Documentation

LeanPool.MRiscX.Semantics.MsTheory

Basic theorems

This file contains many small lemmata about the built machine model. These lemmata help proving statements about the MRiscX language by simplifying terms. All these lemmata are added to the simp command with the @[simp]. This can shorten proofs because lean can apply these theorems with simp automatically.

@[simp]
theorem MState.incPc_increments_pc (ms : MState) :
ms.incPc = { memory := ms.memory, registers := ms.registers, pc := ms.pc + 1, code := ms.code, terminated := ms.terminated }
@[simp]
theorem MState.addRegister_getRegister_neq (ms : MState) (r1 r2 v : UInt64) :
r1 r2(ms.addRegister r1 v).getRegisterAt r2 = ms.getRegisterAt r2
theorem MState.addRegister_getRegister_eq (ms : MState) (r1 r2 v : UInt64) :
r1 = r2(ms.addRegister r1 v).getRegisterAt r2 = v
@[simp]
theorem MState.set_pc (ms : MState) (i : UInt64) :
(ms.setPc i).pc = i
@[simp]
theorem MState.jump_set_pc (ms : MState) (s : String) (i : UInt64) :
PMap.get ms.code.labels s = some ims.jump s = { memory := ms.memory, registers := ms.registers, pc := i, code := ms.code, terminated := ms.terminated }
@[simp]
theorem MState.addRegister_unfold (ms : MState) (i1 i2 : UInt64) :
ms.addRegister i1 i2 = { memory := ms.memory, registers := (i1 i2; ms.registers), pc := ms.pc, code := ms.code, terminated := ms.terminated }
@[simp]
theorem MState.addMemory_unfold (ms : MState) (i1 i2 : UInt64) :
ms.addMemory i1 i2 = { memory := (i1 i2; ms.memory), registers := ms.registers, pc := ms.pc, code := ms.code, terminated := ms.terminated }
@[simp]
theorem MState.run_zero_steps (ms : MState) :
ms.runNSteps 0 = ms
theorem MState.run_n_run_one (ms : MState) (n : ) :
(ms.runNSteps n).runOneStep = ms.runNSteps (n + 1)
theorem MState.run_N_comm (ms : MState) (n m : ) :
@[simp]
theorem MState.run_n_m_steps_comp (ms : MState) (n m : ) :
(ms.runNSteps n).runNSteps m = ms.runNSteps (n + m)
@[simp]
theorem MState.set_pc_code_no_change (ms : MState) (v : UInt64) :
(ms.setPc v).code = ms.code
@[simp]
theorem MState.jump_register_indep (ms : MState) (m : Memory) (r : Registers) (c : Code) (s : String) :
({ memory := m, registers := r, pc := ms.pc, code := c, terminated := ms.terminated }.jump s).pc = ({ memory := ms.memory, registers := ms.registers, pc := ms.pc, code := c, terminated := ms.terminated }.jump s).pc
theorem MState.get_register_only_register (m : Memory) (r : Registers) (c : Code) (terminated : Bool) (i p : UInt64) :
{ memory := m, registers := r, pc := p, code := c, terminated := terminated }.getRegisterAt i = TMap.get r i
theorem MState.get_register_only_register' (ms : MState) (m : Memory) (r : Registers) (c : Code) (terminated : Bool) (i p : UInt64) :
{ memory := m, registers := r, pc := p, code := c, terminated := terminated }.getRegisterAt i = { memory := ms.memory, registers := r, pc := ms.pc, code := ms.code, terminated := ms.terminated }.getRegisterAt i
theorem MState.get_register_only_memory (m : Memory) (r : Registers) (c : Code) (terminated : Bool) (i p : UInt64) :
{ memory := m, registers := r, pc := p, code := c, terminated := terminated }.getMemoryAt i = TMap.get m i
theorem MState.get_register_only_memory' (ms : MState) (m : Memory) (r : Registers) (c : Code) (terminated : Bool) (i p : UInt64) :
{ memory := m, registers := r, pc := p, code := c, terminated := terminated }.getMemoryAt i = { memory := m, registers := ms.registers, pc := ms.pc, code := ms.code, terminated := ms.terminated }.getMemoryAt i
@[simp]
theorem MState.get_label_from_code (ms : MState) (s : String) (l : UInt64) :
(ms.getLabelAt s = some l) = (PMap.get ms.code.labels s = some l)
@[simp]
@[simp]
theorem MState.runNSteps_code_remains (ms : MState) (n : ) :
(ms.runNSteps n).code = ms.code
theorem MState.code_remains_same (ms ms' : MState) (code : Code) (n : ) :
ms.code = codems.runNSteps n = ms'ms'.code = code
theorem MState.runNSteps_diff (s : MState) (n : ) (L1 L2 : Set UInt64) :
L2 L1(s.runNSteps n).pcL1(s.runNSteps n).pcL2
theorem MState.runNSteps_pc_in_superset (s : MState) (n : ) (L1 L2 : Set UInt64) :
L2 L1(s.runNSteps n).pc L2(s.runNSteps n).pc L1
theorem MState.runNSteps_add (s s' s'' : MState) (n n' : ) :
s.runNSteps n = s's'.runNSteps n' = s''s.runNSteps (n + n') = s''
theorem MState.runNSteps_pc_nin (s s' s'' : MState) (n n' : ) (L : Set UInt64) :
s.runNSteps n = s's'.runNSteps n' = s''(s.runNSteps n).pcL(s'.runNSteps n').pcL(s.runNSteps (n + n')).pcL
theorem MState.runNSteps_pc_nin_extra_step (s s' : MState) (n : ) (L : Set UInt64) :
s.runNSteps n = s's'.pcL(∀ (n' : ), 0 < n' n' < n(s.runNSteps n').pcL)∀ (n'' : ), 0 < n'' n'' n(s.runNSteps n'').pcL
theorem MState.run_n_plus_m_pc_not_in_set (s s' : MState) (m m' : ) (set : Set UInt64) :
s.runNSteps m = s'(∀ (n : ), 0 < n n m(s.runNSteps n).pcset)(∀ (n' : ), 0 < n' n' < m'(s'.runNSteps n').pcset)∀ (n'' : ), 0 < n'' n'' < m + m'(s.runNSteps n'').pcset
theorem MState.run_n_plus_m_diff_set (s s' : MState) (m m' : ) (L_b L_b' : Set UInt64) :
s.runNSteps m = s'(∀ (n : ), 0 < n n m(s.runNSteps n).pcL_b)(∀ (n' : ), 0 < n' n' < m'(s'.runNSteps n').pcL_b')∀ (n'' : ), 0 < n'' n'' < m + m'(s.runNSteps n'').pcL_b L_b'
theorem MState.run_n_plus_m_intersect (s s' : MState) (m m' : ) (L_w L_b L_w' L_b' : Set UInt64) :
L_w' L_b L_w L_w' = s.runNSteps m = s's'.pc L_ws'.pcL_b(∀ (n : ), 0 < n n < m(s.runNSteps n).pcL_w L_b)(∀ (n' : ), 0 < n' n' < m'(s'.runNSteps n').pcL_w' L_b')∀ (n'' : ), 0 < n'' n'' < m + m'(s.runNSteps n'').pcL_w' L_b L_b'