bedrock.lang.cpp.logic.z_to_bytes
(*
* Copyright (c) 2020-2021,2023 BlueRock Security, Inc.
* This software is distributed under the terms of the BedRock Open-Source License.
* See the LICENSE-BedRock file in the repository root for details.
*)
Require Import bedrock.prelude.list_numbers.
Require Export bedrock.lang.cpp.arith.z_to_bytes.
Require Import stdpp.numbers.
Require Import bedrock.lang.cpp.arith.types.
Require Import bedrock.lang.cpp.semantics.values.
Lemma N_of_nat_to_nat a b : N.of_nat a = b -> a = N.to_nat b.
Proof. intros. lia. Qed.
Section with_σ.
Context {σ : genv}.
Lemma _Z_to_bytes_has_type_prop (cnt : nat) (endianness : endian) sign (z : Z) :
List.Forall (fun (v : N) => has_type_prop (Vn v) Tbyte) (_Z_to_bytes cnt endianness sign z).
Proof.
eapply List.Forall_impl.
2: { exact: _Z_to_bytes_range. }
move => ? /= ?.
rewrite -has_int_type.
rewrite/bitsize.bound/bitsize.min_val/bitsize.max_val/=.
lia.
Qed.
Lemma _Z_from_bytes_unsigned_le_has_type_prop (sz : int_rank.t) :
forall (bytes : list N),
lengthN bytes = int_rank.bytesN sz ->
has_type_prop (_Z_from_bytes_unsigned_le bytes) (Tnum sz Unsigned).
Proof.
intros * Hlength; rewrite -has_int_type/bitsize.bound/=.
rewrite /lengthN/int_rank.bytesN in Hlength.
apply N_of_nat_to_nat in Hlength.
eapply _Z_from_bytes_unsigned_le_bound; rewrite Hlength.
destruct sz=> /=; lia.
Qed.
Lemma _Z_from_bytes_le_has_type_prop (bytes : list N) (sz : int_rank.t) (sgn : signed) :
lengthN bytes = int_rank.bytesN sz ->
has_type_prop (_Z_from_bytes_le sgn bytes) (Tnum sz sgn).
Proof.
move => Hlength. rewrite /_Z_from_bytes_le.
case_match; subst; last by apply _Z_from_bytes_unsigned_le_has_type_prop.
rewrite /lengthN /int_rank.bytesN in Hlength. apply N_of_nat_to_nat in Hlength; rewrite Hlength.
unfold operator.to_signed_bits.
rewrite bool_decide_false; last by destruct sz.
destruct sz => /=.
all: repeat (destruct bytes as [|? bytes]; simpl in Hlength; try lia; clear Hlength).
all: case_bool_decide; rewrite -has_int_type /bitsize.bound/=;
try match goal with
| |- context[Z.modulo ?a ?b] => pose proof (Z.mod_pos_bound a b ltac:(lia)); lia
end.
Qed.
Lemma _Z_from_bytes_has_type_prop :
forall (endianness : endian) (sz : int_rank.t) (sgn : signed) (bytes : list N),
lengthN bytes = int_rank.bytesN sz ->
has_type_prop (Vint (_Z_from_bytes endianness sgn bytes)) (Tnum sz sgn).
Proof.
intros * Hlength.
rewrite _Z_from_bytes_eq/_Z_from_bytes_def.
eapply _Z_from_bytes_le_has_type_prop.
case_match; auto; unfold lengthN in *; by rewrite length_rev.
Qed.
End with_σ.
* Copyright (c) 2020-2021,2023 BlueRock Security, Inc.
* This software is distributed under the terms of the BedRock Open-Source License.
* See the LICENSE-BedRock file in the repository root for details.
*)
Require Import bedrock.prelude.list_numbers.
Require Export bedrock.lang.cpp.arith.z_to_bytes.
Require Import stdpp.numbers.
Require Import bedrock.lang.cpp.arith.types.
Require Import bedrock.lang.cpp.semantics.values.
Lemma N_of_nat_to_nat a b : N.of_nat a = b -> a = N.to_nat b.
Proof. intros. lia. Qed.
Section with_σ.
Context {σ : genv}.
Lemma _Z_to_bytes_has_type_prop (cnt : nat) (endianness : endian) sign (z : Z) :
List.Forall (fun (v : N) => has_type_prop (Vn v) Tbyte) (_Z_to_bytes cnt endianness sign z).
Proof.
eapply List.Forall_impl.
2: { exact: _Z_to_bytes_range. }
move => ? /= ?.
rewrite -has_int_type.
rewrite/bitsize.bound/bitsize.min_val/bitsize.max_val/=.
lia.
Qed.
Lemma _Z_from_bytes_unsigned_le_has_type_prop (sz : int_rank.t) :
forall (bytes : list N),
lengthN bytes = int_rank.bytesN sz ->
has_type_prop (_Z_from_bytes_unsigned_le bytes) (Tnum sz Unsigned).
Proof.
intros * Hlength; rewrite -has_int_type/bitsize.bound/=.
rewrite /lengthN/int_rank.bytesN in Hlength.
apply N_of_nat_to_nat in Hlength.
eapply _Z_from_bytes_unsigned_le_bound; rewrite Hlength.
destruct sz=> /=; lia.
Qed.
Lemma _Z_from_bytes_le_has_type_prop (bytes : list N) (sz : int_rank.t) (sgn : signed) :
lengthN bytes = int_rank.bytesN sz ->
has_type_prop (_Z_from_bytes_le sgn bytes) (Tnum sz sgn).
Proof.
move => Hlength. rewrite /_Z_from_bytes_le.
case_match; subst; last by apply _Z_from_bytes_unsigned_le_has_type_prop.
rewrite /lengthN /int_rank.bytesN in Hlength. apply N_of_nat_to_nat in Hlength; rewrite Hlength.
unfold operator.to_signed_bits.
rewrite bool_decide_false; last by destruct sz.
destruct sz => /=.
all: repeat (destruct bytes as [|? bytes]; simpl in Hlength; try lia; clear Hlength).
all: case_bool_decide; rewrite -has_int_type /bitsize.bound/=;
try match goal with
| |- context[Z.modulo ?a ?b] => pose proof (Z.mod_pos_bound a b ltac:(lia)); lia
end.
Qed.
Lemma _Z_from_bytes_has_type_prop :
forall (endianness : endian) (sz : int_rank.t) (sgn : signed) (bytes : list N),
lengthN bytes = int_rank.bytesN sz ->
has_type_prop (Vint (_Z_from_bytes endianness sgn bytes)) (Tnum sz sgn).
Proof.
intros * Hlength.
rewrite _Z_from_bytes_eq/_Z_from_bytes_def.
eapply _Z_from_bytes_le_has_type_prop.
case_match; auto; unfold lengthN in *; by rewrite length_rev.
Qed.
End with_σ.