_1__new_v1 (#v_T #v_U #v_V #v_W: Type0) (x: v_T) (y: v_U) (z: v_V) (t: v_W) + : Prims.Pure Core_models.Fmt.t_Arguments Prims.l_True (fun _ -> Prims.l_True) + +val impl_1__none: Prims.unit + -> Prims.Pure (t_Array t_Argument (mk_usize 0)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_4__new_v1_formatted (#v_T: Type0) (x: v_T) + : Prims.Pure t_Argument Prims.l_True (fun _ -> Prims.l_True) + +type t_Count = + | Count_Is : u16 -> t_Count + | Count_Param : u16 -> t_Count + | Count_Implied : t_Count + +type t_Placeholder = { + f_position:usize; + f_flags:u32; + f_precision:t_Count; + f_width:t_Count +} + +type t_UnsafeArg = | UnsafeArg : t_UnsafeArg diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Fmt.fst b/hax-lib/proof-libs/fstar/core/Core_models.Fmt.fsti similarity index 62% rename from hax-lib/proof-libs/fstar/core/Core_models.Fmt.fst rename to hax-lib/proof-libs/fstar/core/Core_models.Fmt.fsti index fc3ac2ce9..2a2e43e91 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Fmt.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Fmt.fsti @@ -1,6 +1,7 @@ module Core_models.Fmt #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives type t_Error = | Error : t_Error @@ -32,24 +33,4 @@ class t_Debug (v_Self: Type0) = { type t_Arguments = | Arguments : t_Arguments [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl (#v_T: Type0) : t_Debug v_T = - { - f_dbg_fmt_pre = (fun (self: v_T) (f: t_Formatter) -> true); - f_dbg_fmt_post - = - (fun - (self: v_T) - (f: t_Formatter) - (out: (t_Formatter & Core_models.Result.t_Result Prims.unit t_Error)) - -> - true); - f_dbg_fmt - = - fun (self: v_T) (f: t_Formatter) -> - let hax_temp_output:Core_models.Result.t_Result Prims.unit t_Error = - Core_models.Result.Result_Ok (() <: Prims.unit) - <: - Core_models.Result.t_Result Prims.unit t_Error - in - f, hax_temp_output <: (t_Formatter & Core_models.Result.t_Result Prims.unit t_Error) - } +val impl (#v_T: Type0) : t_Debug v_T diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Hash.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Hash.fsti index 8b37535d0..a8ec49f9d 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Hash.fsti +++ b/hax-lib/proof-libs/fstar/core/Core_models.Hash.fsti @@ -1,6 +1,7 @@ module Core_models.Hash #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives class t_Hasher (v_Self: Type0) = { __marker_trait_t_Hasher:Prims.unit } diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Hint.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Hint.fsti index d0ae7b57f..7879f5fb7 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Hint.fsti +++ b/hax-lib/proof-libs/fstar/core/Core_models.Hint.fsti @@ -1,6 +1,7 @@ module Core_models.Hint #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives val black_box (#v_T: Type0) (dummy: v_T) : Prims.Pure v_T diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Marker.fst b/hax-lib/proof-libs/fstar/core/Core_models.Marker.fst index 5caa150ba..3781b8b73 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Marker.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Marker.fst @@ -1,6 +1,7 @@ module Core_models.Marker #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives class t_Copy (v_Self: Type0) = { [@@@ FStar.Tactics.Typeclasses.no_method]_super_i0:Core_models.Clone.t_Clone v_Self diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Mem.Manually_drop.fst b/hax-lib/proof-libs/fstar/core/Core_models.Mem.Manually_drop.fsti similarity index 87% rename from hax-lib/proof-libs/fstar/core/Core_models.Mem.Manually_drop.fst rename to hax-lib/proof-libs/fstar/core/Core_models.Mem.Manually_drop.fsti index 990e1de15..a49914b38 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Mem.Manually_drop.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Mem.Manually_drop.fsti @@ -1,5 +1,6 @@ module Core_models.Mem.Manually_drop #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives type t_ManuallyDrop (v_T: Type0) = { f_value:v_T } diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Mem.fst b/hax-lib/proof-libs/fstar/core/Core_models.Mem.fst deleted file mode 100644 index 9b26df7e5..000000000 --- a/hax-lib/proof-libs/fstar/core/Core_models.Mem.fst +++ /dev/null @@ -1,221 +0,0 @@ -module Core_models.Mem -#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" -open FStar.Mul - -assume -val forget__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let forget__panic_cold_explicit = forget__panic_cold_explicit' - -open Rust_primitives.Integers - -assume -val forget': #v_T: Type0 -> t: v_T -> Prims.unit - -unfold -let forget (#v_T: Type0) = forget' #v_T - -assume -val forget_unsized': #v_T: Type0 -> t: v_T -> Prims.unit - -unfold -let forget_unsized (#v_T: Type0) = forget_unsized' #v_T - -assume -val forget_unsized__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let forget_unsized__panic_cold_explicit = forget_unsized__panic_cold_explicit' - -assume -val size_of': #v_T: Type0 -> Prims.unit -> usize - -unfold -let size_of (#v_T: Type0) = size_of' #v_T - -assume -val size_of__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let size_of__panic_cold_explicit = size_of__panic_cold_explicit' - -assume -val size_of_val': #v_T: Type0 -> v_val: v_T -> usize - -unfold -let size_of_val (#v_T: Type0) = size_of_val' #v_T - -assume -val size_of_val__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let size_of_val__panic_cold_explicit = size_of_val__panic_cold_explicit' - -assume -val min_align_of': #v_T: Type0 -> Prims.unit -> usize - -unfold -let min_align_of (#v_T: Type0) = min_align_of' #v_T - -assume -val min_align_of__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let min_align_of__panic_cold_explicit = min_align_of__panic_cold_explicit' - -assume -val min_align_of_val': #v_T: Type0 -> v_val: v_T -> usize - -unfold -let min_align_of_val (#v_T: Type0) = min_align_of_val' #v_T - -assume -val min_align_of_val__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let min_align_of_val__panic_cold_explicit = min_align_of_val__panic_cold_explicit' - -assume -val align_of': #v_T: Type0 -> Prims.unit -> usize - -unfold -let align_of (#v_T: Type0) = align_of' #v_T - -assume -val align_of__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let align_of__panic_cold_explicit = align_of__panic_cold_explicit' - -assume -val align_of_val': #v_T: Type0 -> v_val: v_T -> usize - -unfold -let align_of_val (#v_T: Type0) = align_of_val' #v_T - -assume -val align_of_val__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let align_of_val__panic_cold_explicit = align_of_val__panic_cold_explicit' - -assume -val align_of_val_raw': #v_T: Type0 -> v_val: v_T -> usize - -unfold -let align_of_val_raw (#v_T: Type0) = align_of_val_raw' #v_T - -assume -val align_of_val_raw__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let align_of_val_raw__panic_cold_explicit = align_of_val_raw__panic_cold_explicit' - -assume -val needs_drop': #v_T: Type0 -> Prims.unit -> bool - -unfold -let needs_drop (#v_T: Type0) = needs_drop' #v_T - -assume -val needs_drop__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let needs_drop__panic_cold_explicit = needs_drop__panic_cold_explicit' - -assume -val uninitialized': #v_T: Type0 -> Prims.unit -> v_T - -unfold -let uninitialized (#v_T: Type0) = uninitialized' #v_T - -assume -val uninitialized__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let uninitialized__panic_cold_explicit = uninitialized__panic_cold_explicit' - -assume -val swap': #v_T: Type0 -> x: v_T -> y: v_T -> (v_T & v_T) - -unfold -let swap (#v_T: Type0) = swap' #v_T - -assume -val swap__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let swap__panic_cold_explicit = swap__panic_cold_explicit' - -assume -val replace': #v_T: Type0 -> dest: v_T -> src: v_T -> (v_T & v_T) - -unfold -let replace (#v_T: Type0) = replace' #v_T - -assume -val replace__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let replace__panic_cold_explicit = replace__panic_cold_explicit' - -assume -val drop': #v_T: Type0 -> e_x: v_T -> Prims.unit - -unfold -let drop (#v_T: Type0) = drop' #v_T - -let copy - (#v_T: Type0) - (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: Core_models.Marker.t_Copy v_T) - (x: v_T) - : v_T = x - -assume -val transmute_copy': #v_Src: Type0 -> #v_Dst: Type0 -> src: v_Src -> v_Dst - -unfold -let transmute_copy (#v_Src #v_Dst: Type0) = transmute_copy' #v_Src #v_Dst - -assume -val transmute_copy__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let transmute_copy__panic_cold_explicit = transmute_copy__panic_cold_explicit' - -assume -val variant_count': #v_T: Type0 -> Prims.unit -> usize - -unfold -let variant_count (#v_T: Type0) = variant_count' #v_T - -assume -val variant_count__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let variant_count__panic_cold_explicit = variant_count__panic_cold_explicit' - -assume -val zeroed': #v_T: Type0 -> Prims.unit -> v_T - -unfold -let zeroed (#v_T: Type0) = zeroed' #v_T - -assume -val zeroed__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let zeroed__panic_cold_explicit = zeroed__panic_cold_explicit' - -assume -val transmute': #v_Src: Type0 -> #v_Dst: Type0 -> src: v_Src -> v_Dst - -unfold -let transmute (#v_Src #v_Dst: Type0) = transmute' #v_Src #v_Dst - -assume -val transmute__panic_cold_explicit': Prims.unit -> Rust_primitives.Hax.t_Never - -unfold -let transmute__panic_cold_explicit = transmute__panic_cold_explicit' diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Mem.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Mem.fsti new file mode 100644 index 000000000..38cea66bf --- /dev/null +++ b/hax-lib/proof-libs/fstar/core/Core_models.Mem.fsti @@ -0,0 +1,101 @@ +module Core_models.Mem +#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" +open FStar.Mul +open Rust_primitives + +val forget (#v_T: Type0) (t: v_T) : Prims.Pure Prims.unit Prims.l_True (fun _ -> Prims.l_True) + +val forget__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val forget_unsized (#v_T: Type0) (t: v_T) + : Prims.Pure Prims.unit Prims.l_True (fun _ -> Prims.l_True) + +val forget_unsized__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val size_of: #v_T: Type0 -> Prims.unit -> Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val size_of__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val size_of_val (#v_T: Type0) (v_val: v_T) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val size_of_val__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val min_align_of: #v_T: Type0 -> Prims.unit -> Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val min_align_of__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val min_align_of_val (#v_T: Type0) (v_val: v_T) + : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val min_align_of_val__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val align_of: #v_T: Type0 -> Prims.unit -> Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val align_of__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val align_of_val (#v_T: Type0) (v_val: v_T) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val align_of_val__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val align_of_val_raw (#v_T: Type0) (v_val: v_T) + : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val align_of_val_raw__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val needs_drop: #v_T: Type0 -> Prims.unit -> Prims.Pure bool Prims.l_True (fun _ -> Prims.l_True) + +val needs_drop__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val uninitialized: #v_T: Type0 -> Prims.unit -> Prims.Pure v_T Prims.l_True (fun _ -> Prims.l_True) + +val uninitialized__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val swap (#v_T: Type0) (x y: v_T) : Prims.Pure (v_T & v_T) Prims.l_True (fun _ -> Prims.l_True) + +val swap__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val replace (#v_T: Type0) (dest src: v_T) + : Prims.Pure (v_T & v_T) Prims.l_True (fun _ -> Prims.l_True) + +val replace__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val drop (#v_T: Type0) (e_x: v_T) : Prims.Pure Prims.unit Prims.l_True (fun _ -> Prims.l_True) + +val copy (#v_T: Type0) {| i0: Core_models.Marker.t_Copy v_T |} (x: v_T) + : Prims.Pure v_T Prims.l_True (fun _ -> Prims.l_True) + +val transmute_copy (#v_Src #v_Dst: Type0) (src: v_Src) + : Prims.Pure v_Dst Prims.l_True (fun _ -> Prims.l_True) + +val transmute_copy__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val variant_count: #v_T: Type0 -> Prims.unit + -> Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val variant_count__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val zeroed: #v_T: Type0 -> Prims.unit -> Prims.Pure v_T Prims.l_True (fun _ -> Prims.l_True) + +val zeroed__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) + +val transmute (#v_Src #v_Dst: Type0) (src: v_Src) + : Prims.Pure v_Dst Prims.l_True (fun _ -> Prims.l_True) + +val transmute__panic_cold_explicit: Prims.unit + -> Prims.Pure Rust_primitives.Hax.t_Never Prims.l_True (fun _ -> Prims.l_True) diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Num.Error.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Num.Error.fsti index 92555615c..a16758b01 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Num.Error.fsti +++ b/hax-lib/proof-libs/fstar/core/Core_models.Num.Error.fsti @@ -1,6 +1,7 @@ module Core_models.Num.Error #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives type t_TryFromIntError = | TryFromIntError : Prims.unit -> t_TryFromIntError diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Num.fst b/hax-lib/proof-libs/fstar/core/Core_models.Num.fst deleted file mode 100644 index 395c6c496..000000000 --- a/hax-lib/proof-libs/fstar/core/Core_models.Num.fst +++ /dev/null @@ -1,1123 +0,0 @@ -module Core_models.Num -#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" -open FStar.Mul - -open Rust_primitives.Integers - -open Rust_primitives.Arrays - -let impl_u8__MIN: u8 = mk_u8 0 - -let impl_u8__MAX: u8 = mk_u8 255 - -let impl_u8__BITS: u32 = mk_u32 8 - -let impl_u8__wrapping_add (x y: u8) : u8 = Rust_primitives.Arithmetic.wrapping_add_u8 x y - -let impl_u8__saturating_add (x y: u8) : u8 = Rust_primitives.Arithmetic.saturating_add_u8 x y - -let impl_u8__overflowing_add (x y: u8) : (u8 & bool) = - Rust_primitives.Arithmetic.overflowing_add_u8 x y - -let impl_u8__wrapping_sub (x y: u8) : u8 = Rust_primitives.Arithmetic.wrapping_sub_u8 x y - -let impl_u8__saturating_sub (x y: u8) : u8 = Rust_primitives.Arithmetic.saturating_sub_u8 x y - -let impl_u8__overflowing_sub (x y: u8) : (u8 & bool) = - Rust_primitives.Arithmetic.overflowing_sub_u8 x y - -let impl_u8__wrapping_mul (x y: u8) : u8 = Rust_primitives.Arithmetic.wrapping_mul_u8 x y - -let impl_u8__saturating_mul (x y: u8) : u8 = Rust_primitives.Arithmetic.saturating_mul_u8 x y - -let impl_u8__overflowing_mul (x y: u8) : (u8 & bool) = - Rust_primitives.Arithmetic.overflowing_mul_u8 x y - -let impl_u8__pow (x: u8) (exp: u32) : u8 = Rust_primitives.Arithmetic.pow_u8 x exp - -let impl_u8__count_ones (x: u8) : u32 = Rust_primitives.Arithmetic.count_ones_u8 x - -assume -val impl_u8__rotate_right': x: u8 -> n: u32 -> u8 - -unfold -let impl_u8__rotate_right = impl_u8__rotate_right' - -assume -val impl_u8__rotate_left': x: u8 -> n: u32 -> u8 - -unfold -let impl_u8__rotate_left = impl_u8__rotate_left' - -assume -val impl_u8__leading_zeros': x: u8 -> u32 - -unfold -let impl_u8__leading_zeros = impl_u8__leading_zeros' - -assume -val impl_u8__ilog2': x: u8 -> u32 - -unfold -let impl_u8__ilog2 = impl_u8__ilog2' - -assume -val impl_u8__from_str_radix': src: string -> radix: u32 - -> Core_models.Result.t_Result u8 Core_models.Num.Error.t_ParseIntError - -unfold -let impl_u8__from_str_radix = impl_u8__from_str_radix' - -assume -val impl_u8__from_be_bytes': bytes: t_Array u8 (mk_usize 1) -> u8 - -unfold -let impl_u8__from_be_bytes = impl_u8__from_be_bytes' - -assume -val impl_u8__from_le_bytes': bytes: t_Array u8 (mk_usize 1) -> u8 - -unfold -let impl_u8__from_le_bytes = impl_u8__from_le_bytes' - -assume -val impl_u8__to_be_bytes': bytes: u8 -> t_Array u8 (mk_usize 1) - -unfold -let impl_u8__to_be_bytes = impl_u8__to_be_bytes' - -assume -val impl_u8__to_le_bytes': bytes: u8 -> t_Array u8 (mk_usize 1) - -unfold -let impl_u8__to_le_bytes = impl_u8__to_le_bytes' - -let impl_u8__rem_euclid (x y: u8) : Prims.Pure u8 (requires y <>. mk_u8 0) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.rem_euclid_u8 x y - -let impl_u16__MIN: u16 = mk_u16 0 - -let impl_u16__MAX: u16 = mk_u16 65535 - -let impl_u16__BITS: u32 = mk_u32 16 - -let impl_u16__wrapping_add (x y: u16) : u16 = Rust_primitives.Arithmetic.wrapping_add_u16 x y - -let impl_u16__saturating_add (x y: u16) : u16 = Rust_primitives.Arithmetic.saturating_add_u16 x y - -let impl_u16__overflowing_add (x y: u16) : (u16 & bool) = - Rust_primitives.Arithmetic.overflowing_add_u16 x y - -let impl_u16__wrapping_sub (x y: u16) : u16 = Rust_primitives.Arithmetic.wrapping_sub_u16 x y - -let impl_u16__saturating_sub (x y: u16) : u16 = Rust_primitives.Arithmetic.saturating_sub_u16 x y - -let impl_u16__overflowing_sub (x y: u16) : (u16 & bool) = - Rust_primitives.Arithmetic.overflowing_sub_u16 x y - -let impl_u16__wrapping_mul (x y: u16) : u16 = Rust_primitives.Arithmetic.wrapping_mul_u16 x y - -let impl_u16__saturating_mul (x y: u16) : u16 = Rust_primitives.Arithmetic.saturating_mul_u16 x y - -let impl_u16__overflowing_mul (x y: u16) : (u16 & bool) = - Rust_primitives.Arithmetic.overflowing_mul_u16 x y - -let impl_u16__pow (x: u16) (exp: u32) : u16 = Rust_primitives.Arithmetic.pow_u16 x exp - -let impl_u16__count_ones (x: u16) : u32 = Rust_primitives.Arithmetic.count_ones_u16 x - -assume -val impl_u16__rotate_right': x: u16 -> n: u32 -> u16 - -unfold -let impl_u16__rotate_right = impl_u16__rotate_right' - -assume -val impl_u16__rotate_left': x: u16 -> n: u32 -> u16 - -unfold -let impl_u16__rotate_left = impl_u16__rotate_left' - -assume -val impl_u16__leading_zeros': x: u16 -> u32 - -unfold -let impl_u16__leading_zeros = impl_u16__leading_zeros' - -assume -val impl_u16__ilog2': x: u16 -> u32 - -unfold -let impl_u16__ilog2 = impl_u16__ilog2' - -assume -val impl_u16__from_str_radix': src: string -> radix: u32 - -> Core_models.Result.t_Result u16 Core_models.Num.Error.t_ParseIntError - -unfold -let impl_u16__from_str_radix = impl_u16__from_str_radix' - -assume -val impl_u16__from_be_bytes': bytes: t_Array u16 (mk_usize 2) -> u16 - -unfold -let impl_u16__from_be_bytes = impl_u16__from_be_bytes' - -assume -val impl_u16__from_le_bytes': bytes: t_Array u16 (mk_usize 2) -> u16 - -unfold -let impl_u16__from_le_bytes = impl_u16__from_le_bytes' - -assume -val impl_u16__to_be_bytes': bytes: u16 -> t_Array u16 (mk_usize 2) - -unfold -let impl_u16__to_be_bytes = impl_u16__to_be_bytes' - -assume -val impl_u16__to_le_bytes': bytes: u16 -> t_Array u16 (mk_usize 2) - -unfold -let impl_u16__to_le_bytes = impl_u16__to_le_bytes' - -let impl_u16__rem_euclid (x y: u16) - : Prims.Pure u16 (requires y <>. mk_u16 0) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.rem_euclid_u16 x y - -let impl_u32__MIN: u32 = mk_u32 0 - -let impl_u32__MAX: u32 = mk_u32 4294967295 - -let impl_u32__BITS: u32 = mk_u32 32 - -let impl_u32__wrapping_add (x y: u32) : u32 = Rust_primitives.Arithmetic.wrapping_add_u32 x y - -let impl_u32__saturating_add (x y: u32) : u32 = Rust_primitives.Arithmetic.saturating_add_u32 x y - -let impl_u32__overflowing_add (x y: u32) : (u32 & bool) = - Rust_primitives.Arithmetic.overflowing_add_u32 x y - -let impl_u32__wrapping_sub (x y: u32) : u32 = Rust_primitives.Arithmetic.wrapping_sub_u32 x y - -let impl_u32__saturating_sub (x y: u32) : u32 = Rust_primitives.Arithmetic.saturating_sub_u32 x y - -let impl_u32__overflowing_sub (x y: u32) : (u32 & bool) = - Rust_primitives.Arithmetic.overflowing_sub_u32 x y - -let impl_u32__wrapping_mul (x y: u32) : u32 = Rust_primitives.Arithmetic.wrapping_mul_u32 x y - -let impl_u32__saturating_mul (x y: u32) : u32 = Rust_primitives.Arithmetic.saturating_mul_u32 x y - -let impl_u32__overflowing_mul (x y: u32) : (u32 & bool) = - Rust_primitives.Arithmetic.overflowing_mul_u32 x y - -let impl_u32__pow (x exp: u32) : u32 = Rust_primitives.Arithmetic.pow_u32 x exp - -let impl_u32__count_ones (x: u32) : u32 = Rust_primitives.Arithmetic.count_ones_u32 x - -assume -val impl_u32__rotate_right': x: u32 -> n: u32 -> u32 - -unfold -let impl_u32__rotate_right = impl_u32__rotate_right' - -assume -val impl_u32__rotate_left': x: u32 -> n: u32 -> u32 - -unfold -let impl_u32__rotate_left = impl_u32__rotate_left' - -assume -val impl_u32__leading_zeros': x: u32 -> u32 - -unfold -let impl_u32__leading_zeros = impl_u32__leading_zeros' - -assume -val impl_u32__ilog2': x: u32 -> u32 - -unfold -let impl_u32__ilog2 = impl_u32__ilog2' - -assume -val impl_u32__from_str_radix': src: string -> radix: u32 - -> Core_models.Result.t_Result u32 Core_models.Num.Error.t_ParseIntError - -unfold -let impl_u32__from_str_radix = impl_u32__from_str_radix' - -assume -val impl_u32__from_be_bytes': bytes: t_Array u32 (mk_usize 4) -> u32 - -unfold -let impl_u32__from_be_bytes = impl_u32__from_be_bytes' - -assume -val impl_u32__from_le_bytes': bytes: t_Array u32 (mk_usize 4) -> u32 - -unfold -let impl_u32__from_le_bytes = impl_u32__from_le_bytes' - -assume -val impl_u32__to_be_bytes': bytes: u32 -> t_Array u32 (mk_usize 4) - -unfold -let impl_u32__to_be_bytes = impl_u32__to_be_bytes' - -assume -val impl_u32__to_le_bytes': bytes: u32 -> t_Array u32 (mk_usize 4) - -unfold -let impl_u32__to_le_bytes = impl_u32__to_le_bytes' - -let impl_u32__rem_euclid (x y: u32) - : Prims.Pure u32 (requires y <>. mk_u32 0) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.rem_euclid_u32 x y - -let impl_u64__MIN: u64 = mk_u64 0 - -let impl_u64__MAX: u64 = mk_u64 18446744073709551615 - -let impl_u64__BITS: u32 = mk_u32 64 - -let impl_u64__wrapping_add (x y: u64) : u64 = Rust_primitives.Arithmetic.wrapping_add_u64 x y - -let impl_u64__saturating_add (x y: u64) : u64 = Rust_primitives.Arithmetic.saturating_add_u64 x y - -let impl_u64__overflowing_add (x y: u64) : (u64 & bool) = - Rust_primitives.Arithmetic.overflowing_add_u64 x y - -let impl_u64__wrapping_sub (x y: u64) : u64 = Rust_primitives.Arithmetic.wrapping_sub_u64 x y - -let impl_u64__saturating_sub (x y: u64) : u64 = Rust_primitives.Arithmetic.saturating_sub_u64 x y - -let impl_u64__overflowing_sub (x y: u64) : (u64 & bool) = - Rust_primitives.Arithmetic.overflowing_sub_u64 x y - -let impl_u64__wrapping_mul (x y: u64) : u64 = Rust_primitives.Arithmetic.wrapping_mul_u64 x y - -let impl_u64__saturating_mul (x y: u64) : u64 = Rust_primitives.Arithmetic.saturating_mul_u64 x y - -let impl_u64__overflowing_mul (x y: u64) : (u64 & bool) = - Rust_primitives.Arithmetic.overflowing_mul_u64 x y - -let impl_u64__pow (x: u64) (exp: u32) : u64 = Rust_primitives.Arithmetic.pow_u64 x exp - -let impl_u64__count_ones (x: u64) : u32 = Rust_primitives.Arithmetic.count_ones_u64 x - -assume -val impl_u64__rotate_right': x: u64 -> n: u32 -> u64 - -unfold -let impl_u64__rotate_right = impl_u64__rotate_right' - -assume -val impl_u64__rotate_left': x: u64 -> n: u32 -> u64 - -unfold -let impl_u64__rotate_left = impl_u64__rotate_left' - -assume -val impl_u64__leading_zeros': x: u64 -> u32 - -unfold -let impl_u64__leading_zeros = impl_u64__leading_zeros' - -assume -val impl_u64__ilog2': x: u64 -> u32 - -unfold -let impl_u64__ilog2 = impl_u64__ilog2' - -assume -val impl_u64__from_str_radix': src: string -> radix: u32 - -> Core_models.Result.t_Result u64 Core_models.Num.Error.t_ParseIntError - -unfold -let impl_u64__from_str_radix = impl_u64__from_str_radix' - -assume -val impl_u64__from_be_bytes': bytes: t_Array u64 (mk_usize 8) -> u64 - -unfold -let impl_u64__from_be_bytes = impl_u64__from_be_bytes' - -assume -val impl_u64__from_le_bytes': bytes: t_Array u64 (mk_usize 8) -> u64 - -unfold -let impl_u64__from_le_bytes = impl_u64__from_le_bytes' - -assume -val impl_u64__to_be_bytes': bytes: u64 -> t_Array u64 (mk_usize 8) - -unfold -let impl_u64__to_be_bytes = impl_u64__to_be_bytes' - -assume -val impl_u64__to_le_bytes': bytes: u64 -> t_Array u64 (mk_usize 8) - -unfold -let impl_u64__to_le_bytes = impl_u64__to_le_bytes' - -let impl_u64__rem_euclid (x y: u64) - : Prims.Pure u64 (requires y <>. mk_u64 0) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.rem_euclid_u64 x y - -let impl_u128__MIN: u128 = mk_u128 0 - -let impl_u128__MAX: u128 = mk_u128 340282366920938463463374607431768211455 - -let impl_u128__BITS: u32 = mk_u32 128 - -let impl_u128__wrapping_add (x y: u128) : u128 = Rust_primitives.Arithmetic.wrapping_add_u128 x y - -let impl_u128__saturating_add (x y: u128) : u128 = - Rust_primitives.Arithmetic.saturating_add_u128 x y - -let impl_u128__overflowing_add (x y: u128) : (u128 & bool) = - Rust_primitives.Arithmetic.overflowing_add_u128 x y - -let impl_u128__wrapping_sub (x y: u128) : u128 = Rust_primitives.Arithmetic.wrapping_sub_u128 x y - -let impl_u128__saturating_sub (x y: u128) : u128 = - Rust_primitives.Arithmetic.saturating_sub_u128 x y - -let impl_u128__overflowing_sub (x y: u128) : (u128 & bool) = - Rust_primitives.Arithmetic.overflowing_sub_u128 x y - -let impl_u128__wrapping_mul (x y: u128) : u128 = Rust_primitives.Arithmetic.wrapping_mul_u128 x y - -let impl_u128__saturating_mul (x y: u128) : u128 = - Rust_primitives.Arithmetic.saturating_mul_u128 x y - -let impl_u128__overflowing_mul (x y: u128) : (u128 & bool) = - Rust_primitives.Arithmetic.overflowing_mul_u128 x y - -let impl_u128__pow (x: u128) (exp: u32) : u128 = Rust_primitives.Arithmetic.pow_u128 x exp - -let impl_u128__count_ones (x: u128) : u32 = Rust_primitives.Arithmetic.count_ones_u128 x - -assume -val impl_u128__rotate_right': x: u128 -> n: u32 -> u128 - -unfold -let impl_u128__rotate_right = impl_u128__rotate_right' - -assume -val impl_u128__rotate_left': x: u128 -> n: u32 -> u128 - -unfold -let impl_u128__rotate_left = impl_u128__rotate_left' - -assume -val impl_u128__leading_zeros': x: u128 -> u32 - -unfold -let impl_u128__leading_zeros = impl_u128__leading_zeros' - -assume -val impl_u128__ilog2': x: u128 -> u32 - -unfold -let impl_u128__ilog2 = impl_u128__ilog2' - -assume -val impl_u128__from_str_radix': src: string -> radix: u32 - -> Core_models.Result.t_Result u128 Core_models.Num.Error.t_ParseIntError - -unfold -let impl_u128__from_str_radix = impl_u128__from_str_radix' - -assume -val impl_u128__from_be_bytes': bytes: t_Array u128 (mk_usize 16) -> u128 - -unfold -let impl_u128__from_be_bytes = impl_u128__from_be_bytes' - -assume -val impl_u128__from_le_bytes': bytes: t_Array u128 (mk_usize 16) -> u128 - -unfold -let impl_u128__from_le_bytes = impl_u128__from_le_bytes' - -assume -val impl_u128__to_be_bytes': bytes: u128 -> t_Array u128 (mk_usize 16) - -unfold -let impl_u128__to_be_bytes = impl_u128__to_be_bytes' - -assume -val impl_u128__to_le_bytes': bytes: u128 -> t_Array u128 (mk_usize 16) - -unfold -let impl_u128__to_le_bytes = impl_u128__to_le_bytes' - -let impl_u128__rem_euclid (x y: u128) - : Prims.Pure u128 (requires y <>. mk_u128 0) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.rem_euclid_u128 x y - -let impl_usize__MIN: usize = mk_usize 0 - -let impl_usize__MAX: usize = Rust_primitives.Arithmetic.v_USIZE_MAX - -let impl_usize__BITS: u32 = Rust_primitives.Arithmetic.v_SIZE_BITS - -let impl_usize__wrapping_add (x y: usize) : usize = - Rust_primitives.Arithmetic.wrapping_add_usize x y - -let impl_usize__saturating_add (x y: usize) : usize = - Rust_primitives.Arithmetic.saturating_add_usize x y - -let impl_usize__overflowing_add (x y: usize) : (usize & bool) = - Rust_primitives.Arithmetic.overflowing_add_usize x y - -let impl_usize__wrapping_sub (x y: usize) : usize = - Rust_primitives.Arithmetic.wrapping_sub_usize x y - -let impl_usize__saturating_sub (x y: usize) : usize = - Rust_primitives.Arithmetic.saturating_sub_usize x y - -let impl_usize__overflowing_sub (x y: usize) : (usize & bool) = - Rust_primitives.Arithmetic.overflowing_sub_usize x y - -let impl_usize__wrapping_mul (x y: usize) : usize = - Rust_primitives.Arithmetic.wrapping_mul_usize x y - -let impl_usize__saturating_mul (x y: usize) : usize = - Rust_primitives.Arithmetic.saturating_mul_usize x y - -let impl_usize__overflowing_mul (x y: usize) : (usize & bool) = - Rust_primitives.Arithmetic.overflowing_mul_usize x y - -let impl_usize__pow (x: usize) (exp: u32) : usize = Rust_primitives.Arithmetic.pow_usize x exp - -let impl_usize__count_ones (x: usize) : u32 = Rust_primitives.Arithmetic.count_ones_usize x - -assume -val impl_usize__rotate_right': x: usize -> n: u32 -> usize - -unfold -let impl_usize__rotate_right = impl_usize__rotate_right' - -assume -val impl_usize__rotate_left': x: usize -> n: u32 -> usize - -unfold -let impl_usize__rotate_left = impl_usize__rotate_left' - -assume -val impl_usize__leading_zeros': x: usize -> u32 - -unfold -let impl_usize__leading_zeros = impl_usize__leading_zeros' - -assume -val impl_usize__ilog2': x: usize -> u32 - -unfold -let impl_usize__ilog2 = impl_usize__ilog2' - -assume -val impl_usize__from_str_radix': src: string -> radix: u32 - -> Core_models.Result.t_Result usize Core_models.Num.Error.t_ParseIntError - -unfold -let impl_usize__from_str_radix = impl_usize__from_str_radix' - -assume -val impl_usize__from_be_bytes': bytes: t_Array usize (mk_usize 0) -> usize - -unfold -let impl_usize__from_be_bytes = impl_usize__from_be_bytes' - -assume -val impl_usize__from_le_bytes': bytes: t_Array usize (mk_usize 0) -> usize - -unfold -let impl_usize__from_le_bytes = impl_usize__from_le_bytes' - -assume -val impl_usize__to_be_bytes': bytes: usize -> t_Array usize (mk_usize 0) - -unfold -let impl_usize__to_be_bytes = impl_usize__to_be_bytes' - -assume -val impl_usize__to_le_bytes': bytes: usize -> t_Array usize (mk_usize 0) - -unfold -let impl_usize__to_le_bytes = impl_usize__to_le_bytes' - -let impl_usize__rem_euclid (x y: usize) - : Prims.Pure usize (requires y <>. mk_usize 0) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.rem_euclid_usize x y - -let impl_i8__MIN: i8 = mk_i8 (-128) - -let impl_i8__MAX: i8 = mk_i8 127 - -let impl_i8__BITS: u32 = mk_u32 8 - -let impl_i8__wrapping_add (x y: i8) : i8 = Rust_primitives.Arithmetic.wrapping_add_i8 x y - -let impl_i8__saturating_add (x y: i8) : i8 = Rust_primitives.Arithmetic.saturating_add_i8 x y - -let impl_i8__overflowing_add (x y: i8) : (i8 & bool) = - Rust_primitives.Arithmetic.overflowing_add_i8 x y - -let impl_i8__wrapping_sub (x y: i8) : i8 = Rust_primitives.Arithmetic.wrapping_sub_i8 x y - -let impl_i8__saturating_sub (x y: i8) : i8 = Rust_primitives.Arithmetic.saturating_sub_i8 x y - -let impl_i8__overflowing_sub (x y: i8) : (i8 & bool) = - Rust_primitives.Arithmetic.overflowing_sub_i8 x y - -let impl_i8__wrapping_mul (x y: i8) : i8 = Rust_primitives.Arithmetic.wrapping_mul_i8 x y - -let impl_i8__saturating_mul (x y: i8) : i8 = Rust_primitives.Arithmetic.saturating_mul_i8 x y - -let impl_i8__overflowing_mul (x y: i8) : (i8 & bool) = - Rust_primitives.Arithmetic.overflowing_mul_i8 x y - -let impl_i8__pow (x: i8) (exp: u32) : i8 = Rust_primitives.Arithmetic.pow_i8 x exp - -let impl_i8__count_ones (x: i8) : u32 = Rust_primitives.Arithmetic.count_ones_i8 x - -assume -val impl_i8__rotate_right': x: i8 -> n: u32 -> i8 - -unfold -let impl_i8__rotate_right = impl_i8__rotate_right' - -assume -val impl_i8__rotate_left': x: i8 -> n: u32 -> i8 - -unfold -let impl_i8__rotate_left = impl_i8__rotate_left' - -assume -val impl_i8__leading_zeros': x: i8 -> u32 - -unfold -let impl_i8__leading_zeros = impl_i8__leading_zeros' - -assume -val impl_i8__ilog2': x: i8 -> u32 - -unfold -let impl_i8__ilog2 = impl_i8__ilog2' - -assume -val impl_i8__from_str_radix': src: string -> radix: u32 - -> Core_models.Result.t_Result i8 Core_models.Num.Error.t_ParseIntError - -unfold -let impl_i8__from_str_radix = impl_i8__from_str_radix' - -assume -val impl_i8__from_be_bytes': bytes: t_Array i8 (mk_usize 1) -> i8 - -unfold -let impl_i8__from_be_bytes = impl_i8__from_be_bytes' - -assume -val impl_i8__from_le_bytes': bytes: t_Array i8 (mk_usize 1) -> i8 - -unfold -let impl_i8__from_le_bytes = impl_i8__from_le_bytes' - -assume -val impl_i8__to_be_bytes': bytes: i8 -> t_Array i8 (mk_usize 1) - -unfold -let impl_i8__to_be_bytes = impl_i8__to_be_bytes' - -assume -val impl_i8__to_le_bytes': bytes: i8 -> t_Array i8 (mk_usize 1) - -unfold -let impl_i8__to_le_bytes = impl_i8__to_le_bytes' - -let impl_i8__rem_euclid (x y: i8) : Prims.Pure i8 (requires y <>. mk_i8 0) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.rem_euclid_i8 x y - -let impl_i8__abs (x: i8) : Prims.Pure i8 (requires x >. impl_i8__MIN) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.abs_i8 x - -let impl_i16__MIN: i16 = mk_i16 (-32768) - -let impl_i16__MAX: i16 = mk_i16 32767 - -let impl_i16__BITS: u32 = mk_u32 16 - -let impl_i16__wrapping_add (x y: i16) : i16 = Rust_primitives.Arithmetic.wrapping_add_i16 x y - -let impl_i16__saturating_add (x y: i16) : i16 = Rust_primitives.Arithmetic.saturating_add_i16 x y - -let impl_i16__overflowing_add (x y: i16) : (i16 & bool) = - Rust_primitives.Arithmetic.overflowing_add_i16 x y - -let impl_i16__wrapping_sub (x y: i16) : i16 = Rust_primitives.Arithmetic.wrapping_sub_i16 x y - -let impl_i16__saturating_sub (x y: i16) : i16 = Rust_primitives.Arithmetic.saturating_sub_i16 x y - -let impl_i16__overflowing_sub (x y: i16) : (i16 & bool) = - Rust_primitives.Arithmetic.overflowing_sub_i16 x y - -let impl_i16__wrapping_mul (x y: i16) : i16 = Rust_primitives.Arithmetic.wrapping_mul_i16 x y - -let impl_i16__saturating_mul (x y: i16) : i16 = Rust_primitives.Arithmetic.saturating_mul_i16 x y - -let impl_i16__overflowing_mul (x y: i16) : (i16 & bool) = - Rust_primitives.Arithmetic.overflowing_mul_i16 x y - -let impl_i16__pow (x: i16) (exp: u32) : i16 = Rust_primitives.Arithmetic.pow_i16 x exp - -let impl_i16__count_ones (x: i16) : u32 = Rust_primitives.Arithmetic.count_ones_i16 x - -assume -val impl_i16__rotate_right': x: i16 -> n: u32 -> i16 - -unfold -let impl_i16__rotate_right = impl_i16__rotate_right' - -assume -val impl_i16__rotate_left': x: i16 -> n: u32 -> i16 - -unfold -let impl_i16__rotate_left = impl_i16__rotate_left' - -assume -val impl_i16__leading_zeros': x: i16 -> u32 - -unfold -let impl_i16__leading_zeros = impl_i16__leading_zeros' - -assume -val impl_i16__ilog2': x: i16 -> u32 - -unfold -let impl_i16__ilog2 = impl_i16__ilog2' - -assume -val impl_i16__from_str_radix': src: string -> radix: u32 - -> Core_models.Result.t_Result i16 Core_models.Num.Error.t_ParseIntError - -unfold -let impl_i16__from_str_radix = impl_i16__from_str_radix' - -assume -val impl_i16__from_be_bytes': bytes: t_Array i16 (mk_usize 2) -> i16 - -unfold -let impl_i16__from_be_bytes = impl_i16__from_be_bytes' - -assume -val impl_i16__from_le_bytes': bytes: t_Array i16 (mk_usize 2) -> i16 - -unfold -let impl_i16__from_le_bytes = impl_i16__from_le_bytes' - -assume -val impl_i16__to_be_bytes': bytes: i16 -> t_Array i16 (mk_usize 2) - -unfold -let impl_i16__to_be_bytes = impl_i16__to_be_bytes' - -assume -val impl_i16__to_le_bytes': bytes: i16 -> t_Array i16 (mk_usize 2) - -unfold -let impl_i16__to_le_bytes = impl_i16__to_le_bytes' - -let impl_i16__rem_euclid (x y: i16) - : Prims.Pure i16 (requires y <>. mk_i16 0) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.rem_euclid_i16 x y - -let impl_i16__abs (x: i16) : Prims.Pure i16 (requires x >. impl_i16__MIN) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.abs_i16 x - -let impl_i32__MIN: i32 = mk_i32 (-2147483648) - -let impl_i32__MAX: i32 = mk_i32 2147483647 - -let impl_i32__BITS: u32 = mk_u32 32 - -let impl_i32__wrapping_add (x y: i32) : i32 = Rust_primitives.Arithmetic.wrapping_add_i32 x y - -let impl_i32__saturating_add (x y: i32) : i32 = Rust_primitives.Arithmetic.saturating_add_i32 x y - -let impl_i32__overflowing_add (x y: i32) : (i32 & bool) = - Rust_primitives.Arithmetic.overflowing_add_i32 x y - -let impl_i32__wrapping_sub (x y: i32) : i32 = Rust_primitives.Arithmetic.wrapping_sub_i32 x y - -let impl_i32__saturating_sub (x y: i32) : i32 = Rust_primitives.Arithmetic.saturating_sub_i32 x y - -let impl_i32__overflowing_sub (x y: i32) : (i32 & bool) = - Rust_primitives.Arithmetic.overflowing_sub_i32 x y - -let impl_i32__wrapping_mul (x y: i32) : i32 = Rust_primitives.Arithmetic.wrapping_mul_i32 x y - -let impl_i32__saturating_mul (x y: i32) : i32 = Rust_primitives.Arithmetic.saturating_mul_i32 x y - -let impl_i32__overflowing_mul (x y: i32) : (i32 & bool) = - Rust_primitives.Arithmetic.overflowing_mul_i32 x y - -let impl_i32__pow (x: i32) (exp: u32) : i32 = Rust_primitives.Arithmetic.pow_i32 x exp - -let impl_i32__count_ones (x: i32) : u32 = Rust_primitives.Arithmetic.count_ones_i32 x - -assume -val impl_i32__rotate_right': x: i32 -> n: u32 -> i32 - -unfold -let impl_i32__rotate_right = impl_i32__rotate_right' - -assume -val impl_i32__rotate_left': x: i32 -> n: u32 -> i32 - -unfold -let impl_i32__rotate_left = impl_i32__rotate_left' - -assume -val impl_i32__leading_zeros': x: i32 -> u32 - -unfold -let impl_i32__leading_zeros = impl_i32__leading_zeros' - -assume -val impl_i32__ilog2': x: i32 -> u32 - -unfold -let impl_i32__ilog2 = impl_i32__ilog2' - -assume -val impl_i32__from_str_radix': src: string -> radix: u32 - -> Core_models.Result.t_Result i32 Core_models.Num.Error.t_ParseIntError - -unfold -let impl_i32__from_str_radix = impl_i32__from_str_radix' - -assume -val impl_i32__from_be_bytes': bytes: t_Array i32 (mk_usize 4) -> i32 - -unfold -let impl_i32__from_be_bytes = impl_i32__from_be_bytes' - -assume -val impl_i32__from_le_bytes': bytes: t_Array i32 (mk_usize 4) -> i32 - -unfold -let impl_i32__from_le_bytes = impl_i32__from_le_bytes' - -assume -val impl_i32__to_be_bytes': bytes: i32 -> t_Array i32 (mk_usize 4) - -unfold -let impl_i32__to_be_bytes = impl_i32__to_be_bytes' - -assume -val impl_i32__to_le_bytes': bytes: i32 -> t_Array i32 (mk_usize 4) - -unfold -let impl_i32__to_le_bytes = impl_i32__to_le_bytes' - -let impl_i32__rem_euclid (x y: i32) - : Prims.Pure i32 (requires y <>. mk_i32 0) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.rem_euclid_i32 x y - -let impl_i32__abs (x: i32) : Prims.Pure i32 (requires x >. impl_i32__MIN) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.abs_i32 x - -let impl_i64__MIN: i64 = mk_i64 (-9223372036854775808) - -let impl_i64__MAX: i64 = mk_i64 9223372036854775807 - -let impl_i64__BITS: u32 = mk_u32 64 - -let impl_i64__wrapping_add (x y: i64) : i64 = Rust_primitives.Arithmetic.wrapping_add_i64 x y - -let impl_i64__saturating_add (x y: i64) : i64 = Rust_primitives.Arithmetic.saturating_add_i64 x y - -let impl_i64__overflowing_add (x y: i64) : (i64 & bool) = - Rust_primitives.Arithmetic.overflowing_add_i64 x y - -let impl_i64__wrapping_sub (x y: i64) : i64 = Rust_primitives.Arithmetic.wrapping_sub_i64 x y - -let impl_i64__saturating_sub (x y: i64) : i64 = Rust_primitives.Arithmetic.saturating_sub_i64 x y - -let impl_i64__overflowing_sub (x y: i64) : (i64 & bool) = - Rust_primitives.Arithmetic.overflowing_sub_i64 x y - -let impl_i64__wrapping_mul (x y: i64) : i64 = Rust_primitives.Arithmetic.wrapping_mul_i64 x y - -let impl_i64__saturating_mul (x y: i64) : i64 = Rust_primitives.Arithmetic.saturating_mul_i64 x y - -let impl_i64__overflowing_mul (x y: i64) : (i64 & bool) = - Rust_primitives.Arithmetic.overflowing_mul_i64 x y - -let impl_i64__pow (x: i64) (exp: u32) : i64 = Rust_primitives.Arithmetic.pow_i64 x exp - -let impl_i64__count_ones (x: i64) : u32 = Rust_primitives.Arithmetic.count_ones_i64 x - -assume -val impl_i64__rotate_right': x: i64 -> n: u32 -> i64 - -unfold -let impl_i64__rotate_right = impl_i64__rotate_right' - -assume -val impl_i64__rotate_left': x: i64 -> n: u32 -> i64 - -unfold -let impl_i64__rotate_left = impl_i64__rotate_left' - -assume -val impl_i64__leading_zeros': x: i64 -> u32 - -unfold -let impl_i64__leading_zeros = impl_i64__leading_zeros' - -assume -val impl_i64__ilog2': x: i64 -> u32 - -unfold -let impl_i64__ilog2 = impl_i64__ilog2' - -assume -val impl_i64__from_str_radix': src: string -> radix: u32 - -> Core_models.Result.t_Result i64 Core_models.Num.Error.t_ParseIntError - -unfold -let impl_i64__from_str_radix = impl_i64__from_str_radix' - -assume -val impl_i64__from_be_bytes': bytes: t_Array i64 (mk_usize 8) -> i64 - -unfold -let impl_i64__from_be_bytes = impl_i64__from_be_bytes' - -assume -val impl_i64__from_le_bytes': bytes: t_Array i64 (mk_usize 8) -> i64 - -unfold -let impl_i64__from_le_bytes = impl_i64__from_le_bytes' - -assume -val impl_i64__to_be_bytes': bytes: i64 -> t_Array i64 (mk_usize 8) - -unfold -let impl_i64__to_be_bytes = impl_i64__to_be_bytes' - -assume -val impl_i64__to_le_bytes': bytes: i64 -> t_Array i64 (mk_usize 8) - -unfold -let impl_i64__to_le_bytes = impl_i64__to_le_bytes' - -let impl_i64__rem_euclid (x y: i64) - : Prims.Pure i64 (requires y <>. mk_i64 0) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.rem_euclid_i64 x y - -let impl_i64__abs (x: i64) : Prims.Pure i64 (requires x >. impl_i64__MIN) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.abs_i64 x - -let impl_i128__MIN: i128 = mk_i128 (-170141183460469231731687303715884105728) - -let impl_i128__MAX: i128 = mk_i128 170141183460469231731687303715884105727 - -let impl_i128__BITS: u32 = mk_u32 128 - -let impl_i128__wrapping_add (x y: i128) : i128 = Rust_primitives.Arithmetic.wrapping_add_i128 x y - -let impl_i128__saturating_add (x y: i128) : i128 = - Rust_primitives.Arithmetic.saturating_add_i128 x y - -let impl_i128__overflowing_add (x y: i128) : (i128 & bool) = - Rust_primitives.Arithmetic.overflowing_add_i128 x y - -let impl_i128__wrapping_sub (x y: i128) : i128 = Rust_primitives.Arithmetic.wrapping_sub_i128 x y - -let impl_i128__saturating_sub (x y: i128) : i128 = - Rust_primitives.Arithmetic.saturating_sub_i128 x y - -let impl_i128__overflowing_sub (x y: i128) : (i128 & bool) = - Rust_primitives.Arithmetic.overflowing_sub_i128 x y - -let impl_i128__wrapping_mul (x y: i128) : i128 = Rust_primitives.Arithmetic.wrapping_mul_i128 x y - -let impl_i128__saturating_mul (x y: i128) : i128 = - Rust_primitives.Arithmetic.saturating_mul_i128 x y - -let impl_i128__overflowing_mul (x y: i128) : (i128 & bool) = - Rust_primitives.Arithmetic.overflowing_mul_i128 x y - -let impl_i128__pow (x: i128) (exp: u32) : i128 = Rust_primitives.Arithmetic.pow_i128 x exp - -let impl_i128__count_ones (x: i128) : u32 = Rust_primitives.Arithmetic.count_ones_i128 x - -assume -val impl_i128__rotate_right': x: i128 -> n: u32 -> i128 - -unfold -let impl_i128__rotate_right = impl_i128__rotate_right' - -assume -val impl_i128__rotate_left': x: i128 -> n: u32 -> i128 - -unfold -let impl_i128__rotate_left = impl_i128__rotate_left' - -assume -val impl_i128__leading_zeros': x: i128 -> u32 - -unfold -let impl_i128__leading_zeros = impl_i128__leading_zeros' - -assume -val impl_i128__ilog2': x: i128 -> u32 - -unfold -let impl_i128__ilog2 = impl_i128__ilog2' - -assume -val impl_i128__from_str_radix': src: string -> radix: u32 - -> Core_models.Result.t_Result i128 Core_models.Num.Error.t_ParseIntError - -unfold -let impl_i128__from_str_radix = impl_i128__from_str_radix' - -assume -val impl_i128__from_be_bytes': bytes: t_Array i128 (mk_usize 16) -> i128 - -unfold -let impl_i128__from_be_bytes = impl_i128__from_be_bytes' - -assume -val impl_i128__from_le_bytes': bytes: t_Array i128 (mk_usize 16) -> i128 - -unfold -let impl_i128__from_le_bytes = impl_i128__from_le_bytes' - -assume -val impl_i128__to_be_bytes': bytes: i128 -> t_Array i128 (mk_usize 16) - -unfold -let impl_i128__to_be_bytes = impl_i128__to_be_bytes' - -assume -val impl_i128__to_le_bytes': bytes: i128 -> t_Array i128 (mk_usize 16) - -unfold -let impl_i128__to_le_bytes = impl_i128__to_le_bytes' - -let impl_i128__rem_euclid (x y: i128) - : Prims.Pure i128 (requires y <>. mk_i128 0) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.rem_euclid_i128 x y - -let impl_i128__abs (x: i128) - : Prims.Pure i128 (requires x >. impl_i128__MIN) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.abs_i128 x - -let impl_isize__MIN: isize = Rust_primitives.Arithmetic.v_ISIZE_MIN - -let impl_isize__MAX: isize = Rust_primitives.Arithmetic.v_ISIZE_MAX - -let impl_isize__BITS: u32 = Rust_primitives.Arithmetic.v_SIZE_BITS - -let impl_isize__wrapping_add (x y: isize) : isize = - Rust_primitives.Arithmetic.wrapping_add_isize x y - -let impl_isize__saturating_add (x y: isize) : isize = - Rust_primitives.Arithmetic.saturating_add_isize x y - -let impl_isize__overflowing_add (x y: isize) : (isize & bool) = - Rust_primitives.Arithmetic.overflowing_add_isize x y - -let impl_isize__wrapping_sub (x y: isize) : isize = - Rust_primitives.Arithmetic.wrapping_sub_isize x y - -let impl_isize__saturating_sub (x y: isize) : isize = - Rust_primitives.Arithmetic.saturating_sub_isize x y - -let impl_isize__overflowing_sub (x y: isize) : (isize & bool) = - Rust_primitives.Arithmetic.overflowing_sub_isize x y - -let impl_isize__wrapping_mul (x y: isize) : isize = - Rust_primitives.Arithmetic.wrapping_mul_isize x y - -let impl_isize__saturating_mul (x y: isize) : isize = - Rust_primitives.Arithmetic.saturating_mul_isize x y - -let impl_isize__overflowing_mul (x y: isize) : (isize & bool) = - Rust_primitives.Arithmetic.overflowing_mul_isize x y - -let impl_isize__pow (x: isize) (exp: u32) : isize = Rust_primitives.Arithmetic.pow_isize x exp - -let impl_isize__count_ones (x: isize) : u32 = Rust_primitives.Arithmetic.count_ones_isize x - -assume -val impl_isize__rotate_right': x: isize -> n: u32 -> isize - -unfold -let impl_isize__rotate_right = impl_isize__rotate_right' - -assume -val impl_isize__rotate_left': x: isize -> n: u32 -> isize - -unfold -let impl_isize__rotate_left = impl_isize__rotate_left' - -assume -val impl_isize__leading_zeros': x: isize -> u32 - -unfold -let impl_isize__leading_zeros = impl_isize__leading_zeros' - -assume -val impl_isize__ilog2': x: isize -> u32 - -unfold -let impl_isize__ilog2 = impl_isize__ilog2' - -assume -val impl_isize__from_str_radix': src: string -> radix: u32 - -> Core_models.Result.t_Result isize Core_models.Num.Error.t_ParseIntError - -unfold -let impl_isize__from_str_radix = impl_isize__from_str_radix' - -assume -val impl_isize__from_be_bytes': bytes: t_Array isize (mk_usize 0) -> isize - -unfold -let impl_isize__from_be_bytes = impl_isize__from_be_bytes' - -assume -val impl_isize__from_le_bytes': bytes: t_Array isize (mk_usize 0) -> isize - -unfold -let impl_isize__from_le_bytes = impl_isize__from_le_bytes' - -assume -val impl_isize__to_be_bytes': bytes: isize -> t_Array isize (mk_usize 0) - -unfold -let impl_isize__to_be_bytes = impl_isize__to_be_bytes' - -assume -val impl_isize__to_le_bytes': bytes: isize -> t_Array isize (mk_usize 0) - -unfold -let impl_isize__to_le_bytes = impl_isize__to_le_bytes' - -let impl_isize__rem_euclid (x y: isize) - : Prims.Pure isize (requires y <>. mk_isize 0) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.rem_euclid_isize x y - -let impl_isize__abs (x: isize) - : Prims.Pure isize (requires x >. impl_isize__MIN) (fun _ -> Prims.l_True) = - Rust_primitives.Arithmetic.abs_isize x diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Num.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Num.fsti new file mode 100644 index 000000000..5dbb5da3b --- /dev/null +++ b/hax-lib/proof-libs/fstar/core/Core_models.Num.fsti @@ -0,0 +1,724 @@ +module Core_models.Num +#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" +open FStar.Mul +open Rust_primitives + +let impl_u8__MIN: u8 = mk_u8 0 + +let impl_u8__MAX: u8 = mk_u8 255 + +let impl_u8__BITS: u32 = mk_u32 8 + +val impl_u8__wrapping_add (x y: u8) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__saturating_add (x y: u8) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__overflowing_add (x y: u8) : Prims.Pure (u8 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__wrapping_sub (x y: u8) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__saturating_sub (x y: u8) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__overflowing_sub (x y: u8) : Prims.Pure (u8 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__wrapping_mul (x y: u8) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__saturating_mul (x y: u8) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__overflowing_mul (x y: u8) : Prims.Pure (u8 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__pow (x: u8) (exp: u32) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__count_ones (x: u8) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__rotate_right (x: u8) (n: u32) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__rotate_left (x: u8) (n: u32) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__leading_zeros (x: u8) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__ilog2 (x: u8) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__from_str_radix (src: string) (radix: u32) + : Prims.Pure (Core_models.Result.t_Result u8 Core_models.Num.Error.t_ParseIntError) + Prims.l_True + (fun _ -> Prims.l_True) + +val impl_u8__from_be_bytes (bytes: t_Array u8 (mk_usize 1)) + : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__from_le_bytes (bytes: t_Array u8 (mk_usize 1)) + : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__to_be_bytes (bytes: u8) + : Prims.Pure (t_Array u8 (mk_usize 1)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__to_le_bytes (bytes: u8) + : Prims.Pure (t_Array u8 (mk_usize 1)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u8__rem_euclid (x y: u8) : Prims.Pure u8 (requires y <>. mk_u8 0) (fun _ -> Prims.l_True) + +let impl_u16__MIN: u16 = mk_u16 0 + +let impl_u16__MAX: u16 = mk_u16 65535 + +let impl_u16__BITS: u32 = mk_u32 16 + +val impl_u16__wrapping_add (x y: u16) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__saturating_add (x y: u16) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__overflowing_add (x y: u16) + : Prims.Pure (u16 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__wrapping_sub (x y: u16) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__saturating_sub (x y: u16) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__overflowing_sub (x y: u16) + : Prims.Pure (u16 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__wrapping_mul (x y: u16) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__saturating_mul (x y: u16) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__overflowing_mul (x y: u16) + : Prims.Pure (u16 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__pow (x: u16) (exp: u32) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__count_ones (x: u16) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__rotate_right (x: u16) (n: u32) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__rotate_left (x: u16) (n: u32) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__leading_zeros (x: u16) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__ilog2 (x: u16) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__from_str_radix (src: string) (radix: u32) + : Prims.Pure (Core_models.Result.t_Result u16 Core_models.Num.Error.t_ParseIntError) + Prims.l_True + (fun _ -> Prims.l_True) + +val impl_u16__from_be_bytes (bytes: t_Array u16 (mk_usize 2)) + : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__from_le_bytes (bytes: t_Array u16 (mk_usize 2)) + : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__to_be_bytes (bytes: u16) + : Prims.Pure (t_Array u16 (mk_usize 2)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__to_le_bytes (bytes: u16) + : Prims.Pure (t_Array u16 (mk_usize 2)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u16__rem_euclid (x y: u16) + : Prims.Pure u16 (requires y <>. mk_u16 0) (fun _ -> Prims.l_True) + +let impl_u32__MIN: u32 = mk_u32 0 + +let impl_u32__MAX: u32 = mk_u32 4294967295 + +let impl_u32__BITS: u32 = mk_u32 32 + +val impl_u32__wrapping_add (x y: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__saturating_add (x y: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__overflowing_add (x y: u32) + : Prims.Pure (u32 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__wrapping_sub (x y: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__saturating_sub (x y: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__overflowing_sub (x y: u32) + : Prims.Pure (u32 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__wrapping_mul (x y: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__saturating_mul (x y: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__overflowing_mul (x y: u32) + : Prims.Pure (u32 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__pow (x exp: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__count_ones (x: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__rotate_right (x n: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__rotate_left (x n: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__leading_zeros (x: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__ilog2 (x: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__from_str_radix (src: string) (radix: u32) + : Prims.Pure (Core_models.Result.t_Result u32 Core_models.Num.Error.t_ParseIntError) + Prims.l_True + (fun _ -> Prims.l_True) + +val impl_u32__from_be_bytes (bytes: t_Array u32 (mk_usize 4)) + : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__from_le_bytes (bytes: t_Array u32 (mk_usize 4)) + : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__to_be_bytes (bytes: u32) + : Prims.Pure (t_Array u32 (mk_usize 4)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__to_le_bytes (bytes: u32) + : Prims.Pure (t_Array u32 (mk_usize 4)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u32__rem_euclid (x y: u32) + : Prims.Pure u32 (requires y <>. mk_u32 0) (fun _ -> Prims.l_True) + +let impl_u64__MIN: u64 = mk_u64 0 + +let impl_u64__MAX: u64 = mk_u64 18446744073709551615 + +let impl_u64__BITS: u32 = mk_u32 64 + +val impl_u64__wrapping_add (x y: u64) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__saturating_add (x y: u64) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__overflowing_add (x y: u64) + : Prims.Pure (u64 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__wrapping_sub (x y: u64) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__saturating_sub (x y: u64) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__overflowing_sub (x y: u64) + : Prims.Pure (u64 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__wrapping_mul (x y: u64) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__saturating_mul (x y: u64) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__overflowing_mul (x y: u64) + : Prims.Pure (u64 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__pow (x: u64) (exp: u32) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__count_ones (x: u64) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__rotate_right (x: u64) (n: u32) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__rotate_left (x: u64) (n: u32) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__leading_zeros (x: u64) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__ilog2 (x: u64) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__from_str_radix (src: string) (radix: u32) + : Prims.Pure (Core_models.Result.t_Result u64 Core_models.Num.Error.t_ParseIntError) + Prims.l_True + (fun _ -> Prims.l_True) + +val impl_u64__from_be_bytes (bytes: t_Array u64 (mk_usize 8)) + : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__from_le_bytes (bytes: t_Array u64 (mk_usize 8)) + : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__to_be_bytes (bytes: u64) + : Prims.Pure (t_Array u64 (mk_usize 8)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__to_le_bytes (bytes: u64) + : Prims.Pure (t_Array u64 (mk_usize 8)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u64__rem_euclid (x y: u64) + : Prims.Pure u64 (requires y <>. mk_u64 0) (fun _ -> Prims.l_True) + +let impl_u128__MIN: u128 = mk_u128 0 + +let impl_u128__MAX: u128 = mk_u128 340282366920938463463374607431768211455 + +let impl_u128__BITS: u32 = mk_u32 128 + +val impl_u128__wrapping_add (x y: u128) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__saturating_add (x y: u128) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__overflowing_add (x y: u128) + : Prims.Pure (u128 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__wrapping_sub (x y: u128) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__saturating_sub (x y: u128) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__overflowing_sub (x y: u128) + : Prims.Pure (u128 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__wrapping_mul (x y: u128) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__saturating_mul (x y: u128) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__overflowing_mul (x y: u128) + : Prims.Pure (u128 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__pow (x: u128) (exp: u32) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__count_ones (x: u128) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__rotate_right (x: u128) (n: u32) + : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__rotate_left (x: u128) (n: u32) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__leading_zeros (x: u128) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__ilog2 (x: u128) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__from_str_radix (src: string) (radix: u32) + : Prims.Pure (Core_models.Result.t_Result u128 Core_models.Num.Error.t_ParseIntError) + Prims.l_True + (fun _ -> Prims.l_True) + +val impl_u128__from_be_bytes (bytes: t_Array u128 (mk_usize 16)) + : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__from_le_bytes (bytes: t_Array u128 (mk_usize 16)) + : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__to_be_bytes (bytes: u128) + : Prims.Pure (t_Array u128 (mk_usize 16)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__to_le_bytes (bytes: u128) + : Prims.Pure (t_Array u128 (mk_usize 16)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_u128__rem_euclid (x y: u128) + : Prims.Pure u128 (requires y <>. mk_u128 0) (fun _ -> Prims.l_True) + +let impl_usize__MIN: usize = mk_usize 0 + +let impl_usize__MAX: usize = Rust_primitives.Arithmetic.v_USIZE_MAX + +let impl_usize__BITS: u32 = Rust_primitives.Arithmetic.v_SIZE_BITS + +val impl_usize__wrapping_add (x y: usize) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__saturating_add (x y: usize) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__overflowing_add (x y: usize) + : Prims.Pure (usize & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__wrapping_sub (x y: usize) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__saturating_sub (x y: usize) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__overflowing_sub (x y: usize) + : Prims.Pure (usize & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__wrapping_mul (x y: usize) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__saturating_mul (x y: usize) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__overflowing_mul (x y: usize) + : Prims.Pure (usize & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__pow (x: usize) (exp: u32) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__count_ones (x: usize) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__rotate_right (x: usize) (n: u32) + : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__rotate_left (x: usize) (n: u32) + : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__leading_zeros (x: usize) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__ilog2 (x: usize) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__from_str_radix (src: string) (radix: u32) + : Prims.Pure (Core_models.Result.t_Result usize Core_models.Num.Error.t_ParseIntError) + Prims.l_True + (fun _ -> Prims.l_True) + +val impl_usize__from_be_bytes (bytes: t_Array usize (mk_usize 0)) + : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__from_le_bytes (bytes: t_Array usize (mk_usize 0)) + : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__to_be_bytes (bytes: usize) + : Prims.Pure (t_Array usize (mk_usize 0)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__to_le_bytes (bytes: usize) + : Prims.Pure (t_Array usize (mk_usize 0)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_usize__rem_euclid (x y: usize) + : Prims.Pure usize (requires y <>. mk_usize 0) (fun _ -> Prims.l_True) + +let impl_i8__MIN: i8 = mk_i8 (-128) + +let impl_i8__MAX: i8 = mk_i8 127 + +let impl_i8__BITS: u32 = mk_u32 8 + +val impl_i8__wrapping_add (x y: i8) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__saturating_add (x y: i8) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__overflowing_add (x y: i8) : Prims.Pure (i8 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__wrapping_sub (x y: i8) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__saturating_sub (x y: i8) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__overflowing_sub (x y: i8) : Prims.Pure (i8 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__wrapping_mul (x y: i8) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__saturating_mul (x y: i8) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__overflowing_mul (x y: i8) : Prims.Pure (i8 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__pow (x: i8) (exp: u32) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__count_ones (x: i8) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__rotate_right (x: i8) (n: u32) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__rotate_left (x: i8) (n: u32) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__leading_zeros (x: i8) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__ilog2 (x: i8) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__from_str_radix (src: string) (radix: u32) + : Prims.Pure (Core_models.Result.t_Result i8 Core_models.Num.Error.t_ParseIntError) + Prims.l_True + (fun _ -> Prims.l_True) + +val impl_i8__from_be_bytes (bytes: t_Array i8 (mk_usize 1)) + : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__from_le_bytes (bytes: t_Array i8 (mk_usize 1)) + : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__to_be_bytes (bytes: i8) + : Prims.Pure (t_Array i8 (mk_usize 1)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__to_le_bytes (bytes: i8) + : Prims.Pure (t_Array i8 (mk_usize 1)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i8__rem_euclid (x y: i8) : Prims.Pure i8 (requires y <>. mk_i8 0) (fun _ -> Prims.l_True) + +val impl_i8__abs (x: i8) : Prims.Pure i8 (requires x >. impl_i8__MIN) (fun _ -> Prims.l_True) + +let impl_i16__MIN: i16 = mk_i16 (-32768) + +let impl_i16__MAX: i16 = mk_i16 32767 + +let impl_i16__BITS: u32 = mk_u32 16 + +val impl_i16__wrapping_add (x y: i16) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__saturating_add (x y: i16) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__overflowing_add (x y: i16) + : Prims.Pure (i16 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__wrapping_sub (x y: i16) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__saturating_sub (x y: i16) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__overflowing_sub (x y: i16) + : Prims.Pure (i16 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__wrapping_mul (x y: i16) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__saturating_mul (x y: i16) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__overflowing_mul (x y: i16) + : Prims.Pure (i16 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__pow (x: i16) (exp: u32) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__count_ones (x: i16) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__rotate_right (x: i16) (n: u32) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__rotate_left (x: i16) (n: u32) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__leading_zeros (x: i16) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__ilog2 (x: i16) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__from_str_radix (src: string) (radix: u32) + : Prims.Pure (Core_models.Result.t_Result i16 Core_models.Num.Error.t_ParseIntError) + Prims.l_True + (fun _ -> Prims.l_True) + +val impl_i16__from_be_bytes (bytes: t_Array i16 (mk_usize 2)) + : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__from_le_bytes (bytes: t_Array i16 (mk_usize 2)) + : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__to_be_bytes (bytes: i16) + : Prims.Pure (t_Array i16 (mk_usize 2)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__to_le_bytes (bytes: i16) + : Prims.Pure (t_Array i16 (mk_usize 2)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i16__rem_euclid (x y: i16) + : Prims.Pure i16 (requires y <>. mk_i16 0) (fun _ -> Prims.l_True) + +val impl_i16__abs (x: i16) : Prims.Pure i16 (requires x >. impl_i16__MIN) (fun _ -> Prims.l_True) + +let impl_i32__MIN: i32 = mk_i32 (-2147483648) + +let impl_i32__MAX: i32 = mk_i32 2147483647 + +let impl_i32__BITS: u32 = mk_u32 32 + +val impl_i32__wrapping_add (x y: i32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__saturating_add (x y: i32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__overflowing_add (x y: i32) + : Prims.Pure (i32 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__wrapping_sub (x y: i32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__saturating_sub (x y: i32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__overflowing_sub (x y: i32) + : Prims.Pure (i32 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__wrapping_mul (x y: i32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__saturating_mul (x y: i32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__overflowing_mul (x y: i32) + : Prims.Pure (i32 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__pow (x: i32) (exp: u32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__count_ones (x: i32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__rotate_right (x: i32) (n: u32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__rotate_left (x: i32) (n: u32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__leading_zeros (x: i32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__ilog2 (x: i32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__from_str_radix (src: string) (radix: u32) + : Prims.Pure (Core_models.Result.t_Result i32 Core_models.Num.Error.t_ParseIntError) + Prims.l_True + (fun _ -> Prims.l_True) + +val impl_i32__from_be_bytes (bytes: t_Array i32 (mk_usize 4)) + : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__from_le_bytes (bytes: t_Array i32 (mk_usize 4)) + : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__to_be_bytes (bytes: i32) + : Prims.Pure (t_Array i32 (mk_usize 4)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__to_le_bytes (bytes: i32) + : Prims.Pure (t_Array i32 (mk_usize 4)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i32__rem_euclid (x y: i32) + : Prims.Pure i32 (requires y <>. mk_i32 0) (fun _ -> Prims.l_True) + +val impl_i32__abs (x: i32) : Prims.Pure i32 (requires x >. impl_i32__MIN) (fun _ -> Prims.l_True) + +let impl_i64__MIN: i64 = mk_i64 (-9223372036854775808) + +let impl_i64__MAX: i64 = mk_i64 9223372036854775807 + +let impl_i64__BITS: u32 = mk_u32 64 + +val impl_i64__wrapping_add (x y: i64) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__saturating_add (x y: i64) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__overflowing_add (x y: i64) + : Prims.Pure (i64 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__wrapping_sub (x y: i64) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__saturating_sub (x y: i64) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__overflowing_sub (x y: i64) + : Prims.Pure (i64 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__wrapping_mul (x y: i64) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__saturating_mul (x y: i64) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__overflowing_mul (x y: i64) + : Prims.Pure (i64 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__pow (x: i64) (exp: u32) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__count_ones (x: i64) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__rotate_right (x: i64) (n: u32) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__rotate_left (x: i64) (n: u32) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__leading_zeros (x: i64) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__ilog2 (x: i64) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__from_str_radix (src: string) (radix: u32) + : Prims.Pure (Core_models.Result.t_Result i64 Core_models.Num.Error.t_ParseIntError) + Prims.l_True + (fun _ -> Prims.l_True) + +val impl_i64__from_be_bytes (bytes: t_Array i64 (mk_usize 8)) + : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__from_le_bytes (bytes: t_Array i64 (mk_usize 8)) + : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__to_be_bytes (bytes: i64) + : Prims.Pure (t_Array i64 (mk_usize 8)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__to_le_bytes (bytes: i64) + : Prims.Pure (t_Array i64 (mk_usize 8)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i64__rem_euclid (x y: i64) + : Prims.Pure i64 (requires y <>. mk_i64 0) (fun _ -> Prims.l_True) + +val impl_i64__abs (x: i64) : Prims.Pure i64 (requires x >. impl_i64__MIN) (fun _ -> Prims.l_True) + +let impl_i128__MIN: i128 = mk_i128 (-170141183460469231731687303715884105728) + +let impl_i128__MAX: i128 = mk_i128 170141183460469231731687303715884105727 + +let impl_i128__BITS: u32 = mk_u32 128 + +val impl_i128__wrapping_add (x y: i128) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__saturating_add (x y: i128) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__overflowing_add (x y: i128) + : Prims.Pure (i128 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__wrapping_sub (x y: i128) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__saturating_sub (x y: i128) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__overflowing_sub (x y: i128) + : Prims.Pure (i128 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__wrapping_mul (x y: i128) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__saturating_mul (x y: i128) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__overflowing_mul (x y: i128) + : Prims.Pure (i128 & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__pow (x: i128) (exp: u32) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__count_ones (x: i128) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__rotate_right (x: i128) (n: u32) + : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__rotate_left (x: i128) (n: u32) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__leading_zeros (x: i128) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__ilog2 (x: i128) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__from_str_radix (src: string) (radix: u32) + : Prims.Pure (Core_models.Result.t_Result i128 Core_models.Num.Error.t_ParseIntError) + Prims.l_True + (fun _ -> Prims.l_True) + +val impl_i128__from_be_bytes (bytes: t_Array i128 (mk_usize 16)) + : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__from_le_bytes (bytes: t_Array i128 (mk_usize 16)) + : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__to_be_bytes (bytes: i128) + : Prims.Pure (t_Array i128 (mk_usize 16)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__to_le_bytes (bytes: i128) + : Prims.Pure (t_Array i128 (mk_usize 16)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_i128__rem_euclid (x y: i128) + : Prims.Pure i128 (requires y <>. mk_i128 0) (fun _ -> Prims.l_True) + +val impl_i128__abs (x: i128) + : Prims.Pure i128 (requires x >. impl_i128__MIN) (fun _ -> Prims.l_True) + +let impl_isize__MIN: isize = Rust_primitives.Arithmetic.v_ISIZE_MIN + +let impl_isize__MAX: isize = Rust_primitives.Arithmetic.v_ISIZE_MAX + +let impl_isize__BITS: u32 = Rust_primitives.Arithmetic.v_SIZE_BITS + +val impl_isize__wrapping_add (x y: isize) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__saturating_add (x y: isize) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__overflowing_add (x y: isize) + : Prims.Pure (isize & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__wrapping_sub (x y: isize) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__saturating_sub (x y: isize) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__overflowing_sub (x y: isize) + : Prims.Pure (isize & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__wrapping_mul (x y: isize) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__saturating_mul (x y: isize) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__overflowing_mul (x y: isize) + : Prims.Pure (isize & bool) Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__pow (x: isize) (exp: u32) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__count_ones (x: isize) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__rotate_right (x: isize) (n: u32) + : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__rotate_left (x: isize) (n: u32) + : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__leading_zeros (x: isize) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__ilog2 (x: isize) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__from_str_radix (src: string) (radix: u32) + : Prims.Pure (Core_models.Result.t_Result isize Core_models.Num.Error.t_ParseIntError) + Prims.l_True + (fun _ -> Prims.l_True) + +val impl_isize__from_be_bytes (bytes: t_Array isize (mk_usize 0)) + : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__from_le_bytes (bytes: t_Array isize (mk_usize 0)) + : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__to_be_bytes (bytes: isize) + : Prims.Pure (t_Array isize (mk_usize 0)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__to_le_bytes (bytes: isize) + : Prims.Pure (t_Array isize (mk_usize 0)) Prims.l_True (fun _ -> Prims.l_True) + +val impl_isize__rem_euclid (x y: isize) + : Prims.Pure isize (requires y <>. mk_isize 0) (fun _ -> Prims.l_True) + +val impl_isize__abs (x: isize) + : Prims.Pure isize (requires x >. impl_isize__MIN) (fun _ -> Prims.l_True) diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fst b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fst deleted file mode 100644 index 77ea71252..000000000 --- a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fst +++ /dev/null @@ -1,217 +0,0 @@ -module Core_models.Ops.Arith -#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" -open FStar.Mul - -open Rust_primitives.Integers - -class t_AddAssign (v_Self: Type0) (v_Rhs: Type0) = { - f_add_assign_pre:v_Self -> v_Rhs -> Type0; - f_add_assign_post:v_Self -> v_Rhs -> v_Self -> Type0; - f_add_assign:x0: v_Self -> x1: v_Rhs - -> Prims.Pure v_Self (f_add_assign_pre x0 x1) (fun result -> f_add_assign_post x0 x1 result) -} - -class t_SubAssign (v_Self: Type0) (v_Rhs: Type0) = { - f_sub_assign_pre:v_Self -> v_Rhs -> Type0; - f_sub_assign_post:v_Self -> v_Rhs -> v_Self -> Type0; - f_sub_assign:x0: v_Self -> x1: v_Rhs - -> Prims.Pure v_Self (f_sub_assign_pre x0 x1) (fun result -> f_sub_assign_post x0 x1 result) -} - -class t_MulAssign (v_Self: Type0) (v_Rhs: Type0) = { - f_mul_assign_pre:v_Self -> v_Rhs -> Type0; - f_mul_assign_post:v_Self -> v_Rhs -> v_Self -> Type0; - f_mul_assign:x0: v_Self -> x1: v_Rhs - -> Prims.Pure v_Self (f_mul_assign_pre x0 x1) (fun result -> f_mul_assign_post x0 x1 result) -} - -class t_DivAssign (v_Self: Type0) (v_Rhs: Type0) = { - f_div_assign_pre:v_Self -> v_Rhs -> Type0; - f_div_assign_post:v_Self -> v_Rhs -> v_Self -> Type0; - f_div_assign:x0: v_Self -> x1: v_Rhs - -> Prims.Pure v_Self (f_div_assign_pre x0 x1) (fun result -> f_div_assign_post x0 x1 result) -} - -[@@ FStar.Tactics.Typeclasses.tcinstance] -let impl: t_AddAssign u8 u8 = - { - f_add_assign_pre - = - (fun (self_: u8) (rhs: u8) -> - ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) + - (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) - <: - Hax_lib.Int.t_Int) <= - (Rust_primitives.Hax.Int.from_machine Core_models.Num.impl_u8__MAX <: Hax_lib.Int.t_Int)); - f_add_assign_post = (fun (self: u8) (rhs: u8) (out: u8) -> true); - f_add_assign - = - fun (self: u8) (rhs: u8) -> - let self:u8 = self +! rhs in - self - } - -[@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_1: t_SubAssign u8 u8 = - { - f_sub_assign_pre - = - (fun (self_: u8) (rhs: u8) -> - ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) - - (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) - <: - Hax_lib.Int.t_Int) >= - (Rust_primitives.Hax.Int.from_machine (mk_i32 0) <: Hax_lib.Int.t_Int)); - f_sub_assign_post = (fun (self: u8) (rhs: u8) (out: u8) -> true); - f_sub_assign - = - fun (self: u8) (rhs: u8) -> - let self:u8 = self -! rhs in - self - } - -[@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_2: t_AddAssign u16 u16 = - { - f_add_assign_pre - = - (fun (self_: u16) (rhs: u16) -> - ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) + - (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) - <: - Hax_lib.Int.t_Int) <= - (Rust_primitives.Hax.Int.from_machine Core_models.Num.impl_u16__MAX <: Hax_lib.Int.t_Int)); - f_add_assign_post = (fun (self: u16) (rhs: u16) (out: u16) -> true); - f_add_assign - = - fun (self: u16) (rhs: u16) -> - let self:u16 = self +! rhs in - self - } - -[@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_3: t_SubAssign u16 u16 = - { - f_sub_assign_pre - = - (fun (self_: u16) (rhs: u16) -> - ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) - - (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) - <: - Hax_lib.Int.t_Int) >= - (Rust_primitives.Hax.Int.from_machine (mk_i32 0) <: Hax_lib.Int.t_Int)); - f_sub_assign_post = (fun (self: u16) (rhs: u16) (out: u16) -> true); - f_sub_assign - = - fun (self: u16) (rhs: u16) -> - let self:u16 = self -! rhs in - self - } - -[@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_4: t_AddAssign u32 u32 = - { - f_add_assign_pre - = - (fun (self_: u32) (rhs: u32) -> - ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) + - (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) - <: - Hax_lib.Int.t_Int) <= - (Rust_primitives.Hax.Int.from_machine Core_models.Num.impl_u32__MAX <: Hax_lib.Int.t_Int)); - f_add_assign_post = (fun (self: u32) (rhs: u32) (out: u32) -> true); - f_add_assign - = - fun (self: u32) (rhs: u32) -> - let self:u32 = self +! rhs in - self - } - -[@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_5: t_SubAssign u32 u32 = - { - f_sub_assign_pre - = - (fun (self_: u32) (rhs: u32) -> - ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) - - (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) - <: - Hax_lib.Int.t_Int) >= - (Rust_primitives.Hax.Int.from_machine (mk_i32 0) <: Hax_lib.Int.t_Int)); - f_sub_assign_post = (fun (self: u32) (rhs: u32) (out: u32) -> true); - f_sub_assign - = - fun (self: u32) (rhs: u32) -> - let self:u32 = self -! rhs in - self - } - -[@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_6: t_AddAssign u64 u64 = - { - f_add_assign_pre - = - (fun (self_: u64) (rhs: u64) -> - ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) + - (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) - <: - Hax_lib.Int.t_Int) <= - (Rust_primitives.Hax.Int.from_machine Core_models.Num.impl_u64__MAX <: Hax_lib.Int.t_Int)); - f_add_assign_post = (fun (self: u64) (rhs: u64) (out: u64) -> true); - f_add_assign - = - fun (self: u64) (rhs: u64) -> - let self:u64 = self +! rhs in - self - } - -[@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_7: t_SubAssign u64 u64 = - { - f_sub_assign_pre - = - (fun (self_: u64) (rhs: u64) -> - ((Rust_primitives.Hax.Int.from_machine self_ <: Hax_lib.Int.t_Int) - - (Rust_primitives.Hax.Int.from_machine rhs <: Hax_lib.Int.t_Int) - <: - Hax_lib.Int.t_Int) >= - (Rust_primitives.Hax.Int.from_machine (mk_i32 0) <: Hax_lib.Int.t_Int)); - f_sub_assign_post = (fun (self: u64) (rhs: u64) (out: u64) -> true); - f_sub_assign - = - fun (self: u64) (rhs: u64) -> - let self:u64 = self -! rhs in - self - } - -class t_Add (v_Self: Type0) (v_Rhs: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; - f_add_pre:v_Self -> v_Rhs -> Type0; - f_add_post:v_Self -> v_Rhs -> f_Output -> Type0; - f_add:x0: v_Self -> x1: v_Rhs - -> Prims.Pure f_Output (f_add_pre x0 x1) (fun result -> f_add_post x0 x1 result) -} - -class t_Sub (v_Self: Type0) (v_Rhs: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; - f_sub_pre:v_Self -> v_Rhs -> Type0; - f_sub_post:v_Self -> v_Rhs -> f_Output -> Type0; - f_sub:x0: v_Self -> x1: v_Rhs - -> Prims.Pure f_Output (f_sub_pre x0 x1) (fun result -> f_sub_post x0 x1 result) -} - -class t_Mul (v_Self: Type0) (v_Rhs: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; - f_mul_pre:v_Self -> v_Rhs -> Type0; - f_mul_post:v_Self -> v_Rhs -> f_Output -> Type0; - f_mul:x0: v_Self -> x1: v_Rhs - -> Prims.Pure f_Output (f_mul_pre x0 x1) (fun result -> f_mul_post x0 x1 result) -} - -class t_Div (v_Self: Type0) (v_Rhs: Type0) = { - [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; - f_div_pre:v_Self -> v_Rhs -> Type0; - f_div_post:v_Self -> v_Rhs -> f_Output -> Type0; - f_div:x0: v_Self -> x1: v_Rhs - -> Prims.Pure f_Output (f_div_pre x0 x1) (fun result -> f_div_post x0 x1 result) -} diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fsti new file mode 100644 index 000000000..2c9d6cbf7 --- /dev/null +++ b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Arith.fsti @@ -0,0 +1,88 @@ +module Core_models.Ops.Arith +#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" +open FStar.Mul +open Rust_primitives + +class t_AddAssign (v_Self: Type0) (v_Rhs: Type0) = { + f_add_assign_pre:v_Self -> v_Rhs -> Type0; + f_add_assign_post:v_Self -> v_Rhs -> v_Self -> Type0; + f_add_assign:x0: v_Self -> x1: v_Rhs + -> Prims.Pure v_Self (f_add_assign_pre x0 x1) (fun result -> f_add_assign_post x0 x1 result) +} + +class t_SubAssign (v_Self: Type0) (v_Rhs: Type0) = { + f_sub_assign_pre:v_Self -> v_Rhs -> Type0; + f_sub_assign_post:v_Self -> v_Rhs -> v_Self -> Type0; + f_sub_assign:x0: v_Self -> x1: v_Rhs + -> Prims.Pure v_Self (f_sub_assign_pre x0 x1) (fun result -> f_sub_assign_post x0 x1 result) +} + +class t_MulAssign (v_Self: Type0) (v_Rhs: Type0) = { + f_mul_assign_pre:v_Self -> v_Rhs -> Type0; + f_mul_assign_post:v_Self -> v_Rhs -> v_Self -> Type0; + f_mul_assign:x0: v_Self -> x1: v_Rhs + -> Prims.Pure v_Self (f_mul_assign_pre x0 x1) (fun result -> f_mul_assign_post x0 x1 result) +} + +class t_DivAssign (v_Self: Type0) (v_Rhs: Type0) = { + f_div_assign_pre:v_Self -> v_Rhs -> Type0; + f_div_assign_post:v_Self -> v_Rhs -> v_Self -> Type0; + f_div_assign:x0: v_Self -> x1: v_Rhs + -> Prims.Pure v_Self (f_div_assign_pre x0 x1) (fun result -> f_div_assign_post x0 x1 result) +} + +[@@ FStar.Tactics.Typeclasses.tcinstance] +val impl:t_AddAssign u8 u8 + +[@@ FStar.Tactics.Typeclasses.tcinstance] +val impl_1:t_SubAssign u8 u8 + +[@@ FStar.Tactics.Typeclasses.tcinstance] +val impl_2:t_AddAssign u16 u16 + +[@@ FStar.Tactics.Typeclasses.tcinstance] +val impl_3:t_SubAssign u16 u16 + +[@@ FStar.Tactics.Typeclasses.tcinstance] +val impl_4:t_AddAssign u32 u32 + +[@@ FStar.Tactics.Typeclasses.tcinstance] +val impl_5:t_SubAssign u32 u32 + +[@@ FStar.Tactics.Typeclasses.tcinstance] +val impl_6:t_AddAssign u64 u64 + +[@@ FStar.Tactics.Typeclasses.tcinstance] +val impl_7:t_SubAssign u64 u64 + +class t_Add (v_Self: Type0) (v_Rhs: Type0) = { + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; + f_add_pre:v_Self -> v_Rhs -> Type0; + f_add_post:v_Self -> v_Rhs -> f_Output -> Type0; + f_add:x0: v_Self -> x1: v_Rhs + -> Prims.Pure f_Output (f_add_pre x0 x1) (fun result -> f_add_post x0 x1 result) +} + +class t_Sub (v_Self: Type0) (v_Rhs: Type0) = { + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; + f_sub_pre:v_Self -> v_Rhs -> Type0; + f_sub_post:v_Self -> v_Rhs -> f_Output -> Type0; + f_sub:x0: v_Self -> x1: v_Rhs + -> Prims.Pure f_Output (f_sub_pre x0 x1) (fun result -> f_sub_post x0 x1 result) +} + +class t_Mul (v_Self: Type0) (v_Rhs: Type0) = { + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; + f_mul_pre:v_Self -> v_Rhs -> Type0; + f_mul_post:v_Self -> v_Rhs -> f_Output -> Type0; + f_mul:x0: v_Self -> x1: v_Rhs + -> Prims.Pure f_Output (f_mul_pre x0 x1) (fun result -> f_mul_post x0 x1 result) +} + +class t_Div (v_Self: Type0) (v_Rhs: Type0) = { + [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; + f_div_pre:v_Self -> v_Rhs -> Type0; + f_div_post:v_Self -> v_Rhs -> f_Output -> Type0; + f_div:x0: v_Self -> x1: v_Rhs + -> Prims.Pure f_Output (f_div_pre x0 x1) (fun result -> f_div_post x0 x1 result) +} diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Bit.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Bit.fsti index 631e3f6b1..ed79ab645 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Bit.fsti +++ b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Bit.fsti @@ -1,6 +1,7 @@ module Core_models.Ops.Bit #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives class t_Shr (v_Self: Type0) (v_Rhs: Type0) = { [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Control_flow.fst b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Control_flow.fst index 13d692bc5..a3432607f 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Control_flow.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Control_flow.fst @@ -1,6 +1,7 @@ module Core_models.Ops.Control_flow #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives type t_ControlFlow (v_B: Type0) (v_C: Type0) = | ControlFlow_Continue : v_C -> t_ControlFlow v_B v_C diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fst b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fsti similarity index 83% rename from hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fst rename to hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fsti index ba55b68d7..4a3025f72 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Function.fsti @@ -1,6 +1,7 @@ module Core_models.Ops.Function #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives class t_FnOnce (v_Self: Type0) (v_Args: Type0) = { [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; @@ -29,11 +30,3 @@ let impl (#v_Args #v_Out: Type0) : t_FnOnce (v_Args -> v_Out) v_Args = f_call_once_post = (fun (self: (v_Args -> v_Out)) (args: v_Args) (out: v_Out) -> true); f_call_once = fun (self: (v_Args -> v_Out)) (args: v_Args) -> self args } - -unfold instance fnonce_arrow_binder t u - : t_FnOnce (_:t -> u) t = { - f_Output = u; - f_call_once_pre = (fun _ _ -> true); - f_call_once_post = (fun (x0: (_:t -> u)) (x1: t) (res: u) -> res == x0 x1); - f_call_once = (fun (x0: (_:t -> u)) (x1: t) -> x0 x1); - } diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Index.fst b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Index.fst index 3957752ff..554e8e3be 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Index.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Index.fst @@ -1,8 +1,7 @@ module Core_models.Ops.Index #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul - -open Rust_primitives.Integers +open Rust_primitives class t_Index (v_Self: Type0) (v_Idx: Type0) = { [@@@ FStar.Tactics.Typeclasses.no_method]f_Output:Type0; diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Try_trait.fst b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Try_trait.fst index d4e09ef72..0a6ab294c 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Ops.Try_trait.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Ops.Try_trait.fst @@ -1,6 +1,7 @@ module Core_models.Ops.Try_trait #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives class t_FromResidual (v_Self: Type0) (v_R: Type0) = { f_from_residual_pre:v_R -> Type0; diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Option.fst b/hax-lib/proof-libs/fstar/core/Core_models.Option.fst index 9dcf0b245..4180eb0ab 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Option.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Option.fst @@ -1,13 +1,12 @@ module Core_models.Option #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives type t_Option (v_T: Type0) = | Option_Some : v_T -> t_Option v_T | Option_None : t_Option v_T -open Rust_primitives.Integers - let impl__is_some_and (#v_T #v_F: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: Core_models.Ops.Function.t_FnOnce v_F v_T) diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Panicking.Internal.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Panicking.Internal.fsti index 863c0736b..579e48530 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Panicking.Internal.fsti +++ b/hax-lib/proof-libs/fstar/core/Core_models.Panicking.Internal.fsti @@ -1,5 +1,6 @@ module Core_models.Panicking.Internal #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives val panic: #v_T: Type0 -> Prims.unit -> Prims.Pure v_T (requires false) (fun _ -> Prims.l_True) diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Panicking.fst b/hax-lib/proof-libs/fstar/core/Core_models.Panicking.fst index 3c31af33f..b3c5a7aaf 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Panicking.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Panicking.fst @@ -1,6 +1,7 @@ module Core_models.Panicking #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives assume val panic_explicit': Prims.unit diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Result.fst b/hax-lib/proof-libs/fstar/core/Core_models.Result.fst index c5b9f61c8..936851f82 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Result.