Macro loop_invariant

loop_invariant!() { /* proc-macro */ }

Expand description

Add an invariant to a loop which deals with an index. The invariant cannot refer to any variable introduced within the loop. An invariant is a closure that takes one argument, the index, and returns a proposition.

Note that loop invariants are unstable (this will be handled in a better way in the future, see https://github.com/hacspec/hax/issues/858) and only supported on specific for loops with specific iterators:

for i in start..end {...}
for i in (start..end).step_by(n) {...}
for i in slice.enumerate() {...}
for i in slice.chunks_exact(n).enumerate() {...}

This function must be called on the first line of a loop body to be effective. Note that in the invariant expression, forall, exists, and BACKEND! (BACKEND can be fstar, proverif, coq…) are in scope.

loop_invariant

Macro loop_invariant Copy item path

Macro loop_invariant