(NOTE-LIB "c-predefined3") Nqthm-1992 mods: (PC-NQTHM-1992) Loading ./mg/c-predefined3.lib Finished loading ./mg/c-predefined3.lib Loading ./mg/c-predefined3.lisp Finished loading ./mg/c-predefined3.lisp (#./mg/c-predefined3.lib #./mg/c-predefined3.lisp) (PROVE-LEMMA ARRAYS-HAVE-NON-ZEROP-LENGTHS (REWRITE) (IMPLIES (AND (ARRAY-IDENTIFIERP X ALIST) (MG-ALISTP ALIST)) (NOT (ZEROP (ARRAY-LENGTH (CADR (ASSOC X ALIST)))))) ((ENABLE ARRAY-IDENTIFIERP MG-ALISTP MG-ALIST-ELEMENTP MG-TYPE-REFP ARRAY-MG-TYPE-REFP SIMPLE-MG-TYPE-REFP))) WARNING: Note that the rewrite rule ARRAYS-HAVE-NON-ZEROP-LENGTHS will be stored so as to apply only to terms with the nonrecursive function symbol ZEROP. This conjecture can be simplified, using the abbreviations NOT, IDENTIFIERP, DEFINED-IDENTIFIERP, M-TYPE, GET-M-TYPE, HAS-ARRAY-TYPE, ARRAY-IDENTIFIERP, AND, and IMPLIES, to the goal: (IMPLIES (AND (OK-MG-NAMEP X) (DEFINEDP X ALIST) (EQUAL (CAADR (ASSOC X ALIST)) 'ARRAY-MG) (MG-ALISTP ALIST)) (NOT (ZEROP (ARRAY-LENGTH (CADR (ASSOC X ALIST)))))). This simplifies, unfolding ZEROP, to the following two new goals: Case 2. (IMPLIES (AND (OK-MG-NAMEP X) (DEFINEDP X ALIST) (EQUAL (CAADR (ASSOC X ALIST)) 'ARRAY-MG) (MG-ALISTP ALIST)) (NOT (EQUAL (ARRAY-LENGTH (CADR (ASSOC X ALIST))) 0))). Give the above formula the name *1. Case 1. (IMPLIES (AND (OK-MG-NAMEP X) (DEFINEDP X ALIST) (EQUAL (CAADR (ASSOC X ALIST)) 'ARRAY-MG) (MG-ALISTP ALIST)) (NUMBERP (ARRAY-LENGTH (CADR (ASSOC X ALIST))))), which we would usually push and work on later by induction. But if we must use induction to prove the input conjecture, we prefer to induct on the original formulation of the problem. Thus we will disregard all that we have previously done, give the name *1 to the original input, and work on it. So now let us consider: (IMPLIES (AND (ARRAY-IDENTIFIERP X ALIST) (MG-ALISTP ALIST)) (NOT (ZEROP (ARRAY-LENGTH (CADR (ASSOC X ALIST)))))), which we named *1 above. We will appeal to induction. Two inductions are suggested by terms in the conjecture. However, they merge into one likely candidate induction. We will induct according to the following scheme: (AND (IMPLIES (NLISTP ALIST) (p X ALIST)) (IMPLIES (AND (NOT (NLISTP ALIST)) (p X (CDR ALIST))) (p X ALIST))). Linear arithmetic, the lemmas CDR-LESSEQP and CDR-LESSP, and the definition of NLISTP can be used to prove that the measure (COUNT ALIST) decreases according to the well-founded relation LESSP in each induction step of the scheme. The above induction scheme leads to four new conjectures: Case 4. (IMPLIES (AND (NLISTP ALIST) (ARRAY-IDENTIFIERP X ALIST) (MG-ALISTP ALIST)) (NOT (ZEROP (ARRAY-LENGTH (CADR (ASSOC X ALIST)))))), which simplifies, unfolding NLISTP, DEFINED-IDENTIFIERP, IDENTIFIERP, DEFINEDP, and ARRAY-IDENTIFIERP, to: T. Case 3. (IMPLIES (AND (NOT (NLISTP ALIST)) (NOT (ARRAY-IDENTIFIERP X (CDR ALIST))) (ARRAY-IDENTIFIERP X ALIST) (MG-ALISTP ALIST)) (NOT (ZEROP (ARRAY-LENGTH (CADR (ASSOC X ALIST)))))), which simplifies, opening up NLISTP, HAS-ARRAY-TYPE, M-TYPE, GET-M-TYPE, DEFINED-IDENTIFIERP, IDENTIFIERP, ARRAY-IDENTIFIERP, ASSOC, DEFINEDP, MG-ALISTP, M-VALUE, MG-TYPE-REFP, MEMBER, LISTP, CAR, CDR, SIMPLE-MG-TYPE-REFP, EQUAL, ARRAY-MG-TYPE-REFP, MG-ALIST-ELEMENTP, ZEROP, and ARRAY-LENGTH, to six new conjectures: Case 3.6. (IMPLIES (AND (LISTP ALIST) (NOT (DEFINEDP X (CDR ALIST))) (OK-MG-NAMEP X) (EQUAL X (CAAR ALIST)) (EQUAL (CAADAR ALIST) 'ARRAY-MG) (LENGTH-PLISTP (CAR ALIST) 3) (EQUAL (CADAR ALIST) 'BOOLEAN-MG) (OK-MG-VALUEP (CADDAR ALIST) (CADAR ALIST))) (NOT (MG-ALISTP (CDR ALIST)))), which again simplifies, opening up CAR and EQUAL, to: T. Case 3.5. (IMPLIES (AND (LISTP ALIST) (NOT (DEFINEDP X (CDR ALIST))) (OK-MG-NAMEP X) (EQUAL X (CAAR ALIST)) (EQUAL (CAADAR ALIST) 'ARRAY-MG) (LENGTH-PLISTP (CAR ALIST) 3) (EQUAL (CADAR ALIST) 'CHARACTER-MG) (OK-MG-VALUEP (CADDAR ALIST) (CADAR ALIST))) (NOT (MG-ALISTP (CDR ALIST)))), which again simplifies, opening up CAR and EQUAL, to: T. Case 3.4. (IMPLIES (AND (LISTP ALIST) (NOT (DEFINEDP X (CDR ALIST))) (OK-MG-NAMEP X) (EQUAL X (CAAR ALIST)) (EQUAL (CAADAR ALIST) 'ARRAY-MG) (LENGTH-PLISTP (CAR ALIST) 3) (EQUAL (CADAR ALIST) 'INT-MG) (OK-MG-VALUEP (CADDAR ALIST) (CADAR ALIST))) (NOT (MG-ALISTP (CDR ALIST)))), which again simplifies, expanding the definitions of CAR and EQUAL, to: T. Case 3.3. (IMPLIES (AND (LISTP ALIST) (NOT (EQUAL (CAADR (ASSOC X (CDR ALIST))) 'ARRAY-MG)) (OK-MG-NAMEP X) (EQUAL X (CAAR ALIST)) (EQUAL (CAADAR ALIST) 'ARRAY-MG) (LENGTH-PLISTP (CAR ALIST) 3) (EQUAL (CADAR ALIST) 'BOOLEAN-MG) (OK-MG-VALUEP (CADDAR ALIST) (CADAR ALIST))) (NOT (MG-ALISTP (CDR ALIST)))), which again simplifies, opening up the functions CAR and EQUAL, to: T. Case 3.2. (IMPLIES (AND (LISTP ALIST) (NOT (EQUAL (CAADR (ASSOC X (CDR ALIST))) 'ARRAY-MG)) (OK-MG-NAMEP X) (EQUAL X (CAAR ALIST)) (EQUAL (CAADAR ALIST) 'ARRAY-MG) (LENGTH-PLISTP (CAR ALIST) 3) (EQUAL (CADAR ALIST) 'CHARACTER-MG) (OK-MG-VALUEP (CADDAR ALIST) (CADAR ALIST))) (NOT (MG-ALISTP (CDR ALIST)))), which again simplifies, expanding CAR and EQUAL, to: T. Case 3.1. (IMPLIES (AND (LISTP ALIST) (NOT (EQUAL (CAADR (ASSOC X (CDR ALIST))) 'ARRAY-MG)) (OK-MG-NAMEP X) (EQUAL X (CAAR ALIST)) (EQUAL (CAADAR ALIST) 'ARRAY-MG) (LENGTH-PLISTP (CAR ALIST) 3) (EQUAL (CADAR ALIST) 'INT-MG) (OK-MG-VALUEP (CADDAR ALIST) (CADAR ALIST))) (NOT (MG-ALISTP (CDR ALIST)))), which again simplifies, opening up the functions CAR and EQUAL, to: T. Case 2. (IMPLIES (AND (NOT (NLISTP ALIST)) (NOT (MG-ALISTP (CDR ALIST))) (ARRAY-IDENTIFIERP X ALIST) (MG-ALISTP ALIST)) (NOT (ZEROP (ARRAY-LENGTH (CADR (ASSOC X ALIST)))))), which simplifies, unfolding the functions NLISTP, HAS-ARRAY-TYPE, M-TYPE, ASSOC, GET-M-TYPE, DEFINED-IDENTIFIERP, IDENTIFIERP, DEFINEDP, ARRAY-IDENTIFIERP, MG-ALISTP, M-VALUE, MG-TYPE-REFP, MEMBER, LISTP, CAR, CDR, SIMPLE-MG-TYPE-REFP, ARRAY-MG-TYPE-REFP, MG-ALIST-ELEMENTP, and EQUAL, to: T. Case 1. (IMPLIES (AND (NOT (NLISTP ALIST)) (NOT (ZEROP (ARRAY-LENGTH (CADR (ASSOC X (CDR ALIST)))))) (ARRAY-IDENTIFIERP X ALIST) (MG-ALISTP ALIST)) (NOT (ZEROP (ARRAY-LENGTH (CADR (ASSOC X ALIST)))))), which simplifies, opening up the functions NLISTP, ZEROP, HAS-ARRAY-TYPE, M-TYPE, ASSOC, GET-M-TYPE, DEFINED-IDENTIFIERP, IDENTIFIERP, DEFINEDP, ARRAY-IDENTIFIERP, MG-ALISTP, M-VALUE, MG-TYPE-REFP, MEMBER, LISTP, CAR, CDR, SIMPLE-MG-TYPE-REFP, ARRAY-MG-TYPE-REFP, MG-ALIST-ELEMENTP, EQUAL, and ARRAY-LENGTH, to three new formulas: Case 1.3. (IMPLIES (AND (LISTP ALIST) (NOT (EQUAL (ARRAY-LENGTH (CADR (ASSOC X (CDR ALIST)))) 0)) (NUMBERP (ARRAY-LENGTH (CADR (ASSOC X (CDR ALIST))))) (OK-MG-NAMEP X) (EQUAL X (CAAR ALIST)) (EQUAL (CAADAR ALIST) 'ARRAY-MG) (LENGTH-PLISTP (CAR ALIST) 3) (EQUAL (CADAR ALIST) 'BOOLEAN-MG) (OK-MG-VALUEP (CADDAR ALIST) (CADAR ALIST))) (NOT (MG-ALISTP (CDR ALIST)))), which again simplifies, unfolding CAR and EQUAL, to: T. Case 1.2. (IMPLIES (AND (LISTP ALIST) (NOT (EQUAL (ARRAY-LENGTH (CADR (ASSOC X (CDR ALIST)))) 0)) (NUMBERP (ARRAY-LENGTH (CADR (ASSOC X (CDR ALIST))))) (OK-MG-NAMEP X) (EQUAL X (CAAR ALIST)) (EQUAL (CAADAR ALIST) 'ARRAY-MG) (LENGTH-PLISTP (CAR ALIST) 3) (EQUAL (CADAR ALIST) 'CHARACTER-MG) (OK-MG-VALUEP (CADDAR ALIST) (CADAR ALIST))) (NOT (MG-ALISTP (CDR ALIST)))), which again simplifies, opening up the definitions of CAR and EQUAL, to: T. Case 1.1. (IMPLIES (AND (LISTP ALIST) (NOT (EQUAL (ARRAY-LENGTH (CADR (ASSOC X (CDR ALIST)))) 0)) (NUMBERP (ARRAY-LENGTH (CADR (ASSOC X (CDR ALIST))))) (OK-MG-NAMEP X) (EQUAL X (CAAR ALIST)) (EQUAL (CAADAR ALIST) 'ARRAY-MG) (LENGTH-PLISTP (CAR ALIST) 3) (EQUAL (CADAR ALIST) 'INT-MG) (OK-MG-VALUEP (CADDAR ALIST) (CADAR ALIST))) (NOT (MG-ALISTP (CDR ALIST)))), which again simplifies, unfolding CAR and EQUAL, to: T. That finishes the proof of *1. Q.E.D. [ 0.0 0.4 0.0 ] ARRAYS-HAVE-NON-ZEROP-LENGTHS (ENABLE MAP-DOWN-VALUES-PRESERVES-LENGTH) [ 0.0 0.0 0.0 ] MAP-DOWN-VALUES-PRESERVES-LENGTH-ON (PROVE-LEMMA LESSP-PLUS-TRANSITIVE (REWRITE) (IMPLIES (AND (LESSP (PLUS X (SUB1 W)) Z) (LESSP Y W)) (EQUAL (LESSP (PLUS X Y) Z) T))) WARNING: Note that LESSP-PLUS-TRANSITIVE contains the free variable W which will be chosen by instantiating the hypothesis (LESSP (PLUS X (SUB1 W)) Z). This formula simplifies, using linear arithmetic, rewriting with LESSP-DIFFERENCE, and opening up the definition of EQUAL, to: T. Q.E.D. [ 0.0 0.0 0.0 ] LESSP-PLUS-TRANSITIVE (DISABLE LESSP-PLUS-TRANSITIVE) [ 0.0 0.0 0.0 ] LESSP-PLUS-TRANSITIVE-OFF (PROVE-LEMMA IDIFFERENCE-LESSP2 (REWRITE) (IMPLIES (AND (NUMBERP X) (LESSP X Y)) (AND (EQUAL (EQUAL (IDIFFERENCE Y X) 0) F) (NUMBERP (IDIFFERENCE Y X)))) ((ENABLE IDIFFERENCE IPLUS ILESSP INEGATE))) WARNING: Note that the proposed lemma IDIFFERENCE-LESSP2 is to be stored as zero type prescription rules, zero compound recognizer rules, zero linear rules, and two replacement rules. This conjecture can be simplified, using the abbreviations AND, IMPLIES, and IDIFFERENCE, to: (IMPLIES (AND (NUMBERP X) (LESSP X Y)) (AND (EQUAL (EQUAL (IPLUS Y (INEGATE X)) 0) F) (NUMBERP (IPLUS Y (INEGATE X))))). This simplifies, opening up the definitions of INEGATE and AND, to the following four new formulas: Case 4. (IMPLIES (AND (NUMBERP X) (LESSP X Y) (NOT (EQUAL X 0))) (NOT (EQUAL (IPLUS Y (MINUS X)) 0))). However this again simplifies, applying NEGATIVE-GUTS-MINUS, and opening up the definition of IPLUS, to the new formula: (IMPLIES (AND (NUMBERP X) (LESSP X Y) (NOT (EQUAL X 0)) (NOT (NEGATIVEP Y)) (NOT (LESSP Y X))) (NOT (EQUAL (DIFFERENCE Y X) 0))), which again simplifies, using linear arithmetic, to: T. Case 3. (IMPLIES (AND (NUMBERP X) (LESSP X Y) (EQUAL X 0)) (NOT (EQUAL (IPLUS Y 0) 0))), which again simplifies, applying the lemma ZERO-IPLUS-RIGHT-IDENTITY, and opening up the definitions of NUMBERP, EQUAL, LESSP, and INTEGERP, to: T. Case 2. (IMPLIES (AND (NUMBERP X) (LESSP X Y) (NOT (EQUAL X 0))) (NUMBERP (IPLUS Y (MINUS X)))), which again simplifies, rewriting with NEGATIVE-GUTS-MINUS, and opening up the function IPLUS, to the following two new goals: Case 2.2. (IMPLIES (AND (NUMBERP X) (LESSP X Y) (NOT (EQUAL X 0))) (NOT (LESSP Y X))). However this again simplifies, using linear arithmetic, to: T. Case 2.1. (IMPLIES (AND (NUMBERP X) (LESSP X Y) (NOT (EQUAL X 0))) (NOT (NEGATIVEP Y))), which again simplifies, unfolding LESSP, to: T. Case 1. (IMPLIES (AND (NUMBERP X) (LESSP X Y) (EQUAL X 0)) (NUMBERP (IPLUS Y 0))), which again simplifies, applying ZERO-IPLUS-RIGHT-IDENTITY, and expanding the functions NUMBERP, EQUAL, LESSP, and INTEGERP, to: T. Q.E.D. [ 0.0 0.0 0.0 ] IDIFFERENCE-LESSP2 (PROVE-LEMMA ZEROP-INTEGERP-TRICHOTOMY (REWRITE) (IMPLIES (AND (INTEGERP X) (NOT (NUMBERP X))) (NEGATIVEP X)) ((ENABLE INTEGERP))) WARNING: ZEROP-INTEGERP-TRICHOTOMY will slow down the theorem-prover because it will cause backward chaining on every instance of a primitive type expression. This formula simplifies, expanding the function INTEGERP, to: T. Q.E.D. [ 0.0 0.0 0.0 ] ZEROP-INTEGERP-TRICHOTOMY (DISABLE ZEROP-INTEGERP-TRICHOTOMY) [ 0.0 0.0 0.0 ] ZEROP-INTEGERP-TRICHOTOMY-OFF (PROVE-LEMMA P-OBJECT-TYPE-INT (REWRITE) (AND (EQUAL (P-OBJECTP-TYPE 'INT (TAG 'INT X) STATE) (SMALL-INTEGERP X (P-WORD-SIZE STATE))) (EQUAL (P-OBJECTP-TYPE 'INT (LIST 'INT X) STATE) (SMALL-INTEGERP X (P-WORD-SIZE STATE)))) ((ENABLE P-OBJECTP-TYPE INT-LITERALP))) WARNING: Note that the proposed lemma P-OBJECT-TYPE-INT is to be stored as zero type prescription rules, zero compound recognizer rules, zero linear rules, and two replacement rules. This conjecture can be simplified, using the abbreviation AND, to two new formulas: Case 2. (EQUAL (P-OBJECTP-TYPE 'INT (TAG 'INT X) STATE) (SMALL-INTEGERP X (P-WORD-SIZE STATE))), which simplifies, appealing to the lemmas CAR-TAG, CDR-CONS, UNTAG-TAG, and TYPE-TAG, and unfolding P-OBJECTP, EQUAL, and P-OBJECTP-TYPE, to: T. Case 1. (EQUAL (P-OBJECTP-TYPE 'INT (LIST 'INT X) STATE) (SMALL-INTEGERP X (P-WORD-SIZE STATE))), which simplifies, rewriting with the lemmas CDR-CONS, UNTAG-CONS, and TYPE-EXPANSION, and expanding the definitions of P-OBJECTP, EQUAL, and P-OBJECTP-TYPE, to: T. Q.E.D. [ 0.0 0.0 0.0 ] P-OBJECT-TYPE-INT (PROVE-LEMMA SIMPLE-IDENTIFIERP-OPTIONS (REWRITE) (IMPLIES (OR (INT-IDENTIFIERP X ALIST) (BOOLEAN-IDENTIFIERP X ALIST) (CHARACTER-IDENTIFIERP X ALIST)) (SIMPLE-IDENTIFIERP X ALIST)) ((ENABLE SIMPLE-IDENTIFIERP))) This formula can be simplified, using the abbreviations SIMPLE-IDENTIFIERP and IMPLIES, to: (IMPLIES (AND (OR (INT-IDENTIFIERP X ALIST) (BOOLEAN-IDENTIFIERP X ALIST) (CHARACTER-IDENTIFIERP X ALIST)) (NOT (BOOLEAN-IDENTIFIERP X ALIST)) (NOT (INT-IDENTIFIERP X ALIST))) (CHARACTER-IDENTIFIERP X ALIST)), which simplifies, unfolding the definition of OR, to: T. Q.E.D. [ 0.0 0.0 0.0 ] SIMPLE-IDENTIFIERP-OPTIONS (PROVE-LEMMA SMALL-INTEGERP-DIFFERENCE (REWRITE) (IMPLIES (AND (SMALL-INTEGERP X N) (SMALL-INTEGERP Y N) (NOT (ZEROP X)) (NOT (NEGATIVEP Y))) (SMALL-INTEGERP (IDIFFERENCE X Y) N)) ((ENABLE SMALL-INTEGERP IDIFFERENCE ILESSP IPLUS INEGATE))) This conjecture can be simplified, using the abbreviations ZEROP, NOT, SMALL-INTEGERP, AND, IMPLIES, and IDIFFERENCE, to: (IMPLIES (AND (INTEGERP X) (NOT (ILESSP X (MINUS (EXP 2 (SUB1 N))))) (ILESSP X (EXP 2 (SUB1 N))) (INTEGERP Y) (NOT (ILESSP Y (MINUS (EXP 2 (SUB1 N))))) (ILESSP Y (EXP 2 (SUB1 N))) (NOT (EQUAL X 0)) (NUMBERP X) (NOT (NEGATIVEP Y))) (SMALL-INTEGERP (IPLUS X (INEGATE Y)) N)). This simplifies, opening up the definitions of INTEGERP, ILESSP, and INEGATE, to the following two new formulas: Case 2. (IMPLIES (AND (LESSP X (EXP 2 (SUB1 N))) (NUMBERP Y) (LESSP Y (EXP 2 (SUB1 N))) (NOT (EQUAL X 0)) (NUMBERP X) (NOT (EQUAL Y 0))) (SMALL-INTEGERP (IPLUS X (MINUS Y)) N)). However this again simplifies, applying NEGATIVE-GUTS-MINUS, and opening up the definition of IPLUS, to the following two new conjectures: Case 2.2. (IMPLIES (AND (LESSP X (EXP 2 (SUB1 N))) (NUMBERP Y) (LESSP Y (EXP 2 (SUB1 N))) (NOT (EQUAL X 0)) (NUMBERP X) (NOT (EQUAL Y 0)) (NOT (LESSP X Y))) (SMALL-INTEGERP (DIFFERENCE X Y) N)). But this again simplifies, applying DIFFERENCE-PRESERVES-LESSP2, and opening up the functions ILESSP, INTEGERP, and SMALL-INTEGERP, to: T. Case 2.1. (IMPLIES (AND (LESSP X (EXP 2 (SUB1 N))) (NUMBERP Y) (LESSP Y (EXP 2 (SUB1 N))) (NOT (EQUAL X 0)) (NUMBERP X) (NOT (EQUAL Y 0)) (LESSP X Y)) (SMALL-INTEGERP (MINUS (DIFFERENCE Y X)) N)). But this again simplifies, applying NEGATIVE-GUTS-MINUS, and opening up ILESSP, INTEGERP, and SMALL-INTEGERP, to the following two new goals: Case 2.1.2. (IMPLIES (AND (LESSP X (EXP 2 (SUB1 N))) (NUMBERP Y) (LESSP Y (EXP 2 (SUB1 N))) (NOT (EQUAL X 0)) (NUMBERP X) (NOT (EQUAL Y 0)) (LESSP X Y)) (NOT (EQUAL (DIFFERENCE Y X) 0))). But this again simplifies, using linear arithmetic, to: T. Case 2.1.1. (IMPLIES (AND (LESSP X (EXP 2 (SUB1 N))) (NUMBERP Y) (LESSP Y (EXP 2 (SUB1 N))) (NOT (EQUAL X 0)) (NUMBERP X) (NOT (EQUAL Y 0)) (LESSP X Y)) (NOT (LESSP (EXP 2 (SUB1 N)) (DIFFERENCE Y X)))), which again simplifies, using linear arithmetic, to: (IMPLIES (AND (LESSP Y X) (LESSP X (EXP 2 (SUB1 N))) (NUMBERP Y) (LESSP Y (EXP 2 (SUB1 N))) (NOT (EQUAL X 0)) (NUMBERP X) (NOT (EQUAL Y 0)) (LESSP X Y)) (NOT (LESSP (EXP 2 (SUB1 N)) (DIFFERENCE Y X)))). However this again simplifies, using linear arithmetic, to: T. Case 1. (IMPLIES (AND (LESSP X (EXP 2 (SUB1 N))) (NUMBERP Y) (LESSP Y (EXP 2 (SUB1 N))) (NOT (EQUAL X 0)) (NUMBERP X) (EQUAL Y 0)) (SMALL-INTEGERP (IPLUS X 0) N)), which again simplifies, applying ZERO-IPLUS-RIGHT-IDENTITY, and expanding the functions NUMBERP, EQUAL, LESSP, INTEGERP, ILESSP, and SMALL-INTEGERP, to: T. Q.E.D. [ 0.0 0.1 0.0 ] SMALL-INTEGERP-DIFFERENCE (PROVE-LEMMA LIMITS-FOR-SMALL-INTEGERP (REWRITE) (IMPLIES (AND (LESSP X (MAXINT)) (NOT (ZEROP X))) (SMALL-INTEGERP X 32)) ((ENABLE SMALL-INTEGERP ILESSP))) This formula can be simplified, using the abbreviations ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and MAXINT, to: (IMPLIES (AND (LESSP X (SUB1 (EXP 2 (SUB1 32)))) (NOT (EQUAL X 0)) (NUMBERP X)) (SMALL-INTEGERP X 32)), which simplifies, rewriting with SUB1-PRESERVES-LESSP, and expanding the definitions of SUB1, EXP, NUMBERP, EQUAL, LESSP, ILESSP, NEGATIVEP, MINUS, INTEGERP, and SMALL-INTEGERP, to: T. Q.E.D. [ 0.0 0.0 0.0 ] LIMITS-FOR-SMALL-INTEGERP (PROVE-LEMMA SIMPLE-TYPED-IDENTIFIER-SIMPLE-IDENTIFIERP (REWRITE) (IMPLIES (SIMPLE-TYPED-IDENTIFIERP X TYPE ALIST) (SIMPLE-IDENTIFIERP X ALIST)) ((ENABLE SIMPLE-TYPED-IDENTIFIERP SIMPLE-IDENTIFIERP))) WARNING: Note that SIMPLE-TYPED-IDENTIFIER-SIMPLE-IDENTIFIERP contains the free variable TYPE which will be chosen by instantiating the hypothesis: (SIMPLE-TYPED-IDENTIFIERP X TYPE ALIST). This conjecture can be simplified, using the abbreviations SIMPLE-IDENTIFIERP and IMPLIES, to: (IMPLIES (AND (SIMPLE-TYPED-IDENTIFIERP X TYPE ALIST) (NOT (BOOLEAN-IDENTIFIERP X ALIST)) (NOT (INT-IDENTIFIERP X ALIST))) (CHARACTER-IDENTIFIERP X ALIST)). This simplifies, unfolding the definition of SIMPLE-TYPED-IDENTIFIERP, to: T. Q.E.D. [ 0.0 0.0 0.0 ] SIMPLE-TYPED-IDENTIFIER-SIMPLE-IDENTIFIERP (PROVE-LEMMA MG-VAR-OK-ARRAY-INDEX-OK3 (REWRITE) (IMPLIES (AND (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (MG-ALISTP MG-VARS) (ARRAY-IDENTIFIERP X MG-VARS)) (EQUAL (LESSP (PLUS (UNTAG (VALUE X BINDINGS)) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X MG-VARS))))) (LENGTH TEMP-STK)) T)) ((ENABLE MG-VAR-OK-IN-P-STATE MG-ALIST-ELEMENTP MG-TYPE-REFP ARRAY-IDENTIFIERP ARRAY-MG-TYPE-REFP OK-TEMP-STK-ARRAY-INDEX OK-MG-VALUEP VALUE OK-MG-ARRAY-VALUE ARRAY-LITERALP))) This formula can be simplified, using the abbreviations IDENTIFIERP, DEFINED-IDENTIFIERP, M-TYPE, GET-M-TYPE, HAS-ARRAY-TYPE, ARRAY-IDENTIFIERP, AND, IMPLIES, and VALUE, to: (IMPLIES (AND (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (MG-ALISTP MG-VARS) (OK-MG-NAMEP X) (DEFINEDP X MG-VARS) (EQUAL (CAADR (ASSOC X MG-VARS)) 'ARRAY-MG)) (EQUAL (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X MG-VARS))))) (LENGTH TEMP-STK)) T)), which simplifies, trivially, to: (IMPLIES (AND (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (MG-ALISTP MG-VARS) (OK-MG-NAMEP X) (DEFINEDP X MG-VARS) (EQUAL (CAADR (ASSOC X MG-VARS)) 'ARRAY-MG)) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X MG-VARS))))) (LENGTH TEMP-STK))), which we will name *1. We will appeal to induction. The recursive terms in the conjecture suggest seven inductions. They merge into three likely candidate inductions. However, only one is unflawed. We will induct according to the following scheme: (AND (IMPLIES (NLISTP MG-VARS) (p X BINDINGS MG-VARS TEMP-STK)) (IMPLIES (AND (NOT (NLISTP MG-VARS)) (p X BINDINGS (CDR MG-VARS) TEMP-STK)) (p X BINDINGS MG-VARS TEMP-STK))). Linear arithmetic, the lemmas CDR-LESSEQP and CDR-LESSP, and the definition of NLISTP establish that the measure (COUNT MG-VARS) decreases according to the well-founded relation LESSP in each induction step of the scheme. The above induction scheme produces the following six new conjectures: Case 6. (IMPLIES (AND (NLISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (MG-ALISTP MG-VARS) (OK-MG-NAMEP X) (DEFINEDP X MG-VARS) (EQUAL (CAADR (ASSOC X MG-VARS)) 'ARRAY-MG)) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X MG-VARS))))) (LENGTH TEMP-STK))). This simplifies, unfolding NLISTP, MG-VARS-LIST-OK-IN-P-STATE, MG-ALISTP, LISTP, and DEFINEDP, to: T. Case 5. (IMPLIES (AND (NOT (NLISTP MG-VARS)) (NOT (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (MG-ALISTP MG-VARS) (OK-MG-NAMEP X) (DEFINEDP X MG-VARS) (EQUAL (CAADR (ASSOC X MG-VARS)) 'ARRAY-MG)) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X MG-VARS))))) (LENGTH TEMP-STK))). This simplifies, unfolding NLISTP, MG-VARS-LIST-OK-IN-P-STATE, OK-TEMP-STK-ARRAY-INDEX, SIMPLE-MG-TYPE-REFP, CDR, CAR, LISTP, MEMBER, M-TYPE, and MG-VAR-OK-IN-P-STATE, to: T. Case 4. (IMPLIES (AND (NOT (NLISTP MG-VARS)) (NOT (MG-ALISTP (CDR MG-VARS))) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (MG-ALISTP MG-VARS) (OK-MG-NAMEP X) (DEFINEDP X MG-VARS) (EQUAL (CAADR (ASSOC X MG-VARS)) 'ARRAY-MG)) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X MG-VARS))))) (LENGTH TEMP-STK))). This simplifies, applying MEMBER-CONS, and expanding the functions NLISTP, MG-VARS-LIST-OK-IN-P-STATE, OK-TEMP-STK-ARRAY-INDEX, SIMPLE-MG-TYPE-REFP, CDR, CAR, LISTP, MEMBER, M-TYPE, MG-VAR-OK-IN-P-STATE, MG-ALISTP, OK-MG-VALUEP, EQUAL, SIMPLE-TYPED-LITERALP, M-VALUE, MG-TYPE-REFP, MG-ALIST-ELEMENTP, ARRAY-LITERALP, OK-MG-ARRAY-VALUE, and ARRAY-MG-TYPE-REFP, to: T. Case 3. (IMPLIES (AND (NOT (NLISTP MG-VARS)) (NOT (DEFINEDP X (CDR MG-VARS))) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (MG-ALISTP MG-VARS) (OK-MG-NAMEP X) (DEFINEDP X MG-VARS) (EQUAL (CAADR (ASSOC X MG-VARS)) 'ARRAY-MG)) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X MG-VARS))))) (LENGTH TEMP-STK))), which simplifies, appealing to the lemma MEMBER-CONS, and unfolding the functions NLISTP, MG-VARS-LIST-OK-IN-P-STATE, OK-TEMP-STK-ARRAY-INDEX, SIMPLE-MG-TYPE-REFP, CDR, CAR, LISTP, MEMBER, M-TYPE, MG-VAR-OK-IN-P-STATE, MG-ALISTP, OK-MG-VALUEP, EQUAL, SIMPLE-TYPED-LITERALP, M-VALUE, MG-TYPE-REFP, MG-ALIST-ELEMENTP, DEFINEDP, ASSOC, ARRAY-LITERALP, OK-MG-ARRAY-VALUE, and ARRAY-MG-TYPE-REFP, to three new formulas: Case 3.3. (IMPLIES (AND (LISTP MG-VARS) (NOT (DEFINEDP X (CDR MG-VARS))) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'INT-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))), which again simplifies, clearly, to: T. Case 3.2. (IMPLIES (AND (LISTP MG-VARS) (NOT (DEFINEDP X (CDR MG-VARS))) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'BOOLEAN-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, trivially, to: T. Case 3.1. (IMPLIES (AND (LISTP MG-VARS) (NOT (DEFINEDP X (CDR MG-VARS))) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'CHARACTER-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, trivially, to: T. Case 2. (IMPLIES (AND (NOT (NLISTP MG-VARS)) (NOT (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG)) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (MG-ALISTP MG-VARS) (OK-MG-NAMEP X) (DEFINEDP X MG-VARS) (EQUAL (CAADR (ASSOC X MG-VARS)) 'ARRAY-MG)) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X MG-VARS))))) (LENGTH TEMP-STK))). This simplifies, applying PLUS-0-REWRITE2 and MEMBER-CONS, and expanding the definitions of NLISTP, MG-VARS-LIST-OK-IN-P-STATE, OK-TEMP-STK-ARRAY-INDEX, SIMPLE-MG-TYPE-REFP, CDR, CAR, LISTP, MEMBER, M-TYPE, MG-VAR-OK-IN-P-STATE, MG-ALISTP, OK-MG-VALUEP, EQUAL, SIMPLE-TYPED-LITERALP, M-VALUE, MG-TYPE-REFP, MG-ALIST-ELEMENTP, DEFINEDP, ASSOC, ARRAY-LENGTH, SUB1, ZEROP, ARRAY-LITERALP, OK-MG-ARRAY-VALUE, and ARRAY-MG-TYPE-REFP, to 12 new goals: Case 2.12. (IMPLIES (AND (LISTP MG-VARS) (NOT (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'INT-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (INT-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (NOT (NUMBERP (UNTAG (CDR (ASSOC X BINDINGS)))))) (LESSP 0 (LENGTH TEMP-STK))), which again simplifies, unfolding the definitions of CAR and EQUAL, to: T. Case 2.11. (IMPLIES (AND (LISTP MG-VARS) (NOT (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'INT-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (INT-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (NUMBERP (UNTAG (CDR (ASSOC X BINDINGS))))) (LESSP (UNTAG (CDR (ASSOC X BINDINGS))) (LENGTH TEMP-STK))), which again simplifies, opening up CAR and EQUAL, to: T. Case 2.10. (IMPLIES (AND (LISTP MG-VARS) (NOT (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'CHARACTER-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (CHARACTER-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (NOT (NUMBERP (UNTAG (CDR (ASSOC X BINDINGS)))))) (LESSP 0 (LENGTH TEMP-STK))), which again simplifies, unfolding the functions CAR and EQUAL, to: T. Case 2.9. (IMPLIES (AND (LISTP MG-VARS) (NOT (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'CHARACTER-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (CHARACTER-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (NUMBERP (UNTAG (CDR (ASSOC X BINDINGS))))) (LESSP (UNTAG (CDR (ASSOC X BINDINGS))) (LENGTH TEMP-STK))), which again simplifies, unfolding the functions CAR and EQUAL, to: T. Case 2.8. (IMPLIES (AND (LISTP MG-VARS) (NOT (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (BOOLEAN-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (NOT (NUMBERP (UNTAG (CDR (ASSOC X BINDINGS)))))) (LESSP 0 (LENGTH TEMP-STK))), which again simplifies, expanding CAR and EQUAL, to: T. Case 2.7. (IMPLIES (AND (LISTP MG-VARS) (NOT (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (BOOLEAN-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (NUMBERP (UNTAG (CDR (ASSOC X BINDINGS))))) (LESSP (UNTAG (CDR (ASSOC X BINDINGS))) (LENGTH TEMP-STK))), which again simplifies, expanding the definitions of CAR and EQUAL, to: T. Case 2.6. (IMPLIES (AND (LISTP MG-VARS) (NOT (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'INT-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))), which again simplifies, clearly, to: T. Case 2.5. (IMPLIES (AND (LISTP MG-VARS) (NOT (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'INT-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, trivially, to: T. Case 2.4. (IMPLIES (AND (LISTP MG-VARS) (NOT (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'BOOLEAN-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, clearly, to: T. Case 2.3. (IMPLIES (AND (LISTP MG-VARS) (NOT (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'BOOLEAN-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, obviously, to: T. Case 2.2. (IMPLIES (AND (LISTP MG-VARS) (NOT (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'CHARACTER-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, clearly, to: T. Case 2.1. (IMPLIES (AND (LISTP MG-VARS) (NOT (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'CHARACTER-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, obviously, to: T. Case 1. (IMPLIES (AND (NOT (NLISTP MG-VARS)) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (MG-ALISTP MG-VARS) (OK-MG-NAMEP X) (DEFINEDP X MG-VARS) (EQUAL (CAADR (ASSOC X MG-VARS)) 'ARRAY-MG)) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X MG-VARS))))) (LENGTH TEMP-STK))). This simplifies, using linear arithmetic, applying LESSP-DIFFERENCE, PLUS-0-REWRITE2, and MEMBER-CONS, and unfolding the functions NLISTP, MG-VARS-LIST-OK-IN-P-STATE, OK-TEMP-STK-ARRAY-INDEX, SIMPLE-MG-TYPE-REFP, CDR, CAR, LISTP, MEMBER, M-TYPE, MG-VAR-OK-IN-P-STATE, MG-ALISTP, OK-MG-VALUEP, EQUAL, SIMPLE-TYPED-LITERALP, M-VALUE, MG-TYPE-REFP, MG-ALIST-ELEMENTP, DEFINEDP, ASSOC, ARRAY-LENGTH, SUB1, ZEROP, ARRAY-LITERALP, OK-MG-ARRAY-VALUE, and ARRAY-MG-TYPE-REFP, to 18 new formulas: Case 1.18. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'INT-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (INT-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (NOT (EQUAL X (CAAR MG-VARS))) (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG) (LESSP (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))) 1)) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X MG-VARS))))) (LENGTH TEMP-STK))), which again simplifies, opening up ASSOC, to: T. Case 1.17. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'INT-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (INT-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (NOT (NUMBERP (UNTAG (CDR (ASSOC X BINDINGS)))))) (LESSP 0 (LENGTH TEMP-STK))), which again simplifies, expanding PLUS, CAR, and EQUAL, to: T. Case 1.16. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'INT-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (INT-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (NUMBERP (UNTAG (CDR (ASSOC X BINDINGS))))) (LESSP (UNTAG (CDR (ASSOC X BINDINGS))) (LENGTH TEMP-STK))), which again simplifies, using linear arithmetic, to: (IMPLIES (AND (EQUAL (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (LENGTH TEMP-STK)) (LISTP MG-VARS) (LESSP (PLUS (LENGTH TEMP-STK) (SUB1 (ARRAY-LENGTH (CADR (ASSOC (CAAR MG-VARS) (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'INT-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (INT-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP (CAAR MG-VARS)) (DEFINEDP (CAAR MG-VARS) (CDR MG-VARS)) (EQUAL (CAR 'INT-MG) 'ARRAY-MG) (NUMBERP (LENGTH TEMP-STK))) (LESSP (LENGTH TEMP-STK) (LENGTH TEMP-STK))). But this again simplifies, unfolding CAR and EQUAL, to: T. Case 1.15. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'CHARACTER-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (CHARACTER-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (NOT (EQUAL X (CAAR MG-VARS))) (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG) (LESSP (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))) 1)) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X MG-VARS))))) (LENGTH TEMP-STK))), which again simplifies, opening up ASSOC, to: T. Case 1.14. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'CHARACTER-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (CHARACTER-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (NOT (NUMBERP (UNTAG (CDR (ASSOC X BINDINGS)))))) (LESSP 0 (LENGTH TEMP-STK))), which again simplifies, unfolding the definitions of PLUS, CAR, and EQUAL, to: T. Case 1.13. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'CHARACTER-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (CHARACTER-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (NUMBERP (UNTAG (CDR (ASSOC X BINDINGS))))) (LESSP (UNTAG (CDR (ASSOC X BINDINGS))) (LENGTH TEMP-STK))), which again simplifies, using linear arithmetic, to the formula: (IMPLIES (AND (EQUAL (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (LENGTH TEMP-STK)) (LISTP MG-VARS) (LESSP (PLUS (LENGTH TEMP-STK) (SUB1 (ARRAY-LENGTH (CADR (ASSOC (CAAR MG-VARS) (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'CHARACTER-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (CHARACTER-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP (CAAR MG-VARS)) (DEFINEDP (CAAR MG-VARS) (CDR MG-VARS)) (EQUAL (CAR 'CHARACTER-MG) 'ARRAY-MG) (NUMBERP (LENGTH TEMP-STK))) (LESSP (LENGTH TEMP-STK) (LENGTH TEMP-STK))). But this again simplifies, unfolding the definitions of CAR and EQUAL, to: T. Case 1.12. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (BOOLEAN-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (NOT (EQUAL X (CAAR MG-VARS))) (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG) (LESSP (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))) 1)) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X MG-VARS))))) (LENGTH TEMP-STK))), which again simplifies, opening up the definition of ASSOC, to: T. Case 1.11. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (BOOLEAN-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (NOT (NUMBERP (UNTAG (CDR (ASSOC X BINDINGS)))))) (LESSP 0 (LENGTH TEMP-STK))), which again simplifies, unfolding PLUS, CAR, and EQUAL, to: T. Case 1.10. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (BOOLEAN-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (NUMBERP (UNTAG (CDR (ASSOC X BINDINGS))))) (LESSP (UNTAG (CDR (ASSOC X BINDINGS))) (LENGTH TEMP-STK))), which again simplifies, using linear arithmetic, to: (IMPLIES (AND (EQUAL (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (LENGTH TEMP-STK)) (LISTP MG-VARS) (LESSP (PLUS (LENGTH TEMP-STK) (SUB1 (ARRAY-LENGTH (CADR (ASSOC (CAAR MG-VARS) (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG) (OK-TEMP-STK-INDEX (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) TEMP-STK) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (BOOLEAN-LITERALP (CADDAR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP (CAAR MG-VARS)) (DEFINEDP (CAAR MG-VARS) (CDR MG-VARS)) (EQUAL (CAR 'BOOLEAN-MG) 'ARRAY-MG) (NUMBERP (LENGTH TEMP-STK))) (LESSP (LENGTH TEMP-STK) (LENGTH TEMP-STK))). However this again simplifies, opening up the functions CAR and EQUAL, to: T. Case 1.9. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'INT-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))), which again simplifies, trivially, to: T. Case 1.8. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'INT-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, clearly, to: T. Case 1.7. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'INT-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, obviously, to: T. Case 1.6. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'BOOLEAN-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, obviously, to: T. Case 1.5. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'BOOLEAN-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, clearly, to: T. Case 1.4. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'BOOLEAN-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, clearly, to: T. Case 1.3. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'CHARACTER-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, trivially, to: T. Case 1.2. