|
|
|---|
|
|
|
|---|
(system-init-loop correct-vals vstates) → new-vstates
Function:
(defun system-init-loop (correct-vals vstates) (declare (xargs :guard (and (address-setp correct-vals) (validators-statep vstates)))) (let ((__function__ 'system-init-loop)) (declare (ignorable __function__)) (b* (((when (or (not (mbt (address-setp correct-vals))) (emptyp correct-vals))) (validators-state-fix vstates)) (vstates (omap::update (head correct-vals) (validator-init) vstates))) (system-init-loop (tail correct-vals) vstates))))
Theorem:
(defthm validators-statep-of-system-init-loop (implies (validators-statep vstates) (b* ((new-vstates (system-init-loop correct-vals vstates))) (validators-statep new-vstates))) :rule-classes :rewrite)
Theorem:
(defthm system-init-loop-of-address-set-fix-correct-vals (equal (system-init-loop (address-set-fix correct-vals) vstates) (system-init-loop correct-vals vstates)))
Theorem:
(defthm system-init-loop-address-set-equiv-congruence-on-correct-vals (implies (address-set-equiv correct-vals correct-vals-equiv) (equal (system-init-loop correct-vals vstates) (system-init-loop correct-vals-equiv vstates))) :rule-classes :congruence)
Theorem:
(defthm in-of-keys-of-system-init-loop (implies (validators-statep vstates) (equal (in val (omap::keys (system-init-loop correct-vals vstates))) (or (in val (address-set-fix correct-vals)) (in val (omap::keys vstates))))))
Theorem:
(defthm keys-of-system-init-loop (implies (validators-statep vstates) (equal (omap::keys (system-init-loop correct-vals vstates)) (union (address-set-fix correct-vals) (omap::keys vstates)))))
Theorem:
(defthm lookup-of-system-init-loop (implies (validators-statep vstates) (equal (omap::lookup val (system-init-loop correct-vals vstates)) (if (in val (address-set-fix correct-vals)) (validator-init) (omap::lookup val vstates)))))