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Result.fst @@ -1,6 +1,7 @@ module Core_models.Result #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" open FStar.Mul +open Rust_primitives type t_Result (v_T: Type0) (v_E: Type0) = | Result_Ok : v_T -> t_Result v_T v_E diff --git a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Integers.fsti b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Integers.fsti index c0e04c6d9..26fa3aea6 100644 --- a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Integers.fsti +++ b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Integers.fsti @@ -177,7 +177,7 @@ let cast_identity_lemma (n: int_t a) : Lemma (cast_mod #b #a (cast_mod #a #b n) == n) [SMTPat (cast_mod #b #a (cast_mod #a #b n))] - = admit () + = () #pop-options /// Arithmetic operations @@ -509,10 +509,3 @@ val get_bit_cast_extend #t #u : Lemma (requires bits t < bits u /\ v nth >= bits t /\ v nth < bits u) (ensures get_bit (cast_mod #t #u x) nth == 0) [SMTPat (get_bit (cast_mod #t #u x) nth)] - -[@@ FStar.Tactics.Typeclasses.tcinstance] -instance default_int #t: Core_models.Default.t_Default (int_t t) = { - f_default_pre = (fun () -> true); - f_default_post = (fun () (res: int_t t) -> res =. mk_int #t 0); - f_default = (fun () -> mk_int #t 0); -} diff --git a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.fst b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.fst index 17d65ea0b..9ba99cbe4 100644 --- a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.fst +++ b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.fst @@ -6,28 +6,6 @@ include Rust_primitives.BitVectors include Rust_primitives.Float include Rust_primitives.Char -let (let?) - (#a #b: Type) - (x: Core_models.Option.t_Option a) (f: a -> Core_models.Option.t_Option b): Core_models.Option.t_Option b - = match x with - | Core_models.Option.Option_Some x -> f x - | Core_models.Option.Option_None -> Core_models.Option.Option_None - -let (let|) (#e #a #b: Type) (x: Core_models.Result.t_Result a e) (f: a -> Core_models.Result.t_Result b e) - : Core_models.Result.t_Result b e - = match x with - | Core_models.Result.Result_Ok x -> f x - | Core_models.Result.Result_Err e -> Core_models.Result.Result_Err e - -let (let!) - #break #continue #continue' - (v: Core_models.Ops.Control_flow.t_ControlFlow break continue) - (f: continue -> Core_models.Ops.Control_flow.t_ControlFlow break continue') - : Core_models.Ops.Control_flow.t_ControlFlow break continue' - = match v with - | Core_models.Ops.Control_flow.ControlFlow_Continue v -> f v - | Core_models.Ops.Control_flow.ControlFlow_Break b -> Core_models.Ops.Control_flow.ControlFlow_Break b - class cast_tc a b = { cast: a -> b; } From 764ed1318fa110f6ab7a3d07547da605460aa1e4 Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Tue, 14 Oct 2025 15:32:15 +0200 Subject: [PATCH 11/56] Revert hax_lib extraction, --- .../proofs/fstar/extraction/Hax_lib.Int.fst | 160 ++---------------- .../proofs/fstar/extraction/Hax_lib.Prop.fst | 53 +----- hax-lib/proofs/fstar/extraction/Hax_lib.fst | 34 +--- 3 files changed, 24 insertions(+), 223 deletions(-) diff --git a/hax-lib/proofs/fstar/extraction/Hax_lib.Int.fst b/hax-lib/proofs/fstar/extraction/Hax_lib.Int.fst index 4a5b12702..4c9cca877 100644 --- a/hax-lib/proofs/fstar/extraction/Hax_lib.Int.fst +++ b/hax-lib/proofs/fstar/extraction/Hax_lib.Int.fst @@ -1,150 +1,22 @@ module Hax_lib.Int -#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" -open FStar.Mul -open Core_models - -include Hax_lib.Bundle {t_Int as t_Int} - -include Hax_lib.Bundle {Int as Int} - -include Hax_lib.Bundle {impl_8 as impl_8} - -include Hax_lib.Bundle {impl_9 as impl_9} - -include Hax_lib.Bundle {impl_10 as impl_10} - -include Hax_lib.Bundle {impl_11 as impl_11} - -include Hax_lib.Bundle {impl_12 as impl_12} - -include Hax_lib.Bundle {impl_13 as impl_13} - -include Hax_lib.Bundle {impl_14 as impl_14} - -include Hax_lib.Bundle {impl_15 as impl_15} - -include Hax_lib.Bundle {impl as impl} - -include Hax_lib.Bundle {impl_1__new as impl_Int__new} - -include Hax_lib.Bundle {impl_1__get as impl_Int__get} - -include Hax_lib.Bundle {impl_2 as impl_2} - -include Hax_lib.Bundle {impl_3 as impl_3} - -include Hax_lib.Bundle {impl_4 as impl_4} - -include Hax_lib.Bundle {impl_5 as impl_5} - -include Hax_lib.Bundle {impl_6 as impl_6} - -include Hax_lib.Bundle {impl_7__pow2 as impl_Int__pow2} - -include Hax_lib.Bundle {impl_7__e_unsafe_from_str as impl_Int__e_unsafe_from_str} - -include Hax_lib.Bundle {impl_7__rem_euclid as impl_Int__rem_euclid} - -include Hax_lib.Bundle {t_ToInt as t_ToInt} - -include Hax_lib.Bundle {f_to_int_pre as f_to_int_pre} - -include Hax_lib.Bundle {f_to_int_post as f_to_int_post} - -include Hax_lib.Bundle {f_to_int as f_to_int} - -include Hax_lib.Bundle {impl_16 as impl_16} - -include Hax_lib.Bundle {impl_17 as impl_ToInt_for_u8} - -include Hax_lib.Bundle {impl_18 as impl_18} - -include Hax_lib.Bundle {impl_19 as impl_ToInt_for_u16} - -include Hax_lib.Bundle {impl_20 as impl_20} - -include Hax_lib.Bundle {impl_21 as impl_ToInt_for_u32} - -include Hax_lib.Bundle {impl_22 as impl_22} - -include Hax_lib.Bundle {impl_23 as impl_ToInt_for_u64} - -include Hax_lib.Bundle {impl_24 as impl_24} -include Hax_lib.Bundle {impl_25 as impl_ToInt_for_u128} - -include Hax_lib.Bundle {impl_26 as impl_26} - -include Hax_lib.Bundle {impl_27 as impl_ToInt_for_usize} - -include Hax_lib.Bundle {impl_28 as impl_28} - -include Hax_lib.Bundle {impl_29 as impl_ToInt_for_i8} - -include Hax_lib.Bundle {impl_30 as impl_30} - -include Hax_lib.Bundle {impl_31 as impl_ToInt_for_i16} - -include Hax_lib.Bundle {impl_32 as impl_32} - -include Hax_lib.Bundle {impl_33 as impl_ToInt_for_i32} - -include Hax_lib.Bundle {impl_34 as impl_34} - -include Hax_lib.Bundle {impl_35 as impl_ToInt_for_i64} - -include Hax_lib.Bundle {impl_36 as impl_36} - -include Hax_lib.Bundle {impl_37 as impl_ToInt_for_i128} - -include Hax_lib.Bundle {impl_38 as impl_38} - -include Hax_lib.Bundle {impl_39 as impl_ToInt_for_isize} - -include Hax_lib.Bundle {impl_40 as impl_40} - -include Hax_lib.Bundle {impl_41__to_u8 as impl_Int__to_u8} - -include Hax_lib.Bundle {impl_42 as impl_42} - -include Hax_lib.Bundle {impl_43__to_u16 as impl_Int__to_u16} - -include Hax_lib.Bundle {impl_44 as impl_44} - -include Hax_lib.Bundle {impl_45__to_u32 as impl_Int__to_u32} - -include Hax_lib.Bundle {impl_46 as impl_46} - -include Hax_lib.Bundle {impl_47__to_u64 as impl_Int__to_u64} - -include Hax_lib.Bundle {impl_48 as impl_48} - -include Hax_lib.Bundle {impl_49__to_u128 as impl_Int__to_u128} - -include Hax_lib.Bundle {impl_50 as impl_50} - -include Hax_lib.Bundle {impl_51__to_usize as impl_Int__to_usize} - -include Hax_lib.Bundle {impl_52 as impl_52} - -include Hax_lib.Bundle {impl_53__to_i8 as impl_Int__to_i8} - -include Hax_lib.Bundle {impl_54 as impl_54} - -include Hax_lib.Bundle {impl_55__to_i16 as impl_Int__to_i16} - -include Hax_lib.Bundle {impl_56 as impl_56} - -include Hax_lib.Bundle {impl_57__to_i32 as impl_Int__to_i32} - -include Hax_lib.Bundle {impl_58 as impl_58} - -include Hax_lib.Bundle {impl_59__to_i64 as impl_Int__to_i64} +open Core_models -include Hax_lib.Bundle {impl_60 as impl_60} +unfold type t_Int = int -include Hax_lib.Bundle {impl_61__to_i128 as impl_Int__to_i128} +unfold let impl_Int__to_u8 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n +unfold let impl_Int__to_u16 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n +unfold let impl_Int__to_u32 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n +unfold let impl_Int__to_u64 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n +unfold let impl_Int__to_u128 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n +unfold let impl_Int__to_usize (#t:inttype) (n:range_t t) : int_t t = mk_int #t n -include Hax_lib.Bundle {impl_62 as impl_62} +unfold let impl_Int__to_i8 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n +unfold let impl_Int__to_i16 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n +unfold let impl_Int__to_i32 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n +unfold let impl_Int__to_i64 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n +unfold let impl_Int__to_i128 (#t:inttype) (n:range_t t) : int_t t = mk_int #t n +unfold let impl_Int__to_isize (#t:inttype) (n:range_t t) : int_t t = mk_int #t n -include Hax_lib.Bundle {impl_63__to_isize as impl_Int__to_isize} +unfold let impl_Int__pow2 (n: nat) = pow2 n +unfold let impl_Int__rem_euclid = (%) diff --git a/hax-lib/proofs/fstar/extraction/Hax_lib.Prop.fst b/hax-lib/proofs/fstar/extraction/Hax_lib.Prop.fst index 63eba54eb..3ccc865fa 100644 --- a/hax-lib/proofs/fstar/extraction/Hax_lib.Prop.fst +++ b/hax-lib/proofs/fstar/extraction/Hax_lib.Prop.fst @@ -1,54 +1,3 @@ module Hax_lib.Prop -#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" -open FStar.Mul -open Core_models -include Hax_lib.Prop.Bundle {t_Prop as t_Prop} - -include Hax_lib.Prop.Bundle {Prop as Prop} - -include Hax_lib.Prop.Bundle {impl_7 as impl_7} - -include Hax_lib.Prop.Bundle {impl_8 as impl_8} - -include Hax_lib.Prop.Bundle {impl_9 as impl_9} - -include Hax_lib.Prop.Bundle {impl__from_bool as impl_Prop__from_bool} - -include Hax_lib.Prop.Bundle {impl__and as impl_Prop__and} - -include Hax_lib.Prop.Bundle {impl__or as impl_Prop__or} - -include Hax_lib.Prop.Bundle {impl__not as impl_Prop__not} - -include Hax_lib.Prop.Bundle {impl__eq as impl_Prop__eq} - -include Hax_lib.Prop.Bundle {impl__ne as impl_Prop__ne} - -include Hax_lib.Prop.Bundle {impl__implies as impl_Prop__implies} - -include Hax_lib.Prop.Bundle {impl_1 as impl_1} - -include Hax_lib.Prop.Bundle {t_ToProp as t_ToProp} - -include Hax_lib.Prop.Bundle {f_to_prop_pre as f_to_prop_pre} - -include Hax_lib.Prop.Bundle {f_to_prop_post as f_to_prop_post} - -include Hax_lib.Prop.Bundle {f_to_prop as f_to_prop} - -include Hax_lib.Prop.Bundle {impl_2 as impl_ToProp_for_bool} - -include Hax_lib.Prop.Bundle {impl_3 as impl_3} - -include Hax_lib.Prop.Bundle {impl_4 as impl_4} - -include Hax_lib.Prop.Bundle {impl_5 as impl_5} - -include Hax_lib.Prop.Bundle {impl_6 as impl_6} - -include Hax_lib.Prop.Bundle {v_forall as v_forall} - -include Hax_lib.Prop.Bundle {v_exists as v_exists} - -include Hax_lib.Prop.Bundle {implies as implies} +unfold type t_Prop = Type0 diff --git a/hax-lib/proofs/fstar/extraction/Hax_lib.fst b/hax-lib/proofs/fstar/extraction/Hax_lib.fst index c06c4717f..c1a7ef8e0 100644 --- a/hax-lib/proofs/fstar/extraction/Hax_lib.fst +++ b/hax-lib/proofs/fstar/extraction/Hax_lib.fst @@ -1,32 +1,12 @@ module Hax_lib #set-options "--fuel 0 --ifuel 1 --z3rlimit 15" -open FStar.Mul -open Core_models +open FStar.Tactics -include Hax_lib.Bundle {v_assert as v_assert} +val v_assert (p: bool) : Pure unit (requires p) (ensures (fun x -> p)) +let v_assert (v__formula: bool) = () -include Hax_lib.Bundle {assert_prop as assert_prop} +val assert_prop (p: Type0) : Pure unit (requires p) (ensures (fun x -> p)) +let assert_prop (v__formula: Type0) = () -include Hax_lib.Bundle {v_assume as v_assume} - -include Hax_lib.Bundle {v_inline as v_inline} - -include Hax_lib.Bundle {inline_unsafe as inline_unsafe} - -include Hax_lib.Bundle {any_to_unit as any_to_unit} - -include Hax_lib.Bundle {e_internal_loop_invariant as e_internal_loop_invariant} - -include Hax_lib.Bundle {e_internal_while_loop_invariant as e_internal_while_loop_invariant} - -include Hax_lib.Bundle {e_internal_loop_decreases as e_internal_loop_decreases} - -include Hax_lib.Bundle {t_Refinement as t_Refinement} - -include Hax_lib.Bundle {t_RefineAs as t_RefineAs} - -include Hax_lib.Bundle {f_into_checked_pre as f_into_checked_pre} - -include Hax_lib.Bundle {f_into_checked_post as f_into_checked_post} - -include Hax_lib.Bundle {f_into_checked as f_into_checked} +val v_assume (p: Type0) : Pure unit (requires True) (ensures (fun x -> p)) +let v_assume (v__formula: Type0) = assume v__formula From c9ea2a7c7581be22ed09f2957534de3c522525b3 Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Tue, 14 Oct 2025 17:03:30 +0200 Subject: [PATCH 12/56] Fix chacha example. --- hax-lib/core-models/hax.sh | 2 +- .../core-models/rust_primitives/src/lib.rs | 8 +- hax-lib/core-models/src/core/convert.rs | 14 +- hax-lib/core-models/src/core/num/mod.rs | 16 +- .../fstar/core/Core_models.Convert.fst | 17 +- .../proof-libs/fstar/core/Core_models.Num.fst | 1120 +++++++++++++++++ .../fstar/core/Core_models.Num.fsti | 724 ----------- 7 files changed, 1160 insertions(+), 741 deletions(-) create mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Num.fst delete mode 100644 hax-lib/proof-libs/fstar/core/Core_models.Num.fsti diff --git a/hax-lib/core-models/hax.sh b/hax-lib/core-models/hax.sh index 938a37fff..5a92a9e39 100755 --- a/hax-lib/core-models/hax.sh +++ b/hax-lib/core-models/hax.sh @@ -3,7 +3,7 @@ set -e function extract_and_copy() { go_to "./" - HAX_CORE_MODELS_EXTRACTION_MODE=on cargo hax into fstar --interfaces '+!**::num::error +!**::panicking::internal +!core_models::borrow +!core_models::default +!core_models::error +!core_models::hash +!core_models::hint +!core_models::ops::bit +!core_models::ops::arith +!core_models::ops::function +!core_models::fmt +!core_models::fmt::rt +!core_models::mem +!core_models::mem::* +!core_models::num' + HAX_CORE_MODELS_EXTRACTION_MODE=on cargo hax into fstar --interfaces '+!**::num::error +!**::panicking::internal +!core_models::borrow +!core_models::default +!core_models::error +!core_models::hash +!core_models::hint +!core_models::ops::bit +!core_models::ops::arith +!core_models::ops::function +!core_models::fmt +!core_models::fmt::rt +!core_models::mem +!core_models::mem::*' cp proofs/fstar/extraction/*.fst* ../proof-libs/fstar/core } diff --git a/hax-lib/core-models/rust_primitives/src/lib.rs b/hax-lib/core-models/rust_primitives/src/lib.rs index 415919731..b7bffbeda 100644 --- a/hax-lib/core-models/rust_primitives/src/lib.rs +++ b/hax-lib/core-models/rust_primitives/src/lib.rs @@ -55,16 +55,16 @@ pub mod arithmetic { pub fn [](x: $Self) -> u32 { panic!() } - pub fn [](bytes: [$Self; $Bytes]) -> $Self { + pub fn [](bytes: [u8; $Bytes]) -> $Self { panic!() } - pub fn [](bytes: [$Self; $Bytes]) -> $Self { + pub fn [](bytes: [u8; $Bytes]) -> $Self { panic!() } - pub fn [](bytes: $Self) -> [$Self; $Bytes] { + pub fn [](bytes: $Self) -> [u8; $Bytes] { panic!() } - pub fn [](bytes: $Self) -> [$Self; $Bytes] { + pub fn [](bytes: $Self) -> [u8; $Bytes] { panic!() })* } diff --git a/hax-lib/core-models/src/core/convert.rs b/hax-lib/core-models/src/core/convert.rs index 5e67d2874..bb735ee0c 100644 --- a/hax-lib/core-models/src/core/convert.rs +++ b/hax-lib/core-models/src/core/convert.rs @@ -41,6 +41,18 @@ impl> TryFrom for U { } } +#[hax_lib::fstar::after(" +instance impl_slice_try_into_array_refined (t: Type0) (len: usize): t_TryInto (s: t_Slice t) (t_Array t len) = { + f_Error = Core_models.Array.t_TryFromSliceError; + f_try_into_pre = (fun (s: t_Slice t) -> true); + f_try_into_post = (fun (s: t_Slice t) (out: Core_models.Result.t_Result (t_Array t len) Core_models.Array.t_TryFromSliceError) -> true); + f_try_into = (fun (s: t_Slice t) -> + if Core_models.Slice.impl__len s = len + then Core_models.Result.Result_Ok (s <: t_Array t len) + else Core_models.Result.Result_Err Core_models.Array.TryFromSliceError + ) +} +")] impl> TryInto for T { type Error = U::Error; fn try_into(self) -> Result { @@ -120,4 +132,4 @@ int_try_from! { i16 i32 i32 i64 i64 i64 i64 i128 i128 i128 i128 i128 isize isize isize, i8 i8 i16 i8 i16 i32 isize i8 i16 i32 i64 isize i8 i16 i32, } -// Add conversions between sized / unsized + diff --git a/hax-lib/core-models/src/core/num/mod.rs b/hax-lib/core-models/src/core/num/mod.rs index 006a9bbe0..06e3057fd 100644 --- a/hax-lib/core-models/src/core/num/mod.rs +++ b/hax-lib/core-models/src/core/num/mod.rs @@ -80,19 +80,19 @@ macro_rules! uint_impl { crate::panicking::internal::panic() } #[hax_lib::opaque] - fn from_be_bytes(bytes: [$Self; $Bytes]) -> $Self { + fn from_be_bytes(bytes: [core::primitive::u8; $Bytes]) -> $Self { paste! { [](bytes) } } #[hax_lib::opaque] - fn from_le_bytes(bytes: [$Self; $Bytes]) -> $Self { + fn from_le_bytes(bytes: [core::primitive::u8; $Bytes]) -> $Self { paste! { [](bytes) } } #[hax_lib::opaque] - fn to_be_bytes(bytes: $Self) -> [$Self; $Bytes] { + fn to_be_bytes(bytes: $Self) -> [core::primitive::u8; $Bytes] { paste! { [](bytes) } } #[hax_lib::opaque] - fn to_le_bytes(bytes: $Self) -> [$Self; $Bytes] { + fn to_le_bytes(bytes: $Self) -> [core::primitive::u8; $Bytes] { paste! { [](bytes) } } } @@ -178,19 +178,19 @@ macro_rules! iint_impl { crate::panicking::internal::panic() } #[hax_lib::opaque] - fn from_be_bytes(bytes: [$Self; $Bytes]) -> $Self { + fn from_be_bytes(bytes: [core::primitive::u8; $Bytes]) -> $Self { paste! { [](bytes) } } #[hax_lib::opaque] - fn from_le_bytes(bytes: [$Self; $Bytes]) -> $Self { + fn from_le_bytes(bytes: [core::primitive::u8; $Bytes]) -> $Self { paste! { [](bytes) } } #[hax_lib::opaque] - fn to_be_bytes(bytes: $Self) -> [$Self; $Bytes] { + fn to_be_bytes(bytes: $Self) -> [core::primitive::u8; $Bytes] { paste! { [](bytes) } } #[hax_lib::opaque] - fn to_le_bytes(bytes: $Self) -> [$Self; $Bytes] { + fn to_le_bytes(bytes: $Self) -> [core::primitive::u8; $Bytes] { paste! { [](bytes) } } } diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Convert.fst b/hax-lib/proof-libs/fstar/core/Core_models.Convert.fst index 193cdd0c7..589d95386 100644 --- a/hax-lib/proof-libs/fstar/core/Core_models.Convert.fst +++ b/hax-lib/proof-libs/fstar/core/Core_models.Convert.fst @@ -27,7 +27,7 @@ let impl (#v_T #v_U: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_Fro type t_Infallible = | Infallible : t_Infallible [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_3 (#v_T: Type0) : t_From v_T v_T = +let impl_2 (#v_T: Type0) : t_From v_T v_T = { f_from_pre = (fun (x: v_T) -> true); f_from_post = (fun (x: v_T) (out: v_T) -> true); @@ -41,7 +41,7 @@ class t_AsRef (v_Self: Type0) (v_T: Type0) = { } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_4 (#v_T: Type0) : t_AsRef v_T v_T = +let impl_3 (#v_T: Type0) : t_AsRef v_T v_T = { f_as_ref_pre = (fun (self: v_T) -> true); f_as_ref_post = (fun (self: v_T) (out: v_T) -> true); @@ -324,7 +324,7 @@ let impl_1 (#v_T #v_U: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_F } [@@ FStar.Tactics.Typeclasses.tcinstance] -let impl_2 (#v_T #v_U: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_TryFrom v_U v_T) +let impl_4 (#v_T #v_U: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_TryFrom v_U v_T) : t_TryInto v_T v_U = { f_Error = i0.f_Error; @@ -333,6 +333,17 @@ let impl_2 (#v_T #v_U: Type0) (#[FStar.Tactics.Typeclasses.tcresolve ()] i0: t_T f_try_into = fun (self: v_T) -> f_try_from #v_U #v_T #FStar.Tactics.Typeclasses.solve self } +instance impl_slice_try_into_array_refined (t: Type0) (len: usize): t_TryInto (s: t_Slice t) (t_Array t len) = { + f_Error = Core_models.Array.t_TryFromSliceError; + f_try_into_pre = (fun (s: t_Slice t) -> true); + f_try_into_post = (fun (s: t_Slice t) (out: Core_models.Result.t_Result (t_Array t len) Core_models.Array.t_TryFromSliceError) -> true); + f_try_into = (fun (s: t_Slice t) -> + if Core_models.Slice.impl__len s = len + then Core_models.Result.Result_Ok (s <: t_Array t len) + else Core_models.Result.Result_Err Core_models.Array.TryFromSliceError + ) +} + [@@ FStar.Tactics.Typeclasses.tcinstance] let impl_35: t_TryFrom u8 u16 = { diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Num.fst b/hax-lib/proof-libs/fstar/core/Core_models.Num.fst new file mode 100644 index 000000000..566b8ee87 --- /dev/null +++ b/hax-lib/proof-libs/fstar/core/Core_models.Num.fst @@ -0,0 +1,1120 @@ +module Core_models.Num +#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" +open FStar.Mul +open Rust_primitives + +let impl_u8__MIN: u8 = mk_u8 0 + +let impl_u8__MAX: u8 = mk_u8 255 + +let impl_u8__BITS: u32 = mk_u32 8 + +let impl_u8__wrapping_add (x y: u8) : u8 = Rust_primitives.Arithmetic.wrapping_add_u8 x y + +let impl_u8__saturating_add (x y: u8) : u8 = Rust_primitives.Arithmetic.saturating_add_u8 x y + +let impl_u8__overflowing_add (x y: u8) : (u8 & bool) = + Rust_primitives.Arithmetic.overflowing_add_u8 x y + +let impl_u8__wrapping_sub (x y: u8) : u8 = Rust_primitives.Arithmetic.wrapping_sub_u8 x y + +let impl_u8__saturating_sub (x y: u8) : u8 = Rust_primitives.Arithmetic.saturating_sub_u8 x y + +let impl_u8__overflowing_sub (x y: u8) : (u8 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_u8 x y + +let impl_u8__wrapping_mul (x y: u8) : u8 = Rust_primitives.Arithmetic.wrapping_mul_u8 x y + +let impl_u8__saturating_mul (x y: u8) : u8 = Rust_primitives.Arithmetic.saturating_mul_u8 x y + +let impl_u8__overflowing_mul (x y: u8) : (u8 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_u8 x y + +let impl_u8__pow (x: u8) (exp: u32) : u8 = Rust_primitives.Arithmetic.pow_u8 x exp + +let impl_u8__count_ones (x: u8) : u32 = Rust_primitives.Arithmetic.count_ones_u8 x + +assume +val impl_u8__rotate_right': x: u8 -> n: u32 -> u8 + +unfold +let impl_u8__rotate_right = impl_u8__rotate_right' + +assume +val impl_u8__rotate_left': x: u8 -> n: u32 -> u8 + +unfold +let impl_u8__rotate_left = impl_u8__rotate_left' + +assume +val impl_u8__leading_zeros': x: u8 -> u32 + +unfold +let impl_u8__leading_zeros = impl_u8__leading_zeros' + +assume +val impl_u8__ilog2': x: u8 -> u32 + +unfold +let impl_u8__ilog2 = impl_u8__ilog2' + +assume +val impl_u8__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result u8 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_u8__from_str_radix = impl_u8__from_str_radix' + +assume +val impl_u8__from_be_bytes': bytes: t_Array u8 (mk_usize 1) -> u8 + +unfold +let impl_u8__from_be_bytes = impl_u8__from_be_bytes' + +assume +val impl_u8__from_le_bytes': bytes: t_Array u8 (mk_usize 1) -> u8 + +unfold +let impl_u8__from_le_bytes = impl_u8__from_le_bytes' + +assume +val impl_u8__to_be_bytes': bytes: u8 -> t_Array u8 (mk_usize 1) + +unfold +let impl_u8__to_be_bytes = impl_u8__to_be_bytes' + +assume +val impl_u8__to_le_bytes': bytes: u8 -> t_Array u8 (mk_usize 1) + +unfold +let impl_u8__to_le_bytes = impl_u8__to_le_bytes' + +let impl_u8__rem_euclid (x y: u8) : Prims.Pure u8 (requires y <>. mk_u8 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_u8 x y + +let impl_u16__MIN: u16 = mk_u16 0 + +let impl_u16__MAX: u16 = mk_u16 65535 + +let impl_u16__BITS: u32 = mk_u32 16 + +let impl_u16__wrapping_add (x y: u16) : u16 = Rust_primitives.Arithmetic.wrapping_add_u16 x y + +let impl_u16__saturating_add (x y: u16) : u16 = Rust_primitives.Arithmetic.saturating_add_u16 x y + +let impl_u16__overflowing_add (x y: u16) : (u16 & bool) = + Rust_primitives.Arithmetic.overflowing_add_u16 x y + +let impl_u16__wrapping_sub (x y: u16) : u16 = Rust_primitives.Arithmetic.wrapping_sub_u16 x y + +let impl_u16__saturating_sub (x y: u16) : u16 = Rust_primitives.Arithmetic.saturating_sub_u16 x y + +let impl_u16__overflowing_sub (x y: u16) : (u16 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_u16 x y + +let impl_u16__wrapping_mul (x y: u16) : u16 = Rust_primitives.Arithmetic.wrapping_mul_u16 x y + +let impl_u16__saturating_mul (x y: u16) : u16 = Rust_primitives.Arithmetic.saturating_mul_u16 x y + +let impl_u16__overflowing_mul (x y: u16) : (u16 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_u16 x y + +let impl_u16__pow (x: u16) (exp: u32) : u16 = Rust_primitives.Arithmetic.pow_u16 x exp + +let impl_u16__count_ones (x: u16) : u32 = Rust_primitives.Arithmetic.count_ones_u16 x + +assume +val impl_u16__rotate_right': x: u16 -> n: u32 -> u16 + +unfold +let impl_u16__rotate_right = impl_u16__rotate_right' + +assume +val impl_u16__rotate_left': x: u16 -> n: u32 -> u16 + +unfold +let impl_u16__rotate_left = impl_u16__rotate_left' + +assume +val impl_u16__leading_zeros': x: u16 -> u32 + +unfold +let impl_u16__leading_zeros = impl_u16__leading_zeros' + +assume +val impl_u16__ilog2': x: u16 -> u32 + +unfold +let impl_u16__ilog2 = impl_u16__ilog2' + +assume +val impl_u16__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result u16 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_u16__from_str_radix = impl_u16__from_str_radix' + +assume +val impl_u16__from_be_bytes': bytes: t_Array u8 (mk_usize 2) -> u16 + +unfold +let impl_u16__from_be_bytes = impl_u16__from_be_bytes' + +assume +val impl_u16__from_le_bytes': bytes: t_Array u8 (mk_usize 2) -> u16 + +unfold +let impl_u16__from_le_bytes = impl_u16__from_le_bytes' + +assume +val impl_u16__to_be_bytes': bytes: u16 -> t_Array u8 (mk_usize 2) + +unfold +let impl_u16__to_be_bytes = impl_u16__to_be_bytes' + +assume +val impl_u16__to_le_bytes': bytes: u16 -> t_Array u8 (mk_usize 2) + +unfold +let impl_u16__to_le_bytes = impl_u16__to_le_bytes' + +let impl_u16__rem_euclid (x y: u16) + : Prims.Pure u16 (requires y <>. mk_u16 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_u16 x y + +let impl_u32__MIN: u32 = mk_u32 0 + +let impl_u32__MAX: u32 = mk_u32 4294967295 + +let impl_u32__BITS: u32 = mk_u32 32 + +let impl_u32__wrapping_add (x y: u32) : u32 = Rust_primitives.Arithmetic.wrapping_add_u32 x y + +let impl_u32__saturating_add (x y: u32) : u32 = Rust_primitives.Arithmetic.saturating_add_u32 x y + +let impl_u32__overflowing_add (x y: u32) : (u32 & bool) = + Rust_primitives.Arithmetic.overflowing_add_u32 x y + +let impl_u32__wrapping_sub (x y: u32) : u32 = Rust_primitives.Arithmetic.wrapping_sub_u32 x y + +let impl_u32__saturating_sub (x y: u32) : u32 = Rust_primitives.Arithmetic.saturating_sub_u32 x y + +let impl_u32__overflowing_sub (x y: u32) : (u32 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_u32 x y + +let impl_u32__wrapping_mul (x y: u32) : u32 = Rust_primitives.Arithmetic.wrapping_mul_u32 x y + +let impl_u32__saturating_mul (x y: u32) : u32 = Rust_primitives.Arithmetic.saturating_mul_u32 x y + +let impl_u32__overflowing_mul (x y: u32) : (u32 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_u32 x y + +let impl_u32__pow (x exp: u32) : u32 = Rust_primitives.Arithmetic.pow_u32 x exp + +let impl_u32__count_ones (x: u32) : u32 = Rust_primitives.Arithmetic.count_ones_u32 x + +assume +val impl_u32__rotate_right': x: u32 -> n: u32 -> u32 + +unfold +let impl_u32__rotate_right = impl_u32__rotate_right' + +assume +val impl_u32__rotate_left': x: u32 -> n: u32 -> u32 + +unfold +let impl_u32__rotate_left = impl_u32__rotate_left' + +assume +val impl_u32__leading_zeros': x: u32 -> u32 + +unfold +let impl_u32__leading_zeros = impl_u32__leading_zeros' + +assume +val impl_u32__ilog2': x: u32 -> u32 + +unfold +let impl_u32__ilog2 = impl_u32__ilog2' + +assume +val impl_u32__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result u32 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_u32__from_str_radix = impl_u32__from_str_radix' + +assume +val impl_u32__from_be_bytes': bytes: t_Array u8 (mk_usize 4) -> u32 + +unfold +let impl_u32__from_be_bytes = impl_u32__from_be_bytes' + +assume +val impl_u32__from_le_bytes': bytes: t_Array u8 (mk_usize 4) -> u32 + +unfold +let impl_u32__from_le_bytes = impl_u32__from_le_bytes' + +assume +val impl_u32__to_be_bytes': bytes: u32 -> t_Array u8 (mk_usize 4) + +unfold +let impl_u32__to_be_bytes = impl_u32__to_be_bytes' + +assume +val impl_u32__to_le_bytes': bytes: u32 -> t_Array u8 (mk_usize 4) + +unfold +let impl_u32__to_le_bytes = impl_u32__to_le_bytes' + +let impl_u32__rem_euclid (x y: u32) + : Prims.Pure u32 (requires y <>. mk_u32 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_u32 x y + +let impl_u64__MIN: u64 = mk_u64 0 + +let impl_u64__MAX: u64 = mk_u64 18446744073709551615 + +let impl_u64__BITS: u32 = mk_u32 64 + +let impl_u64__wrapping_add (x y: u64) : u64 = Rust_primitives.Arithmetic.wrapping_add_u64 x y + +let impl_u64__saturating_add (x y: u64) : u64 = Rust_primitives.Arithmetic.saturating_add_u64 x y + +let impl_u64__overflowing_add (x y: u64) : (u64 & bool) = + Rust_primitives.Arithmetic.overflowing_add_u64 x y + +let impl_u64__wrapping_sub (x y: u64) : u64 = Rust_primitives.Arithmetic.wrapping_sub_u64 x y + +let impl_u64__saturating_sub (x y: u64) : u64 = Rust_primitives.Arithmetic.saturating_sub_u64 x y + +let impl_u64__overflowing_sub (x y: u64) : (u64 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_u64 x y + +let impl_u64__wrapping_mul (x y: u64) : u64 = Rust_primitives.Arithmetic.wrapping_mul_u64 x y + +let impl_u64__saturating_mul (x y: u64) : u64 = Rust_primitives.Arithmetic.saturating_mul_u64 x y + +let impl_u64__overflowing_mul (x y: u64) : (u64 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_u64 x y + +let impl_u64__pow (x: u64) (exp: u32) : u64 = Rust_primitives.Arithmetic.pow_u64 x exp + +let impl_u64__count_ones (x: u64) : u32 = Rust_primitives.Arithmetic.count_ones_u64 x + +assume +val impl_u64__rotate_right': x: u64 -> n: u32 -> u64 + +unfold +let impl_u64__rotate_right = impl_u64__rotate_right' + +assume +val impl_u64__rotate_left': x: u64 -> n: u32 -> u64 + +unfold +let impl_u64__rotate_left = impl_u64__rotate_left' + +assume +val impl_u64__leading_zeros': x: u64 -> u32 + +unfold +let impl_u64__leading_zeros = impl_u64__leading_zeros' + +assume +val impl_u64__ilog2': x: u64 -> u32 + +unfold +let impl_u64__ilog2 = impl_u64__ilog2' + +assume +val impl_u64__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result u64 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_u64__from_str_radix = impl_u64__from_str_radix' + +assume +val impl_u64__from_be_bytes': bytes: t_Array u8 (mk_usize 8) -> u64 + +unfold +let impl_u64__from_be_bytes = impl_u64__from_be_bytes' + +assume +val impl_u64__from_le_bytes': bytes: t_Array u8 (mk_usize 8) -> u64 + +unfold +let impl_u64__from_le_bytes = impl_u64__from_le_bytes' + +assume +val impl_u64__to_be_bytes': bytes: u64 -> t_Array u8 (mk_usize 8) + +unfold +let impl_u64__to_be_bytes = impl_u64__to_be_bytes' + +assume +val impl_u64__to_le_bytes': bytes: u64 -> t_Array u8 (mk_usize 8) + +unfold +let impl_u64__to_le_bytes = impl_u64__to_le_bytes' + +let impl_u64__rem_euclid (x y: u64) + : Prims.Pure u64 (requires y <>. mk_u64 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_u64 x y + +let impl_u128__MIN: u128 = mk_u128 0 + +let impl_u128__MAX: u128 = mk_u128 340282366920938463463374607431768211455 + +let impl_u128__BITS: u32 = mk_u32 128 + +let impl_u128__wrapping_add (x y: u128) : u128 = Rust_primitives.Arithmetic.wrapping_add_u128 x y + +let impl_u128__saturating_add (x y: u128) : u128 = + Rust_primitives.Arithmetic.saturating_add_u128 x y + +let impl_u128__overflowing_add (x y: u128) : (u128 & bool) = + Rust_primitives.Arithmetic.overflowing_add_u128 x y + +let impl_u128__wrapping_sub (x y: u128) : u128 = Rust_primitives.Arithmetic.wrapping_sub_u128 x y + +let impl_u128__saturating_sub (x y: u128) : u128 = + Rust_primitives.Arithmetic.saturating_sub_u128 x y + +let impl_u128__overflowing_sub (x y: u128) : (u128 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_u128 x y + +let impl_u128__wrapping_mul (x y: u128) : u128 = Rust_primitives.Arithmetic.wrapping_mul_u128 x y + +let impl_u128__saturating_mul (x y: u128) : u128 = + Rust_primitives.Arithmetic.saturating_mul_u128 x y + +let impl_u128__overflowing_mul (x y: u128) : (u128 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_u128 x y + +let impl_u128__pow (x: u128) (exp: u32) : u128 = Rust_primitives.Arithmetic.pow_u128 x exp + +let impl_u128__count_ones (x: u128) : u32 = Rust_primitives.Arithmetic.count_ones_u128 x + +assume +val impl_u128__rotate_right': x: u128 -> n: u32 -> u128 + +unfold +let impl_u128__rotate_right = impl_u128__rotate_right' + +assume +val impl_u128__rotate_left': x: u128 -> n: u32 -> u128 + +unfold +let impl_u128__rotate_left = impl_u128__rotate_left' + +assume +val impl_u128__leading_zeros': x: u128 -> u32 + +unfold +let impl_u128__leading_zeros = impl_u128__leading_zeros' + +assume +val impl_u128__ilog2': x: u128 -> u32 + +unfold +let impl_u128__ilog2 = impl_u128__ilog2' + +assume +val impl_u128__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result u128 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_u128__from_str_radix = impl_u128__from_str_radix' + +assume +val impl_u128__from_be_bytes': bytes: t_Array u8 (mk_usize 16) -> u128 + +unfold +let impl_u128__from_be_bytes = impl_u128__from_be_bytes' + +assume +val impl_u128__from_le_bytes': bytes: t_Array u8 (mk_usize 16) -> u128 + +unfold +let impl_u128__from_le_bytes = impl_u128__from_le_bytes' + +assume +val impl_u128__to_be_bytes': bytes: u128 -> t_Array u8 (mk_usize 16) + +unfold +let impl_u128__to_be_bytes = impl_u128__to_be_bytes' + +assume +val impl_u128__to_le_bytes': bytes: u128 -> t_Array u8 (mk_usize 16) + +unfold +let impl_u128__to_le_bytes = impl_u128__to_le_bytes' + +let impl_u128__rem_euclid (x y: u128) + : Prims.Pure u128 (requires y <>. mk_u128 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_u128 x y + +let impl_usize__MIN: usize = mk_usize 0 + +let impl_usize__MAX: usize = Rust_primitives.Arithmetic.v_USIZE_MAX + +let impl_usize__BITS: u32 = Rust_primitives.Arithmetic.v_SIZE_BITS + +let impl_usize__wrapping_add (x y: usize) : usize = + Rust_primitives.Arithmetic.wrapping_add_usize x y + +let impl_usize__saturating_add (x y: usize) : usize = + Rust_primitives.Arithmetic.saturating_add_usize x y + +let impl_usize__overflowing_add (x y: usize) : (usize & bool) = + Rust_primitives.Arithmetic.overflowing_add_usize x y + +let impl_usize__wrapping_sub (x y: usize) : usize = + Rust_primitives.Arithmetic.wrapping_sub_usize x y + +let impl_usize__saturating_sub (x y: usize) : usize = + Rust_primitives.Arithmetic.saturating_sub_usize x y + +let impl_usize__overflowing_sub (x y: usize) : (usize & bool) = + Rust_primitives.Arithmetic.overflowing_sub_usize x y + +let impl_usize__wrapping_mul (x y: usize) : usize = + Rust_primitives.Arithmetic.wrapping_mul_usize x y + +let impl_usize__saturating_mul (x y: usize) : usize = + Rust_primitives.Arithmetic.saturating_mul_usize x y + +let impl_usize__overflowing_mul (x y: usize) : (usize & bool) = + Rust_primitives.Arithmetic.overflowing_mul_usize x y + +let impl_usize__pow (x: usize) (exp: u32) : usize = Rust_primitives.Arithmetic.pow_usize x exp + +let impl_usize__count_ones (x: usize) : u32 = Rust_primitives.Arithmetic.count_ones_usize x + +assume +val impl_usize__rotate_right': x: usize -> n: u32 -> usize + +unfold +let impl_usize__rotate_right = impl_usize__rotate_right' + +assume +val impl_usize__rotate_left': x: usize -> n: u32 -> usize + +unfold +let impl_usize__rotate_left = impl_usize__rotate_left' + +assume +val impl_usize__leading_zeros': x: usize -> u32 + +unfold +let impl_usize__leading_zeros = impl_usize__leading_zeros' + +assume +val impl_usize__ilog2': x: usize -> u32 + +unfold +let impl_usize__ilog2 = impl_usize__ilog2' + +assume +val impl_usize__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result usize Core_models.Num.Error.t_ParseIntError + +unfold +let impl_usize__from_str_radix = impl_usize__from_str_radix' + +assume +val impl_usize__from_be_bytes': bytes: t_Array u8 (mk_usize 0) -> usize + +unfold +let impl_usize__from_be_bytes = impl_usize__from_be_bytes' + +assume +val impl_usize__from_le_bytes': bytes: t_Array u8 (mk_usize 0) -> usize + +unfold +let impl_usize__from_le_bytes = impl_usize__from_le_bytes' + +assume +val impl_usize__to_be_bytes': bytes: usize -> t_Array u8 (mk_usize 0) + +unfold +let impl_usize__to_be_bytes = impl_usize__to_be_bytes' + +assume +val impl_usize__to_le_bytes': bytes: usize -> t_Array u8 (mk_usize 0) + +unfold +let impl_usize__to_le_bytes = impl_usize__to_le_bytes' + +let impl_usize__rem_euclid (x y: usize) + : Prims.Pure usize (requires y <>. mk_usize 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_usize x y + +let impl_i8__MIN: i8 = mk_i8 (-128) + +let impl_i8__MAX: i8 = mk_i8 127 + +let impl_i8__BITS: u32 = mk_u32 8 + +let impl_i8__wrapping_add (x y: i8) : i8 = Rust_primitives.Arithmetic.wrapping_add_i8 x y + +let impl_i8__saturating_add (x y: i8) : i8 = Rust_primitives.Arithmetic.saturating_add_i8 x y + +let impl_i8__overflowing_add (x y: i8) : (i8 & bool) = + Rust_primitives.Arithmetic.overflowing_add_i8 x y + +let impl_i8__wrapping_sub (x y: i8) : i8 = Rust_primitives.Arithmetic.wrapping_sub_i8 x y + +let impl_i8__saturating_sub (x y: i8) : i8 = Rust_primitives.Arithmetic.saturating_sub_i8 x y + +let impl_i8__overflowing_sub (x y: i8) : (i8 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_i8 x y + +let impl_i8__wrapping_mul (x y: i8) : i8 = Rust_primitives.Arithmetic.wrapping_mul_i8 x y + +let impl_i8__saturating_mul (x y: i8) : i8 = Rust_primitives.Arithmetic.saturating_mul_i8 x y + +let impl_i8__overflowing_mul (x y: i8) : (i8 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_i8 x y + +let impl_i8__pow (x: i8) (exp: u32) : i8 = Rust_primitives.Arithmetic.pow_i8 x exp + +let impl_i8__count_ones (x: i8) : u32 = Rust_primitives.Arithmetic.count_ones_i8 x + +assume +val impl_i8__rotate_right': x: i8 -> n: u32 -> i8 + +unfold +let impl_i8__rotate_right = impl_i8__rotate_right' + +assume +val impl_i8__rotate_left': x: i8 -> n: u32 -> i8 + +unfold +let impl_i8__rotate_left = impl_i8__rotate_left' + +assume +val impl_i8__leading_zeros': x: i8 -> u32 + +unfold +let impl_i8__leading_zeros = impl_i8__leading_zeros' + +assume +val impl_i8__ilog2': x: i8 -> u32 + +unfold +let impl_i8__ilog2 = impl_i8__ilog2' + +assume +val impl_i8__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result i8 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_i8__from_str_radix = impl_i8__from_str_radix' + +assume +val impl_i8__from_be_bytes': bytes: t_Array u8 (mk_usize 1) -> i8 + +unfold +let impl_i8__from_be_bytes = impl_i8__from_be_bytes' + +assume +val impl_i8__from_le_bytes': bytes: t_Array u8 (mk_usize 1) -> i8 + +unfold +let impl_i8__from_le_bytes = impl_i8__from_le_bytes' + +assume +val impl_i8__to_be_bytes': bytes: i8 -> t_Array u8 (mk_usize 1) + +unfold +let impl_i8__to_be_bytes = impl_i8__to_be_bytes' + +assume +val impl_i8__to_le_bytes': bytes: i8 -> t_Array u8 (mk_usize 1) + +unfold +let impl_i8__to_le_bytes = impl_i8__to_le_bytes' + +let impl_i8__rem_euclid (x y: i8) : Prims.Pure i8 (requires y <>. mk_i8 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_i8 x y + +let impl_i8__abs (x: i8) : Prims.Pure i8 (requires x >. impl_i8__MIN) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.abs_i8 x + +let impl_i16__MIN: i16 = mk_i16 (-32768) + +let impl_i16__MAX: i16 = mk_i16 32767 + +let impl_i16__BITS: u32 = mk_u32 16 + +let impl_i16__wrapping_add (x y: i16) : i16 = Rust_primitives.Arithmetic.wrapping_add_i16 x y + +let impl_i16__saturating_add (x y: i16) : i16 = Rust_primitives.Arithmetic.saturating_add_i16 x y + +let impl_i16__overflowing_add (x y: i16) : (i16 & bool) = + Rust_primitives.Arithmetic.overflowing_add_i16 x y + +let impl_i16__wrapping_sub (x y: i16) : i16 = Rust_primitives.Arithmetic.wrapping_sub_i16 x y + +let impl_i16__saturating_sub (x y: i16) : i16 = Rust_primitives.Arithmetic.saturating_sub_i16 x y + +let impl_i16__overflowing_sub (x y: i16) : (i16 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_i16 x y + +let impl_i16__wrapping_mul (x y: i16) : i16 = Rust_primitives.Arithmetic.wrapping_mul_i16 x y + +let impl_i16__saturating_mul (x y: i16) : i16 = Rust_primitives.Arithmetic.saturating_mul_i16 x y + +let impl_i16__overflowing_mul (x y: i16) : (i16 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_i16 x y + +let impl_i16__pow (x: i16) (exp: u32) : i16 = Rust_primitives.Arithmetic.pow_i16 x exp + +let impl_i16__count_ones (x: i16) : u32 = Rust_primitives.Arithmetic.count_ones_i16 x + +assume +val impl_i16__rotate_right': x: i16 -> n: u32 -> i16 + +unfold +let impl_i16__rotate_right = impl_i16__rotate_right' + +assume +val impl_i16__rotate_left': x: i16 -> n: u32 -> i16 + +unfold +let impl_i16__rotate_left = impl_i16__rotate_left' + +assume +val impl_i16__leading_zeros': x: i16 -> u32 + +unfold +let impl_i16__leading_zeros = impl_i16__leading_zeros' + +assume +val impl_i16__ilog2': x: i16 -> u32 + +unfold +let impl_i16__ilog2 = impl_i16__ilog2' + +assume +val impl_i16__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result i16 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_i16__from_str_radix = impl_i16__from_str_radix' + +assume +val impl_i16__from_be_bytes': bytes: t_Array u8 (mk_usize 2) -> i16 + +unfold +let impl_i16__from_be_bytes = impl_i16__from_be_bytes' + +assume +val impl_i16__from_le_bytes': bytes: t_Array u8 (mk_usize 2) -> i16 + +unfold +let impl_i16__from_le_bytes = impl_i16__from_le_bytes' + +assume +val impl_i16__to_be_bytes': bytes: i16 -> t_Array u8 (mk_usize 2) + +unfold +let impl_i16__to_be_bytes = impl_i16__to_be_bytes' + +assume +val impl_i16__to_le_bytes': bytes: i16 -> t_Array u8 (mk_usize 2) + +unfold +let impl_i16__to_le_bytes = impl_i16__to_le_bytes' + +let impl_i16__rem_euclid (x y: i16) + : Prims.Pure i16 (requires y <>. mk_i16 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_i16 x y + +let impl_i16__abs (x: i16) : Prims.Pure i16 (requires x >. impl_i16__MIN) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.abs_i16 x + +let impl_i32__MIN: i32 = mk_i32 (-2147483648) + +let impl_i32__MAX: i32 = mk_i32 2147483647 + +let impl_i32__BITS: u32 = mk_u32 32 + +let impl_i32__wrapping_add (x y: i32) : i32 = Rust_primitives.Arithmetic.wrapping_add_i32 x y + +let impl_i32__saturating_add (x y: i32) : i32 = Rust_primitives.Arithmetic.saturating_add_i32 x y + +let impl_i32__overflowing_add (x y: i32) : (i32 & bool) = + Rust_primitives.Arithmetic.overflowing_add_i32 x y + +let impl_i32__wrapping_sub (x y: i32) : i32 = Rust_primitives.Arithmetic.wrapping_sub_i32 x y + +let impl_i32__saturating_sub (x y: i32) : i32 = Rust_primitives.Arithmetic.saturating_sub_i32 x y + +let impl_i32__overflowing_sub (x y: i32) : (i32 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_i32 x y + +let impl_i32__wrapping_mul (x y: i32) : i32 = Rust_primitives.Arithmetic.wrapping_mul_i32 x y + +let impl_i32__saturating_mul (x y: i32) : i32 = Rust_primitives.Arithmetic.saturating_mul_i32 x y + +let impl_i32__overflowing_mul (x y: i32) : (i32 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_i32 x y + +let impl_i32__pow (x: i32) (exp: u32) : i32 = Rust_primitives.Arithmetic.pow_i32 x exp + +let impl_i32__count_ones (x: i32) : u32 = Rust_primitives.Arithmetic.count_ones_i32 x + +assume +val impl_i32__rotate_right': x: i32 -> n: u32 -> i32 + +unfold +let impl_i32__rotate_right = impl_i32__rotate_right' + +assume +val impl_i32__rotate_left': x: i32 -> n: u32 -> i32 + +unfold +let impl_i32__rotate_left = impl_i32__rotate_left' + +assume +val impl_i32__leading_zeros': x: i32 -> u32 + +unfold +let impl_i32__leading_zeros = impl_i32__leading_zeros' + +assume +val impl_i32__ilog2': x: i32 -> u32 + +unfold +let impl_i32__ilog2 = impl_i32__ilog2' + +assume +val impl_i32__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result i32 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_i32__from_str_radix = impl_i32__from_str_radix' + +assume +val impl_i32__from_be_bytes': bytes: t_Array u8 (mk_usize 4) -> i32 + +unfold +let impl_i32__from_be_bytes = impl_i32__from_be_bytes' + +assume +val impl_i32__from_le_bytes': bytes: t_Array u8 (mk_usize 4) -> i32 + +unfold +let impl_i32__from_le_bytes = impl_i32__from_le_bytes' + +assume +val impl_i32__to_be_bytes': bytes: i32 -> t_Array u8 (mk_usize 4) + +unfold +let impl_i32__to_be_bytes = impl_i32__to_be_bytes' + +assume +val impl_i32__to_le_bytes': bytes: i32 -> t_Array u8 (mk_usize 4) + +unfold +let impl_i32__to_le_bytes = impl_i32__to_le_bytes' + +let impl_i32__rem_euclid (x y: i32) + : Prims.Pure i32 (requires y <>. mk_i32 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_i32 x y + +let impl_i32__abs (x: i32) : Prims.Pure i32 (requires x >. impl_i32__MIN) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.abs_i32 x + +let impl_i64__MIN: i64 = mk_i64 (-9223372036854775808) + +let impl_i64__MAX: i64 = mk_i64 9223372036854775807 + +let impl_i64__BITS: u32 = mk_u32 64 + +let impl_i64__wrapping_add (x y: i64) : i64 = Rust_primitives.Arithmetic.wrapping_add_i64 x y + +let impl_i64__saturating_add (x y: i64) : i64 = Rust_primitives.Arithmetic.saturating_add_i64 x y + +let impl_i64__overflowing_add (x y: i64) : (i64 & bool) = + Rust_primitives.Arithmetic.overflowing_add_i64 x y + +let impl_i64__wrapping_sub (x y: i64) : i64 = Rust_primitives.Arithmetic.wrapping_sub_i64 x y + +let impl_i64__saturating_sub (x y: i64) : i64 = Rust_primitives.Arithmetic.saturating_sub_i64 x y + +let impl_i64__overflowing_sub (x y: i64) : (i64 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_i64 x y + +let impl_i64__wrapping_mul (x y: i64) : i64 = Rust_primitives.Arithmetic.wrapping_mul_i64 x y + +let impl_i64__saturating_mul (x y: i64) : i64 = Rust_primitives.Arithmetic.saturating_mul_i64 x y + +let impl_i64__overflowing_mul (x y: i64) : (i64 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_i64 x y + +let impl_i64__pow (x: i64) (exp: u32) : i64 = Rust_primitives.Arithmetic.pow_i64 x exp + +let impl_i64__count_ones (x: i64) : u32 = Rust_primitives.Arithmetic.count_ones_i64 x + +assume +val impl_i64__rotate_right': x: i64 -> n: u32 -> i64 + +unfold +let impl_i64__rotate_right = impl_i64__rotate_right' + +assume +val impl_i64__rotate_left': x: i64 -> n: u32 -> i64 + +unfold +let impl_i64__rotate_left = impl_i64__rotate_left' + +assume +val impl_i64__leading_zeros': x: i64 -> u32 + +unfold +let impl_i64__leading_zeros = impl_i64__leading_zeros' + +assume +val impl_i64__ilog2': x: i64 -> u32 + +unfold +let impl_i64__ilog2 = impl_i64__ilog2' + +assume +val impl_i64__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result i64 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_i64__from_str_radix = impl_i64__from_str_radix' + +assume +val impl_i64__from_be_bytes': bytes: t_Array u8 (mk_usize 8) -> i64 + +unfold +let impl_i64__from_be_bytes = impl_i64__from_be_bytes' + +assume +val impl_i64__from_le_bytes': bytes: t_Array u8 (mk_usize 8) -> i64 + +unfold +let impl_i64__from_le_bytes = impl_i64__from_le_bytes' + +assume +val impl_i64__to_be_bytes': bytes: i64 -> t_Array u8 (mk_usize 8) + +unfold +let impl_i64__to_be_bytes = impl_i64__to_be_bytes' + +assume +val impl_i64__to_le_bytes': bytes: i64 -> t_Array u8 (mk_usize 8) + +unfold +let impl_i64__to_le_bytes = impl_i64__to_le_bytes' + +let impl_i64__rem_euclid (x y: i64) + : Prims.Pure i64 (requires y <>. mk_i64 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_i64 x y + +let impl_i64__abs (x: i64) : Prims.Pure i64 (requires x >. impl_i64__MIN) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.abs_i64 x + +let impl_i128__MIN: i128 = mk_i128 (-170141183460469231731687303715884105728) + +let impl_i128__MAX: i128 = mk_i128 170141183460469231731687303715884105727 + +let impl_i128__BITS: u32 = mk_u32 128 + +let impl_i128__wrapping_add (x y: i128) : i128 = Rust_primitives.Arithmetic.wrapping_add_i128 x y + +let impl_i128__saturating_add (x y: i128) : i128 = + Rust_primitives.Arithmetic.saturating_add_i128 x y + +let impl_i128__overflowing_add (x y: i128) : (i128 & bool) = + Rust_primitives.Arithmetic.overflowing_add_i128 x y + +let impl_i128__wrapping_sub (x y: i128) : i128 = Rust_primitives.Arithmetic.wrapping_sub_i128 x y + +let impl_i128__saturating_sub (x y: i128) : i128 = + Rust_primitives.Arithmetic.saturating_sub_i128 x y + +let impl_i128__overflowing_sub (x y: i128) : (i128 & bool) = + Rust_primitives.Arithmetic.overflowing_sub_i128 x y + +let impl_i128__wrapping_mul (x y: i128) : i128 = Rust_primitives.Arithmetic.wrapping_mul_i128 x y + +let impl_i128__saturating_mul (x y: i128) : i128 = + Rust_primitives.Arithmetic.saturating_mul_i128 x y + +let impl_i128__overflowing_mul (x y: i128) : (i128 & bool) = + Rust_primitives.Arithmetic.overflowing_mul_i128 x y + +let impl_i128__pow (x: i128) (exp: u32) : i128 = Rust_primitives.Arithmetic.pow_i128 x exp + +let impl_i128__count_ones (x: i128) : u32 = Rust_primitives.Arithmetic.count_ones_i128 x + +assume +val impl_i128__rotate_right': x: i128 -> n: u32 -> i128 + +unfold +let impl_i128__rotate_right = impl_i128__rotate_right' + +assume +val impl_i128__rotate_left': x: i128 -> n: u32 -> i128 + +unfold +let impl_i128__rotate_left = impl_i128__rotate_left' + +assume +val impl_i128__leading_zeros': x: i128 -> u32 + +unfold +let impl_i128__leading_zeros = impl_i128__leading_zeros' + +assume +val impl_i128__ilog2': x: i128 -> u32 + +unfold +let impl_i128__ilog2 = impl_i128__ilog2' + +assume +val impl_i128__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result i128 Core_models.Num.Error.t_ParseIntError + +unfold +let