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'CHARACTER-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL (CAADR (ASSOC X (CDR MG-VARS))) 'ARRAY-MG) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, obviously, to: T. Case 1.1. (IMPLIES (AND (LISTP MG-VARS) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADR (ASSOC X (CDR MG-VARS)))))) (LENGTH TEMP-STK)) (DEFINEDP (CAAR MG-VARS) BINDINGS) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG)) (LENGTH-PLISTP (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) 2) (EQUAL (TYPE (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) 'NAT) (NUMBERP (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS)))) (LESSP (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS TEMP-STK) (LENGTH-PLISTP (CAR MG-VARS) 3) (OK-MG-NAMEP (CAAR MG-VARS)) (LENGTH-PLISTP (CADAR MG-VARS) 3) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG) (EQUAL (ARRAY-ELEMTYPE (CADAR MG-VARS)) 'CHARACTER-MG) (NOT (EQUAL (ARRAY-LENGTH (CADAR MG-VARS)) 0)) (NUMBERP (ARRAY-LENGTH (CADAR MG-VARS))) (SIMPLE-TYPED-LITERAL-PLISTP (CADDAR MG-VARS) (ARRAY-ELEMTYPE (CADAR MG-VARS))) (EQUAL (LENGTH (CADDAR MG-VARS)) (ARRAY-LENGTH (CADAR MG-VARS))) (MG-ALISTP (CDR MG-VARS)) (OK-MG-NAMEP X) (DEFINEDP X (CDR MG-VARS)) (EQUAL X (CAAR MG-VARS))) (LESSP (PLUS (UNTAG (CDR (ASSOC X BINDINGS))) (SUB1 (ARRAY-LENGTH (CADAR MG-VARS)))) (LENGTH TEMP-STK))). This again simplifies, obviously, to: T. That finishes the proof of *1. Q.E.D. [ 0.0 0.8 1.5 ] MG-VAR-OK-ARRAY-INDEX-OK3 (PROVE-LEMMA IDIFFERENCE-LESSP (REWRITE) (IMPLIES (AND (NOT (NEGATIVEP Y)) (NOT (ZEROP (IDIFFERENCE X Y)))) (EQUAL (LESSP Y X) T)) ((ENABLE IDIFFERENCE ILESSP INEGATE IPLUS))) This formula can be simplified, using the abbreviations ZEROP, NOT, AND, IMPLIES, and IDIFFERENCE, to the new formula: (IMPLIES (AND (NOT (NEGATIVEP Y)) (NOT (EQUAL (IPLUS X (INEGATE Y)) 0)) (NUMBERP (IPLUS X (INEGATE Y)))) (EQUAL (LESSP Y X) T)), which simplifies, appealing to the lemmas NEGATIVE-GUTS-MINUS, PLUS-0-REWRITE2, and MINUS-NEGATIVE-GUTS, and unfolding the functions INEGATE, IPLUS, ZEROP, DIFFERENCE, LESSP, EQUAL, and NEGATIVEP, to 11 new goals: Case 11.(IMPLIES (AND (NOT (NEGATIVEP Y)) (NOT (EQUAL Y 0)) (NUMBERP Y) (NOT (EQUAL (IPLUS X (MINUS Y)) 0)) (NOT (NEGATIVEP X)) (NOT (LESSP X Y))) (LESSP Y X)), which again simplifies, using linear arithmetic, to two new formulas: Case 11.2. (IMPLIES (AND (NOT (NUMBERP X)) (NOT (NEGATIVEP Y)) (NOT (EQUAL Y 0)) (NUMBERP Y) (NOT (EQUAL (IPLUS X (MINUS Y)) 0)) (NOT (NEGATIVEP X)) (NOT (LESSP X Y))) (LESSP Y X)), which again simplifies, applying NEGATIVE-GUTS-MINUS, and unfolding the functions DIFFERENCE, LESSP, and IPLUS, to: T. Case 11.1. (IMPLIES (AND (NUMBERP X) (NOT (NEGATIVEP X)) (NOT (EQUAL X 0)) (NOT (EQUAL (IPLUS X (MINUS X)) 0)) (NOT (NEGATIVEP X)) (NOT (LESSP X X))) (LESSP X X)). This again simplifies, rewriting with DIFFERENCE-X-X and NEGATIVE-GUTS-MINUS, and opening up IPLUS and EQUAL, to: T. Case 10.(IMPLIES (AND (NOT (NEGATIVEP Y)) (EQUAL Y 0) (NOT (EQUAL (IPLUS X 0) 0)) (NOT (NEGATIVEP X))) (NOT (EQUAL X 0))). But this again simplifies, expanding the functions NEGATIVEP, IPLUS, and EQUAL, to: T. Case 9. (IMPLIES (AND (NOT (NEGATIVEP Y)) (EQUAL Y 0) (NOT (EQUAL (IPLUS X 0) 0)) (NOT (NEGATIVEP X))) (NUMBERP X)), which again simplifies, rewriting with PLUS-0-REWRITE2, and opening up the functions NEGATIVEP, ZEROP, IPLUS, and EQUAL, to: T. Case 8. (IMPLIES (AND (NOT (NEGATIVEP Y)) (EQUAL Y 0) (NOT (EQUAL (IPLUS X 0) 0)) (EQUAL (NEGATIVE-GUTS X) 0)) (NOT (EQUAL X 0))). However this again simplifies, opening up the definitions of NEGATIVEP, IPLUS, and EQUAL, to: T. Case 7. (IMPLIES (AND (NOT (NEGATIVEP Y)) (EQUAL Y 0) (NOT (EQUAL (IPLUS X 0) 0)) (EQUAL (NEGATIVE-GUTS X) 0)) (NUMBERP X)), which again simplifies, rewriting with the lemma PLUS-0-REWRITE2, and unfolding NEGATIVEP, ZEROP, DIFFERENCE, LESSP, IPLUS, and EQUAL, to: T. Case 6. (IMPLIES (AND (NOT (NEGATIVEP Y)) (EQUAL Y 0) (NOT (EQUAL (IPLUS X 0) 0)) (NUMBERP X)) (NOT (EQUAL X 0))), which again simplifies, expanding the definitions of NEGATIVEP, IPLUS, and EQUAL, to: T. Case 5. (IMPLIES (AND (NOT (NEGATIVEP Y)) (NOT (NUMBERP Y)) (NOT (EQUAL (IPLUS X 0) 0)) (NOT (NEGATIVEP X))) (NOT (EQUAL X 0))), which again simplifies, expanding IPLUS and EQUAL, to: T. Case 4. (IMPLIES (AND (NOT (NEGATIVEP Y)) (NOT (NUMBERP Y)) (NOT (EQUAL (IPLUS X 0) 0)) (NOT (NEGATIVEP X))) (NUMBERP X)), which again simplifies, applying the lemma PLUS-0-REWRITE2, and opening up the definitions of ZEROP, NEGATIVEP, IPLUS, and EQUAL, to: T. Case 3. (IMPLIES (AND (NOT (NEGATIVEP Y)) (NOT (NUMBERP Y)) (NOT (EQUAL (IPLUS X 0) 0)) (EQUAL (NEGATIVE-GUTS X) 0)) (NOT (EQUAL X 0))), which again simplifies, expanding the functions IPLUS and EQUAL, to: T. Case 2. (IMPLIES (AND (NOT (NEGATIVEP Y)) (NOT (NUMBERP Y)) (NOT (EQUAL (IPLUS X 0) 0)) (EQUAL (NEGATIVE-GUTS X) 0)) (NUMBERP X)), which again simplifies, applying PLUS-0-REWRITE2, and opening up the definitions of ZEROP, DIFFERENCE, LESSP, NEGATIVEP, IPLUS, and EQUAL, to: T. Case 1. (IMPLIES (AND (NOT (NEGATIVEP Y)) (NOT (NUMBERP Y)) (NOT (EQUAL (IPLUS X 0) 0)) (NUMBERP X)) (NOT (EQUAL X 0))). This again simplifies, opening up IPLUS and EQUAL, to: T. Q.E.D. [ 0.0 0.0 0.0 ] IDIFFERENCE-LESSP (PROVE-LEMMA NAT-P-OBJECTP-REDUCTION (REWRITE) (EQUAL (P-OBJECTP-TYPE 'NAT (TAG 'NAT X) STATE) (SMALL-NATURALP X (P-WORD-SIZE STATE))) ((ENABLE P-OBJECTP-TYPE))) This conjecture simplifies, applying CAR-TAG, CDR-CONS, UNTAG-TAG, and TYPE-TAG, and expanding the functions P-OBJECTP, EQUAL, and P-OBJECTP-TYPE, to: T. Q.E.D. [ 0.0 0.0 0.0 ] NAT-P-OBJECTP-REDUCTION (PROVE-LEMMA ARRAY-INDEX-SMALL-NATURALP (REWRITE) (IMPLIES (AND (LESSP TEMP-STK-SIZE (MG-MAX-TEMP-STK-SIZE)) (LESSP (PLUS A (SUB1 ARRAY-SIZE)) TEMP-STK-SIZE) (LESSP INDEX ARRAY-SIZE)) (SMALL-NATURALP (PLUS A INDEX) 32)) ((USE (MG-MAX-TEMP-STK-SIZE-NUMBERP)) (ENABLE SMALL-NATURALP))) WARNING: Note that ARRAY-INDEX-SMALL-NATURALP contains the free variables ARRAY-SIZE and TEMP-STK-SIZE which will be chosen by instantiating the hypotheses (LESSP TEMP-STK-SIZE (MG-MAX-TEMP-STK-SIZE)) and: (LESSP (PLUS A (SUB1 ARRAY-SIZE)) TEMP-STK-SIZE). This conjecture can be simplified, using the abbreviations IMPLIES, AND, and MG-WORD-SIZE, to: (IMPLIES (AND (NUMBERP (MG-MAX-TEMP-STK-SIZE)) (LESSP (MG-MAX-TEMP-STK-SIZE) (EXP 2 32)) (LESSP TEMP-STK-SIZE (MG-MAX-TEMP-STK-SIZE)) (LESSP (PLUS A (SUB1 ARRAY-SIZE)) TEMP-STK-SIZE) (LESSP INDEX ARRAY-SIZE)) (SMALL-NATURALP (PLUS A INDEX) 32)). This simplifies, expanding the definitions of EXP and SMALL-NATURALP, to: (IMPLIES (AND (LESSP (MG-MAX-TEMP-STK-SIZE) 4294967296) (LESSP TEMP-STK-SIZE (MG-MAX-TEMP-STK-SIZE)) (LESSP (PLUS A (SUB1 ARRAY-SIZE)) TEMP-STK-SIZE) (LESSP INDEX ARRAY-SIZE)) (LESSP (PLUS A INDEX) 4294967296)), which again simplifies, using linear arithmetic, to: T. Q.E.D. [ 0.0 0.3 0.0 ] ARRAY-INDEX-SMALL-NATURALP (PROVE-LEMMA MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS (REWRITE) (IMPLIES (AND (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST)) (AND (SIMPLE-TYPED-IDENTIFIERP (CAR (CALL-ACTUALS STMT)) (ARRAY-ELEMTYPE (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MG-ALIST MG-STATE)) (ARRAY-IDENTIFIERP (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)) (INT-IDENTIFIERP (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)) (EQUAL (CADDDR (CALL-ACTUALS STMT)) (ARRAY-LENGTH (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) ((INSTRUCTIONS PROMOTE SPLIT (DIVE 2 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) TOP (REWRITE SIGNATURES-MATCH-PRESERVES-SIMPLE-TYPED-IDENTIFIERP (($ALIST1 NAME-ALIST))) (REWRITE SIGNATURES-MATCH-SYMMETRIC) (REWRITE OK-MG-STATEP-ALIST-PLISTP) (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) (REWRITE SIGNATURES-MATCH-PRESERVES-ARRAY-IDENTIFIERP (($ALIST1 NAME-ALIST))) (REWRITE SIGNATURES-MATCH-SYMMETRIC) (REWRITE OK-MG-STATEP-ALIST-PLISTP) (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) (REWRITE SIGNATURES-MATCH-PRESERVES-INT-IDENTIFIERP (($ALIST1 NAME-ALIST))) (REWRITE SIGNATURES-MATCH-SYMMETRIC) (REWRITE OK-MG-STATEP-ALIST-PLISTP) (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) (DIVE 2 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) TOP (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))))) WARNING: Note that MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). WARNING: Note that MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). WARNING: Note that MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). WARNING: Note that MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS contains the free variables MG-STATE, PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypotheses: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and (OK-MG-STATEP MG-STATE R-COND-LIST). WARNING: Note that the proposed lemma: MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS is to be stored as zero type prescription rules, zero compound recognizer rules, zero linear rules, and four replacement rules. *** Entering proof-checker *** PROMOTE SPLIT Creating 4 new subgoals, (MAIN . 1), (MAIN . 2), (MAIN . 3), and (MAIN . 4). The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 1), (MAIN . 2), (MAIN . 3), and (MAIN . 4). Now proving (MAIN . 1). (DIVE 2 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. TOP : (REWRITE SIGNATURES-MATCH-PRESERVES-SIMPLE-TYPED-IDENTIFIERP (($ALIST1 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-SIMPLE-TYPED-IDENTIFIERP. Creating 2 new subgoals, ((MAIN . 1) . 1) and ((MAIN . 1) . 2). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1) and ((MAIN . 1) . 2). Now proving ((MAIN . 1) . 1). (REWRITE SIGNATURES-MATCH-SYMMETRIC) Rewriting with SIGNATURES-MATCH-SYMMETRIC. Creating 1 new subgoal, (((MAIN . 1) . 1) . 1). The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoal of ((MAIN . 1) . 1) remains to be proved: (((MAIN . 1) . 1) . 1). Now proving (((MAIN . 1) . 1) . 1). (REWRITE OK-MG-STATEP-ALIST-PLISTP) Rewriting with OK-MG-STATEP-ALIST-PLISTP. The current goal, (((MAIN . 1) . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). : (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) ***** Now entering the theorem prover *****: This simplifies, expanding the definitions of OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-INDEX-ARRAY-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. The current goal, ((MAIN . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 2). : (REWRITE SIGNATURES-MATCH-PRESERVES-ARRAY-IDENTIFIERP (($ALIST1 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-ARRAY-IDENTIFIERP. Creating 2 new subgoals, ((MAIN . 2) . 1) and ((MAIN . 2) . 2). The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoals of (MAIN . 2) remain to be proved: ((MAIN . 2) . 1) and ((MAIN . 2) . 2). Now proving ((MAIN . 2) . 1). (REWRITE SIGNATURES-MATCH-SYMMETRIC) Rewriting with SIGNATURES-MATCH-SYMMETRIC. Creating 1 new subgoal, (((MAIN . 2) . 1) . 1). The proof of the current goal, ((MAIN . 2) . 1), has been completed. However, the following subgoal of ((MAIN . 2) . 1) remains to be proved: (((MAIN . 2) . 1) . 1). Now proving (((MAIN . 2) . 1) . 1). (REWRITE OK-MG-STATEP-ALIST-PLISTP) Rewriting with OK-MG-STATEP-ALIST-PLISTP. The current goal, (((MAIN . 2) . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 2) . 2). : (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) ***** Now entering the theorem prover *****: This simplifies, expanding the functions OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-INDEX-ARRAY-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. The current goal, ((MAIN . 2) . 2), has been proved, and has no dependents. Now proving (MAIN . 3). (REWRITE SIGNATURES-MATCH-PRESERVES-INT-IDENTIFIERP (($ALIST1 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-INT-IDENTIFIERP. Creating 2 new subgoals, ((MAIN . 3) . 1) and ((MAIN . 3) . 2). The proof of the current goal, (MAIN . 3), has been completed. However, the following subgoals of (MAIN . 3) remain to be proved: ((MAIN . 3) . 1) and ((MAIN . 3) . 2). Now proving ((MAIN . 3) . 1). (REWRITE SIGNATURES-MATCH-SYMMETRIC) Rewriting with SIGNATURES-MATCH-SYMMETRIC. Creating 1 new subgoal, (((MAIN . 3) . 1) . 1). The proof of the current goal, ((MAIN . 3) . 1), has been completed. However, the following subgoal of ((MAIN . 3) . 1) remains to be proved: (((MAIN . 3) . 1) . 1). Now proving (((MAIN . 3) . 1) . 1). (REWRITE OK-MG-STATEP-ALIST-PLISTP) Rewriting with OK-MG-STATEP-ALIST-PLISTP. The current goal, (((MAIN . 3) . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 3) . 2). : (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) ***** Now entering the theorem prover *****: This formula simplifies, expanding OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-INDEX-ARRAY-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. The current goal, ((MAIN . 3) . 2), has been proved, and has no dependents. Now proving (MAIN . 4). (DIVE 2 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. TOP : (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) ***** Now entering the theorem prover *****: This formula simplifies, opening up OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-INDEX-ARRAY-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. The current goal, (MAIN . 4), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.8 0.0 0.0 ] MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS (PROVE-LEMMA MG-INDEX-ARRAY-ARGS-DEFINEDP (REWRITE) (IMPLIES (AND (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST)) (AND (DEFINEDP (CAR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)) (DEFINEDP (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)) (DEFINEDP (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) ((INSTRUCTIONS PROMOTE SPLIT (REWRITE SIMPLE-TYPED-IDENTIFIERP-IMPLIES-DEFINEDP (($TYPE (ARRAY-ELEMTYPE (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE ARRAY-IDENTIFIERP-IMPLIES-DEFINEDP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE SIMPLE-IDENTIFIERP-IMPLIES-DEFINEDP) X (DIVE 3 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) TOP S))) WARNING: Note that MG-INDEX-ARRAY-ARGS-DEFINEDP contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). WARNING: Note that MG-INDEX-ARRAY-ARGS-DEFINEDP contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). WARNING: Note that MG-INDEX-ARRAY-ARGS-DEFINEDP contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). WARNING: Note that the proposed lemma MG-INDEX-ARRAY-ARGS-DEFINEDP is to be stored as zero type prescription rules, zero compound recognizer rules, zero linear rules, and three replacement rules. *** Entering proof-checker *** PROMOTE SPLIT Creating 3 new subgoals, (MAIN . 1), (MAIN . 2), and (MAIN . 3). The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 1), (MAIN . 2), and (MAIN . 3). Now proving (MAIN . 1). : (REWRITE SIMPLE-TYPED-IDENTIFIERP-IMPLIES-DEFINEDP (($TYPE (ARRAY-ELEMTYPE (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) Rewriting with SIMPLE-TYPED-IDENTIFIERP-IMPLIES-DEFINEDP. Creating 1 new subgoal, ((MAIN . 1) . 1). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoal of (MAIN . 1) remains to be proved: ((MAIN . 1) . 1). Now proving ((MAIN . 1) . 1). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 1) . 1), has been proved, and has no dependents. Now proving (MAIN . 2). (REWRITE ARRAY-IDENTIFIERP-IMPLIES-DEFINEDP) Rewriting with ARRAY-IDENTIFIERP-IMPLIES-DEFINEDP. Creating 1 new subgoal, ((MAIN . 2) . 1). The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoal of (MAIN . 2) remains to be proved: ((MAIN . 2) . 1). Now proving ((MAIN . 2) . 1). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 2) . 1), has been proved, and has no dependents. Now proving (MAIN . 3). (REWRITE SIMPLE-IDENTIFIERP-IMPLIES-DEFINEDP) Rewriting with SIMPLE-IDENTIFIERP-IMPLIES-DEFINEDP. Creating 1 new subgoal, ((MAIN . 3) . 1). The proof of the current goal, (MAIN . 3), has been completed. However, the following subgoal of (MAIN . 3) remains to be proved: ((MAIN . 3) . 1). Now proving ((MAIN . 3) . 1). X (DIVE 3 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. TOP S The current goal, ((MAIN . 3) . 1), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.3 0.0 0.0 ] MG-INDEX-ARRAY-ARGS-DEFINEDP (PROVE-LEMMA MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP (REWRITE) (IMPLIES (AND (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST)) (SMALL-INTEGERP (CADDDR (CALL-ACTUALS STMT)) 32)) ((INSTRUCTIONS PROMOTE (CLAIM (LESSP (CADDDR (CALL-ACTUALS STMT)) (MAXINT)) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) (USE-LEMMA ARRAYS-HAVE-NON-ZEROP-LENGTHS ((X (CADR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE)))) (DEMOTE 7) (DIVE 1 1) PUSH UP S UP PROMOTE (REWRITE LIMITS-FOR-SMALL-INTEGERP) (DIVE 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) TOP PROVE (DIVE 1 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) TOP PROVE SPLIT (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP)))) WARNING: Note that MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP contains the free variables MG-STATE, PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypotheses: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and (OK-MG-STATEP MG-STATE R-COND-LIST). *** Entering proof-checker *** PROMOTE : (CLAIM (LESSP (CADDDR (CALL-ACTUALS STMT)) (MAXINT)) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations AND, IMPLIES, MG-WORD-SIZE, and MAXINT, to the formula: (IMPLIES (AND (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST)) (LESSP (CADDDR (CALL-ACTUALS STMT)) (SUB1 (EXP 2 (SUB1 32))))). This simplifies, opening up OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-INDEX-ARRAY-ARGS, MAXINT, OK-PREDEFINED-PROC-ARGS, EQUAL, OK-MG-STATEMENT, SUB1, and EXP, to: T. Q.E.D. : (USE-LEMMA ARRAYS-HAVE-NON-ZEROP-LENGTHS ((X (CADR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE)))) Using ARRAYS-HAVE-NON-ZEROP-LENGTHS with the substitution: ((X (CADR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE))). (DEMOTE 7) (DIVE 1 1) PUSH Creating 1 new subgoal, (MAIN . 1). UP S UP PROMOTE (REWRITE LIMITS-FOR-SMALL-INTEGERP) Rewriting with LIMITS-FOR-SMALL-INTEGERP. Creating 2 new subgoals, (MAIN . 2) and (MAIN . 3). The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 2), (MAIN . 3), and (MAIN . 1). Now proving (MAIN . 2). (DIVE 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. TOP PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations AND, IMPLIES, MG-WORD-SIZE, and MAXINT, to the formula: T. This simplifies, clearly, to: T. Q.E.D. The current goal, (MAIN . 2), has been proved, and has no dependents. Now proving (MAIN . 3). (DIVE 1 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. TOP PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations NOT, AND, IMPLIES, MG-WORD-SIZE, and MAXINT, to the new formula: T, which simplifies, trivially, to: T. Q.E.D. The current goal, (MAIN . 3), has been proved, and has no dependents. Now proving (MAIN . 1). SPLIT Creating 2 new subgoals, ((MAIN . 1) . 1) and ((MAIN . 1) . 2). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1) and ((MAIN . 1) . 2). Now proving ((MAIN . 1) . 1). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 1) . 2), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.3 0.0 0.2 ] MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP (PROVE-LEMMA NOT-ZEROP-MG-INDEX-ARRAY-ARG4 (REWRITE) (IMPLIES (AND (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST)) (AND (NUMBERP (CADDDR (CALL-ACTUALS STMT))) (NOT (EQUAL (CADDDR (CALL-ACTUALS STMT)) 0)))) ((INSTRUCTIONS PROMOTE (CLAIM (EQUAL (CADDDR (CALL-ACTUALS STMT)) (ARRAY-LENGTH (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) NAME-ALIST)))) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) (= (CAR (CDR (CDR (CDR (CALL-ACTUALS STMT))))) (ARRAY-LENGTH (CAR (CDR (ASSOC (CAR (CDR (CALL-ACTUALS STMT))) NAME-ALIST)))) 0) (USE-LEMMA ARRAYS-HAVE-NON-ZEROP-LENGTHS ((X (CADR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE)))) (DEMOTE 7) (DIVE 1 1) (= T) NX (DIVE 1 1 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) TOP S))) WARNING: Note that NOT-ZEROP-MG-INDEX-ARRAY-ARG4 contains the free variables MG-STATE, PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypotheses: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and (OK-MG-STATEP MG-STATE R-COND-LIST). WARNING: Note that NOT-ZEROP-MG-INDEX-ARRAY-ARG4 contains the free variables MG-STATE, PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypotheses: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and (OK-MG-STATEP MG-STATE R-COND-LIST). WARNING: Note that the proposed lemma NOT-ZEROP-MG-INDEX-ARRAY-ARG4 is to be stored as zero type prescription rules, zero compound recognizer rules, zero linear rules, and two replacement rules. *** Entering proof-checker *** PROMOTE : (CLAIM (EQUAL (CADDDR (CALL-ACTUALS STMT)) (ARRAY-LENGTH (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) NAME-ALIST)))) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) ***** Now entering the theorem prover *****: This formula simplifies, opening up OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-INDEX-ARRAY-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. : (= (CAR (CDR (CDR (CDR (CALL-ACTUALS STMT))))) (ARRAY-LENGTH (CAR (CDR (ASSOC (CAR (CDR (CALL-ACTUALS STMT))) NAME-ALIST)))) 0) : (USE-LEMMA ARRAYS-HAVE-NON-ZEROP-LENGTHS ((X (CADR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE)))) Using ARRAYS-HAVE-NON-ZEROP-LENGTHS with the substitution: ((X (CADR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE))). (DEMOTE 7) (DIVE 1 1) (= T) ***** Now entering the theorem prover *****: This simplifies, applying MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS and OK-MG-STATEP-MG-ALIST-MG-ALISTP, and expanding the functions AND and EQUAL, to: T. Q.E.D. NX (DIVE 1 1 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. TOP S The current goal, MAIN, has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.3 0.0 0.0 ] NOT-ZEROP-MG-INDEX-ARRAY-ARG4 (PROVE-LEMMA MG-INDEX-ARRAY-STEPS-1-4 (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE)) (EQUAL (P-STEP (P-STEP (P-STEP (P-STEP (MAP-DOWN MG-STATE PROC-LIST CTRL-STK TEMP-STK (TAG 'PC (CONS SUBR (LENGTH (CODE CINFO)))) T-COND-LIST))))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 4))) CTRL-STK (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (PUSH (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1 1 1 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-CAR) S (= (CALL-NAME STMT) 'MG-INDEX-ARRAY 0) S (S LEMMAS) UP X UP X (DIVE 1) X (DIVE 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) UP S X (S LEMMAS) UP X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-INDEX-ARRAY 0) S (S LEMMAS) UP X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) UP UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2) UP S (S LEMMAS) UP X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-INDEX-ARRAY 0) S (S LEMMAS) UP X UP X (DIVE 1) (S LEMMAS) X (S LEMMAS) (DIVE 1 1 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) UP UP UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2) UP S X (S LEMMAS) UP X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-INDEX-ARRAY 0) S (S LEMMAS) UP X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1 1 1 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) UP UP UP UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2) UP S (S LEMMAS) UP S PROVE (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) PROVE (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) PROVE (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP)))) WARNING: Note that MG-INDEX-ARRAY-STEPS-1-4 contains the free variables CODE2, NAME-ALIST, R-COND-LIST, STMT, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST), and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). *** Entering proof-checker *** PROMOTE (DIVE 1 1 1 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-CAR) Rewriting with GET-LENGTH-CAR. S (= (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY) 0) S (S LEMMAS) UP X UP X (DIVE 1) X (DIVE 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (MAIN . 1). UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX. UP S X (S LEMMAS) UP X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY) 0) S (S LEMMAS) UP X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (MAIN . 2). UP UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2) **WARNING**: The following variables occur free in the lemma: RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2 but were not explicitly substituted for: CTRL-STK, TEMP-STK, PROC-LIST, and STMT. Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2. Creating 1 new subgoal, (MAIN . 3). UP S (S LEMMAS) UP X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY) 0) S (S LEMMAS) UP X UP X (DIVE 1) (S LEMMAS) X (S LEMMAS) (DIVE 1 1 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (MAIN . 4). UP UP UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2) **WARNING**: The following variables occur free in the lemma: RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2 but were not explicitly substituted for: CTRL-STK, TEMP-STK, PROC-LIST, and STMT. Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2. Creating 1 new subgoal, (MAIN . 5). UP S X (S LEMMAS) UP X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY) 0) S (S LEMMAS) UP X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1 1 1 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (MAIN . 6). UP UP UP UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2) **WARNING**: The following variables occur free in the lemma: RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2 but were not explicitly substituted for: CTRL-STK, TEMP-STK, PROC-LIST, and STMT. Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2. Creating 1 new subgoal, (MAIN . 7). UP S (S LEMMAS) UP S The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 7), (MAIN . 6), (MAIN . 5), (MAIN . 4), (MAIN . 3), (MAIN . 2), and (MAIN . 1). Now proving (MAIN . 7). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL)) (LESSP (ADD1 (ADD1 (ADD1 (LENGTH TEMP-STK)))) (PLUS (PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT (CALL-NAME STMT)) (LENGTH TEMP-STK)))), which simplifies, using linear arithmetic, rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, IDIFFERENCE-LESSP2, and IDIFFERENCE-LESSP, and opening up the functions OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, and PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, to: T. Q.E.D. The current goal, (MAIN . 7), has been proved, and has no dependents. Now proving (MAIN . 6). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (MAIN . 6), has been proved, and has no dependents. Now proving (MAIN . 5). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the new formula: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL)) (LESSP (ADD1 (ADD1 (LENGTH TEMP-STK))) (PLUS (PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT (CALL-NAME STMT)) (LENGTH TEMP-STK)))), which simplifies, using linear arithmetic, applying MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, IDIFFERENCE-LESSP2, and IDIFFERENCE-LESSP, and unfolding the functions OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, and PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, to: T. Q.E.D. The current goal, (MAIN . 5), has been proved, and has no dependents. Now proving (MAIN . 4). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (MAIN . 4), has been proved, and has no dependents. Now proving (MAIN . 3). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL)) (LESSP (ADD1 (LENGTH TEMP-STK)) (PLUS (PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT (CALL-NAME STMT)) (LENGTH TEMP-STK)))), which simplifies, using linear arithmetic, applying the lemmas MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, IDIFFERENCE-LESSP2, and IDIFFERENCE-LESSP, and unfolding the definitions of OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, and PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, to: T. Q.E.D. The current goal, (MAIN . 3), has been proved, and has no dependents. Now proving (MAIN . 2). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (MAIN . 2), has been proved, and has no dependents. Now proving (MAIN . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (MAIN . 1), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 1.5 0.2 0.0 ] MG-INDEX-ARRAY-STEPS-1-4 (PROVE-LEMMA MG-INDEX-ARRAY-STEP-5 (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE)) (EQUAL (P-STEP (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 4))) CTRL-STK (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (PUSH (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 0)) (PUSH (P-FRAME (CONS (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) '((TEMP-I NAT 0)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-INDEX-ARRAY 0) S (S LEMMAS) UP X UP X (DIVE 1) X (S LEMMAS) (DIVE 3 1) (= F) UP UP S (S-PROP P-CTRL-STK-SIZE) (S-PROP P-FRAME-SIZE) (S LEMMAS) (DIVE 1) (REWRITE RESOURCES-ADEQUATE-CTRL-STK-NOT-MAX) UP UP S X TOP PROVE PROVE))) WARNING: Note that MG-INDEX-ARRAY-STEP-5 contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-INDEX-ARRAY-STEP-5 could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY) 0) S (S LEMMAS) UP X UP X (DIVE 1) X (S LEMMAS) (DIVE 3 1) (= F) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (LESSP (MG-MAX-CTRL-STK-SIZE) (P-CTRL-STK-SIZE (PUSH (P-FRAME (APPEND (PAIRLIST '(ANS A I ARRAY-SIZE) (REVERSE (LIST (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))))) '((TEMP-I NAT 0))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK))))) (EQUAL (LESSP (ADD1 (ADD1 (ADD1 (ADD1 (LENGTH (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)))))) 4) F)), which simplifies, applying MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, CAR-CONS, CDR-CONS, CAR-CDR-PUSH, TOP-PUSH, OK-MG-STATEP-MG-ALIST-MG-ALISTP, MAP-DOWN-VALUES-PRESERVES-LENGTH, LESSP-ADD1-ADD1-ADD1-3, and SUB1-ADD1, and opening up OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, REVERSE, PAIRLIST, APPEND, P-CTRL-STK-SIZE, SUB1, NUMBERP, and LESSP, to: T. Q.E.D. UP UP S (S-PROP P-CTRL-STK-SIZE) (S-PROP P-FRAME-SIZE) (S LEMMAS) (DIVE 1) (REWRITE RESOURCES-ADEQUATE-CTRL-STK-NOT-MAX) **WARNING**: The following variables occur free in the lemma: RESOURCES-ADEQUATE-CTRL-STK-NOT-MAX but were not explicitly substituted for: TEMP-STK, PROC-LIST, and STMT. Rewriting with RESOURCES-ADEQUATE-CTRL-STK-NOT-MAX. Creating 1 new subgoal, (MAIN . 1). UP UP S X TOP PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, ASSOCIATIVITY-OF-PLUS, ADP-OFFSET-CONS, ADP-NAME-CONS, UNTAG-TAG, TYPE-TAG, CAR-CONS, CDR-CONS, MG-INDEX-ARRAY-TRANSLATION, ASSOC-MG-INDEX-ARRAY-TRANSLATE-PROC-LIST, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL)) (EQUAL (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 0)) (PUSH (P-FRAME (APPEND (PAIRLIST '(ANS A I ARRAY-SIZE) (REVERSE (FIRST-N (LENGTH '(ANS A I ARRAY-SIZE)) (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (PUSH (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)))))))) (PAIR-TEMPS-WITH-INITIAL-VALUES '((TEMP-I (NAT 0))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 4 1)))) CTRL-STK) (POPN (LENGTH '(ANS A I ARRAY-SIZE)) (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (PUSH (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)))))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 0)) (PUSH (P-FRAME (CONS (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) '((TEMP-I NAT 0)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))). This simplifies, appealing to the lemmas MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, FIRST-N-ADD1, CAR-CONS, CDR-CONS, POPN-ZERO, POPN-ADD1, and SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, and opening up the functions OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, LENGTH, REVERSE, PAIRLIST, PAIR-TEMPS-WITH-INITIAL-VALUES, APPEND, PLUS, and CONS, to: T. Q.E.D. The proof of the current goal, MAIN, has been completed. However, the following subgoal of MAIN remains to be proved: (MAIN . 1). Now proving (MAIN . 1). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, PREDEFINED-PROC-CALL-P-FRAME-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL)) (NOT (LESSP (ADD1 (ADD1 (PREDEFINED-PROC-CALL-BINDINGS-COUNT (CALL-NAME STMT)))) 7))). This simplifies, rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, and ASSOCIATIVITY-OF-APPEND, and unfolding the definitions of OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, PREDEFINED-PROC-CALL-BINDINGS-COUNT, ADD1, and LESSP, to: T. Q.E.D. The current goal, (MAIN . 1), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.3 0.4 0.0 ] MG-INDEX-ARRAY-STEP-5 (PROVE-LEMMA MG-INDEX-ARRAY-STEPS-6-8 (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE)) (EQUAL (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 0)) (PUSH (P-FRAME (CONS (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) '((TEMP-I NAT 0)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)))) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 3)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX SIMPLE-IDENTIFIERP))) WARNING: Note that MG-INDEX-ARRAY-STEPS-6-8 contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to the new goal: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL)) (EQUAL (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 0)) (PUSH (P-FRAME (CONS (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) '((TEMP-I NAT 0)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)))) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 3)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))), which simplifies, using linear arithmetic, applying MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-INDEX-ARRAY-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-CTRL-STK-P-STATE, VALUE-EXPANSION2, VALUE-EXPANSION3, BINDINGS-FRAME, TOP-PUSH, P-DATA-SEGMENT-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-WORD-SIZE-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, OK-MG-STATEP-MG-ALIST-MG-ALISTP, MAP-DOWN-VALUES-PRESERVES-LENGTH, P-MAX-TEMP-STK-SIZE-P-STATE, IDIFFERENCE-LESSP2, RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2, IDIFFERENCE-LESSP, P-STEP-EXPANSION, MG-VAR-OK-TEMP-STK-INDEX, SIMPLE-IDENTIFIERP-OPTIONS, RGET-REWRITE1, APPEND-DOESNT-AFFECT-RGET-COROLLARY, POP-PUSH, MG-INDEX-ARRAY-ARGS-DEFINEDP, ARRAY-IDENTIFIER-NAT-P-OBJECTP, LENGTH-PUSH, SIMPLE-IDENTIFIER-MAPPING-3, RET-PC-FRAME, CDR-CONS, CAR-CONS, and PUT-ASSOC-EXPANSION, and expanding OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-INDEX-ARRAY-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-PUSH-LOCAL-STEP, ADD1-ADDR, ADD1-P-PC, LOCAL-VAR-VALUE, P-PUSH-LOCAL-OKP, PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, PACK, P-STEP1, P-FETCH-TEMP-STK-STEP, OR, P-FETCH-TEMP-STK-OKP, MG-WORD-SIZE, P-SET-LOCAL-STEP, PUT-VALUE, PUT-ASSOC, SET-LOCAL-VAR-VALUE, and P-SET-LOCAL-OKP, to: T. Q.E.D. [ 0.2 0.2 0.0 ] MG-INDEX-ARRAY-STEPS-6-8 (PROVE-LEMMA MG-INDEX-ARRAY-STEPS-9-12-NEG-INDEX (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (P-STEP (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 3)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C '(NAT 1))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX SIMPLE-IDENTIFIERP))) WARNING: Note that MG-INDEX-ARRAY-STEPS-9-12-NEG-INDEX contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (P-STEP (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 3)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) '((C-C (NAT 1))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))). This simplifies, using linear arithmetic, applying MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-INDEX-ARRAY-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-MAX-TEMP-STK-SIZE-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-DATA-SEGMENT-P-STATE, POP-PUSH, P-CTRL-STK-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, TOP-PUSH, INT-LITERAL-INT-OBJECTP, P-WORD-SIZE-P-STATE, P-STEP-EXPANSION, MAP-DOWN-VALUES-PRESERVES-LENGTH, IDIFFERENCE-LESSP2, RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2, IDIFFERENCE-LESSP, and RET-PC-FRAME, and unfolding the functions OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-INDEX-ARRAY-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-TEST-INT-AND-JUMP-STEP, PC, P-TEST-AND-JUMP-STEP, P-TEST-INT-AND-JUMP-OKP, P-TEST-INTP, MG-WORD-SIZE, P-TEST-AND-JUMP-OKP, PACK, P-STEP1, P-PUSH-CONSTANT-STEP, ADD1-ADDR, ADD1-P-PC, UNABBREVIATE-CONSTANT, P-PUSH-CONSTANT-OKP, PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, P-POP-GLOBAL-STEP, DEPOSIT, P-POP-GLOBAL-OKP, P-RET-STEP, and P-RET-OKP, to: T. Q.E.D. [ 0.0 0.4 0.0 ] MG-INDEX-ARRAY-STEPS-9-12-NEG-INDEX (PROVE-LEMMA MG-INDEX-ARRAY-STEPS-9-11-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 3)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)))) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 6)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX SIMPLE-IDENTIFIERP))) WARNING: Note that MG-INDEX-ARRAY-STEPS-9-11-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to the goal: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 3)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)))) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 6)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))). This simplifies, using linear arithmetic, applying MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-INDEX-ARRAY-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-MAX-TEMP-STK-SIZE-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-DATA-SEGMENT-P-STATE, POP-PUSH, P-CTRL-STK-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, TOP-PUSH, INT-LITERAL-INT-OBJECTP, P-WORD-SIZE-P-STATE, P-STEP-EXPANSION, VALUE-EXPANSION2, VALUE-EXPANSION3, BINDINGS-FRAME, MAP-DOWN-VALUES-PRESERVES-LENGTH, IDIFFERENCE-LESSP2, RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2, IDIFFERENCE-LESSP, and LENGTH-PUSH, and opening up OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-INDEX-ARRAY-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-TEST-INT-AND-JUMP-STEP, ADD1-P-PC, ADD1-ADDR, P-TEST-AND-JUMP-STEP, P-TEST-INT-AND-JUMP-OKP, P-TEST-INTP, MG-WORD-SIZE, P-TEST-AND-JUMP-OKP, PACK, P-STEP1, P-PUSH-LOCAL-STEP, LOCAL-VAR-VALUE, P-PUSH-LOCAL-OKP, and PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, to: T. Q.E.D. [ 0.0 0.2 0.2 ] MG-INDEX-ARRAY-STEPS-9-11-NO-ERROR (PROVE-LEMMA MG-INDEX-ARRAY-STEP-12-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 6)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 7)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'INT (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1) (REWRITE INT-LITERAL-INT-OBJECTP) UP S (DIVE 1) (REWRITE MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP) UP S (REWRITE SMALL-INTEGERP-DIFFERENCE) UP S (S LEMMAS) UP S (REWRITE MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP) (REWRITE INT-LITERALS-MAPPING) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (DIVE 1) (= * (ARRAY-LENGTH (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) NAME-ALIST))) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) UP (DIVE 1 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 (MG-ALIST MG-STATE)))) TOP (USE-LEMMA ARRAYS-HAVE-NON-ZEROP-LENGTHS ((X (CADR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE)))) (DEMOTE 17) (DIVE 1 1) PUSH TOP S SPLIT (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE SIGNATURES-MATCH-SYMMETRIC) (REWRITE OK-MG-STATEP-ALIST-PLISTP) (DIVE 1 1) (= * (ARRAY-LENGTH (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) NAME-ALIST))) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) (DIVE 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 (MG-ALIST MG-STATE)))) TOP (USE-LEMMA ARRAYS-HAVE-NON-ZEROP-LENGTHS ((X (CADR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE)))) (DEMOTE 17) (DIVE 1 1) (= T) TOP S (REWRITE SIGNATURES-MATCH-SYMMETRIC) (REWRITE OK-MG-STATEP-ALIST-PLISTP) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) S))) WARNING: Note that MG-INDEX-ARRAY-STEP-12-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-INDEX-ARRAY-STEP-12-NO-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1) (REWRITE INT-LITERAL-INT-OBJECTP) Rewriting with INT-LITERAL-INT-OBJECTP. Creating 2 new subgoals, (MAIN . 1) and (MAIN . 2). UP S (DIVE 1) (REWRITE MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP) Rewriting with MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP. UP S (REWRITE SMALL-INTEGERP-DIFFERENCE) Rewriting with SMALL-INTEGERP-DIFFERENCE. Creating 4 new subgoals, (MAIN . 3), (MAIN . 4), (MAIN . 5), and (MAIN . 6). UP S (S LEMMAS) UP S The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 3), (MAIN . 4), (MAIN . 5), (MAIN . 6), (MAIN . 1), and (MAIN . 2). Now proving (MAIN . 3). (REWRITE MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP) Rewriting with MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP. The current goal, (MAIN . 3), has been proved, and has no dependents. Now proving (MAIN . 4). (REWRITE INT-LITERALS-MAPPING) Rewriting with INT-LITERALS-MAPPING. Creating 1 new subgoal, ((MAIN . 4) . 1). The proof of the current goal, (MAIN . 4), has been completed. However, the following subgoal of (MAIN . 4) remains to be proved: ((MAIN . 4) . 1). Now proving ((MAIN . 4) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((MAIN . 4) . 1) . 1) and (((MAIN . 4) . 1) . 2). The proof of the current goal, ((MAIN . 4) . 1), has been completed. However, the following subgoals of ((MAIN . 4) . 1) remain to be proved: (((MAIN . 4) . 1) . 1) and (((MAIN . 4) . 1) . 2). Now proving (((MAIN . 4) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((MAIN . 4) . 1) . 1), has been proved, and has no dependents. Now proving (((MAIN . 4) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((MAIN . 4) . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 5). (DIVE 1) : (= * (ARRAY-LENGTH (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) NAME-ALIST))) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the new goal: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (CADDDR (CALL-ACTUALS STMT)) (ARRAY-LENGTH (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) NAME-ALIST))))), which simplifies, unfolding the definitions of OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-INDEX-ARRAY-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. UP (DIVE 1 1) : (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 (MG-ALIST MG-STATE)))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. Creating 1 new subgoal, ((MAIN . 5) . 1). TOP : (USE-LEMMA ARRAYS-HAVE-NON-ZEROP-LENGTHS ((X (CADR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE)))) Using ARRAYS-HAVE-NON-ZEROP-LENGTHS with the substitution: ((X (CADR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE))). (DEMOTE 17) (DIVE 1 1) PUSH Creating 1 new subgoal, ((MAIN . 5) . 2). TOP S The proof of the current goal, (MAIN . 5), has been completed. However, the following subgoals of (MAIN . 5) remain to be proved: ((MAIN . 5) . 2) and ((MAIN . 5) . 1). Now proving ((MAIN . 5) . 2). SPLIT Creating 2 new subgoals, (((MAIN . 5) . 2) . 1) and (((MAIN . 5) . 2) . 2). The proof of the current goal, ((MAIN . 5) . 2), has been completed. However, the following subgoals of ((MAIN . 5) . 2) remain to be proved: (((MAIN . 5) . 2) . 1) and (((MAIN . 5) . 2) . 2). Now proving (((MAIN . 5) . 2) . 1). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((MAIN . 5) . 2) . 1), has been proved, and has no dependents. Now proving (((MAIN . 5) . 2) . 2). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((MAIN . 5) . 2) . 2), has been proved, and has no dependents. Now proving ((MAIN . 5) . 1). (REWRITE SIGNATURES-MATCH-SYMMETRIC) Rewriting with SIGNATURES-MATCH-SYMMETRIC. Creating 1 new subgoal, (((MAIN . 5) . 1) . 1). The proof of the current goal, ((MAIN . 5) . 1), has been completed. However, the following subgoal of ((MAIN . 5) . 1) remains to be proved: (((MAIN . 5) . 1) . 1). Now proving (((MAIN . 5) . 1) . 1). (REWRITE OK-MG-STATEP-ALIST-PLISTP) Rewriting with OK-MG-STATEP-ALIST-PLISTP. The current goal, (((MAIN . 5) . 1) . 1), has been proved, and has no dependents. Now proving (MAIN . 6). (DIVE 1 1) : (= * (ARRAY-LENGTH (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) NAME-ALIST))) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the new goal: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (CADDDR (CALL-ACTUALS STMT)) (ARRAY-LENGTH (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) NAME-ALIST))))), which simplifies, unfolding the definitions of OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-INDEX-ARRAY-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. (DIVE 1) : (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 (MG-ALIST MG-STATE)))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. Creating 1 new subgoal, ((MAIN . 6) . 1). TOP : (USE-LEMMA ARRAYS-HAVE-NON-ZEROP-LENGTHS ((X (CADR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE)))) Using ARRAYS-HAVE-NON-ZEROP-LENGTHS with the substitution: ((X (CADR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE))). (DEMOTE 17) (DIVE 1 1) (= T) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (AND (ARRAY-IDENTIFIERP (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)) (MG-ALISTP (MG-ALIST MG-STATE))) T)). This simplifies, applying MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, and INT-LITERALP-MAPPING, and opening up the definitions of OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, and AND, to: T. Q.E.D. TOP S The proof of the current goal, (MAIN . 6), has been completed. However, the following subgoal of (MAIN . 6) remains to be proved: ((MAIN . 6) . 1). Now proving ((MAIN . 6) . 1). (REWRITE SIGNATURES-MATCH-SYMMETRIC) Rewriting with SIGNATURES-MATCH-SYMMETRIC. Creating 1 new subgoal, (((MAIN . 6) . 1) . 1). The proof of the current goal, ((MAIN . 6) . 1), has been completed. However, the following subgoal of ((MAIN . 6) . 1) remains to be proved: (((MAIN . 6) . 1) . 1). Now proving (((MAIN . 6) . 1) . 1). (REWRITE OK-MG-STATEP-ALIST-PLISTP) Rewriting with OK-MG-STATEP-ALIST-PLISTP. The current goal, (((MAIN . 6) . 1) . 1), has been proved, and has no dependents. Now proving (MAIN . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((MAIN . 1) . 1) and ((MAIN . 1) . 2). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1) and ((MAIN . 1) . 2). Now proving ((MAIN . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 2). S The current goal, (MAIN . 2), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 1.4 0.1 0.0 ] MG-INDEX-ARRAY-STEP-12-NO-ERROR (PROVE-LEMMA MG-INDEX-ARRAY-STEP-13-INDEX-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 7)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'INT (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 16)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (DIVE 1) (S LEMMAS) X (S LEMMAS) (REWRITE SMALL-INTEGERP-DIFFERENCE) UP S X TOP S-PROP SPLIT S SPLIT (S LEMMAS) (S LEMMAS) S (S LEMMAS) S (S LEMMAS) (DEMOTE 18 19) (S LEMMAS) PROMOTE (CONTRADICT 19) PROVE (REWRITE MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP) (DIVE 1) (REWRITE INT-LITERALP-MAPPING) UP (REWRITE INT-LITERALP-VALUE-SMALL) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE NOT-ZEROP-MG-INDEX-ARRAY-ARG4) (DIVE 1) (REWRITE NOT-ZEROP-MG-INDEX-ARRAY-ARG4) TOP S))) WARNING: Note that MG-INDEX-ARRAY-STEP-13-INDEX-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-INDEX-ARRAY-STEP-13-INDEX-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (DIVE 1) (S LEMMAS) X (S LEMMAS) (REWRITE SMALL-INTEGERP-DIFFERENCE) Rewriting with SMALL-INTEGERP-DIFFERENCE. Creating 4 new subgoals, (MAIN . 1), (MAIN . 2), (MAIN . 3), and (MAIN . 4). UP S X TOP S-PROP SPLIT Creating 3 new subgoals, (MAIN . 5), (MAIN . 6), and (MAIN . 7). The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 5), (MAIN . 6), (MAIN . 7), (MAIN . 1), (MAIN . 2), (MAIN . 3), and (MAIN . 4). Now proving (MAIN . 5). S SPLIT Creating 2 new subgoals, ((MAIN . 5) . 1) and ((MAIN . 5) . 2). The proof of the current goal, (MAIN . 5), has been completed. However, the following subgoals of (MAIN . 5) remain to be proved: ((MAIN . 5) . 1) and ((MAIN . 5) . 2). Now proving ((MAIN . 5) . 1). (S LEMMAS) The current goal, ((MAIN . 5) . 1), has been proved, and has no dependents. Now proving ((MAIN . 5) . 2). (S LEMMAS) The current goal, ((MAIN . 5) . 2), has been proved, and has no dependents. Now proving (MAIN . 6). S (S LEMMAS) The current goal, (MAIN . 6), has been proved, and has no dependents. Now proving (MAIN . 7). S (S LEMMAS) (DEMOTE 18 19) (S LEMMAS) PROMOTE (CONTRADICT 19) PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the conjecture: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NOT (EQUAL (TAG 'PC '(MG-INDEX-ARRAY . 8)) (TAG 'PC '(MG-INDEX-ARRAY . 16))))) (NEGATIVEP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))). This simplifies, rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, and INT-LITERALP-MAPPING, and expanding OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, ZEROP, and TAG, to: T. Q.E.D. The current goal, (MAIN . 7), has been proved, and has no dependents. Now proving (MAIN . 1). (REWRITE MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP) Rewriting with MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP. The current goal, (MAIN . 1), has been proved, and has no dependents. Now proving (MAIN . 2). (DIVE 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((MAIN . 2) . 1). UP (REWRITE INT-LITERALP-VALUE-SMALL) Rewriting with INT-LITERALP-VALUE-SMALL. Creating 1 new subgoal, ((MAIN . 2) . 2). The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoals of (MAIN . 2) remain to be proved: ((MAIN . 2) . 2) and ((MAIN . 2) . 1). Now proving ((MAIN . 2) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((MAIN . 2) . 2) . 1) and (((MAIN . 2) . 2) . 2). The proof of the current goal, ((MAIN . 2) . 2), has been completed. However, the following subgoals of ((MAIN . 2) . 2) remain to be proved: (((MAIN . 2) . 2) . 1) and (((MAIN . 2) . 2) . 2). Now proving (((MAIN . 2) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((MAIN . 2) . 2) . 1), has been proved, and has no dependents. Now proving (((MAIN . 2) . 2) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((MAIN . 2) . 2) . 2), has been proved, and has no dependents. Now proving ((MAIN . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((MAIN . 2) . 1) . 1) and (((MAIN . 2) . 1) . 2). The proof of the current goal, ((MAIN . 2) . 1), has been completed. However, the following subgoals of ((MAIN . 2) . 1) remain to be proved: (((MAIN . 2) . 1) . 1) and (((MAIN . 2) . 1) . 2). Now proving (((MAIN . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((MAIN . 2) . 1) . 1), has been proved, and has no dependents. Now proving (((MAIN . 2) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((MAIN . 2) . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 3). (REWRITE NOT-ZEROP-MG-INDEX-ARRAY-ARG4) Rewriting with NOT-ZEROP-MG-INDEX-ARRAY-ARG4. The current goal, (MAIN . 3), has been proved, and has no dependents. Now proving (MAIN . 4). (DIVE 1) (REWRITE NOT-ZEROP-MG-INDEX-ARRAY-ARG4) Rewriting with NOT-ZEROP-MG-INDEX-ARRAY-ARG4. TOP S The current goal, (MAIN . 4), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.9 0.2 0.0 ] MG-INDEX-ARRAY-STEP-13-INDEX-ERROR (PROVE-LEMMA MG-INDEX-ARRAY-STEPS-14-16-INDEX-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 16)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C '(NAT 1))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX SIMPLE-IDENTIFIERP))) WARNING: Note that MG-INDEX-ARRAY-STEPS-14-16-INDEX-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 16)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) '((C-C (NAT 1))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))), which simplifies, using linear arithmetic, applying MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-INDEX-ARRAY-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-CTRL-STK-P-STATE, P-DATA-SEGMENT-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-WORD-SIZE-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, MAP-DOWN-VALUES-PRESERVES-LENGTH, P-MAX-TEMP-STK-SIZE-P-STATE, IDIFFERENCE-LESSP2, RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2, IDIFFERENCE-LESSP, P-STEP-EXPANSION, POP-PUSH, TOP-PUSH, and RET-PC-FRAME, and expanding OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, ZEROP, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-INDEX-ARRAY-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-PUSH-CONSTANT-STEP, ADD1-ADDR, ADD1-P-PC, UNABBREVIATE-CONSTANT, P-PUSH-CONSTANT-OKP, PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, PACK, P-STEP1, P-POP-GLOBAL-STEP, DEPOSIT, P-POP-GLOBAL-OKP, P-RET-STEP, and P-RET-OKP, to: T. Q.E.D. [ 0.0 0.2 0.0 ] MG-INDEX-ARRAY-STEPS-14-16-INDEX-ERROR (PROVE-LEMMA MG-INDEX-ARRAY-STEP-13-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 7)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'INT (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 8)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (REWRITE SMALL-INTEGERP-DIFFERENCE) UP (S LEMMAS) X (S LEMMAS) TOP S (REWRITE MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP) (REWRITE INT-LITERALS-MAPPING) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE NOT-ZEROP-MG-INDEX-ARRAY-ARG4) (DIVE 1) (REWRITE NOT-ZEROP-MG-INDEX-ARRAY-ARG4) TOP S))) WARNING: Note that MG-INDEX-ARRAY-STEP-13-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-INDEX-ARRAY-STEP-13-NO-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (REWRITE SMALL-INTEGERP-DIFFERENCE) Rewriting with SMALL-INTEGERP-DIFFERENCE. Creating 4 new subgoals, (MAIN . 1), (MAIN . 2), (MAIN . 3), and (MAIN . 4). UP (S LEMMAS) X (S LEMMAS) TOP S The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 1), (MAIN . 2), (MAIN . 3), and (MAIN . 4). Now proving (MAIN . 1). (REWRITE MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP) Rewriting with MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP. The current goal, (MAIN . 1), has been proved, and has no dependents. Now proving (MAIN . 2). (REWRITE INT-LITERALS-MAPPING) Rewriting with INT-LITERALS-MAPPING. Creating 1 new subgoal, ((MAIN . 2) . 1). The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoal of (MAIN . 2) remains to be proved: ((MAIN . 2) . 1). Now proving ((MAIN . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((MAIN . 2) . 1) . 1) and (((MAIN . 2) . 1) . 2). The proof of the current goal, ((MAIN . 2) . 1), has been completed. However, the following subgoals of ((MAIN . 2) . 1) remain to be proved: (((MAIN . 2) . 1) . 1) and (((MAIN . 2) . 1) . 2). Now proving (((MAIN . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((MAIN . 2) . 1) . 1), has been proved, and has no dependents. Now proving (((MAIN . 2) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((MAIN . 2) . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 3). (REWRITE NOT-ZEROP-MG-INDEX-ARRAY-ARG4) Rewriting with NOT-ZEROP-MG-INDEX-ARRAY-ARG4. The current goal, (MAIN . 3), has been proved, and has no dependents. Now proving (MAIN . 4). (DIVE 1) (REWRITE NOT-ZEROP-MG-INDEX-ARRAY-ARG4) Rewriting with NOT-ZEROP-MG-INDEX-ARRAY-ARG4. TOP S The current goal, (MAIN . 4), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.8 0.0 0.0 ] MG-INDEX-ARRAY-STEP-13-NO-ERROR (PROVE-LEMMA MG-INDEX-ARRAY-STEPS-14-15-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 8)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 10)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX SIMPLE-IDENTIFIERP))) WARNING: Note that MG-INDEX-ARRAY-STEPS-14-15-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 8)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 10)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))), which simplifies, using linear arithmetic, rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-INDEX-ARRAY-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-CTRL-STK-P-STATE, VALUE-EXPANSION2, VALUE-EXPANSION3, BINDINGS-FRAME, TOP-PUSH, P-DATA-SEGMENT-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-WORD-SIZE-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, MAP-DOWN-VALUES-PRESERVES-LENGTH, P-MAX-TEMP-STK-SIZE-P-STATE, IDIFFERENCE-LESSP2, RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2, IDIFFERENCE-LESSP, P-STEP-EXPANSION, and LENGTH-PUSH, and unfolding OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-INDEX-ARRAY-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-PUSH-LOCAL-STEP, ADD1-ADDR, ADD1-P-PC, LOCAL-VAR-VALUE, P-PUSH-LOCAL-OKP, PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, PACK, and P-STEP1, to: T. Q.E.D. [ 0.0 0.2 0.0 ] MG-INDEX-ARRAY-STEPS-14-15-NO-ERROR (PROVE-LEMMA MG-INDEX-ARRAY-STEP-16-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 10)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 11)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'NAT (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX SIMPLE-IDENTIFIERP))) WARNING: Note that MG-INDEX-ARRAY-STEP-16-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-INDEX-ARRAY-STEP-16-NO-ERROR could! This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 10)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 11)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'NAT (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))). This simplifies, rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-INDEX-ARRAY-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-CTRL-STK-P-STATE, POP-PUSH, P-DATA-SEGMENT-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-MAX-TEMP-STK-SIZE-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, TOP-PUSH, P-WORD-SIZE-P-STATE, INT-LITERAL-INT-OBJECTP, and P-STEP-EXPANSION, and expanding OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-INDEX-ARRAY-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-INT-TO-NAT-STEP, ADD1-ADDR, ADD1-P-PC, P-INT-TO-NAT-OKP, MG-WORD-SIZE, PACK, and P-STEP1, to: T. Q.E.D. [ 0.0 0.4 0.0 ] MG-INDEX-ARRAY-STEP-16-NO-ERROR (PROVE-LEMMA NON-NEGATIVE-INTEGERP-SMALL-NATURALP (REWRITE) (IMPLIES (AND (INTEGERP X) (NOT (NEGATIVEP X)) (SMALL-INTEGERP Y N) (NUMBERP Y) (NOT (ZEROP (IDIFFERENCE Y X)))) (SMALL-NATURALP X N)) ((ENABLE SMALL-INTEGERP INTEGERP IDIFFERENCE ILESSP IPLUS INEGATE SMALL-NATURALP))) WARNING: Note that NON-NEGATIVE-INTEGERP-SMALL-NATURALP contains the free variable Y which will be chosen by instantiating the hypothesis (SMALL-INTEGERP Y N). This conjecture can be simplified, using the abbreviations ZEROP, SMALL-INTEGERP, NOT, AND, IMPLIES, and IDIFFERENCE, to the formula: (IMPLIES (AND (INTEGERP X) (NOT (NEGATIVEP X)) (INTEGERP Y) (NOT (ILESSP Y (MINUS (EXP 2 (SUB1 N))))) (ILESSP Y (EXP 2 (SUB1 N))) (NUMBERP Y) (NOT (EQUAL (IPLUS Y (INEGATE X)) 0)) (NUMBERP (IPLUS Y (INEGATE X)))) (SMALL-NATURALP X N)). This simplifies, applying NEGATIVE-GUTS-MINUS and ZERO-IPLUS-RIGHT-IDENTITY, and opening up the functions INTEGERP, ILESSP, INEGATE, IPLUS, EXP, SMALL-NATURALP, LESSP, EQUAL, and NUMBERP, to four new conjectures: Case 4. (IMPLIES (AND (NUMBERP X) (LESSP Y (EXP 2 (SUB1 N))) (NUMBERP Y) (NOT (EQUAL X 0)) (NOT (EQUAL (IPLUS Y (MINUS X)) 0)) (NOT (LESSP Y X)) (NOT (EQUAL N 0)) (NUMBERP N)) (LESSP X (TIMES 2 (EXP 2 (SUB1 N))))), which again simplifies, using linear arithmetic, to: T. Case 3. (IMPLIES (AND (NUMBERP X) (LESSP Y (EXP 2 (SUB1 N))) (NUMBERP Y) (NOT (EQUAL X 0)) (NOT (EQUAL (IPLUS Y (MINUS X)) 0)) (NOT (LESSP Y X)) (EQUAL N 0)) (LESSP X 1)), which again simplifies, rewriting with NEGATIVE-GUTS-MINUS, and opening up the functions SUB1, EXP, and IPLUS, to: (IMPLIES (AND (NUMBERP X) (LESSP Y 1) (NUMBERP Y) (NOT (EQUAL X 0)) (NOT (EQUAL (DIFFERENCE Y X) 0)) (NOT (LESSP Y X))) (LESSP X 1)), which again simplifies, using linear arithmetic, to: T. Case 2. (IMPLIES (AND (NUMBERP X) (LESSP Y (EXP 2 (SUB1 N))) (NUMBERP Y) (NOT (EQUAL X 0)) (NOT (EQUAL (IPLUS Y (MINUS X)) 0)) (NOT (LESSP Y X)) (NOT (NUMBERP N))) (LESSP X 1)), which again simplifies, rewriting with SUB1-NNUMBERP and NEGATIVE-GUTS-MINUS, and expanding the functions EXP and IPLUS, to: (IMPLIES (AND (NUMBERP X) (LESSP Y 1) (NUMBERP Y) (NOT (EQUAL X 0)) (NOT (EQUAL (DIFFERENCE Y X) 0)) (NOT (LESSP Y X)) (NOT (NUMBERP N))) (LESSP X 1)), which again simplifies, using linear arithmetic, to: T. Case 1. (IMPLIES (AND (NUMBERP X) (LESSP Y (EXP 2 (SUB1 N))) (NUMBERP Y) (EQUAL X 0) (NOT (EQUAL (IPLUS Y 0) 0)) (NOT (EQUAL N 0)) (NUMBERP N)) (NOT (EQUAL (TIMES 2 (EXP 2 (SUB1 N))) 0))), which again simplifies, using linear arithmetic, to: T. Q.E.D. [ 0.0 0.1 0.0 ] NON-NEGATIVE-INTEGERP-SMALL-NATURALP (PROVE-LEMMA MG-INDEX-ARRAY-STEP-17-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 11)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'NAT (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 12)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'NAT (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) PUSH UP (S LEMMAS) X (S LEMMAS) TOP S X (S LEMMAS) SPLIT (DROP 19) (REWRITE ARRAY-INDEX-SMALL-NATURALP (($TEMP-STK-SIZE (LENGTH TEMP-STK)) ($ARRAY-SIZE (CADDDR (CALL-ACTUALS STMT))))) (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) (DIVE 1 2 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK3) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE IDIFFERENCE-LESSP) (REWRITE ARRAY-IDENTIFIER-NAT-P-OBJECTP (($MG-ALIST (MG-ALIST MG-STATE)))) (REWRITE MG-INDEX-ARRAY-ARGS-DEFINEDP) (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) S (REWRITE NON-NEGATIVE-INTEGERP-SMALL-NATURALP (($Y (CADDDR (CALL-ACTUALS STMT))))) (DIVE 1) (REWRITE INT-LITERALP-MAPPING) UP (REWRITE UNTAG-INT-LITERAL-INTEGERP) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP) (REWRITE NOT-ZEROP-MG-INDEX-ARRAY-ARG4)))) WARNING: Note that MG-INDEX-ARRAY-STEP-17-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-INDEX-ARRAY-STEP-17-NO-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) PUSH Creating 1 new subgoal, (MAIN . 1). UP (S LEMMAS) X (S LEMMAS) TOP S The proof of the current goal, MAIN, has been completed. However, the following subgoal of MAIN remains to be proved: (MAIN . 1). Now proving (MAIN . 1). X (S LEMMAS) SPLIT Creating 3 new subgoals, ((MAIN . 1) . 1), ((MAIN . 1) . 2), and ((MAIN . 1) . 3). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1), ((MAIN . 1) . 2), and ((MAIN . 1) . 3). Now proving ((MAIN . 1) . 1). (DROP 19) Dropping hypothesis 19. : (REWRITE ARRAY-INDEX-SMALL-NATURALP (($TEMP-STK-SIZE (LENGTH TEMP-STK)) ($ARRAY-SIZE (CADDDR (CALL-ACTUALS STMT))))) Rewriting with ARRAY-INDEX-SMALL-NATURALP. Creating 3 new subgoals, (((MAIN . 1) . 1) . 1), (((MAIN . 1) . 1) . 2), and (((MAIN . 1) . 1) . 3). The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoals of ((MAIN . 1) . 1) remain to be proved: (((MAIN . 1) . 1) . 1), (((MAIN . 1) . 1) . 2), and (((MAIN . 1) . 1) . 3). Now proving (((MAIN . 1) . 1) . 1). (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX. The current goal, (((MAIN . 1) . 1) . 1), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 2). (DIVE 1 2 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK3) Rewriting with MG-VAR-OK-ARRAY-INDEX-OK3. Creating 2 new subgoals, ((((MAIN . 1) . 1) . 2) . 1) and: ((((MAIN . 1) . 1) . 2) . 2). The proof of the current goal, (((MAIN . 1) . 1) . 2), has been completed. However, the following subgoals of (((MAIN . 1) . 1) . 2) remain to be proved: ((((MAIN . 1) . 1) . 2) . 1) and ((((MAIN . 1) . 1) . 2) . 2). Now proving ((((MAIN . 1) . 1) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 1) . 2) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 1) . 2) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 1) . 1) . 2) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 3). (REWRITE IDIFFERENCE-LESSP) Rewriting with IDIFFERENCE-LESSP. The current goal, (((MAIN . 1) . 1) . 3), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (REWRITE ARRAY-IDENTIFIER-NAT-P-OBJECTP (($MG-ALIST (MG-ALIST MG-STATE)))) **WARNING**: The following variables occur free in the lemma: ARRAY-IDENTIFIER-NAT-P-OBJECTP but were not explicitly substituted for: TEMP-STK. Rewriting with ARRAY-IDENTIFIER-NAT-P-OBJECTP. Creating 3 new subgoals, (((MAIN . 1) . 2) . 1), (((MAIN . 1) . 2) . 2), and (((MAIN . 1) . 2) . 3). The proof of the current goal, ((MAIN . 1) . 2), has been completed. However, the following subgoals of ((MAIN . 1) . 2) remain to be proved: (((MAIN . 1) . 2) . 1), (((MAIN . 1) . 2) . 2), and (((MAIN . 1) . 2) . 3). Now proving (((MAIN . 1) . 2) . 1). (REWRITE MG-INDEX-ARRAY-ARGS-DEFINEDP) Rewriting with MG-INDEX-ARRAY-ARGS-DEFINEDP. The current goal, (((MAIN . 1) . 2) . 1), has been proved, and has no dependents. Now proving (((MAIN . 1) . 2) . 2). (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX. The current goal, (((MAIN . 1) . 2) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 2) . 3). S The current goal, (((MAIN . 1) . 2) . 3), has been proved, and has no dependents. Now proving ((MAIN . 1) . 3). : (REWRITE NON-NEGATIVE-INTEGERP-SMALL-NATURALP (($Y (CADDDR (CALL-ACTUALS STMT))))) Rewriting with NON-NEGATIVE-INTEGERP-SMALL-NATURALP. Creating 3 new subgoals, (((MAIN . 1) . 3) . 1), (((MAIN . 1) . 3) . 2), and (((MAIN . 1) . 3) . 3). The proof of the current goal, ((MAIN . 1) . 3), has been completed. However, the following subgoals of ((MAIN . 1) . 3) remain to be proved: (((MAIN . 1) . 3) . 1), (((MAIN . 1) . 3) . 2), and (((MAIN . 1) . 3) . 3). Now proving (((MAIN . 1) . 3) . 1). (DIVE 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 3) . 1) . 1). UP (REWRITE UNTAG-INT-LITERAL-INTEGERP) Rewriting with UNTAG-INT-LITERAL-INTEGERP. Creating 1 new subgoal, ((((MAIN . 1) . 