• Top
    • Documentation
    • Books
    • Boolean-reasoning
    • Projects
    • Debugging
    • Std
    • Community
    • Proof-automation
    • ACL2
    • Macro-libraries
    • Interfacing-tools
    • Hardware-verification
    • Software-verification
      • Kestrel-books
        • Crypto-hdwallet
        • Apt
        • Error-checking
        • Fty-extensions
        • Isar
        • Kestrel-utilities
        • Set
        • Soft
        • C
          • Syntax-for-tools
          • Atc
            • Atc-implementation
              • Atc-abstract-syntax
              • Atc-pretty-printer
              • Atc-event-and-code-generation
                • Atc-symbolic-computation-states
                • Atc-symbolic-execution-rules
                • Atc-gen-ext-declon-lists
                • Atc-function-and-loop-generation
                  • Atc-gen-cfun-correct-thm
                  • Atc-typed-formals
                  • Atc-gen-outer-bindings-and-hyps
                  • Atc-gen-fundef
                  • Atc-gen-exec-stmt-while-for-loop
                  • Atc-gen-context-preamble
                  • Atc-gen-pop-frame-thm
                  • Atc-gen-loop-correct-thm
                  • Atc-gen-init-scope-thms
                  • Atc-gen-fun-correct-thm
                  • Atc-gen-fn-result-thm
                  • Atc-gen-loop-body-correct-thm
                  • Atc-gen-loop
                  • Atc-gen-loop-test-correct-thm
                  • Atc-check-guard-conjunct
                  • Atc-find-affected
                  • Atc-gen-cfun-final-compustate
                  • Atc-gen-init-inscope-auto
                  • Atc-gen-init-inscope-static
                  • Atc-gen-push-init-thm
                  • Atc-gen-loop-measure-fn
                  • Atc-gen-fun-endstate
                  • Atc-gen-loop-termination-thm
                  • Atc-gen-formal-thm
                  • Atc-gen-loop-final-compustate
                  • Atc-gen-loop-measure-thm
                  • Atc-gen-object-disjoint-hyps
                  • Atc-loop-body-term-subst
                  • Atc-gen-omap-update-formals
                  • Atc-gen-loop-tthm-formula
                    • Atc-gen-loop-tthm-formula-lst
                  • Atc-gen-init-inscope
                  • Atc-gen-fn-def*
                  • Atc-gen-param-declon-list
                  • Atc-formal-affectablep
                  • Atc-gen-cfun-fun-env-thm
                  • Atc-gen-add-var-formals
                  • Atc-gen-cfun-fun-env-thm-name
                  • Atc-gen-fn-guard
                  • Atc-filter-exec-fun-args
                  • Atc-gen-context-preamble-aux-aux
                  • Atc-typed-formals-to-extobjs
                  • Atc-formal-affectable-listp
                • Atc-statement-generation
                • Atc-gen-fileset
                • Atc-gen-everything
                • Atc-gen-obj-declon
                • Atc-gen-fileset-event
                • Atc-tag-tables
                • Atc-expression-generation
                • Atc-generation-contexts
                • Atc-gen-wf-thm
                • Term-checkers-atc
                • Atc-variable-tables
                • Term-checkers-common
                • Atc-gen-init-fun-env-thm
                • Atc-gen-appconds
                • Read-write-variables
                • Atc-gen-thm-assert-events
                • Test*
                • Atc-gen-prog-const
                • Atc-gen-expr-bool
                • Atc-theorem-generation
                • Atc-tag-generation
                • Atc-gen-expr-pure
                • Atc-function-tables
                • Atc-object-tables
              • Fty-pseudo-term-utilities
              • Atc-term-recognizers
              • Atc-input-processing
              • Atc-shallow-embedding
              • Atc-process-inputs-and-gen-everything
              • Atc-table
              • Atc-fn
              • Atc-pretty-printing-options
              • Atc-types
              • Atc-macro-definition
            • Atc-tutorial
          • Language
          • Representation
          • Transformation-tools
          • Insertion-sort
          • Pack
        • Bv
        • Imp-language
        • Event-macros
        • Java
        • Bitcoin
        • Ethereum
        • Yul
        • Zcash
        • ACL2-programming-language
        • Prime-fields
        • Json
        • Syntheto
        • File-io-light
        • Cryptography
        • Number-theory
        • Lists-light
        • Axe
        • Builtins
        • Solidity
        • Helpers
        • Htclient
        • Typed-lists-light
        • Arithmetic-light
      • X86isa
      • Axe
      • Execloader
    • Math
    • Testing-utilities
  • Atc-function-and-loop-generation

Atc-gen-loop-tthm-formula

Generate the formula for the loop termination theorem.

Signature
(atc-gen-loop-tthm-formula term 
                           fn measure-of-fn measure-formals state) 
 
  → 
(mv erp new-term)
Arguments
term — Guard (pseudo-termp term).
fn — Guard (symbolp fn).
measure-of-fn — Guard (symbolp measure-of-fn).
measure-formals — Guard (symbol-listp measure-formals).

This is obtained from the loop function's termination theorem, transformed as follows.

The o< relation is replaced with <. This is justified by the fact that the measure yields a natural number, as guaranteed by the applicability condition.

Furthermore, the measure term is replaced with a call of the generated measure function. More precisely, this is done in every term of the form (o< A B) (at the same replacing o< with < as mentioned above), where we expect B to be the measure term, and A to be the instantiation of the measure term to one of the recursive calls of the loop function. We replace B with a generic call of the measure function, and A with an instantiated call of the measure function; we obtain the instantiation by matching B to A. It is not yet clear whether this approach will work in all cases.

Theorem: len-of-atc-gen-loop-tthm-formula

(defthm len-of-atc-gen-loop-tthm-formula
  (b* nil t)
  :rule-classes nil)

Theorem: len-of-atc-gen-loop-tthm-formula-lst

(defthm len-of-atc-gen-loop-tthm-formula-lst
  (b* (((mv acl2::?erp ?new-terms)
        (atc-gen-loop-tthm-formula-lst
             terms fn
             measure-of-fn measure-formals state)))
    (implies (not erp)
             (equal (len new-terms) (len terms)))))

Theorem: pseudo-termp-of-atc-gen-loop-tthm-formula

(defthm pseudo-termp-of-atc-gen-loop-tthm-formula
  (implies (and (pseudo-termp term)
                (symbolp measure-of-fn)
                (not (eq measure-of-fn 'quote))
                (symbol-listp measure-formals))
           (b* (((mv acl2::?erp ?new-term)
                 (atc-gen-loop-tthm-formula
                      term fn
                      measure-of-fn measure-formals state)))
             (pseudo-termp new-term))))

Theorem: pseudo-termp-of-atc-gen-loop-tthm-formula-lst

(defthm pseudo-termp-of-atc-gen-loop-tthm-formula-lst
  (implies (and (pseudo-term-listp terms)
                (symbolp measure-of-fn)
                (not (eq measure-of-fn 'quote))
                (symbol-listp measure-formals))
           (b* (((mv acl2::?erp ?new-terms)
                 (atc-gen-loop-tthm-formula-lst
                      terms fn
                      measure-of-fn measure-formals state)))
             (pseudo-term-listp new-terms))))

Subtopics

Atc-gen-loop-tthm-formula-lst