impl_i128__from_str_radix = impl_i128__from_str_radix' + +assume +val impl_i128__from_be_bytes': bytes: t_Array u8 (mk_usize 16) -> i128 + +unfold +let impl_i128__from_be_bytes = impl_i128__from_be_bytes' + +assume +val impl_i128__from_le_bytes': bytes: t_Array u8 (mk_usize 16) -> i128 + +unfold +let impl_i128__from_le_bytes = impl_i128__from_le_bytes' + +assume +val impl_i128__to_be_bytes': bytes: i128 -> t_Array u8 (mk_usize 16) + +unfold +let impl_i128__to_be_bytes = impl_i128__to_be_bytes' + +assume +val impl_i128__to_le_bytes': bytes: i128 -> t_Array u8 (mk_usize 16) + +unfold +let impl_i128__to_le_bytes = impl_i128__to_le_bytes' + +let impl_i128__rem_euclid (x y: i128) + : Prims.Pure i128 (requires y <>. mk_i128 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_i128 x y + +let impl_i128__abs (x: i128) + : Prims.Pure i128 (requires x >. impl_i128__MIN) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.abs_i128 x + +let impl_isize__MIN: isize = Rust_primitives.Arithmetic.v_ISIZE_MIN + +let impl_isize__MAX: isize = Rust_primitives.Arithmetic.v_ISIZE_MAX + +let impl_isize__BITS: u32 = Rust_primitives.Arithmetic.v_SIZE_BITS + +let impl_isize__wrapping_add (x y: isize) : isize = + Rust_primitives.Arithmetic.wrapping_add_isize x y + +let impl_isize__saturating_add (x y: isize) : isize = + Rust_primitives.Arithmetic.saturating_add_isize x y + +let impl_isize__overflowing_add (x y: isize) : (isize & bool) = + Rust_primitives.Arithmetic.overflowing_add_isize x y + +let impl_isize__wrapping_sub (x y: isize) : isize = + Rust_primitives.Arithmetic.wrapping_sub_isize x y + +let impl_isize__saturating_sub (x y: isize) : isize = + Rust_primitives.Arithmetic.saturating_sub_isize x y + +let impl_isize__overflowing_sub (x y: isize) : (isize & bool) = + Rust_primitives.Arithmetic.overflowing_sub_isize x y + +let impl_isize__wrapping_mul (x y: isize) : isize = + Rust_primitives.Arithmetic.wrapping_mul_isize x y + +let impl_isize__saturating_mul (x y: isize) : isize = + Rust_primitives.Arithmetic.saturating_mul_isize x y + +let impl_isize__overflowing_mul (x y: isize) : (isize & bool) = + Rust_primitives.Arithmetic.overflowing_mul_isize x y + +let impl_isize__pow (x: isize) (exp: u32) : isize = Rust_primitives.Arithmetic.pow_isize x exp + +let impl_isize__count_ones (x: isize) : u32 = Rust_primitives.Arithmetic.count_ones_isize x + +assume +val impl_isize__rotate_right': x: isize -> n: u32 -> isize + +unfold +let impl_isize__rotate_right = impl_isize__rotate_right' + +assume +val impl_isize__rotate_left': x: isize -> n: u32 -> isize + +unfold +let impl_isize__rotate_left = impl_isize__rotate_left' + +assume +val impl_isize__leading_zeros': x: isize -> u32 + +unfold +let impl_isize__leading_zeros = impl_isize__leading_zeros' + +assume +val impl_isize__ilog2': x: isize -> u32 + +unfold +let impl_isize__ilog2 = impl_isize__ilog2' + +assume +val impl_isize__from_str_radix': src: string -> radix: u32 + -> Core_models.Result.t_Result isize Core_models.Num.Error.t_ParseIntError + +unfold +let impl_isize__from_str_radix = impl_isize__from_str_radix' + +assume +val impl_isize__from_be_bytes': bytes: t_Array u8 (mk_usize 0) -> isize + +unfold +let impl_isize__from_be_bytes = impl_isize__from_be_bytes' + +assume +val impl_isize__from_le_bytes': bytes: t_Array u8 (mk_usize 0) -> isize + +unfold +let impl_isize__from_le_bytes = impl_isize__from_le_bytes' + +assume +val impl_isize__to_be_bytes': bytes: isize -> t_Array u8 (mk_usize 0) + +unfold +let impl_isize__to_be_bytes = impl_isize__to_be_bytes' + +assume +val impl_isize__to_le_bytes': bytes: isize -> t_Array u8 (mk_usize 0) + +unfold +let impl_isize__to_le_bytes = impl_isize__to_le_bytes' + +let impl_isize__rem_euclid (x y: isize) + : Prims.Pure isize (requires y <>. mk_isize 0) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.rem_euclid_isize x y + +let impl_isize__abs (x: isize) + : Prims.Pure isize (requires x >. impl_isize__MIN) (fun _ -> Prims.l_True) = + Rust_primitives.Arithmetic.abs_isize x diff --git a/hax-lib/proof-libs/fstar/core/Core_models.Num.fsti b/hax-lib/proof-libs/fstar/core/Core_models.Num.fsti deleted file mode 100644 index 5dbb5da3b..000000000 --- a/hax-lib/proof-libs/fstar/core/Core_models.Num.fsti +++ /dev/null @@ -1,724 +0,0 @@ -module Core_models.Num -#set-options "--fuel 0 --ifuel 1 --z3rlimit 15" -open FStar.Mul -open Rust_primitives - -let impl_u8__MIN: u8 = mk_u8 0 - -let impl_u8__MAX: u8 = mk_u8 255 - -let impl_u8__BITS: u32 = mk_u32 8 - -val impl_u8__wrapping_add (x y: u8) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__saturating_add (x y: u8) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__overflowing_add (x y: u8) : Prims.Pure (u8 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__wrapping_sub (x y: u8) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__saturating_sub (x y: u8) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__overflowing_sub (x y: u8) : Prims.Pure (u8 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__wrapping_mul (x y: u8) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__saturating_mul (x y: u8) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__overflowing_mul (x y: u8) : Prims.Pure (u8 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__pow (x: u8) (exp: u32) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__count_ones (x: u8) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__rotate_right (x: u8) (n: u32) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__rotate_left (x: u8) (n: u32) : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__leading_zeros (x: u8) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__ilog2 (x: u8) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__from_str_radix (src: string) (radix: u32) - : Prims.Pure (Core_models.Result.t_Result u8 Core_models.Num.Error.t_ParseIntError) - Prims.l_True - (fun _ -> Prims.l_True) - -val impl_u8__from_be_bytes (bytes: t_Array u8 (mk_usize 1)) - : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__from_le_bytes (bytes: t_Array u8 (mk_usize 1)) - : Prims.Pure u8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__to_be_bytes (bytes: u8) - : Prims.Pure (t_Array u8 (mk_usize 1)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__to_le_bytes (bytes: u8) - : Prims.Pure (t_Array u8 (mk_usize 1)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u8__rem_euclid (x y: u8) : Prims.Pure u8 (requires y <>. mk_u8 0) (fun _ -> Prims.l_True) - -let impl_u16__MIN: u16 = mk_u16 0 - -let impl_u16__MAX: u16 = mk_u16 65535 - -let impl_u16__BITS: u32 = mk_u32 16 - -val impl_u16__wrapping_add (x y: u16) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__saturating_add (x y: u16) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__overflowing_add (x y: u16) - : Prims.Pure (u16 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__wrapping_sub (x y: u16) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__saturating_sub (x y: u16) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__overflowing_sub (x y: u16) - : Prims.Pure (u16 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__wrapping_mul (x y: u16) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__saturating_mul (x y: u16) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__overflowing_mul (x y: u16) - : Prims.Pure (u16 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__pow (x: u16) (exp: u32) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__count_ones (x: u16) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__rotate_right (x: u16) (n: u32) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__rotate_left (x: u16) (n: u32) : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__leading_zeros (x: u16) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__ilog2 (x: u16) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__from_str_radix (src: string) (radix: u32) - : Prims.Pure (Core_models.Result.t_Result u16 Core_models.Num.Error.t_ParseIntError) - Prims.l_True - (fun _ -> Prims.l_True) - -val impl_u16__from_be_bytes (bytes: t_Array u16 (mk_usize 2)) - : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__from_le_bytes (bytes: t_Array u16 (mk_usize 2)) - : Prims.Pure u16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__to_be_bytes (bytes: u16) - : Prims.Pure (t_Array u16 (mk_usize 2)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__to_le_bytes (bytes: u16) - : Prims.Pure (t_Array u16 (mk_usize 2)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u16__rem_euclid (x y: u16) - : Prims.Pure u16 (requires y <>. mk_u16 0) (fun _ -> Prims.l_True) - -let impl_u32__MIN: u32 = mk_u32 0 - -let impl_u32__MAX: u32 = mk_u32 4294967295 - -let impl_u32__BITS: u32 = mk_u32 32 - -val impl_u32__wrapping_add (x y: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__saturating_add (x y: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__overflowing_add (x y: u32) - : Prims.Pure (u32 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__wrapping_sub (x y: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__saturating_sub (x y: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__overflowing_sub (x y: u32) - : Prims.Pure (u32 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__wrapping_mul (x y: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__saturating_mul (x y: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__overflowing_mul (x y: u32) - : Prims.Pure (u32 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__pow (x exp: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__count_ones (x: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__rotate_right (x n: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__rotate_left (x n: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__leading_zeros (x: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__ilog2 (x: u32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__from_str_radix (src: string) (radix: u32) - : Prims.Pure (Core_models.Result.t_Result u32 Core_models.Num.Error.t_ParseIntError) - Prims.l_True - (fun _ -> Prims.l_True) - -val impl_u32__from_be_bytes (bytes: t_Array u32 (mk_usize 4)) - : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__from_le_bytes (bytes: t_Array u32 (mk_usize 4)) - : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__to_be_bytes (bytes: u32) - : Prims.Pure (t_Array u32 (mk_usize 4)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__to_le_bytes (bytes: u32) - : Prims.Pure (t_Array u32 (mk_usize 4)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u32__rem_euclid (x y: u32) - : Prims.Pure u32 (requires y <>. mk_u32 0) (fun _ -> Prims.l_True) - -let impl_u64__MIN: u64 = mk_u64 0 - -let impl_u64__MAX: u64 = mk_u64 18446744073709551615 - -let impl_u64__BITS: u32 = mk_u32 64 - -val impl_u64__wrapping_add (x y: u64) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__saturating_add (x y: u64) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__overflowing_add (x y: u64) - : Prims.Pure (u64 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__wrapping_sub (x y: u64) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__saturating_sub (x y: u64) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__overflowing_sub (x y: u64) - : Prims.Pure (u64 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__wrapping_mul (x y: u64) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__saturating_mul (x y: u64) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__overflowing_mul (x y: u64) - : Prims.Pure (u64 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__pow (x: u64) (exp: u32) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__count_ones (x: u64) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__rotate_right (x: u64) (n: u32) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__rotate_left (x: u64) (n: u32) : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__leading_zeros (x: u64) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__ilog2 (x: u64) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__from_str_radix (src: string) (radix: u32) - : Prims.Pure (Core_models.Result.t_Result u64 Core_models.Num.Error.t_ParseIntError) - Prims.l_True - (fun _ -> Prims.l_True) - -val impl_u64__from_be_bytes (bytes: t_Array u64 (mk_usize 8)) - : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__from_le_bytes (bytes: t_Array u64 (mk_usize 8)) - : Prims.Pure u64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__to_be_bytes (bytes: u64) - : Prims.Pure (t_Array u64 (mk_usize 8)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__to_le_bytes (bytes: u64) - : Prims.Pure (t_Array u64 (mk_usize 8)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u64__rem_euclid (x y: u64) - : Prims.Pure u64 (requires y <>. mk_u64 0) (fun _ -> Prims.l_True) - -let impl_u128__MIN: u128 = mk_u128 0 - -let impl_u128__MAX: u128 = mk_u128 340282366920938463463374607431768211455 - -let impl_u128__BITS: u32 = mk_u32 128 - -val impl_u128__wrapping_add (x y: u128) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__saturating_add (x y: u128) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__overflowing_add (x y: u128) - : Prims.Pure (u128 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__wrapping_sub (x y: u128) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__saturating_sub (x y: u128) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__overflowing_sub (x y: u128) - : Prims.Pure (u128 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__wrapping_mul (x y: u128) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__saturating_mul (x y: u128) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__overflowing_mul (x y: u128) - : Prims.Pure (u128 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__pow (x: u128) (exp: u32) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__count_ones (x: u128) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__rotate_right (x: u128) (n: u32) - : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__rotate_left (x: u128) (n: u32) : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__leading_zeros (x: u128) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__ilog2 (x: u128) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__from_str_radix (src: string) (radix: u32) - : Prims.Pure (Core_models.Result.t_Result u128 Core_models.Num.Error.t_ParseIntError) - Prims.l_True - (fun _ -> Prims.l_True) - -val impl_u128__from_be_bytes (bytes: t_Array u128 (mk_usize 16)) - : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__from_le_bytes (bytes: t_Array u128 (mk_usize 16)) - : Prims.Pure u128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__to_be_bytes (bytes: u128) - : Prims.Pure (t_Array u128 (mk_usize 16)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__to_le_bytes (bytes: u128) - : Prims.Pure (t_Array u128 (mk_usize 16)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_u128__rem_euclid (x y: u128) - : Prims.Pure u128 (requires y <>. mk_u128 0) (fun _ -> Prims.l_True) - -let impl_usize__MIN: usize = mk_usize 0 - -let impl_usize__MAX: usize = Rust_primitives.Arithmetic.v_USIZE_MAX - -let impl_usize__BITS: u32 = Rust_primitives.Arithmetic.v_SIZE_BITS - -val impl_usize__wrapping_add (x y: usize) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__saturating_add (x y: usize) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__overflowing_add (x y: usize) - : Prims.Pure (usize & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__wrapping_sub (x y: usize) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__saturating_sub (x y: usize) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__overflowing_sub (x y: usize) - : Prims.Pure (usize & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__wrapping_mul (x y: usize) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__saturating_mul (x y: usize) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__overflowing_mul (x y: usize) - : Prims.Pure (usize & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__pow (x: usize) (exp: u32) : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__count_ones (x: usize) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__rotate_right (x: usize) (n: u32) - : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__rotate_left (x: usize) (n: u32) - : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__leading_zeros (x: usize) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__ilog2 (x: usize) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__from_str_radix (src: string) (radix: u32) - : Prims.Pure (Core_models.Result.t_Result usize Core_models.Num.Error.t_ParseIntError) - Prims.l_True - (fun _ -> Prims.l_True) - -val impl_usize__from_be_bytes (bytes: t_Array usize (mk_usize 0)) - : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__from_le_bytes (bytes: t_Array usize (mk_usize 0)) - : Prims.Pure usize Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__to_be_bytes (bytes: usize) - : Prims.Pure (t_Array usize (mk_usize 0)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__to_le_bytes (bytes: usize) - : Prims.Pure (t_Array usize (mk_usize 0)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_usize__rem_euclid (x y: usize) - : Prims.Pure usize (requires y <>. mk_usize 0) (fun _ -> Prims.l_True) - -let impl_i8__MIN: i8 = mk_i8 (-128) - -let impl_i8__MAX: i8 = mk_i8 127 - -let impl_i8__BITS: u32 = mk_u32 8 - -val impl_i8__wrapping_add (x y: i8) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__saturating_add (x y: i8) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__overflowing_add (x y: i8) : Prims.Pure (i8 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__wrapping_sub (x y: i8) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__saturating_sub (x y: i8) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__overflowing_sub (x y: i8) : Prims.Pure (i8 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__wrapping_mul (x y: i8) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__saturating_mul (x y: i8) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__overflowing_mul (x y: i8) : Prims.Pure (i8 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__pow (x: i8) (exp: u32) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__count_ones (x: i8) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__rotate_right (x: i8) (n: u32) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__rotate_left (x: i8) (n: u32) : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__leading_zeros (x: i8) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__ilog2 (x: i8) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__from_str_radix (src: string) (radix: u32) - : Prims.Pure (Core_models.Result.t_Result i8 Core_models.Num.Error.t_ParseIntError) - Prims.l_True - (fun _ -> Prims.l_True) - -val impl_i8__from_be_bytes (bytes: t_Array i8 (mk_usize 1)) - : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__from_le_bytes (bytes: t_Array i8 (mk_usize 1)) - : Prims.Pure i8 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__to_be_bytes (bytes: i8) - : Prims.Pure (t_Array i8 (mk_usize 1)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__to_le_bytes (bytes: i8) - : Prims.Pure (t_Array i8 (mk_usize 1)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i8__rem_euclid (x y: i8) : Prims.Pure i8 (requires y <>. mk_i8 0) (fun _ -> Prims.l_True) - -val impl_i8__abs (x: i8) : Prims.Pure i8 (requires x >. impl_i8__MIN) (fun _ -> Prims.l_True) - -let impl_i16__MIN: i16 = mk_i16 (-32768) - -let impl_i16__MAX: i16 = mk_i16 32767 - -let impl_i16__BITS: u32 = mk_u32 16 - -val impl_i16__wrapping_add (x y: i16) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__saturating_add (x y: i16) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__overflowing_add (x y: i16) - : Prims.Pure (i16 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__wrapping_sub (x y: i16) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__saturating_sub (x y: i16) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__overflowing_sub (x y: i16) - : Prims.Pure (i16 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__wrapping_mul (x y: i16) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__saturating_mul (x y: i16) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__overflowing_mul (x y: i16) - : Prims.Pure (i16 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__pow (x: i16) (exp: u32) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__count_ones (x: i16) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__rotate_right (x: i16) (n: u32) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__rotate_left (x: i16) (n: u32) : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__leading_zeros (x: i16) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__ilog2 (x: i16) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__from_str_radix (src: string) (radix: u32) - : Prims.Pure (Core_models.Result.t_Result i16 Core_models.Num.Error.t_ParseIntError) - Prims.l_True - (fun _ -> Prims.l_True) - -val impl_i16__from_be_bytes (bytes: t_Array i16 (mk_usize 2)) - : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__from_le_bytes (bytes: t_Array i16 (mk_usize 2)) - : Prims.Pure i16 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__to_be_bytes (bytes: i16) - : Prims.Pure (t_Array i16 (mk_usize 2)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__to_le_bytes (bytes: i16) - : Prims.Pure (t_Array i16 (mk_usize 2)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i16__rem_euclid (x y: i16) - : Prims.Pure i16 (requires y <>. mk_i16 0) (fun _ -> Prims.l_True) - -val impl_i16__abs (x: i16) : Prims.Pure i16 (requires x >. impl_i16__MIN) (fun _ -> Prims.l_True) - -let impl_i32__MIN: i32 = mk_i32 (-2147483648) - -let impl_i32__MAX: i32 = mk_i32 2147483647 - -let impl_i32__BITS: u32 = mk_u32 32 - -val impl_i32__wrapping_add (x y: i32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__saturating_add (x y: i32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__overflowing_add (x y: i32) - : Prims.Pure (i32 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__wrapping_sub (x y: i32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__saturating_sub (x y: i32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__overflowing_sub (x y: i32) - : Prims.Pure (i32 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__wrapping_mul (x y: i32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__saturating_mul (x y: i32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__overflowing_mul (x y: i32) - : Prims.Pure (i32 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__pow (x: i32) (exp: u32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__count_ones (x: i32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__rotate_right (x: i32) (n: u32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__rotate_left (x: i32) (n: u32) : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__leading_zeros (x: i32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__ilog2 (x: i32) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__from_str_radix (src: string) (radix: u32) - : Prims.Pure (Core_models.Result.t_Result i32 Core_models.Num.Error.t_ParseIntError) - Prims.l_True - (fun _ -> Prims.l_True) - -val impl_i32__from_be_bytes (bytes: t_Array i32 (mk_usize 4)) - : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__from_le_bytes (bytes: t_Array i32 (mk_usize 4)) - : Prims.Pure i32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__to_be_bytes (bytes: i32) - : Prims.Pure (t_Array i32 (mk_usize 4)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__to_le_bytes (bytes: i32) - : Prims.Pure (t_Array i32 (mk_usize 4)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i32__rem_euclid (x y: i32) - : Prims.Pure i32 (requires y <>. mk_i32 0) (fun _ -> Prims.l_True) - -val impl_i32__abs (x: i32) : Prims.Pure i32 (requires x >. impl_i32__MIN) (fun _ -> Prims.l_True) - -let impl_i64__MIN: i64 = mk_i64 (-9223372036854775808) - -let impl_i64__MAX: i64 = mk_i64 9223372036854775807 - -let impl_i64__BITS: u32 = mk_u32 64 - -val impl_i64__wrapping_add (x y: i64) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__saturating_add (x y: i64) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__overflowing_add (x y: i64) - : Prims.Pure (i64 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__wrapping_sub (x y: i64) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__saturating_sub (x y: i64) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__overflowing_sub (x y: i64) - : Prims.Pure (i64 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__wrapping_mul (x y: i64) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__saturating_mul (x y: i64) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__overflowing_mul (x y: i64) - : Prims.Pure (i64 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__pow (x: i64) (exp: u32) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__count_ones (x: i64) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__rotate_right (x: i64) (n: u32) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__rotate_left (x: i64) (n: u32) : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__leading_zeros (x: i64) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__ilog2 (x: i64) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__from_str_radix (src: string) (radix: u32) - : Prims.Pure (Core_models.Result.t_Result i64 Core_models.Num.Error.t_ParseIntError) - Prims.l_True - (fun _ -> Prims.l_True) - -val impl_i64__from_be_bytes (bytes: t_Array i64 (mk_usize 8)) - : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__from_le_bytes (bytes: t_Array i64 (mk_usize 8)) - : Prims.Pure i64 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__to_be_bytes (bytes: i64) - : Prims.Pure (t_Array i64 (mk_usize 8)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__to_le_bytes (bytes: i64) - : Prims.Pure (t_Array i64 (mk_usize 8)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i64__rem_euclid (x y: i64) - : Prims.Pure i64 (requires y <>. mk_i64 0) (fun _ -> Prims.l_True) - -val impl_i64__abs (x: i64) : Prims.Pure i64 (requires x >. impl_i64__MIN) (fun _ -> Prims.l_True) - -let impl_i128__MIN: i128 = mk_i128 (-170141183460469231731687303715884105728) - -let impl_i128__MAX: i128 = mk_i128 170141183460469231731687303715884105727 - -let impl_i128__BITS: u32 = mk_u32 128 - -val impl_i128__wrapping_add (x y: i128) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__saturating_add (x y: i128) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__overflowing_add (x y: i128) - : Prims.Pure (i128 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__wrapping_sub (x y: i128) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__saturating_sub (x y: i128) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__overflowing_sub (x y: i128) - : Prims.Pure (i128 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__wrapping_mul (x y: i128) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__saturating_mul (x y: i128) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__overflowing_mul (x y: i128) - : Prims.Pure (i128 & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__pow (x: i128) (exp: u32) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__count_ones (x: i128) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__rotate_right (x: i128) (n: u32) - : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__rotate_left (x: i128) (n: u32) : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__leading_zeros (x: i128) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__ilog2 (x: i128) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__from_str_radix (src: string) (radix: u32) - : Prims.Pure (Core_models.Result.t_Result i128 Core_models.Num.Error.t_ParseIntError) - Prims.l_True - (fun _ -> Prims.l_True) - -val impl_i128__from_be_bytes (bytes: t_Array i128 (mk_usize 16)) - : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__from_le_bytes (bytes: t_Array i128 (mk_usize 16)) - : Prims.Pure i128 Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__to_be_bytes (bytes: i128) - : Prims.Pure (t_Array i128 (mk_usize 16)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__to_le_bytes (bytes: i128) - : Prims.Pure (t_Array i128 (mk_usize 16)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_i128__rem_euclid (x y: i128) - : Prims.Pure i128 (requires y <>. mk_i128 0) (fun _ -> Prims.l_True) - -val impl_i128__abs (x: i128) - : Prims.Pure i128 (requires x >. impl_i128__MIN) (fun _ -> Prims.l_True) - -let impl_isize__MIN: isize = Rust_primitives.Arithmetic.v_ISIZE_MIN - -let impl_isize__MAX: isize = Rust_primitives.Arithmetic.v_ISIZE_MAX - -let impl_isize__BITS: u32 = Rust_primitives.Arithmetic.v_SIZE_BITS - -val impl_isize__wrapping_add (x y: isize) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__saturating_add (x y: isize) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__overflowing_add (x y: isize) - : Prims.Pure (isize & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__wrapping_sub (x y: isize) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__saturating_sub (x y: isize) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__overflowing_sub (x y: isize) - : Prims.Pure (isize & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__wrapping_mul (x y: isize) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__saturating_mul (x y: isize) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__overflowing_mul (x y: isize) - : Prims.Pure (isize & bool) Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__pow (x: isize) (exp: u32) : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__count_ones (x: isize) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__rotate_right (x: isize) (n: u32) - : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__rotate_left (x: isize) (n: u32) - : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__leading_zeros (x: isize) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__ilog2 (x: isize) : Prims.Pure u32 Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__from_str_radix (src: string) (radix: u32) - : Prims.Pure (Core_models.Result.t_Result isize Core_models.Num.Error.t_ParseIntError) - Prims.l_True - (fun _ -> Prims.l_True) - -val impl_isize__from_be_bytes (bytes: t_Array isize (mk_usize 0)) - : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__from_le_bytes (bytes: t_Array isize (mk_usize 0)) - : Prims.Pure isize Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__to_be_bytes (bytes: isize) - : Prims.Pure (t_Array isize (mk_usize 0)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__to_le_bytes (bytes: isize) - : Prims.Pure (t_Array isize (mk_usize 0)) Prims.l_True (fun _ -> Prims.l_True) - -val impl_isize__rem_euclid (x y: isize) - : Prims.Pure isize (requires y <>. mk_isize 0) (fun _ -> Prims.l_True) - -val impl_isize__abs (x: isize) - : Prims.Pure isize (requires x >. impl_isize__MIN) (fun _ -> Prims.l_True) From 325099b15acf2054b01e7d9bd48e1866bbb501ae Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Tue, 14 Oct 2025 17:50:41 +0200 Subject: [PATCH 13/56] Fix barrett example. --- engine/lib/phases/phase_specialize.ml | 2 ++ engine/names/src/lib.rs | 1 + hax-lib/core-models/src/core/convert.rs | 1 - .../rust_primitives/Rust_primitives.Hax.Machine_int.fsti | 6 ++++++ 4 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Hax.Machine_int.fsti diff --git a/engine/lib/phases/phase_specialize.ml b/engine/lib/phases/phase_specialize.ml index 40b1f6db3..9ebb745de 100644 --- a/engine/lib/phases/phase_specialize.ml +++ b/engine/lib/phases/phase_specialize.ml @@ -205,6 +205,8 @@ module Make (F : Features.T) = Rust_primitives__hax__machine_int__ne; mint_mint_any Core__cmp__PartialEq__eq Rust_primitives__hax__machine_int__eq; + mint_any Core__ops__arith__Neg__neg + Rust_primitives__hax__machine_int__neg; int_int_any Core__ops__arith__Add__add Rust_primitives__hax__int__add; int_int_any Core__ops__arith__Sub__sub diff --git a/engine/names/src/lib.rs b/engine/names/src/lib.rs index 7a25a2a13..a977b5bac 100644 --- a/engine/names/src/lib.rs +++ b/engine/names/src/lib.rs @@ -272,6 +272,7 @@ mod hax { fn div() {} fn mul() {} fn rem() {} + fn neg() {} fn not() {} fn bitxor() {} diff --git a/hax-lib/core-models/src/core/convert.rs b/hax-lib/core-models/src/core/convert.rs index bb735ee0c..fadf1c24e 100644 --- a/hax-lib/core-models/src/core/convert.rs +++ b/hax-lib/core-models/src/core/convert.rs @@ -132,4 +132,3 @@ int_try_from! { i16 i32 i32 i64 i64 i64 i64 i128 i128 i128 i128 i128 isize isize isize, i8 i8 i16 i8 i16 i32 isize i8 i16 i32 i64 isize i8 i16 i32, } - diff --git a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Hax.Machine_int.fsti b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Hax.Machine_int.fsti new file mode 100644 index 000000000..b1fdf552f --- /dev/null +++ b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Hax.Machine_int.fsti @@ -0,0 +1,6 @@ +module Rust_primitives.Hax.Machine_int + +open Rust_primitives.Integers + +let neg #t x = zero #t -! x + From d73202ddeb604ec2175c139f383e9f4549aa6592 Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Wed, 15 Oct 2025 10:54:55 +0200 Subject: [PATCH 14/56] More precise pow types, move neg. --- engine/lib/phases/phase_specialize.ml | 3 +-- engine/names/src/lib.rs | 5 ++++- .../rust_primitives/Rust_primitives.Arithmetic.fsti | 10 ++++++---- .../Rust_primitives.Hax.Machine_int.fsti | 6 ------ 4 files changed, 11 insertions(+), 13 deletions(-) delete mode 100644 hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Hax.Machine_int.fsti diff --git a/engine/lib/phases/phase_specialize.ml b/engine/lib/phases/phase_specialize.ml index 9ebb745de..846b840bd 100644 --- a/engine/lib/phases/phase_specialize.ml +++ b/engine/lib/phases/phase_specialize.ml @@ -205,8 +205,7 @@ module Make (F : Features.T) = Rust_primitives__hax__machine_int__ne; mint_mint_any Core__cmp__PartialEq__eq Rust_primitives__hax__machine_int__eq; - mint_any Core__ops__arith__Neg__neg - Rust_primitives__hax__machine_int__neg; + mint_any Core__ops__arith__Neg__neg Rust_primitives__arithmetic__neg; int_int_any Core__ops__arith__Add__add Rust_primitives__hax__int__add; int_int_any Core__ops__arith__Sub__sub diff --git a/engine/names/src/lib.rs b/engine/names/src/lib.rs index a977b5bac..2b45125ce 100644 --- a/engine/names/src/lib.rs +++ b/engine/names/src/lib.rs @@ -272,7 +272,6 @@ mod hax { fn div() {} fn mul() {} fn rem() {} - fn neg() {} fn not() {} fn bitxor() {} @@ -305,3 +304,7 @@ mod hax { } fn box_new() {} } + +mod arithmetic { + fn neg() {} +} diff --git a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Arithmetic.fsti b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Arithmetic.fsti index d18c0ecab..87aed3b52 100644 --- a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Arithmetic.fsti +++ b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Arithmetic.fsti @@ -34,7 +34,7 @@ let wrapping_mul_u16 : u16 -> u16 -> u16 = mul_mod val saturating_mul_u16 : u16 -> u16 -> u16 let overflowing_mul_u16 : u16 -> u16 -> u16 & bool = mul_overflow let rem_euclid_u16 (x: u16) (y: u16 {v y <> 0}): u16 = x %! y -val pow_u16 : u16 -> u32 -> u16 +val pow_u16 : x:u16 -> y:u32 -> result : u16 {v x == 2 /\ v y < 16 ==> result == mk_u16 (pow2 (v y))} val count_ones_u16 : u16 -> r:u32{v r <= 16} let wrapping_add_u32 : u32 -> u32 -> u32 = add_mod @@ -51,7 +51,7 @@ let wrapping_mul_u32 : u32 -> u32 -> u32 = mul_mod val saturating_mul_u32 : u32 -> u32 -> u32 let overflowing_mul_u32 : u32 -> u32 -> u32 & bool = mul_overflow let rem_euclid_u32 (x: u32) (y: u32 {v y <> 0}): u32 = x %! y -val pow_u32 : u32 -> u32 -> u32 +val pow_u32 : x:u32 -> y:u32 -> result : u32 {v x == 2 /\ v y <= 16 ==> result == mk_u32 (pow2 (v y))} val count_ones_u32 : u32 -> r:u32{v r <= 32} let wrapping_add_u64 : u64 -> u64 -> u64 = add_mod @@ -129,7 +129,7 @@ let wrapping_mul_i16 : i16 -> i16 -> i16 = mul_mod val saturating_mul_i16 : i16 -> i16 -> i16 let overflowing_mul_i16 : i16 -> i16 -> i16 & bool = mul_overflow let rem_euclid_i16 (x: i16) (y: i16 {v y <> 0}): i16 = x %! y -val pow_i16 : i16 -> u32 -> i16 +val pow_i16 : x: i16 -> y:u32 -> result: i16 {v x == 2 /\ v y < 15 ==> (Math.Lemmas.pow2_lt_compat 15 (v y); result == mk_i16 (pow2 (v y)))} val count_ones_i16 : i16 -> r:u32{v r <= 16} val abs_i16 : i16 -> i16 @@ -143,7 +143,7 @@ let wrapping_mul_i32 : i32 -> i32 -> i32 = mul_mod val saturating_mul_i32 : i32 -> i32 -> i32 let overflowing_mul_i32 : i32 -> i32 -> i32 & bool = mul_overflow let rem_euclid_i32 (x: i32) (y: i32 {v y <> 0}): i32 = x %! y -val pow_i32 : i32 -> u32 -> i32 +val pow_i32 : x : i32 -> y:u32 -> result: i32 {v x == 2 /\ v y <= 16 ==> result == mk_i32 (pow2 (v y))} val count_ones_i32 : i32 -> r:u32{v r <= 32} val abs_i32 : i32 -> i32 @@ -193,3 +193,5 @@ let v_USIZE_MAX = mk_usize max_usize let v_ISIZE_MAX = mk_isize max_isize let v_ISIZE_MIN = mk_isize (minint ISIZE) let v_SIZE_BITS = mk_u32 size_bits + +let neg #t x = zero #t -! x diff --git a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Hax.Machine_int.fsti b/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Hax.Machine_int.fsti deleted file mode 100644 index b1fdf552f..000000000 --- a/hax-lib/proof-libs/fstar/rust_primitives/Rust_primitives.Hax.Machine_int.fsti +++ /dev/null @@ -1,6 +0,0 @@ -module Rust_primitives.Hax.Machine_int - -open Rust_primitives.Integers - -let neg #t x = zero #t -! x - From 7af07af502c9419fe7f70b9197d589b3fc487c41 Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Wed, 15 Oct 2025 11:29:35 +0200 Subject: [PATCH 15/56] Move neg operator in Lean lib. --- hax-lib/proof-libs/lean/Hax/Lib.lean | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hax-lib/proof-libs/lean/Hax/Lib.lean b/hax-lib/proof-libs/lean/Hax/Lib.lean index 6afed31b7..fa10ce548 100644 --- a/hax-lib/proof-libs/lean/Hax/Lib.lean +++ b/hax-lib/proof-libs/lean/Hax/Lib.lean @@ -335,7 +335,7 @@ def ge {α} (x y: α) [(LE α)] [Decidable (x ≥ y)] : Result Bool := end Rust_primitives.Hax.Machine_int @[simp] -def Core.Ops.Arith.Neg.neg {α} [Neg α] (x:α) : Result α := pure (-x) +def Rust_primitives.Arithmetic.neg {α} [Neg α] (x:α) : Result α := pure (-x) /- From cbfc0b618ce2b530d860f3b1f222d0b3cd78055b Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Thu, 23 Oct 2025 10:14:57 +0200 Subject: [PATCH 16/56] Remove unnecessary binding in pattern. --- engine/backends/fstar/fstar_backend.ml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/engine/backends/fstar/fstar_backend.ml b/engine/backends/fstar/fstar_backend.ml index 58a280fd2..b113a72ad 100644 --- a/engine/backends/fstar/fstar_backend.ml +++ b/engine/backends/fstar/fstar_backend.ml @@ -1595,7 +1595,7 @@ struct (* This helps f* in type class resolution *) let constraints_export = constraints_fields - |> List.map ~f:(fun (super_name, _, attrs, typ) -> + |> List.map ~f:(fun (super_name, _, _, typ) -> let super_name = FStar_Ident.string_of_id super_name in let tc_name = FStar_Ident.string_of_id name_id in let typ = FStar_Parser_AST.term_to_string typ in From 53b05f4a03cee3c81f9122657f411a2a3a97200b Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Mon, 27 Oct 2025 10:34:16 +0100 Subject: [PATCH 17/56] Add comment about temporary workaround. --- hax-lib/core-models/src/core/convert.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/hax-lib/core-models/src/core/convert.rs b/hax-lib/core-models/src/core/convert.rs index fadf1c24e..4985e8a82 100644 --- a/hax-lib/core-models/src/core/convert.rs +++ b/hax-lib/core-models/src/core/convert.rs @@ -41,6 +41,7 @@ impl> TryFrom for U { } } +// TODO: reimplement that in Rust when arrays and slices are added to core models #[hax_lib::fstar::after(" instance impl_slice_try_into_array_refined (t: Type0) (len: usize): t_TryInto (s: t_Slice t) (t_Array t len) = { f_Error = Core_models.Array.t_TryFromSliceError; From ba90a5a840101401ed51b44a928dd3b2d89198e8 Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Tue, 25 Nov 2025 11:06:04 +0100 Subject: [PATCH 18/56] Remove mldsa job for evit. --- .github/workflows/mldsa.yml | 56 ------------------------------------- 1 file changed, 56 deletions(-) delete mode 100644 .github/workflows/mldsa.yml diff --git a/.github/workflows/mldsa.yml b/.github/workflows/mldsa.yml deleted file mode 100644 index bab4a38cb..000000000 --- a/.github/workflows/mldsa.yml +++ /dev/null @@ -1,56 +0,0 @@ -name: Extract and lax-check libcrux ML-DSA - -on: - schedule: - - cron: '0 0 * * *' - workflow_dispatch: - -env: - CARGO_TERM_COLOR: always - -jobs: - extract-and-lax-mldsa: - runs-on: "ubuntu-latest" - - steps: - - name: ⤵ Clone Libcrux repository - uses: actions/checkout@v4 - with: - repository: cryspen/libcrux - path: libcrux - - - uses: actions/checkout@v4 - with: - path: hax - - - name: Use local hax-lib - working-directory: libcrux - run: | - cargo remove hax-lib -v -p libcrux-ml-dsa - cargo add hax-lib --path "../hax/hax-lib" -v -p libcrux-ml-dsa - - - uses: DeterminateSystems/nix-installer-action@main - - name: Set up Cachix - uses: cachix/cachix-action@v15 - with: - name: fstar-nix-versions - push: false - - - name: ⤵ Install hax - run: | - nix profile install ./hax - - - name: ⤵ Install FStar - run: nix profile install github:FStarLang/FStar/v2025.03.25 - - - name: 🏃 Extract ML-DSA crate - working-directory: libcrux/libcrux-ml-dsa - run: ./hax.py extract - - - name: 🏃 Lax ML-DSA crate - working-directory: libcrux/libcrux-ml-dsa - run: | - env FSTAR_HOME=${{ github.workspace }}/fstar \ - HAX_HOME=${{ github.workspace }}/hax \ - PATH="${PATH}:${{ github.workspace }}/fstar/bin" \ - ./hax.py prove --admit From 05b96731012d7a44be8c6077667e21c06f4c7393 Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Tue, 25 Nov 2025 11:28:38 +0100 Subject: [PATCH 19/56] Fix formatting. --- rust-engine/src/backends/rust.rs | 35 +++++++------------------------- 1 file changed, 7 insertions(+), 28 deletions(-) diff --git a/rust-engine/src/backends/rust.rs b/rust-engine/src/backends/rust.rs index 0b79c3bf4..f8484cff1 100644 --- a/rust-engine/src/backends/rust.rs +++ b/rust-engine/src/backends/rust.rs @@ -15,10 +15,7 @@ pub struct RustPrinter { impl Printer for RustPrinter { fn resugaring_phases() -> Vec> { - vec![ - Box::new(FunctionsToConstants), - Box::new(Tuples), - ] + vec![Box::new(FunctionsToConstants), Box::new(Tuples)] } const NAME: &str = "Rust"; @@ -136,20 +133,14 @@ const _: () = { } impl<'a, 'b> RustPrinter { - fn generic_params( - &'a self, - generic_params: &'b [GenericParam], - ) -> DocBuilder { + fn generic_params(&'a self, generic_params: &'b [GenericParam]) -> DocBuilder { let generic_params = generic_params .iter() .filter(|p| !matches!(&p.kind, GenericParamKind::Lifetime if p.ident.0.to_string() == "_")) .collect::>(); sep_opt!("<", generic_params, ">") } - fn where_clause( - &'a self, - constraints: &'b [GenericConstraint], - ) -> DocBuilder { + fn where_clause(&'a self, constraints: &'b [GenericConstraint]) -> DocBuilder { if constraints.is_empty() { return nil!(); } @@ -288,10 +279,7 @@ const _: () = { } ] } - fn generic_constraint( - &self, - generic_constraint: &GenericConstraint, - ) -> DocBuilder { + fn generic_constraint(&self, generic_constraint: &GenericConstraint) -> DocBuilder { match generic_constraint { GenericConstraint::Lifetime(s) => docs![s.clone()], GenericConstraint::Type(impl_ident) => docs![impl_ident], @@ -357,10 +345,7 @@ const _: () = { TyKind::Error(_) => todo!("resugaring"), } } - fn resugared_ty_kind( - &self, - resugared_ty_kind: &ResugaredTyKind, - ) -> DocBuilder { + fn resugared_ty_kind(&self, resugared_ty_kind: &ResugaredTyKind) -> DocBuilder { match resugared_ty_kind { ResugaredTyKind::Tuple(types) => print_tuple!(types), } @@ -603,10 +588,7 @@ const _: () = { ExprKind::Error { .. } => todo!("resugaring"), } } - fn resugared_expr_kind( - &self, - resugared_expr_kind: &ResugaredExprKind, - ) -> DocBuilder { + fn resugared_expr_kind(&self, resugared_expr_kind: &ResugaredExprKind) -> DocBuilder { match resugared_expr_kind { ResugaredExprKind::BinOp { .. } => unreachable!("BinOp resugaring not active"), ResugaredExprKind::Tuple(values) => print_tuple!(values), @@ -658,10 +640,7 @@ const _: () = { fn item(&self, item: &Item) -> DocBuilder { docs![&item.meta, item.kind()] } - fn resugared_item_kind( - &self, - resugared_item_kind: &ResugaredItemKind, - ) -> DocBuilder { + fn resugared_item_kind(&self, resugared_item_kind: &ResugaredItemKind) -> DocBuilder { match resugared_item_kind { ResugaredItemKind::Constant { name, body, .. } => { docs![ From 0557f0fdcf8eb2654f8afa64ef6b64cf680f8b90 Mon Sep 17 00:00:00 2001 From: Maxime Buyse Date: Tue, 25 Nov 2025 12:11:32 +0100 Subject: [PATCH 20/56] Primitive neg for lean lib. --- hax-lib/proof-libs/lean/Hax/Lib.lean | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hax-lib/proof-libs/lean/Hax/Lib.lean b/hax-lib/proof-libs/lean/Hax/Lib.lean index 789b710e0..07821191c 100644 --- a/hax-lib/proof-libs/lean/Hax/Lib.lean +++ b/hax-lib/proof-libs/lean/Hax/Lib.lean @@ -273,7 +273,7 @@ def ge {α} (x y: α) [(LE α)] [Decidable (x ≥ y)] : RustM Bool := end Rust_primitives.Hax.Machine_int @[simp, spec] -def Core.Ops.Arith.Neg.neg {α} [Neg α] (x:α) : RustM α := pure (-x) +def Rust_primitives.Arithmetic.neg {α} [Neg α] (x:α) : RustM α := pure (-x) /- From 5885bc04dd07fadb71412f2c65d9c8947e82edc0 Mon Sep 17 00:00:00 2001 From: Alexander Bentkamp Date: Mon, 1 Dec 2025 13:48:00 +0100 Subject: [PATCH 21/56] feat(lean): add pattern-matching on constant literals --- CHANGELOG.md | 1 + rust-engine/src/backends/lean.rs | 7 +++++-- .../toolchain__lean-tests into-lean.snap | 15 +++++++++++++++ tests/lean-tests/src/lib.rs | 1 + tests/lean-tests/src/matching.rs | 19 +++++++++++++++++++ 5 files changed, 41 insertions(+), 2 deletions(-) create mode 100644 tests/lean-tests/src/matching.rs diff --git a/CHANGELOG.md b/CHANGELOG.md index c5bd4d721..d162ac0d4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -31,6 +31,7 @@ Changes to the Lean backend: not introduce extra `do` block (#1746) - Rename `Result` monad to `RustM` to avoid confusion with Rust `Result` type (#1768) - Add support for default methods of traits (#1777) + - Add support for pattern matching on constant literals (#1789) Miscellaneous: - Reserve extraction folder for auto-generated files in Lean examples (#1754) diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index 4d6986546..d5f6cbf11 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -662,9 +662,12 @@ set_option linter.unusedVariables false emit_error!