3) . 1) . 2). The proof of the current goal, (((MAIN . 1) . 3) . 1), has been completed. However, the following subgoals of (((MAIN . 1) . 3) . 1) remain to be proved: ((((MAIN . 1) . 3) . 1) . 2) and ((((MAIN . 1) . 3) . 1) . 1). Now proving ((((MAIN . 1) . 3) . 1) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 3) . 1) . 2) . 1) and: (((((MAIN . 1) . 3) . 1) . 2) . 2). The proof of the current goal, ((((MAIN . 1) . 3) . 1) . 2), has been completed. However, the following subgoals of ((((MAIN . 1) . 3) . 1) . 2) remain to be proved: (((((MAIN . 1) . 3) . 1) . 2) . 1) and: (((((MAIN . 1) . 3) . 1) . 2) . 2). Now proving (((((MAIN . 1) . 3) . 1) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 3) . 1) . 2) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 3) . 1) . 2) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 3) . 1) . 2) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 3) . 1) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 3) . 1) . 1) . 1) and: (((((MAIN . 1) . 3) . 1) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 3) . 1) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 3) . 1) . 1) remain to be proved: (((((MAIN . 1) . 3) . 1) . 1) . 1) and: (((((MAIN . 1) . 3) . 1) . 1) . 2). Now proving (((((MAIN . 1) . 3) . 1) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 3) . 1) . 1) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 3) . 1) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 3) . 1) . 1) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 3) . 2). (REWRITE MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP) Rewriting with MG-INDEX-ARRAY-ARG4-SMALL-INTEGERP. The current goal, (((MAIN . 1) . 3) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 3) . 3). (REWRITE NOT-ZEROP-MG-INDEX-ARRAY-ARG4) Rewriting with NOT-ZEROP-MG-INDEX-ARRAY-ARG4. The current goal, (((MAIN . 1) . 3) . 3), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 1.6 0.0 0.0 ] MG-INDEX-ARRAY-STEP-17-NO-ERROR (PROVE-LEMMA MG-INDEX-ARRAY-INDEX-LESSP-TEMP-STK-LENGTH (REWRITE) (IMPLIES (AND (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (NOT (NEGATIVEP (UNTAG (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (LESSP (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (LENGTH TEMP-STK)) T)) ((INSTRUCTIONS PROMOTE S (REWRITE LESSP-PLUS-TRANSITIVE (($W (CADDDR (CALL-ACTUALS STMT))))) (DIVE 1 2 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK3) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE IDIFFERENCE-LESSP) (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) TOP S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS)))) WARNING: Note that MG-INDEX-ARRAY-INDEX-LESSP-TEMP-STK-LENGTH contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). *** Entering proof-checker *** PROMOTE S (REWRITE LESSP-PLUS-TRANSITIVE (($W (CADDDR (CALL-ACTUALS STMT))))) Rewriting with LESSP-PLUS-TRANSITIVE. Creating 2 new subgoals, (MAIN . 1) and (MAIN . 2). The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 1) and (MAIN . 2). Now proving (MAIN . 1). (DIVE 1 2 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK3) Rewriting with MG-VAR-OK-ARRAY-INDEX-OK3. Creating 2 new subgoals, ((MAIN . 1) . 1) and ((MAIN . 1) . 2). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1) and ((MAIN . 1) . 2). Now proving ((MAIN . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 2). (REWRITE IDIFFERENCE-LESSP) Rewriting with IDIFFERENCE-LESSP. Creating 1 new subgoal, ((MAIN . 2) . 1). The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoal of (MAIN . 2) remains to be proved: ((MAIN . 2) . 1). Now proving ((MAIN . 2) . 1). (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (((MAIN . 2) . 1) . 1). TOP S The proof of the current goal, ((MAIN . 2) . 1), has been completed. However, the following subgoal of ((MAIN . 2) . 1) remains to be proved: (((MAIN . 2) . 1) . 1). Now proving (((MAIN . 2) . 1) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 2) . 1) . 1) . 1) and: ((((MAIN . 2) . 1) . 1) . 2). The proof of the current goal, (((MAIN . 2) . 1) . 1), has been completed. However, the following subgoals of (((MAIN . 2) . 1) . 1) remain to be proved: ((((MAIN . 2) . 1) . 1) . 1) and ((((MAIN . 2) . 1) . 1) . 2). Now proving ((((MAIN . 2) . 1) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 2) . 1) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 2) . 1) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 2) . 1) . 1) . 2), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.7 0.0 0.0 ] MG-INDEX-ARRAY-INDEX-LESSP-TEMP-STK-LENGTH (PROVE-LEMMA MG-INDEX-ARRAY-STEP-18-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 12)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'NAT (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 13)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (RGET (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1) (REWRITE ARRAY-INDEX-SMALL-NATURALP (($TEMP-STK-SIZE (LENGTH TEMP-STK)) ($ARRAY-SIZE (CADDDR (CALL-ACTUALS STMT))))) UP S (DIVE 2 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) UP UP (REWRITE ADD1-PRESERVES-LESSP) UP S (S LEMMAS) (DIVE 3 1) (REWRITE APPEND-DOESNT-AFFECT-RGET-COROLLARY) UP UP UP S (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) UP (REWRITE MG-INDEX-ARRAY-INDEX-LESSP-TEMP-STK-LENGTH) (DEMOTE 16) (DIVE 1 1 1) (REWRITE INT-LITERALP-MAPPING) TOP S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-INDEX-LESSP-TEMP-STK-LENGTH) (DEMOTE 16) (DIVE 1 1 1) (REWRITE INT-LITERALP-MAPPING) TOP S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) (DIVE 1 2 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK3) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE IDIFFERENCE-LESSP)))) WARNING: Note that MG-INDEX-ARRAY-STEP-18-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-INDEX-ARRAY-STEP-18-NO-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1) : (REWRITE ARRAY-INDEX-SMALL-NATURALP (($TEMP-STK-SIZE (LENGTH TEMP-STK)) ($ARRAY-SIZE (CADDDR (CALL-ACTUALS STMT))))) Rewriting with ARRAY-INDEX-SMALL-NATURALP. Creating 3 new subgoals, (MAIN . 1), (MAIN . 2), and (MAIN . 3). UP S (DIVE 2 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (MAIN . 4). UP UP (REWRITE ADD1-PRESERVES-LESSP) Rewriting with ADD1-PRESERVES-LESSP. Creating 1 new subgoal, (MAIN . 5). UP S (S LEMMAS) (DIVE 3 1) (REWRITE APPEND-DOESNT-AFFECT-RGET-COROLLARY) Rewriting with APPEND-DOESNT-AFFECT-RGET-COROLLARY. Creating 1 new subgoal, (MAIN . 6). UP UP UP S The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 6), (MAIN . 5), (MAIN . 4), (MAIN . 1), (MAIN . 2), and (MAIN . 3). Now proving (MAIN . 6). (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, ((MAIN . 6) . 1). UP (REWRITE MG-INDEX-ARRAY-INDEX-LESSP-TEMP-STK-LENGTH) **WARNING**: The following variables occur free in the lemma: MG-INDEX-ARRAY-INDEX-LESSP-TEMP-STK-LENGTH but were not explicitly substituted for: PROC-LIST, NAME-ALIST, and R-COND-LIST. Rewriting with MG-INDEX-ARRAY-INDEX-LESSP-TEMP-STK-LENGTH. Creating 1 new subgoal, ((MAIN . 6) . 2). The proof of the current goal, (MAIN . 6), has been completed. However, the following subgoals of (MAIN . 6) remain to be proved: ((MAIN . 6) . 2) and ((MAIN . 6) . 1). Now proving ((MAIN . 6) . 2). (DEMOTE 16) (DIVE 1 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (((MAIN . 6) . 2) . 1). TOP S The proof of the current goal, ((MAIN . 6) . 2), has been completed. However, the following subgoal of ((MAIN . 6) . 2) remains to be proved: (((MAIN . 6) . 2) . 1). Now proving (((MAIN . 6) . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 6) . 2) . 1) . 1) and: ((((MAIN . 6) . 2) . 1) . 2). The proof of the current goal, (((MAIN . 6) . 2) . 1), has been completed. However, the following subgoals of (((MAIN . 6) . 2) . 1) remain to be proved: ((((MAIN . 6) . 2) . 1) . 1) and ((((MAIN . 6) . 2) . 1) . 2). Now proving ((((MAIN . 6) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 6) . 2) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 6) . 2) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 6) . 2) . 1) . 2), has been proved, and has no dependents. Now proving ((MAIN . 6) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 6) . 1), has been proved, and has no dependents. Now proving (MAIN . 5). (REWRITE MG-INDEX-ARRAY-INDEX-LESSP-TEMP-STK-LENGTH) **WARNING**: The following variables occur free in the lemma: MG-INDEX-ARRAY-INDEX-LESSP-TEMP-STK-LENGTH but were not explicitly substituted for: PROC-LIST, NAME-ALIST, and R-COND-LIST. Rewriting with MG-INDEX-ARRAY-INDEX-LESSP-TEMP-STK-LENGTH. Creating 1 new subgoal, ((MAIN . 5) . 1). The proof of the current goal, (MAIN . 5), has been completed. However, the following subgoal of (MAIN . 5) remains to be proved: ((MAIN . 5) . 1). Now proving ((MAIN . 5) . 1). (DEMOTE 16) (DIVE 1 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (((MAIN . 5) . 1) . 1). TOP S The proof of the current goal, ((MAIN . 5) . 1), has been completed. However, the following subgoal of ((MAIN . 5) . 1) remains to be proved: (((MAIN . 5) . 1) . 1). Now proving (((MAIN . 5) . 1) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 5) . 1) . 1) . 1) and: ((((MAIN . 5) . 1) . 1) . 2). The proof of the current goal, (((MAIN . 5) . 1) . 1), has been completed. However, the following subgoals of (((MAIN . 5) . 1) . 1) remain to be proved: ((((MAIN . 5) . 1) . 1) . 1) and ((((MAIN . 5) . 1) . 1) . 2). Now proving ((((MAIN . 5) . 1) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 5) . 1) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 5) . 1) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 5) . 1) . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 4). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (MAIN . 4), has been proved, and has no dependents. Now proving (MAIN . 1). (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX. The current goal, (MAIN . 1), has been proved, and has no dependents. Now proving (MAIN . 2). (DIVE 1 2 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK3) Rewriting with MG-VAR-OK-ARRAY-INDEX-OK3. Creating 2 new subgoals, ((MAIN . 2) . 1) and ((MAIN . 2) . 2). The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoals of (MAIN . 2) remain to be proved: ((MAIN . 2) . 1) and ((MAIN . 2) . 2). Now proving ((MAIN . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 2) . 1), has been proved, and has no dependents. Now proving ((MAIN . 2) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 2) . 2), has been proved, and has no dependents. Now proving (MAIN . 3). (REWRITE IDIFFERENCE-LESSP) Rewriting with IDIFFERENCE-LESSP. The current goal, (MAIN . 3), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 1.5 0.0 0.0 ] MG-INDEX-ARRAY-STEP-18-NO-ERROR (PROVE-LEMMA MG-INDEX-ARRAY-STEP-19-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 13)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (RGET (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 14)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (RGET (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX SIMPLE-IDENTIFIERP))) WARNING: Note that MG-INDEX-ARRAY-STEP-19-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-INDEX-ARRAY-STEP-19-NO-ERROR could! This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 13)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (RGET (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 14)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (RGET (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))), which simplifies, using linear arithmetic, applying MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-INDEX-ARRAY-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-CTRL-STK-P-STATE, VALUE-EXPANSION3, BINDINGS-FRAME, TOP-PUSH, P-DATA-SEGMENT-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-WORD-SIZE-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, MAP-DOWN-VALUES-PRESERVES-LENGTH, LENGTH-PUSH, P-MAX-TEMP-STK-SIZE-P-STATE, IDIFFERENCE-LESSP2, RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2, IDIFFERENCE-LESSP, and P-STEP-EXPANSION, and unfolding the definitions of OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-INDEX-ARRAY-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-PUSH-LOCAL-STEP, ADD1-ADDR, ADD1-P-PC, LOCAL-VAR-VALUE, P-PUSH-LOCAL-OKP, PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, PACK, and P-STEP1, to: T. Q.E.D. [ 0.0 0.2 0.0 ] MG-INDEX-ARRAY-STEP-19-NO-ERROR (PROVE-LEMMA MG-INDEX-ARRAY-STEP-20-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 14)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (RGET (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 15)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (RPUT (RGET (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1) (REWRITE SIMPLE-IDENTIFIER-NAT-P-OBJECTP) UP S (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) UP (REWRITE MG-VAR-OK-TEMP-STK-INDEX (($LST (MG-ALIST MG-STATE)))) UP S (S LEMMAS) UP S (REWRITE MG-INDEX-ARRAY-ARGS-DEFINEDP) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE SIMPLE-TYPED-IDENTIFIER-SIMPLE-IDENTIFIERP (($TYPE (ARRAY-ELEMTYPE (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) S))) WARNING: Note that MG-INDEX-ARRAY-STEP-20-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-INDEX-ARRAY-STEP-20-NO-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1) (REWRITE SIMPLE-IDENTIFIER-NAT-P-OBJECTP) **WARNING**: The following variables occur free in the lemma: SIMPLE-IDENTIFIER-NAT-P-OBJECTP but were not explicitly substituted for: TEMP-STK and MG-STATE. Rewriting with SIMPLE-IDENTIFIER-NAT-P-OBJECTP. Creating 3 new subgoals, (MAIN . 1), (MAIN . 2), and (MAIN . 3). UP S (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (MAIN . 4). UP (REWRITE MG-VAR-OK-TEMP-STK-INDEX (($LST (MG-ALIST MG-STATE)))) Rewriting with MG-VAR-OK-TEMP-STK-INDEX. Creating 1 new subgoal, (MAIN . 5). UP S (S LEMMAS) UP S The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 5), (MAIN . 4), (MAIN . 1), (MAIN . 2), and (MAIN . 3). Now proving (MAIN . 5). (REWRITE MG-INDEX-ARRAY-ARGS-DEFINEDP) Rewriting with MG-INDEX-ARRAY-ARGS-DEFINEDP. The current goal, (MAIN . 5), has been proved, and has no dependents. Now proving (MAIN . 4). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (MAIN . 4), has been proved, and has no dependents. Now proving (MAIN . 1). : (REWRITE SIMPLE-TYPED-IDENTIFIER-SIMPLE-IDENTIFIERP (($TYPE (ARRAY-ELEMTYPE (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) Rewriting with SIMPLE-TYPED-IDENTIFIER-SIMPLE-IDENTIFIERP. Creating 1 new subgoal, ((MAIN . 1) . 1). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoal of (MAIN . 1) remains to be proved: ((MAIN . 1) . 1). Now proving ((MAIN . 1) . 1). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 1) . 1), has been proved, and has no dependents. Now proving (MAIN . 2). (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX. The current goal, (MAIN . 2), has been proved, and has no dependents. Now proving (MAIN . 3). S The current goal, (MAIN . 3), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.9 0.0 0.0 ] MG-INDEX-ARRAY-STEP-20-NO-ERROR (PROVE-LEMMA MG-INDEX-ARRAY-STEPS-21-22-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 15)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (RPUT (RGET (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK (RPUT (RGET (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX SIMPLE-IDENTIFIERP))) WARNING: Note that MG-INDEX-ARRAY-STEPS-21-22-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to the formula: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-INDEX-ARRAY . 15)) (PUSH (P-FRAME (LIST (CONS 'ANS (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'A (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (RPUT (RGET (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK (RPUT (RGET (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))). This simplifies, applying MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-INDEX-ARRAY-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-CTRL-STK-P-STATE, P-TEMP-STK-P-STATE, P-DATA-SEGMENT-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-MAX-TEMP-STK-SIZE-P-STATE, P-WORD-SIZE-P-STATE, P-INS-OKP-EXPANSION, P-STEP-EXPANSION, POP-PUSH, TOP-PUSH, and RET-PC-FRAME, and unfolding OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-INDEX-ARRAY-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-JUMP-STEP, PC, P-JUMP-OKP, PACK, P-STEP1, P-RET-STEP, and P-RET-OKP, to: T. Q.E.D. [ 0.0 0.4 0.0 ] MG-INDEX-ARRAY-STEPS-21-22-NO-ERROR (PROVE-LEMMA MG-INDEX-ARRAY-PUSH-CC (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (NORMAL MG-STATE)) (EQUAL (P-STEP (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK TEMP-STK (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C CC-VALUE)) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 6))) CTRL-STK (PUSH CC-VALUE TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C CC-VALUE)) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-INDEX-ARRAY 0) S (S LEMMAS) UP X UP X (DIVE 1) X (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) UP S X (S LEMMAS) UP S))) WARNING: Note that MG-INDEX-ARRAY-PUSH-CC contains the free variables CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST), (OK-MG-STATEP MG-STATE R-COND-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-INDEX-ARRAY-PUSH-CC could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY) 0) S (S LEMMAS) UP X UP X (DIVE 1) X (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX. UP S X (S LEMMAS) UP S The current goal, MAIN, has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.3 0.0 0.0 ] MG-INDEX-ARRAY-PUSH-CC (PROVE-LEMMA MG-INDEX-ARRAY-SUB1-CC (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (NORMAL MG-STATE) (MEMBER CC-VALUE (LIST '(NAT 1) '(NAT 2)))) (EQUAL (P-STEP (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 6))) CTRL-STK (PUSH CC-VALUE TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C CC-VALUE)) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 7))) CTRL-STK (PUSH (TAG 'NAT (SUB1 (UNTAG CC-VALUE))) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C CC-VALUE)) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-INDEX-ARRAY 0) S (S LEMMAS) UP X UP X (DIVE 1) X (S LEMMAS) PUSH UP S X (S LEMMAS) UP S (PROVE (ENABLE TYPE SMALL-NATURALP UNTAG TAG P-OBJECTP-TYPE))))) WARNING: Note that MG-INDEX-ARRAY-SUB1-CC contains the free variables CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST), (OK-MG-STATEP MG-STATE R-COND-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-INDEX-ARRAY-SUB1-CC could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY) 0) S (S LEMMAS) UP X UP X (DIVE 1) X (S LEMMAS) PUSH Creating 1 new subgoal, (MAIN . 1). UP S X (S LEMMAS) UP S The proof of the current goal, MAIN, has been completed. However, the following subgoal of MAIN remains to be proved: (MAIN . 1). Now proving (MAIN . 1). (PROVE (ENABLE TYPE SMALL-NATURALP UNTAG TAG P-OBJECTP-TYPE)) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, UNTAG, TAG, and NORMAL, to the conjecture: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (EQUAL (CC MG-STATE) 'NORMAL) (MEMBER CC-VALUE '((NAT 1) (NAT 2)))) (IF (P-OBJECTP-TYPE 'NAT CC-VALUE (P-STATE (LIST 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 6))) CTRL-STK (PUSH CC-VALUE TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C CC-VALUE)) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)) (IF (EQUAL (CADR CC-VALUE) 0) F (NUMBERP (CADR CC-VALUE))) F)). This simplifies, rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, and P-WORD-SIZE-P-STATE, and expanding the functions OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, TAG, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, CONS, P-OBJECTP, UNTAG, SMALL-NATURALP, TYPE, P-OBJECTP-TYPE, and NUMBERP, to: T. Q.E.D. The current goal, (MAIN . 1), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.4 0.1 0.0 ] MG-INDEX-ARRAY-SUB1-CC (PROVE-LEMMA MG-INDEX-ARRAY-LAST-STEP-ERROR-CASE (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (OR (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 7))) CTRL-STK (PUSH (TAG 'NAT (SUB1 (UNTAG '(NAT 1)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) '((C-C (NAT 1))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC (CONS SUBR (IF (NORMAL (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LENGTH (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (FIND-LABEL (FETCH-LABEL (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LABEL-ALIST (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2))))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-INDEX-ARRAY 0) S (S LEMMAS) UP X UP X (DIVE 1) X (S LEMMAS) X UP S (S LEMMAS) X (S LEMMAS) UP S (= (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK))) (MG-STATE 'ROUTINEERROR (MG-ALIST MG-STATE) (MG-PSW MG-STATE)) 0) S (S LEMMAS) (DIVE 1 2 1) (REWRITE DEFINEDP-CAR-ASSOC) TOP (DIVE 1 2 2 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) TOP (S LEMMAS) (REWRITE CAR-DEFINEDP-DEFINED-PROCP) (DIVE 1) (REWRITE PREDEFINED-PROC-CALL-MEANING-R-2) S X (= (CALL-NAME STMT) 'MG-INDEX-ARRAY 0) S (CLAIM (NOT (NUMBERP (UNTAG (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0) TOP S-PROP S (CLAIM (NOT (LESSP (UNTAG (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (ARRAY-LENGTH (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0) UP S-PROP TOP (CONTRADICT 16) S (DROP 16) (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) UP S UP S (DIVE 1 1 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) NX (REWRITE INT-LITERALP-MAPPING) UP UP (REWRITE IDIFFERENCE-LESSP2) TOP S (DIVE 1 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) NX (REWRITE INT-LITERALP-MAPPING) TOP (REWRITE IDIFFERENCE-LESSP2) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS)))) WARNING: Note that MG-INDEX-ARRAY-LAST-STEP-ERROR-CASE contains the free variables CODE2, T-COND-LIST, NAME-ALIST, R-COND-LIST, STMT, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST), and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-INDEX-ARRAY-LAST-STEP-ERROR-CASE could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY) 0) S (S LEMMAS) UP X UP X (DIVE 1) X (S LEMMAS) X UP S (S LEMMAS) X (S LEMMAS) UP S : (= (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK))) (MG-STATE 'ROUTINEERROR (MG-ALIST MG-STATE) (MG-PSW MG-STATE)) 0) Creating 1 new subgoal, (MAIN . 1). S (S LEMMAS) (DIVE 1 2 1) (REWRITE DEFINEDP-CAR-ASSOC) Rewriting with DEFINEDP-CAR-ASSOC. Creating 1 new subgoal, (MAIN . 2). TOP (DIVE 1 2 2 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. TOP (S LEMMAS) The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 2) and (MAIN . 1). Now proving (MAIN . 2). (REWRITE CAR-DEFINEDP-DEFINED-PROCP) Rewriting with CAR-DEFINEDP-DEFINED-PROCP. The current goal, (MAIN . 2), has been proved, and has no dependents. Now proving (MAIN . 1). (DIVE 1) (REWRITE PREDEFINED-PROC-CALL-MEANING-R-2) Rewriting with PREDEFINED-PROC-CALL-MEANING-R-2. S X (= (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY) 0) S : (CLAIM (NOT (NUMBERP (UNTAG (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0) Creating one new subgoal, ((MAIN . 1) . 1). TOP S-PROP The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoal of (MAIN . 1) remains to be proved: ((MAIN . 1) . 1). Now proving ((MAIN . 1) . 1). S : (CLAIM (NOT (LESSP (UNTAG (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (ARRAY-LENGTH (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0) Creating one new subgoal, (((MAIN . 1) . 1) . 1). UP S-PROP The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoal of ((MAIN . 1) . 1) remains to be proved: (((MAIN . 1) . 1) . 1). Now proving (((MAIN . 1) . 1) . 1). TOP (CONTRADICT 16) S (DROP 16) Dropping hypothesis 16. (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 1) . 1). UP S UP S (DIVE 1 1 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. NX (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 1) . 2). UP UP (REWRITE IDIFFERENCE-LESSP2) Rewriting with IDIFFERENCE-LESSP2. TOP S (DIVE 1 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. NX (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 1) . 3). TOP (REWRITE IDIFFERENCE-LESSP2) Rewriting with IDIFFERENCE-LESSP2. The proof of the current goal, (((MAIN . 1) . 1) . 1), has been completed. However, the following subgoals of (((MAIN . 1) . 1) . 1) remain to be proved: ((((MAIN . 1) . 1) . 1) . 3) ((((MAIN . 1) . 1) . 1) . 2), and ((((MAIN . 1) . 1) . 1) . 1). Now proving ((((MAIN . 1) . 1) . 1) . 3). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 1) . 3) . 1) and: (((((MAIN . 1) . 1) . 1) . 3) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 3), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 1) . 3) remain to be proved: (((((MAIN . 1) . 1) . 1) . 3) . 1) and: (((((MAIN . 1) . 1) . 1) . 3) . 2). Now proving (((((MAIN . 1) . 1) . 1) . 3) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 1) . 3) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 1) . 3) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 1) . 3) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 1) . 1) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 1) . 2) . 1) and: (((((MAIN . 1) . 1) . 1) . 2) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 2), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 1) . 2) remain to be proved: (((((MAIN . 1) . 1) . 1) . 2) . 1) and: (((((MAIN . 1) . 1) . 1) . 2) . 2). Now proving (((((MAIN . 1) . 1) . 1) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 1) . 2) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 1) . 2) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 1) . 2) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 1) . 1) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 1) . 1) . 1) and: (((((MAIN . 1) . 1) . 1) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 1) . 1) remain to be proved: (((((MAIN . 1) . 1) . 1) . 1) . 1) and: (((((MAIN . 1) . 1) . 1) . 1) . 2). Now proving (((((MAIN . 1) . 1) . 1) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 1) . 1) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 1) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 1) . 1) . 2), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 1.6 0.0 0.0 ] MG-INDEX-ARRAY-LAST-STEP-ERROR-CASE (PROVE-LEMMA SIMPLE-TYPED-IDENTIFIER-TYPE-EQUIVALENCE (REWRITE) (IMPLIES (SIMPLE-TYPED-IDENTIFIERP B TYPE ALIST) (EQUAL (EQUAL (CADR (ASSOC B ALIST)) TYPE) T)) ((ENABLE SIMPLE-TYPED-IDENTIFIERP INT-IDENTIFIERP BOOLEAN-IDENTIFIERP CHARACTER-IDENTIFIERP))) This conjecture simplifies, unfolding the definitions of CHARACTER-IDENTIFIERP, BOOLEAN-IDENTIFIERP, INT-IDENTIFIERP, IDENTIFIERP, M-TYPE, GET-M-TYPE, SIMPLE-TYPED-IDENTIFIERP, and EQUAL, to: T. Q.E.D. [ 0.0 0.0 0.0 ] SIMPLE-TYPED-IDENTIFIER-TYPE-EQUIVALENCE (PROVE-LEMMA MG-INDEX-ARRAY-STEP-25-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 7))) CTRL-STK (PUSH (TAG 'NAT (SUB1 (UNTAG (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST)))) (RPUT (RGET (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC (CONS SUBR (IF (NORMAL (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LENGTH (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (FIND-LABEL (FETCH-LABEL (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LABEL-ALIST (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2))))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-INDEX-ARRAY 0) S (S LEMMAS) UP X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (= * T ((ENABLE MG-COND-TO-P-NAT CONDITION-INDEX SMALL-NATURALP))) UP S (S LEMMAS) (DIVE 1) (= * F ((ENABLE MG-COND-TO-P-NAT CONDITION-INDEX))) UP S UP S (= (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK))) (MG-STATE 'NORMAL (SET-ALIST-VALUE (CAR (CALL-ACTUALS STMT)) (GET (UNTAG (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MG-ALIST MG-STATE)) (MG-PSW MG-STATE)) 0) S (DIVE 2 2) (= * T) TOP S (DIVE 2) (DIVE 2) (REWRITE SET-ALIST-VALUE-DEPOSIT-TEMP-RELATION) UP (DIVE 1 1) (REWRITE RGET-ARRAY-INDEX-MAPPING) UP UP (DIVE 1 1 1 1) (REWRITE INT-LITERALP-MAPPING) UP UP UP UP S UP S (DIVE 2 2 2 1 1) (REWRITE PREDEFINED-CALL-TRANSLATION-2) UP (S LEMMAS) UP (S LEMMAS) S (= (CALL-NAME STMT) 'MG-INDEX-ARRAY 0) S TOP PROVE (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (DEMOTE 16 17) (DIVE 1 2 1 1 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) TOP PROMOTE (REWRITE IDIFFERENCE-LESSP) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE SIMPLE-TYPED-IDENTIFIER-SIMPLE-IDENTIFIERP (($TYPE (ARRAY-ELEMTYPE (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE SIMPLE-TYPED-LITERALP-OK-VALUEP) (REWRITE SIMPLE-TYPED-LITERAL-LIST-ELEMENTS) (DIVE 2) (= * (ARRAY-ELEMTYPE (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) 0) UP (REWRITE ARRAY-IDENTIFIERS-HAVE-ARRAY-TYPES2) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (DIVE 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) NX (DIVE 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) TOP (REWRITE SIMPLE-TYPED-IDENTIFIER-TYPE-EQUIVALENCE) (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) PROVE (DIVE 1) (REWRITE PREDEFINED-PROC-CALL-MEANING-R-2) S X (= (CALL-NAME STMT) 'MG-INDEX-ARRAY 0) S NX TOP (DIVE 1 1) (= * T 0) NX (DIVE 1) (= * T 0) TOP S (DEMOTE 16 17) (DIVE 1 1 1 1) (REWRITE INT-LITERALP-MAPPING) TOP (DIVE 1 2 1 1 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) NX (REWRITE INT-LITERALP-MAPPING) TOP PROMOTE (DIVE 1) (REWRITE IDIFFERENCE-LESSP) TOP S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (DIVE 1) TOP (CONTRADICT 16) (REWRITE ZEROP-INTEGERP-TRICHOTOMY) (DIVE 1) (REWRITE INT-LITERALP-MAPPING) UP (REWRITE UNTAG-INT-LITERAL-INTEGERP) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) TOP S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS)))) WARNING: Note that MG-INDEX-ARRAY-STEP-25-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-INDEX-ARRAY-STEP-25-NO-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY) 0) S (S LEMMAS) UP X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (= * T ((ENABLE MG-COND-TO-P-NAT CONDITION-INDEX SMALL-NATURALP))) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, UNTAG-CONS, MG-COND-TO-P-NAT, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (SMALL-NATURALP (SUB1 (CONDITION-INDEX (CC MG-STATE) T-COND-LIST)) 32) T)), which simplifies, rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, and INT-LITERALP-MAPPING, and expanding OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, CONDITION-INDEX, SUB1, and SMALL-NATURALP, to: T. Q.E.D. UP S (S LEMMAS) (DIVE 1) (= * F ((ENABLE MG-COND-TO-P-NAT CONDITION-INDEX))) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, UNTAG-CONS, MG-COND-TO-P-NAT, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (EQUAL (SUB1 (CONDITION-INDEX (CC MG-STATE) T-COND-LIST)) 0) F)), which simplifies, rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, and INT-LITERALP-MAPPING, and expanding OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, CONDITION-INDEX, and SUB1, to: T. Q.E.D. UP S UP S : (= (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK))) (MG-STATE 'NORMAL (SET-ALIST-VALUE (CAR (CALL-ACTUALS STMT)) (GET (UNTAG (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MG-ALIST MG-STATE)) (MG-PSW MG-STATE)) 0) Creating 1 new subgoal, (MAIN . 1). S (DIVE 2 2) (= * T) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (RPUT (RGET (PLUS (UNTAG (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (MAP-DOWN-VALUES (SET-ALIST-VALUE (CAR (CALL-ACTUALS STMT)) (GET (UNTAG (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MG-ALIST MG-STATE)) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (LENGTH (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))))))) (EQUAL (EQUAL (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST) '(NAT 2)) T)). This simplifies, applying MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, CDR-CONS, LENGTH-DISTRIBUTES, and SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, and unfolding OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, LENGTH, and ADD1, to: T. Q.E.D. TOP S (DIVE 2) (DIVE 2) (REWRITE SET-ALIST-VALUE-DEPOSIT-TEMP-RELATION) Rewriting with SET-ALIST-VALUE-DEPOSIT-TEMP-RELATION. Creating 3 new subgoals, (MAIN . 2), (MAIN . 3), and (MAIN . 4). UP (DIVE 1 1) (REWRITE RGET-ARRAY-INDEX-MAPPING) Rewriting with RGET-ARRAY-INDEX-MAPPING. Creating 3 new subgoals, (MAIN . 5), (MAIN . 6), and (MAIN . 7). UP UP (DIVE 1 1 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (MAIN . 