• Top
  • Documentation
  • Books
  • Boolean-reasoning
  • Projects
    • Apt
    • Acre
    • Milawa
    • Smtlink
    • Aleobft
    • Abnf
    • Vwsim
    • Isar
    • Wp-gen
    • Dimacs-reader
    • Pfcs
    • Legacy-defrstobj
    • Proof-checker-array
    • Soft
    • Farray
    • Rp-rewriter
    • Instant-runoff-voting
    • Imp-language
    • Sidekick
    • Leftist-trees
    • C
    • Java
    • Taspi
    • Bitcoin
    • Des
    • Ethereum
    • X86isa
    • Sha-2
    • Yul
    • Riscv
    • Zcash
    • Proof-checker-itp13
    • Regex
    • ACL2-programming-language
    • Json
    • Jfkr
    • Equational
    • Cryptography
    • Poseidon
    • Where-do-i-place-my-book
    • Bigmems
    • Builtins
    • Axe
    • Execloader
    • Solidity
      • Values
        • Integer-values
          • Integer-operations
            • Def-uint/int-binary-op
            • Def-uint/int-unary-op
            • Def-uint/int-comparison
            • Uint-mod
            • Uint-div
            • Uint-shr
            • Uint-shl
            • Int-mod
            • Int-div
            • Uint-xor
            • Uint-sub
            • Uint-mul
            • Uint-ior
            • Uint-exp
            • Uint-and
            • Uint-add
            • Int-xor
            • Int-sub
            • Int-mul
            • Int-ior
            • Int-and
            • Int-add
            • Uint-le
            • Uint-ge
            • Uint-ne
            • Uint-lt
            • Uint-gt
            • Uint-eq
            • Int-ne
            • Int-lt
            • Int-le
            • Int-gt
            • Int-ge
            • Int-eq
            • Uint-minus
            • Uint-not
            • Int-not
            • Int-minus
          • Bit-size
          • Uint
          • Int
        • Boolean-values
    • Leo
    • Paco
    • Concurrent-programs
  • Debugging
  • Std
  • Proof-automation
  • Macro-libraries
  • ACL2
  • Interfacing-tools
  • Hardware-verification
  • Software-verification
  • Math
  • Testing-utilities

• Integer-operations

Uint-sub

Subtraction of unsigned integer values.

Signature

(uint-sub left-operand right-operand) → result

Arguments

left-operand — Guard (uintp left-operand).

right-operand — Guard (uintp right-operand).

Returns

result — Type (uintp result).

Definitions and Theorems

Function: uint-sub

(defun uint-sub (left-operand right-operand)
  (declare (xargs :guard (and (uintp left-operand)
                              (uintp right-operand))))
  (b* ((size (uint->size left-operand))
       (x (uint->value left-operand))
       (y (uint->value right-operand)))
    (make-uint :size (uint->size left-operand)
               :value (loghead size (- x y)))))

Theorem: uintp-of-uint-sub

(defthm uintp-of-uint-sub
  (b* ((result (uint-sub left-operand right-operand)))
    (uintp result))
  :rule-classes :rewrite)

Theorem: uint-sub-of-uint-fix-left-operand

(defthm uint-sub-of-uint-fix-left-operand
  (equal (uint-sub (uint-fix left-operand)
                   right-operand)
         (uint-sub left-operand right-operand)))

Theorem: uint-sub-uint-equiv-congruence-on-left-operand

(defthm uint-sub-uint-equiv-congruence-on-left-operand
  (implies (uint-equiv left-operand left-operand-equiv)
           (equal (uint-sub left-operand right-operand)
                  (uint-sub left-operand-equiv right-operand)))
  :rule-classes :congruence)

Theorem: uint-sub-of-uint-fix-right-operand

(defthm uint-sub-of-uint-fix-right-operand
  (equal (uint-sub left-operand (uint-fix right-operand))
         (uint-sub left-operand right-operand)))

Theorem: uint-sub-uint-equiv-congruence-on-right-operand

(defthm uint-sub-uint-equiv-congruence-on-right-operand
  (implies (uint-equiv right-operand right-operand-equiv)
           (equal (uint-sub left-operand right-operand)
                  (uint-sub left-operand right-operand-equiv)))
  :rule-classes :congruence)