(issue 1712, "Unsupported pattern-matching on arrays") } PatKind::Deref { .. } => unreachable_by_invariant!(Drop_references), - PatKind::Constant { .. } => { - emit_error!(issue 1712, "Unsupported pattern-matching on constants") + PatKind::Constant { + lit: Literal::Float { .. }, + } => { + emit_error!(issue 1788, "Unsupported pattern-matching on floats") } + PatKind::Constant { lit } => docs![lit], PatKind::Construct { constructor, is_record, diff --git a/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap b/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap index d5c9e335f..8466569a8 100644 --- a/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap +++ b/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap @@ -861,6 +861,21 @@ def Lean_tests.Reject_do_dsl.test (pure (Rust_primitives.Hax.Tuple2.mk Rust_primitives.Hax.Tuple0.mk Rust_primitives.Hax.Tuple0.mk)) +def Lean_tests.Matching.test_matching + (x : u32) + (c : Char) + (s : String) + (b : Bool) + : RustM u32 + := do + let x : u32 ← match x with | 0 => (pure (42 : u32)) | _ => (pure (0 : u32)); + let c : u32 ← match c with | 'a' => (pure (42 : u32)) | _ => (pure (0 : u32)); + let s : u32 ← + match s with | "Hello" => (pure (42 : u32)) | _ => (pure (0 : u32)); + let b : u32 ← + match b with | true => (pure (42 : u32)) | false => (pure (0 : u32)); + ((← ((← (x +? c)) +? s)) +? b) + def Lean_tests.Loops.loop1 (_ : Rust_primitives.Hax.Tuple0) : RustM u32 := do let x : u32 := (0 : u32); let x : u32 ← diff --git a/tests/lean-tests/src/lib.rs b/tests/lean-tests/src/lib.rs index c1bf4feaa..7bef89c22 100644 --- a/tests/lean-tests/src/lib.rs +++ b/tests/lean-tests/src/lib.rs @@ -6,6 +6,7 @@ pub mod constants; pub mod enums; pub mod ite; pub mod loops; +pub mod matching; pub mod monadic; pub mod reject_do_dsl; pub mod structs; diff --git a/tests/lean-tests/src/matching.rs b/tests/lean-tests/src/matching.rs new file mode 100644 index 000000000..521ebc396 --- /dev/null +++ b/tests/lean-tests/src/matching.rs @@ -0,0 +1,19 @@ +fn test_matching(x: u32, c: char, s: &str, b: bool) -> u32 { + let x = match x { + 0 => 42, + _ => 0, + }; + let c = match c { + 'a' => 42, + _ => 0, + }; + let s = match s { + "Hello" => 42, + _ => 0, + }; + let b = match b { + true => 42, + false => 0, + }; + return x + c + s + b; +} From 555564d51e61b37ad0943030200b501c92376403 Mon Sep 17 00:00:00 2001 From: Alexander Bentkamp Date: Thu, 27 Nov 2025 19:00:02 +0100 Subject: [PATCH 22/56] feat(lean): add support for shift-left --- CHANGELOG.md | 1 + hax-lib/proof-libs/lean/Hax/Integers/Ops.lean | 31 +++++++++++++++++-- hax-lib/proof-libs/lean/lake-manifest.json | 5 +++ rust-engine/src/backends/lean.rs | 2 ++ .../toolchain__lean-tests into-lean.snap | 1 + tests/lean-tests/src/lib.rs | 1 + 6 files changed, 39 insertions(+), 2 deletions(-) create mode 100644 hax-lib/proof-libs/lean/lake-manifest.json diff --git a/CHANGELOG.md b/CHANGELOG.md index d162ac0d4..f690f8ef4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -32,6 +32,7 @@ Changes to the Lean backend: - Rename `Result` monad to `RustM` to avoid confusion with Rust `Result` type (#1768) - Add support for default methods of traits (#1777) - Add support for pattern matching on constant literals (#1789) + - Add support for shift-left (#1785) Miscellaneous: - Reserve extraction folder for auto-generated files in Lean examples (#1754) diff --git a/hax-lib/proof-libs/lean/Hax/Integers/Ops.lean b/hax-lib/proof-libs/lean/Hax/Integers/Ops.lean index 0f6a3019a..d04920988 100644 --- a/hax-lib/proof-libs/lean/Hax/Integers/Ops.lean +++ b/hax-lib/proof-libs/lean/Hax/Integers/Ops.lean @@ -61,6 +61,14 @@ class HaxShiftRight α β where -/ shiftRight : α → β → RustM α +/--The notation typeclass for left shift that returns a RustM. It enables the + notation `a << HaxSub.sub @[inherit_doc] infixl:70 " *? " => HaxMul.mul @[inherit_doc] infixl:75 " >>>? " => HaxShiftRight.shiftRight +@[inherit_doc] infixl:75 " << HaxShiftLeft.shiftLeft @[inherit_doc] infixl:70 " %? " => HaxRem.rem @[inherit_doc] infixl:70 " /? " => HaxDiv.div @@ -85,7 +94,8 @@ class UnSigned (α: Type) (Mul α), (Div α), (Mod α), - (ShiftRight α) + (ShiftRight α), + (ShiftLeft α) where [deq : DecidableEq α] width : Nat @@ -174,6 +184,12 @@ instance {α : Type} [UnSigned α]: HaxShiftRight α α where if (UnSigned.width α) ≤ (UnSigned.toNat y) then .fail .integerOverflow else pure (x >>> y) +/- Left shift on unsigned rust integers. Panics when shifting by more than the size -/ +instance {α : Type} [UnSigned α]: HaxShiftLeft α α where + shiftLeft x y := + if (UnSigned.width α) ≤ (UnSigned.toNat y) then .fail .integerOverflow + else pure (x <<< y) + /- Signed operations -/ class Signed (α: Type) extends (LE α), @@ -183,7 +199,8 @@ class Signed (α: Type) (Mul α), (Div α), (Mod α), - (ShiftRight α) where + (ShiftRight α), + (ShiftLeft α) where [dec: DecidableEq α] width : Nat toBitVec : α → BitVec width @@ -274,6 +291,15 @@ instance {α : Type} [Signed α] : HaxShiftRight α α where else .fail .integerOverflow +/- Left shifting on signed integers. Panics when shifting by a negative number, + or when shifting by more than the size. -/ +instance {α : Type} [Signed α] : HaxShiftLeft α α where + shiftLeft x y := + if 0 ≤ (Signed.toInt y) && (Signed.toInt y) < Int.ofNat (Signed.width α) then + pure (x <<< y) + else + .fail .integerOverflow + /- Check that all operations are implemented -/ class Operations α where @@ -283,6 +309,7 @@ class Operations α where [instHaxDiv: HaxDiv α] [instHaxRem: HaxRem α] [instHaxShiftRight: HaxShiftRight α α] + [instHaxShiftLeft: HaxShiftLeft α α] instance : Operations u8 where instance : Operations u16 where diff --git a/hax-lib/proof-libs/lean/lake-manifest.json b/hax-lib/proof-libs/lean/lake-manifest.json new file mode 100644 index 000000000..78e122f31 --- /dev/null +++ b/hax-lib/proof-libs/lean/lake-manifest.json @@ -0,0 +1,5 @@ +{"version": "1.1.0", + "packagesDir": ".lake/packages", + "packages": [], + "name": "Hax", + "lakeDir": ".lake"} diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index d5f6cbf11..29bd23540 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -115,6 +115,7 @@ impl Printer for LeanPrinter { binops::rem, binops::div, binops::shr, + binops::shl, binops::bitand, binops::bitxor, binops::logical_op_and, @@ -582,6 +583,7 @@ set_option linter.unusedVariables false binops::div => "/?", binops::rem => "%?", binops::shr => ">>>?", + binops::shl => "<< "&&&?", binops::bitxor => "^^^?", binops::logical_op_and => "&&?", diff --git a/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap b/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap index 8466569a8..86f0b61dd 100644 --- a/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap +++ b/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap @@ -783,6 +783,7 @@ def Lean_tests.binop_resugarings (x : u32) : RustM u32 := do let rem : u32 ← (mul %? (4 : u32)); let div : u32 ← (rem /? (5 : u32)); let rshift : u32 ← (div >>>? x); + let lshift : u32 ← (div << u32 { let rem = mul % 4; let div = rem / 5; let rshift = div >> x; + let lshift = div << x; x } From 768ed971500d17ea98abcd5cf079a02a91f234b1 Mon Sep 17 00:00:00 2001 From: Alexander Bentkamp Date: Mon, 1 Dec 2025 15:23:46 +0100 Subject: [PATCH 23/56] feat(lean): Allow binding of subpatterns in match constructs --- CHANGELOG.md | 1 + engine/backends/lean/lean_backend.ml | 4 ++-- rust-engine/src/backends/lean.rs | 4 ++-- .../snapshots/toolchain__lean-tests into-lean.snap | 13 ++++++++++++- tests/lean-tests/src/matching.rs | 9 ++++++++- 5 files changed, 25 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f690f8ef4..28d6fe8d1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -33,6 +33,7 @@ Changes to the Lean backend: - Add support for default methods of traits (#1777) - Add support for pattern matching on constant literals (#1789) - Add support for shift-left (#1785) + - Add support for binding subpatterns in match constructs (#1790) Miscellaneous: - Reserve extraction folder for auto-generated files in Lean examples (#1754) diff --git a/engine/backends/lean/lean_backend.ml b/engine/backends/lean/lean_backend.ml index f6f7f8e05..d083a61a7 100644 --- a/engine/backends/lean/lean_backend.ml +++ b/engine/backends/lean/lean_backend.ml @@ -15,6 +15,7 @@ include include On.Dyn include On.Unsafe include On.Trait_item_default + include On.As_pattern end) (struct let backend = Diagnostics.Backend.FStar @@ -33,7 +34,7 @@ module SubtypeToInputLanguage and type raw_pointer = Features.Off.raw_pointer and type early_exit = Features.Off.early_exit and type question_mark = Features.Off.question_mark - and type as_pattern = Features.Off.as_pattern + and type as_pattern = Features.On.as_pattern and type lifetime = Features.Off.lifetime and type monadic_action = Features.Off.monadic_action and type arbitrary_lhs = Features.Off.arbitrary_lhs @@ -117,7 +118,6 @@ module TransformToInputLanguage = |> Phases.Drop_return_break_continue |> Phases.Functionalize_loops |> Phases.Reject.Question_mark - |> Phases.Reject.As_pattern |> Phases.Traits_specs |> Phases.Simplify_hoisting |> Phases.Newtype_as_refinement diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index 29bd23540..a4f2cb9f6 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -655,8 +655,8 @@ set_option linter.unusedVariables false (true, _, _) => unreachable_by_invariant!(Local_mutation), (false, BindingMode::ByRef(_), _) => unreachable_by_invariant!(Drop_references), (false, BindingMode::ByValue, None) => docs![var], - (false, BindingMode::ByValue, Some(_)) => { - emit_error!(issue 1712, "Unsupported as-pattern") + (false, BindingMode::ByValue, Some(pat)) => { + docs![var, "@", softline_!(), pat].group() } }, PatKind::Or { sub_pats } => docs![intersperse!(sub_pats, reflow!(" | "))].group(), diff --git a/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap b/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap index 86f0b61dd..4bab08535 100644 --- a/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap +++ b/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap @@ -862,7 +862,7 @@ def Lean_tests.Reject_do_dsl.test (pure (Rust_primitives.Hax.Tuple2.mk Rust_primitives.Hax.Tuple0.mk Rust_primitives.Hax.Tuple0.mk)) -def Lean_tests.Matching.test_matching +def Lean_tests.Matching.test_const_matching (x : u32) (c : Char) (s : String) @@ -877,6 +877,17 @@ def Lean_tests.Matching.test_matching match b with | true => (pure (42 : u32)) | false => (pure (0 : u32)); ((← ((← (x +? c)) +? s)) +? b) +def Lean_tests.Matching.test_binding_subpattern_matching + (x : (Rust_primitives.Hax.Tuple2 u8 (Rust_primitives.Hax.Tuple2 u8 u8))) + : RustM u8 + := do + match x with + | ⟨0, pair@⟨a, b⟩⟩ + => + ((← ((← (a +? b)) +? (Rust_primitives.Hax.Tuple2._0 pair))) + +? (Rust_primitives.Hax.Tuple2._1 pair)) + | _ => (pure (0 : u8)) + def Lean_tests.Loops.loop1 (_ : Rust_primitives.Hax.Tuple0) : RustM u32 := do let x : u32 := (0 : u32); let x : u32 ← diff --git a/tests/lean-tests/src/matching.rs b/tests/lean-tests/src/matching.rs index 521ebc396..16c3c8033 100644 --- a/tests/lean-tests/src/matching.rs +++ b/tests/lean-tests/src/matching.rs @@ -1,4 +1,4 @@ -fn test_matching(x: u32, c: char, s: &str, b: bool) -> u32 { +fn test_const_matching(x: u32, c: char, s: &str, b: bool) -> u32 { let x = match x { 0 => 42, _ => 0, @@ -17,3 +17,10 @@ fn test_matching(x: u32, c: char, s: &str, b: bool) -> u32 { }; return x + c + s + b; } + +fn test_binding_subpattern_matching(x: (u8, (u8, u8))) -> u8 { + match x { + (0, pair @ (a, b)) => a + b + pair.0 + pair.1, + _ => 0, + } +} From e8f2656055f7789d75177892e7db6d132ecf5023 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20Blaudeau?= Date: Thu, 27 Nov 2025 11:40:32 +0100 Subject: [PATCH 24/56] feat(lean): Add basic support for floats --- rust-engine/src/backends/lean.rs | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index a4f2cb9f6..ebd94fa1b 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -431,9 +431,6 @@ set_option linter.unusedVariables false fn expr(&self, Expr { kind, ty, meta: _ }: &Expr) -> DocBuilder { match &**kind { - ExprKind::Literal(int_lit @ Literal::Int { .. }) => { - docs![int_lit, reflow!(" : "), ty].parens().group() - } ExprKind::If { condition, then, @@ -478,6 +475,12 @@ set_option linter.unusedVariables false } } } + ExprKind::Literal(int_lit @ Literal::Int { .. }) => { + docs![int_lit, reflow!(" : "), ty].parens().group() + } + ExprKind::Literal(float_lit @ Literal::Float { .. }) => { + docs![float_lit, reflow!(" : "), ty].parens().group() + } ExprKind::Literal(literal) => docs![literal], ExprKind::Array(exprs) => docs![ "#v[", @@ -788,7 +791,11 @@ set_option linter.unusedVariables false negative, kind: _, } => format!("{}{value}", if *negative { "-" } else { "" }), - Literal::Float { .. } => emit_error!(issue 1715, "Unsupported Float literal"), + Literal::Float { + value, + negative, + kind, + } => format!("{}{value}", if *negative { "-" } else { "" }), }] } @@ -805,7 +812,7 @@ set_option linter.unusedVariables false match primitive_ty { PrimitiveTy::Bool => docs!["Bool"], PrimitiveTy::Int(int_kind) => docs![int_kind], - PrimitiveTy::Float(_) => emit_error!(issue 1715, "Unsupported Float type"), + PrimitiveTy::Float(float_kind) => docs![float_kind], PrimitiveTy::Char => docs!["Char"], PrimitiveTy::Str => docs!["String"], } @@ -828,6 +835,15 @@ set_option linter.unusedVariables false }] } + fn float_kind(&self, float_kind: &FloatKind) -> DocBuilder { + docs![match float_kind { + FloatKind::F16 => "f16", + FloatKind::F32 => "f32", + FloatKind::F64 => "f64", + FloatKind::F128 => "f128", + }] + } + fn generic_value(&self, generic_value: &GenericValue) -> DocBuilder { match generic_value { GenericValue::Ty(ty) => docs![ty], @@ -1248,10 +1264,6 @@ set_option linter.unusedVariables false unreachable_by_invariant!(Drop_references) } - fn float_kind(&self, _float_kind: &FloatKind) -> DocBuilder { - emit_error!(issue 1715, "floats are unsupported") - } - fn dyn_trait_goal(&self, _dyn_trait_goal: &DynTraitGoal) -> DocBuilder { emit_error!(issue 1708, "`dyn` traits are unsupported") } From b5bc691a73120eeb29add09fee9a24c3633f7792 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20Blaudeau?= Date: Thu, 27 Nov 2025 11:43:27 +0100 Subject: [PATCH 25/56] test(lean): added tests for float literals (no lib support yet) --- .../toolchain__lean-tests into-lean.snap | 14 ++++++++++++++ tests/lean-tests/src/floats.rs | 16 ++++++++++++++++ tests/lean-tests/src/lib.rs | 1 + 3 files changed, 31 insertions(+) create mode 100644 tests/lean-tests/src/floats.rs diff --git a/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap b/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap index 4bab08535..f44f94a97 100644 --- a/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap +++ b/test-harness/src/snapshots/toolchain__lean-tests into-lean.snap @@ -654,6 +654,20 @@ def Lean_tests.Loops.Errors.loop4 | (Core.Ops.Control_flow.ControlFlow.Continue e) => (pure (Core.Result.Result.Ok (Rust_primitives.Hax.Tuple2.mk e e))) +def Lean_tests.Floats.N : f32 := RustM.of_isOk (do (pure (1.0 : f32))) (by rfl) + +def Lean_tests.Floats.test + (_ : Rust_primitives.Hax.Tuple0) + : RustM Rust_primitives.Hax.Tuple0 + := do + let l0 : f64 := (1.0 : f64); + let l1 : f64 := (0.9 : f64); + let l2 : f32 := (5.0 : f32); + let l5 : f32 := Lean_tests.Floats.N; + (pure Rust_primitives.Hax.Tuple0.mk) + +def Lean_tests.Floats.f (x : f64) (y : f32) : RustM f32 := do (pure y) + inductive Lean_tests.Enums.E : Type | V1 : Lean_tests.Enums.E | V2 : Lean_tests.Enums.E diff --git a/tests/lean-tests/src/floats.rs b/tests/lean-tests/src/floats.rs new file mode 100644 index 000000000..99213ac82 --- /dev/null +++ b/tests/lean-tests/src/floats.rs @@ -0,0 +1,16 @@ +// Tests on floats +#![allow(dead_code)] +#![allow(unused_variables)] + +const N: f32 = 1.0; + +fn test() { + let l0 = 1.0; + let l1 = 0.9; + let l2 = 5.0f32; + let l5 = N; +} + +fn f(x: f64, y: f32) -> f32 { + y +} diff --git a/tests/lean-tests/src/lib.rs b/tests/lean-tests/src/lib.rs index a5e212909..f969f79db 100644 --- a/tests/lean-tests/src/lib.rs +++ b/tests/lean-tests/src/lib.rs @@ -4,6 +4,7 @@ pub mod comments; pub mod constants; pub mod enums; +pub mod floats; pub mod ite; pub mod loops; pub mod matching; From 12af99b5f1d10898655a9b26b30f67d80678aac5 Mon Sep 17 00:00:00 2001 From: Alexander Bentkamp Date: Thu, 27 Nov 2025 20:20:16 +0100 Subject: [PATCH 26/56] feat(lean): Add library support for floats --- hax-lib/proof-libs/lean/Hax/Float.lean | 27 +++++++++++++++++++ .../proof-libs/lean/Hax/Rust_primitives.lean | 1 + 2 files changed, 28 insertions(+) create mode 100644 hax-lib/proof-libs/lean/Hax/Float.lean diff --git a/hax-lib/proof-libs/lean/Hax/Float.lean b/hax-lib/proof-libs/lean/Hax/Float.lean new file mode 100644 index 000000000..cb85abc11 --- /dev/null +++ b/hax-lib/proof-libs/lean/Hax/Float.lean @@ -0,0 +1,27 @@ +import Hax.Lib +import Hax.Integers.Ops + +abbrev f32 := Float32 +abbrev f64 := Float + +macro "declare_float_ops" typeName:ident : command => + `( + namespace $typeName + + instance : HaxAdd $typeName where + add := fun x y => x + y + + instance : HaxSub $typeName where + sub := fun x y => x - y + + instance : HaxMul $typeName where + mul := fun x y => x * y + + instance : HaxDiv $typeName where + div := fun x y => x / y + + end $typeName + ) + +declare_float_ops f32 +declare_float_ops f64 diff --git a/hax-lib/proof-libs/lean/Hax/Rust_primitives.lean b/hax-lib/proof-libs/lean/Hax/Rust_primitives.lean index bfd84298a..c05e7d11e 100644 --- a/hax-lib/proof-libs/lean/Hax/Rust_primitives.lean +++ b/hax-lib/proof-libs/lean/Hax/Rust_primitives.lean @@ -1,2 +1,3 @@ import Hax.Integers.Ops import Hax.Integers.Spec +import Hax.Float From 8c2e5f33627508353ea43969fa7080bfdc2cfc51 Mon Sep 17 00:00:00 2001 From: Alexander Bentkamp Date: Mon, 1 Dec 2025 09:53:10 +0100 Subject: [PATCH 27/56] chore(lean): Fix for unused variable linter --- rust-engine/src/backends/lean.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index ebd94fa1b..7eaede870 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -794,7 +794,7 @@ set_option linter.unusedVariables false Literal::Float { value, negative, - kind, + kind: _, } => format!("{}{value}", if *negative { "-" } else { "" }), }] } From fc907df896e3c069a7c8e39b53d23f5728cb0b47 Mon Sep 17 00:00:00 2001 From: Alexander Bentkamp Date: Mon, 1 Dec 2025 09:59:37 +0100 Subject: [PATCH 28/56] chore(lean): Add CHANGELOG entry --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 28d6fe8d1..99fbb57a2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -34,6 +34,7 @@ Changes to the Lean backend: - Add support for pattern matching on constant literals (#1789) - Add support for shift-left (#1785) - Add support for binding subpatterns in match constructs (#1790) + - Add support for floats (#1784) Miscellaneous: - Reserve extraction folder for auto-generated files in Lean examples (#1754) From 21821ceb65bd0c5079743729d53d0ad8c4a5b6e7 Mon Sep 17 00:00:00 2001 From: Alexander Bentkamp Date: Mon, 1 Dec 2025 10:55:10 +0100 Subject: [PATCH 29/56] feat(lean): add error for f16 and f128 --- rust-engine/src/backends/lean.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index 7eaede870..32075eabe 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -837,10 +837,12 @@ set_option linter.unusedVariables false fn float_kind(&self, float_kind: &FloatKind) -> DocBuilder { docs![match float_kind { - FloatKind::F16 => "f16", + FloatKind::F16 => + emit_error!("The only supported float types are `f32` and `f64`."), FloatKind::F32 => "f32", FloatKind::F64 => "f64", - FloatKind::F128 => "f128", + FloatKind::F128 => + emit_error!("The only supported float types are `f32` and `f64`."), }] } From 252c46de84aa2d5f071fdbcbf8ddb56e2e5fdc96 Mon Sep 17 00:00:00 2001 From: Alexander Bentkamp Date: Mon, 1 Dec 2025 11:01:09 +0100 Subject: [PATCH 30/56] chore(lean): trim trailing whitespace --- rust-engine/src/backends/lean.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index 32075eabe..9fbe00dce 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -837,11 +837,11 @@ set_option linter.unusedVariables false fn float_kind(&self, float_kind: &FloatKind) -> DocBuilder { docs![match float_kind { - FloatKind::F16 => + FloatKind::F16 => emit_error!("The only supported float types are `f32` and `f64`."), FloatKind::F32 => "f32", FloatKind::F64 => "f64", - FloatKind::F128 => + FloatKind::F128 => emit_error!("The only supported float types are `f32` and `f64`."), }] } From c96e0f720c661423fc4c4e03fe209d2628765122 Mon Sep 17 00:00:00 2001 From: Alexander Bentkamp Date: Mon, 1 Dec 2025 11:49:18 +0100 Subject: [PATCH 31/56] chore(lean): small refactor Co-authored-by: Lucas Franceschino --- rust-engine/src/backends/lean.rs | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index 9fbe00dce..638d5d57b 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -475,11 +475,8 @@ set_option linter.unusedVariables false } } } - ExprKind::Literal(int_lit @ Literal::Int { .. }) => { - docs![int_lit, reflow!(" : "), ty].parens().group() - } - ExprKind::Literal(float_lit @ Literal::Float { .. }) => { - docs![float_lit, reflow!(" : "), ty].parens().group() + ExprKind::Literal(numeric_lit @ (Literal::Float { .. } | Literal::Int { .. })) => { + docs![numeric_lit, reflow!(" : "), ty].parens().group() } ExprKind::Literal(literal) => docs![literal], ExprKind::Array(exprs) => docs![ From 31b2c082b9ab96e2b424080b8dac1bb2ee549607 Mon Sep 17 00:00:00 2001 From: Alexander Bentkamp Date: Mon, 1 Dec 2025 11:49:31 +0100 Subject: [PATCH 32/56] chore(lean): small refactor Co-authored-by: Lucas Franceschino --- rust-engine/src/backends/lean.rs | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index 638d5d57b..89086c6df 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -834,11 +834,9 @@ set_option linter.unusedVariables false fn float_kind(&self, float_kind: &FloatKind) -> DocBuilder { docs![match float_kind { - FloatKind::F16 => - emit_error!("The only supported float types are `f32` and `f64`."), FloatKind::F32 => "f32", FloatKind::F64 => "f64", - FloatKind::F128 => + _ => emit_error!("The only supported float types are `f32` and `f64`."), }] } From 3fe9b2c450ddfd6016a1315ca7e4ed9a83d98846 Mon Sep 17 00:00:00 2001 From: Alexander Bentkamp Date: Mon, 1 Dec 2025 11:52:59 +0100 Subject: [PATCH 33/56] feat(lean): link issue in float error message --- rust-engine/src/backends/lean.rs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index 89086c6df..b80fa7b2a 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -836,8 +836,7 @@ set_option linter.unusedVariables false docs![match float_kind { FloatKind::F32 => "f32", FloatKind::F64 => "f64", - _ => - emit_error!("The only supported float types are `f32` and `f64`."), + _ => emit_error!(issue 1787, "The only supported float types are `f32` and `f64`."), }] } From deacb859adf330183f7f2dc68e792f01f908a239 Mon Sep 17 00:00:00 2001 From: Alexander Bentkamp Date: Mon, 1 Dec 2025 16:38:39 +0100 Subject: [PATCH 34/56] feat(lean): Raise error when function parameters contain patterns --- CHANGELOG.md | 1 + rust-engine/src/backends/lean.rs | 9 ++++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 99fbb57a2..c0d862a80 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -35,6 +35,7 @@ Changes to the Lean backend: - Add support for shift-left (#1785) - Add support for binding subpatterns in match constructs (#1790) - Add support for floats (#1784) + - Add error when using patterns in function parameters (#1792) Miscellaneous: - Reserve extraction folder for auto-generated files in Lean examples (#1754) diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index b80fa7b2a..e21afb2a8 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -864,7 +864,14 @@ set_option linter.unusedVariables false } fn param(&self, param: &Param) -> DocBuilder { - self.pat_typed(¶m.pat) + if matches!( + *param.pat.kind, + PatKind::Wild | PatKind::Ascription { .. } | PatKind::Binding { sub_pat: None, .. } + ) { + self.pat_typed(¶m.pat) + } else { + emit_error!(issue 1791, "Function parameters must not contain patterns") + } } fn item(&self, Item { ident, kind, meta }: &Item) -> DocBuilder { From b8ac3fcc12963dee629eda2f14eefcab71ff753e Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Thu, 26 Jun 2025 16:33:18 +0200 Subject: [PATCH 35/56] feat(engine/ast_utils): intro `HaxFailure` module --- engine/lib/ast_utils.ml | 71 ++++++++++++++++++++++++++++++++++----- engine/lib/import_thir.ml | 2 +- engine/lib/subtype.ml | 2 +- 3 files changed, 64 insertions(+), 11 deletions(-) diff --git a/engine/lib/ast_utils.ml b/engine/lib/ast_utils.ml index 96fb0c6a4..4c24eef1e 100644 --- a/engine/lib/ast_utils.ml +++ b/engine/lib/ast_utils.ml @@ -909,6 +909,67 @@ module Make (F : Features.T) = struct let string_lit span (s : string) : expr = { span; typ = TStr; e = Literal (String s) } + module HaxFailure = struct + module Build = struct + let pat span (typ : ty) (msg : string) : pat = + let (module M) = M.make span in + let constructor = + Global_ident.of_name ~value:true Rust_primitives__hax__Failure__Ctor + in + let pat = M.pat_PConstant ~typ ~lit:(String msg) in + let fields = [ { field = constructor; pat } ] in + M.pat_PConstruct ~typ ~is_record:false ~is_struct:true ~constructor + ~fields + + let expr span (typ : ty) (error : string) (ast : string) = + let args = List.map ~f:(string_lit span) [ error; ast ] in + call Rust_primitives__hax__failure args span typ + + let ty (payload : string) = + let ident = + `Concrete + (Concrete_ident.of_name ~value:false Rust_primitives__hax__Failure) + in + let (module M) = M.make (Span.dummy ()) in + let payload = M.expr_Literal ~typ:TBool (String payload) in + TApp { ident; args = [ GConst payload ] } + end + + open struct + let destruct_str_lit e = + let* l = D.expr_Literal e in + match l with String s -> Some s | _ -> None + end + + module Destruct = struct + let pat (p : pat) : string option = + let* p = D.pat_PConstruct p in + let*? () = + Global_ident.eq_name Rust_primitives__hax__Failure__Ctor p.constructor + in + let* { pat; _ } = D.list_1 p.fields in + let* s = D.pat_PConstant pat in + match s.lit with String s -> Some s | _ -> None + + let expr (e : expr) : (string * string) option = + let* app = D.expr_App e in + let* id = D.expr_GlobalVar app.f in + let*? _ = Global_ident.eq_name Rust_primitives__hax__failure id in + let* x, y = D.list_2 app.args in + + let* x = destruct_str_lit x in + let* y = destruct_str_lit y in + Some (x, y) + + let ty (t : ty) : string option = + match t with + | TApp { ident; args = [ GConst payload ] } + when Global_ident.eq_name Rust_primitives__hax__Failure ident -> + destruct_str_lit payload + | _ -> None + end + end + let hax_failure_expr' span (typ : ty) (context, kind) (ast : string) = let ast = (* Remove consecutive withe spaces *) @@ -921,19 +982,11 @@ module Make (F : Features.T) = struct else ast in let error = Diagnostics.pretty_print_context_kind context kind in - let args = List.map ~f:(string_lit span) [ error; ast ] in - call Rust_primitives__hax__failure args span typ + HaxFailure.Build.expr span typ error ast let hax_failure_expr span (typ : ty) (context, kind) (expr0 : Ast.Full.expr) = hax_failure_expr' span typ (context, kind) (Print_rust.pexpr_str expr0) - let hax_failure_typ = - let ident = - `Concrete - (Concrete_ident.of_name ~value:false Rust_primitives__hax__failure) - in - TApp { ident; args = [] } - module LiftToFullAst = struct let expr : AST.expr -> Ast.Full.expr = Stdlib.Obj.magic let ty : AST.ty -> Ast.Full.ty = Stdlib.Obj.magic diff --git a/engine/lib/import_thir.ml b/engine/lib/import_thir.ml index 862f727f9..89bbfee75 100644 --- a/engine/lib/import_thir.ml +++ b/engine/lib/import_thir.ml @@ -406,7 +406,7 @@ end) : EXPR = struct with Diagnostics.SpanFreeError.Exn (Data (ctx, kind)) -> let typ : ty = try c_ty e.span e.ty - with Diagnostics.SpanFreeError.Exn _ -> U.hax_failure_typ + with Diagnostics.SpanFreeError.Exn _ -> U.HaxFailure.Build.ty "" in let span = Span.of_thir e.span in U.hax_failure_expr' span typ (ctx, kind) "" diff --git a/engine/lib/subtype.ml b/engine/lib/subtype.ml index 2c81a7a8f..34adee32e 100644 --- a/engine/lib/subtype.ml +++ b/engine/lib/subtype.ml @@ -167,7 +167,7 @@ struct let typ : B.ty = try dty e.span e.typ with Diagnostics.SpanFreeError.Exn (Data (_context, _kind)) -> - UB.hax_failure_typ + UB.HaxFailure.Build.ty "" in UB.hax_failure_expr e.span typ (context, kind) (UA.LiftToFullAst.expr e) From 006b6d7c284387ef519b73bfc4df30f2c36f0edd Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Thu, 26 Jun 2025 16:35:15 +0200 Subject: [PATCH 36/56] feat(engine/span): add conversion function from Rust engine AST --- engine/lib/span.ml | 12 +++++++++++- engine/lib/span.mli | 6 ++++-- 2 files changed, 15 insertions(+), 3 deletions(-) diff --git a/engine/lib/span.ml b/engine/lib/span.ml index 749d546d2..5451f6373 100644 --- a/engine/lib/span.ml +++ b/engine/lib/span.ml @@ -156,7 +156,7 @@ let owner_hint span = Option.value_exn (List.nth !owner_id_list (!owner_id_list_len - id - 1))) -let to_span2 span : Types.span2 = +let to_rust_ast_span span : Rust_engine_types.span = { data = List.map ~f:Imported.span_to_thir span.data; id = Int.to_string span.id; @@ -165,3 +165,13 @@ let to_span2 span : Types.span2 = ~f:(fun (OwnerId n) -> Types.Newtypeowner_id (Int.to_string n)) span.owner_hint; } + +let from_rust_ast_span (span : Rust_engine_types.span) : t = + { + data = List.map ~f:Imported.span_of_thir span.data; + id = Int.of_string span.id; + owner_hint = + Option.map + ~f:(fun (Types.Newtypeowner_id n) -> OwnerId (Int.of_string n)) + span.owner_hint; + } diff --git a/engine/lib/span.mli b/engine/lib/span.mli index 1884fffce..fd2ab7142 100644 --- a/engine/lib/span.mli +++ b/engine/lib/span.mli @@ -37,5 +37,7 @@ val owner_hint : t -> Types.def_id option (** Looks up the owner hint for a span. This should be used for user reports only. *) -val to_span2 : t -> Types.span2 -(** Converts this span to a span2 for export to the Rust engine. *) +val to_rust_ast_span : t -> Rust_engine_types.span +(** Converts this span to a Rust engine span. *) + +val from_rust_ast_span : Rust_engine_types.span -> t From 2b718a8eadf9b8fbd4451ad94e83a56b470cf265 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Thu, 26 Jun 2025 16:36:00 +0200 Subject: [PATCH 37/56] feat(engine/def_id): expose `def_id_{to,from}_rust_ast` --- engine/lib/concrete_ident/explicit_def_id.ml | 2 ++ engine/lib/concrete_ident/explicit_def_id.mli | 2 ++ 2 files changed, 4 insertions(+) diff --git a/engine/lib/concrete_ident/explicit_def_id.ml b/engine/lib/concrete_ident/explicit_def_id.ml index fd4ffa3be..5c9a9e221 100644 --- a/engine/lib/concrete_ident/explicit_def_id.ml +++ b/engine/lib/concrete_ident/explicit_def_id.ml @@ -167,5 +167,7 @@ module FromRustAST = struct { is_constructor; def_id = def_id_contents_to_rust_ast def_id } end +let def_id_to_rust_ast = ToRustAST.def_id_contents_to_rust_ast +let def_id_from_rust_ast = FromRustAST.def_id_contents_to_rust_ast let to_rust_ast = ToRustAST.to_rust_ast let from_rust_ast = FromRustAST.to_rust_ast diff --git a/engine/lib/concrete_ident/explicit_def_id.mli b/engine/lib/concrete_ident/explicit_def_id.mli index 051daea3a..3c9622c24 100644 --- a/engine/lib/concrete_ident/explicit_def_id.mli +++ b/engine/lib/concrete_ident/explicit_def_id.mli @@ -84,5 +84,7 @@ module ImplInfoStore : sig [None] even though the supplied identifier points to an [Impl] block. *) end +val def_id_to_rust_ast : Types.def_id_contents -> Types.def_id2 +val def_id_from_rust_ast : Types.def_id2 -> Types.def_id_contents val to_rust_ast : t -> Rust_engine_types.explicit_def_id val from_rust_ast : Rust_engine_types.explicit_def_id -> t From 3e92646d4b92dbcdd8d27c1d05c79de1d20e5618 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Thu, 26 Jun 2025 16:36:41 +0200 Subject: [PATCH 38/56] fix(engine/export_ast): correct handling of errors --- engine/lib/export_ast.ml | 270 ++++++++++++++++++++++----------------- 1 file changed, 150 insertions(+), 120 deletions(-) diff --git a/engine/lib/export_ast.ml b/engine/lib/export_ast.ml index d02ee49da..197358ee0 100644 --- a/engine/lib/export_ast.ml +++ b/engine/lib/export_ast.ml @@ -6,50 +6,67 @@ type missing_type = unit module B = Rust_engine_types +let to_diagnostic_payload (span : Ast.span) (payload : string) = + try [%of_yojson: Types.diagnostic] (Yojson.Safe.from_string payload) + with _ -> + let node : Types.fragment = Unknown "OCamlEngineError" in + let info : B.diagnostic_info = + { + context = Import; + kind = Custom payload; + span = Span.to_rust_ast_span span; + } + in + { node; info } + module Make (FA : Features.T) = struct open Ast module A = Ast.Make (FA) + module U = Ast_utils.Make (FA) let dsafety_kind (safety : A.safety_kind) : B.safety_kind = match safety with Safe -> B.Safe | Unsafe _ -> B.Unsafe - let rec dty (ty : A.ty) : B.ty = - match ty with - | TBool -> Newtypety (Primitive Bool) - | TChar -> Newtypety (Primitive Char) - | TInt k -> Newtypety (Primitive (Int (dint_kind k))) - | TFloat k -> Newtypety (Primitive (Float (dfloat_kind k))) - | TStr -> Newtypety (Primitive Str) - | TApp { ident; args } -> - Newtypety - (B.App - { - head = dglobal_ident ident; - args = List.map ~f:dgeneric_value args; - }) - | TArray { typ; length } -> - Newtypety (Array { ty = dty typ; length = dexpr length }) - | TSlice { witness = _; ty } -> Newtypety (Slice (dty ty)) - | TRef { witness = _; typ; mut; region = _ } -> - Newtypety - (Ref - { - inner = dty typ; - mutable' = (match mut with Mutable _ -> true | _ -> false); - region = B.EmptyStructregion2; - }) - | TParam local_ident -> Newtypety (Param (dlocal_ident local_ident)) - | TArrow (inputs, output) -> - Newtypety - (Arrow { inputs = List.map ~f:dty inputs; output = dty output }) - | TAssociatedType { impl; item } -> - Newtypety - (AssociatedType - { impl_ = dimpl_expr impl; item = dconcrete_ident item }) - | TOpaque ident -> Newtypety (Opaque (dconcrete_ident ident)) - | TRawPointer { witness = _ } -> Newtypety RawPointer - | TDyn { witness = _; goals } -> - Newtypety (Dyn (List.map ~f:ddyn_trait_goal goals)) + let rec dty_no_error (span : Ast.span) (ty : A.ty) : B.ty = + Newtypety + (match ty with + | TBool -> Primitive Bool + | TChar -> Primitive Char + | TInt k -> Primitive (Int (dint_kind k)) + | TFloat k -> Primitive (Float (dfloat_kind k)) + | TStr -> Primitive Str + | TApp { ident; args } -> + B.App + { + head = dglobal_ident ident; + args = List.map ~f:(dgeneric_value span) args; + } + | TArray { typ; length } -> + Array { ty = dty span typ; length = dexpr length } + | TSlice { witness = _; ty } -> Slice (dty span ty) + | TRef { witness = _; typ; mut; region = _ } -> + Ref + { + inner = dty span typ; + mutable' = (match mut with Mutable _ -> true | _ -> false); + region = B.EmptyStructregion2; + } + | TParam local_ident -> Param (dlocal_ident local_ident) + | TArrow (inputs, output) -> + Arrow + { inputs = List.map ~f:(dty span) inputs; output = dty span output } + | TAssociatedType { impl; item } -> + AssociatedType + { impl_ = dimpl_expr span impl; item = dconcrete_ident item } + | TOpaque ident -> Opaque (dconcrete_ident ident) + | TRawPointer { witness = _ } -> RawPointer + | TDyn { witness = _; goals } -> + Dyn (List.map ~f:(ddyn_trait_goal span) goals)) + + and dty (span : Ast.span) (ty : A.ty) : B.ty = + match U.HaxFailure.Destruct.ty ty with + | Some s -> Newtypety (Error (to_diagnostic_payload span s)) + | None -> dty_no_error span ty and dint_kind (ik : int_kind) : B.int_kind = let size : B.int_size = @@ -96,56 +113,60 @@ module Make (FA : Features.T) = struct and dconcrete_ident (gi : concrete_ident) : B.global_id = dglobal_ident (`Concrete gi) - and ddyn_trait_goal (r : A.dyn_trait_goal) : B.dyn_trait_goal = + and ddyn_trait_goal span (r : A.dyn_trait_goal) : B.dyn_trait_goal = { - non_self_args = List.map ~f:dgeneric_value r.non_self_args; + non_self_args = List.map ~f:(dgeneric_value span) r.non_self_args; trait_ = dconcrete_ident r.trait; } - and dtrait_goal (r : A.trait_goal) : B.trait_goal = + and dtrait_goal span (r : A.trait_goal) : B.trait_goal = { - args = List.map ~f:dgeneric_value r.args; + args = List.map ~f:(dgeneric_value span) r.args; trait_ = dconcrete_ident r.trait; } - and dimpl_ident (r : A.impl_ident) : B.impl_ident = - { goal = dtrait_goal r.goal; name = Newtypesymbol r.name } + and dimpl_ident span (r : A.impl_ident) : B.impl_ident = + { goal = dtrait_goal span r.goal; name = Newtypesymbol r.name } - and dprojection_predicate (r : A.projection_predicate) : + and dprojection_predicate span (r : A.projection_predicate) : B.projection_predicate = { assoc_item = dconcrete_ident r.assoc_item; - impl_ = dimpl_expr r.impl; - ty = dty r.typ; + impl_ = dimpl_expr span r.impl; + ty = dty span r.typ; } - and dimpl_expr (i : A.impl_expr) : B.impl_expr = - { goal = dtrait_goal i.goal; kind = dimpl_expr_kind i.kind } + and dimpl_expr span (i : A.impl_expr) : B.impl_expr = + { goal = dtrait_goal span i.goal; kind = dimpl_expr_kind span i.kind } - and dimpl_expr_kind (i : A.impl_expr_kind) : B.impl_expr_kind = + and dimpl_expr_kind span (i : A.impl_expr_kind) : B.impl_expr_kind = match i with | A.Self -> B.Self_ - | A.Concrete tr -> B.Concrete (dtrait_goal tr) + | A.Concrete tr -> B.Concrete (dtrait_goal span tr) | A.LocalBound { id } -> B.LocalBound { id = B.Newtypesymbol id } | A.Parent { impl; ident } -> - B.Parent { impl_ = dimpl_expr impl; ident = dimpl_ident ident } + B.Parent + { impl_ = dimpl_expr span impl; ident = dimpl_ident span ident } | A.Projection { impl; item; ident } -> B.Projection { - impl_ = dimpl_expr impl; + impl_ = dimpl_expr span impl; item = dconcrete_ident item; - ident = dimpl_ident ident; + ident = dimpl_ident span ident; } | A.ImplApp { impl; args } -> B.ImplApp - { impl_ = dimpl_expr impl; args = List.map ~f:dimpl_expr args } + { + impl_ = dimpl_expr span impl; + args = List.map ~f:(dimpl_expr span) args; + } | A.Dyn -> B.Dyn - | A.Builtin tr -> B.Builtin (dtrait_goal tr) + | A.Builtin tr -> B.Builtin (dtrait_goal span tr) - and dgeneric_value (generic_value : A.generic_value) : B.generic_value = + and dgeneric_value span (generic_value : A.generic_value) : B.generic_value = match generic_value with | GLifetime _ -> B.Lifetime - | GType t -> B.Ty (dty t) + | GType t -> B.Ty (dty span t) | GConst e -> B.Expr (dexpr e) and dborrow_kind (borrow_kind : A.borrow_kind) : B.borrow_kind = @@ -168,14 +189,19 @@ module Make (FA : Features.T) = struct { kind; span = dspan a.span } and dpat (p : A.pat) : B.pat = - { kind = dpat' p.p; meta = dmetadata p.span; ty = dty p.typ } + let kind : B.pat_kind = + match U.HaxFailure.Destruct.pat p with + | Some s -> Error (to_diagnostic_payload p.span s) + | _ -> dpat' p.span p.p + in + { kind; meta = dmetadata p.span; ty = dty p.span p.typ } - and dpat' (pat : A.pat') : B.pat_kind = + and dpat' span (pat : A.pat') : B.pat_kind = match pat with | PWild -> Wild | PAscription { typ; typ_span; pat } -> Ascription - { pat = dpat pat; ty = { span = dspan typ_span; ty = dty typ } } + { pat = dpat pat; ty = { span = dspan typ_span; ty = dty span typ } } | PConstruct { constructor; is_record; is_struct; fields } -> Construct { @@ -201,7 +227,7 @@ module Make (FA : Features.T) = struct sub_pat = Option.map ~f:(fun (p, _) -> dpat p) subpat; } - and dspan : span -> B.span = Span.to_span2 + and dspan : span -> B.span = Span.to_rust_ast_span and dbinding_mode (binding_mode : A.binding_mode) : B.binding_mode = match binding_mode with @@ -209,9 +235,14 @@ module Make (FA : Features.T) = struct | ByRef (kind, _witness) -> B.ByRef (dborrow_kind kind) and dexpr (e : A.expr) : B.expr = - { kind = dexpr' e.e; ty = dty e.typ; meta = dmetadata e.span } + let kind : B.expr_kind = + match U.HaxFailure.Destruct.expr e with + | Some (s, _) -> Error (to_diagnostic_payload e.span s) + | None -> dexpr' e.span e.e + in + { kind; ty = dty e.span e.typ; meta = dmetadata e.span } - and dexpr' (expr : A.expr') : B.expr_kind = + and dexpr' span (expr : A.expr') : B.expr_kind = match expr with | If { cond; then_; else_ } -> If @@ -225,12 +256,12 @@ module Make (FA : Features.T) = struct { head = dexpr f; args = List.map ~f:dexpr args; - generic_args = List.map ~f:dgeneric_value generic_args; - bounds_impls = List.map ~f:dimpl_expr bounds_impls; + generic_args = List.map ~f:(dgeneric_value span) generic_args; + bounds_impls = List.map ~f:(dimpl_expr span) bounds_impls; trait_ = Option.map ~f:(fun (impl, args) -> - (dimpl_expr impl, List.map ~f:dgeneric_value args)) + (dimpl_expr span impl, List.map ~f:(dgeneric_value span) args)) trait; } | Literal lit -> Literal (dliteral lit) @@ -253,15 +284,15 @@ module Make (FA : Features.T) = struct Block { body = dexpr e; safety_mode = dsafety_kind safety_mode } | LocalVar id -> LocalId (dlocal_ident id) | GlobalVar id -> GlobalId (dglobal_ident id) - | Ascription { e; typ } -> Ascription { e = dexpr e; ty = dty typ } + | Ascription { e; typ } -> Ascription { e = dexpr e; ty = dty span typ } | MacroInvokation _ -> deprecated_node "MacroInvokation" | Assign { lhs; e; witness = _ } -> - Assign { lhs = dlhs lhs; value = dexpr e } + Assign { lhs = dlhs span lhs; value = dexpr e } | Loop { body; kind; state; control_flow; label; witness = _ } -> Loop { body = dexpr body; - kind = dloop_kind kind; + kind = dloop_kind span kind; state = Option.map ~f:dloop_state state; control_flow = Option.map ~f:(fun (k, _) -> dcontrol_flow_kind k) control_flow; @@ -297,7 +328,7 @@ module Make (FA : Features.T) = struct captures = List.map ~f:dexpr captures; } | EffectAction _ -> deprecated_node "EffectAction" - | Quote q -> Quote { contents = dquote q } + | Quote q -> Quote { contents = dquote span q } and dcontrol_flow_kind (cfk : A.cf_kind) : B.control_flow_kind = match cfk with BreakOnly -> B.BreakOnly | BreakOrReturn -> B.BreakOrReturn @@ -313,12 +344,12 @@ module Make (FA : Features.T) = struct { value = Newtypesymbol value; negative; kind = dfloat_kind kind } | Bool b -> B.Bool b - and dquote ({ contents; _ } : A.quote) : B.quote = + and dquote span ({ contents; _ } : A.quote) : B.quote = let f = function | A.Verbatim code -> B.Verbatim code | A.Expr e -> B.Expr (dexpr e) | A.Pattern p -> B.Pattern (dpat p) - | A.Typ t -> B.Ty (dty t) + | A.Typ t -> B.Ty (dty span t) in Newtypequote (List.map ~f contents) @@ -345,7 +376,7 @@ module Make (FA : Features.T) = struct | `Replace -> B.Replace); } - and dloop_kind (k : A.loop_kind) : B.loop_kind = + and dloop_kind span (k : A.loop_kind) : B.loop_kind = match k with | A.UnconditionalLoop -> B.UnconditionalLoop | A.WhileLoop { condition; witness = _ } -> @@ -358,7 +389,7 @@ module Make (FA : Features.T) = struct start = dexpr start; end' = dexpr end_; var = dlocal_ident var; - var_ty = dty var_typ; + var_ty = dty span var_typ; } and dloop_state (s : A.loop_state) : B.loop_state = @@ -380,16 +411,17 @@ module Make (FA : Features.T) = struct | IfLet { lhs; rhs; witness = _ } -> B.IfLet { lhs = dpat lhs; rhs = dexpr rhs } - and dlhs (lhs : A.lhs) : B.lhs = + and dlhs span (lhs : A.lhs) : B.lhs = match lhs with | A.LhsLocalVar { var; typ } -> - B.LocalVar { var = dlocal_ident var; ty = dty typ } + B.LocalVar { var = dlocal_ident var; ty = dty span typ } | A.LhsArbitraryExpr { e; witness = _ } -> B.ArbitraryExpr (dexpr e) | A.LhsFieldAccessor { e; field; typ; witness = _ } -> B.FieldAccessor - { e = dlhs e; field = dglobal_ident field; ty = dty typ } + { e = dlhs span e; field = dglobal_ident field; ty = dty span typ } | A.LhsArrayAccessor { e; index; typ; witness = _ } -> - B.ArrayAccessor { e = dlhs e; index = dexpr index; ty = dty typ } + B.ArrayAccessor + { e = dlhs span e; index = dexpr index; ty = dty span typ } let dgeneric_param ({ ident; span; attrs; kind } : A.generic_param) : B.generic_param = @@ -397,110 +429,111 @@ module Make (FA : Features.T) = struct match kind with | GPLifetime { witness = _ } -> Lifetime | GPType -> Type - | GPConst { typ } -> Const { ty = dty typ } + | GPConst { typ } -> Const { ty = dty span typ } in { ident = dlocal_ident ident; meta = dmetadata ~attrs span; kind } - let dgeneric_constraint (generic_constraint : A.generic_constraint) : + let dgeneric_constraint span (generic_constraint : A.generic_constraint) : B.generic_constraint = match generic_constraint with | GCLifetime (lf, _witness) -> Lifetime lf - | GCType impl_ident -> Type (dimpl_ident impl_ident) - | GCProjection projection -> Projection (dprojection_predicate projection) + | GCType impl_ident -> Type (dimpl_ident span impl_ident) + | GCProjection projection -> + Projection (dprojection_predicate span projection) - let dgenerics (g : A.generics) : B.generics = + let dgenerics span (g : A.generics) : B.generics = { - constraints = List.map ~f:dgeneric_constraint g.constraints; + constraints = List.map ~f:(dgeneric_constraint span) g.constraints; params = List.map ~f:dgeneric_param g.params; } - let dparam (p : A.param) : B.param = + let dparam span (p : A.param) : B.param = { attributes = List.map ~f:dattr p.attrs; pat = dpat p.pat; - ty = dty p.typ; + ty = dty span p.typ; ty_span = Option.map ~f:dspan p.typ_span; } - let dvariant (v : A.variant) : B.variant = + let dvariant span (v : A.variant) : B.variant = let dattrs = List.map ~f:dattr in { arguments = List.map - ~f:(fun (id, t, a) -> (dconcrete_ident id, dty t, dattrs a)) + ~f:(fun (id, t, a) -> (dconcrete_ident id, dty span t, dattrs a)) v.arguments; attributes = dattrs v.attrs; is_record = v.is_record; name = dconcrete_ident v.name; } - let dtrait_item' (ti : A.trait_item') : B.trait_item_kind = + let dtrait_item' span (ti : A.trait_item') : B.trait_item_kind = match ti with - | TIType idents -> Type (List.map ~f:dimpl_ident idents) - | TIFn t -> Fn (dty t) + | TIType idents -> Type (List.map ~f:(dimpl_ident span) idents) + | TIFn t -> Fn (dty span t) | TIDefault { params; body; witness = _ } -> - Default { params = List.map ~f:dparam params; body = dexpr body } + Default { params = List.map ~f:(dparam span) params; body = dexpr body } let dtrait_item (ti : A.trait_item) : B.trait_item = { - generics = dgenerics ti.ti_generics; + generics = dgenerics ti.ti_span ti.ti_generics; ident = dconcrete_ident ti.ti_ident; - kind = dtrait_item' ti.ti_v; + kind = dtrait_item' ti.ti_span ti.ti_v; meta = dmetadata ~attrs:ti.ti_attrs ti.ti_span; } - let dimpl_item' (ii : A.impl_item') : B.impl_item_kind = + let dimpl_item' span (ii : A.impl_item') : B.impl_item_kind = match ii with | IIType { typ; parent_bounds } -> Type { - ty = dty typ; + ty = dty span typ; parent_bounds = - List.map ~f:(dimpl_expr *** dimpl_ident) parent_bounds; + List.map ~f:(dimpl_expr span *** dimpl_ident span) parent_bounds; } | IIFn { body; params } -> - Fn { body = dexpr body; params = List.map ~f:dparam params } + Fn { body = dexpr body; params = List.map ~f:(dparam span) params } let dimpl_item (ii : A.impl_item) : B.impl_item = { - generics = dgenerics ii.ii_generics; + generics = dgenerics ii.ii_span ii.ii_generics; ident = dconcrete_ident ii.ii_ident; - kind = dimpl_item' ii.ii_v; + kind = dimpl_item' ii.ii_span ii.ii_v; meta = dmetadata ~attrs:ii.ii_attrs ii.ii_span; } - let ditem' (item : A.item') (span : Types.span2) : B.item_kind = + let ditem' (span : Ast.span) (item : A.item') : B.item_kind = match item with | A.Fn { name; generics; body; params; safety } -> B.Fn { name = dconcrete_ident name; - generics = dgenerics generics; + generics = dgenerics span generics; body = dexpr body; - params = List.map ~f:dparam params; + params = List.map ~f:(dparam span) params; safety = dsafety_kind safety; } | A.Type { name; generics; variants; is_struct } -> B.Type { name = dconcrete_ident name; - generics = dgenerics generics; - variants = List.map ~f:dvariant variants; + generics = dgenerics span generics; + variants = List.map ~f:(dvariant span) variants; is_struct; } | A.TyAlias { name; generics; ty } -> B.TyAlias { name = dconcrete_ident name; - generics = dgenerics generics; - ty = dty ty; + generics = dgenerics span generics; + ty = dty span ty; } | A.IMacroInvokation _ -> deprecated_node "IMacroInvokation" | A.Trait { name; generics; items; safety = _ } -> B.Trait { name = dconcrete_ident name; - generics = dgenerics generics; + generics = dgenerics span generics; items = List.map ~f:dtrait_item items; } | A.Impl @@ -514,15 +547,16 @@ module Make (FA : Features.T) = struct } -> B.Impl { - generics = dgenerics generics; - self_ty = dty self_ty; + generics = dgenerics span generics; + self_ty = dty span self_ty; of_trait = ( dconcrete_ident trait_id, - List.map ~f:dgeneric_value trait_generics ); + List.map ~f:(dgeneric_value span) trait_generics ); items = List.map ~f:dimpl_item items; parent_bounds = List.map - ~f:(fun (impl, ident) -> (dimpl_expr impl, dimpl_ident ident)) + ~f:(fun (impl, ident) -> + (dimpl_expr span impl, dimpl_ident span ident)) parent_bounds; safety = dsafety_kind safety; } @@ -530,20 +564,16 @@ module Make (FA : Features.T) = struct B.Alias { name = dconcrete_ident name; item = dconcrete_ident item } | A.Use { path; is_external; rename } -> B.Use { path; is_external; rename } | A.Quote { quote; origin } -> - B.Quote { quote = dquote quote; origin = ditem_quote_origin origin } - | A.HaxError details -> - let fragment : Types.fragment = Unknown "HaxError" in - let info : B.diagnostic_info = - { context = Import; kind = AssertionFailure { details }; span } - in - Error { fragment; diagnostics = [ { node = fragment; info } ] } + B.Quote + { quote = dquote span quote; origin = ditem_quote_origin origin } | A.NotImplementedYet -> B.NotImplementedYet + | A.HaxError s -> Error (to_diagnostic_payload span s) let ditem (i : A.item) : B.item list = [ { ident = dconcrete_ident i.ident; - kind = ditem' i.v (dspan i.span); + kind = ditem' i.span i.v; meta = dmetadata ~attrs:i.attrs i.span; }; ] From fff521d13d82a8925a182a44cee53bb526534665 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Thu, 26 Jun 2025 16:37:15 +0200 Subject: [PATCH 39/56] feat(engine): introduce `import_ast` (from RustAST to OCamlAST) --- engine/lib/import_ast.ml | 691 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 691 insertions(+) create mode 100644 engine/lib/import_ast.ml diff --git a/engine/lib/import_ast.ml b/engine/lib/import_ast.ml new file mode 100644 index 000000000..83ad91c71 --- /dev/null +++ b/engine/lib/import_ast.ml @@ -0,0 +1,691 @@ +open! Prelude + +let refute_resugared s = + failwith + ("Got a resugared node at " ^ s + ^ ". The AST is never supposed to be sent to the OCaml engine with \ + resugared nodes.") + +let broken_invariant s = failwith s + +type missing_type = unit + +module A = Rust_engine_types +module F = Features.Full + +module B = struct + include Ast + include Ast.Make (F) +end + +module U = Ast_utils.Make (F) +module Build = Ast_builder.Make (F) + +module SpecialNames = struct + let rec map_strings (f : string -> string) + ({ kind; krate; parent; path } : Types.def_id2) : Types.def_id2 = + let path = + List.map + ~f:(fun { data; disambiguator } -> + let data = + match data with + | Types.CrateRoot { name } -> Types.CrateRoot { name = f name } + | Types.TypeNs s -> Types.TypeNs (f s) + | Types.ValueNs s -> Types.ValueNs (f s) + | Types.MacroNs s -> Types.MacroNs (f s) + | Types.LifetimeNs s -> Types.LifetimeNs (f s) + | other -> other + in + Types.