Skip to content

Commit

Permalink
added one more lemma: with_offset_no_wrap
Browse files Browse the repository at this point in the history
  • Loading branch information
@vzaliva
vzaliva committed May 22, 2024
1 parent 33414dc commit 8ef755d
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions theories/Morello/Capabilities.v
View file
Original file line number Diff line number Diff line change
Expand Up @@ -463,6 +463,17 @@ Module AddressValue <: PTRADDR.
destruct (Z.leb ADDR_MIN z) eqn:Hl, (Z.ltb z ADDR_LIMIT) eqn:Hu; split; try lia.
Qed.

(** When using `[with_offset]`, it does not wrap as long as the resulting address is within the range. *)
Lemma with_offset_no_wrap:
forall (v:t) (o:Z),
(Z.le ADDR_MIN (to_Z v + o) /\ Z.lt (to_Z v + o) ADDR_LIMIT) ->
to_Z (with_offset v o) = Z.add (to_Z v) o.
Proof.
intros v o H.
apply of_Z_roundtrip.
assumption.
Qed.

End AddressValue.

(** [OrderedType] for [AddressValue.t] is useful, for example, to use it
Expand Down

0 comments on commit 8ef755d

Please sign in to comment.