• Top
  • Documentation
  • Books
  • Boolean-reasoning
  • Projects
  • Debugging
  • Std
    • Std/lists
    • Std/alists
    • Obags
    • Std/util
    • Std/strings
    • Std/io
    • Std/osets
    • Std/basic
    • Std/system
      • Fresh-logical-name-with-$s-suffix
      • Irrelevant-formals-info
      • Std/system/function-queries
        • Defun-sk-queries
        • Tail-recursive-p
        • Termination-theorem$
        • Unwrapped-nonexec-body+
        • Measure
        • Arity+
        • Ubody
        • Ruler-extenders+
        • Recursive-calls
        • Guard-theorem-no-simplify$
        • Well-founded-relation+
        • Unwrapped-nonexec-body
        • Measured-subset+
        • Ruler-extenders
        • Measure+
        • Number-of-results+
        • Induction-machine+
        • Non-executablep+
        • Pure-raw-p
        • Irecursivep+
        • Formals+
        • Stobjs-out+
        • Definedp+
        • Number-of-results
        • Induction-machine
        • Ubody+
        • Guard-theorem-no-simplify
        • Uguard
        • Rawp
        • Defchoose-queries
        • Uguard+
        • Stobjs-in+
        • No-stobjs-p+
        • Irecursivep
        • Well-founded-relation
        • Definedp
        • Guard-verified-p+
        • Primitivep+
        • No-stobjs-p
        • Measured-subset
        • Guard-verified-p
        • Primitivep
        • Non-executablep
        • Fundef-disabledp
        • Ibody
        • Fundef-enabledp
        • Std/system/arity
      • Std/system/term-queries
      • Std/system/term-transformations
      • Std/system/enhanced-utilities
      • Install-not-normalized-event
      • Install-not-normalized-event-lst
      • Std/system/term-function-recognizers
      • Genvar$
      • Std/system/event-name-queries
      • Pseudo-tests-and-call-listp
      • Maybe-pseudo-event-formp
      • Add-suffix-to-fn-or-const
      • Chk-irrelevant-formals-ok
      • Table-alist+
      • Pseudo-tests-and-callp
      • Add-suffix-to-fn-or-const-lst
      • Known-packages+
      • Add-suffix-to-fn-lst
      • Unquote-term
      • Event-landmark-names
      • Add-suffix-lst
      • Std/system/theorem-queries
      • Unquote-term-list
      • Std/system/macro-queries
      • Pseudo-command-landmark-listp
      • Install-not-normalized$
      • Pseudo-event-landmark-listp
      • Known-packages
      • Std/system/partition-rest-and-keyword-args
      • Rune-enabledp
      • Rune-disabledp
      • Included-books
      • Std/system/pseudo-event-formp
      • Std/system/plist-worldp-with-formals
      • Std/system/w
      • Std/system/geprops
      • Std/system/arglistp
      • Std/system/constant-queries
    • Std/typed-lists
    • Std/bitsets
    • Std/testing
    • Std/typed-alists
    • Std/stobjs
  • Proof-automation
  • Macro-libraries
  • ACL2
  • Interfacing-tools
  • Hardware-verification
  • Software-verification
  • Math
  • Testing-utilities

• Std/system/function-queries

Termination-theorem$

A logic-mode guard-verified version of the built-in termination-theorem.

Signature

(termination-theorem$ fn state) → term?

Arguments

fn — Guard (symbolp fn).

Returns

term? — Type (or (and (consp term?) (equal (car term?) :failed) (msgp (cdr term?))) (symbolp term?) (and (consp term?) (not (equal (car term?) :failed)) (pseudo-termp term?))) .

We use magic-ev-fncall to call termination-theorem, and check that the result is either a term or a pair (:failed . msg) where msg is an error message. We check the returned value, so that we can have a return type theorem. Hard errors happening in termination-theorem are not suppressed, i.e. cause termination-theorem$ to stop with those hard errors. If magic-ev-fncall fails, or if the result is not a symbol, we also stop with hard errors.

Compared to termination-theorem, this utility requires a state argument. It may also be slightly less efficient due the magic-ev-fncall overhead. However, it can be used in logic-mode guard-verified code that follows a statically typed discipline.

Definitions and Theorems

Function: termination-theorem$

(defun termination-theorem$ (fn state)
  (declare (xargs :stobjs (state)))
  (declare (xargs :guard (symbolp fn)))
  (declare (xargs :guard (and (function-symbolp fn (w state))
                              (logicp fn (w state)))))
  (let ((__function__ 'termination-theorem$))
    (declare (ignorable __function__))
    (b* (((mv erp term?)
          (magic-ev-fncall 'termination-theorem
                           (list fn (w state))
                           state nil t))
         ((when erp)
          (raise "Internal error: ~@0" term?)
          (cons :failed ""))
         ((unless (and (consp term?)
                       (or (and (equal (car term?) :failed)
                                (msgp (cdr term?)))
                           (and (not (equal (car term?) :failed))
                                (pseudo-termp term?)))))
          (raise "Internal error: ~x0 is malformed."
                 term?)
          (cons :failed "")))
      term?)))

Theorem: return-type-of-termination-theorem$

(defthm return-type-of-termination-theorem$
  (b* ((term? (termination-theorem$ fn state)))
    (or (and (consp term?)
             (equal (car term?) :failed)
             (msgp (cdr term?)))
        (symbolp term?)
        (and (consp term?)
             (not (equal (car term?) :failed))
             (pseudo-termp term?))))
  :rule-classes :rewrite)

Theorem: consp-of-termination-theorem$

(defthm consp-of-termination-theorem$
  (b* ((term? (termination-theorem$ fn state)))
    (consp term?))
  :rule-classes :type-prescription)

Theorem: msgp-of-termination-theorem-when-failed

(defthm msgp-of-termination-theorem-when-failed
  (b* ((?term? (termination-theorem$ fn state)))
    (implies (equal (car term?) :failed)
             (msgp (cdr term?)))))

Theorem: msgp-of-termination-theorem-when-not-failed

(defthm msgp-of-termination-theorem-when-not-failed
  (b* ((?term? (termination-theorem$ fn state)))
    (implies (not (equal (car term?) :failed))
             (pseudo-termp term?))))