{ data; disambiguator }) + path + in + let parent = Option.map ~f:(map_strings f) parent in + Types.{ kind; krate; parent; path } + + let g len nth s = + match String.chop_prefix ~prefix:"Tuple" s with + | Some n -> ( + let n = Int.of_string_opt n in + match n with + | Some n -> + len := Some n; + "Tuple2" + | _ -> s) + | None -> ( + let n = Int.of_string_opt s in + match n with + | Some n -> + nth := Some n; + "1" + | _ -> s) + + let destruct_compare name (did : A.concrete_id) = + let len, nth = (ref None, ref None) in + let patched = map_strings (g len nth) did.def_id.def_id in + let nth = !nth in + let* len = !len in + let name = Concrete_ident_generated.def_id_of name in + let name = Explicit_def_id.def_id_to_rust_ast name.contents.value in + if [%eq: Types.def_id2] name patched then Some (len, nth) else None + + let tuple_type (did : A.concrete_id) : int option = + let* len, _ = destruct_compare Rust_primitives__hax__Tuple2 did in + Some len + + let tuple_cons (did : A.concrete_id) : int option = + let* len, _ = destruct_compare Rust_primitives__hax__Tuple2__Ctor did in + Some len + + let tuple_field (did : A.concrete_id) : (int * int) option = + let* len, nth = destruct_compare Rust_primitives__hax__Tuple2__1 did in + let* nth = nth in + Some (len, nth) + + let expect_tuple_global_id (did : A.concrete_id) : Ast.Global_ident.t option = + match tuple_type did with + | Some len -> Some (`TupleType len) + | None -> ( + match tuple_cons did with + | Some len -> Some (`TupleCons len) + | None -> ( + match tuple_field did with + | Some (len, nth) -> Some (`TupleField (nth, len)) + | None -> None)) + + let conv (did : A.concrete_id) = + match expect_tuple_global_id did with + | Some id -> id + | None -> + let id = Concrete_ident.from_rust_ast did in + let eq n = Concrete_ident.eq_name n id in + if eq Rust_primitives__hax__deref_op then `Primitive Deref + else if eq Rust_primitives__hax__cast_op then `Primitive Cast + else if eq Rust_primitives__hax__logical_op_and then + `Primitive (LogicalOp And) + else if eq Rust_primitives__hax__logical_op_or then + `Primitive (LogicalOp Or) + else `Concrete id +end + +let from_diagnostic_payload (diagnostic : Types.diagnostic) : string = + match (diagnostic.node, diagnostic.info.kind) with + | Unknown "OCamlEngineError", Custom payload -> payload + | _ -> [%yojson_of: Types.diagnostic] diagnostic |> Yojson.Safe.to_string + +let dsafety_kind (safety : A.safety_kind) : B.safety_kind = + match safety with Safe -> B.Safe | Unsafe -> B.Unsafe F.unsafe + +let rec dty (Newtypety ty : A.ty) : B.ty = + match ty with + | Primitive Bool -> TBool + | Primitive Char -> TChar + | Primitive (Int k) -> TInt (dint_kind k) + | Primitive (Float k) -> TFloat (dfloat_kind k) + | Primitive Str -> TStr + | App { head; args } -> + TApp + { ident = dglobal_ident head; args = List.map ~f:dgeneric_value args } + | Array { ty; length } -> TArray { typ = dty ty; length = dexpr length } + | Slice ty -> TSlice { ty = dty ty; witness = F.slice } + | Ref { inner; mutable'; region = _ } -> + TRef + { + witness = F.reference; + typ = dty inner; + mut = (if mutable' then Mutable F.mutable_reference else Immutable); + region = "unknown"; + } + | Param local_ident -> TParam (dlocal_ident local_ident) + | Arrow { inputs; output } -> TArrow (List.map ~f:dty inputs, dty output) + | AssociatedType { impl_; item } -> + TAssociatedType { impl = dimpl_expr impl_; item = dconcrete_ident item } + | Opaque ident -> TOpaque (dconcrete_ident ident) + | RawPointer -> TRawPointer { witness = F.raw_pointer } + | Dyn goals -> + TDyn { witness = F.dyn; goals = List.map ~f:ddyn_trait_goal goals } + | Tuple _ -> failwith "kill tuple constructor!" + | Resugared _ -> refute_resugared "ty" + | Error s -> U.HaxFailure.Build.ty (from_diagnostic_payload s) + +and dint_kind (ik : A.int_kind) : B.int_kind = + let size : B.size = + match ik.size with + | S8 -> S8 + | S16 -> S16 + | S32 -> S32 + | S64 -> S64 + | S128 -> S128 + | SSize -> SSize + in + { + size; + signedness = + (match ik.signedness with Signed -> Signed | Unsigned -> Unsigned); + } + +and dfloat_kind (fk : A.float_kind) : B.float_kind = + match fk with F16 -> F16 | F32 -> F32 | F64 -> F64 | F128 -> F128 + +and dglobal_ident (gi : A.global_id) : B.global_ident = + match gi with + | Types.Concrete c -> SpecialNames.conv c + | Types.Projector c -> + let c = SpecialNames.conv c in + `Projector + (match c with + | `Concrete id -> `Concrete id + | `TupleField f -> `TupleField f + | _ -> broken_invariant "incorrect projector") + +and dlocal_ident (Newtypelocal_id (Newtypesymbol li) : A.local_id) : + B.local_ident = + { id = (Expr, 0); name = li } + +and dconcrete_ident (gi : A.global_id) : B.concrete_ident = + match dglobal_ident gi with + | `Concrete id -> id + | _ -> + broken_invariant + "dconcrete_ident: got something else than a [`Concrete _]" + +and ddyn_trait_goal (r : A.dyn_trait_goal) : B.dyn_trait_goal = + { + non_self_args = List.map ~f:dgeneric_value r.non_self_args; + trait = dconcrete_ident r.trait_; + } + +and dtrait_goal (r : A.trait_goal) : B.trait_goal = + { args = List.map ~f:dgeneric_value r.args; trait = dconcrete_ident r.trait_ } + +and dimpl_ident (r : A.impl_ident) : B.impl_ident = + { + goal = dtrait_goal r.goal; + name = (match r.name with Newtypesymbol name -> name); + } + +and dprojection_predicate (r : A.projection_predicate) : B.projection_predicate + = + { + assoc_item = dconcrete_ident r.assoc_item; + impl = dimpl_expr r.impl_; + typ = dty r.ty; + } + +and dimpl_expr (i : A.impl_expr) : B.impl_expr = + { goal = dtrait_goal i.goal; kind = dimpl_expr_kind i.kind } + +and dimpl_expr_kind (i : A.impl_expr_kind) : B.impl_expr_kind = + match i with + | A.Self_ -> B.Self + | A.Concrete tr -> B.Concrete (dtrait_goal tr) + | A.LocalBound { id = A.Newtypesymbol id } -> B.LocalBound { id } + | A.Parent { impl_; ident } -> + B.Parent { impl = dimpl_expr impl_; ident = dimpl_ident ident } + | A.Projection { impl_; item; ident } -> + B.Projection + { + impl = dimpl_expr impl_; + item = dconcrete_ident item; + ident = dimpl_ident ident; + } + | A.ImplApp { impl_; args } -> + B.ImplApp { impl = dimpl_expr impl_; args = List.map ~f:dimpl_expr args } + | A.Dyn -> B.Dyn + | A.Builtin tr -> B.Builtin (dtrait_goal tr) + +and dgeneric_value (generic_value : A.generic_value) : B.generic_value = + match generic_value with + | Lifetime -> B.GLifetime { lt = ""; witness = F.lifetime } + | Ty t -> B.GType (dty t) + | Expr e -> B.GConst (dexpr e) + +and dborrow_kind (borrow_kind : A.borrow_kind) : B.borrow_kind = + match borrow_kind with + | Shared -> B.Shared + | Unique -> B.Unique + | Mut -> B.Mut F.mutable_reference + +and dattributes (m : A.attribute2 list) : B.attrs = List.map ~f:dattr m +and dspan = Span.from_rust_ast_span + +and dattr (a : A.attribute) : B.attr = + let kind : B.attr_kind = + match a.kind with + | Tool { path; tokens } -> B.Tool { path; tokens } + | DocComment { kind; body } -> + let kind = match kind with Line -> B.DCKLine | Block -> DCKBlock in + B.DocComment { kind; body } + in + { kind; span = dspan a.span } + +and dpat (p : A.pat) : B.pat = + let typ = dty p.ty in + let span = dspan p.meta.span in + { p = dpat' span typ p.kind; span; typ } + +and dpat' span parent_ty (pat : A.pat_kind) : B.pat' = + match pat with + | Wild -> PWild + | Ascription { pat; ty = { ty; span } } -> + PAscription { pat = dpat pat; typ_span = dspan span; typ = dty ty } + | Construct { constructor; is_record; is_struct; fields } -> + PConstruct + { + constructor = dglobal_ident constructor; + is_record; + is_struct; + fields = + List.map + ~f:(fun (field, pat) -> + B.{ field = dglobal_ident field; pat = dpat pat }) + fields; + } + | Or { sub_pats } -> POr { subpats = List.map ~f:dpat sub_pats } + | Array { args } -> PArray { args = List.map ~f:dpat args } + | Deref { sub_pat } -> PDeref { subpat = dpat sub_pat; witness = F.reference } + | Constant { lit } -> PConstant { lit = dliteral lit } + | Binding { mutable'; mode; var; sub_pat } -> + let mut = if mutable' then B.Mutable F.mutable_variable else Immutable in + PBinding + { + mut; + mode = dbinding_mode mode; + var = dlocal_ident var; + subpat = Option.map ~f:(fun p -> (dpat p, F.as_pattern)) sub_pat; + typ = parent_ty; + } + | Resugared _ -> refute_resugared "ty" + | Error diag -> + let s = from_diagnostic_payload diag in + (U.HaxFailure.Build.pat span parent_ty s).p + +and dbinding_mode (binding_mode : A.binding_mode) : B.binding_mode = + match binding_mode with + | ByValue -> B.ByValue + | ByRef kind -> B.ByRef (dborrow_kind kind, F.reference) + +and dexpr (e : A.expr) : B.expr = + let typ = dty e.ty in + let span = dspan e.meta.span in + { e = dexpr' span typ e.kind; typ; span } + +and dexpr' span typ (expr : A.expr_kind) : B.expr' = + match expr with + | If { condition; then'; else_ } -> + If + { + cond = dexpr condition; + then_ = dexpr then'; + else_ = Option.map ~f:dexpr else_; + } + | App { head; args; generic_args; bounds_impls; trait_ } -> + App + { + f = dexpr head; + args = List.map ~f:dexpr args; + generic_args = List.map ~f:dgeneric_value generic_args; + bounds_impls = List.map ~f:dimpl_expr bounds_impls; + trait = + Option.map + ~f:(fun (impl, args) -> + (dimpl_expr impl, List.map ~f:dgeneric_value args)) + trait_; + } + | Literal lit -> Literal (dliteral lit) + | Array exprs -> Array (List.map ~f:dexpr exprs) + | Construct { constructor; is_record; is_struct; fields; base } -> + Construct + { + constructor = dglobal_ident constructor; + fields = + List.map ~f:(fun (id, e) -> (dglobal_ident id, dexpr e)) fields; + base = Option.map ~f:(fun e -> (dexpr e, F.construct_base)) base; + is_record; + is_struct; + } + | Match { scrutinee; arms } -> + Match { scrutinee = dexpr scrutinee; arms = List.map ~f:darm arms } + | Let { lhs; rhs; body } -> + Let { lhs = dpat lhs; rhs = dexpr rhs; body = dexpr body; monadic = None } + | Block { body; safety_mode } -> + Block + { + e = dexpr body; + safety_mode = dsafety_kind safety_mode; + witness = F.block; + } + | LocalId id -> LocalVar (dlocal_ident id) + | GlobalId id -> GlobalVar (dglobal_ident id) + | Ascription { e; ty } -> Ascription { e = dexpr e; typ = dty ty } + | Assign { lhs; value } -> + Assign { lhs = dlhs lhs; e = dexpr value; witness = F.mutable_variable } + | Loop { body; kind; state; control_flow; label } -> + Loop + { + body = dexpr body; + kind = dloop_kind kind; + state = Option.map ~f:dloop_state state; + control_flow = + Option.map + ~f:(fun k -> (dcontrol_flow_kind k, F.fold_like_loop)) + control_flow; + label = Option.map ~f:(fun (A.Newtypesymbol s) -> s) label; + witness = F.loop; + } + | Break { value; label } -> + Break + { + e = dexpr value; + label = Option.map ~f:(fun (A.Newtypesymbol s) -> s) label; + acc = failwith "todo"; + witness = (F.break, F.loop); + } + | Return { value } -> Return { e = dexpr value; witness = F.early_exit } + | Continue { label } -> + Continue + { + label = Option.map ~f:(fun (Newtypesymbol s) -> s) label; + acc = failwith "todo"; + witness = (F.continue, F.loop); + } + | Borrow { mutable'; inner } -> + Borrow + { + e = dexpr inner; + kind = (if mutable' then Mut F.mutable_reference else B.Shared); + witness = F.reference; + } + | AddressOf { mutable'; inner } -> + AddressOf + { + e = dexpr inner; + mut = (if mutable' then Mutable F.mutable_pointer else Immutable); + witness = F.raw_pointer; + } + | Closure { params; body; captures } -> + Closure + { + params = List.map ~f:dpat params; + body = dexpr body; + captures = List.map ~f:dexpr captures; + } + | Quote { contents } -> Quote (dquote contents) + | Tuple _ | Deref _ -> failwith "TODO, remove me" + | Resugared _ -> refute_resugared "ty" + | Error diag -> + (U.HaxFailure.Build.expr span typ (from_diagnostic_payload diag) "").e + +and dcontrol_flow_kind (cfk : A.control_flow_kind) : B.cf_kind = + match cfk with BreakOnly -> B.BreakOnly | BreakOrReturn -> B.BreakOrReturn + +and dliteral (l : A.literal) : B.literal = + match l with + | String (Newtypesymbol s) -> B.String s + | Char c -> B.Char c + | Int { value = Newtypesymbol value; negative; kind } -> + B.Int { value; negative; kind = dint_kind kind } + | Float { value = Newtypesymbol value; negative; kind } -> + B.Float { value; negative; kind = dfloat_kind kind } + | Bool b -> B.Bool b + +and dquote (Newtypequote contents : A.quote) : B.quote = + let f = function + | A.Verbatim code -> B.Verbatim code + | A.Expr e -> B.Expr (dexpr e) + | A.Pattern p -> B.Pattern (dpat p) + | A.Ty t -> B.Typ (dty t) + in + { contents = List.map ~f contents; witness = F.quote } + +and ditem_quote_origin (iqo : A.item_quote_origin) : B.item_quote_origin = + { + item_ident = dconcrete_ident iqo.item_ident; + item_kind = + (match iqo.item_kind with + | A.Fn -> `Fn + | A.TyAlias -> `TyAlias + | A.Type -> `Type + | A.MacroInvocation -> `IMacroInvokation + | A.Trait -> `Trait + | A.Impl -> `Impl + | A.Alias -> `Alias + | A.Use -> `Use + | A.Quote -> `Quote + | A.HaxError -> `HaxError + | A.NotImplementedYet -> `NotImplementedYet); + position = + (match iqo.position with + | A.Before -> `Before + | A.After -> `After + | A.Replace -> `Replace); + } + +and dloop_kind (k : A.loop_kind) : B.loop_kind = + match k with + | A.UnconditionalLoop -> B.UnconditionalLoop + | A.WhileLoop { condition } -> + B.WhileLoop { condition = dexpr condition; witness = F.while_loop } + | A.ForLoop { iterator; pat } -> + B.ForLoop { it = dexpr iterator; pat = dpat pat; witness = F.for_loop } + | A.ForIndexLoop { start; end'; var; var_ty } -> + B.ForIndexLoop + { + start = dexpr start; + end_ = dexpr end'; + var = dlocal_ident var; + var_typ = dty var_ty; + witness = F.for_index_loop; + } + +and dloop_state (s : A.loop_state) : B.loop_state = + { + bpat = dpat s.body_pat; + init = dexpr s.init; + witness = F.state_passing_loop; + } + +and darm (a : A.arm) : B.arm = + { + arm = + { + body = dexpr a.body; + guard = Option.map ~f:dguard a.guard; + arm_pat = dpat a.pat; + }; + span = dspan a.meta.span; + } + +and dguard (a : A.guard) : B.guard = + { guard = dguard' a.kind; span = dspan a.meta.span } + +and dguard' (guard : A.guard_kind) : B.guard' = + match guard with + | IfLet { lhs; rhs } -> + B.IfLet { lhs = dpat lhs; rhs = dexpr rhs; witness = F.match_guard } + +and dlhs (lhs : A.lhs) : B.lhs = + match lhs with + | A.LocalVar { var; ty } -> + B.LhsLocalVar { var = dlocal_ident var; typ = dty ty } + | A.ArbitraryExpr e -> + B.LhsArbitraryExpr { e = dexpr e; witness = F.arbitrary_lhs } + | A.FieldAccessor { e; field; ty } -> + B.LhsFieldAccessor + { + e = dlhs e; + field = dglobal_ident field; + typ = dty ty; + witness = F.nontrivial_lhs; + } + | A.ArrayAccessor { e; index; ty } -> + B.LhsArrayAccessor + { + e = dlhs e; + index = dexpr index; + typ = dty ty; + witness = F.nontrivial_lhs; + } + +let dgeneric_param ({ ident; meta; kind } : A.generic_param) : B.generic_param = + let kind : B.generic_param_kind = + match kind with + | Lifetime -> GPLifetime { witness = F.lifetime } + | Type -> GPType + | Const { ty } -> GPConst { typ = dty ty } + in + { + ident = dlocal_ident ident; + span = dspan meta.span; + attrs = dattributes meta.attributes; + kind; + } + +let dgeneric_constraint (generic_constraint : A.generic_constraint) : + B.generic_constraint = + match generic_constraint with + | Lifetime lf -> GCLifetime (lf, F.lifetime) + | Type impl_ident -> GCType (dimpl_ident impl_ident) + | Projection projection -> GCProjection (dprojection_predicate projection) + +let dgenerics (g : A.generics) : B.generics = + { + constraints = List.map ~f:dgeneric_constraint g.constraints; + params = List.map ~f:dgeneric_param g.params; + } + +let dparam (p : A.param) : B.param = + { + attrs = dattributes p.attributes; + pat = dpat p.pat; + typ = dty p.ty; + typ_span = Option.map ~f:dspan p.ty_span; + } + +let dvariant (v : A.variant) : B.variant = + { + arguments = + List.map + ~f:(fun (id, t, a) -> (dconcrete_ident id, dty t, dattributes a)) + v.arguments; + attrs = dattributes v.attributes; + is_record = v.is_record; + name = dconcrete_ident v.name; + } + +let dtrait_item' (ti : A.trait_item_kind) : B.trait_item' = + match ti with + | Type idents -> TIType (List.map ~f:dimpl_ident idents) + | Fn t -> TIFn (dty t) + | Default { params; body } -> + TIDefault + { + params = List.map ~f:dparam params; + body = dexpr body; + witness = F.trait_item_default; + } + | Resugared _ -> refute_resugared "trait_item" + +let dtrait_item (ti : A.trait_item) : B.trait_item = + { + ti_generics = dgenerics ti.generics; + ti_ident = dconcrete_ident ti.ident; + ti_v = dtrait_item' ti.kind; + ti_span = dspan ti.meta.span; + ti_attrs = dattributes ti.meta.attributes; + } + +let dimpl_item' (ii : A.impl_item_kind) : B.impl_item' = + match ii with + | Type { ty; parent_bounds } -> + IIType + { + typ = dty ty; + parent_bounds = List.map ~f:(dimpl_expr *** dimpl_ident) parent_bounds; + } + | Fn { body; params } -> + IIFn { body = dexpr body; params = List.map ~f:dparam params } + | Resugared _ -> refute_resugared "impl_item" + +let dimpl_item (ii : A.impl_item) : B.impl_item = + { + ii_generics = dgenerics ii.generics; + ii_ident = dconcrete_ident ii.ident; + ii_v = dimpl_item' ii.kind; + ii_span = dspan ii.meta.span; + ii_attrs = dattributes ii.meta.attributes; + } + +let ditem' (item : A.item_kind) : B.item' = + match item with + | A.Fn { name; generics; body; params; safety } -> + B.Fn + { + name = dconcrete_ident name; + generics = dgenerics generics; + body = dexpr body; + params = List.map ~f:dparam params; + safety = dsafety_kind safety; + } + | A.Type { name; generics; variants; is_struct } -> + B.Type + { + name = dconcrete_ident name; + generics = dgenerics generics; + variants = List.map ~f:dvariant variants; + is_struct; + } + | A.TyAlias { name; generics; ty } -> + B.TyAlias + { + name = dconcrete_ident name; + generics = dgenerics generics; + ty = dty ty; + } + | A.Trait { name; generics; items } -> + B.Trait + { + name = dconcrete_ident name; + generics = dgenerics generics; + items = List.map ~f:dtrait_item items; + safety = failwith "TODO"; + } + | A.Impl + { + generics; + self_ty; + of_trait = trait_id, trait_generics; + items; + parent_bounds; + safety; + } -> + B.Impl + { + generics = dgenerics generics; + self_ty = dty self_ty; + of_trait = + (dconcrete_ident trait_id, List.map ~f:dgeneric_value trait_generics); + items = List.map ~f:dimpl_item items; + parent_bounds = + List.map + ~f:(fun (impl, ident) -> (dimpl_expr impl, dimpl_ident ident)) + parent_bounds; + safety = dsafety_kind safety; + } + | A.Alias { name; item } -> + B.Alias { name = dconcrete_ident name; item = dconcrete_ident item } + | A.Use { path; is_external; rename } -> B.Use { path; is_external; rename } + | A.Quote { quote; origin } -> + B.Quote { quote = dquote quote; origin = ditem_quote_origin origin } + | A.Error diag -> HaxError (from_diagnostic_payload diag) + | A.NotImplementedYet -> B.NotImplementedYet + | Resugared _ -> refute_resugared "item_kind" + +let ditem (i : A.item) : B.item list = + [ + { + ident = dconcrete_ident i.ident; + v = ditem' i.kind; + span = dspan i.meta.span; + attrs = dattributes i.meta.attributes; + }; + ] From b3f14e07ef07699e784d9d6c6a087ebd37048172 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Tue, 4 Nov 2025 11:40:42 +0100 Subject: [PATCH 40/56] fix(engine/import_ast): missing cases --- engine/lib/export_ast.ml | 11 ++++++++--- engine/lib/import_ast.ml | 13 ++++++------- rust-engine/src/ast.rs | 6 ++++++ 3 files changed, 20 insertions(+), 10 deletions(-) diff --git a/engine/lib/export_ast.ml b/engine/lib/export_ast.ml index 197358ee0..092fc8a6b 100644 --- a/engine/lib/export_ast.ml +++ b/engine/lib/export_ast.ml @@ -298,16 +298,21 @@ module Make (FA : Features.T) = struct Option.map ~f:(fun (k, _) -> dcontrol_flow_kind k) control_flow; label = Option.map ~f:(fun s -> B.Newtypesymbol s) label; } - | Break { e; acc = _; label; witness = _ } -> + | Break { e; acc; label; witness = _ } -> Break { value = dexpr e; label = Option.map ~f:(fun s -> B.Newtypesymbol s) label; + state = Option.map ~f:(fst >> dexpr) acc; } | Return { e; witness = _ } -> Return { value = dexpr e } | QuestionMark _ -> deprecated_node "QuestionMark" - | Continue { acc = _; label; witness = _ } -> - Continue { label = Option.map ~f:(fun s -> B.Newtypesymbol s) label } + | Continue { acc; label; witness = _ } -> + Continue + { + label = Option.map ~f:(fun s -> B.Newtypesymbol s) label; + state = Option.map ~f:(fst >> dexpr) acc; + } | Borrow { kind; e; witness = _ } -> Borrow { diff --git a/engine/lib/import_ast.ml b/engine/lib/import_ast.ml index 83ad91c71..f189f3b23 100644 --- a/engine/lib/import_ast.ml +++ b/engine/lib/import_ast.ml @@ -143,7 +143,6 @@ let rec dty (Newtypety ty : A.ty) : B.ty = | RawPointer -> TRawPointer { witness = F.raw_pointer } | Dyn goals -> TDyn { witness = F.dyn; goals = List.map ~f:ddyn_trait_goal goals } - | Tuple _ -> failwith "kill tuple constructor!" | Resugared _ -> refute_resugared "ty" | Error s -> U.HaxFailure.Build.ty (from_diagnostic_payload s) @@ -372,20 +371,20 @@ and dexpr' span typ (expr : A.expr_kind) : B.expr' = label = Option.map ~f:(fun (A.Newtypesymbol s) -> s) label; witness = F.loop; } - | Break { value; label } -> + | Break { value; label; state } -> Break { e = dexpr value; label = Option.map ~f:(fun (A.Newtypesymbol s) -> s) label; - acc = failwith "todo"; + acc = Option.map ~f:(fun e -> (dexpr e, F.state_passing_loop)) state; witness = (F.break, F.loop); } | Return { value } -> Return { e = dexpr value; witness = F.early_exit } - | Continue { label } -> + | Continue { label; state } -> Continue { label = Option.map ~f:(fun (Newtypesymbol s) -> s) label; - acc = failwith "todo"; + acc = Option.map ~f:(fun e -> (dexpr e, F.state_passing_loop)) state; witness = (F.continue, F.loop); } | Borrow { mutable'; inner } -> @@ -410,8 +409,8 @@ and dexpr' span typ (expr : A.expr_kind) : B.expr' = captures = List.map ~f:dexpr captures; } | Quote { contents } -> Quote (dquote contents) - | Tuple _ | Deref _ -> failwith "TODO, remove me" - | Resugared _ -> refute_resugared "ty" + | Deref _ -> failwith "TODO" + | Resugared _ -> refute_resugared "expr" | Error diag -> (U.HaxFailure.Build.expr span typ (from_diagnostic_payload diag) "").e diff --git a/rust-engine/src/ast.rs b/rust-engine/src/ast.rs index 40c9dc358..6950fc04f 100644 --- a/rust-engine/src/ast.rs +++ b/rust-engine/src/ast.rs @@ -997,6 +997,9 @@ pub enum ExprKind { value: Expr, /// What loop shall we break? By default, the parent enclosing loop. label: Option, + /// When a loop has a state (see [`ExprKind::Loop::state`]), this field + /// `state` is `Some(_)`. This carries the updated state for the loop. + state: Option, }, /// Return from a function. @@ -1015,6 +1018,9 @@ pub enum ExprKind { Continue { /// The loop we continue. label: Option, + /// When a loop has a state (see [`ExprKind::Loop::state`]), this field + /// `state` is `Some(_)`. This carries the updated state for the loop. + state: Option, }, /// Closure (anonymous function) From 9341641f8c3d1adce43d39f9a6791e1e439b06d0 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Tue, 4 Nov 2025 12:55:43 +0100 Subject: [PATCH 41/56] feat(engine): error_node bridge --- engine/lib/export_ast.ml | 32 ++++++++++++++++++-------------- engine/lib/import_ast.ml | 26 ++++++++++++++++---------- hax-types/src/diagnostics/mod.rs | 6 +++++- 3 files changed, 39 insertions(+), 25 deletions(-) diff --git a/engine/lib/export_ast.ml b/engine/lib/export_ast.ml index 092fc8a6b..7ba5f53e0 100644 --- a/engine/lib/export_ast.ml +++ b/engine/lib/export_ast.ml @@ -6,18 +6,22 @@ type missing_type = unit module B = Rust_engine_types -let to_diagnostic_payload (span : Ast.span) (payload : string) = - try [%of_yojson: Types.diagnostic] (Yojson.Safe.from_string payload) +let to_error_node (span : Ast.span) (payload : string) : Types.error_node = + try [%of_yojson: Types.error_node] (Yojson.Safe.from_string payload) with _ -> - let node : Types.fragment = Unknown "OCamlEngineError" in - let info : B.diagnostic_info = - { - context = Import; - kind = Custom payload; - span = Span.to_rust_ast_span span; - } + let diagnostic : Types.diagnostic = + let node : Types.fragment = Unknown "OCamlEngineError" in + let info : B.diagnostic_info = + { + context = Import; + kind = OcamlEngineErrorPayload payload; + span = Span.to_rust_ast_span span; + } + in + { node; info } in - { node; info } + + { fragment = Unknown "OCamlEngineError"; diagnostics = [ diagnostic ] } module Make (FA : Features.T) = struct open Ast @@ -65,7 +69,7 @@ module Make (FA : Features.T) = struct and dty (span : Ast.span) (ty : A.ty) : B.ty = match U.HaxFailure.Destruct.ty ty with - | Some s -> Newtypety (Error (to_diagnostic_payload span s)) + | Some s -> Newtypety (Error (to_error_node span s)) | None -> dty_no_error span ty and dint_kind (ik : int_kind) : B.int_kind = @@ -191,7 +195,7 @@ module Make (FA : Features.T) = struct and dpat (p : A.pat) : B.pat = let kind : B.pat_kind = match U.HaxFailure.Destruct.pat p with - | Some s -> Error (to_diagnostic_payload p.span s) + | Some s -> Error (to_error_node p.span s) | _ -> dpat' p.span p.p in { kind; meta = dmetadata p.span; ty = dty p.span p.typ } @@ -237,7 +241,7 @@ module Make (FA : Features.T) = struct and dexpr (e : A.expr) : B.expr = let kind : B.expr_kind = match U.HaxFailure.Destruct.expr e with - | Some (s, _) -> Error (to_diagnostic_payload e.span s) + | Some (s, _) -> Error (to_error_node e.span s) | None -> dexpr' e.span e.e in { kind; ty = dty e.span e.typ; meta = dmetadata e.span } @@ -572,7 +576,7 @@ module Make (FA : Features.T) = struct B.Quote { quote = dquote span quote; origin = ditem_quote_origin origin } | A.NotImplementedYet -> B.NotImplementedYet - | A.HaxError s -> Error (to_diagnostic_payload span s) + | A.HaxError s -> Error (to_error_node span s) let ditem (i : A.item) : B.item list = [ diff --git a/engine/lib/import_ast.ml b/engine/lib/import_ast.ml index f189f3b23..5c093168a 100644 --- a/engine/lib/import_ast.ml +++ b/engine/lib/import_ast.ml @@ -107,10 +107,18 @@ module SpecialNames = struct else `Concrete id end -let from_diagnostic_payload (diagnostic : Types.diagnostic) : string = - match (diagnostic.node, diagnostic.info.kind) with - | Unknown "OCamlEngineError", Custom payload -> payload - | _ -> [%yojson_of: Types.diagnostic] diagnostic |> Yojson.Safe.to_string +let from_error_node (error_node : Types.error_node) : string = + match (error_node.fragment, error_node.diagnostics) with + | ( Unknown "OCamlEngineError", + [ + { + node = Unknown "OCamlEngineError"; + info = { kind = OcamlEngineErrorPayload payload; _ }; + _; + }; + ] ) -> + payload + | _ -> [%yojson_of: Types.error_node] error_node |> Yojson.Safe.to_string let dsafety_kind (safety : A.safety_kind) : B.safety_kind = match safety with Safe -> B.Safe | Unsafe -> B.Unsafe F.unsafe @@ -144,7 +152,7 @@ let rec dty (Newtypety ty : A.ty) : B.ty = | Dyn goals -> TDyn { witness = F.dyn; goals = List.map ~f:ddyn_trait_goal goals } | Resugared _ -> refute_resugared "ty" - | Error s -> U.HaxFailure.Build.ty (from_diagnostic_payload s) + | Error s -> U.HaxFailure.Build.ty (from_error_node s) and dint_kind (ik : A.int_kind) : B.int_kind = let size : B.size = @@ -295,7 +303,7 @@ and dpat' span parent_ty (pat : A.pat_kind) : B.pat' = } | Resugared _ -> refute_resugared "ty" | Error diag -> - let s = from_diagnostic_payload diag in + let s = from_error_node diag in (U.HaxFailure.Build.pat span parent_ty s).p and dbinding_mode (binding_mode : A.binding_mode) : B.binding_mode = @@ -409,10 +417,8 @@ and dexpr' span typ (expr : A.expr_kind) : B.expr' = captures = List.map ~f:dexpr captures; } | Quote { contents } -> Quote (dquote contents) - | Deref _ -> failwith "TODO" | Resugared _ -> refute_resugared "expr" - | Error diag -> - (U.HaxFailure.Build.expr span typ (from_diagnostic_payload diag) "").e + | Error diag -> (U.HaxFailure.Build.expr span typ (from_error_node diag) "").e and dcontrol_flow_kind (cfk : A.control_flow_kind) : B.cf_kind = match cfk with BreakOnly -> B.BreakOnly | BreakOrReturn -> B.BreakOrReturn @@ -675,7 +681,7 @@ let ditem' (item : A.item_kind) : B.item' = | A.Use { path; is_external; rename } -> B.Use { path; is_external; rename } | A.Quote { quote; origin } -> B.Quote { quote = dquote quote; origin = ditem_quote_origin origin } - | A.Error diag -> HaxError (from_diagnostic_payload diag) + | A.Error diag -> HaxError (from_error_node diag) | A.NotImplementedYet -> B.NotImplementedYet | Resugared _ -> refute_resugared "item_kind" diff --git a/hax-types/src/diagnostics/mod.rs b/hax-types/src/diagnostics/mod.rs index 0e3fb8c82..7acc33066 100644 --- a/hax-types/src/diagnostics/mod.rs +++ b/hax-types/src/diagnostics/mod.rs @@ -105,7 +105,8 @@ impl Kind { Kind::ExpectedMutRef => Some(420), Kind::NonTrivialAndMutFnInput => Some(1405), Kind::AttributeRejected { .. } => None, - Kind::FStarParseError { .. } => todo!(), + Kind::FStarParseError { .. } => None, + Kind::OcamlEngineErrorPayload { .. } => None, } } } @@ -180,6 +181,9 @@ pub enum Kind { fstar_snippet: String, details: String, } = 13, + + /// Internal encoding + OcamlEngineErrorPayload(String) = 9999, } impl Kind { From b4fe417e4dcd5a65e43e00b2ef63ba3242252abe Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Tue, 4 Nov 2025 12:56:13 +0100 Subject: [PATCH 42/56] fix(engine): identifiers bridge --- engine/lib/concrete_ident/explicit_def_id.mli | 4 +- engine/lib/import_ast.ml | 115 +++--------------- 2 files changed, 22 insertions(+), 97 deletions(-) diff --git a/engine/lib/concrete_ident/explicit_def_id.mli b/engine/lib/concrete_ident/explicit_def_id.mli index 3c9622c24..8b458718f 100644 --- a/engine/lib/concrete_ident/explicit_def_id.mli +++ b/engine/lib/concrete_ident/explicit_def_id.mli @@ -84,7 +84,7 @@ module ImplInfoStore : sig [None] even though the supplied identifier points to an [Impl] block. *) end -val def_id_to_rust_ast : Types.def_id_contents -> Types.def_id2 -val def_id_from_rust_ast : Types.def_id2 -> Types.def_id_contents +val def_id_to_rust_ast : Types.def_id_contents -> Types.def_id_inner +val def_id_from_rust_ast : Types.def_id_inner -> Types.def_id_contents val to_rust_ast : t -> Rust_engine_types.explicit_def_id val from_rust_ast : Rust_engine_types.explicit_def_id -> t diff --git a/engine/lib/import_ast.ml b/engine/lib/import_ast.ml index 5c093168a..75b2d93d8 100644 --- a/engine/lib/import_ast.ml +++ b/engine/lib/import_ast.ml @@ -21,92 +21,6 @@ end module U = Ast_utils.Make (F) module Build = Ast_builder.Make (F) -module SpecialNames = struct - let rec map_strings (f : string -> string) - ({ kind; krate; parent; path } : Types.def_id2) : Types.def_id2 = - let path = - List.map - ~f:(fun { data; disambiguator } -> - let data = - match data with - | Types.CrateRoot { name } -> Types.CrateRoot { name = f name } - | Types.TypeNs s -> Types.TypeNs (f s) - | Types.ValueNs s -> Types.ValueNs (f s) - | Types.MacroNs s -> Types.MacroNs (f s) - | Types.LifetimeNs s -> Types.LifetimeNs (f s) - | other -> other - in - Types.{ data; disambiguator }) - path - in - let parent = Option.map ~f:(map_strings f) parent in - Types.{ kind; krate; parent; path } - - let g len nth s = - match String.chop_prefix ~prefix:"Tuple" s with - | Some n -> ( - let n = Int.of_string_opt n in - match n with - | Some n -> - len := Some n; - "Tuple2" - | _ -> s) - | None -> ( - let n = Int.of_string_opt s in - match n with - | Some n -> - nth := Some n; - "1" - | _ -> s) - - let destruct_compare name (did : A.concrete_id) = - let len, nth = (ref None, ref None) in - let patched = map_strings (g len nth) did.def_id.def_id in - let nth = !nth in - let* len = !len in - let name = Concrete_ident_generated.def_id_of name in - let name = Explicit_def_id.def_id_to_rust_ast name.contents.value in - if [%eq: Types.def_id2] name patched then Some (len, nth) else None - - let tuple_type (did : A.concrete_id) : int option = - let* len, _ = destruct_compare Rust_primitives__hax__Tuple2 did in - Some len - - let tuple_cons (did : A.concrete_id) : int option = - let* len, _ = destruct_compare Rust_primitives__hax__Tuple2__Ctor did in - Some len - - let tuple_field (did : A.concrete_id) : (int * int) option = - let* len, nth = destruct_compare Rust_primitives__hax__Tuple2__1 did in - let* nth = nth in - Some (len, nth) - - let expect_tuple_global_id (did : A.concrete_id) : Ast.Global_ident.t option = - match tuple_type did with - | Some len -> Some (`TupleType len) - | None -> ( - match tuple_cons did with - | Some len -> Some (`TupleCons len) - | None -> ( - match tuple_field did with - | Some (len, nth) -> Some (`TupleField (nth, len)) - | None -> None)) - - let conv (did : A.concrete_id) = - match expect_tuple_global_id did with - | Some id -> id - | None -> - let id = Concrete_ident.from_rust_ast did in - let eq n = Concrete_ident.eq_name n id in - if eq Rust_primitives__hax__deref_op then `Primitive Deref - else if eq Rust_primitives__hax__cast_op then `Primitive Cast - else if eq Rust_primitives__hax__logical_op_and then - `Primitive (LogicalOp And) - else if eq Rust_primitives__hax__logical_op_or then - `Primitive (LogicalOp Or) - else `Concrete id -end - let from_error_node (error_node : Types.error_node) : string = match (error_node.fragment, error_node.diagnostics) with | ( Unknown "OCamlEngineError", @@ -173,16 +87,27 @@ and dint_kind (ik : A.int_kind) : B.int_kind = and dfloat_kind (fk : A.float_kind) : B.float_kind = match fk with F16 -> F16 | F32 -> F32 | F64 -> F64 | F128 -> F128 -and dglobal_ident (gi : A.global_id) : B.global_ident = +and dglobal_ident (Newtypeglobal_id gi : A.global_id) : B.global_ident = match gi with - | Types.Concrete c -> SpecialNames.conv c - | Types.Projector c -> - let c = SpecialNames.conv c in - `Projector - (match c with - | `Concrete id -> `Concrete id - | `TupleField f -> `TupleField f - | _ -> broken_invariant "incorrect projector") + | Types.Concrete c -> ( + let ci = Concrete_ident.from_rust_ast c in + match c.def_id.def_id.kind with + | Field -> `Projector (`Concrete ci) + | _ -> + let is name = Concrete_ident.eq_name name ci in + if is Rust_primitives__hax__deref_op then `Primitive Deref + else if is Rust_primitives__hax__cast_op then `Primitive Cast + else if is Rust_primitives__hax__logical_op_and then + `Primitive (LogicalOp And) + else if is Rust_primitives__hax__logical_op_or then + `Primitive (LogicalOp Or) + else `Concrete ci) + | Types.Tuple t -> ( + match t with + | Types.Type { length } -> `TupleType (Int.of_string length) + | Types.Constructor { length } -> `TupleCons (Int.of_string length) + | Types.Field { length; field } -> + `TupleField (Int.of_string field, Int.of_string length)) and dlocal_ident (Newtypelocal_id (Newtypesymbol li) : A.local_id) : B.local_ident = From 582dcab754e9da8d16f0bc42b7561f4cb5e30926 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Tue, 4 Nov 2025 13:02:34 +0100 Subject: [PATCH 43/56] feat(engines): add Trait.safety, reflect on bridges --- engine/lib/export_ast.ml | 3 ++- engine/lib/import_ast.ml | 4 ++-- rust-engine/src/ast.rs | 3 +++ rust-engine/src/backends/lean.rs | 1 + 4 files changed, 8 insertions(+), 3 deletions(-) diff --git a/engine/lib/export_ast.ml b/engine/lib/export_ast.ml index 7ba5f53e0..9cbde557f 100644 --- a/engine/lib/export_ast.ml +++ b/engine/lib/export_ast.ml @@ -538,12 +538,13 @@ module Make (FA : Features.T) = struct ty = dty span ty; } | A.IMacroInvokation _ -> deprecated_node "IMacroInvokation" - | A.Trait { name; generics; items; safety = _ } -> + | A.Trait { name; generics; items; safety } -> B.Trait { name = dconcrete_ident name; generics = dgenerics span generics; items = List.map ~f:dtrait_item items; + safety = dsafety_kind safety; } | A.Impl { diff --git a/engine/lib/import_ast.ml b/engine/lib/import_ast.ml index 75b2d93d8..071da0101 100644 --- a/engine/lib/import_ast.ml +++ b/engine/lib/import_ast.ml @@ -571,13 +571,13 @@ let ditem' (item : A.item_kind) : B.item' = generics = dgenerics generics; ty = dty ty; } - | A.Trait { name; generics; items } -> + | A.Trait { name; generics; items; safety } -> B.Trait { name = dconcrete_ident name; generics = dgenerics generics; items = List.map ~f:dtrait_item items; - safety = failwith "TODO"; + safety = dsafety_kind safety; } | A.Impl { diff --git a/rust-engine/src/ast.rs b/rust-engine/src/ast.rs index 6950fc04f..c2b5464e2 100644 --- a/rust-engine/src/ast.rs +++ b/rust-engine/src/ast.rs @@ -1351,6 +1351,9 @@ pub enum ItemKind { /// # Example: /// `type Assoc;`, `fn m ...;` items: Vec, + + /// Safe or unsafe + safety: SafetyKind, }, /// A trait implementation. diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index e21afb2a8..2f4b82808 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -974,6 +974,7 @@ set_option linter.unusedVariables false name, generics, items, + safety: _, } => { // Type parameters are also parameters of the class, but constraints are fields of the class docs![ From 8276c16b7aec05e7d8a6f9c18d7d286d92e97e8d Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Tue, 4 Nov 2025 13:02:50 +0100 Subject: [PATCH 44/56] fix(rengine): kill ExprKind::Deref --- rust-engine/src/ast.rs | 6 ------ rust-engine/src/backends/lean.rs | 2 +- rust-engine/src/phase/explicit_monadic.rs | 3 +-- 3 files changed, 2 insertions(+), 9 deletions(-) diff --git a/rust-engine/src/ast.rs b/rust-engine/src/ast.rs index c2b5464e2..27874a755 100644 --- a/rust-engine/src/ast.rs +++ b/rust-engine/src/ast.rs @@ -915,12 +915,6 @@ pub enum ExprKind { inner: Expr, }, - /// A dereference - /// - /// # Example: - /// `*x` - Deref(Expr), - /// A `let` expression used in expressions. /// /// # Example: diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index 2f4b82808..1f1e0c4b1 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -612,7 +612,7 @@ set_option linter.unusedVariables false ] .group(), - ExprKind::Borrow { .. } | ExprKind::Deref(_) => { + ExprKind::Borrow { .. } => { unreachable_by_invariant!(Drop_references) } ExprKind::AddressOf { .. } => unreachable_by_invariant!