8). UP UP UP UP S UP S (DIVE 2 2 2 1 1) (REWRITE PREDEFINED-CALL-TRANSLATION-2) Rewriting with PREDEFINED-CALL-TRANSLATION-2. UP (S LEMMAS) UP (S LEMMAS) S (= (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY) 0) S TOP PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the new formula: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) (LENGTH (LIST (LIST 'PUSH-LOCAL (CAR (CALL-ACTUALS STMT))) (LIST 'PUSH-LOCAL (CADR (CALL-ACTUALS STMT))) (LIST 'PUSH-LOCAL (CADDR (CALL-ACTUALS STMT))) (LIST 'PUSH-CONSTANT (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) '(CALL MG-INDEX-ARRAY) '(PUSH-GLOBAL C-C) '(SUB1-NAT) (LIST 'TEST-NAT-AND-JUMP 'ZERO (CDR (ASSOC 'ROUTINEERROR (LABEL-ALIST CINFO))))))))))), which simplifies, applying MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, and CDR-CONS, and expanding the functions OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, LENGTH, and ADD1, to: T. Q.E.D. The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 8), (MAIN . 5), (MAIN . 6), (MAIN . 7), (MAIN . 2), (MAIN . 3), (MAIN . 4), and (MAIN . 1). Now proving (MAIN . 8). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((MAIN . 8) . 1) and ((MAIN . 8) . 2). The proof of the current goal, (MAIN . 8), has been completed. However, the following subgoals of (MAIN . 8) remain to be proved: ((MAIN . 8) . 1) and ((MAIN . 8) . 2). Now proving ((MAIN . 8) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 8) . 1), has been proved, and has no dependents. Now proving ((MAIN . 8) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 8) . 2), has been proved, and has no dependents. Now proving (MAIN . 5). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (MAIN . 5), has been proved, and has no dependents. Now proving (MAIN . 6). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (MAIN . 6), has been proved, and has no dependents. Now proving (MAIN . 7). (DEMOTE 16 17) (DIVE 1 2 1 1 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. TOP PROMOTE (REWRITE IDIFFERENCE-LESSP) Rewriting with IDIFFERENCE-LESSP. The current goal, (MAIN . 7), has been proved, and has no dependents. Now proving (MAIN . 2). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (MAIN . 2), has been proved, and has no dependents. Now proving (MAIN . 3). : (REWRITE SIMPLE-TYPED-IDENTIFIER-SIMPLE-IDENTIFIERP (($TYPE (ARRAY-ELEMTYPE (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) Rewriting with SIMPLE-TYPED-IDENTIFIER-SIMPLE-IDENTIFIERP. Creating 1 new subgoal, ((MAIN . 3) . 1). The proof of the current goal, (MAIN . 3), has been completed. However, the following subgoal of (MAIN . 3) remains to be proved: ((MAIN . 3) . 1). Now proving ((MAIN . 3) . 1). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 3) . 1), has been proved, and has no dependents. Now proving (MAIN . 4). (REWRITE SIMPLE-TYPED-LITERALP-OK-VALUEP) Rewriting with SIMPLE-TYPED-LITERALP-OK-VALUEP. Creating 1 new subgoal, ((MAIN . 4) . 1). The proof of the current goal, (MAIN . 4), has been completed. However, the following subgoal of (MAIN . 4) remains to be proved: ((MAIN . 4) . 1). Now proving ((MAIN . 4) . 1). (REWRITE SIMPLE-TYPED-LITERAL-LIST-ELEMENTS) Rewriting with SIMPLE-TYPED-LITERAL-LIST-ELEMENTS. Creating 2 new subgoals, (((MAIN . 4) . 1) . 1) and (((MAIN . 4) . 1) . 2). The proof of the current goal, ((MAIN . 4) . 1), has been completed. However, the following subgoals of ((MAIN . 4) . 1) remain to be proved: (((MAIN . 4) . 1) . 1) and (((MAIN . 4) . 1) . 2). Now proving (((MAIN . 4) . 1) . 1). (DIVE 2) : (= * (ARRAY-ELEMTYPE (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) 0) Creating 1 new subgoal, ((((MAIN . 4) . 1) . 1) . 1). UP (REWRITE ARRAY-IDENTIFIERS-HAVE-ARRAY-TYPES2) Rewriting with ARRAY-IDENTIFIERS-HAVE-ARRAY-TYPES2. Creating 2 new subgoals, ((((MAIN . 4) . 1) . 1) . 2) and: ((((MAIN . 4) . 1) . 1) . 3). The proof of the current goal, (((MAIN . 4) . 1) . 1), has been completed. However, the following subgoals of (((MAIN . 4) . 1) . 1) remain to be proved: ((((MAIN . 4) . 1) . 1) . 2) ((((MAIN . 4) . 1) . 1) . 3), and ((((MAIN . 4) . 1) . 1) . 1). Now proving ((((MAIN . 4) . 1) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 4) . 1) . 1) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 4) . 1) . 1) . 3). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 4) . 1) . 1) . 3), has been proved, and has no dependents. Now proving ((((MAIN . 4) . 1) . 1) . 1). (DIVE 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. NX (DIVE 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. TOP (REWRITE SIMPLE-TYPED-IDENTIFIER-TYPE-EQUIVALENCE) Rewriting with SIMPLE-TYPED-IDENTIFIER-TYPE-EQUIVALENCE. Creating 1 new subgoal, (((((MAIN . 4) . 1) . 1) . 1) . 1). The proof of the current goal, ((((MAIN . 4) . 1) . 1) . 1), has been completed. However, the following subgoal of ((((MAIN . 4) . 1) . 1) . 1) remains to be proved: (((((MAIN . 4) . 1) . 1) . 1) . 1). Now proving (((((MAIN . 4) . 1) . 1) . 1) . 1). : (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (LENGTH (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))))))) (SIMPLE-TYPED-IDENTIFIERP (CAR (CALL-ACTUALS STMT)) (ARRAY-ELEMTYPE (CADR (ASSOC (CADR (CALL-ACTUALS STMT)) NAME-ALIST))) NAME-ALIST)), which simplifies, unfolding the definitions of OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-INDEX-ARRAY-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. The current goal, (((((MAIN . 4) . 1) . 1) . 1) . 1), has been proved, and has no dependents. Now proving (((MAIN . 4) . 1) . 2). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (LENGTH (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))))))) (LESSP (UNTAG (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (LENGTH (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))), which simplifies, rewriting with the lemmas MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, CDR-CONS, LENGTH-DISTRIBUTES, ARRAY-IDENTIFIER-LENGTHS-MATCH, and IDIFFERENCE-LESSP, and opening up the definitions of OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, LENGTH, and ADD1, to: T. Q.E.D. The current goal, (((MAIN . 4) . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 1). (DIVE 1) (REWRITE PREDEFINED-PROC-CALL-MEANING-R-2) Rewriting with PREDEFINED-PROC-CALL-MEANING-R-2. S X (= (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY) 0) S NX TOP (DIVE 1 1) (= * T 0) Creating 1 new subgoal, ((MAIN . 1) . 1). NX (DIVE 1) (= * T 0) Creating 1 new subgoal, ((MAIN . 1) . 2). TOP S The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 2) and ((MAIN . 1) . 1). Now proving ((MAIN . 1) . 2). (DEMOTE 16 17) (DIVE 1 1 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (((MAIN . 1) . 2) . 1). TOP (DIVE 1 2 1 1 1) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. NX (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (((MAIN . 1) . 2) . 2). TOP PROMOTE (DIVE 1) (REWRITE IDIFFERENCE-LESSP) Rewriting with IDIFFERENCE-LESSP. TOP S The proof of the current goal, ((MAIN . 1) . 2), has been completed. However, the following subgoals of ((MAIN . 1) . 2) remain to be proved: (((MAIN . 1) . 2) . 2) and (((MAIN . 1) . 2) . 1). Now proving (((MAIN . 1) . 2) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 1) . 2) . 2) . 1) and: ((((MAIN . 1) . 2) . 2) . 2). The proof of the current goal, (((MAIN . 1) . 2) . 2), has been completed. However, the following subgoals of (((MAIN . 1) . 2) . 2) remain to be proved: ((((MAIN . 1) . 2) . 2) . 1) and ((((MAIN . 1) . 2) . 2) . 2). Now proving ((((MAIN . 1) . 2) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 2) . 2) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 2) . 2) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 1) . 2) . 2) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 1) . 2) . 1) . 1) and: ((((MAIN . 1) . 2) . 1) . 2). The proof of the current goal, (((MAIN . 1) . 2) . 1), has been completed. However, the following subgoals of (((MAIN . 1) . 2) . 1) remain to be proved: ((((MAIN . 1) . 2) . 1) . 1) and ((((MAIN . 1) . 2) . 1) . 2). Now proving ((((MAIN . 1) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 2) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 2) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 1) . 2) . 1) . 2), has been proved, and has no dependents. Now proving ((MAIN . 1) . 1). (DIVE 1) TOP (CONTRADICT 16) (REWRITE ZEROP-INTEGERP-TRICHOTOMY) Rewriting with ZEROP-INTEGERP-TRICHOTOMY. Creating 2 new subgoals, (((MAIN . 1) . 1) . 1) and (((MAIN . 1) . 1) . 2). The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoals of ((MAIN . 1) . 1) remain to be proved: (((MAIN . 1) . 1) . 1) and (((MAIN . 1) . 1) . 2). Now proving (((MAIN . 1) . 1) . 1). (DIVE 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 1) . 1). UP (REWRITE UNTAG-INT-LITERAL-INTEGERP) Rewriting with UNTAG-INT-LITERAL-INTEGERP. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 1) . 2). The proof of the current goal, (((MAIN . 1) . 1) . 1), has been completed. However, the following subgoals of (((MAIN . 1) . 1) . 1) remain to be proved: ((((MAIN . 1) . 1) . 1) . 2) and ((((MAIN . 1) . 1) . 1) . 1). Now proving ((((MAIN . 1) . 1) . 1) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 1) . 2) . 1) and: (((((MAIN . 1) . 1) . 1) . 2) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 2), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 1) . 2) remain to be proved: (((((MAIN . 1) . 1) . 1) . 2) . 1) and: (((((MAIN . 1) . 1) . 1) . 2) . 2). Now proving (((((MAIN . 1) . 1) . 1) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 1) . 2) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 1) . 2) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 1) . 2) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 1) . 1) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 1) . 1) . 1) and: (((((MAIN . 1) . 1) . 1) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 1) . 1) remain to be proved: (((((MAIN . 1) . 1) . 1) . 1) . 1) and: (((((MAIN . 1) . 1) . 1) . 1) . 2). Now proving (((((MAIN . 1) . 1) . 1) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 1) . 1) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 1) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 1) . 1) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 2). (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 2) . 1). TOP S The proof of the current goal, (((MAIN . 1) . 1) . 2), has been completed. However, the following subgoal of (((MAIN . 1) . 1) . 2) remains to be proved: ((((MAIN . 1) . 1) . 2) . 1). Now proving ((((MAIN . 1) . 1) . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 2) . 1) . 1) and: (((((MAIN . 1) . 1) . 2) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 2) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 2) . 1) remain to be proved: (((((MAIN . 1) . 1) . 2) . 1) . 1) and: (((((MAIN . 1) . 1) . 2) . 1) . 2). Now proving (((((MAIN . 1) . 1) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 2) . 1) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 2) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 2) . 1) . 2), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 1.2 1.4 0.1 ] MG-INDEX-ARRAY-STEP-25-NO-ERROR (PROVE-LEMMA MG-INDEX-ARRAY-EXACT-TIME-LEMMA (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE)) (EQUAL (P (MAP-DOWN MG-STATE PROC-LIST CTRL-STK TEMP-STK (TAG 'PC (CONS SUBR (LENGTH (CODE CINFO)))) T-COND-LIST) (CLOCK STMT PROC-LIST MG-STATE N)) (P-STATE (TAG 'PC (CONS SUBR (IF (NORMAL (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LENGTH (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (FIND-LABEL (FETCH-LABEL (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LABEL-ALIST (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2))))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1 2) (REWRITE CLOCK-PREDEFINED-PROC-CALL) S X (= (CALL-NAME STMT) 'MG-INDEX-ARRAY 0) S (CLAIM (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0) (DIVE 2 1) (= * T 0) UP UP S UP (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-0-UNWINDING-LEMMA) (DIVE 1 1 1 1 1 1 1 1 1 1 1) (REWRITE MG-INDEX-ARRAY-STEPS-1-4) UP (REWRITE MG-INDEX-ARRAY-STEP-5) UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-6-8) UP UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-9-12-NEG-INDEX) UP (REWRITE MG-INDEX-ARRAY-PUSH-CC) UP (REWRITE MG-INDEX-ARRAY-SUB1-CC) UP (REWRITE MG-INDEX-ARRAY-LAST-STEP-ERROR-CASE) UP S-PROP (DEMOTE 16) S-PROP (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP S (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) X (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP S (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (DEMOTE 16) (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) TOP (S-PROP UNTAG) S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (DIVE 2) (CLAIM (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) 0) (= * 11 0) UP S UP (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-0-UNWINDING-LEMMA) (DIVE 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1) (REWRITE MG-INDEX-ARRAY-STEPS-1-4) UP (REWRITE MG-INDEX-ARRAY-STEP-5) UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-6-8) UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-9-11-NO-ERROR) UP (REWRITE MG-INDEX-ARRAY-STEP-12-NO-ERROR) UP (REWRITE MG-INDEX-ARRAY-STEP-13-INDEX-ERROR) UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-14-16-INDEX-ERROR) UP (REWRITE MG-INDEX-ARRAY-PUSH-CC) UP (REWRITE MG-INDEX-ARRAY-SUB1-CC) UP (REWRITE MG-INDEX-ARRAY-LAST-STEP-ERROR-CASE) UP S-PROP (DEMOTE 17) S-PROP (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP S (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) X (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP S (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (DEMOTE 16 17) (DIVE 1 1 1 1) (REWRITE INT-LITERALP-MAPPING) X TOP (DIVE 1 2 1 2) (REWRITE INT-LITERALP-MAPPING) X TOP S-PROP S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (= * 17 0) UP S UP (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-0-UNWINDING-LEMMA) (DIVE 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1) (REWRITE MG-INDEX-ARRAY-STEPS-1-4) UP (REWRITE MG-INDEX-ARRAY-STEP-5) UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-6-8) UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-9-11-NO-ERROR) UP (REWRITE MG-INDEX-ARRAY-STEP-12-NO-ERROR) UP (REWRITE MG-INDEX-ARRAY-STEP-13-NO-ERROR) UP UP (REWRITE MG-INDEX-ARRAY-STEPS-14-15-NO-ERROR) UP (REWRITE MG-INDEX-ARRAY-STEP-16-NO-ERROR) UP (REWRITE MG-INDEX-ARRAY-STEP-17-NO-ERROR) UP (REWRITE MG-INDEX-ARRAY-STEP-18-NO-ERROR) UP (REWRITE MG-INDEX-ARRAY-STEP-19-NO-ERROR) UP (REWRITE MG-INDEX-ARRAY-STEP-20-NO-ERROR) UP UP (REWRITE MG-INDEX-ARRAY-STEPS-21-22-NO-ERROR) UP (REWRITE MG-INDEX-ARRAY-PUSH-CC) UP (REWRITE MG-INDEX-ARRAY-SUB1-CC) UP (REWRITE MG-INDEX-ARRAY-STEP-25-NO-ERROR) UP S-PROP (DIVE 1 3 1) (REWRITE RPUT-PRESERVES-LENGTH) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP S (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP (REWRITE MG-VAR-OK-TEMP-STK-INDEX (($LST (MG-ALIST MG-STATE)))) (REWRITE MG-INDEX-ARRAY-ARGS-DEFINEDP) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (PROVE (ENABLE MG-COND-TO-P-NAT CONDITION-INDEX)) (DIVE 1 3 1) (REWRITE RPUT-PRESERVES-LENGTH) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP S (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP (REWRITE MG-VAR-OK-TEMP-STK-INDEX (($LST (MG-ALIST MG-STATE)))) (REWRITE MG-INDEX-ARRAY-ARGS-DEFINEDP) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (DEMOTE 16 17) (DIVE 1 1 1 1) (REWRITE INT-LITERALP-MAPPING) X UP UP UP (DIVE 2 1 1 2) (REWRITE INT-LITERALP-MAPPING) X TOP S-PROP S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS)))) WARNING: Note that MG-INDEX-ARRAY-EXACT-TIME-LEMMA contains the free variables CODE2, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypotheses: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). *** Entering proof-checker *** PROMOTE (DIVE 1 2) (REWRITE CLOCK-PREDEFINED-PROC-CALL) Rewriting with CLOCK-PREDEFINED-PROC-CALL. S X (= (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY) 0) S : (CLAIM (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0) Creating one new subgoal, (MAIN . 1). (DIVE 2 1) (= * T 0) Creating 1 new subgoal, (MAIN . 2). UP UP S UP (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-0-UNWINDING-LEMMA) Rewriting with P-0-UNWINDING-LEMMA. (DIVE 1 1 1 1 1 1 1 1 1 1 1) (REWRITE MG-INDEX-ARRAY-STEPS-1-4) Rewriting with MG-INDEX-ARRAY-STEPS-1-4. UP (REWRITE MG-INDEX-ARRAY-STEP-5) Rewriting with MG-INDEX-ARRAY-STEP-5. UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-6-8) Rewriting with MG-INDEX-ARRAY-STEPS-6-8. UP UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-9-12-NEG-INDEX) Rewriting with MG-INDEX-ARRAY-STEPS-9-12-NEG-INDEX. UP (REWRITE MG-INDEX-ARRAY-PUSH-CC) **WARNING**: The following variables occur free in the lemma MG-INDEX-ARRAY-PUSH-CC but were not explicitly substituted for: CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-INDEX-ARRAY-PUSH-CC. Creating 1 new subgoal, (MAIN . 3). UP (REWRITE MG-INDEX-ARRAY-SUB1-CC) **WARNING**: The following variables occur free in the lemma MG-INDEX-ARRAY-SUB1-CC but were not explicitly substituted for: CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-INDEX-ARRAY-SUB1-CC. Creating 2 new subgoals, (MAIN . 4) and (MAIN . 5). UP (REWRITE MG-INDEX-ARRAY-LAST-STEP-ERROR-CASE) **WARNING**: The following variables occur free in the lemma: MG-INDEX-ARRAY-LAST-STEP-ERROR-CASE but were not explicitly substituted for: CODE2, T-COND-LIST, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-INDEX-ARRAY-LAST-STEP-ERROR-CASE. Creating 1 new subgoal, (MAIN . 6). UP S-PROP The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 6), (MAIN . 4), (MAIN . 5), (MAIN . 3), (MAIN . 2), and (MAIN . 1). Now proving (MAIN . 6). (DEMOTE 16) S-PROP The current goal, (MAIN . 6), has been proved, and has no dependents. Now proving (MAIN . 4). (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, ((MAIN . 4) . 1). TOP S The proof of the current goal, (MAIN . 4), has been completed. However, the following subgoal of (MAIN . 4) remains to be proved: ((MAIN . 4) . 1). Now proving ((MAIN . 4) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 4) . 1), has been proved, and has no dependents. Now proving (MAIN . 5). X The current goal, (MAIN . 5), has been proved, and has no dependents. Now proving (MAIN . 3). (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, ((MAIN . 3) . 1). TOP S The proof of the current goal, (MAIN . 3), has been completed. However, the following subgoal of (MAIN . 3) remains to be proved: ((MAIN . 3) . 1). Now proving ((MAIN . 3) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 3) . 1), has been proved, and has no dependents. Now proving (MAIN . 2). (DEMOTE 16) (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((MAIN . 2) . 1). TOP (S-PROP UNTAG) S The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoal of (MAIN . 2) remains to be proved: ((MAIN . 2) . 1). Now proving ((MAIN . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((MAIN . 2) . 1) . 1) and (((MAIN . 2) . 1) . 2). The proof of the current goal, ((MAIN . 2) . 1), has been completed. However, the following subgoals of ((MAIN . 2) . 1) remain to be proved: (((MAIN . 2) . 1) . 1) and (((MAIN . 2) . 1) . 2). Now proving (((MAIN . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((MAIN . 2) . 1) . 1), has been proved, and has no dependents. Now proving (((MAIN . 2) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((MAIN . 2) . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 1). (DIVE 2) : (CLAIM (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) 0) Creating one new subgoal, ((MAIN . 1) . 1). (= * 11 0) Creating 1 new subgoal, ((MAIN . 1) . 2). UP S UP (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-0-UNWINDING-LEMMA) Rewriting with P-0-UNWINDING-LEMMA. (DIVE 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1) (REWRITE MG-INDEX-ARRAY-STEPS-1-4) Rewriting with MG-INDEX-ARRAY-STEPS-1-4. UP (REWRITE MG-INDEX-ARRAY-STEP-5) Rewriting with MG-INDEX-ARRAY-STEP-5. UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-6-8) Rewriting with MG-INDEX-ARRAY-STEPS-6-8. UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-9-11-NO-ERROR) Rewriting with MG-INDEX-ARRAY-STEPS-9-11-NO-ERROR. UP (REWRITE MG-INDEX-ARRAY-STEP-12-NO-ERROR) Rewriting with MG-INDEX-ARRAY-STEP-12-NO-ERROR. UP (REWRITE MG-INDEX-ARRAY-STEP-13-INDEX-ERROR) Rewriting with MG-INDEX-ARRAY-STEP-13-INDEX-ERROR. UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-14-16-INDEX-ERROR) Rewriting with MG-INDEX-ARRAY-STEPS-14-16-INDEX-ERROR. UP (REWRITE MG-INDEX-ARRAY-PUSH-CC) **WARNING**: The following variables occur free in the lemma MG-INDEX-ARRAY-PUSH-CC but were not explicitly substituted for: CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-INDEX-ARRAY-PUSH-CC. Creating 1 new subgoal, ((MAIN . 1) . 3). UP (REWRITE MG-INDEX-ARRAY-SUB1-CC) **WARNING**: The following variables occur free in the lemma MG-INDEX-ARRAY-SUB1-CC but were not explicitly substituted for: CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-INDEX-ARRAY-SUB1-CC. Creating 2 new subgoals, ((MAIN . 1) . 4) and ((MAIN . 1) . 5). UP (REWRITE MG-INDEX-ARRAY-LAST-STEP-ERROR-CASE) **WARNING**: The following variables occur free in the lemma: MG-INDEX-ARRAY-LAST-STEP-ERROR-CASE but were not explicitly substituted for: CODE2, T-COND-LIST, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-INDEX-ARRAY-LAST-STEP-ERROR-CASE. Creating 1 new subgoal, ((MAIN . 1) . 6). UP S-PROP The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 6), ((MAIN . 1) . 4), ((MAIN . 1) . 5), ((MAIN . 1) . 3), ((MAIN . 1) . 2), and ((MAIN . 1) . 1). Now proving ((MAIN . 1) . 6). (DEMOTE 17) S-PROP The current goal, ((MAIN . 1) . 6), has been proved, and has no dependents. Now proving ((MAIN . 1) . 4). (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (((MAIN . 1) . 4) . 1). TOP S The proof of the current goal, ((MAIN . 1) . 4), has been completed. However, the following subgoal of ((MAIN . 1) . 4) remains to be proved: (((MAIN . 1) . 4) . 1). Now proving (((MAIN . 1) . 4) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((MAIN . 1) . 4) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 5). X The current goal, ((MAIN . 1) . 5), has been proved, and has no dependents. Now proving ((MAIN . 1) . 3). (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (((MAIN . 1) . 3) . 1). TOP S The proof of the current goal, ((MAIN . 1) . 3), has been completed. However, the following subgoal of ((MAIN . 1) . 3) remains to be proved: (((MAIN . 1) . 3) . 1). Now proving (((MAIN . 1) . 3) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((MAIN . 1) . 3) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (DEMOTE 16 17) (DIVE 1 1 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (((MAIN . 1) . 2) . 1). X TOP (DIVE 1 2 1 2) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (((MAIN . 1) . 2) . 2). X TOP S-PROP S The proof of the current goal, ((MAIN . 1) . 2), has been completed. However, the following subgoals of ((MAIN . 1) . 2) remain to be proved: (((MAIN . 1) . 2) . 2) and (((MAIN . 1) . 2) . 1). Now proving (((MAIN . 1) . 2) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 1) . 2) . 2) . 1) and: ((((MAIN . 1) . 2) . 2) . 2). The proof of the current goal, (((MAIN . 1) . 2) . 2), has been completed. However, the following subgoals of (((MAIN . 1) . 2) . 2) remain to be proved: ((((MAIN . 1) . 2) . 2) . 1) and ((((MAIN . 1) . 2) . 2) . 2). Now proving ((((MAIN . 1) . 2) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 2) . 2) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 2) . 2) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 1) . 2) . 2) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 1) . 2) . 1) . 1) and: ((((MAIN . 1) . 2) . 1) . 2). The proof of the current goal, (((MAIN . 1) . 2) . 1), has been completed. However, the following subgoals of (((MAIN . 1) . 2) . 1) remain to be proved: ((((MAIN . 1) . 2) . 1) . 1) and ((((MAIN . 1) . 2) . 1) . 2). Now proving ((((MAIN . 1) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 2) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 2) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 1) . 2) . 1) . 2), has been proved, and has no dependents. Now proving ((MAIN . 1) . 1). (= * 17 0) Creating 1 new subgoal, (((MAIN . 1) . 1) . 1). UP S UP (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-0-UNWINDING-LEMMA) Rewriting with P-0-UNWINDING-LEMMA. (DIVE 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1) (REWRITE MG-INDEX-ARRAY-STEPS-1-4) Rewriting with MG-INDEX-ARRAY-STEPS-1-4. UP (REWRITE MG-INDEX-ARRAY-STEP-5) Rewriting with MG-INDEX-ARRAY-STEP-5. UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-6-8) Rewriting with MG-INDEX-ARRAY-STEPS-6-8. UP UP UP (REWRITE MG-INDEX-ARRAY-STEPS-9-11-NO-ERROR) Rewriting with MG-INDEX-ARRAY-STEPS-9-11-NO-ERROR. UP (REWRITE MG-INDEX-ARRAY-STEP-12-NO-ERROR) Rewriting with MG-INDEX-ARRAY-STEP-12-NO-ERROR. UP (REWRITE MG-INDEX-ARRAY-STEP-13-NO-ERROR) Rewriting with MG-INDEX-ARRAY-STEP-13-NO-ERROR. UP UP (REWRITE MG-INDEX-ARRAY-STEPS-14-15-NO-ERROR) Rewriting with MG-INDEX-ARRAY-STEPS-14-15-NO-ERROR. UP (REWRITE MG-INDEX-ARRAY-STEP-16-NO-ERROR) Rewriting with MG-INDEX-ARRAY-STEP-16-NO-ERROR. UP (REWRITE MG-INDEX-ARRAY-STEP-17-NO-ERROR) Rewriting with MG-INDEX-ARRAY-STEP-17-NO-ERROR. UP (REWRITE MG-INDEX-ARRAY-STEP-18-NO-ERROR) Rewriting with MG-INDEX-ARRAY-STEP-18-NO-ERROR. UP (REWRITE MG-INDEX-ARRAY-STEP-19-NO-ERROR) Rewriting with MG-INDEX-ARRAY-STEP-19-NO-ERROR. UP (REWRITE MG-INDEX-ARRAY-STEP-20-NO-ERROR) Rewriting with MG-INDEX-ARRAY-STEP-20-NO-ERROR. UP UP (REWRITE MG-INDEX-ARRAY-STEPS-21-22-NO-ERROR) Rewriting with MG-INDEX-ARRAY-STEPS-21-22-NO-ERROR. UP (REWRITE MG-INDEX-ARRAY-PUSH-CC) **WARNING**: The following variables occur free in the lemma MG-INDEX-ARRAY-PUSH-CC but were not explicitly substituted for: CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-INDEX-ARRAY-PUSH-CC. Creating 1 new subgoal, (((MAIN . 1) . 1) . 2). UP (REWRITE MG-INDEX-ARRAY-SUB1-CC) **WARNING**: The following variables occur free in the lemma MG-INDEX-ARRAY-SUB1-CC but were not explicitly substituted for: CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-INDEX-ARRAY-SUB1-CC. Creating 2 new subgoals, (((MAIN . 1) . 1) . 3) and (((MAIN . 1) . 1) . 4). UP (REWRITE MG-INDEX-ARRAY-STEP-25-NO-ERROR) Rewriting with MG-INDEX-ARRAY-STEP-25-NO-ERROR. UP S-PROP The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoals of ((MAIN . 1) . 1) remain to be proved: (((MAIN . 1) . 1) . 3), (((MAIN . 1) . 1) . 4), (((MAIN . 1) . 1) . 2), and (((MAIN . 1) . 1) . 1). Now proving (((MAIN . 1) . 1) . 3). (DIVE 1 3 1) (REWRITE RPUT-PRESERVES-LENGTH) Rewriting with RPUT-PRESERVES-LENGTH. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 3) . 1). (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 3) . 2). TOP S The proof of the current goal, (((MAIN . 1) . 1) . 3), has been completed. However, the following subgoals of (((MAIN . 1) . 1) . 3) remain to be proved: ((((MAIN . 1) . 1) . 3) . 2) and ((((MAIN . 1) . 1) . 3) . 1). Now proving ((((MAIN . 1) . 1) . 3) . 2). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 1) . 3) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 1) . 3) . 1). (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (((((MAIN . 1) . 1) . 3) . 1) . 1). TOP (REWRITE MG-VAR-OK-TEMP-STK-INDEX (($LST (MG-ALIST MG-STATE)))) Rewriting with MG-VAR-OK-TEMP-STK-INDEX. Creating 1 new subgoal, (((((MAIN . 1) . 1) . 3) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 3) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 3) . 1) remain to be proved: (((((MAIN . 1) . 1) . 3) . 1) . 2) and: (((((MAIN . 1) . 1) . 3) . 1) . 1). Now proving (((((MAIN . 1) . 1) . 3) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-DEFINEDP) Rewriting with MG-INDEX-ARRAY-ARGS-DEFINEDP. The current goal, (((((MAIN . 1) . 1) . 3) . 1) . 2), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 3) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 3) . 1) . 1), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 4). (PROVE (ENABLE MG-COND-TO-P-NAT CONDITION-INDEX)) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-COND-TO-P-NAT, and NORMAL, to the formula: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (MEMBER (LIST 'NAT (CONDITION-INDEX (CC MG-STATE) T-COND-LIST)) '((NAT 1) (NAT 2)))). This simplifies, rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, and INT-LITERALP-MAPPING, and opening up OK-MG-DEF-PLISTP, MG-INDEX-ARRAY-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, CONDITION-INDEX, and CONS, to: T. Q.E.D. The current goal, (((MAIN . 1) . 1) . 4), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 2). (DIVE 1 3 1) (REWRITE RPUT-PRESERVES-LENGTH) Rewriting with RPUT-PRESERVES-LENGTH. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 2) . 1). (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 2) . 2). TOP S The proof of the current goal, (((MAIN . 1) . 1) . 2), has been completed. However, the following subgoals of (((MAIN . 1) . 1) . 2) remain to be proved: ((((MAIN . 1) . 1) . 2) . 2) and ((((MAIN . 1) . 1) . 2) . 1). Now proving ((((MAIN . 1) . 1) . 2) . 2). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 1) . 2) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 1) . 2) . 1). (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (((((MAIN . 1) . 1) . 2) . 1) . 1). TOP (REWRITE MG-VAR-OK-TEMP-STK-INDEX (($LST (MG-ALIST MG-STATE)))) Rewriting with MG-VAR-OK-TEMP-STK-INDEX. Creating 1 new subgoal, (((((MAIN . 1) . 1) . 2) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 2) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 2) . 1) remain to be proved: (((((MAIN . 1) . 1) . 2) . 1) . 2) and: (((((MAIN . 1) . 1) . 2) . 1) . 1). Now proving (((((MAIN . 1) . 1) . 2) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-DEFINEDP) Rewriting with MG-INDEX-ARRAY-ARGS-DEFINEDP. The current goal, (((((MAIN . 1) . 1) . 2) . 1) . 2), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 2) . 1) . 1), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 1). (DEMOTE 16 17) (DIVE 1 1 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 1) . 1). X UP UP UP (DIVE 2 1 1 2) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 1) . 2). X TOP S-PROP S The proof of the current goal, (((MAIN . 1) . 1) . 1), has been completed. However, the following subgoals of (((MAIN . 1) . 1) . 1) remain to be proved: ((((MAIN . 1) . 1) . 1) . 2) and ((((MAIN . 1) . 1) . 1) . 1). Now proving ((((MAIN . 1) . 1) . 1) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 1) . 2) . 1) and: (((((MAIN . 1) . 1) . 1) . 2) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 2), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 1) . 2) remain to be proved: (((((MAIN . 1) . 1) . 1) . 2) . 1) and: (((((MAIN . 1) . 1) . 1) . 2) . 2). Now proving (((((MAIN . 1) . 1) . 1) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 1) . 2) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 1) . 2) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 1) . 2) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 1) . 1) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 1) . 1) . 1) and: (((((MAIN . 1) . 1) . 1) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 1) . 1) remain to be proved: (((((MAIN . 1) . 1) . 1) . 1) . 1) and: (((((MAIN . 1) . 1) . 1) . 1) . 2). Now proving (((((MAIN . 1) . 1) . 1) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 1) . 1) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 1) . 1) . 2). (REWRITE MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-INDEX-ARRAY-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 1) . 1) . 2), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 4.1 0.1 0.0 ] MG-INDEX-ARRAY-EXACT-TIME-LEMMA (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS (REWRITE) (IMPLIES (AND (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST)) (AND (ARRAY-IDENTIFIERP (CAR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)) (INT-IDENTIFIERP (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)) (SIMPLE-TYPED-IDENTIFIERP (CADDR (CALL-ACTUALS STMT)) (ARRAY-ELEMTYPE (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MG-ALIST MG-STATE)) (EQUAL (CADDDR (CALL-ACTUALS STMT)) (ARRAY-LENGTH (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) ((INSTRUCTIONS PROMOTE SPLIT (REWRITE SIGNATURES-MATCH-PRESERVES-ARRAY-IDENTIFIERP (($ALIST1 NAME-ALIST))) (REWRITE SIGNATURES-MATCH-SYMMETRIC) (REWRITE OK-MG-STATEP-ALIST-PLISTP) (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) (REWRITE SIGNATURES-MATCH-PRESERVES-INT-IDENTIFIERP (($ALIST1 NAME-ALIST))) (REWRITE SIGNATURES-MATCH-SYMMETRIC) (REWRITE OK-MG-STATEP-ALIST-PLISTP) (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) (DIVE 2 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) TOP (REWRITE SIGNATURES-MATCH-PRESERVES-SIMPLE-TYPED-IDENTIFIERP (($ALIST1 NAME-ALIST))) (REWRITE SIGNATURES-MATCH-SYMMETRIC) (REWRITE OK-MG-STATEP-ALIST-PLISTP) (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) (DIVE 2 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) TOP (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS contains the free variables MG-STATE, PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypotheses: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and (OK-MG-STATEP MG-STATE R-COND-LIST). WARNING: Note that the proposed lemma: MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS is to be stored as zero type prescription rules, zero compound recognizer rules, zero linear rules, and four replacement rules. *** Entering proof-checker *** PROMOTE SPLIT Creating 4 new subgoals, (MAIN . 