• Top
  • Documentation
  • Books
  • Boolean-reasoning
  • Projects
  • Debugging
  • Std
  • Proof-automation
  • Macro-libraries
  • ACL2
  • Interfacing-tools
  • Hardware-verification
  • Software-verification
    • Kestrel-books
      • Crypto-hdwallet
      • Apt
      • Error-checking
      • Fty-extensions
      • Isar
      • Kestrel-utilities
      • Soft
      • Bv
      • Imp-language
      • C
        • Syntax-for-tools
          • Disambiguator
          • Abstract-syntax
          • Parser
          • Validator
            • Valid-exprs/decls/stmts
            • Type
            • Valid-stmt
            • Valid-expr
            • Valid-dirdeclor
            • Valid-transunit
            • Valid-stor-spec-list
            • Valid-unary
            • Valid-initdeclor
            • Valid-fundef
            • Valid-binary
            • Valid-type-spec
            • Valid-lookup-ord
            • Valid-type-spec-list-residual
            • Type-uaconvert-signed-unsigned
            • Valid-declor
            • Valid-cond
            • Type-uaconvert
            • Valid-transunit-ensemble
            • Valid-c-char
            • Valid-ord-info
            • Valid-initer
            • Valid-iconst
            • Valid-stringlit-list
            • Valid-funcall
            • Valid-add-ord
            • Lifetime
            • Valid-arrsub
            • Type-promote
            • Valid-univ-char-name
            • Valid-cast
            • Valid-add-ord-file-scope
            • Valid-spec/qual
            • Valid-sizeof/alignof
            • Valid-memberp
            • Valid-extdecl
            • Valid-decl-spec
            • Valid-paramdecl
            • Valid-oct-escape
            • Valid-extdecl-list
            • Valid-structdeclor
            • Valid-structdecl
            • Valid-designor
            • Valid-defstatus
            • Valid-escape
            • Valid-enum-const
            • Valid-var
            • Valid-table
            • Valid-s-char
            • Valid-ord-info-option
            • Valid-dec/oct/hex-const
            • Valid-cconst
            • Valid-gensel
            • Linkage-option
            • Lifetime-option
            • Valid-decl-spec-list
            • Type-option
            • Linkage
            • Valid-lookup-ord-file-scope
            • Valid-member
            • Valid-scope
            • Type-uaconvert-unsigned
            • Valid-const
            • Type-uaconvert-signed
            • Valid-paramdeclor
            • Valid-spec/qual-list
            • Valid-fconst
            • Valid-stringlit
            • Valid-s-char-list
            • Valid-c-char-list
            • Valid-block-item
            • Valid-structdeclor-list
            • Valid-simple-escape
            • Valid-pop-scope
            • Valid-align-spec
            • Valid-enumer
            • Valid-dirabsdeclor
            • Valid-decl
            • Valid-enumspec
            • Valid-declor-option
            • Valid-push-scope
            • Valid-initer-option
            • Valid-block-item-list
            • Valid-absdeclor
            • Type-unsigned-integerp
            • Type-fpconvert
            • Valid-label
            • Valid-genassoc
            • Type-signed-integerp
            • Type-promotedp
            • Type-arithmeticp
            • Type-apconvert
            • Valid-tyname
            • Valid-strunispec
            • Valid-structdecl-list
            • Valid-ord-scope
            • Valid-genassoc-list
            • Valid-dirabsdeclor-option
            • Valid-designor-list
            • Valid-const-expr
            • Type-standard-unsigned-integerp
            • Type-standard-signed-integerp
            • Type-aggregatep
            • Valid-initdeclor-list
            • Valid-desiniter-list
            • Valid-absdeclor-option
            • Valid-table-num-scopes
            • Valid-expr-list
            • Type-standard-integerp
            • Type-real-floatingp
            • Valid-paramdecl-list
            • Valid-desiniter
            • Valid-const-expr-option
            • Type-integerp
            • Type-floatingp
            • Type-complexp
            • Type-characterp
            • Type-basicp
            • Valid-expr-option
            • Type-scalarp
            • Type-realp
            • Valid-statassert
            • Valid-enumer-list
            • Valid-init-table
            • Valid-empty-scope
            • Valid-member-designor
            • Valid-decl-list
            • Irr-valid-table
            • Valid-scope-list
            • Type-set
            • Type-option-type-alist
            • Irr-linkage
            • Irr-lifetime
            • Type-list
            • Irr-type
          • Printer
          • Formalized-subset
          • Mapping-to-language-definition
          • Defpred
          • Output-files
          • Input-files
          • Abstract-syntax-operations
          • Implementation-environments
          • Concrete-syntax
          • Unambiguity
          • Preprocessing
          • Abstraction-mapping
          • Annotation
        • Atc
        • Language
        • Representation
        • Transformation-tools
        • Pack
      • Event-macros
      • Java
      • Bitcoin
      • Ethereum
      • Yul
      • Zcash
      • ACL2-programming-language
      • Prime-fields
      • Json
      • Syntheto
      • File-io-light
      • Number-theory
      • Cryptography
      • Lists-light
      • Builtins
      • Axe
      • Solidity
      • Helpers
      • Htclient
      • Typed-lists-light
      • Arithmetic-light
    • X86isa
    • Axe
    • Execloader
  • Math
  • Testing-utilities