(Reject_raw_or_mut_pointer), diff --git a/rust-engine/src/phase/explicit_monadic.rs b/rust-engine/src/phase/explicit_monadic.rs index 77437e9ce..ae9fb6489 100644 --- a/rust-engine/src/phase/explicit_monadic.rs +++ b/rust-engine/src/phase/explicit_monadic.rs @@ -183,8 +183,7 @@ impl ExplicitMonadicVisitor { } ExprKind::Assign { value: inner, .. } | ExprKind::Borrow { inner, .. } - | ExprKind::AddressOf { inner, .. } - | ExprKind::Deref(inner) => { + | ExprKind::AddressOf { inner, .. } => { self.visit_expr_coerce(MonadicStatus::Value, inner); Some(MonadicStatus::Value) } From 3889c08f79ee7e9773ba622d9df9e88641e2a430 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Tue, 4 Nov 2025 13:26:16 +0100 Subject: [PATCH 45/56] refactor(oengine): split `driver_for_rust_engine` --- engine/bin/lib.ml | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/engine/bin/lib.ml b/engine/bin/lib.ml index 9a8cd7359..69a068723 100644 --- a/engine/bin/lib.ml +++ b/engine/bin/lib.ml @@ -258,17 +258,12 @@ let engine () = Logs.info (fun m -> m "Exiting Hax engine (with an unexpected failure)"); Printexc.raise_with_backtrace exn bt +module ExportFullAst = Export_ast.Make (Features.Full) module ExportRustAst = Export_ast.Make (Features.Rust) module ExportLeanAst = Export_ast.Make (Lean_backend.InputLanguage) -(** Entry point for interacting with the Rust hax engine *) -let driver_for_rust_engine () : unit = - let query : Rust_engine_types.query = - let json = load_table ~check_version:false in - [%of_yojson: Rust_engine_types.query] json - in - Concrete_ident.ImplInfoStore.init - (Concrete_ident_generated.impl_infos @ query.impl_infos); +let driver_for_rust_engine_inner (query : Rust_engine_types.query) : + Rust_engine_types.response = match query.kind with | Types.ImportThir { input; apply_phases; translation_options } -> (* Note: `apply_phases` comes from the type `QueryKind` in @@ -286,6 +281,16 @@ let driver_for_rust_engine () : unit = imported_items else List.concat_map ~f:ExportRustAst.ditem imported_items in - let response = Rust_engine_types.ImportThir { output = rust_ast_items } in - Hax_io.write_json ([%yojson_of: Rust_engine_types.response] response); - Hax_io.write_json ([%yojson_of: Types.from_engine] Exit) + Rust_engine_types.ImportThir { output = rust_ast_items } + +(** Entry point for interacting with the Rust hax engine *) +let driver_for_rust_engine () : unit = + let query : Rust_engine_types.query = + let json = load_table ~check_version:false in + [%of_yojson: Rust_engine_types.query] json + in + Concrete_ident.ImplInfoStore.init + (Concrete_ident_generated.impl_infos @ query.impl_infos); + let response = driver_for_rust_engine_inner query in + Hax_io.write_json ([%yojson_of: Rust_engine_types.response] response); + Hax_io.write_json ([%yojson_of: Types.from_engine] Exit) From 2890372a10df7651e0e3955999a88aaf91019780 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Tue, 4 Nov 2025 13:29:22 +0100 Subject: [PATCH 46/56] feat(engines): driver for rust engine: add ApplyPhases --- engine/bin/lib.ml | 10 ++++++++++ rust-engine/src/ocaml_engine.rs | 13 +++++++++++++ 2 files changed, 23 insertions(+) diff --git a/engine/bin/lib.ml b/engine/bin/lib.ml index 69a068723..8de2886e8 100644 --- a/engine/bin/lib.ml +++ b/engine/bin/lib.ml @@ -282,6 +282,16 @@ let driver_for_rust_engine_inner (query : Rust_engine_types.query) : else List.concat_map ~f:ExportRustAst.ditem imported_items in Rust_engine_types.ImportThir { output = rust_ast_items } + | Types.ApplyPhases { input; phases } -> + let items = List.concat_map ~f:Import_ast.ditem input in + let items = + List.fold ~init:items + ~f:(fun items phase -> + match phase with Rust_engine_types.Noop -> items) + phases + in + let output = List.concat_map ~f:ExportFullAst.ditem items in + Rust_engine_types.ApplyPhases { output } (** Entry point for interacting with the Rust hax engine *) let driver_for_rust_engine () : unit = diff --git a/rust-engine/src/ocaml_engine.rs b/rust-engine/src/ocaml_engine.rs index 35bd00c1a..59d4a874f 100644 --- a/rust-engine/src/ocaml_engine.rs +++ b/rust-engine/src/ocaml_engine.rs @@ -41,6 +41,16 @@ pub enum QueryKind { /// Translation options which contains include clauses (items filtering) translation_options: hax_types::cli_options::TranslationOptions, }, + + ApplyPhases { + input: Vec, + phases: Vec, + }, +} + +#[derive(Debug, Clone, ::schemars::JsonSchema, ::serde::Deserialize, ::serde::Serialize)] +pub enum OCamlPhase { + Noop, } /// A Response after a [`Query`] @@ -51,6 +61,9 @@ pub enum Response { /// The output Rust AST items output: Vec, }, + ApplyPhases { + output: Vec, + }, } /// Extends the common `ToEngine` messages with one extra case: `Query`. From 9e54f43b8fb77341b794486a6fbb90fff98c864a Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Tue, 10 Jun 2025 11:00:28 +0200 Subject: [PATCH 47/56] feat(engine): intro `Untyped_phases` module (runtime-checked phases) --- engine/lib/diagnostics.ml | 1 + engine/lib/untyped_phases/gen.js | 111 ++ engine/lib/untyped_phases/untyped_phases.ml | 1139 +++++++++++++++++++ 3 files changed, 1251 insertions(+) create mode 100755 engine/lib/untyped_phases/gen.js create mode 100644 engine/lib/untyped_phases/untyped_phases.ml diff --git a/engine/lib/diagnostics.ml b/engine/lib/diagnostics.ml index 4e555ead4..d37424a8e 100644 --- a/engine/lib/diagnostics.ml +++ b/engine/lib/diagnostics.ml @@ -10,6 +10,7 @@ module Phase = struct module Rejection = struct type t = | NotInBackendLang of Backend.t + | CoercionForUntypedPhase of string | ArbitraryLhs | Continue | Break diff --git a/engine/lib/untyped_phases/gen.js b/engine/lib/untyped_phases/gen.js new file mode 100755 index 000000000..3d4cd5d18 --- /dev/null +++ b/engine/lib/untyped_phases/gen.js @@ -0,0 +1,111 @@ +#!/usr/bin/env node +const { readdirSync, readFileSync } = require('fs'); + +let f = s => ((s.split("include module type")[0] || "").match(/(with|and) type[^)]*/g) || []).join("").split('and type').map(x => x.replace(/(with|and) type/g, '').trim()).filter(x => x).map(x => x.split('=')[1].trim().split('.').slice(1)); + +let phases = readdirSync("../phases").filter(x => x.endsWith(".mli")).map(filename => ({ + filename, + contents: f(readFileSync("../phases/" + filename).toString()), +})); + +console.log(` +open Prelude + +module type PHASE_FULL = + Phase_utils.PHASE + with module FA = Features.Full + and module FB = Features.Full + and module A = Ast.Full + and module B = Ast.Full + +module BindPhaseFull (A : PHASE_FULL) (B : PHASE_FULL) : PHASE_FULL = struct + include Phase_utils.BindPhase (A) (B) + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full +end + +module IdentityFull : PHASE_FULL = struct + include Phase_utils.Identity (Features.Full) + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full +end + +let bind (module A : PHASE_FULL) (module B : PHASE_FULL) : (module PHASE_FULL) = + (module BindPhaseFull (A) (B)) + +let bind_list : (module PHASE_FULL) list -> (module PHASE_FULL) = + List.reduce ~f:bind + >> Option.value ~default:(module IdentityFull : PHASE_FULL) + +`); + +for (let phase of phases) { + let name_lc = phase.filename.replace(/^phase_/, "").replace(/[.]mli$/, ""); + let name = name_lc.replace(/^(.)/, l => l.toUpperCase()); + phase.name_lc = name_lc; + phase.name = name; + + console.log(` +module ${name} : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + ${phase.contents.map(([status, f]) => `include ${status}.${f.replace(/^(.)/, l => l.toUpperCase())}`).join('\n')} + end + + module Phase = Phases.${name} (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + ${phase.contents.map(([status, f]) => + `let ${f} = ` + (status == 'On' ? 'fun _ _ -> Features.On.' + f : 'reject') + ).join('\n')} + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end +`); +} + + +for (let phase of phases) { + console.log(`let ${phase.name_lc} : (module PHASE_FULL) = (module ${phase.name})`) +} +console.log(`let phases_list : (module PHASE_FULL) list = [${phases.map(p => p.name_lc).join(';')}]`) + + +console.log(` +let phase_of_name: string -> (module PHASE_FULL) option = + function + ${phases.map(p => `| "${p.name_lc}" -> Some ${p.name_lc}`).join('')} + | _ -> None + +let phases: string list = [${phases.map(p => `"${p.name_lc}"`).join(';')}] +`); + + + + diff --git a/engine/lib/untyped_phases/untyped_phases.ml b/engine/lib/untyped_phases/untyped_phases.ml new file mode 100644 index 000000000..9dfe11fc3 --- /dev/null +++ b/engine/lib/untyped_phases/untyped_phases.ml @@ -0,0 +1,1139 @@ + +open Prelude + +module type PHASE_FULL = + Phase_utils.PHASE + with module FA = Features.Full + and module FB = Features.Full + and module A = Ast.Full + and module B = Ast.Full + +module BindPhaseFull (A : PHASE_FULL) (B : PHASE_FULL) : PHASE_FULL = struct + include Phase_utils.BindPhase (A) (B) + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full +end + +module IdentityFull : PHASE_FULL = struct + include Phase_utils.Identity (Features.Full) + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full +end + +let bind (module A : PHASE_FULL) (module B : PHASE_FULL) : (module PHASE_FULL) = + (module BindPhaseFull (A) (B)) + +let bind_list : (module PHASE_FULL) list -> (module PHASE_FULL) = + List.reduce ~f:bind + >> Option.value ~default:(module IdentityFull : PHASE_FULL) + + + +module And_mut_defsite : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + include On.Mutable_variable +include On.Mutable_reference +include On.Nontrivial_lhs +include On.Arbitrary_lhs +include On.Reference + end + + module Phase = Phases.And_mut_defsite (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + let mutable_variable = fun _ _ -> Features.On.mutable_variable +let mutable_reference = fun _ _ -> Features.On.mutable_reference +let nontrivial_lhs = fun _ _ -> Features.On.nontrivial_lhs +let arbitrary_lhs = fun _ _ -> Features.On.arbitrary_lhs +let reference = fun _ _ -> Features.On.reference + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Bundle_cycles : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Bundle_cycles (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Cf_into_monads : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + include Off.Monadic_action +include Off.Monadic_binding + end + + module Phase = Phases.Cf_into_monads (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + let monadic_action = reject +let monadic_binding = reject + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Direct_and_mut : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + include Off.Raw_pointer +include Off.Mutable_pointer + end + + module Phase = Phases.Direct_and_mut (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + let raw_pointer = reject +let mutable_pointer = reject + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Drop_blocks : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Drop_blocks (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Drop_match_guards : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Drop_match_guards (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Drop_references : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + include Off.Raw_pointer +include Off.Mutable_reference + end + + module Phase = Phases.Drop_references (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + let raw_pointer = reject +let mutable_reference = reject + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Drop_return_break_continue : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Drop_return_break_continue (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Drop_sized_trait : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Drop_sized_trait (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Functionalize_loops : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + include Off.Continue +include Off.Early_exit +include Off.Break + end + + module Phase = Phases.Functionalize_loops (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + let continue = reject +let early_exit = reject +let break = reject + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Hoist_disjunctive_patterns : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Hoist_disjunctive_patterns (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Local_mutation : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + include Off.Mutable_reference +include Off.Mutable_pointer +include Off.Raw_pointer +include Off.Arbitrary_lhs +include Off.Nontrivial_lhs +include Off.Monadic_action +include Off.Monadic_binding +include Off.For_index_loop + end + + module Phase = Phases.Local_mutation (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + let mutable_reference = reject +let mutable_pointer = reject +let raw_pointer = reject +let arbitrary_lhs = reject +let nontrivial_lhs = reject +let monadic_action = reject +let monadic_binding = reject +let for_index_loop = reject + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Newtype_as_refinement : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Newtype_as_refinement (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reconstruct_asserts : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Reconstruct_asserts (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reconstruct_for_index_loops : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Reconstruct_for_index_loops (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reconstruct_for_loops : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Reconstruct_for_loops (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reconstruct_question_marks : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Reconstruct_question_marks (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reconstruct_while_loops : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Reconstruct_while_loops (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reorder_fields : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Reorder_fields (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Rewrite_control_flow : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Rewrite_control_flow (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Simplify_hoisting : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Simplify_hoisting (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Simplify_match_return : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Simplify_match_return (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Simplify_question_marks : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Simplify_question_marks (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Sort_items : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Sort_items (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Specialize : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Specialize (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Traits_specs : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Traits_specs (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Transform_hax_lib_inline : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Transform_hax_lib_inline (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Trivialize_assign_lhs : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Trivialize_assign_lhs (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + +let and_mut_defsite : (module PHASE_FULL) = (module And_mut_defsite) +let bundle_cycles : (module PHASE_FULL) = (module Bundle_cycles) +let cf_into_monads : (module PHASE_FULL) = (module Cf_into_monads) +let direct_and_mut : (module PHASE_FULL) = (module Direct_and_mut) +let drop_blocks : (module PHASE_FULL) = (module Drop_blocks) +let drop_match_guards : (module PHASE_FULL) = (module Drop_match_guards) +let drop_references : (module PHASE_FULL) = (module Drop_references) +let drop_return_break_continue : (module PHASE_FULL) = (module Drop_return_break_continue) +let drop_sized_trait : (module PHASE_FULL) = (module Drop_sized_trait) +let functionalize_loops : (module PHASE_FULL) = (module Functionalize_loops) +let hoist_disjunctive_patterns : (module PHASE_FULL) = (module Hoist_disjunctive_patterns) +let local_mutation : (module PHASE_FULL) = (module Local_mutation) +let newtype_as_refinement : (module PHASE_FULL) = (module Newtype_as_refinement) +let reconstruct_asserts : (module PHASE_FULL) = (module Reconstruct_asserts) +let reconstruct_for_index_loops : (module PHASE_FULL) = (module Reconstruct_for_index_loops) +let reconstruct_for_loops : (module PHASE_FULL) = (module Reconstruct_for_loops) +let reconstruct_question_marks : (module PHASE_FULL) = (module Reconstruct_question_marks) +let reconstruct_while_loops : (module PHASE_FULL) = (module Reconstruct_while_loops) +let reorder_fields : (module PHASE_FULL) = (module Reorder_fields) +let rewrite_control_flow : (module PHASE_FULL) = (module Rewrite_control_flow) +let simplify_hoisting : (module PHASE_FULL) = (module Simplify_hoisting) +let simplify_match_return : (module PHASE_FULL) = (module Simplify_match_return) +let simplify_question_marks : (module PHASE_FULL) = (module Simplify_question_marks) +let sort_items : (module PHASE_FULL) = (module Sort_items) +let specialize : (module PHASE_FULL) = (module Specialize) +let traits_specs : (module PHASE_FULL) = (module Traits_specs) +let transform_hax_lib_inline : (module PHASE_FULL) = (module Transform_hax_lib_inline) +let trivialize_assign_lhs : (module PHASE_FULL) = (module Trivialize_assign_lhs) +let phases_list : (module PHASE_FULL) list = [and_mut_defsite;bundle_cycles;cf_into_monads;direct_and_mut;drop_blocks;drop_match_guards;drop_references;drop_return_break_continue;drop_sized_trait;functionalize_loops;hoist_disjunctive_patterns;local_mutation;newtype_as_refinement;reconstruct_asserts;reconstruct_for_index_loops;reconstruct_for_loops;reconstruct_question_marks;reconstruct_while_loops;reorder_fields;rewrite_control_flow;simplify_hoisting;simplify_match_return;simplify_question_marks;sort_items;specialize;traits_specs;transform_hax_lib_inline;trivialize_assign_lhs] + +let phase_of_name: string -> (module PHASE_FULL) option = + function + | "and_mut_defsite" -> Some and_mut_defsite| "bundle_cycles" -> Some bundle_cycles| "cf_into_monads" -> Some cf_into_monads| "direct_and_mut" -> Some direct_and_mut| "drop_blocks" -> Some drop_blocks| "drop_match_guards" -> Some drop_match_guards| "drop_references" -> Some drop_references| "drop_return_break_continue" -> Some drop_return_break_continue| "drop_sized_trait" -> Some drop_sized_trait| "functionalize_loops" -> Some functionalize_loops| "hoist_disjunctive_patterns" -> Some hoist_disjunctive_patterns| "local_mutation" -> Some local_mutation| "newtype_as_refinement" -> Some newtype_as_refinement| "reconstruct_asserts" -> Some reconstruct_asserts| "reconstruct_for_index_loops" -> Some reconstruct_for_index_loops| "reconstruct_for_loops" -> Some reconstruct_for_loops| "reconstruct_question_marks" -> Some reconstruct_question_marks| "reconstruct_while_loops" -> Some reconstruct_while_loops| "reorder_fields" -> Some reorder_fields| "rewrite_control_flow" -> Some rewrite_control_flow| "simplify_hoisting" -> Some simplify_hoisting| "simplify_match_return" -> Some simplify_match_return| "simplify_question_marks" -> Some simplify_question_marks| "sort_items" -> Some sort_items| "specialize" -> Some specialize| "traits_specs" -> Some traits_specs| "transform_hax_lib_inline" -> Some transform_hax_lib_inline| "trivialize_assign_lhs" -> Some trivialize_assign_lhs + | _ -> None + +let phases: string list = ["and_mut_defsite";"bundle_cycles";"cf_into_monads";"direct_and_mut";"drop_blocks";"drop_match_guards";"drop_references";"drop_return_break_continue";"drop_sized_trait";"functionalize_loops";"hoist_disjunctive_patterns";"local_mutation";"newtype_as_refinement";"reconstruct_asserts";"reconstruct_for_index_loops";"reconstruct_for_loops";"reconstruct_question_marks";"reconstruct_while_loops";"reorder_fields";"rewrite_control_flow";"simplify_hoisting";"simplify_match_return";"simplify_question_marks";"sort_items";"specialize";"traits_specs";"transform_hax_lib_inline";"trivialize_assign_lhs"] + From e699701af473a1f949afde741f611ad0c162b283 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Wed, 5 Nov 2025 16:00:42 +0100 Subject: [PATCH 48/56] refactor(rengine): span: owner_hint: DefId, not id --- engine/lib/span.ml | 10 ++-------- rust-engine/src/ast/span.rs | 6 +----- 2 files changed, 3 insertions(+), 13 deletions(-) diff --git a/engine/lib/span.ml b/engine/lib/span.ml index 5451f6373..0cf1a6387 100644 --- a/engine/lib/span.ml +++ b/engine/lib/span.ml @@ -160,18 +160,12 @@ let to_rust_ast_span span : Rust_engine_types.span = { data = List.map ~f:Imported.span_to_thir span.data; id = Int.to_string span.id; - owner_hint = - Option.map - ~f:(fun (OwnerId n) -> Types.Newtypeowner_id (Int.to_string n)) - span.owner_hint; + owner_hint = owner_hint span; } let from_rust_ast_span (span : Rust_engine_types.span) : t = { data = List.map ~f:Imported.span_of_thir span.data; id = Int.of_string span.id; - owner_hint = - Option.map - ~f:(fun (Types.Newtypeowner_id n) -> OwnerId (Int.of_string n)) - span.owner_hint; + owner_hint = Option.map ~f:fresh_owner_id span.owner_hint; } diff --git a/rust-engine/src/ast/span.rs b/rust-engine/src/ast/span.rs index 68886fe49..0bc49d2cb 100644 --- a/rust-engine/src/ast/span.rs +++ b/rust-engine/src/ast/span.rs @@ -9,10 +9,6 @@ fn fresh_id() -> usize { CURRENT_ID.fetch_add(1, Ordering::Relaxed) } -/// Identifier used to track the origin Rust item of a span -#[derive_group_for_ast] -pub struct OwnerId(usize); - /// Position of a Rust source #[derive_group_for_ast] pub struct Span { @@ -27,7 +23,7 @@ pub struct Span { /// A reference to the item in which this span lives. This information is /// used for debugging and profiling purposes, e.g. for `cargo hax into /// --stats backend`. - owner_hint: Option, + owner_hint: Option, } impl Span { From 5f5b3e8ed3548502c81015ee4e74671ea1befb27 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Wed, 5 Nov 2025 16:03:24 +0100 Subject: [PATCH 49/56] refactor(cargo_hax): debug_json is now an array of JSON payloads That allows the OCaml engine to be called multiple times, each time possibly sending a certain number of JSON debug payloads. --- cli/subcommands/src/cargo_hax.rs | 9 +++-- engine/bin/lib.ml | 13 +++---- engine/lib/phase_utils.ml | 62 ++++++++++++++++---------------- hax-types/src/engine_api.rs | 2 +- 4 files changed, 42 insertions(+), 44 deletions(-) diff --git a/cli/subcommands/src/cargo_hax.rs b/cli/subcommands/src/cargo_hax.rs index 3ba22074a..c9c0a2b3a 100644 --- a/cli/subcommands/src/cargo_hax.rs +++ b/cli/subcommands/src/cargo_hax.rs @@ -298,7 +298,7 @@ fn run_engine( let mut output = Output { diagnostics: vec![], files: vec![], - debug_json: None, + debug_json: vec![], }; { let mut rctx = hax_types::diagnostics::report::ReportCtx::default(); @@ -396,9 +396,7 @@ fn run_engine( HaxMessage::ProducedFile { path, wrote }.report(message_format, None) } } - FromEngine::DebugString(debug) => { - output.debug_json = Some(debug); - } + FromEngine::DebugString(debug) => output.debug_json.push(debug), FromEngine::PrettyPrintDiagnostic(diag) => { send!(&ToEngine::PrettyPrintedDiagnostic(format!("{}", diag))); } @@ -447,8 +445,9 @@ fn run_engine( if backend.dry_run { serde_json::to_writer(std::io::BufWriter::new(std::io::stdout()), &output).unwrap() } - if let Some(debug_json) = &output.debug_json { + if !output.debug_json.is_empty() { use DebugEngineMode; + let debug_json = &format!("[{}]", output.debug_json.join(",")); match &backend.debug_engine { Some(DebugEngineMode::Interactive) => { eprintln!("----------------------------------------------"); diff --git a/engine/bin/lib.ml b/engine/bin/lib.ml index 8de2886e8..a06c891dc 100644 --- a/engine/bin/lib.ml +++ b/engine/bin/lib.ml @@ -157,7 +157,7 @@ let run (options : Types.engine_options) : Types.output = { diagnostics = List.map ~f:Diagnostics.to_thir_diagnostic diagnostics; files = Option.value ~default:[] files; - debug_json = None; + debug_json = []; } (** Shallow parses a `id_table::Node` (or a raw `T`) JSON *) @@ -224,6 +224,10 @@ let parse_options () = Profiling.enabled := options.backend.profile; options +let send_debug_strings = + Phase_utils.DebugBindPhase.export + >> List.iter ~f:(fun json -> DebugString json |> Hax_io.write) + (** Entrypoint of the engine. Assumes `Hax_io.init` was called. *) let engine () = let options = Profiling.profile (Other "parse_options") 1 parse_options in @@ -241,16 +245,12 @@ let engine () = in match result with | Ok results -> - let debug_json = Phase_utils.DebugBindPhase.export () in - let results = { results with debug_json } in - Logs.info (fun m -> m "Outputting JSON"); - List.iter ~f:(fun diag -> Diagnostic diag |> Hax_io.write) results.diagnostics; List.iter ~f:(fun file -> File file |> Hax_io.write) results.files; - Option.iter ~f:(fun json -> DebugString json |> Hax_io.write) debug_json; + send_debug_strings (); Hax_io.close (); Logs.info (fun m -> m "Exiting Hax engine (success)") @@ -302,5 +302,6 @@ let driver_for_rust_engine () : unit = Concrete_ident.ImplInfoStore.init (Concrete_ident_generated.impl_infos @ query.impl_infos); let response = driver_for_rust_engine_inner query in + send_debug_strings (); Hax_io.write_json ([%yojson_of: Rust_engine_types.response] response); Hax_io.write_json ([%yojson_of: Types.from_engine] Exit) diff --git a/engine/lib/phase_utils.ml b/engine/lib/phase_utils.ml index 32ed2ec83..f90d75e41 100644 --- a/engine/lib/phase_utils.ml +++ b/engine/lib/phase_utils.ml @@ -181,7 +181,7 @@ end module DebugBindPhase : sig val add : DebugPhaseInfo.t -> int -> (unit -> Ast.Full.item list) -> unit - val export : unit -> string option + val export : unit -> string list val enable : unit -> unit end = struct let enabled = ref false @@ -205,40 +205,38 @@ end = struct let export' () = Logs.info (fun m -> m "Exporting debug informations"); - let json = - Hashtbl.to_alist cache - |> List.sort ~compare:(fun (_, (a, _)) (_, (b, _)) -> Int.compare a b) - |> List.map ~f:(fun (k, (nth, l)) -> - let regenerate_span_ids = - (object - inherit [_] Visitors.map - method! visit_span = Fn.const Span.refresh_id - end) - #visit_item - () - in - (* we regenerate spans IDs, so that we have more precise regions *) - let l = List.map ~f:regenerate_span_ids !l in - let rustish = Print_rust.pitems l in - let json = - `Assoc - [ - ("name", `String ([%show: DebugPhaseInfo.t] k)); - ("nth", `Int nth); - ("items", [%yojson_of: Ast.Full.item list] l); - ( "rustish", - [%yojson_of: Print_rust.AnnotatedString.Output.t] rustish - ); - ] - in - json) - in - `List json |> Yojson.Safe.pretty_to_string + + Hashtbl.to_alist cache + |> List.sort ~compare:(fun (_, (a, _)) (_, (b, _)) -> Int.compare a b) + |> List.map ~f:(fun (k, (nth, l)) -> + let regenerate_span_ids = + (object + inherit [_] Visitors.map + method! visit_span = Fn.const Span.refresh_id + end) + #visit_item + () + in + (* we regenerate spans IDs, so that we have more precise regions *) + let l = List.map ~f:regenerate_span_ids !l in + let rustish = Print_rust.pitems l in + let json = + `Assoc + [ + ("name", `String ([%show: DebugPhaseInfo.t] k)); + ("nth", `Int nth); + ("items", [%yojson_of: Ast.Full.item list] l); + ( "rustish", + [%yojson_of: Print_rust.AnnotatedString.Output.t] rustish ); + ] + in + json) + |> List.map ~f:Yojson.Safe.to_string let export () = if !enabled (* recall: ! is deref, not `not`, great op. choice..... *) then - Some (export' ()) - else None + export' () + else [] end module type S = sig diff --git a/hax-types/src/engine_api.rs b/hax-types/src/engine_api.rs index b9fc41429..d529c93a1 100644 --- a/hax-types/src/engine_api.rs +++ b/hax-types/src/engine_api.rs @@ -56,7 +56,7 @@ pub struct File { pub struct Output { pub diagnostics: Vec, pub files: Vec, - pub debug_json: Option, + pub debug_json: Vec, } #[derive_group(Serializers)] From 450ba02ebe1ae1803b3a946bf12a82058f1b1506 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Wed, 5 Nov 2025 16:07:01 +0100 Subject: [PATCH 50/56] feat(oengine): add rejection & hoist side effect phases to untyped_phases --- engine/lib/untyped_phases/gen.js | 40 +- engine/lib/untyped_phases/untyped_phases.ml | 430 +++++++++++++++++++- 2 files changed, 466 insertions(+), 4 deletions(-) diff --git a/engine/lib/untyped_phases/gen.js b/engine/lib/untyped_phases/gen.js index 3d4cd5d18..292d80002 100755 --- a/engine/lib/untyped_phases/gen.js +++ b/engine/lib/untyped_phases/gen.js @@ -8,6 +8,12 @@ let phases = readdirSync("../phases").filter(x => x.endsWith(".mli")).map(filena contents: f(readFileSync("../phases/" + filename).toString()), })); +let rejections = readFileSync("../phases/phase_reject.ml") + .toString() + .split('\n') + .map(s => s.match(/^module ([a-z][a-z_]+)/i)?.[1]) + .filter(s => s); + console.log(` open Prelude @@ -43,11 +49,39 @@ let bind_list : (module PHASE_FULL) list -> (module PHASE_FULL) = `); + for (let phase of phases) { let name_lc = phase.filename.replace(/^phase_/, "").replace(/[.]mli$/, ""); let name = name_lc.replace(/^(.)/, l => l.toUpperCase()); phase.name_lc = name_lc; phase.name = name; + phase.module_expression = `Phases.${name}`; +} + + +for (let rejection of rejections) { + let name = 'Reject_' + rejection.replace(/^(.)/, l => l.toLowerCase()).replace(/[A-Z]/g, c => `_${c}`).toLowerCase(); + phases.push({ + name_lc: name.toLowerCase(), + name, + module_expression: 'Phase_reject.' + rejection, + contents: [], + }); +} + +phases.push({ + name_lc: "hoist_side_effects", + name: 'Hoist_side_effects', + module_expression: 'Side_effect_utils.Hoist', + contents: [ + ['Off', 'monadic_binding'], + ['Off', 'for_index_loop'], + ], +}); + + +for (let phase of phases) { + let { name, module_expression } = phase; console.log(` module ${name} : PHASE_FULL = struct @@ -62,7 +96,7 @@ module ${name} : PHASE_FULL = struct ${phase.contents.map(([status, f]) => `include ${status}.${f.replace(/^(.)/, l => l.toUpperCase())}`).join('\n')} end - module Phase = Phases.${name} (ExpectedFA) + module Phase = ${module_expression} (ExpectedFA) module Coerce = Feature_gate.Make (Features.Full) (ExpectedFA) @@ -104,6 +138,10 @@ let phase_of_name: string -> (module PHASE_FULL) option = | _ -> None let phases: string list = [${phases.map(p => `"${p.name_lc}"`).join(';')}] + +(* +${phases.map(p => `${p.name_lc}`).join(', ')} +*) `); diff --git a/engine/lib/untyped_phases/untyped_phases.ml b/engine/lib/untyped_phases/untyped_phases.ml index 9dfe11fc3..46e51506e 100644 --- a/engine/lib/untyped_phases/untyped_phases.ml +++ b/engine/lib/untyped_phases/untyped_phases.ml @@ -805,6 +805,43 @@ module Rewrite_control_flow : PHASE_FULL = struct end +module Rewrite_local_self : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phases.Rewrite_local_self (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + module Simplify_hoisting : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1100,6 +1137,378 @@ module Trivialize_assign_lhs : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end + +module Reject_arbitrary_lhs : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phase_reject.Arbitrary_lhs (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reject_continue : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phase_reject.Continue (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reject_question_mark : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phase_reject.Question_mark (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reject_raw_or_mut_pointer : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phase_reject.RawOrMutPointer (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reject_early_exit : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phase_reject.EarlyExit (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reject_as_pattern : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phase_reject.As_pattern (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reject_dyn : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phase_reject.Dyn (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reject_trait_item_default : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phase_reject.Trait_item_default (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Reject_unsafe : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + + end + + module Phase = Phase_reject.Unsafe (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + + +module Hoist_side_effects : PHASE_FULL = struct + module FA = Features.Full + module FB = Features.Full + module A = Ast.Full + module B = Ast.Full + + module ExpectedFA = struct + open Features + include On + include Off.Monadic_binding +include Off.For_index_loop + end + + module Phase = Side_effect_utils.Hoist (ExpectedFA) + + module Coerce = + Feature_gate.Make (Features.Full) (ExpectedFA) + (struct + module A = Features.Full + module B = ExpectedFA + include Feature_gate.DefaultSubtype + + let monadic_binding = reject +let for_index_loop = reject + + let metadata = + Phase_reject.make_metadata + (CoercionForUntypedPhase + ([%show: Diagnostics.Phase.t] Phase.metadata.current_phase)) + end) + + let metadata = Phase.metadata + let to_full_ast : Phase.B.item list -> Ast.Full.item list = Stdlib.Obj.magic + + let ditems = + List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast +end + let and_mut_defsite : (module PHASE_FULL) = (module And_mut_defsite) let bundle_cycles : (module PHASE_FULL) = (module Bundle_cycles) let cf_into_monads : (module PHASE_FULL) = (module Cf_into_monads) @@ -1120,6 +1529,7 @@ let reconstruct_question_marks : (module PHASE_FULL) = (module Reconstruct_quest let reconstruct_while_loops : (module PHASE_FULL) = (module Reconstruct_while_loops) let reorder_fields : (module PHASE_FULL) = (module Reorder_fields) let rewrite_control_flow : (module PHASE_FULL) = (module Rewrite_control_flow) +let rewrite_local_self : (module PHASE_FULL) = (module Rewrite_local_self) let simplify_hoisting : (module PHASE_FULL) = (module Simplify_hoisting) let simplify_match_return : (module PHASE_FULL) = (module Simplify_match_return) let simplify_question_marks : (module PHASE_FULL) = (module Simplify_question_marks) @@ -1128,12 +1538,26 @@ let specialize : (module PHASE_FULL) = (module Specialize) let traits_specs : (module PHASE_FULL) = (module Traits_specs) let transform_hax_lib_inline : (module PHASE_FULL) = (module Transform_hax_lib_inline) let trivialize_assign_lhs : (module PHASE_FULL) = (module Trivialize_assign_lhs) -let phases_list : (module PHASE_FULL) list = [and_mut_defsite;bundle_cycles;cf_into_monads;direct_and_mut;drop_blocks;drop_match_guards;drop_references;drop_return_break_continue;drop_sized_trait;functionalize_loops;hoist_disjunctive_patterns;local_mutation;newtype_as_refinement;reconstruct_asserts;reconstruct_for_index_loops;reconstruct_for_loops;reconstruct_question_marks;reconstruct_while_loops;reorder_fields;rewrite_control_flow;simplify_hoisting;simplify_match_return;simplify_question_marks;sort_items;specialize;traits_specs;transform_hax_lib_inline;trivialize_assign_lhs] +let reject_arbitrary_lhs : (module PHASE_FULL) = (module Reject_arbitrary_lhs) +let reject_continue : (module PHASE_FULL) = (module Reject_continue) +let reject_question_mark : (module PHASE_FULL) = (module Reject_question_mark) +let reject_raw_or_mut_pointer : (module PHASE_FULL) = (module Reject_raw_or_mut_pointer) +let reject_early_exit : (module PHASE_FULL) = (module Reject_early_exit) +let reject_as_pattern : (module PHASE_FULL) = (module Reject_as_pattern) +let reject_dyn : (module PHASE_FULL) = (module Reject_dyn) +let reject_trait_item_default : (module PHASE_FULL) = (module Reject_trait_item_default) +let reject_unsafe : (module PHASE_FULL) = (module Reject_unsafe) +let hoist_side_effects : (module PHASE_FULL) = (module Hoist_side_effects) +let phases_list : (module PHASE_FULL) list = [and_mut_defsite;bundle_cycles;cf_into_monads;direct_and_mut;drop_blocks;drop_match_guards;drop_references;drop_return_break_continue;drop_sized_trait;functionalize_loops;hoist_disjunctive_patterns;local_mutation;newtype_as_refinement;reconstruct_asserts;reconstruct_for_index_loops;reconstruct_for_loops;reconstruct_question_marks;reconstruct_while_loops;reorder_fields;rewrite_control_flow;rewrite_local_self;simplify_hoisting;simplify_match_return;simplify_question_marks;sort_items;specialize;traits_specs;transform_hax_lib_inline;trivialize_assign_lhs;reject_arbitrary_lhs;reject_continue;reject_question_mark;reject_raw_or_mut_pointer;reject_early_exit;reject_as_pattern;reject_dyn;reject_trait_item_default;reject_unsafe;hoist_side_effects] let phase_of_name: string -> (module PHASE_FULL) option = function - | "and_mut_defsite" -> Some and_mut_defsite| "bundle_cycles" -> Some bundle_cycles| "cf_into_monads" -> Some cf_into_monads| "direct_and_mut" -> Some direct_and_mut| "drop_blocks" -> Some drop_blocks| "drop_match_guards" -> Some drop_match_guards| "drop_references" -> Some drop_references| "drop_return_break_continue" -> Some drop_return_break_continue| "drop_sized_trait" -> Some drop_sized_trait| "functionalize_loops" -> Some functionalize_loops| "hoist_disjunctive_patterns" -> Some hoist_disjunctive_patterns| "local_mutation" -> Some local_mutation| "newtype_as_refinement" -> Some newtype_as_refinement| "reconstruct_asserts" -> Some reconstruct_asserts| "reconstruct_for_index_loops" -> Some reconstruct_for_index_loops| "reconstruct_for_loops" -> Some reconstruct_for_loops| "reconstruct_question_marks" -> Some reconstruct_question_marks| "reconstruct_while_loops" -> Some reconstruct_while_loops| "reorder_fields" -> Some reorder_fields| "rewrite_control_flow" -> Some rewrite_control_flow| "simplify_hoisting" -> Some simplify_hoisting| "simplify_match_return" -> Some simplify_match_return| "simplify_question_marks" -> Some simplify_question_marks| "sort_items" -> Some sort_items| "specialize" -> Some specialize| "traits_specs" -> Some traits_specs| "transform_hax_lib_inline" -> Some transform_hax_lib_inline| "trivialize_assign_lhs" -> Some trivialize_assign_lhs + | "and_mut_defsite" -> Some and_mut_defsite| "bundle_cycles" -> Some bundle_cycles| "cf_into_monads" -> Some cf_into_monads| "direct_and_mut" -> Some direct_and_mut| "drop_blocks" -> Some drop_blocks| "drop_match_guards" -> Some drop_match_guards| "drop_references" -> Some drop_references| "drop_return_break_continue" -> Some drop_return_break_continue| "drop_sized_trait" -> Some drop_sized_trait| "functionalize_loops" -> Some functionalize_loops| "hoist_disjunctive_patterns" -> Some hoist_disjunctive_patterns| "local_mutation" -> Some local_mutation| "newtype_as_refinement" -> Some newtype_as_refinement| "reconstruct_asserts" -> Some reconstruct_asserts| "reconstruct_for_index_loops" -> Some reconstruct_for_index_loops| "reconstruct_for_loops" -> Some reconstruct_for_loops| "reconstruct_question_marks" -> Some reconstruct_question_marks| "reconstruct_while_loops" -> Some reconstruct_while_loops| "reorder_fields" -> Some reorder_fields| "rewrite_control_flow" -> Some rewrite_control_flow| "rewrite_local_self" -> Some rewrite_local_self| "simplify_hoisting" -> Some simplify_hoisting| "simplify_match_return" -> Some simplify_match_return| "simplify_question_marks" -> Some simplify_question_marks| "sort_items" -> Some sort_items| "specialize" -> Some specialize| "traits_specs" -> Some traits_specs| "transform_hax_lib_inline" -> Some transform_hax_lib_inline| "trivialize_assign_lhs" -> Some trivialize_assign_lhs| "reject_arbitrary_lhs" -> Some reject_arbitrary_lhs| "reject_continue" -> Some reject_continue| "reject_question_mark" -> Some reject_question_mark| "reject_raw_or_mut_pointer" -> Some reject_raw_or_mut_pointer| "reject_early_exit" -> Some reject_early_exit| "reject_as_pattern" -> Some reject_as_pattern| "reject_dyn" -> Some reject_dyn| "reject_trait_item_default" -> Some reject_trait_item_default| "reject_unsafe" -> Some reject_unsafe| "hoist_side_effects" -> Some hoist_side_effects | _ -> None -let phases: string list = ["and_mut_defsite";"bundle_cycles";"cf_into_monads";"direct_and_mut";"drop_blocks";"drop_match_guards";"drop_references";"drop_return_break_continue";"drop_sized_trait";"functionalize_loops";"hoist_disjunctive_patterns";"local_mutation";"newtype_as_refinement";"reconstruct_asserts";"reconstruct_for_index_loops";"reconstruct_for_loops";"reconstruct_question_marks";"reconstruct_while_loops";"reorder_fields";"rewrite_control_flow";"simplify_hoisting";"simplify_match_return";"simplify_question_marks";"sort_items";"specialize";"traits_specs";"transform_hax_lib_inline";"trivialize_assign_lhs"] +let phases: string list = ["and_mut_defsite";"bundle_cycles";"cf_into_monads";"direct_and_mut";"drop_blocks";"drop_match_guards";"drop_references";"drop_return_break_continue";"drop_sized_trait";"functionalize_loops";"hoist_disjunctive_patterns";"local_mutation";"newtype_as_refinement";"reconstruct_asserts";"reconstruct_for_index_loops";"reconstruct_for_loops";"reconstruct_question_marks";"reconstruct_while_loops";"reorder_fields";"rewrite_control_flow";"rewrite_local_self";"simplify_hoisting";"simplify_match_return";"simplify_question_marks";"sort_items";"specialize";"traits_specs";"transform_hax_lib_inline";"trivialize_assign_lhs";"reject_arbitrary_lhs";"reject_continue";"reject_question_mark";"reject_raw_or_mut_pointer";"reject_early_exit";"reject_as_pattern";"reject_dyn";"reject_trait_item_default";"reject_unsafe";"hoist_side_effects"] + +(* +and_mut_defsite, bundle_cycles, cf_into_monads, direct_and_mut, drop_blocks, drop_match_guards, drop_references, drop_return_break_continue, drop_sized_trait, functionalize_loops, hoist_disjunctive_patterns, local_mutation, newtype_as_refinement, reconstruct_asserts, reconstruct_for_index_loops, reconstruct_for_loops, reconstruct_question_marks, reconstruct_while_loops, reorder_fields, rewrite_control_flow, rewrite_local_self, simplify_hoisting, simplify_match_return, simplify_question_marks, sort_items, specialize, traits_specs, transform_hax_lib_inline, trivialize_assign_lhs, reject_arbitrary_lhs, reject_continue, reject_question_mark, reject_raw_or_mut_pointer, reject_early_exit, reject_as_pattern, reject_dyn, reject_trait_item_default, reject_unsafe, hoist_side_effects +*) From e422ca9f7f7521f7063a16a0516f330fd4eb0f9a Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Wed, 5 Nov 2025 16:08:08 +0100 Subject: [PATCH 51/56] fix(engine): misc fix in import ast --- engine/lib/import_ast.ml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/engine/lib/import_ast.ml b/engine/lib/import_ast.ml index 071da0101..90f8dd967 100644 --- a/engine/lib/import_ast.ml +++ b/engine/lib/import_ast.ml @@ -116,9 +116,12 @@ and dlocal_ident (Newtypelocal_id (Newtypesymbol li) : A.local_id) : and dconcrete_ident (gi : A.global_id) : B.concrete_ident = match dglobal_ident gi with | `Concrete id -> id + (* For variant fields *) + | `Projector (`Concrete id) -> id | _ -> broken_invariant - "dconcrete_ident: got something else than a [`Concrete _]" + ("dconcrete_ident: got something else than a [`Concrete _]: " + ^ [%show: A.global_id] gi) and ddyn_trait_goal (r : A.dyn_trait_goal) : B.dyn_trait_goal = { From 44a7897bb0fb2e6d14ed84eddc494530b21ff160 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Wed, 5 Nov 2025 16:12:41 +0100 Subject: [PATCH 52/56] feat(rengine): improve ocaml_engine.rs --- engine/bin/lib.ml | 14 ++++-- rust-engine/src/hax_io.rs | 28 +++++++++--- rust-engine/src/main.rs | 24 +++++----- rust-engine/src/ocaml_engine.rs | 81 +++++++++++++++++++-------------- 4 files changed, 90 insertions(+), 57 deletions(-) diff --git a/engine/bin/lib.ml b/engine/bin/lib.ml index a06c891dc..46f3b38ab 100644 --- a/engine/bin/lib.ml +++ b/engine/bin/lib.ml @@ -264,6 +264,8 @@ module ExportLeanAst = Export_ast.Make (Lean_backend.InputLanguage) let driver_for_rust_engine_inner (query : Rust_engine_types.query) : Rust_engine_types.response = + Profiling.enabled := query.profiling; + if query.debug_bind_phase then Phase_utils.DebugBindPhase.enable (); match query.kind with | Types.ImportThir { input; apply_phases; translation_options } -> (* Note: `apply_phases` comes from the type `QueryKind` in @@ -284,12 +286,14 @@ let driver_for_rust_engine_inner (query : Rust_engine_types.query) : Rust_engine_types.ImportThir { output = rust_ast_items } | Types.ApplyPhases { input; phases } -> let items = List.concat_map ~f:Import_ast.ditem input in - let items = - List.fold ~init:items - ~f:(fun items phase -> - match phase with Rust_engine_types.Noop -> items) - phases + let module Phase = + (val List.map + ~f:(fun name -> + Untyped_phases.phase_of_name name |> Option.value_exn) + phases + |> Untyped_phases.bind_list) in + let items = Phase.ditems items in let output = List.concat_map ~f:ExportFullAst.ditem items in Rust_engine_types.ApplyPhases { output } diff --git a/rust-engine/src/hax_io.rs b/rust-engine/src/hax_io.rs index 78bcb179a..ea0f1fa9c 100644 --- a/rust-engine/src/hax_io.rs +++ b/rust-engine/src/hax_io.rs @@ -1,16 +1,18 @@ //! This module helps communicating with `cargo-hax`. -use crate::ocaml_engine::ExtendedToEngine; use hax_types::engine_api::protocol::FromEngine; -use serde::Deserialize; +use serde::de::DeserializeOwned; use std::io::{BufRead, BufReader, Stdin, stdin, stdout}; use std::sync::{LazyLock, Mutex}; +use hax_frontend_exporter::id_table::WithTable; +use hax_types::engine_api::{EngineOptions, protocol::ToEngine}; + static STDIN: LazyLock>> = LazyLock::new(|| Mutex::new(BufReader::new(stdin()))); -/// Reads a `ExtendedToEngine` message -pub fn read() -> ExtendedToEngine { +/// Reads a message of any type from stdin +fn read() -> T { let mut stdin = STDIN.lock().unwrap(); let mut slice = Vec::new(); stdin @@ -18,8 +20,22 @@ pub fn read() -> ExtendedToEngine { .expect("No message left! Did the engine crash?"); let mut de = serde_json::Deserializer::from_slice(&slice); de.disable_recursion_limit(); - ExtendedToEngine::deserialize(serde_stacker::Deserializer::new(&mut de)) - .expect("Could not parse as a `ExtendedToEngine` message!") + T::deserialize(serde_stacker::Deserializer::new(&mut de)).unwrap_or_else(|err| { + panic!( + "Could not parse as a `{}` message! Error: {err}", + std::any::type_name::() + ) + }) +} + +/// Reads a `ToEngine` message from the engine +pub fn read_to_engine_message() -> ToEngine { + read() +} + +/// Reads the engine input JSON payload. +pub fn read_engine_input_message() -> WithTable { + read() } /// Writes a `ExtendedFromEngine` message diff --git a/rust-engine/src/main.rs b/rust-engine/src/main.rs index 8a74cc918..8b195b61c 100644 --- a/rust-engine/src/main.rs +++ b/rust-engine/src/main.rs @@ -1,26 +1,26 @@ use hax_rust_engine::{ backends, - ocaml_engine::{ExtendedToEngine, Response}, + ocaml_engine::{self, Response}, }; use hax_types::{cli_options::Backend, engine_api::File}; fn main() { - let ExtendedToEngine::Query(input) = hax_rust_engine::hax_io::read() else { - panic!() - }; - let (value, table) = input.destruct(); + let (value, table) = hax_rust_engine::hax_io::read_engine_input_message().destruct(); - let query = hax_rust_engine::ocaml_engine::Query { + ocaml_engine::initialize(ocaml_engine::Meta { hax_version: value.hax_version, impl_infos: value.impl_infos, - kind: hax_rust_engine::ocaml_engine::QueryKind::ImportThir { - input: value.input, - apply_phases: matches!(&value.backend.backend, Backend::Lean), - translation_options: value.backend.translation_options, - }, + debug_bind_phase: value.backend.debug_engine.is_some(), + profiling: value.backend.profile, + }); + + let query = hax_rust_engine::ocaml_engine::QueryKind::ImportThir { + input: value.input, + apply_phases: false && !matches!