|
|
|---|
|
|
|
|---|
(system-init-loop correct-vals valmap) → new-valmap
Function:
(defun system-init-loop (correct-vals valmap) (declare (xargs :guard (and (address-setp correct-vals) (address-validator-state-mapp valmap)))) (let ((__function__ 'system-init-loop)) (declare (ignorable __function__)) (b* (((when (emptyp (address-set-fix correct-vals))) (address-validator-state-map-fix valmap)) (valmap (omap::update (head correct-vals) (validator-init) valmap))) (system-init-loop (tail correct-vals) valmap))))
Theorem:
(defthm address-validator-state-mapp-of-system-init-loop (implies (address-validator-state-mapp valmap) (b* ((new-valmap (system-init-loop correct-vals valmap))) (address-validator-state-mapp new-valmap))) :rule-classes :rewrite)
Theorem:
(defthm system-init-loop-of-address-set-fix-correct-vals (equal (system-init-loop (address-set-fix correct-vals) valmap) (system-init-loop correct-vals valmap)))
Theorem:
(defthm system-init-loop-address-set-equiv-congruence-on-correct-vals (implies (address-set-equiv correct-vals correct-vals-equiv) (equal (system-init-loop correct-vals valmap) (system-init-loop correct-vals-equiv valmap))) :rule-classes :congruence)
Theorem:
(defthm in-of-keys-of-system-init-loop (implies (address-validator-state-mapp valmap) (equal (in val (omap::keys (system-init-loop correct-vals valmap))) (or (in val (address-set-fix correct-vals)) (in val (omap::keys valmap))))))
Theorem:
(defthm keys-of-system-init-loop (implies (address-validator-state-mapp valmap) (equal (omap::keys (system-init-loop correct-vals valmap)) (union (address-set-fix correct-vals) (omap::keys valmap)))))
Theorem:
(defthm lookup-of-system-init-loop (implies (address-validator-state-mapp valmap) (equal (omap::lookup val (system-init-loop correct-vals valmap)) (if (in val (address-set-fix correct-vals)) (validator-init) (omap::lookup val valmap)))))