• Validator

Valid-unary

Validate a unary expression, given the type of the sub-expression.

Signature

(valid-unary expr op type-arg ienv) → (mv erp type)

Arguments

expr — Guard (exprp expr).

op — Guard (unopp op).

type-arg — Guard (typep type-arg).

ienv — Guard (ienvp ienv).

Returns

type — Type (typep type).

The & operator requires an lvalue of any type as operand [C:6.5.3.2/1] [C:6.5.3.2/3], but we are not yet distinguishing lvalues from non-lvalues, so we allow any type of operand, and we return the (one) pointer type.

The * unary operator requires an operand of a pointer type [C:6.5.3.2/2], after array-to-pointer and function-to-pointer conversions; as always, we also need to allow the unknown type. Since we only have one type for pointers for now, the resulting type is unknown.

The + and - unary operators require an operand of an arithmetic type [C:6.5.3.3/1], and the result has the promoted type [C:6.5.3.3/2]. There is no need for array-to-pointer and function-to-pointer conversions, because they never result in arithmetic types.

The ~ operator requires an operand of an integer type [C:6.5.3.3/1], and the result has the promoted type [C:.6.5.3.3/4]. There is no need for array-to-pointer and function-to-pointer conversions, because they never result in arithmetic types.

The ! operator requires an operand of a scalar type [C:6.5.3.3/1], and result is always signed int [C:6.5.3.3/5]. Since pointers may be involved, we perform array-to-pointer and function-to-pointer conversions.

The sizeof operator applied to an expression requires a non-function complete type [C:6.5.3.4/1]. In our current approximate type system, we just exclude function types, but we do not have a notion of complete types yet. The result has type size_t [C:6.5.3.4/5], whose definition is implementation-defined, so for now we just return the unknown type; we will need to extend implementation environments with information about the definition of size_t.

The ++ pre-increment and -- pre-decrement operators require a real or pointer operand [C:6.5.3.1/1]. Since these expressions are equivalent to assignments [C:6.5.3.1/2] [C:6.5.3.1/3], the type of the result must be the type of the operand. We do not perform array-to-pointer or function-to-pointer conversions, because those result in pointers, not lvalues as required [C:6.5.3.1/1].

The ++ post-increment and -- post-decrement operators require a real or pointer operand [C:6.5.2.4/1]. The type of the result is the same as the operand [C:6.5.2.4/2] [C:6.5.2.4/3]. We do not perform array-to-pointer or function-to-pointer conversions, because those result in pointers, not lvalues as required [C:6.5.2.4/1].

