Skip to content

[codex] Carry nonnegative invariant for unsigned integers#168

Closed
coord-e wants to merge 1 commit into
mainfrom
codex/unsigned-nonnegative-invariant
Closed

[codex] Carry nonnegative invariant for unsigned integers#168
coord-e wants to merge 1 commit into
mainfrom
codex/unsigned-nonnegative-invariant

Conversation

@coord-e

@coord-e coord-e commented Jul 4, 2026

Copy link
Copy Markdown
Owner

Summary

  • add 0 <= x as an intrinsic refinement for unsigned integer parameters and return values
  • aggregate unsigned parameter refinements into the function/basic-block precondition
  • preserve intrinsic refinements when installing inferred or explicit basic-block preconditions
  • add a regression test for carrying x >= 0 as a u32 loop invariant

Motivation

Thrust models signed and unsigned Rust integers with the same unbounded integer sort. As a result, an unconstrained u32 was not known to be nonnegative, so a loop invariant such as x >= 0 could not be established from the Rust type.

This change keeps the unbounded-integer model while adding the selected unsigned type invariant 0 <= x. It does not model unsigned upper bounds or wrapping arithmetic.

Validation

  • cargo fmt --check
  • cargo test --lib
  • cargo test --test ui loop_invariant_unsigned with the repository solver wrapper
  • full UI suite reviewed by the repository owner

@coord-e coord-e force-pushed the codex/unsigned-nonnegative-invariant branch from 8b27e1b to 0ac88a7 Compare July 4, 2026 15:22
@coord-e coord-e closed this Jul 4, 2026
@coord-e coord-e deleted the codex/unsigned-nonnegative-invariant branch July 4, 2026 15:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant