(rml32 lin-addr r-x x86) → (mv * * x86)
Theorem:
(defthm rb-and-rvm32 (implies (and (app-view x86) (x86p x86) (canonical-address-p lin-addr) (canonical-address-p (+ 3 lin-addr))) (equal (rvm32 lin-addr x86) (rb 4 lin-addr r-x x86))))
Function:
(defun rml32 (lin-addr r-x x86) (declare (xargs :stobjs (x86))) (declare (type (signed-byte 48) lin-addr) (type (member :r :x) r-x)) (declare (xargs :guard (canonical-address-p lin-addr))) (let ((__function__ 'rml32)) (declare (ignorable __function__)) (if (mbt (canonical-address-p lin-addr)) (let* ((3+lin-addr (the (signed-byte 49) (+ 3 (the (signed-byte 48) lin-addr))))) (if (mbe :logic (canonical-address-p 3+lin-addr) :exec (< (the (signed-byte 49) 3+lin-addr) 140737488355328)) (mbe :logic (rb 4 lin-addr r-x x86) :exec (if (app-view x86) (rvm32 lin-addr x86) (b* (((mv flag (the (unsigned-byte 52) p-addr0) x86) (la-to-pa lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) (1+lin-addr (the (signed-byte 49) (+ 1 (the (signed-byte 48) lin-addr)))) ((mv flag (the (unsigned-byte 52) p-addr1) x86) (la-to-pa 1+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) (2+lin-addr (the (signed-byte 50) (+ 2 (the (signed-byte 48) lin-addr)))) ((mv flag (the (unsigned-byte 52) p-addr2) x86) (la-to-pa 2+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) (3+lin-addr (the (signed-byte 51) (+ 3 (the (signed-byte 48) lin-addr)))) ((mv flag (the (unsigned-byte 52) p-addr3) x86) (la-to-pa 3+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) (byte0 (the (unsigned-byte 8) (memi p-addr0 x86))) (byte1 (the (unsigned-byte 8) (memi p-addr1 x86))) (byte2 (the (unsigned-byte 8) (memi p-addr2 x86))) (byte3 (the (unsigned-byte 8) (memi p-addr3 x86))) ((the (unsigned-byte 16) word1) (logior byte2 (the (unsigned-byte 16) (ash byte3 8)))) ((the (unsigned-byte 24) high-24) (logior byte1 (the (unsigned-byte 24) (ash word1 8)))) ((the (unsigned-byte 32) dword) (logior byte0 (the (unsigned-byte 32) (ash high-24 8))))) (mv nil dword x86)))) (mv 'rml32 0 x86))) (mv 'rml32 0 x86))))
Theorem:
(defthm n32p-mv-nth-1-rml32 (unsigned-byte-p 32 (mv-nth 1 (rml32 lin-addr r-x x86))) :rule-classes (:rewrite (:type-prescription :corollary (natp (mv-nth 1 (rml32 lin-addr r-x x86))) :hints (("Goal" :in-theory '(unsigned-byte-p integer-range-p natp)))) (:linear :corollary (and (<= 0 (mv-nth 1 (rml32 lin-addr r-x x86))) (< (mv-nth 1 (rml32 lin-addr r-x x86)) 4294967296)) :hints (("Goal" :in-theory '(unsigned-byte-p integer-range-p (:e expt)))))))
Theorem:
(defthm x86p-rml32 (implies (force (x86p x86)) (x86p (mv-nth 2 (rml32 lin-addr r-x x86)))) :rule-classes (:rewrite :type-prescription))
Theorem:
(defthm rml32-value-when-error (implies (mv-nth 0 (rml32 lin-addr r-x x86)) (equal (mv-nth 1 (rml32 lin-addr r-x x86)) 0)))
Theorem:
(defthm rml32-x86-unmodified-in-app-view (implies (app-view x86) (equal (mv-nth 2 (rml32 lin-addr r-x x86)) x86)))
Theorem:
(defthm xr-rml32-state-sys-view (implies (and (not (equal fld :mem)) (not (equal fld :fault)) (not (equal fld :tlb))) (equal (xr fld index (mv-nth 2 (rml32 lin-addr r-x x86))) (xr fld index x86))))
Theorem:
(defthm rml32-xw-app-view (implies (and (app-view x86) (not (equal fld :mem)) (not (equal fld :app-view))) (and (equal (mv-nth 0 (rml32 lin-addr r-x (xw fld index value x86))) (mv-nth 0 (rml32 lin-addr r-x x86))) (equal (mv-nth 1 (rml32 lin-addr r-x (xw fld index value x86))) (mv-nth 1 (rml32 lin-addr r-x x86))))))
Theorem:
(defthm rml32-xw-sys-view (implies (and (not (app-view x86)) (not (equal fld :fault)) (not (equal fld :seg-visible)) (not (equal fld :seg-hidden-base)) (not (equal fld :seg-hidden-limit)) (not (equal fld :seg-hidden-attr)) (not (equal fld :mem)) (not (equal fld :ctr)) (not (equal fld :msr)) (not (equal fld :rflags)) (not (equal fld :app-view)) (not (equal fld :marking-view)) (not (equal fld :tlb)) (not (equal fld :implicit-supervisor-access)) (member-equal fld *x86-field-names-as-keywords*)) (and (equal (mv-nth 0 (rml32 lin-addr r-x (xw fld index value x86))) (mv-nth 0 (rml32 lin-addr r-x x86))) (equal (mv-nth 1 (rml32 lin-addr r-x (xw fld index value x86))) (mv-nth 1 (rml32 lin-addr r-x x86))) (equal (mv-nth 2 (rml32 lin-addr r-x (xw fld index value x86))) (xw fld index value (mv-nth 2 (rml32 lin-addr r-x x86)))))))
Theorem:
(defthm rml32-xw-sys-view-rflags-not-ac (implies (and (not (app-view x86)) (equal (rflagsbits->ac value) (rflagsbits->ac (rflags x86)))) (and (equal (mv-nth 0 (rml32 lin-addr r-x (xw :rflags nil value x86))) (mv-nth 0 (rml32 lin-addr r-x x86))) (equal (mv-nth 1 (rml32 lin-addr r-x (xw :rflags nil value x86))) (mv-nth 1 (rml32 lin-addr r-x x86))) (equal (mv-nth 2 (rml32 lin-addr r-x (xw :rflags nil value x86))) (xw :rflags nil value (mv-nth 2 (rml32 lin-addr r-x x86)))))))