Definitions and Theorems

Function: valid-unary

(defun valid-unary (expr op type-arg ienv)
 (declare (xargs :guard (and (exprp expr)
                             (unopp op)
                             (typep type-arg)
                             (ienvp ienv))))
 (declare (xargs :guard (expr-case expr :unary)))
 (let ((__function__ 'valid-unary))
  (declare (ignorable __function__))
  (b*
   (((reterr) (irr-type))
    ((when (type-case type-arg :unknown))
     (retok (type-unknown)))
    (msg
     (msg
      "In the unary expression ~x0, ~
                  the sub-expression has type ~x1."
      (expr-fix expr)
      (type-fix type-arg))))
   (case (unop-kind op)
     (:address (retok (type-pointer)))
     (:indir (b* ((type (type-fpconvert (type-apconvert type-arg)))
                  ((unless (type-case type :pointer))
                   (reterr msg)))
               (retok (type-unknown))))
     ((:plus :minus)
      (b* (((unless (type-arithmeticp type-arg))
            (reterr msg)))
        (retok (type-promote type-arg ienv))))
     (:bitnot (b* (((unless (type-integerp type-arg))
                    (reterr msg)))
                (retok (type-promote type-arg ienv))))
     (:lognot (b* ((type (type-fpconvert (type-apconvert type-arg)))
                   ((unless (type-scalarp type))
                    (reterr msg)))
                (retok (type-sint))))
     ((:preinc :predec :postinc :postdec)
      (b* (((unless (or (type-realp type-arg)
                        (type-case type-arg :pointer)))
            (reterr msg)))
        (retok (type-fix type-arg))))
     (:sizeof (b* (((when (type-case type-arg :function))
                    (reterr msg)))
                (retok (type-unknown))))
     (t (prog2$ (impossible) (reterr t)))))))

Theorem: typep-of-valid-unary.type

(defthm typep-of-valid-unary.type
  (b* (((mv acl2::?erp ?type)
        (valid-unary expr op type-arg ienv)))
    (typep type))
  :rule-classes :rewrite)

Theorem: valid-unary-of-expr-fix-expr

(defthm valid-unary-of-expr-fix-expr
  (equal (valid-unary (expr-fix expr)
                      op type-arg ienv)
         (valid-unary expr op type-arg ienv)))

Theorem: valid-unary-expr-equiv-congruence-on-expr

(defthm valid-unary-expr-equiv-congruence-on-expr
  (implies (expr-equiv expr expr-equiv)
           (equal (valid-unary expr op type-arg ienv)
                  (valid-unary expr-equiv op type-arg ienv)))
  :rule-classes :congruence)

Theorem: valid-unary-of-unop-fix-op

(defthm valid-unary-of-unop-fix-op
  (equal (valid-unary expr (unop-fix op)
                      type-arg ienv)
         (valid-unary expr op type-arg ienv)))

Theorem: valid-unary-unop-equiv-congruence-on-op

(defthm valid-unary-unop-equiv-congruence-on-op
  (implies (unop-equiv op op-equiv)
           (equal (valid-unary expr op type-arg ienv)
                  (valid-unary expr op-equiv type-arg ienv)))
  :rule-classes :congruence)

Theorem: valid-unary-of-type-fix-type-arg

(defthm valid-unary-of-type-fix-type-arg
  (equal (valid-unary expr op (type-fix type-arg)
                      ienv)
         (valid-unary expr op type-arg ienv)))

Theorem: valid-unary-type-equiv-congruence-on-type-arg

(defthm valid-unary-type-equiv-congruence-on-type-arg
  (implies (type-equiv type-arg type-arg-equiv)
           (equal (valid-unary expr op type-arg ienv)
                  (valid-unary expr op type-arg-equiv ienv)))
  :rule-classes :congruence)

Theorem: valid-unary-of-ienv-fix-ienv

(defthm valid-unary-of-ienv-fix-ienv
  (equal (valid-unary expr op type-arg (ienv-fix ienv))
         (valid-unary expr op type-arg ienv)))

Theorem: valid-unary-ienv-equiv-congruence-on-ienv

(defthm valid-unary-ienv-equiv-congruence-on-ienv
  (implies (ienv-equiv ienv ienv-equiv)
           (equal (valid-unary expr op type-arg ienv)
                  (valid-unary expr op type-arg ienv-equiv)))
  :rule-classes :congruence)