1), (MAIN . 2), (MAIN . 3), and (MAIN . 4). The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 1), (MAIN . 2), (MAIN . 3), and (MAIN . 4). Now proving (MAIN . 1). : (REWRITE SIGNATURES-MATCH-PRESERVES-ARRAY-IDENTIFIERP (($ALIST1 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-ARRAY-IDENTIFIERP. Creating 2 new subgoals, ((MAIN . 1) . 1) and ((MAIN . 1) . 2). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1) and ((MAIN . 1) . 2). Now proving ((MAIN . 1) . 1). (REWRITE SIGNATURES-MATCH-SYMMETRIC) Rewriting with SIGNATURES-MATCH-SYMMETRIC. Creating 1 new subgoal, (((MAIN . 1) . 1) . 1). The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoal of ((MAIN . 1) . 1) remains to be proved: (((MAIN . 1) . 1) . 1). Now proving (((MAIN . 1) . 1) . 1). (REWRITE OK-MG-STATEP-ALIST-PLISTP) Rewriting with OK-MG-STATEP-ALIST-PLISTP. The current goal, (((MAIN . 1) . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). : (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) ***** Now entering the theorem prover *****: This simplifies, opening up the definitions of OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. The current goal, ((MAIN . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 2). (REWRITE SIGNATURES-MATCH-PRESERVES-INT-IDENTIFIERP (($ALIST1 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-INT-IDENTIFIERP. Creating 2 new subgoals, ((MAIN . 2) . 1) and ((MAIN . 2) . 2). The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoals of (MAIN . 2) remain to be proved: ((MAIN . 2) . 1) and ((MAIN . 2) . 2). Now proving ((MAIN . 2) . 1). (REWRITE SIGNATURES-MATCH-SYMMETRIC) Rewriting with SIGNATURES-MATCH-SYMMETRIC. Creating 1 new subgoal, (((MAIN . 2) . 1) . 1). The proof of the current goal, ((MAIN . 2) . 1), has been completed. However, the following subgoal of ((MAIN . 2) . 1) remains to be proved: (((MAIN . 2) . 1) . 1). Now proving (((MAIN . 2) . 1) . 1). (REWRITE OK-MG-STATEP-ALIST-PLISTP) Rewriting with OK-MG-STATEP-ALIST-PLISTP. The current goal, (((MAIN . 2) . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 2) . 2). : (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) ***** Now entering the theorem prover *****: This simplifies, expanding the functions OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. The current goal, ((MAIN . 2) . 2), has been proved, and has no dependents. Now proving (MAIN . 3). (DIVE 2 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. TOP : (REWRITE SIGNATURES-MATCH-PRESERVES-SIMPLE-TYPED-IDENTIFIERP (($ALIST1 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-SIMPLE-TYPED-IDENTIFIERP. Creating 2 new subgoals, ((MAIN . 3) . 1) and ((MAIN . 3) . 2). The proof of the current goal, (MAIN . 3), has been completed. However, the following subgoals of (MAIN . 3) remain to be proved: ((MAIN . 3) . 1) and ((MAIN . 3) . 2). Now proving ((MAIN . 3) . 1). (REWRITE SIGNATURES-MATCH-SYMMETRIC) Rewriting with SIGNATURES-MATCH-SYMMETRIC. Creating 1 new subgoal, (((MAIN . 3) . 1) . 1). The proof of the current goal, ((MAIN . 3) . 1), has been completed. However, the following subgoal of ((MAIN . 3) . 1) remains to be proved: (((MAIN . 3) . 1) . 1). Now proving (((MAIN . 3) . 1) . 1). (REWRITE OK-MG-STATEP-ALIST-PLISTP) Rewriting with OK-MG-STATEP-ALIST-PLISTP. The current goal, (((MAIN . 3) . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 3) . 2). : (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) ***** Now entering the theorem prover *****: This formula simplifies, unfolding OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS, MAXINT, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. The current goal, ((MAIN . 3) . 2), has been proved, and has no dependents. Now proving (MAIN . 4). (DIVE 2 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. TOP : (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) ***** Now entering the theorem prover *****: This simplifies, unfolding the functions OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. The current goal, (MAIN . 4), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.3 0.0 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-ARG3-SIMPLE (REWRITE) (IMPLIES (AND (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST)) (SIMPLE-IDENTIFIERP (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))) ((INSTRUCTIONS PROMOTE (REWRITE SIMPLE-TYPED-IDENTIFIER-SIMPLE-IDENTIFIERP (($TYPE (ARRAY-ELEMTYPE (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS)))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-ARG3-SIMPLE contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). *** Entering proof-checker *** PROMOTE : (REWRITE SIMPLE-TYPED-IDENTIFIER-SIMPLE-IDENTIFIERP (($TYPE (ARRAY-ELEMTYPE (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) Rewriting with SIMPLE-TYPED-IDENTIFIER-SIMPLE-IDENTIFIERP. Creating 1 new subgoal, (MAIN . 1). The proof of the current goal, MAIN, has been completed. However, the following subgoal of MAIN remains to be proved: (MAIN . 1). Now proving (MAIN . 1). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (MAIN . 1), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.0 0.0 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-ARG3-SIMPLE (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP (REWRITE) (IMPLIES (AND (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST)) (AND (DEFINEDP (CAR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)) (DEFINEDP (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)) (DEFINEDP (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) ((INSTRUCTIONS PROMOTE SPLIT (REWRITE ARRAY-IDENTIFIERP-IMPLIES-DEFINEDP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE SIMPLE-IDENTIFIERP-IMPLIES-DEFINEDP) X (DIVE 3 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) TOP S (REWRITE SIMPLE-TYPED-IDENTIFIERP-IMPLIES-DEFINEDP (($TYPE (ARRAY-ELEMTYPE (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS)))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). WARNING: Note that the proposed lemma: MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP is to be stored as zero type prescription rules, zero compound recognizer rules, zero linear rules, and three replacement rules. *** Entering proof-checker *** PROMOTE SPLIT Creating 3 new subgoals, (MAIN . 1), (MAIN . 2), and (MAIN . 3). The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 1), (MAIN . 2), and (MAIN . 3). Now proving (MAIN . 1). (REWRITE ARRAY-IDENTIFIERP-IMPLIES-DEFINEDP) Rewriting with ARRAY-IDENTIFIERP-IMPLIES-DEFINEDP. Creating 1 new subgoal, ((MAIN . 1) . 1). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoal of (MAIN . 1) remains to be proved: ((MAIN . 1) . 1). Now proving ((MAIN . 1) . 1). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 1) . 1), has been proved, and has no dependents. Now proving (MAIN . 2). (REWRITE SIMPLE-IDENTIFIERP-IMPLIES-DEFINEDP) Rewriting with SIMPLE-IDENTIFIERP-IMPLIES-DEFINEDP. Creating 1 new subgoal, ((MAIN . 2) . 1). The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoal of (MAIN . 2) remains to be proved: ((MAIN . 2) . 1). Now proving ((MAIN . 2) . 1). X (DIVE 3 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. TOP S The current goal, ((MAIN . 2) . 1), has been proved, and has no dependents. Now proving (MAIN . 3). : (REWRITE SIMPLE-TYPED-IDENTIFIERP-IMPLIES-DEFINEDP (($TYPE (ARRAY-ELEMTYPE (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) Rewriting with SIMPLE-TYPED-IDENTIFIERP-IMPLIES-DEFINEDP. Creating 1 new subgoal, ((MAIN . 3) . 1). The proof of the current goal, (MAIN . 3), has been completed. However, the following subgoal of (MAIN . 3) remains to be proved: ((MAIN . 3) . 1). Now proving ((MAIN . 3) . 1). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 3) . 1), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.2 0.0 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP (REWRITE) (IMPLIES (AND (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST)) (SMALL-INTEGERP (CADDDR (CALL-ACTUALS STMT)) 32)) ((INSTRUCTIONS PROMOTE (CLAIM (LESSP (CADDDR (CALL-ACTUALS STMT)) (MAXINT)) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) (USE-LEMMA ARRAYS-HAVE-NON-ZEROP-LENGTHS ((X (CAR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE)))) (DEMOTE 7) (DIVE 1 1) PUSH UP S UP PROMOTE (REWRITE LIMITS-FOR-SMALL-INTEGERP) (DIVE 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) TOP PROVE (DIVE 1 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) TOP PROVE SPLIT (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP)))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP contains the free variables MG-STATE, PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypotheses: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and (OK-MG-STATEP MG-STATE R-COND-LIST). *** Entering proof-checker *** PROMOTE : (CLAIM (LESSP (CADDDR (CALL-ACTUALS STMT)) (MAXINT)) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations AND, IMPLIES, MG-WORD-SIZE, and MAXINT, to the formula: (IMPLIES (AND (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST)) (LESSP (CADDDR (CALL-ACTUALS STMT)) (SUB1 (EXP 2 (SUB1 32))))). This simplifies, opening up OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS, MAXINT, OK-PREDEFINED-PROC-ARGS, EQUAL, OK-MG-STATEMENT, SUB1, and EXP, to: T. Q.E.D. : (USE-LEMMA ARRAYS-HAVE-NON-ZEROP-LENGTHS ((X (CAR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE)))) Using ARRAYS-HAVE-NON-ZEROP-LENGTHS with the substitution: ((X (CAR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE))). (DEMOTE 7) (DIVE 1 1) PUSH Creating 1 new subgoal, (MAIN . 1). UP S UP PROMOTE (REWRITE LIMITS-FOR-SMALL-INTEGERP) Rewriting with LIMITS-FOR-SMALL-INTEGERP. Creating 2 new subgoals, (MAIN . 2) and (MAIN . 3). The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 2), (MAIN . 3), and (MAIN . 1). Now proving (MAIN . 2). (DIVE 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. TOP PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations AND, IMPLIES, MG-WORD-SIZE, and MAXINT, to: T. This simplifies, trivially, to: T. Q.E.D. The current goal, (MAIN . 2), has been proved, and has no dependents. Now proving (MAIN . 3). (DIVE 1 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. TOP PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations NOT, AND, IMPLIES, MG-WORD-SIZE, and MAXINT, to the new goal: T, which simplifies, clearly, to: T. Q.E.D. The current goal, (MAIN . 3), has been proved, and has no dependents. Now proving (MAIN . 1). SPLIT Creating 2 new subgoals, ((MAIN . 1) . 1) and ((MAIN . 1) . 2). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1) and ((MAIN . 1) . 2). Now proving ((MAIN . 1) . 1). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 1) . 2), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.1 0.0 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP (PROVE-LEMMA NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4 (REWRITE) (IMPLIES (AND (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST)) (AND (NUMBERP (CADDDR (CALL-ACTUALS STMT))) (NOT (EQUAL (CADDDR (CALL-ACTUALS STMT)) 0)))) ((INSTRUCTIONS PROMOTE (CLAIM (EQUAL (CADDDR (CALL-ACTUALS STMT)) (ARRAY-LENGTH (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) NAME-ALIST)))) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) (= (CAR (CDR (CDR (CDR (CALL-ACTUALS STMT))))) (ARRAY-LENGTH (CAR (CDR (ASSOC (CAR (CALL-ACTUALS STMT)) NAME-ALIST)))) 0) (USE-LEMMA ARRAYS-HAVE-NON-ZEROP-LENGTHS ((X (CAR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE)))) (DEMOTE 7) (DIVE 1 1) (= T) NX (DIVE 1 1 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) TOP S))) WARNING: Note that NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4 contains the free variables MG-STATE, PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypotheses: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and (OK-MG-STATEP MG-STATE R-COND-LIST). WARNING: Note that NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4 contains the free variables MG-STATE, PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypotheses: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and (OK-MG-STATEP MG-STATE R-COND-LIST). WARNING: Note that the proposed lemma: NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4 is to be stored as zero type prescription rules, zero compound recognizer rules, zero linear rules, and two replacement rules. *** Entering proof-checker *** PROMOTE : (CLAIM (EQUAL (CADDDR (CALL-ACTUALS STMT)) (ARRAY-LENGTH (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) NAME-ALIST)))) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) ***** Now entering the theorem prover *****: This simplifies, unfolding the functions OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. : (= (CAR (CDR (CDR (CDR (CALL-ACTUALS STMT))))) (ARRAY-LENGTH (CAR (CDR (ASSOC (CAR (CALL-ACTUALS STMT)) NAME-ALIST)))) 0) : (USE-LEMMA ARRAYS-HAVE-NON-ZEROP-LENGTHS ((X (CAR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE)))) Using ARRAYS-HAVE-NON-ZEROP-LENGTHS with the substitution: ((X (CAR (CALL-ACTUALS STMT))) (ALIST (MG-ALIST MG-STATE))). (DEMOTE 7) (DIVE 1 1) (= T) ***** Now entering the theorem prover *****: This formula simplifies, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS and OK-MG-STATEP-MG-ALIST-MG-ALISTP, and expanding AND and EQUAL, to: T. Q.E.D. NX (DIVE 1 1 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. TOP S The current goal, MAIN, has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.1 0.0 0.0 ] NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4 (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-1-4 (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE)) (EQUAL (P-STEP (P-STEP (P-STEP (P-STEP (MAP-DOWN MG-STATE PROC-LIST CTRL-STK TEMP-STK (TAG 'PC (CONS SUBR (LENGTH (CODE CINFO)))) T-COND-LIST))))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 4))) CTRL-STK (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (PUSH (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1 1 1 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-CAR) S (= (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT 0) S (S LEMMAS) UP X UP X (DIVE 1) X (DIVE 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) UP S X (S LEMMAS) UP X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT 0) S (S LEMMAS) UP X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) UP UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2) UP S (S LEMMAS) UP X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT 0) S (S LEMMAS) UP X UP X (DIVE 1) (S LEMMAS) X (S LEMMAS) (DIVE 1 1 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) UP UP UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2) UP S X (S LEMMAS) UP X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT 0) S (S LEMMAS) UP X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1 1 1 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) UP UP UP UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2) UP S (S LEMMAS) UP S PROVE (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) PROVE (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) PROVE (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP)))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-1-4 contains the free variables CODE2, NAME-ALIST, R-COND-LIST, STMT, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST), and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). *** Entering proof-checker *** PROMOTE (DIVE 1 1 1 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-CAR) Rewriting with GET-LENGTH-CAR. S (= (CALL-NAME STMT) (QUOTE MG-ARRAY-ELEMENT-ASSIGNMENT) 0) S (S LEMMAS) UP X UP X (DIVE 1) X (DIVE 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (MAIN . 1). UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX. UP S X (S LEMMAS) UP X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-ARRAY-ELEMENT-ASSIGNMENT) 0) S (S LEMMAS) UP X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (MAIN . 2). UP UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2) **WARNING**: The following variables occur free in the lemma: RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2 but were not explicitly substituted for: CTRL-STK, TEMP-STK, PROC-LIST, and STMT. Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2. Creating 1 new subgoal, (MAIN . 3). UP S (S LEMMAS) UP X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-ARRAY-ELEMENT-ASSIGNMENT) 0) S (S LEMMAS) UP X UP X (DIVE 1) (S LEMMAS) X (S LEMMAS) (DIVE 1 1 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (MAIN . 4). UP UP UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2) **WARNING**: The following variables occur free in the lemma: RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2 but were not explicitly substituted for: CTRL-STK, TEMP-STK, PROC-LIST, and STMT. Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2. Creating 1 new subgoal, (MAIN . 5). UP S X (S LEMMAS) UP X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-ARRAY-ELEMENT-ASSIGNMENT) 0) S (S LEMMAS) UP X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1 1 1 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (MAIN . 6). UP UP UP UP (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2) **WARNING**: The following variables occur free in the lemma: RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2 but were not explicitly substituted for: CTRL-STK, TEMP-STK, PROC-LIST, and STMT. Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2. Creating 1 new subgoal, (MAIN . 7). UP S (S LEMMAS) UP S The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 7), (MAIN . 6), (MAIN . 5), (MAIN . 4), (MAIN . 3), (MAIN . 2), and (MAIN . 1). Now proving (MAIN . 7). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL)) (LESSP (ADD1 (ADD1 (ADD1 (LENGTH TEMP-STK)))) (PLUS (PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT (CALL-NAME STMT)) (LENGTH TEMP-STK)))), which simplifies, using linear arithmetic, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, IDIFFERENCE-LESSP2, and IDIFFERENCE-LESSP, and opening up the functions OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, and PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, to: T. Q.E.D. The current goal, (MAIN . 7), has been proved, and has no dependents. Now proving (MAIN . 6). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (MAIN . 6), has been proved, and has no dependents. Now proving (MAIN . 5). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the new formula: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL)) (LESSP (ADD1 (ADD1 (LENGTH TEMP-STK))) (PLUS (PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT (CALL-NAME STMT)) (LENGTH TEMP-STK)))), which simplifies, using linear arithmetic, applying MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, IDIFFERENCE-LESSP2, and IDIFFERENCE-LESSP, and unfolding the functions OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, and PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, to: T. Q.E.D. The current goal, (MAIN . 5), has been proved, and has no dependents. Now proving (MAIN . 4). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (MAIN . 4), has been proved, and has no dependents. Now proving (MAIN . 3). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL)) (LESSP (ADD1 (LENGTH TEMP-STK)) (PLUS (PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT (CALL-NAME STMT)) (LENGTH TEMP-STK)))), which simplifies, using linear arithmetic, applying the lemmas MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, IDIFFERENCE-LESSP2, and IDIFFERENCE-LESSP, and unfolding the definitions of OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, and PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, to: T. Q.E.D. The current goal, (MAIN . 3), has been proved, and has no dependents. Now proving (MAIN . 2). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (MAIN . 2), has been proved, and has no dependents. Now proving (MAIN . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (MAIN . 1), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.9 0.2 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-1-4 (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-5 (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE)) (EQUAL (P-STEP (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 4))) CTRL-STK (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (PUSH (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 0)) (PUSH (P-FRAME (CONS (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) '((TEMP-I NAT 0)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT 0) S (S LEMMAS) UP X UP X (DIVE 1) X (S LEMMAS) (DIVE 3 1) (= F) UP UP S (S-PROP P-CTRL-STK-SIZE) (S-PROP P-FRAME-SIZE) (S LEMMAS) (DIVE 1) (REWRITE RESOURCES-ADEQUATE-CTRL-STK-NOT-MAX) UP UP S X TOP PROVE PROVE))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-5 contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-5 could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-ARRAY-ELEMENT-ASSIGNMENT) 0) S (S LEMMAS) UP X UP X (DIVE 1) X (S LEMMAS) (DIVE 3 1) (= F) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (LESSP (MG-MAX-CTRL-STK-SIZE) (P-CTRL-STK-SIZE (PUSH (P-FRAME (APPEND (PAIRLIST '(A I VALUE ARRAY-SIZE) (REVERSE (LIST (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))))) '((TEMP-I NAT 0))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK))))) (EQUAL (LESSP (ADD1 (ADD1 (ADD1 (ADD1 (LENGTH (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)))))) 4) F)), which simplifies, applying MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, CAR-CONS, CDR-CONS, CAR-CDR-PUSH, TOP-PUSH, OK-MG-STATEP-MG-ALIST-MG-ALISTP, MAP-DOWN-VALUES-PRESERVES-LENGTH, LESSP-ADD1-ADD1-ADD1-3, and SUB1-ADD1, and opening up OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, REVERSE, PAIRLIST, APPEND, P-CTRL-STK-SIZE, SUB1, NUMBERP, and LESSP, to: T. Q.E.D. UP UP S (S-PROP P-CTRL-STK-SIZE) (S-PROP P-FRAME-SIZE) (S LEMMAS) (DIVE 1) (REWRITE RESOURCES-ADEQUATE-CTRL-STK-NOT-MAX) **WARNING**: The following variables occur free in the lemma: RESOURCES-ADEQUATE-CTRL-STK-NOT-MAX but were not explicitly substituted for: TEMP-STK, PROC-LIST, and STMT. Rewriting with RESOURCES-ADEQUATE-CTRL-STK-NOT-MAX. Creating 1 new subgoal, (MAIN . 1). UP UP S X TOP PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, ASSOCIATIVITY-OF-PLUS, ADP-OFFSET-CONS, ADP-NAME-CONS, UNTAG-TAG, TYPE-TAG, CAR-CONS, CDR-CONS, MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATION, ASSOC-MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATE-PROC-LIST, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL)) (EQUAL (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 0)) (PUSH (P-FRAME (APPEND (PAIRLIST '(A I VALUE ARRAY-SIZE) (REVERSE (FIRST-N (LENGTH '(A I VALUE ARRAY-SIZE)) (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (PUSH (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)))))))) (PAIR-TEMPS-WITH-INITIAL-VALUES '((TEMP-I (NAT 0))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 4 1)))) CTRL-STK) (POPN (LENGTH '(A I VALUE ARRAY-SIZE)) (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (PUSH (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)))))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 0)) (PUSH (P-FRAME (CONS (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) '((TEMP-I NAT 0)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))). This simplifies, appealing to the lemmas MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, FIRST-N-ADD1, CAR-CONS, CDR-CONS, POPN-ZERO, POPN-ADD1, and SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, and opening up the functions OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, LENGTH, REVERSE, PAIRLIST, PAIR-TEMPS-WITH-INITIAL-VALUES, APPEND, PLUS, and CONS, to: T. Q.E.D. The proof of the current goal, MAIN, has been completed. However, the following subgoal of MAIN remains to be proved: (MAIN . 1). Now proving (MAIN . 1). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, PREDEFINED-PROC-CALL-P-FRAME-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL)) (NOT (LESSP (ADD1 (ADD1 (PREDEFINED-PROC-CALL-BINDINGS-COUNT (CALL-NAME STMT)))) 7))). This simplifies, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, and ASSOCIATIVITY-OF-APPEND, and unfolding the definitions of OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, PREDEFINED-PROC-CALL-BINDINGS-COUNT, ADD1, and LESSP, to: T. Q.E.D. The current goal, (MAIN . 1), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.3 0.4 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-5 (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-6-8 (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE)) (EQUAL (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 0)) (PUSH (P-FRAME (CONS (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) '((TEMP-I NAT 0)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)))) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 3)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX SIMPLE-IDENTIFIERP))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-6-8 contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL)) (EQUAL (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 0)) (PUSH (P-FRAME (CONS (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) '((TEMP-I NAT 0)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)))) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 3)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))), which simplifies, using linear arithmetic, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-CTRL-STK-P-STATE, VALUE-EXPANSION2, VALUE-EXPANSION3, BINDINGS-FRAME, TOP-PUSH, P-DATA-SEGMENT-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-WORD-SIZE-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, OK-MG-STATEP-MG-ALIST-MG-ALISTP, MAP-DOWN-VALUES-PRESERVES-LENGTH, P-MAX-TEMP-STK-SIZE-P-STATE, IDIFFERENCE-LESSP2, RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2, IDIFFERENCE-LESSP, P-STEP-EXPANSION, MG-VAR-OK-TEMP-STK-INDEX, SIMPLE-IDENTIFIERP-OPTIONS, RGET-REWRITE1, APPEND-DOESNT-AFFECT-RGET-COROLLARY, POP-PUSH, MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP, ARRAY-IDENTIFIER-NAT-P-OBJECTP, LENGTH-PUSH, SIMPLE-IDENTIFIER-MAPPING-3, RET-PC-FRAME, CDR-CONS, CAR-CONS, and PUT-ASSOC-EXPANSION, and opening up the definitions of OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-PUSH-LOCAL-STEP, ADD1-ADDR, ADD1-P-PC, LOCAL-VAR-VALUE, P-PUSH-LOCAL-OKP, PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, PACK, P-STEP1, P-FETCH-TEMP-STK-STEP, OR, P-FETCH-TEMP-STK-OKP, MG-WORD-SIZE, P-SET-LOCAL-STEP, PUT-VALUE, PUT-ASSOC, SET-LOCAL-VAR-VALUE, and P-SET-LOCAL-OKP, to: T. Q.E.D. [ 0.0 0.3 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-6-8 (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-12-NEG-INDEX (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (P-STEP (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 3)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C '(NAT 1))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX SIMPLE-IDENTIFIERP))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-12-NEG-INDEX contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (P-STEP (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 3)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) '((C-C (NAT 1))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))). This simplifies, using linear arithmetic, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-MAX-TEMP-STK-SIZE-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-DATA-SEGMENT-P-STATE, POP-PUSH, P-CTRL-STK-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, TOP-PUSH, INT-LITERAL-INT-OBJECTP, P-WORD-SIZE-P-STATE, P-STEP-EXPANSION, MAP-DOWN-VALUES-PRESERVES-LENGTH, IDIFFERENCE-LESSP2, RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2, IDIFFERENCE-LESSP, and RET-PC-FRAME, and expanding the definitions of OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-TEST-INT-AND-JUMP-STEP, PC, P-TEST-AND-JUMP-STEP, P-TEST-INT-AND-JUMP-OKP, P-TEST-INTP, MG-WORD-SIZE, P-TEST-AND-JUMP-OKP, PACK, P-STEP1, P-PUSH-CONSTANT-STEP, ADD1-ADDR, ADD1-P-PC, UNABBREVIATE-CONSTANT, P-PUSH-CONSTANT-OKP, PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, P-POP-GLOBAL-STEP, DEPOSIT, P-POP-GLOBAL-OKP, P-RET-STEP, and P-RET-OKP, to: T. Q.E.D. [ 0.0 0.3 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-12-NEG-INDEX (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-11-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 3)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)))) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 6)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX SIMPLE-IDENTIFIERP))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-11-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 3)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)))) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 6)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))). This simplifies, using linear arithmetic, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-MAX-TEMP-STK-SIZE-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-DATA-SEGMENT-P-STATE, POP-PUSH, P-CTRL-STK-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, TOP-PUSH, INT-LITERAL-INT-OBJECTP, P-WORD-SIZE-P-STATE, P-STEP-EXPANSION, VALUE-EXPANSION2, VALUE-EXPANSION3, BINDINGS-FRAME, MAP-DOWN-VALUES-PRESERVES-LENGTH, IDIFFERENCE-LESSP2, RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2, IDIFFERENCE-LESSP, and LENGTH-PUSH, and unfolding the definitions of OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-TEST-INT-AND-JUMP-STEP, ADD1-P-PC, ADD1-ADDR, P-TEST-AND-JUMP-STEP, P-TEST-INT-AND-JUMP-OKP, P-TEST-INTP, MG-WORD-SIZE, P-TEST-AND-JUMP-OKP, PACK, P-STEP1, P-PUSH-LOCAL-STEP, LOCAL-VAR-VALUE, P-PUSH-LOCAL-OKP, and PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, to: T. Q.E.D. [ 0.0 0.2 0.1 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-11-NO-ERROR (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-12-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 6)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (TAG 'INT (CADDDR (CALL-ACTUALS STMT))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 7)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'INT (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1) (REWRITE INT-LITERAL-INT-OBJECTP) UP S (DIVE 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP) UP S PUSH UP (S LEMMAS) X (S LEMMAS) TOP S (REWRITE SMALL-INTEGERP-DIFFERENCE) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP) (DIVE 1) (REWRITE INT-LITERALP-MAPPING) UP (REWRITE INT-LITERALP-VALUE-SMALL) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4) (DIVE 1) (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4) TOP S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) S))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-12-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-12-NO-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (DIVE 1) (REWRITE INT-LITERAL-INT-OBJECTP) Rewriting with INT-LITERAL-INT-OBJECTP. Creating 2 new subgoals, (MAIN . 1) and (MAIN . 2). UP S (DIVE 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP. UP S PUSH Creating 1 new subgoal, (MAIN . 3). UP (S LEMMAS) X (S LEMMAS) TOP S The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 3), (MAIN . 1), and (MAIN . 2). Now proving (MAIN . 3). (REWRITE SMALL-INTEGERP-DIFFERENCE) Rewriting with SMALL-INTEGERP-DIFFERENCE. Creating 4 new subgoals, ((MAIN . 3) . 1), ((MAIN . 3) . 2), ((MAIN . 3) . 3), and ((MAIN . 3) . 4). The proof of the current goal, (MAIN . 3), has been completed. However, the following subgoals of (MAIN . 3) remain to be proved: ((MAIN . 3) . 1), ((MAIN . 3) . 2), ((MAIN . 3) . 3), and ((MAIN . 3) . 4). Now proving ((MAIN . 3) . 1). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP. The current goal, ((MAIN . 3) . 1), has been proved, and has no dependents. Now proving ((MAIN . 3) . 2). (DIVE 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (((MAIN . 3) . 2) . 1). UP (REWRITE INT-LITERALP-VALUE-SMALL) Rewriting with INT-LITERALP-VALUE-SMALL. Creating 1 new subgoal, (((MAIN . 3) . 2) . 2). The proof of the current goal, ((MAIN . 3) . 2), has been completed. However, the following subgoals of ((MAIN . 3) . 2) remain to be proved: (((MAIN . 3) . 2) . 2) and (((MAIN . 3) . 2) . 1). Now proving (((MAIN . 3) . 2) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 3) . 2) . 2) . 