(&value.backend.backend, Backend::GenerateRustEngineNames), + translation_options: value.backend.translation_options, }; - let Some(Response::ImportThir { output: items }) = query.execute(table) else { + let Some(Response::ImportThir { output: items }) = query.execute(Some(table)) else { panic!() }; diff --git a/rust-engine/src/ocaml_engine.rs b/rust-engine/src/ocaml_engine.rs index 59d4a874f..f84f02ab6 100644 --- a/rust-engine/src/ocaml_engine.rs +++ b/rust-engine/src/ocaml_engine.rs @@ -2,21 +2,27 @@ //! interface, the rust engine can communicate with the OCaml engine, and reuse //! some of its components. -use std::io::BufRead; +use std::{io::BufRead, sync::OnceLock}; use hax_frontend_exporter::{ ThirBody, id_table::{Table, WithTable}, }; -use hax_types::engine_api::{ - EngineOptions, - protocol::{FromEngine, ToEngine}, -}; +use hax_types::engine_api::protocol::{FromEngine, ToEngine}; use serde::Deserialize; /// A query for the OCaml engine #[derive(Debug, Clone, ::schemars::JsonSchema, ::serde::Deserialize, ::serde::Serialize)] pub struct Query { + #[serde(flatten)] + meta: Meta, + /// The kind of query we want to send to the engine + kind: QueryKind, +} + +/// The metadata required to perform a query. +#[derive(Debug, Clone, ::schemars::JsonSchema, ::serde::Deserialize, ::serde::Serialize)] +pub struct Meta { /// The version of hax currently used pub hax_version: String, /// Dictionary from `DefId`s to `impl_infos` @@ -24,8 +30,19 @@ pub struct Query { hax_frontend_exporter::DefId, hax_frontend_exporter::ImplInfos, )>, - /// The kind of query we want to send to the engine - pub kind: QueryKind, + /// Enable debugging of phases in the OCaml engine + pub debug_bind_phase: bool, + /// Enable profiling in the OCaml engine + pub profiling: bool, +} + +static STATE: OnceLock = OnceLock::new(); + +/// Initialize query metadata. +pub fn initialize(meta: Meta) { + STATE + .set(meta) + .expect("`ocaml_engine::initialize` was called more than once") } /// The payload of the query. [`Response`] below mirrors this enum to represent @@ -42,17 +59,14 @@ pub enum QueryKind { translation_options: hax_types::cli_options::TranslationOptions, }, + /// Ask the OCaml engine to run given phases on given items ApplyPhases { + /// The phases to run. See `untyped_phases.ml`. + phases: Vec, + /// The items on which the phases will be applied. input: Vec, - phases: Vec, }, } - -#[derive(Debug, Clone, ::schemars::JsonSchema, ::serde::Deserialize, ::serde::Serialize)] -pub enum OCamlPhase { - Noop, -} - /// A Response after a [`Query`] #[derive(Debug, Clone, ::schemars::JsonSchema, ::serde::Deserialize, ::serde::Serialize)] pub enum Response { @@ -61,21 +75,13 @@ pub enum Response { /// The output Rust AST items output: Vec, }, + /// Return items after phase application ApplyPhases { + /// The output Rust AST items after phases output: Vec, }, } -/// Extends the common `ToEngine` messages with one extra case: `Query`. -#[derive(::serde::Deserialize, ::serde::Serialize)] -#[serde(untagged)] -pub enum ExtendedToEngine { - /// A standard `ToEngine` message - ToEngine(ToEngine), - /// A `Query` - Query(Box>), -} - /// Extends the common `FromEngine` messages with one extra case: `Response`. #[derive(Debug, Clone, ::schemars::JsonSchema, ::serde::Deserialize, ::serde::Serialize)] #[serde(untagged)] @@ -86,9 +92,16 @@ pub enum ExtendedFromEngine { Response(Response), } -impl Query { +impl QueryKind { /// Execute the query synchronously. - pub fn execute(&self, table: Table) -> Option { + pub fn execute(self, table: Option) -> Option { + let query = Query { + meta: STATE + .get() + .expect("`ocaml_engine::initialize` should be called first") + .clone(), + kind: self, + }; use std::io::Write; use std::process::Command; @@ -115,9 +128,13 @@ impl Query { .expect("Could not write on stdin"), ); - WithTable::run(table, self, |with_table| { - send!(stdin, with_table); - }); + if let Some(table) = table { + WithTable::run(table, query, |with_table| { + send!(stdin, with_table); + }); + } else { + send!(stdin, &(vec![] as Vec<()>, query)); + } let mut response = None; let stdout = std::io::BufReader::new(engine_subprocess.stdout.take().unwrap()); @@ -145,11 +162,7 @@ impl Query { ExtendedFromEngine::FromEngine(from_engine) => { crate::hax_io::write(&from_engine); if from_engine.requires_response() { - let ExtendedToEngine::ToEngine(response) = crate::hax_io::read() else { - panic!( - "The frontend sent an incorrect message: expected `ExtendedToEngine::ToEngine` since we sent a `ExtendedFromEngine::FromEngine`." - ) - }; + let response: ToEngine = crate::hax_io::read_to_engine_message(); send!(stdin, &response); } } From d916b984f8f50f5c790f858f899fb021aaf6c050 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Wed, 5 Nov 2025 16:15:24 +0100 Subject: [PATCH 53/56] feat(rengine): expose ocaml phases, use them in Lean --- rust-engine/src/backends.rs | 3 +- rust-engine/src/backends/lean.rs | 38 ++++++++++- rust-engine/src/phase.rs | 11 ++- rust-engine/src/phase/legacy.rs | 111 +++++++++++++++++++++++++++++++ 4 files changed, 160 insertions(+), 3 deletions(-) create mode 100644 rust-engine/src/phase/legacy.rs diff --git a/rust-engine/src/backends.rs b/rust-engine/src/backends.rs index c9cf53ddb..88faed948 100644 --- a/rust-engine/src/backends.rs +++ b/rust-engine/src/backends.rs @@ -21,6 +21,7 @@ use std::collections::HashMap; use crate::{ ast::{Item, Metadata, Module, span::Span}, + phase::legacy::group_consecutive_ocaml_phases, printer::{Print, Printer}, }; use camino::Utf8PathBuf; @@ -89,7 +90,7 @@ pub trait Backend { /// modules via [`Backend::items_to_module`], and then uses the backend's printer /// to generate source files with paths determined by [`Backend::module_path`]. pub fn apply_backend(backend: B, mut items: Vec) -> Vec { - for phase in backend.phases() { + for phase in group_consecutive_ocaml_phases(backend.phases()) { phase.apply(&mut items); } diff --git a/rust-engine/src/backends/lean.rs b/rust-engine/src/backends/lean.rs index 1f1e0c4b1..dece9d75d 100644 --- a/rust-engine/src/backends/lean.rs +++ b/rust-engine/src/backends/lean.rs @@ -140,7 +140,43 @@ impl Backend for LeanBackend { } fn phases(&self) -> Vec> { - vec![Box::new(RejectNotDoLeanDSL), Box::new(ExplicitMonadic)] + use crate::phase::legacy::*; + vec![ + reject_raw_or_mut_pointer(), + rewrite_local_self(), + transform_hax_lib_inline(), + specialize(), + drop_sized_trait(), + simplify_question_marks(), + and_mut_defsite(), + reconstruct_asserts(), + reconstruct_for_loops(), + reconstruct_while_loops(), + direct_and_mut(), + reject_arbitrary_lhs(), + drop_blocks(), + drop_match_guards(), + drop_references(), + trivialize_assign_lhs(), + hoist_side_effects(), + hoist_disjunctive_patterns(), + simplify_match_return(), + local_mutation(), + rewrite_control_flow(), + drop_return_break_continue(), + functionalize_loops(), + reject_question_mark(), + reject_as_pattern(), + traits_specs(), + simplify_hoisting(), + newtype_as_refinement(), + reject_trait_item_default(), + bundle_cycles(), + reorder_fields(), + sort_items(), + Box::new(RejectNotDoLeanDSL), + Box::new(ExplicitMonadic), + ] } } diff --git a/rust-engine/src/phase.rs b/rust-engine/src/phase.rs index a8eb383c8..63e1a7ff0 100644 --- a/rust-engine/src/phase.rs +++ b/rust-engine/src/phase.rs @@ -7,7 +7,7 @@ macro_rules! unreachable_by_invariant { ($phase:ident) => { unreachable!( "The phase {} should make this unreachable", - stringify!($ident) + stringify!($phase) ) }; } @@ -18,7 +18,16 @@ pub trait Phase { /// Apply the phase on items. /// A phase may transform an item into zero, one or more items. fn apply(&self, items: &mut Vec); + + /// This is a compatibility layer for the OCaml engine. + /// This will be dropped when the OCaml engine is dropped. + /// Returns `Some` when the phase is actually an OCaml phase. + /// This is useful for `group_consecutive_ocaml_phases`. + fn legacy_ocaml_phase(&self) -> Option<&str> { + None + } } pub mod explicit_monadic; +pub mod legacy; pub mod reject_not_do_lean_dsl; diff --git a/rust-engine/src/phase/legacy.rs b/rust-engine/src/phase/legacy.rs new file mode 100644 index 000000000..72c38f6ec --- /dev/null +++ b/rust-engine/src/phase/legacy.rs @@ -0,0 +1,111 @@ +//! This module exposes the legacy phases written in OCaml in the OCaml engine. + +use crate::{ast::Item, phase::Phase}; + +struct LegacyOCamlPhases { + phases: Vec, +} + +impl Phase for LegacyOCamlPhases { + fn apply(&self, items: &mut Vec) { + eprintln!("Applying phases: {:#?}", &self.phases); + use crate::ocaml_engine::Response; + let query = crate::ocaml_engine::QueryKind::ApplyPhases { + input: std::mem::take(items), + phases: self.phases.clone(), + }; + let Some(Response::ApplyPhases { output }) = query.execute(None) else { + panic!() + }; + *items = output; + } + + fn legacy_ocaml_phase(&self) -> Option<&str> { + match self.phases.as_slice() { + [phase] => Some(phase.as_str()), + _ => None, + } + } +} + +/// Group consecutive ocaml phases as one monolithic phase, so that we avoid extra roundtrips to the OCaml engine. +pub fn group_consecutive_ocaml_phases(phases: Vec>) -> Vec> { + let mut output: Vec> = vec![]; + let mut ocaml_phases = vec![]; + let mut phases = phases.into_iter(); + + loop { + let phase = phases.next(); + if let Some(ocaml_phase) = phase.as_ref().and_then(|phase| phase.legacy_ocaml_phase()) { + ocaml_phases.push(ocaml_phase.to_string()) + } else { + if !ocaml_phases.is_empty() { + output.push(Box::new(LegacyOCamlPhases { + phases: std::mem::take(&mut ocaml_phases), + })); + } + if let Some(phase) = phase { + output.push(phase); + } else { + break; + } + } + } + + output +} + +macro_rules! make_ocaml_legacy_phase { + ($($name:ident),*) => { + $( + #[doc = concat!("The phase ", stringify!($name), " from the OCaml engine.")] + pub fn $name() -> Box { + Box::new(LegacyOCamlPhases { + phases: vec![stringify!($name).to_string()], + }) + } + )* + }; +} + +make_ocaml_legacy_phase!( + and_mut_defsite, + bundle_cycles, + cf_into_monads, + direct_and_mut, + drop_blocks, + drop_match_guards, + drop_references, + drop_return_break_continue, + drop_sized_trait, + functionalize_loops, + hoist_disjunctive_patterns, + local_mutation, + newtype_as_refinement, + reconstruct_asserts, + reconstruct_for_index_loops, + reconstruct_for_loops, + reconstruct_question_marks, + reconstruct_while_loops, + reorder_fields, + rewrite_control_flow, + rewrite_local_self, + simplify_hoisting, + simplify_match_return, + simplify_question_marks, + sort_items, + specialize, + traits_specs, + transform_hax_lib_inline, + trivialize_assign_lhs, + reject_arbitrary_lhs, + reject_continue, + reject_question_mark, + reject_raw_or_mut_pointer, + reject_early_exit, + reject_as_pattern, + reject_dyn, + reject_trait_item_default, + reject_unsafe, + hoist_side_effects +); From 7470c8603ca7775f3500655a67b82d4e8a20e4bb Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Wed, 5 Nov 2025 16:19:11 +0100 Subject: [PATCH 54/56] feat(engines): drop `ImportThir::apply_phases` --- engine/bin/lib.ml | 13 ++----------- rust-engine/src/main.rs | 1 - rust-engine/src/ocaml_engine.rs | 2 -- 3 files changed, 2 insertions(+), 14 deletions(-) diff --git a/engine/bin/lib.ml b/engine/bin/lib.ml index 46f3b38ab..f1533a20a 100644 --- a/engine/bin/lib.ml +++ b/engine/bin/lib.ml @@ -267,21 +267,12 @@ let driver_for_rust_engine_inner (query : Rust_engine_types.query) : Profiling.enabled := query.profiling; if query.debug_bind_phase then Phase_utils.DebugBindPhase.enable (); match query.kind with - | Types.ImportThir { input; apply_phases; translation_options } -> - (* Note: `apply_phases` comes from the type `QueryKind` in - `ocaml_engine.rs`. This is a temporary flag that applies some phases while - importing THIR. In the future (when #1550 is merged), we will be able to - import THIR and then apply phases. *) + | Types.ImportThir { input; translation_options } -> let imported_items = import_thir_items translation_options.include_namespaces input in let rust_ast_items = - if apply_phases then - let imported_items = Lean_backend.apply_phases imported_items in - List.concat_map - ~f:(fun item -> ExportLeanAst.ditem item) - imported_items - else List.concat_map ~f:ExportRustAst.ditem imported_items + List.concat_map ~f:ExportRustAst.ditem imported_items in Rust_engine_types.ImportThir { output = rust_ast_items } | Types.ApplyPhases { input; phases } -> diff --git a/rust-engine/src/main.rs b/rust-engine/src/main.rs index 8b195b61c..023a85be3 100644 --- a/rust-engine/src/main.rs +++ b/rust-engine/src/main.rs @@ -16,7 +16,6 @@ fn main() { let query = hax_rust_engine::ocaml_engine::QueryKind::ImportThir { input: value.input, - apply_phases: false && !matches!(&value.backend.backend, Backend::GenerateRustEngineNames), translation_options: value.backend.translation_options, }; diff --git a/rust-engine/src/ocaml_engine.rs b/rust-engine/src/ocaml_engine.rs index f84f02ab6..98cc4c755 100644 --- a/rust-engine/src/ocaml_engine.rs +++ b/rust-engine/src/ocaml_engine.rs @@ -53,8 +53,6 @@ pub enum QueryKind { ImportThir { /// The input THIR items input: Vec>, - /// Temporary option to enable a set of default phases - apply_phases: bool, /// Translation options which contains include clauses (items filtering) translation_options: hax_types::cli_options::TranslationOptions, }, From d4756ebc3f5e5c4702f4fb1dce6139d90bef2270 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Thu, 6 Nov 2025 11:54:49 +0100 Subject: [PATCH 55/56] fix(oengine): default DefIds ids to zero --- engine/lib/concrete_ident/explicit_def_id.ml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/engine/lib/concrete_ident/explicit_def_id.ml b/engine/lib/concrete_ident/explicit_def_id.ml index 5c9a9e221..4a4acc084 100644 --- a/engine/lib/concrete_ident/explicit_def_id.ml +++ b/engine/lib/concrete_ident/explicit_def_id.ml @@ -149,7 +149,7 @@ module FromRustAST = struct ({ krate; path; parent; kind; _ } : A.def_id) : B.def_id_contents = let f (o : A.def_id) : B.def_id = let contents : B.node_for__def_id_contents = - { value = def_id_contents_to_rust_ast o; id = Int64.of_int (-1) } + { value = def_id_contents_to_rust_ast o; id = Int64.zero } in { contents } in @@ -159,7 +159,7 @@ module FromRustAST = struct path; parent; kind; - index = (Int64.of_int (-1), Int64.of_int (-1), None); + index = (Int64.zero, Int64.zero, None); is_local = false; } From 958b3df387c4d8736d06c428e9e690bf5c18b067 Mon Sep 17 00:00:00 2001 From: Lucas Franceschino Date: Thu, 6 Nov 2025 11:55:53 +0100 Subject: [PATCH 56/56] chore(oengine): run fmt on `untyped_phases.ml` --- engine/lib/untyped_phases/untyped_phases.ml | 386 ++++++++++---------- 1 file changed, 197 insertions(+), 189 deletions(-) diff --git a/engine/lib/untyped_phases/untyped_phases.ml b/engine/lib/untyped_phases/untyped_phases.ml index 46e51506e..15edb3555 100644 --- a/engine/lib/untyped_phases/untyped_phases.ml +++ b/engine/lib/untyped_phases/untyped_phases.ml @@ -1,6 +1,5 @@ - open Prelude - + module type PHASE_FULL = Phase_utils.PHASE with module FA = Features.Full @@ -31,8 +30,6 @@ let bind_list : (module PHASE_FULL) list -> (module PHASE_FULL) = List.reduce ~f:bind >> Option.value ~default:(module IdentityFull : PHASE_FULL) - - module And_mut_defsite : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -43,10 +40,10 @@ module And_mut_defsite : PHASE_FULL = struct open Features include On include On.Mutable_variable -include On.Mutable_reference -include On.Nontrivial_lhs -include On.Arbitrary_lhs -include On.Reference + include On.Mutable_reference + include On.Nontrivial_lhs + include On.Arbitrary_lhs + include On.Reference end module Phase = Phases.And_mut_defsite (ExpectedFA) @@ -59,10 +56,10 @@ include On.Reference include Feature_gate.DefaultSubtype let mutable_variable = fun _ _ -> Features.On.mutable_variable -let mutable_reference = fun _ _ -> Features.On.mutable_reference -let nontrivial_lhs = fun _ _ -> Features.On.nontrivial_lhs -let arbitrary_lhs = fun _ _ -> Features.On.arbitrary_lhs -let reference = fun _ _ -> Features.On.reference + let mutable_reference = fun _ _ -> Features.On.mutable_reference + let nontrivial_lhs = fun _ _ -> Features.On.nontrivial_lhs + let arbitrary_lhs = fun _ _ -> Features.On.arbitrary_lhs + let reference = fun _ _ -> Features.On.reference let metadata = Phase_reject.make_metadata @@ -77,7 +74,6 @@ let reference = fun _ _ -> Features.On.reference List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Bundle_cycles : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -87,7 +83,6 @@ module Bundle_cycles : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Bundle_cycles (ExpectedFA) @@ -99,8 +94,6 @@ module Bundle_cycles : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -114,7 +107,6 @@ module Bundle_cycles : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Cf_into_monads : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -125,7 +117,7 @@ module Cf_into_monads : PHASE_FULL = struct open Features include On include Off.Monadic_action -include Off.Monadic_binding + include Off.Monadic_binding end module Phase = Phases.Cf_into_monads (ExpectedFA) @@ -138,7 +130,7 @@ include Off.Monadic_binding include Feature_gate.DefaultSubtype let monadic_action = reject -let monadic_binding = reject + let monadic_binding = reject let metadata = Phase_reject.make_metadata @@ -153,7 +145,6 @@ let monadic_binding = reject List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Direct_and_mut : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -164,7 +155,7 @@ module Direct_and_mut : PHASE_FULL = struct open Features include On include Off.Raw_pointer -include Off.Mutable_pointer + include Off.Mutable_pointer end module Phase = Phases.Direct_and_mut (ExpectedFA) @@ -177,7 +168,7 @@ include Off.Mutable_pointer include Feature_gate.DefaultSubtype let raw_pointer = reject -let mutable_pointer = reject + let mutable_pointer = reject let metadata = Phase_reject.make_metadata @@ -192,7 +183,6 @@ let mutable_pointer = reject List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Drop_blocks : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -202,7 +192,6 @@ module Drop_blocks : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Drop_blocks (ExpectedFA) @@ -214,8 +203,6 @@ module Drop_blocks : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -229,7 +216,6 @@ module Drop_blocks : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Drop_match_guards : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -239,7 +225,6 @@ module Drop_match_guards : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Drop_match_guards (ExpectedFA) @@ -251,8 +236,6 @@ module Drop_match_guards : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -266,7 +249,6 @@ module Drop_match_guards : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Drop_references : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -277,7 +259,7 @@ module Drop_references : PHASE_FULL = struct open Features include On include Off.Raw_pointer -include Off.Mutable_reference + include Off.Mutable_reference end module Phase = Phases.Drop_references (ExpectedFA) @@ -290,7 +272,7 @@ include Off.Mutable_reference include Feature_gate.DefaultSubtype let raw_pointer = reject -let mutable_reference = reject + let mutable_reference = reject let metadata = Phase_reject.make_metadata @@ -305,7 +287,6 @@ let mutable_reference = reject List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Drop_return_break_continue : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -315,7 +296,6 @@ module Drop_return_break_continue : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Drop_return_break_continue (ExpectedFA) @@ -327,8 +307,6 @@ module Drop_return_break_continue : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -342,7 +320,6 @@ module Drop_return_break_continue : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Drop_sized_trait : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -352,7 +329,6 @@ module Drop_sized_trait : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Drop_sized_trait (ExpectedFA) @@ -364,8 +340,6 @@ module Drop_sized_trait : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -379,7 +353,6 @@ module Drop_sized_trait : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Functionalize_loops : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -390,8 +363,8 @@ module Functionalize_loops : PHASE_FULL = struct open Features include On include Off.Continue -include Off.Early_exit -include Off.Break + include Off.Early_exit + include Off.Break end module Phase = Phases.Functionalize_loops (ExpectedFA) @@ -404,8 +377,8 @@ include Off.Break include Feature_gate.DefaultSubtype let continue = reject -let early_exit = reject -let break = reject + let early_exit = reject + let break = reject let metadata = Phase_reject.make_metadata @@ -420,7 +393,6 @@ let break = reject List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Hoist_disjunctive_patterns : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -430,7 +402,6 @@ module Hoist_disjunctive_patterns : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Hoist_disjunctive_patterns (ExpectedFA) @@ -442,8 +413,6 @@ module Hoist_disjunctive_patterns : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -457,7 +426,6 @@ module Hoist_disjunctive_patterns : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Local_mutation : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -468,13 +436,13 @@ module Local_mutation : PHASE_FULL = struct open Features include On include Off.Mutable_reference -include Off.Mutable_pointer -include Off.Raw_pointer -include Off.Arbitrary_lhs -include Off.Nontrivial_lhs -include Off.Monadic_action -include Off.Monadic_binding -include Off.For_index_loop + include Off.Mutable_pointer + include Off.Raw_pointer + include Off.Arbitrary_lhs + include Off.Nontrivial_lhs + include Off.Monadic_action + include Off.Monadic_binding + include Off.For_index_loop end module Phase = Phases.Local_mutation (ExpectedFA) @@ -487,13 +455,13 @@ include Off.For_index_loop include Feature_gate.DefaultSubtype let mutable_reference = reject -let mutable_pointer = reject -let raw_pointer = reject -let arbitrary_lhs = reject -let nontrivial_lhs = reject -let monadic_action = reject -let monadic_binding = reject -let for_index_loop = reject + let mutable_pointer = reject + let raw_pointer = reject + let arbitrary_lhs = reject + let nontrivial_lhs = reject + let monadic_action = reject + let monadic_binding = reject + let for_index_loop = reject let metadata = Phase_reject.make_metadata @@ -508,7 +476,6 @@ let for_index_loop = reject List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Newtype_as_refinement : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -518,7 +485,6 @@ module Newtype_as_refinement : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Newtype_as_refinement (ExpectedFA) @@ -530,8 +496,6 @@ module Newtype_as_refinement : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -545,7 +509,6 @@ module Newtype_as_refinement : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reconstruct_asserts : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -555,7 +518,6 @@ module Reconstruct_asserts : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Reconstruct_asserts (ExpectedFA) @@ -567,8 +529,6 @@ module Reconstruct_asserts : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -582,7 +542,6 @@ module Reconstruct_asserts : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reconstruct_for_index_loops : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -592,7 +551,6 @@ module Reconstruct_for_index_loops : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Reconstruct_for_index_loops (ExpectedFA) @@ -604,8 +562,6 @@ module Reconstruct_for_index_loops : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -619,7 +575,6 @@ module Reconstruct_for_index_loops : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reconstruct_for_loops : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -629,7 +584,6 @@ module Reconstruct_for_loops : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Reconstruct_for_loops (ExpectedFA) @@ -641,8 +595,6 @@ module Reconstruct_for_loops : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -656,7 +608,6 @@ module Reconstruct_for_loops : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reconstruct_question_marks : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -666,7 +617,6 @@ module Reconstruct_question_marks : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Reconstruct_question_marks (ExpectedFA) @@ -678,8 +628,6 @@ module Reconstruct_question_marks : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -693,7 +641,6 @@ module Reconstruct_question_marks : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reconstruct_while_loops : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -703,7 +650,6 @@ module Reconstruct_while_loops : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Reconstruct_while_loops (ExpectedFA) @@ -715,8 +661,6 @@ module Reconstruct_while_loops : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -730,7 +674,6 @@ module Reconstruct_while_loops : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reorder_fields : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -740,7 +683,6 @@ module Reorder_fields : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Reorder_fields (ExpectedFA) @@ -752,8 +694,6 @@ module Reorder_fields : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -767,7 +707,6 @@ module Reorder_fields : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Rewrite_control_flow : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -777,7 +716,6 @@ module Rewrite_control_flow : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Rewrite_control_flow (ExpectedFA) @@ -789,8 +727,6 @@ module Rewrite_control_flow : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -804,7 +740,6 @@ module Rewrite_control_flow : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Rewrite_local_self : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -814,7 +749,6 @@ module Rewrite_local_self : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Rewrite_local_self (ExpectedFA) @@ -826,8 +760,6 @@ module Rewrite_local_self : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -841,7 +773,6 @@ module Rewrite_local_self : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Simplify_hoisting : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -851,7 +782,6 @@ module Simplify_hoisting : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Simplify_hoisting (ExpectedFA) @@ -863,8 +793,6 @@ module Simplify_hoisting : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -878,7 +806,6 @@ module Simplify_hoisting : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Simplify_match_return : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -888,7 +815,6 @@ module Simplify_match_return : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Simplify_match_return (ExpectedFA) @@ -900,8 +826,6 @@ module Simplify_match_return : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -915,7 +839,6 @@ module Simplify_match_return : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Simplify_question_marks : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -925,7 +848,6 @@ module Simplify_question_marks : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Simplify_question_marks (ExpectedFA) @@ -937,8 +859,6 @@ module Simplify_question_marks : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -952,7 +872,6 @@ module Simplify_question_marks : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Sort_items : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -962,7 +881,6 @@ module Sort_items : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Sort_items (ExpectedFA) @@ -974,8 +892,6 @@ module Sort_items : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -989,7 +905,6 @@ module Sort_items : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Specialize : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -999,7 +914,6 @@ module Specialize : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Specialize (ExpectedFA) @@ -1011,8 +925,6 @@ module Specialize : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -1026,7 +938,6 @@ module Specialize : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Traits_specs : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1036,7 +947,6 @@ module Traits_specs : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Traits_specs (ExpectedFA) @@ -1048,8 +958,6 @@ module Traits_specs : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -1063,7 +971,6 @@ module Traits_specs : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Transform_hax_lib_inline : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1073,7 +980,6 @@ module Transform_hax_lib_inline : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Transform_hax_lib_inline (ExpectedFA) @@ -1085,8 +991,6 @@ module Transform_hax_lib_inline : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -1100,7 +1004,6 @@ module Transform_hax_lib_inline : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Trivialize_assign_lhs : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1110,7 +1013,6 @@ module Trivialize_assign_lhs : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phases.Trivialize_assign_lhs (ExpectedFA) @@ -1122,8 +1024,6 @@ module Trivialize_assign_lhs : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -1137,7 +1037,6 @@ module Trivialize_assign_lhs : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reject_arbitrary_lhs : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1147,7 +1046,6 @@ module Reject_arbitrary_lhs : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phase_reject.Arbitrary_lhs (ExpectedFA) @@ -1159,8 +1057,6 @@ module Reject_arbitrary_lhs : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -1174,7 +1070,6 @@ module Reject_arbitrary_lhs : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reject_continue : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1184,7 +1079,6 @@ module Reject_continue : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phase_reject.Continue (ExpectedFA) @@ -1196,8 +1090,6 @@ module Reject_continue : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -1211,7 +1103,6 @@ module Reject_continue : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reject_question_mark : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1221,7 +1112,6 @@ module Reject_question_mark : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phase_reject.Question_mark (ExpectedFA) @@ -1233,8 +1123,6 @@ module Reject_question_mark : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -1248,7 +1136,6 @@ module Reject_question_mark : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reject_raw_or_mut_pointer : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1258,7 +1145,6 @@ module Reject_raw_or_mut_pointer : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phase_reject.RawOrMutPointer (ExpectedFA) @@ -1270,8 +1156,6 @@ module Reject_raw_or_mut_pointer : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -1285,7 +1169,6 @@ module Reject_raw_or_mut_pointer : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reject_early_exit : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1295,7 +1178,6 @@ module Reject_early_exit : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phase_reject.EarlyExit (ExpectedFA) @@ -1307,8 +1189,6 @@ module Reject_early_exit : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -1322,7 +1202,6 @@ module Reject_early_exit : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reject_as_pattern : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1332,7 +1211,6 @@ module Reject_as_pattern : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phase_reject.As_pattern (ExpectedFA) @@ -1344,8 +1222,6 @@ module Reject_as_pattern : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -1359,7 +1235,6 @@ module Reject_as_pattern : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reject_dyn : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1369,7 +1244,6 @@ module Reject_dyn : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phase_reject.Dyn (ExpectedFA) @@ -1381,8 +1255,6 @@ module Reject_dyn : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -1396,7 +1268,6 @@ module Reject_dyn : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reject_trait_item_default : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1406,7 +1277,6 @@ module Reject_trait_item_default : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phase_reject.Trait_item_default (ExpectedFA) @@ -1418,8 +1288,6 @@ module Reject_trait_item_default : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -1433,7 +1301,6 @@ module Reject_trait_item_default : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Reject_unsafe : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1443,7 +1310,6 @@ module Reject_unsafe : PHASE_FULL = struct module ExpectedFA = struct open Features include On - end module Phase = Phase_reject.Unsafe (ExpectedFA) @@ -1455,8 +1321,6 @@ module Reject_unsafe : PHASE_FULL = struct module B = ExpectedFA include Feature_gate.DefaultSubtype - - let metadata = Phase_reject.make_metadata (CoercionForUntypedPhase @@ -1470,7 +1334,6 @@ module Reject_unsafe : PHASE_FULL = struct List.map ~f:Coerce.ditem >> List.concat >> Phase.ditems >> to_full_ast end - module Hoist_side_effects : PHASE_FULL = struct module FA = Features.Full module FB = Features.Full @@ -1481,7 +1344,7 @@ module Hoist_side_effects : PHASE_FULL = struct open Features include On include Off.Monadic_binding -include Off.For_index_loop + include Off.For_index_loop end module Phase = Side_effect_utils.Hoist (ExpectedFA) @@ -1494,7 +1357,7 @@ include Off.For_index_loop include Feature_gate.DefaultSubtype let monadic_binding = reject -let for_index_loop = reject + let for_index_loop = reject let metadata = Phase_reject.make_metadata @@ -1516,48 +1379,193 @@ let direct_and_mut : (module PHASE_FULL) = (module Direct_and_mut) let drop_blocks : (module PHASE_FULL) = (module Drop_blocks) let drop_match_guards : (module PHASE_FULL) = (module Drop_match_guards) let drop_references : (module PHASE_FULL) = (module Drop_references) -let drop_return_break_continue : (module PHASE_FULL) = (module Drop_return_break_continue) + +let drop_return_break_continue : (module PHASE_FULL) = + (module Drop_return_break_continue) + let drop_sized_trait : (module PHASE_FULL) = (module Drop_sized_trait) let functionalize_loops : (module PHASE_FULL) = (module Functionalize_loops) -let hoist_disjunctive_patterns : (module PHASE_FULL) = (module Hoist_disjunctive_patterns) + +let hoist_disjunctive_patterns : (module PHASE_FULL) = + (module Hoist_disjunctive_patterns) + let local_mutation : (module PHASE_FULL) = (module Local_mutation) let newtype_as_refinement : (module PHASE_FULL) = (module Newtype_as_refinement) let reconstruct_asserts : (module PHASE_FULL) = (module Reconstruct_asserts) -let reconstruct_for_index_loops : (module PHASE_FULL) = (module Reconstruct_for_index_loops) + +let reconstruct_for_index_loops : (module PHASE_FULL) = + (module Reconstruct_for_index_loops) + let reconstruct_for_loops : (module PHASE_FULL) = (module Reconstruct_for_loops) -let reconstruct_question_marks : (module PHASE_FULL) = (module Reconstruct_question_marks) -let reconstruct_while_loops : (module PHASE_FULL) = (module Reconstruct_while_loops) + +let reconstruct_question_marks : (module PHASE_FULL) = + (module Reconstruct_question_marks) + +let reconstruct_while_loops : (module PHASE_FULL) = + (module Reconstruct_while_loops) + let reorder_fields : (module PHASE_FULL) = (module Reorder_fields) let rewrite_control_flow : (module PHASE_FULL) = (module Rewrite_control_flow) let rewrite_local_self : (module PHASE_FULL) = (module Rewrite_local_self) let simplify_hoisting : (module PHASE_FULL) = (module Simplify_hoisting) let simplify_match_return : (module PHASE_FULL) = (module Simplify_match_return) -let simplify_question_marks : (module PHASE_FULL) = (module Simplify_question_marks) + +let simplify_question_marks : (module PHASE_FULL) = + (module Simplify_question_marks) + let sort_items : (module PHASE_FULL) = (module Sort_items) let specialize : (module PHASE_FULL) = (module Specialize) let traits_specs : (module PHASE_FULL) = (module Traits_specs) -let transform_hax_lib_inline : (module PHASE_FULL) = (module Transform_hax_lib_inline) + +let transform_hax_lib_inline : (module PHASE_FULL) = + (module Transform_hax_lib_inline) + let trivialize_assign_lhs : (module PHASE_FULL) = (module Trivialize_assign_lhs) let reject_arbitrary_lhs : (module PHASE_FULL) = (module Reject_arbitrary_lhs) let reject_continue : (module PHASE_FULL) = (module Reject_continue) let reject_question_mark : (module PHASE_FULL) = (module Reject_question_mark) -let reject_raw_or_mut_pointer : (module PHASE_FULL) = (module Reject_raw_or_mut_pointer) + +let reject_raw_or_mut_pointer : (module PHASE_FULL) = + (module Reject_raw_or_mut_pointer) + let reject_early_exit : (module PHASE_FULL) = (module Reject_early_exit) let reject_as_pattern : (module PHASE_FULL) = (module Reject_as_pattern) let reject_dyn : (module PHASE_FULL) = (module Reject_dyn) -let reject_trait_item_default : (module PHASE_FULL) = (module Reject_trait_item_default) + +let reject_trait_item_default : (module PHASE_FULL) = + (module Reject_trait_item_default) + let reject_unsafe : (module PHASE_FULL) = (module Reject_unsafe) let hoist_side_effects : (module PHASE_FULL) = (module Hoist_side_effects) -let phases_list : (module PHASE_FULL) list = [and_mut_defsite;bundle_cycles;cf_into_monads;direct_and_mut;drop_blocks;drop_match_guards;drop_references;drop_return_break_continue;drop_sized_trait;functionalize_loops;hoist_disjunctive_patterns;local_mutation;newtype_as_refinement;reconstruct_asserts;reconstruct_for_index_loops;reconstruct_for_loops;reconstruct_question_marks;reconstruct_while_loops;reorder_fields;rewrite_control_flow;rewrite_local_self;simplify_hoisting;simplify_match_return;simplify_question_marks;sort_items;specialize;traits_specs;transform_hax_lib_inline;trivialize_assign_lhs;reject_arbitrary_lhs;reject_continue;reject_question_mark;reject_raw_or_mut_pointer;reject_early_exit;reject_as_pattern;reject_dyn;reject_trait_item_default;reject_unsafe;hoist_side_effects] - -let phase_of_name: string -> (module PHASE_FULL) option = - function - | "and_mut_defsite" -> Some and_mut_defsite| "bundle_cycles" -> Some bundle_cycles| "cf_into_monads" -> Some cf_into_monads| "direct_and_mut" -> Some direct_and_mut| "drop_blocks" -> Some drop_blocks| "drop_match_guards" -> Some drop_match_guards| "drop_references" -> Some drop_references| "drop_return_break_continue" -> Some drop_return_break_continue| "drop_sized_trait" -> Some drop_sized_trait| "functionalize_loops" -> Some functionalize_loops| "hoist_disjunctive_patterns" -> Some hoist_disjunctive_patterns| "local_mutation" -> Some local_mutation| "newtype_as_refinement" -> Some newtype_as_refinement| "reconstruct_asserts" -> Some reconstruct_asserts| "reconstruct_for_index_loops" -> Some reconstruct_for_index_loops| "reconstruct_for_loops" -> Some reconstruct_for_loops| "reconstruct_question_marks" -> Some reconstruct_question_marks| "reconstruct_while_loops" -> Some reconstruct_while_loops| "reorder_fields" -> Some reorder_fields| "rewrite_control_flow" -> Some rewrite_control_flow| "rewrite_local_self" -> Some rewrite_local_self| "simplify_hoisting" -> Some simplify_hoisting| "simplify_match_return" -> Some simplify_match_return| "simplify_question_marks" -> Some simplify_question_marks| "sort_items" -> Some sort_items| "specialize" -> Some specialize| "traits_specs" -> Some traits_specs| "transform_hax_lib_inline" -> Some transform_hax_lib_inline| "trivialize_assign_lhs" -> Some trivialize_assign_lhs| "reject_arbitrary_lhs" -> Some reject_arbitrary_lhs| "reject_continue" -> Some reject_continue| "reject_question_mark" -> Some reject_question_mark| "reject_raw_or_mut_pointer" -> Some reject_raw_or_mut_pointer| "reject_early_exit" -> Some reject_early_exit| "reject_as_pattern" -> Some reject_as_pattern| "reject_dyn" -> Some reject_dyn| "reject_trait_item_default" -> Some reject_trait_item_default| "reject_unsafe" -> Some reject_unsafe| "hoist_side_effects" -> Some hoist_side_effects - | _ -> None -let phases: string list = ["and_mut_defsite";"bundle_cycles";"cf_into_monads";"direct_and_mut";"drop_blocks";"drop_match_guards";"drop_references";"drop_return_break_continue";"drop_sized_trait";"functionalize_loops";"hoist_disjunctive_patterns";"local_mutation";"newtype_as_refinement";"reconstruct_asserts";"reconstruct_for_index_loops";"reconstruct_for_loops";"reconstruct_question_marks";"reconstruct_while_loops";"reorder_fields";"rewrite_control_flow";"rewrite_local_self";"simplify_hoisting";"simplify_match_return";"simplify_question_marks";"sort_items";"specialize";"traits_specs";"transform_hax_lib_inline";"trivialize_assign_lhs";"reject_arbitrary_lhs";"reject_continue";"reject_question_mark";"reject_raw_or_mut_pointer";"reject_early_exit";"reject_as_pattern";"reject_dyn";"reject_trait_item_default";"reject_unsafe";"hoist_side_effects"] +let phases_list : (module PHASE_FULL) list = + [ + and_mut_defsite; + bundle_cycles; + cf_into_monads; + direct_and_mut; + drop_blocks; + drop_match_guards; + drop_references; + drop_return_break_continue; + drop_sized_trait; + functionalize_loops; + hoist_disjunctive_patterns; + local_mutation; + newtype_as_refinement; + reconstruct_asserts; + reconstruct_for_index_loops; + reconstruct_for_loops; + reconstruct_question_marks; + reconstruct_while_loops; + reorder_fields; + rewrite_control_flow; + rewrite_local_self; + simplify_hoisting; + simplify_match_return; + simplify_question_marks; + sort_items; + specialize; + traits_specs; + transform_hax_lib_inline; + trivialize_assign_lhs; + reject_arbitrary_lhs; + reject_continue; + reject_question_mark; + reject_raw_or_mut_pointer; + reject_early_exit; + reject_as_pattern; + reject_dyn; + reject_trait_item_default; + reject_unsafe; + hoist_side_effects; + ] + +let phase_of_name : string -> (module PHASE_FULL) option = function + | "and_mut_defsite" -> Some and_mut_defsite + | "bundle_cycles" -> Some bundle_cycles + | "cf_into_monads" -> Some cf_into_monads + | "direct_and_mut" -> Some direct_and_mut + | "drop_blocks" -> Some drop_blocks + | "drop_match_guards" -> Some drop_match_guards + | "drop_references" -> Some drop_references + | "drop_return_break_continue" -> Some drop_return_break_continue + | "drop_sized_trait" -> Some drop_sized_trait + | "functionalize_loops" -> Some functionalize_loops + | "hoist_disjunctive_patterns" -> Some hoist_disjunctive_patterns + | "local_mutation" -> Some local_mutation + | "newtype_as_refinement" -> Some newtype_as_refinement + | "reconstruct_asserts" -> Some reconstruct_asserts + | "reconstruct_for_index_loops" -> Some reconstruct_for_index_loops + | "reconstruct_for_loops" -> Some reconstruct_for_loops + | "reconstruct_question_marks" -> Some reconstruct_question_marks + | "reconstruct_while_loops" -> Some reconstruct_while_loops + | "reorder_fields" -> Some reorder_fields + | "rewrite_control_flow" -> Some rewrite_control_flow + | "rewrite_local_self" -> Some rewrite_local_self + | "simplify_hoisting" -> Some simplify_hoisting + | "simplify_match_return" -> Some simplify_match_return + | "simplify_question_marks" -> Some simplify_question_marks + | "sort_items" -> Some sort_items + | "specialize" -> Some specialize + | "traits_specs" -> Some traits_specs + | "transform_hax_lib_inline" -> Some transform_hax_lib_inline + | "trivialize_assign_lhs" -> Some trivialize_assign_lhs + | "reject_arbitrary_lhs" -> Some reject_arbitrary_lhs + | "reject_continue" -> Some reject_continue + | "reject_question_mark" -> Some reject_question_mark + | "reject_raw_or_mut_pointer" -> Some reject_raw_or_mut_pointer + | "reject_early_exit" -> Some reject_early_exit + | "reject_as_pattern" -> Some reject_as_pattern + | "reject_dyn" -> Some reject_dyn + | "reject_trait_item_default" -> Some reject_trait_item_default + | "reject_unsafe" -> Some reject_unsafe + | "hoist_side_effects" -> Some hoist_side_effects + | _ -> None + +let phases : string list = + [ + "and_mut_defsite"; + "bundle_cycles"; + "cf_into_monads"; + "direct_and_mut"; + "drop_blocks"; + "drop_match_guards"; + "drop_references"; + "drop_return_break_continue"; + "drop_sized_trait"; + "functionalize_loops"; + "hoist_disjunctive_patterns"; + "local_mutation"; + "newtype_as_refinement"; + "reconstruct_asserts"; + "reconstruct_for_index_loops"; + "reconstruct_for_loops"; + "reconstruct_question_marks"; + "reconstruct_while_loops"; + "reorder_fields"; + "rewrite_control_flow"; + "rewrite_local_self"; + "simplify_hoisting"; + "simplify_match_return"; + "simplify_question_marks"; + "sort_items"; + "specialize"; + "traits_specs"; + "transform_hax_lib_inline"; + "trivialize_assign_lhs"; + "reject_arbitrary_lhs"; + "reject_continue"; + "reject_question_mark"; + "reject_raw_or_mut_pointer"; + "reject_early_exit"; + "reject_as_pattern"; + "reject_dyn"; + "reject_trait_item_default"; + "reject_unsafe"; + "hoist_side_effects"; + ] (* and_mut_defsite, bundle_cycles, cf_into_monads, direct_and_mut, drop_blocks, drop_match_guards, drop_references, drop_return_break_continue, drop_sized_trait, functionalize_loops, hoist_disjunctive_patterns, local_mutation, newtype_as_refinement, reconstruct_asserts, reconstruct_for_index_loops, reconstruct_for_loops, reconstruct_question_marks, reconstruct_while_loops, reorder_fields, rewrite_control_flow, rewrite_local_self, simplify_hoisting, simplify_match_return, simplify_question_marks, sort_items, specialize, traits_specs, transform_hax_lib_inline, trivialize_assign_lhs, reject_arbitrary_lhs, reject_continue, reject_question_mark, reject_raw_or_mut_pointer, reject_early_exit, reject_as_pattern, reject_dyn, reject_trait_item_default, reject_unsafe, hoist_side_effects *) -