Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: BitVec.toInt_abs #6154

Open
wants to merge 9 commits into
base: master
Choose a base branch
from
Open

feat: BitVec.toInt_abs #6154

Changes from 4 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
54c8ae7
feat: BitVec.toInt_neg_eq_ite
bollu Nov 21, 2024
c53fd9f
feat: BitVec.toInt_abs
bollu Nov 21, 2024
d5d22d6
Apply suggestions from code review
bollu Nov 21, 2024
428c6f2
Update src/Init/Data/BitVec/Lemmas.lean
bollu Nov 21, 2024
2075e44
chore: address Kim comment about toInt_abs API
bollu Nov 22, 2024
6662361
feat: add lemmas that delete the (x = intMin w) side condition
bollu Nov 22, 2024
5c91d77
Update src/Init/Data/BitVec/Lemmas.lean
bollu Nov 25, 2024
3479bb6
chore: give neither version a short name
bollu Nov 26, 2024
b0ef0dc
chore: give neither version a short name
bollu Nov 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 48 additions & 0 deletions src/Init/Data/BitVec/Lemmas.lean
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3002,6 +3002,11 @@ theorem toInt_neg_of_ne_intMin {x : BitVec w} (rs : x ≠ intMin w) :
have := @Nat.two_pow_pred_mul_two w (by omega)
split <;> split <;> omega

theorem toInt_neg_eq_ite {x : BitVec w} :
bollu marked this conversation as resolved.
Show resolved Hide resolved
(-x).toInt = if x = intMin w then x.toInt else -(x.toInt) := by
by_cases hx : x = intMin w <;>
simp [hx, neg_intMin, toInt_neg_of_ne_intMin]

bollu marked this conversation as resolved.
Show resolved Hide resolved
theorem msb_intMin {w : Nat} : (intMin w).msb = decide (0 < w) := by
simp only [msb_eq_decide, toNat_intMin, decide_eq_decide]
by_cases h : 0 < w <;> simp_all
Expand Down Expand Up @@ -3131,6 +3136,49 @@ theorem getMsbD_abs {i : Nat} {x : BitVec w} :
getMsbD (x.abs) i = if x.msb then getMsbD (-x) i else getMsbD x i := by
by_cases h : x.msb <;> simp [BitVec.abs, h]

/-
The absolute value of `x : BitVec w` is naively a case split on the sign of `x`.
However, recall that when `x = intMin w`, `-x = x`.
Thus, the full value of `abs x` is computed by the case split:
- If `x : BitVec w` is `intMin`, then its absolute value is also `intMin w`, and
thus `toInt` will equal `intMin.toInt`.
- Otherwise, if `x` is negative, then `x.abs.toInt = (-x).toInt`.
- If `x` is positive, then it is equal to `x.abs.toInt = x.toInt`.
-/
theorem toInt_abs {x : BitVec w} :
x.abs.toInt =
if x = intMin w then (intMin w).toInt
else if x.msb then -x.toInt
else x.toInt := by
by_cases hx : x = intMin w
· simp [hx]
· simp [hx]
by_cases hx₂ : x.msb
· simp [hx₂, abs_eq, toInt_neg_of_ne_intMin hx]
· simp [hx₂, abs_eq]

/--
A variant of `toInt_abs` that hides the case split for `x` being positive or negative by using `natAbs`.
-/
theorem toInt_abs_eq_natAbs {x : BitVec w} : x.abs.toInt =
if x = intMin w then (intMin w).toInt else x.toInt.natAbs := by
bollu marked this conversation as resolved.
Show resolved Hide resolved
rw [toInt_abs]
by_cases hx : x = intMin w
· simp [hx]
· simp [hx]
by_cases h : x.msb
· simp only [h, ↓reduceIte]
have : x.toInt < 0 := by
rw [toInt_neg_iff]
have := msb_eq_true_iff_two_mul_ge.mp h
omega
omega
· simp only [h, Bool.false_eq_true, ↓reduceIte]
have : 0 ≤ x.toInt := by
rw [toInt_pos_iff]
exact msb_eq_false_iff_two_mul_lt.mp (by simp [h])
omega

bollu marked this conversation as resolved.
Show resolved Hide resolved
/-! ### Decidable quantifiers -/

theorem forall_zero_iff {P : BitVec 0 → Prop} :
Expand Down
Loading