1) and: ((((MAIN . 3) . 2) . 2) . 2). The proof of the current goal, (((MAIN . 3) . 2) . 2), has been completed. However, the following subgoals of (((MAIN . 3) . 2) . 2) remain to be proved: ((((MAIN . 3) . 2) . 2) . 1) and ((((MAIN . 3) . 2) . 2) . 2). Now proving ((((MAIN . 3) . 2) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 3) . 2) . 2) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 3) . 2) . 2) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 3) . 2) . 2) . 2), has been proved, and has no dependents. Now proving (((MAIN . 3) . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 3) . 2) . 1) . 1) and: ((((MAIN . 3) . 2) . 1) . 2). The proof of the current goal, (((MAIN . 3) . 2) . 1), has been completed. However, the following subgoals of (((MAIN . 3) . 2) . 1) remain to be proved: ((((MAIN . 3) . 2) . 1) . 1) and ((((MAIN . 3) . 2) . 1) . 2). Now proving ((((MAIN . 3) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 3) . 2) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 3) . 2) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 3) . 2) . 1) . 2), has been proved, and has no dependents. Now proving ((MAIN . 3) . 3). (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4) Rewriting with NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4. The current goal, ((MAIN . 3) . 3), has been proved, and has no dependents. Now proving ((MAIN . 3) . 4). (DIVE 1) (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4) Rewriting with NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4. TOP S The current goal, ((MAIN . 3) . 4), has been proved, and has no dependents. Now proving (MAIN . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((MAIN . 1) . 1) and ((MAIN . 1) . 2). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1) and ((MAIN . 1) . 2). Now proving ((MAIN . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 2). S The current goal, (MAIN . 2), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.6 0.0 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-12-NO-ERROR (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-INDEX-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 7)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'INT (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 16)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) PUSH UP S (S LEMMAS) TOP PROVE (REWRITE SMALL-INTEGERP-DIFFERENCE) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP) (DIVE 1) (REWRITE INT-LITERALP-MAPPING) TOP (REWRITE INT-LITERALP-VALUE-SMALL) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4) (DIVE 1) (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4) TOP S))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-INDEX-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-INDEX-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) PUSH Creating 1 new subgoal, (MAIN . 1). UP S (S LEMMAS) TOP PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (COND ((EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 16)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)) ((NEGATIVEP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 16)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)) (T (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 8)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 16)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))), which simplifies, applying MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, and SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, and unfolding OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, ZEROP, TAG, and CONS, to: T. Q.E.D. The proof of the current goal, MAIN, has been completed. However, the following subgoal of MAIN remains to be proved: (MAIN . 1). Now proving (MAIN . 1). (REWRITE SMALL-INTEGERP-DIFFERENCE) Rewriting with SMALL-INTEGERP-DIFFERENCE. Creating 4 new subgoals, ((MAIN . 1) . 1), ((MAIN . 1) . 2), ((MAIN . 1) . 3), and ((MAIN . 1) . 4). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1), ((MAIN . 1) . 2), ((MAIN . 1) . 3), and ((MAIN . 1) . 4). Now proving ((MAIN . 1) . 1). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP. The current goal, ((MAIN . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (DIVE 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (((MAIN . 1) . 2) . 1). TOP (REWRITE INT-LITERALP-VALUE-SMALL) Rewriting with INT-LITERALP-VALUE-SMALL. Creating 1 new subgoal, (((MAIN . 1) . 2) . 2). The proof of the current goal, ((MAIN . 1) . 2), has been completed. However, the following subgoals of ((MAIN . 1) . 2) remain to be proved: (((MAIN . 1) . 2) . 2) and (((MAIN . 1) . 2) . 1). Now proving (((MAIN . 1) . 2) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 1) . 2) . 2) . 1) and: ((((MAIN . 1) . 2) . 2) . 2). The proof of the current goal, (((MAIN . 1) . 2) . 2), has been completed. However, the following subgoals of (((MAIN . 1) . 2) . 2) remain to be proved: ((((MAIN . 1) . 2) . 2) . 1) and ((((MAIN . 1) . 2) . 2) . 2). Now proving ((((MAIN . 1) . 2) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 2) . 2) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 2) . 2) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 1) . 2) . 2) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 1) . 2) . 1) . 1) and: ((((MAIN . 1) . 2) . 1) . 2). The proof of the current goal, (((MAIN . 1) . 2) . 1), has been completed. However, the following subgoals of (((MAIN . 1) . 2) . 1) remain to be proved: ((((MAIN . 1) . 2) . 1) . 1) and ((((MAIN . 1) . 2) . 1) . 2). Now proving ((((MAIN . 1) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 2) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 2) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 1) . 2) . 1) . 2), has been proved, and has no dependents. Now proving ((MAIN . 1) . 3). (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4) Rewriting with NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4. The current goal, ((MAIN . 1) . 3), has been proved, and has no dependents. Now proving ((MAIN . 1) . 4). (DIVE 1) (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4) Rewriting with NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4. TOP S The current goal, ((MAIN . 1) . 4), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.6 0.3 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-INDEX-ERROR (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-14-16-INDEX-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 16)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C '(NAT 1))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX SIMPLE-IDENTIFIERP))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-14-16-INDEX-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to the new goal: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 16)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) '((C-C (NAT 1))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))), which simplifies, using linear arithmetic, appealing to the lemmas MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-CTRL-STK-P-STATE, P-DATA-SEGMENT-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-WORD-SIZE-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, MAP-DOWN-VALUES-PRESERVES-LENGTH, P-MAX-TEMP-STK-SIZE-P-STATE, IDIFFERENCE-LESSP2, RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2, IDIFFERENCE-LESSP, P-STEP-EXPANSION, POP-PUSH, TOP-PUSH, and RET-PC-FRAME, and opening up the definitions of OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, ZEROP, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-PUSH-CONSTANT-STEP, ADD1-ADDR, ADD1-P-PC, UNABBREVIATE-CONSTANT, P-PUSH-CONSTANT-OKP, PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, PACK, P-STEP1, P-POP-GLOBAL-STEP, DEPOSIT, P-POP-GLOBAL-OKP, P-RET-STEP, and P-RET-OKP, to: T. Q.E.D. [ 0.0 0.2 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-14-16-INDEX-ERROR (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 7)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'INT (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 8)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) PUSH UP S (S LEMMAS) UP S (REWRITE SMALL-INTEGERP-DIFFERENCE) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP) (DIVE 1) (REWRITE INT-LITERALP-MAPPING) UP (REWRITE INT-LITERALP-VALUE-SMALL) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4) (DIVE 1) (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4) TOP S))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-NO-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) PUSH Creating 1 new subgoal, (MAIN . 1). UP S (S LEMMAS) UP S The proof of the current goal, MAIN, has been completed. However, the following subgoal of MAIN remains to be proved: (MAIN . 1). Now proving (MAIN . 1). (REWRITE SMALL-INTEGERP-DIFFERENCE) Rewriting with SMALL-INTEGERP-DIFFERENCE. Creating 4 new subgoals, ((MAIN . 1) . 1), ((MAIN . 1) . 2), ((MAIN . 1) . 3), and ((MAIN . 1) . 4). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1), ((MAIN . 1) . 2), ((MAIN . 1) . 3), and ((MAIN . 1) . 4). Now proving ((MAIN . 1) . 1). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP. The current goal, ((MAIN . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (DIVE 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (((MAIN . 1) . 2) . 1). UP (REWRITE INT-LITERALP-VALUE-SMALL) Rewriting with INT-LITERALP-VALUE-SMALL. Creating 1 new subgoal, (((MAIN . 1) . 2) . 2). The proof of the current goal, ((MAIN . 1) . 2), has been completed. However, the following subgoals of ((MAIN . 1) . 2) remain to be proved: (((MAIN . 1) . 2) . 2) and (((MAIN . 1) . 2) . 1). Now proving (((MAIN . 1) . 2) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 1) . 2) . 2) . 1) and: ((((MAIN . 1) . 2) . 2) . 2). The proof of the current goal, (((MAIN . 1) . 2) . 2), has been completed. However, the following subgoals of (((MAIN . 1) . 2) . 2) remain to be proved: ((((MAIN . 1) . 2) . 2) . 1) and ((((MAIN . 1) . 2) . 2) . 2). Now proving ((((MAIN . 1) . 2) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 2) . 2) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 2) . 2) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 1) . 2) . 2) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 1) . 2) . 1) . 1) and: ((((MAIN . 1) . 2) . 1) . 2). The proof of the current goal, (((MAIN . 1) . 2) . 1), has been completed. However, the following subgoals of (((MAIN . 1) . 2) . 1) remain to be proved: ((((MAIN . 1) . 2) . 1) . 1) and ((((MAIN . 1) . 2) . 1) . 2). Now proving ((((MAIN . 1) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 2) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 2) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 1) . 2) . 1) . 2), has been proved, and has no dependents. Now proving ((MAIN . 1) . 3). (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4) Rewriting with NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4. The current goal, ((MAIN . 1) . 3), has been proved, and has no dependents. Now proving ((MAIN . 1) . 4). (DIVE 1) (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4) Rewriting with NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4. TOP S The current goal, ((MAIN . 1) . 4), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.4 0.0 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-NO-ERROR (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-14-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 8)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 9)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (VALUE 'VALUE (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-14-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-14-NO-ERROR could! This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 8)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 9)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (VALUE 'VALUE (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))). This simplifies, using linear arithmetic, appealing to the lemmas MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-CTRL-STK-P-STATE, VALUE-EXPANSION2, VALUE-EXPANSION3, BINDINGS-FRAME, TOP-PUSH, P-DATA-SEGMENT-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-WORD-SIZE-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, MAP-DOWN-VALUES-PRESERVES-LENGTH, P-MAX-TEMP-STK-SIZE-P-STATE, IDIFFERENCE-LESSP2, RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2, IDIFFERENCE-LESSP, and P-STEP-EXPANSION, and unfolding the functions OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-PUSH-LOCAL-STEP, ADD1-ADDR, ADD1-P-PC, LOCAL-VAR-VALUE, P-PUSH-LOCAL-OKP, PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, PACK, and P-STEP1, to: T. Q.E.D. [ 0.0 0.2 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-14-NO-ERROR (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-15-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 9)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (VALUE 'VALUE (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 10)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (S-PROP VALUE) PUSH UP S (S LEMMAS) (DIVE 3 1 2 1) (REWRITE VALUE-EXPANSION2) (REWRITE VALUE-EXPANSION2) (REWRITE VALUE-EXPANSION3) UP UP (DIVE 1 1) (REWRITE VALUE-EXPANSION2) (REWRITE VALUE-EXPANSION2) (REWRITE VALUE-EXPANSION3) UP UP (REWRITE APPEND-DOESNT-AFFECT-RGET-COROLLARY) (REWRITE RGET-REWRITE1) UP UP UP S (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG3-SIMPLE) (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP (REWRITE MG-VAR-OK-TEMP-STK-INDEX (($LST (MG-ALIST MG-STATE)))) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) SPLIT BASH PROMOTE (REWRITE SUB1-PRESERVES-LESSP) (REWRITE MG-VAR-OK-VALUE-LESSP-LENGTH-TEMP-STK (($LST (MG-ALIST MG-STATE)))) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP) (DIVE 2 1) X X X UP TOP (S LEMMAS) (DIVE 2) (= * (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) ((ENABLE VALUE))) UP (REWRITE SIMPLE-IDENTIFIER-NAT-P-OBJECTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG3-SIMPLE) (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) S))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-15-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-15-NO-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (S-PROP VALUE) PUSH Creating 1 new subgoal, (MAIN . 1). UP S (S LEMMAS) (DIVE 3 1 2 1) (REWRITE VALUE-EXPANSION2) Rewriting with VALUE-EXPANSION2. (REWRITE VALUE-EXPANSION2) Rewriting with VALUE-EXPANSION2. (REWRITE VALUE-EXPANSION3) Rewriting with VALUE-EXPANSION3. UP UP (DIVE 1 1) (REWRITE VALUE-EXPANSION2) Rewriting with VALUE-EXPANSION2. (REWRITE VALUE-EXPANSION2) Rewriting with VALUE-EXPANSION2. (REWRITE VALUE-EXPANSION3) Rewriting with VALUE-EXPANSION3. UP UP (REWRITE APPEND-DOESNT-AFFECT-RGET-COROLLARY) Rewriting with APPEND-DOESNT-AFFECT-RGET-COROLLARY. Creating 1 new subgoal, (MAIN . 2). (REWRITE RGET-REWRITE1) Rewriting with RGET-REWRITE1. Creating 2 new subgoals, (MAIN . 3) and (MAIN . 4). UP UP UP S The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 3), (MAIN . 4), (MAIN . 2), and (MAIN . 1). Now proving (MAIN . 3). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (MAIN . 3), has been proved, and has no dependents. Now proving (MAIN . 4). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG3-SIMPLE) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARG3-SIMPLE. The current goal, (MAIN . 4), has been proved, and has no dependents. Now proving (MAIN . 2). (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, ((MAIN . 2) . 1). TOP (REWRITE MG-VAR-OK-TEMP-STK-INDEX (($LST (MG-ALIST MG-STATE)))) Rewriting with MG-VAR-OK-TEMP-STK-INDEX. Creating 1 new subgoal, ((MAIN . 2) . 2). The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoals of (MAIN . 2) remain to be proved: ((MAIN . 2) . 2) and ((MAIN . 2) . 1). Now proving ((MAIN . 2) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP. The current goal, ((MAIN . 2) . 2), has been proved, and has no dependents. Now proving ((MAIN . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 2) . 1), has been proved, and has no dependents. Now proving (MAIN . 1). SPLIT Creating 2 new subgoals, ((MAIN . 1) . 1) and ((MAIN . 1) . 2). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1) and ((MAIN . 1) . 2). Now proving ((MAIN . 1) . 1). BASH ***** Now entering the theorem prover's rewriter - simplifier ***** The goal has been simplified using OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE ADD-CODE, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, CDR, CAR, LISTP, MEMBER, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, CDR-CONS, CAR-CONS, ASSOC, ASSOC-VALUE1, TAG, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, CONS, MAP-DOWN-VALUES-PRESERVES-LENGTH SUB1-ADD1, LESSP, PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL. Creating 1 new subgoal, (((MAIN . 1) . 1) . 1). The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoal of ((MAIN . 1) . 1) remains to be proved: (((MAIN . 1) . 1) . 1). Now proving (((MAIN . 1) . 1) . 1). PROMOTE (REWRITE SUB1-PRESERVES-LESSP) Rewriting with SUB1-PRESERVES-LESSP. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 1) . 1). The proof of the current goal, (((MAIN . 1) . 1) . 1), has been completed. However, the following subgoal of (((MAIN . 1) . 1) . 1) remains to be proved: ((((MAIN . 1) . 1) . 1) . 1). Now proving ((((MAIN . 1) . 1) . 1) . 1). (REWRITE MG-VAR-OK-VALUE-LESSP-LENGTH-TEMP-STK (($LST (MG-ALIST MG-STATE)))) Rewriting with MG-VAR-OK-VALUE-LESSP-LENGTH-TEMP-STK. Creating 1 new subgoal, (((((MAIN . 1) . 1) . 1) . 1) . 1). The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 1), has been completed. However, the following subgoal of ((((MAIN . 1) . 1) . 1) . 1) remains to be proved: (((((MAIN . 1) . 1) . 1) . 1) . 1). Now proving (((((MAIN . 1) . 1) . 1) . 1) . 1). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP. The current goal, (((((MAIN . 1) . 1) . 1) . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (DIVE 2 1) X X X UP TOP (S LEMMAS) (DIVE 2) : (= * (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) ((ENABLE VALUE))) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, VALUE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (CDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))))), which simplifies, obviously, to: T. Q.E.D. UP (REWRITE SIMPLE-IDENTIFIER-NAT-P-OBJECTP) **WARNING**: The following variables occur free in the lemma: SIMPLE-IDENTIFIER-NAT-P-OBJECTP but were not explicitly substituted for: TEMP-STK and MG-STATE. Rewriting with SIMPLE-IDENTIFIER-NAT-P-OBJECTP. Creating 3 new subgoals, (((MAIN . 1) . 2) . 1), (((MAIN . 1) . 2) . 2), and (((MAIN . 1) . 2) . 3). The proof of the current goal, ((MAIN . 1) . 2), has been completed. However, the following subgoals of ((MAIN . 1) . 2) remain to be proved: (((MAIN . 1) . 2) . 1), (((MAIN . 1) . 2) . 2), and (((MAIN . 1) . 2) . 3). Now proving (((MAIN . 1) . 2) . 1). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG3-SIMPLE) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARG3-SIMPLE. The current goal, (((MAIN . 1) . 2) . 1), has been proved, and has no dependents. Now proving (((MAIN . 1) . 2) . 2). (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX. The current goal, (((MAIN . 1) . 2) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 2) . 3). S The current goal, (((MAIN . 1) . 2) . 3), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.7 0.6 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-15-NO-ERROR (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-16-17-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 10)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 12)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-16-17-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to the new goal: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 10)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 12)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))), which simplifies, using linear arithmetic, rewriting with the lemmas MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-CTRL-STK-P-STATE, VALUE-EXPANSION3, BINDINGS-FRAME, TOP-PUSH, P-DATA-SEGMENT-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-WORD-SIZE-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, MAP-DOWN-VALUES-PRESERVES-LENGTH, LENGTH-PUSH, P-MAX-TEMP-STK-SIZE-P-STATE, IDIFFERENCE-LESSP2, RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX2, IDIFFERENCE-LESSP, P-STEP-EXPANSION, and VALUE-EXPANSION2, and opening up OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-PUSH-LOCAL-STEP, ADD1-ADDR, ADD1-P-PC, LOCAL-VAR-VALUE, P-PUSH-LOCAL-OKP, PREDEFINED-PROC-CALL-TEMP-STK-REQUIREMENT, PACK, and P-STEP1, to: T. Q.E.D. [ 0.0 0.2 0.1 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-16-17-NO-ERROR (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-18-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 12)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 13)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'NAT (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-18-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-18-NO-ERROR could! This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 12)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 13)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'NAT (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))). This simplifies, rewriting with the lemmas MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-CTRL-STK-P-STATE, POP-PUSH, P-DATA-SEGMENT-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-MAX-TEMP-STK-SIZE-P-STATE, P-INS-OKP-EXPANSION, P-TEMP-STK-P-STATE, TOP-PUSH, P-WORD-SIZE-P-STATE, INT-LITERAL-INT-OBJECTP, and P-STEP-EXPANSION, and unfolding the definitions of OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-INT-TO-NAT-STEP, ADD1-ADDR, ADD1-P-PC, P-INT-TO-NAT-OKP, MG-WORD-SIZE, PACK, and P-STEP1, to: T. Q.E.D. [ 0.0 0.2 0.1 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-18-NO-ERROR (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-19-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 13)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'NAT (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (PUSH (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK))) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 14)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'NAT (PLUS (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) PUSH UP S (S LEMMAS) UP S SPLIT (REWRITE ARRAY-INDEX-SMALL-NATURALP (($TEMP-STK-SIZE (LENGTH TEMP-STK)) ($ARRAY-SIZE (CADDDR (CALL-ACTUALS STMT))))) (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) (DIVE 1 2 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK3) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE IDIFFERENCE-LESSP) (REWRITE ARRAY-IDENTIFIER-NAT-P-OBJECTP (($MG-ALIST (MG-ALIST MG-STATE)))) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP) (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) S (REWRITE NON-NEGATIVE-INTEGERP-SMALL-NATURALP (($Y (CADDDR (CALL-ACTUALS STMT))))) (DIVE 1) (REWRITE INT-LITERALP-MAPPING) TOP (REWRITE UNTAG-INT-LITERAL-INTEGERP) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP) (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4)))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-19-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-19-NO-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) PUSH Creating 1 new subgoal, (MAIN . 1). UP S (S LEMMAS) UP S The proof of the current goal, MAIN, has been completed. However, the following subgoal of MAIN remains to be proved: (MAIN . 1). Now proving (MAIN . 1). SPLIT Creating 3 new subgoals, ((MAIN . 1) . 1), ((MAIN . 1) . 2), and ((MAIN . 1) . 3). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1), ((MAIN . 1) . 2), and ((MAIN . 1) . 3). Now proving ((MAIN . 1) . 1). : (REWRITE ARRAY-INDEX-SMALL-NATURALP (($TEMP-STK-SIZE (LENGTH TEMP-STK)) ($ARRAY-SIZE (CADDDR (CALL-ACTUALS STMT))))) Rewriting with ARRAY-INDEX-SMALL-NATURALP. Creating 3 new subgoals, (((MAIN . 1) . 1) . 1), (((MAIN . 1) . 1) . 2), and (((MAIN . 1) . 1) . 3). The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoals of ((MAIN . 1) . 1) remain to be proved: (((MAIN . 1) . 1) . 1), (((MAIN . 1) . 1) . 2), and (((MAIN . 1) . 1) . 3). Now proving (((MAIN . 1) . 1) . 1). (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX. The current goal, (((MAIN . 1) . 1) . 1), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 2). (DIVE 1 2 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK3) Rewriting with MG-VAR-OK-ARRAY-INDEX-OK3. Creating 2 new subgoals, ((((MAIN . 1) . 1) . 2) . 1) and: ((((MAIN . 1) . 1) . 2) . 2). The proof of the current goal, (((MAIN . 1) . 1) . 2), has been completed. However, the following subgoals of (((MAIN . 1) . 1) . 2) remain to be proved: ((((MAIN . 1) . 1) . 2) . 1) and ((((MAIN . 1) . 1) . 2) . 2). Now proving ((((MAIN . 1) . 1) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 1) . 2) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 1) . 2) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 1) . 1) . 2) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 3). (REWRITE IDIFFERENCE-LESSP) Rewriting with IDIFFERENCE-LESSP. The current goal, (((MAIN . 1) . 1) . 3), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (REWRITE ARRAY-IDENTIFIER-NAT-P-OBJECTP (($MG-ALIST (MG-ALIST MG-STATE)))) **WARNING**: The following variables occur free in the lemma: ARRAY-IDENTIFIER-NAT-P-OBJECTP but were not explicitly substituted for: TEMP-STK. Rewriting with ARRAY-IDENTIFIER-NAT-P-OBJECTP. Creating 3 new subgoals, (((MAIN . 1) . 2) . 1), (((MAIN . 1) . 2) . 2), and (((MAIN . 1) . 2) . 3). The proof of the current goal, ((MAIN . 1) . 2), has been completed. However, the following subgoals of ((MAIN . 1) . 2) remain to be proved: (((MAIN . 1) . 2) . 1), (((MAIN . 1) . 2) . 2), and (((MAIN . 1) . 2) . 3). Now proving (((MAIN . 1) . 2) . 1). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-DEFINEDP. The current goal, (((MAIN . 1) . 2) . 1), has been proved, and has no dependents. Now proving (((MAIN . 1) . 2) . 2). (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX. The current goal, (((MAIN . 1) . 2) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 2) . 3). S The current goal, (((MAIN . 1) . 2) . 3), has been proved, and has no dependents. Now proving ((MAIN . 1) . 3). : (REWRITE NON-NEGATIVE-INTEGERP-SMALL-NATURALP (($Y (CADDDR (CALL-ACTUALS STMT))))) Rewriting with NON-NEGATIVE-INTEGERP-SMALL-NATURALP. Creating 3 new subgoals, (((MAIN . 1) . 3) . 1), (((MAIN . 1) . 3) . 2), and (((MAIN . 1) . 3) . 3). The proof of the current goal, ((MAIN . 1) . 3), has been completed. However, the following subgoals of ((MAIN . 1) . 3) remain to be proved: (((MAIN . 1) . 3) . 1), (((MAIN . 1) . 3) . 2), and (((MAIN . 1) . 3) . 3). Now proving (((MAIN . 1) . 3) . 1). (DIVE 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 3) . 1) . 1). TOP (REWRITE UNTAG-INT-LITERAL-INTEGERP) Rewriting with UNTAG-INT-LITERAL-INTEGERP. Creating 1 new subgoal, ((((MAIN . 1) . 3) . 1) . 2). The proof of the current goal, (((MAIN . 1) . 3) . 1), has been completed. However, the following subgoals of (((MAIN . 1) . 3) . 1) remain to be proved: ((((MAIN . 1) . 3) . 1) . 2) and ((((MAIN . 1) . 3) . 1) . 1). Now proving ((((MAIN . 1) . 3) . 1) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 3) . 1) . 2) . 1) and: (((((MAIN . 1) . 3) . 1) . 2) . 2). The proof of the current goal, ((((MAIN . 1) . 3) . 1) . 2), has been completed. However, the following subgoals of ((((MAIN . 1) . 3) . 1) . 2) remain to be proved: (((((MAIN . 1) . 3) . 1) . 2) . 1) and: (((((MAIN . 1) . 3) . 1) . 2) . 2). Now proving (((((MAIN . 1) . 3) . 1) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 3) . 1) . 2) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 3) . 1) . 2) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 3) . 1) . 2) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 3) . 1) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 3) . 1) . 1) . 1) and: (((((MAIN . 1) . 3) . 1) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 3) . 1) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 3) . 1) . 1) remain to be proved: (((((MAIN . 1) . 3) . 1) . 1) . 1) and: (((((MAIN . 1) . 3) . 1) . 1) . 2). Now proving (((((MAIN . 1) . 3) . 1) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 3) . 1) . 1) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 3) . 1) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 3) . 1) . 1) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 3) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4-SMALL-INTEGERP. The current goal, (((MAIN . 1) . 3) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 3) . 3). (REWRITE NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4) Rewriting with NOT-ZEROP-MG-ARRAY-ELEMENT-ASSIGNMENT-ARG4. The current goal, (((MAIN . 1) . 3) . 3), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.7 0.0 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-19-NO-ERROR (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH (REWRITE) (IMPLIES (AND (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (NOT (NEGATIVEP (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (LESSP (PLUS (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (LENGTH TEMP-STK)) T)) ((INSTRUCTIONS PROMOTE S (REWRITE LESSP-PLUS-TRANSITIVE (($W (CADDDR (CALL-ACTUALS STMT))))) (DIVE 1 2 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK3) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE IDIFFERENCE-LESSP) (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) TOP S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS)))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH contains the free variables PROC-LIST, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypothesis: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST). *** Entering proof-checker *** PROMOTE S (REWRITE LESSP-PLUS-TRANSITIVE (($W (CADDDR (CALL-ACTUALS STMT))))) Rewriting with LESSP-PLUS-TRANSITIVE. Creating 2 new subgoals, (MAIN . 1) and (MAIN . 2). The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 1) and (MAIN . 2). Now proving (MAIN . 1). (DIVE 1 2 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK3) Rewriting with MG-VAR-OK-ARRAY-INDEX-OK3. Creating 2 new subgoals, ((MAIN . 1) . 1) and ((MAIN . 1) . 2). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1) and ((MAIN . 1) . 2). Now proving ((MAIN . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 2). (REWRITE IDIFFERENCE-LESSP) Rewriting with IDIFFERENCE-LESSP. Creating 1 new subgoal, ((MAIN . 2) . 1). The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoal of (MAIN . 2) remains to be proved: ((MAIN . 2) . 1). Now proving ((MAIN . 2) . 1). (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (((MAIN . 2) . 1) . 1). TOP S The proof of the current goal, ((MAIN . 2) . 1), has been completed. However, the following subgoal of ((MAIN . 2) . 1) remains to be proved: (((MAIN . 2) . 1) . 1). Now proving (((MAIN . 2) . 1) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 2) . 1) . 1) . 1) and: ((((MAIN . 2) . 1) . 1) . 2). The proof of the current goal, (((MAIN . 2) . 1) . 1), has been completed. However, the following subgoals of (((MAIN . 2) . 1) . 1) remain to be proved: ((((MAIN . 2) . 1) . 1) . 1) and ((((MAIN . 2) . 1) . 1) . 2). Now proving ((((MAIN . 2) . 1) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 2) . 1) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 2) . 1) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 2) . 1) . 1) . 2), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.3 0.0 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-20-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 14)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (PUSH (TAG 'NAT (PLUS (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (PUSH (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 15)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (RPUT (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PLUS (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) PUSH UP S (S LEMMAS) UP S SPLIT (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH) (DEMOTE 16) (DIVE 1 1 1) (REWRITE INT-LITERALP-MAPPING) TOP S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE ARRAY-INDEX-SMALL-NATURALP (($TEMP-STK-SIZE (LENGTH TEMP-STK)) ($ARRAY-SIZE (CADDDR (CALL-ACTUALS STMT))))) (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) (DIVE 1 2 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK3) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE IDIFFERENCE-LESSP)))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-20-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-20-NO-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1) X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) PUSH Creating 1 new subgoal, (MAIN . 