• Top
  • Documentation
  • Books
  • Boolean-reasoning
  • Projects
  • Debugging
  • Community
  • Std
  • Proof-automation
  • Macro-libraries
  • ACL2
  • Interfacing-tools
  • Hardware-verification
  • Software-verification
    • Kestrel-books
      • Crypto-hdwallet
      • Apt
      • Error-checking
      • Fty-extensions
      • Isar
      • Kestrel-utilities
      • Set
      • C
        • Syntax-for-tools
        • Atc
        • Transformation-tools
        • Language
          • Abstract-syntax
          • Integer-ranges
          • Implementation-environments
          • Dynamic-semantics
          • Static-semantics
          • Grammar
          • Types
          • Integer-formats-definitions
          • Computation-states
            • Write-object
            • Objdesign-of-var
            • Create-var
            • Compustate-scopes-numbers
            • Read-object
            • Compustate
            • Enter-scope
            • Frame
            • Exit-scope
            • Read-object-of-create-var
            • Compustate-scopes-numbers-aux
            • Compustate-option
            • Push-frame
            • Read-object-of-write-object
            • Pop-frame
            • Compustate-frames-number
            • Exit-scope-of-write-object
            • Compustate-option-result
            • Scope-list-result
            • Not-errorp-of-write-object-of-exit-scope
            • Compustate-result
            • Scope-result
            • Pop-frame-of-write-object
            • Compustate-top-frame-scopes-number
            • Not-errorp-of-write-object-of-pop-frame
            • Read-object-of-exit-scope
            • Heap
            • Top-frame
            • Read-object-of-pop-frame
            • Scope
            • Objdesign-of-var-of-create-var
            • Scope-list
            • Push/pop/top-frame-theorems
            • Objdesign-of-var-of-write-object
            • Frame-list
            • Compustatep-of-write-object-of-objdesign-of-var
            • Valuep-of-read-object-of-objdesign-of-var
            • Read-object-of-enter-scope
            • Objdesign-of-var-of-enter-scope
            • Entr/exit-scope-theorems
          • Portable-ascii-identifiers
          • Values
          • Integer-operations
          • Object-designators
          • Operations
          • Errors
          • Tag-environments
          • Function-environments
          • Character-sets
          • Flexible-array-member-removal
          • Arithmetic-operations
          • Pointer-operations
          • Real-operations
          • Array-operations
          • Scalar-operations
          • Structure-operations
        • Representation
        • Insertion-sort
        • Pack
      • Soft
      • Bv
      • Imp-language
      • Ethereum
      • Event-macros
      • Java
      • Riscv
      • Bitcoin
      • Zcash
      • Yul
      • ACL2-programming-language
      • Prime-fields
      • Json
      • Syntheto
      • File-io-light
      • Cryptography
      • Number-theory
      • Axe
      • Lists-light
      • Builtins
      • Solidity
      • Helpers
      • Htclient
      • Typed-lists-light
      • Arithmetic-light
    • X86isa
    • Axe
    • Execloader
  • Math
  • Testing-utilities

• Computation-states

Read-object-of-write-object

How read-object changes under write-object.

We provide a read-over-write theorem, limited to top-level object designators. Handling other kinds of object designators is more complicated, due to the possibility of partial overlap of objects; we plan to tackle these eventually.

We also provide an object type preservation theorem, saying that if a computation state includes an object with a certain type, the computation state after a write-object still contains that object with the same type (although the value may have been changed). This theorem is also limited to top-level object designators, for the object whose preservation the theorem asserts; the object designator for write-object is arbitrary.

Definitions and Theorems

Theorem: read-object-of-write-object-when-auto/static/alloc

(defthm read-object-of-write-object-when-auto/static/alloc
  (implies (and (member-equal (objdesign-kind objdes)
                              '(:auto :static :alloc))
                (member-equal (objdesign-kind objdes1)
                              '(:auto :static :alloc))
                (not (errorp (write-object objdes val compst))))
           (equal (read-object objdes1
                               (write-object objdes val compst))
                  (if (equal (objdesign-fix objdes1)
                             (objdesign-fix objdes))
                      (if (equal (objdesign-kind objdes) :alloc)
                          (value-fix val)
                        (remove-flexible-array-member val))
                    (read-object objdes1 compst)))))

Theorem: read-object-of-write-object-when-auto/static/alloc-existing

(defthm read-object-of-write-object-when-auto/static/alloc-existing
 (b* ((compst1 (write-object objdes1 val compst)))
   (implies
        (and (not (errorp compst1))
             (member-equal (objdesign-kind objdes)
                           '(:auto :static :alloc))
             (not (errorp (read-object objdes compst))))
        (and (not (errorp (read-object objdes compst1)))
             (equal (type-of-value (read-object objdes compst1))
                    (type-of-value (read-object objdes compst)))))))