• Top
    • Documentation
    • Books
    • Boolean-reasoning
    • Projects
    • Debugging
    • Std
    • Proof-automation
    • Macro-libraries
    • ACL2
    • Interfacing-tools
    • Hardware-verification
    • Software-verification
      • Kestrel-books
      • X86isa
        • Program-execution
        • Sdm-instruction-set-summary
        • Tlb
        • Running-linux
        • Introduction
        • Asmtest
        • X86isa-build-instructions
        • Publications
        • Contributors
        • Machine
          • X86isa-state
          • Syscalls
          • Cpuid
          • Linear-memory
            • Reasoning-about-memory-reads-and-writes
              • Las-to-pas
              • Rb
              • Create-canonical-address-list
              • Rb-1
                • Read-from-physical-memory
                • Write-to-physical-memory
                • Wb
                • Wb-1
                • Canonical-address-listp
              • Rml256
              • Wml512
              • Wml256
              • Rml512
              • Rml128
              • Rml80
              • Program-location
              • Rml64
              • Wml128
              • Rml48
              • Rml32
              • Rml08
              • Rml16
              • Wml80
              • Byte-listp
              • Wml64
              • Wml08
              • Wml48
              • Parametric-memory-reads-and-writes
              • Combine-n-bytes
              • Wml32
              • Program-at
              • Wml16
              • Combine-bytes
              • Write-canonical-address-to-memory-user-exec
              • Write-canonical-address-to-memory
              • Wml-size
              • Rml-size
              • Riml64
              • Riml32
              • Riml16
              • Riml08
              • Wiml64
              • Wiml32
              • Wiml16
              • Wiml08
              • Wiml-size
              • Generate-xr-over-write-thms
              • Generate-write-fn-over-xw-thms
              • Generate-read-fn-over-xw-thms
              • Riml-size
            • Rflag-specifications
            • Characterizing-undefined-behavior
            • Top-level-memory
            • App-view
            • X86-decoder
            • Physical-memory
            • Decoding-and-spec-utils
            • Instructions
            • Register-readers-and-writers
            • X86-modes
            • Segmentation
            • Other-non-deterministic-computations
            • Environment
            • Paging
          • Implemented-opcodes
          • To-do
          • Proof-utilities
          • Peripherals
          • Model-validation
          • Modelcalls
          • Concrete-simulation-examples
          • Utils
          • Debugging-code-proofs
        • Axe
        • Execloader
      • Math
      • Testing-utilities
    • Reasoning-about-memory-reads-and-writes

    Rb-1

    Signature
    (rb-1 n addr r-x x86) → (mv flg val new-x86)
    Arguments
    n — Number of bytes to be read.
        Guard (natp n).
    addr — First linear address.
        Guard (integerp addr).
    r-x — Type of memory access.
    Returns
    val — Type (natp val).
    new-x86 — Type (x86p new-x86), given (x86p x86).

    Definitions and Theorems

    Function: rb-1

    (defun rb-1 (n addr r-x x86)
  (declare (xargs :stobjs (x86)))
  (declare (type (member :r :x) r-x))
  (declare (xargs :guard (and (natp n) (integerp addr))))
  (declare (xargs :guard (canonical-address-p (+ -1 n addr))))
  (let ((__function__ 'rb-1))
    (declare (ignorable __function__))
    (if (zp n)
        (mv nil 0 x86)
      (b* (((unless (canonical-address-p addr))
            (mv 'rb-1 0 x86))
           ((mv flg0 byte0 x86) (rvm08 addr x86))
           ((when flg0) (mv flg0 0 x86))
           ((mv rest-flg rest-bytes x86)
            (rb-1 (1- n) (1+ addr) r-x x86)))
        (mv rest-flg
            (logior byte0 (ash rest-bytes 8))
            x86)))))

    Theorem: natp-of-rb-1.val

    (defthm natp-of-rb-1.val
  (b* (((mv ?flg ?val ?new-x86)
        (rb-1 n addr r-x x86)))
    (natp val))
  :rule-classes :type-prescription)

    Theorem: x86p-of-rb-1.new-x86

    (defthm x86p-of-rb-1.new-x86
  (implies (x86p x86)
           (b* (((mv ?flg ?val ?new-x86)
                 (rb-1 n addr r-x x86)))
             (x86p new-x86)))
  :rule-classes :rewrite)

    Theorem: integerp-of-mv-nth-1-rb-1

    (defthm integerp-of-mv-nth-1-rb-1
  (b* (((mv ?flg ?val ?new-x86)
        (rb-1 n addr r-x x86)))
    (integerp val))
  :rule-classes :type-prescription)

    Theorem: rb-1-returns-x86-app-view

    (defthm rb-1-returns-x86-app-view
  (b* (((mv ?flg ?val ?new-x86)
        (rb-1 n addr r-x x86)))
    (implies (app-view x86)
             (equal new-x86 x86))))

    Theorem: rb-1-returns-no-error-app-view

    (defthm rb-1-returns-no-error-app-view
  (implies (and (canonical-address-p addr)
                (canonical-address-p (+ -1 n addr))
                (app-view x86))
           (equal (mv-nth 0 (rb-1 n addr r-x x86))
                  nil)))

    Theorem: size-of-rb-1

    (defthm size-of-rb-1
 (implies (and (equal m (ash n 3)) (natp n))
          (unsigned-byte-p m (mv-nth 1 (rb-1 n addr r-x x86))))
 :rule-classes
 (:rewrite
  (:linear
   :corollary (implies (and (equal m (ash n 3)) (natp n))
                       (and (<= 0 (mv-nth 1 (rb-1 n addr r-x x86)))
                            (< (mv-nth 1 (rb-1 n addr r-x x86))
                               (expt 2 m))))
   :hints
   (("Goal"
        :in-theory '(unsigned-byte-p integer-range-p (:e expt)))))))