|
|
|---|
|
|
|
|---|
Leo integer subtraction operation.
(op-int-sub left right) → result
Function:
(defun op-int-sub (left right) (declare (xargs :guard (and (int-valuep left) (int-valuep right)))) (let ((__function__ 'op-int-sub)) (declare (ignorable __function__)) (b* ((err (reserrf (list :op-int-sub (value-fix left) (value-fix right))))) (cond ((and (value-case left :u8) (value-case right :u8)) (b* ((res (- (value-u8->get left) (value-u8->get right)))) (if (ubyte8p res) (value-u8 res) err))) ((and (value-case left :u16) (value-case right :u16)) (b* ((res (- (value-u16->get left) (value-u16->get right)))) (if (ubyte16p res) (value-u16 res) err))) ((and (value-case left :u32) (value-case right :u32)) (b* ((res (- (value-u32->get left) (value-u32->get right)))) (if (ubyte32p res) (value-u32 res) err))) ((and (value-case left :u64) (value-case right :u64)) (b* ((res (- (value-u64->get left) (value-u64->get right)))) (if (ubyte64p res) (value-u64 res) err))) ((and (value-case left :u128) (value-case right :u128)) (b* ((res (- (value-u128->get left) (value-u128->get right)))) (if (ubyte128p res) (value-u128 res) err))) ((and (value-case left :i8) (value-case right :i8)) (b* ((res (- (value-i8->get left) (value-i8->get right)))) (if (sbyte8p res) (value-i8 res) err))) ((and (value-case left :i16) (value-case right :i16)) (b* ((res (- (value-i16->get left) (value-i16->get right)))) (if (sbyte16p res) (value-i16 res) err))) ((and (value-case left :i32) (value-case right :i32)) (b* ((res (- (value-i32->get left) (value-i32->get right)))) (if (sbyte32p res) (value-i32 res) err))) ((and (value-case left :i64) (value-case right :i64)) (b* ((res (- (value-i64->get left) (value-i64->get right)))) (if (sbyte64p res) (value-i64 res) err))) ((and (value-case left :i128) (value-case right :i128)) (b* ((res (- (value-i128->get left) (value-i128->get right)))) (if (sbyte128p res) (value-i128 res) err))) (t err)))))
Theorem:
(defthm value-resultp-of-op-int-sub (b* ((result (op-int-sub left right))) (value-resultp result)) :rule-classes :rewrite)
Theorem:
(defthm op-int-sub-of-value-fix-left (equal (op-int-sub (value-fix left) right) (op-int-sub left right)))
Theorem:
(defthm op-int-sub-value-equiv-congruence-on-left (implies (value-equiv left left-equiv) (equal (op-int-sub left right) (op-int-sub left-equiv right))) :rule-classes :congruence)
Theorem:
(defthm op-int-sub-of-value-fix-right (equal (op-int-sub left (value-fix right)) (op-int-sub left right)))
Theorem:
(defthm op-int-sub-value-equiv-congruence-on-right (implies (value-equiv right right-equiv) (equal (op-int-sub left right) (op-int-sub left right-equiv))) :rule-classes :congruence)