1). UP S (S LEMMAS) UP S The proof of the current goal, MAIN, has been completed. However, the following subgoal of MAIN remains to be proved: (MAIN . 1). Now proving (MAIN . 1). SPLIT Creating 2 new subgoals, ((MAIN . 1) . 1) and ((MAIN . 1) . 2). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1) and ((MAIN . 1) . 2). Now proving ((MAIN . 1) . 1). (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (((MAIN . 1) . 1) . 1). TOP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH) **WARNING**: The following variables occur free in the lemma: MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH but were not explicitly substituted for: PROC-LIST, NAME-ALIST, and R-COND-LIST. Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH. Creating 1 new subgoal, (((MAIN . 1) . 1) . 2). The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoals of ((MAIN . 1) . 1) remain to be proved: (((MAIN . 1) . 1) . 2) and (((MAIN . 1) . 1) . 1). Now proving (((MAIN . 1) . 1) . 2). (DEMOTE 16) (DIVE 1 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 2) . 1). TOP S The proof of the current goal, (((MAIN . 1) . 1) . 2), has been completed. However, the following subgoal of (((MAIN . 1) . 1) . 2) remains to be proved: ((((MAIN . 1) . 1) . 2) . 1). Now proving ((((MAIN . 1) . 1) . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 2) . 1) . 1) and: (((((MAIN . 1) . 1) . 2) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 2) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 2) . 1) remain to be proved: (((((MAIN . 1) . 1) . 2) . 1) . 1) and: (((((MAIN . 1) . 1) . 2) . 1) . 2). Now proving (((((MAIN . 1) . 1) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 2) . 1) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 2) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 2) . 1) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((MAIN . 1) . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). : (REWRITE ARRAY-INDEX-SMALL-NATURALP (($TEMP-STK-SIZE (LENGTH TEMP-STK)) ($ARRAY-SIZE (CADDDR (CALL-ACTUALS STMT))))) Rewriting with ARRAY-INDEX-SMALL-NATURALP. Creating 3 new subgoals, (((MAIN . 1) . 2) . 1), (((MAIN . 1) . 2) . 2), and (((MAIN . 1) . 2) . 3). The proof of the current goal, ((MAIN . 1) . 2), has been completed. However, the following subgoals of ((MAIN . 1) . 2) remain to be proved: (((MAIN . 1) . 2) . 1), (((MAIN . 1) . 2) . 2), and (((MAIN . 1) . 2) . 3). Now proving (((MAIN . 1) . 2) . 1). (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX. The current goal, (((MAIN . 1) . 2) . 1), has been proved, and has no dependents. Now proving (((MAIN . 1) . 2) . 2). (DIVE 1 2 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK3) Rewriting with MG-VAR-OK-ARRAY-INDEX-OK3. Creating 2 new subgoals, ((((MAIN . 1) . 2) . 2) . 1) and: ((((MAIN . 1) . 2) . 2) . 2). The proof of the current goal, (((MAIN . 1) . 2) . 2), has been completed. However, the following subgoals of (((MAIN . 1) . 2) . 2) remain to be proved: ((((MAIN . 1) . 2) . 2) . 1) and ((((MAIN . 1) . 2) . 2) . 2). Now proving ((((MAIN . 1) . 2) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 2) . 2) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 2) . 2) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 1) . 2) . 2) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 2) . 3). (REWRITE IDIFFERENCE-LESSP) Rewriting with IDIFFERENCE-LESSP. The current goal, (((MAIN . 1) . 2) . 3), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.6 0.0 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-20-NO-ERROR (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-21-22-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 15)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (RPUT (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PLUS (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK (RPUT (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PLUS (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((ENABLE UNLABEL P-STEP P-INS-OKP P-INS-STEP MAP-DOWN-VALUES-PRESERVES-LENGTH RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX P-STEP1 RGET-REWRITE1 APPEND-DOESNT-AFFECT-RGET-COROLLARY MG-VAR-OK-TEMP-STK-INDEX))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-21-22-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (P-STEP (P-STEP (P-STATE (TAG 'PC '(MG-ARRAY-ELEMENT-ASSIGNMENT . 15)) (PUSH (P-FRAME (LIST (CONS 'A (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'I (VALUE (CADR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'VALUE (VALUE (CADDR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (CONS 'ARRAY-SIZE (TAG 'INT (CADDDR (CALL-ACTUALS STMT)))) (CONS 'TEMP-I (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5)))) CTRL-STK) (RPUT (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PLUS (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK (RPUT (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PLUS (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))). This simplifies, applying MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, P-PROG-SEGMENT-P-STATE, ASSOC-MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATE-PROC-LIST, P-PC-P-STATE, P-INS-STEP-EXPANSION, P-CTRL-STK-P-STATE, P-TEMP-STK-P-STATE, P-DATA-SEGMENT-P-STATE, P-MAX-CTRL-STK-SIZE-P-STATE, P-MAX-TEMP-STK-SIZE-P-STATE, P-WORD-SIZE-P-STATE, P-INS-OKP-EXPANSION, P-STEP-EXPANSION, POP-PUSH, TOP-PUSH, and RET-PC-FRAME, and expanding the definitions of OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, TAG, CONS, UNLABEL, GET, PROGRAM-BODY, P-CURRENT-PROGRAM, AREA-NAME, MG-ARRAY-ELEMENT-ASSIGNMENT-TRANSLATION, DEFINITION, OFFSET, P-CURRENT-INSTRUCTION, P-JUMP-STEP, PC, P-JUMP-OKP, PACK, P-STEP1, P-RET-STEP, and P-RET-OKP, to: T. Q.E.D. [ 0.0 0.2 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-21-22-NO-ERROR (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (NORMAL MG-STATE)) (EQUAL (P-STEP (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 5))) CTRL-STK TEMP-STK (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C CC-VALUE)) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 6))) CTRL-STK (PUSH CC-VALUE TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C CC-VALUE)) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT 0) S (S LEMMAS) UP X UP X (DIVE 1) X (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) UP S X (S LEMMAS) UP S))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC contains the free variables CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST), (OK-MG-STATEP MG-STATE R-COND-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-ARRAY-ELEMENT-ASSIGNMENT) 0) S (S LEMMAS) UP X UP X (DIVE 1) X (REWRITE RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX) Rewriting with RESOURCES-ADEQUATE-TEMP-STK-NOT-MAX. UP S X (S LEMMAS) UP S The current goal, MAIN, has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.2 0.0 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (NORMAL MG-STATE) (MEMBER CC-VALUE (LIST '(NAT 1) '(NAT 2)))) (EQUAL (P-STEP (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 6))) CTRL-STK (PUSH CC-VALUE TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C CC-VALUE)) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 7))) CTRL-STK (PUSH (TAG 'NAT (SUB1 (UNTAG CC-VALUE))) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C CC-VALUE)) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT 0) S (S LEMMAS) UP X UP X (DIVE 1) X (S LEMMAS) PUSH UP S X (S LEMMAS) UP S (PROVE (ENABLE TYPE SMALL-NATURALP UNTAG TAG P-OBJECTP-TYPE))))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC contains the free variables CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST), (OK-MG-STATEP MG-STATE R-COND-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-ARRAY-ELEMENT-ASSIGNMENT) 0) S (S LEMMAS) UP X UP X (DIVE 1) X (S LEMMAS) PUSH Creating 1 new subgoal, (MAIN . 1). UP S X (S LEMMAS) UP S The proof of the current goal, MAIN, has been completed. However, the following subgoal of MAIN remains to be proved: (MAIN . 1). Now proving (MAIN . 1). (PROVE (ENABLE TYPE SMALL-NATURALP UNTAG TAG P-OBJECTP-TYPE)) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, UNTAG, TAG, and NORMAL, to the conjecture: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (EQUAL (CC MG-STATE) 'NORMAL) (MEMBER CC-VALUE '((NAT 1) (NAT 2)))) (IF (P-OBJECTP-TYPE 'NAT CC-VALUE (P-STATE (LIST 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 6))) CTRL-STK (PUSH CC-VALUE TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C CC-VALUE)) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN)) (IF (EQUAL (CADR CC-VALUE) 0) F (NUMBERP (CADR CC-VALUE))) F)). This simplifies, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, and P-WORD-SIZE-P-STATE, and expanding the functions OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, TAG, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, CONS, P-OBJECTP, UNTAG, SMALL-NATURALP, TYPE, P-OBJECTP-TYPE, and NUMBERP, to: T. Q.E.D. The current goal, (MAIN . 1), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.2 0.1 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-LAST-STEP-ERROR-CASE (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (OR (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 7))) CTRL-STK (PUSH (TAG 'NAT (SUB1 (UNTAG '(NAT 1)))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK)) (TRANSLATE-PROC-LIST PROC-LIST) '((C-C (NAT 1))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC (CONS SUBR (IF (NORMAL (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LENGTH (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (FIND-LABEL (FETCH-LABEL (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LABEL-ALIST (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2))))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT 0) S (S LEMMAS) UP X UP X (DIVE 1) X (S LEMMAS) X UP S (S LEMMAS) X (S LEMMAS) UP S (= (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK))) (MG-STATE 'ROUTINEERROR (MG-ALIST MG-STATE) (MG-PSW MG-STATE)) 0) S (S LEMMAS) (DIVE 1 2 1) (REWRITE DEFINEDP-CAR-ASSOC) TOP (DIVE 1 2 2 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) TOP (S LEMMAS) (REWRITE CAR-DEFINEDP-DEFINED-PROCP) (DIVE 1) (REWRITE PREDEFINED-PROC-CALL-MEANING-R-2) S X (= (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT 0) S (CLAIM (NOT (NUMBERP (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0) TOP S-PROP S (CLAIM (NOT (LESSP (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (ARRAY-LENGTH (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0) UP S-PROP TOP (CONTRADICT 16) S (DROP 16) (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) UP S UP S (DIVE 1 1 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) NX (REWRITE INT-LITERALP-MAPPING) UP UP (REWRITE IDIFFERENCE-LESSP2) TOP S (DIVE 1 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) NX (REWRITE INT-LITERALP-MAPPING) TOP (REWRITE IDIFFERENCE-LESSP2) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS)))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-LAST-STEP-ERROR-CASE contains the free variables CODE2, T-COND-LIST, NAME-ALIST, R-COND-LIST, STMT, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST), and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-ARRAY-ELEMENT-ASSIGNMENT-LAST-STEP-ERROR-CASE could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-ARRAY-ELEMENT-ASSIGNMENT) 0) S (S LEMMAS) UP X UP X (DIVE 1) X (S LEMMAS) X UP S (S LEMMAS) X (S LEMMAS) UP S : (= (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK))) (MG-STATE 'ROUTINEERROR (MG-ALIST MG-STATE) (MG-PSW MG-STATE)) 0) Creating 1 new subgoal, (MAIN . 1). S (S LEMMAS) (DIVE 1 2 1) (REWRITE DEFINEDP-CAR-ASSOC) Rewriting with DEFINEDP-CAR-ASSOC. Creating 1 new subgoal, (MAIN . 2). TOP (DIVE 1 2 2 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. TOP (S LEMMAS) The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 2) and (MAIN . 1). Now proving (MAIN . 2). (REWRITE CAR-DEFINEDP-DEFINED-PROCP) Rewriting with CAR-DEFINEDP-DEFINED-PROCP. The current goal, (MAIN . 2), has been proved, and has no dependents. Now proving (MAIN . 1). (DIVE 1) (REWRITE PREDEFINED-PROC-CALL-MEANING-R-2) Rewriting with PREDEFINED-PROC-CALL-MEANING-R-2. S X (= (CALL-NAME STMT) (QUOTE MG-ARRAY-ELEMENT-ASSIGNMENT) 0) S : (CLAIM (NOT (NUMBERP (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0) Creating one new subgoal, ((MAIN . 1) . 1). TOP S-PROP The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoal of (MAIN . 1) remains to be proved: ((MAIN . 1) . 1). Now proving ((MAIN . 1) . 1). S : (CLAIM (NOT (LESSP (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (ARRAY-LENGTH (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0) Creating one new subgoal, (((MAIN . 1) . 1) . 1). UP S-PROP The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoal of ((MAIN . 1) . 1) remains to be proved: (((MAIN . 1) . 1) . 1). Now proving (((MAIN . 1) . 1) . 1). TOP (CONTRADICT 16) S (DROP 16) Dropping hypothesis 16. (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 1) . 1). UP S UP S (DIVE 1 1 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. NX (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 1) . 2). UP UP (REWRITE IDIFFERENCE-LESSP2) Rewriting with IDIFFERENCE-LESSP2. TOP S (DIVE 1 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. NX (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 1) . 3). TOP (REWRITE IDIFFERENCE-LESSP2) Rewriting with IDIFFERENCE-LESSP2. The proof of the current goal, (((MAIN . 1) . 1) . 1), has been completed. However, the following subgoals of (((MAIN . 1) . 1) . 1) remain to be proved: ((((MAIN . 1) . 1) . 1) . 3) ((((MAIN . 1) . 1) . 1) . 2), and ((((MAIN . 1) . 1) . 1) . 1). Now proving ((((MAIN . 1) . 1) . 1) . 3). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 1) . 3) . 1) and: (((((MAIN . 1) . 1) . 1) . 3) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 3), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 1) . 3) remain to be proved: (((((MAIN . 1) . 1) . 1) . 3) . 1) and: (((((MAIN . 1) . 1) . 1) . 3) . 2). Now proving (((((MAIN . 1) . 1) . 1) . 3) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 1) . 3) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 1) . 3) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 1) . 3) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 1) . 1) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 1) . 2) . 1) and: (((((MAIN . 1) . 1) . 1) . 2) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 2), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 1) . 2) remain to be proved: (((((MAIN . 1) . 1) . 1) . 2) . 1) and: (((((MAIN . 1) . 1) . 1) . 2) . 2). Now proving (((((MAIN . 1) . 1) . 1) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 1) . 2) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 1) . 2) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 1) . 2) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 1) . 1) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 1) . 1) . 1) and: (((((MAIN . 1) . 1) . 1) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 1) . 1) remain to be proved: (((((MAIN . 1) . 1) . 1) . 1) . 1) and: (((((MAIN . 1) . 1) . 1) . 1) . 2). Now proving (((((MAIN . 1) . 1) . 1) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 1) . 1) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 1) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 1) . 1) . 2), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.9 0.0 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-LAST-STEP-ERROR-CASE (PROVE-LEMMA PUT-PRESERVES-OK-MG-ARRAY-VALUE (REWRITE) (IMPLIES (AND (OK-MG-ARRAY-VALUE Z TYPE) (SIMPLE-TYPED-LITERALP X (ARRAY-ELEMTYPE TYPE)) (LESSP I (LENGTH Z))) (OK-MG-ARRAY-VALUE (PUT X I Z) TYPE)) ((ENABLE OK-MG-ARRAY-VALUE ARRAY-LITERALP))) This simplifies, rewriting with PUT-PRESERVES-LENGTH, and expanding the functions ARRAY-LITERALP, OK-MG-ARRAY-VALUE, and SIMPLE-TYPED-LITERALP, to three new conjectures: Case 3. (IMPLIES (AND (SIMPLE-TYPED-LITERAL-PLISTP Z (ARRAY-ELEMTYPE TYPE)) (EQUAL (LENGTH Z) (ARRAY-LENGTH TYPE)) (NOT (EQUAL (ARRAY-ELEMTYPE TYPE) 'INT-MG)) (EQUAL (ARRAY-ELEMTYPE TYPE) 'BOOLEAN-MG) (BOOLEAN-LITERALP X) (LESSP I (ARRAY-LENGTH TYPE))) (SIMPLE-TYPED-LITERAL-PLISTP (PUT X I Z) 'BOOLEAN-MG)), which again simplifies, using linear arithmetic, rewriting with the lemmas BOOLEAN-LITERAL-SIMPLE-TYPED-LITERALP and PUT-PRESERVES-SIMPLE-TYPED-LITERAL-PLISTP, and opening up the function EQUAL, to: T. Case 2. (IMPLIES (AND (SIMPLE-TYPED-LITERAL-PLISTP Z (ARRAY-ELEMTYPE TYPE)) (EQUAL (LENGTH Z) (ARRAY-LENGTH TYPE)) (NOT (EQUAL (ARRAY-ELEMTYPE TYPE) 'INT-MG)) (NOT (EQUAL (ARRAY-ELEMTYPE TYPE) 'BOOLEAN-MG)) (EQUAL (ARRAY-ELEMTYPE TYPE) 'CHARACTER-MG) (CHARACTER-LITERALP X) (LESSP I (ARRAY-LENGTH TYPE))) (SIMPLE-TYPED-LITERAL-PLISTP (PUT X I Z) 'CHARACTER-MG)), which again simplifies, using linear arithmetic, rewriting with PUT-PRESERVES-SIMPLE-TYPED-LITERAL-PLISTP, and opening up the definitions of EQUAL and SIMPLE-TYPED-LITERALP, to: T. Case 1. (IMPLIES (AND (SIMPLE-TYPED-LITERAL-PLISTP Z (ARRAY-ELEMTYPE TYPE)) (EQUAL (LENGTH Z) (ARRAY-LENGTH TYPE)) (EQUAL (ARRAY-ELEMTYPE TYPE) 'INT-MG) (INT-LITERALP X) (LESSP I (ARRAY-LENGTH TYPE))) (SIMPLE-TYPED-LITERAL-PLISTP (PUT X I Z) 'INT-MG)). But this again simplifies, using linear arithmetic, rewriting with the lemma PUT-PRESERVES-SIMPLE-TYPED-LITERAL-PLISTP, and unfolding the functions SIMPLE-TYPED-LITERALP and EQUAL, to: T. Q.E.D. [ 0.0 0.1 0.0 ] PUT-PRESERVES-OK-MG-ARRAY-VALUE (PROVE-LEMMA ARRAYS-HAVE-OK-VALUES (REWRITE) (IMPLIES (AND (MG-ALISTP MG-ALIST) (ARRAY-IDENTIFIERP A MG-ALIST)) (OK-MG-ARRAY-VALUE (CADDR (ASSOC A MG-ALIST)) (CADR (ASSOC A MG-ALIST)))) ((ENABLE MG-ALIST-ELEMENTP OK-MG-VALUEP ARRAY-IDENTIFIERP))) This conjecture can be simplified, using the abbreviations IDENTIFIERP, DEFINED-IDENTIFIERP, M-TYPE, GET-M-TYPE, HAS-ARRAY-TYPE, ARRAY-IDENTIFIERP, AND, and IMPLIES, to the formula: (IMPLIES (AND (MG-ALISTP MG-ALIST) (OK-MG-NAMEP A) (DEFINEDP A MG-ALIST) (EQUAL (CAADR (ASSOC A MG-ALIST)) 'ARRAY-MG)) (OK-MG-ARRAY-VALUE (CADDR (ASSOC A MG-ALIST)) (CADR (ASSOC A MG-ALIST)))). Name the above subgoal *1. We will appeal to induction. Five inductions are suggested by terms in the conjecture. However, they merge into one likely candidate induction. We will induct according to the following scheme: (AND (IMPLIES (NLISTP MG-ALIST) (p A MG-ALIST)) (IMPLIES (AND (NOT (NLISTP MG-ALIST)) (EQUAL A (CAAR MG-ALIST))) (p A MG-ALIST)) (IMPLIES (AND (NOT (NLISTP MG-ALIST)) (NOT (EQUAL A (CAAR MG-ALIST))) (p A (CDR MG-ALIST))) (p A MG-ALIST))). Linear arithmetic, the lemmas CDR-LESSEQP and CDR-LESSP, and the definition of NLISTP inform us that the measure (COUNT MG-ALIST) decreases according to the well-founded relation LESSP in each induction step of the scheme. The above induction scheme leads to the following six new goals: Case 6. (IMPLIES (AND (NLISTP MG-ALIST) (MG-ALISTP MG-ALIST) (OK-MG-NAMEP A) (DEFINEDP A MG-ALIST) (EQUAL (CAADR (ASSOC A MG-ALIST)) 'ARRAY-MG)) (OK-MG-ARRAY-VALUE (CADDR (ASSOC A MG-ALIST)) (CADR (ASSOC A MG-ALIST)))). This simplifies, opening up the functions NLISTP, MG-ALISTP, LISTP, and DEFINEDP, to: T. Case 5. (IMPLIES (AND (NOT (NLISTP MG-ALIST)) (EQUAL A (CAAR MG-ALIST)) (MG-ALISTP MG-ALIST) (OK-MG-NAMEP A) (DEFINEDP A MG-ALIST) (EQUAL (CAADR (ASSOC A MG-ALIST)) 'ARRAY-MG)) (OK-MG-ARRAY-VALUE (CADDR (ASSOC A MG-ALIST)) (CADR (ASSOC A MG-ALIST)))). This simplifies, rewriting with MEMBER-DEFINED-NAME, and unfolding the definitions of NLISTP, MG-ALISTP, OK-MG-VALUEP, SIMPLE-TYPED-LITERALP, M-VALUE, MG-TYPE-REFP, MEMBER, LISTP, CAR, CDR, SIMPLE-MG-TYPE-REFP, M-TYPE, MG-ALIST-ELEMENTP, ASSOC, and EQUAL, to: T. Case 4. (IMPLIES (AND (NOT (NLISTP MG-ALIST)) (NOT (EQUAL A (CAAR MG-ALIST))) (NOT (MG-ALISTP (CDR MG-ALIST))) (MG-ALISTP MG-ALIST) (OK-MG-NAMEP A) (DEFINEDP A MG-ALIST) (EQUAL (CAADR (ASSOC A MG-ALIST)) 'ARRAY-MG)) (OK-MG-ARRAY-VALUE (CADDR (ASSOC A MG-ALIST)) (CADR (ASSOC A MG-ALIST)))), which simplifies, expanding the functions NLISTP, MG-ALISTP, OK-MG-VALUEP, SIMPLE-TYPED-LITERALP, M-VALUE, MG-TYPE-REFP, MEMBER, LISTP, CAR, CDR, SIMPLE-MG-TYPE-REFP, M-TYPE, and MG-ALIST-ELEMENTP, to: T. Case 3. (IMPLIES (AND (NOT (NLISTP MG-ALIST)) (NOT (EQUAL A (CAAR MG-ALIST))) (NOT (DEFINEDP A (CDR MG-ALIST))) (MG-ALISTP MG-ALIST) (OK-MG-NAMEP A) (DEFINEDP A MG-ALIST) (EQUAL (CAADR (ASSOC A MG-ALIST)) 'ARRAY-MG)) (OK-MG-ARRAY-VALUE (CADDR (ASSOC A MG-ALIST)) (CADR (ASSOC A MG-ALIST)))), which simplifies, opening up the definitions of NLISTP, MG-ALISTP, OK-MG-VALUEP, SIMPLE-TYPED-LITERALP, M-VALUE, MG-TYPE-REFP, MEMBER, LISTP, CAR, CDR, SIMPLE-MG-TYPE-REFP, M-TYPE, MG-ALIST-ELEMENTP, and DEFINEDP, to: T. Case 2. (IMPLIES (AND (NOT (NLISTP MG-ALIST)) (NOT (EQUAL A (CAAR MG-ALIST))) (NOT (EQUAL (CAADR (ASSOC A (CDR MG-ALIST))) 'ARRAY-MG)) (MG-ALISTP MG-ALIST) (OK-MG-NAMEP A) (DEFINEDP A MG-ALIST) (EQUAL (CAADR (ASSOC A MG-ALIST)) 'ARRAY-MG)) (OK-MG-ARRAY-VALUE (CADDR (ASSOC A MG-ALIST)) (CADR (ASSOC A MG-ALIST)))), which simplifies, expanding NLISTP, MG-ALISTP, OK-MG-VALUEP, SIMPLE-TYPED-LITERALP, M-VALUE, MG-TYPE-REFP, MEMBER, LISTP, CAR, CDR, SIMPLE-MG-TYPE-REFP, M-TYPE, MG-ALIST-ELEMENTP, DEFINEDP, and ASSOC, to: T. Case 1. (IMPLIES (AND (NOT (NLISTP MG-ALIST)) (NOT (EQUAL A (CAAR MG-ALIST))) (OK-MG-ARRAY-VALUE (CADDR (ASSOC A (CDR MG-ALIST))) (CADR (ASSOC A (CDR MG-ALIST)))) (MG-ALISTP MG-ALIST) (OK-MG-NAMEP A) (DEFINEDP A MG-ALIST) (EQUAL (CAADR (ASSOC A MG-ALIST)) 'ARRAY-MG)) (OK-MG-ARRAY-VALUE (CADDR (ASSOC A MG-ALIST)) (CADR (ASSOC A MG-ALIST)))), which simplifies, opening up NLISTP, MG-ALISTP, OK-MG-VALUEP, SIMPLE-TYPED-LITERALP, M-VALUE, MG-TYPE-REFP, MEMBER, LISTP, CAR, CDR, SIMPLE-MG-TYPE-REFP, M-TYPE, MG-ALIST-ELEMENTP, DEFINEDP, and ASSOC, to: T. That finishes the proof of *1. Q.E.D. [ 0.0 0.1 0.1 ] ARRAYS-HAVE-OK-VALUES (DEFN PUT-DEPOSIT-ARRAY-VALUE-INDUCTION-HINT (LST NAT TEMP-STK INDEX) (IF (ZEROP INDEX) T (PUT-DEPOSIT-ARRAY-VALUE-INDUCTION-HINT (CDR LST) (ADD1-NAT NAT) (DEPOSIT-TEMP (MG-TO-P-SIMPLE-LITERAL (CAR LST)) NAT TEMP-STK) (SUB1 INDEX)))) Linear arithmetic, the lemmas IDIFFERENCE-LESSP, IDIFFERENCE-LESSP2, and COUNT-NUMBERP, and the definition of ZEROP establish that the measure (COUNT INDEX) decreases according to the well-founded relation LESSP in each recursive call. Hence, PUT-DEPOSIT-ARRAY-VALUE-INDUCTION-HINT is accepted under the principle of definition. From the definition we can conclude that: (TRUEP (PUT-DEPOSIT-ARRAY-VALUE-INDUCTION-HINT LST NAT TEMP-STK INDEX)) is a theorem. [ 0.0 0.0 0.0 ] PUT-DEPOSIT-ARRAY-VALUE-INDUCTION-HINT (PROVE-LEMMA PUT-DEPOSIT-ARRAY-VALUE-REWRITE (REWRITE) (IMPLIES (AND (LESSP INDEX (LENGTH LST)) (LESSP (PLUS (UNTAG NAT) (SUB1 (LENGTH LST))) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT))) (EQUAL (DEPOSIT-ARRAY-VALUE (PUT VALUE INDEX LST) NAT TEMP-STK) (RPUT (MG-TO-P-SIMPLE-LITERAL VALUE) (PLUS (UNTAG NAT) INDEX) (DEPOSIT-ARRAY-VALUE LST NAT TEMP-STK)))) ((INSTRUCTIONS (INDUCT (PUT-DEPOSIT-ARRAY-VALUE-INDUCTION-HINT LST NAT TEMP-STK INDEX)) PROMOTE PROMOTE (CLAIM (LISTP LST)) (CLAIM (NLISTP (CDR LST)) 0) (DIVE 1 1) X UP X X NX (DIVE 3) X X UP (DIVE 2) (REWRITE PLUS-0-REWRITE2) UP S (REWRITE MULTIPLE-RPUTS-CANCEL) TOP S (DIVE 1 1) X UP X (REWRITE DEPOSIT-TEMP-DEPOSIT-ARRAY-VALUE-COMMUTE3) X NX (DIVE 2) (REWRITE PLUS-0-REWRITE2) S NX X (REWRITE DEPOSIT-TEMP-DEPOSIT-ARRAY-VALUE-COMMUTE3) X UP (REWRITE MULTIPLE-RPUTS-CANCEL) TOP S PROVE (S LEMMAS) (DIVE 1) (REWRITE PLUS-ADD1-SUB1) TOP PROVE (DIVE 1) (REWRITE LISTP-IMPLIES-NON-ZERO-LENGTH) TOP S PROVE PROVE PROMOTE PROMOTE (CLAIM (NLISTP (CDR LST)) 0) PROVE (DEMOTE 2) (DIVE 1 1) PUSH UP S-PROP S UP PROMOTE (DIVE 1 1) X UP X = (DROP 6) TOP (DIVE 2 3) X (DIVE 1) (= T) TOP PROVE (S LEMMAS) SPLIT PROVE (DIVE 2) (REWRITE DEPOSIT-TEMP-PRESERVES-LENGTH) TOP PROVE PROVE))) *** Entering proof-checker *** (INDUCT (PUT-DEPOSIT-ARRAY-VALUE-INDUCTION-HINT LST NAT TEMP-STK INDEX)) Creating 2 new subgoals, (MAIN . 1) and (MAIN . 2). The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 1) and (MAIN . 2). Now proving (MAIN . 1). PROMOTE PROMOTE (CLAIM (LISTP LST)) ***** Now entering the theorem prover *****: This formula simplifies, expanding the definitions of ZEROP, LENGTH, LESSP, and EQUAL, to: T. Q.E.D. (CLAIM (NLISTP (CDR LST)) 0) Creating one new subgoal, ((MAIN . 1) . 1). (DIVE 1 1) X UP X X NX (DIVE 3) X X UP (DIVE 2) (REWRITE PLUS-0-REWRITE2) Rewriting with PLUS-0-REWRITE2. UP S (REWRITE MULTIPLE-RPUTS-CANCEL) Rewriting with MULTIPLE-RPUTS-CANCEL. TOP S The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoal of (MAIN . 1) remains to be proved: ((MAIN . 1) . 1). Now proving ((MAIN . 1) . 1). (DIVE 1 1) X UP X (REWRITE DEPOSIT-TEMP-DEPOSIT-ARRAY-VALUE-COMMUTE3) Rewriting with DEPOSIT-TEMP-DEPOSIT-ARRAY-VALUE-COMMUTE3. Creating 2 new subgoals, (((MAIN . 1) . 1) . 1) and (((MAIN . 1) . 1) . 2). X NX (DIVE 2) (REWRITE PLUS-0-REWRITE2) Rewriting with PLUS-0-REWRITE2. S NX X (REWRITE DEPOSIT-TEMP-DEPOSIT-ARRAY-VALUE-COMMUTE3) Rewriting with DEPOSIT-TEMP-DEPOSIT-ARRAY-VALUE-COMMUTE3. Creating 2 new subgoals, (((MAIN . 1) . 1) . 3) and (((MAIN . 1) . 1) . 4). X UP (REWRITE MULTIPLE-RPUTS-CANCEL) Rewriting with MULTIPLE-RPUTS-CANCEL. TOP S The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoals of ((MAIN . 1) . 1) remain to be proved: (((MAIN . 1) . 1) . 3), (((MAIN . 1) . 1) . 4), (((MAIN . 1) . 1) . 1), and (((MAIN . 1) . 1) . 2). Now proving (((MAIN . 1) . 1) . 3). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations NLISTP, NOT, AND, IMPLIES, and UNTAG-TAG, to: (IMPLIES (AND (ZEROP INDEX) (LESSP INDEX (LENGTH LST)) (LESSP (PLUS (UNTAG NAT) (SUB1 (LENGTH LST))) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT)) (LISTP LST) (LISTP (CDR LST))) (LESSP (UNTAG NAT) (ADD1 (UNTAG NAT)))), which simplifies, using linear arithmetic, to: T. Q.E.D. The current goal, (((MAIN . 1) . 1) . 3), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 4). (S LEMMAS) (DIVE 1) (REWRITE PLUS-ADD1-SUB1) Rewriting with PLUS-ADD1-SUB1. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 4) . 1). TOP PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations NLISTP, NOT, AND, and IMPLIES, to: (IMPLIES (AND (ZEROP INDEX) (LESSP INDEX (LENGTH LST)) (LESSP (PLUS (UNTAG NAT) (SUB1 (LENGTH LST))) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT)) (LISTP LST) (LISTP (CDR LST))) (LESSP (PLUS (UNTAG NAT) (LENGTH (CDR LST))) (LENGTH TEMP-STK))), which simplifies, using linear arithmetic, rewriting with IDIFFERENCE-LESSP2, IDIFFERENCE-LESSP, and SUB1-ADD1, and expanding ZEROP, LENGTH, and LESSP, to: T. Q.E.D. The proof of the current goal, (((MAIN . 1) . 1) . 4), has been completed. However, the following subgoal of (((MAIN . 1) . 1) . 4) remains to be proved: ((((MAIN . 1) . 1) . 4) . 1). Now proving ((((MAIN . 1) . 1) . 4) . 1). (DIVE 1) (REWRITE LISTP-IMPLIES-NON-ZERO-LENGTH) Rewriting with LISTP-IMPLIES-NON-ZERO-LENGTH. TOP S The current goal, ((((MAIN . 1) . 1) . 4) . 1), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 1). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations NLISTP, NOT, AND, IMPLIES, and UNTAG-TAG, to: (IMPLIES (AND (ZEROP INDEX) (LESSP INDEX (LENGTH LST)) (LESSP (PLUS (UNTAG NAT) (SUB1 (LENGTH LST))) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT)) (LISTP LST) (LISTP (CDR LST))) (LESSP (UNTAG NAT) (ADD1 (UNTAG NAT)))), which simplifies, using linear arithmetic, to: T. Q.E.D. The current goal, (((MAIN . 1) . 1) . 1), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 2). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations NLISTP, NOT, AND, IMPLIES, and UNTAG-TAG, to the goal: (IMPLIES (AND (ZEROP INDEX) (LESSP INDEX (LENGTH LST)) (LESSP (PLUS (UNTAG NAT) (SUB1 (LENGTH LST))) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT)) (LISTP LST) (LISTP (CDR LST))) (LESSP (PLUS (ADD1 (UNTAG NAT)) (SUB1 (LENGTH (CDR LST)))) (LENGTH TEMP-STK))). This simplifies, using linear arithmetic, rewriting with IDIFFERENCE-LESSP2, IDIFFERENCE-LESSP, SUB1-ADD1, LISTP-IMPLIES-NON-ZERO-LENGTH, and PLUS-ADD1-SUB1, and unfolding the functions ZEROP, LENGTH, and LESSP, to: T. Q.E.D. The current goal, (((MAIN . 1) . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 2). PROMOTE PROMOTE (CLAIM (NLISTP (CDR LST)) 0) Creating one new subgoal, ((MAIN . 2) . 1). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations NLISTP, ZEROP, NOT, AND, IMPLIES, UNTAG-TAG, and ADD1-NAT, to: (IMPLIES (AND (NOT (EQUAL INDEX 0)) (NUMBERP INDEX) (IMPLIES (AND (LESSP (SUB1 INDEX) (LENGTH (CDR LST))) (LESSP (PLUS (ADD1 (UNTAG NAT)) (SUB1 (LENGTH (CDR LST)))) (LENGTH (DEPOSIT-TEMP (MG-TO-P-SIMPLE-LITERAL (CAR LST)) NAT TEMP-STK))) (NUMBERP (ADD1 (UNTAG NAT)))) (EQUAL (DEPOSIT-ARRAY-VALUE (PUT VALUE (SUB1 INDEX) (CDR LST)) (TAG 'NAT (ADD1 (UNTAG NAT))) (DEPOSIT-TEMP (MG-TO-P-SIMPLE-LITERAL (CAR LST)) NAT TEMP-STK)) (RPUT (MG-TO-P-SIMPLE-LITERAL VALUE) (PLUS (ADD1 (UNTAG NAT)) (SUB1 INDEX)) (DEPOSIT-ARRAY-VALUE (CDR LST) (TAG 'NAT (ADD1 (UNTAG NAT))) (DEPOSIT-TEMP (MG-TO-P-SIMPLE-LITERAL (CAR LST)) NAT TEMP-STK))))) (LESSP INDEX (LENGTH LST)) (LESSP (PLUS (UNTAG NAT) (SUB1 (LENGTH LST))) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT)) (NOT (LISTP (CDR LST)))) (EQUAL (DEPOSIT-ARRAY-VALUE (PUT VALUE INDEX LST) NAT TEMP-STK) (RPUT (MG-TO-P-SIMPLE-LITERAL VALUE) (PLUS (UNTAG NAT) INDEX) (DEPOSIT-ARRAY-VALUE LST NAT TEMP-STK)))), which simplifies, using linear arithmetic, applying PLUS-0-REWRITE2, DEPOSIT-TEMP-PRESERVES-LENGTH, IDIFFERENCE-LESSP2, IDIFFERENCE-LESSP, PLUS-ADD1-SUB1, CDR-NLISTP, CAR-NLISTP, CAR-CONS, and CDR-CONS, and unfolding the functions LENGTH, EQUAL, LESSP, SUB1, ZEROP, AND, DEPOSIT-ARRAY-VALUE, IMPLIES, ADD1, LISTP, PUT, MG-TO-P-SIMPLE-LITERAL, and ADD1-NAT, to the following two new goals: Case 2. (IMPLIES (AND (NOT (EQUAL INDEX 0)) (NUMBERP INDEX) (NOT (LISTP LST)) (LESSP INDEX 0) (LESSP (UNTAG NAT) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT))) (EQUAL (DEPOSIT-ARRAY-VALUE (PUT VALUE (SUB1 INDEX) 0) (TAG 'NAT (ADD1 (UNTAG NAT))) (DEPOSIT-TEMP 0 NAT TEMP-STK)) (RPUT (MG-TO-P-SIMPLE-LITERAL VALUE) (PLUS (UNTAG NAT) INDEX) TEMP-STK))). This again simplifies, using linear arithmetic, to: T. Case 1. (IMPLIES (AND (NOT (EQUAL INDEX 0)) (NUMBERP INDEX) (LISTP LST) (LESSP INDEX 1) (LESSP (UNTAG NAT) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT)) (NOT (LISTP (CDR LST)))) (EQUAL (DEPOSIT-ARRAY-VALUE (PUT VALUE (SUB1 INDEX) (CDR LST)) (TAG 'NAT (ADD1 (UNTAG NAT))) (DEPOSIT-TEMP (MG-TO-P-SIMPLE-LITERAL (CAR LST)) NAT TEMP-STK)) (RPUT (MG-TO-P-SIMPLE-LITERAL VALUE) (PLUS (UNTAG NAT) INDEX) (DEPOSIT-TEMP (MG-TO-P-SIMPLE-LITERAL (CAR LST)) NAT TEMP-STK)))), which again simplifies, using linear arithmetic, to: T. Q.E.D. The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoal of (MAIN . 2) remains to be proved: ((MAIN . 2) . 1). Now proving ((MAIN . 2) . 1). (DEMOTE 2) (DIVE 1 1) PUSH Creating 1 new subgoal, (((MAIN . 2) . 1) . 1). UP S-PROP S UP PROMOTE (DIVE 1 1) X UP X = (DROP 6) Dropping hypothesis 6. TOP (DIVE 2 3) X (DIVE 1) (= T) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations NLISTP, ZEROP, NOT, AND, and IMPLIES, to: (IMPLIES (AND (NOT (EQUAL INDEX 0)) (NUMBERP INDEX) (LESSP INDEX (LENGTH LST)) (LESSP (PLUS (UNTAG NAT) (SUB1 (LENGTH LST))) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT)) (LISTP (CDR LST))) (EQUAL (LISTP LST) T)), which simplifies, unfolding the functions LENGTH, EQUAL, and LESSP, to: T. Q.E.D. TOP PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations NLISTP, ZEROP, NOT, AND, IMPLIES, and UNTAG-TAG, to: (IMPLIES (AND (NOT (EQUAL INDEX 0)) (NUMBERP INDEX) (LESSP INDEX (LENGTH LST)) (LESSP (PLUS (UNTAG NAT) (SUB1 (LENGTH LST))) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT)) (LISTP (CDR LST))) (EQUAL (RPUT (MG-TO-P-SIMPLE-LITERAL VALUE) (PLUS (ADD1 (UNTAG NAT)) (SUB1 INDEX)) (DEPOSIT-ARRAY-VALUE (CDR LST) (TAG 'NAT (ADD1 (UNTAG NAT))) (DEPOSIT-TEMP (MG-TO-P-SIMPLE-LITERAL (CAR LST)) NAT TEMP-STK))) (RPUT (MG-TO-P-SIMPLE-LITERAL VALUE) (PLUS (UNTAG NAT) INDEX) (IF T (DEPOSIT-ARRAY-VALUE (CDR LST) (TAG 'NAT (ADD1 (UNTAG NAT))) (DEPOSIT-TEMP (MG-TO-P-SIMPLE-LITERAL (CAR LST)) NAT TEMP-STK)) TEMP-STK)))). This simplifies, rewriting with the lemmas PLUS-0-REWRITE2, CDR-NLISTP, SUB1-ADD1, and PLUS-ADD1-SUB1, and opening up the functions LENGTH, SUB1, ZEROP, and LISTP, to: T. Q.E.D. The proof of the current goal, ((MAIN . 2) . 1), has been completed. However, the following subgoal of ((MAIN . 2) . 1) remains to be proved: (((MAIN . 2) . 1) . 1). Now proving (((MAIN . 2) . 1) . 1). (S LEMMAS) SPLIT Creating 2 new subgoals, ((((MAIN . 2) . 1) . 1) . 1) and: ((((MAIN . 2) . 1) . 1) . 2). The proof of the current goal, (((MAIN . 2) . 1) . 1), has been completed. However, the following subgoals of (((MAIN . 2) . 1) . 1) remain to be proved: ((((MAIN . 2) . 1) . 1) . 1) and ((((MAIN . 2) . 1) . 1) . 2). Now proving ((((MAIN . 2) . 1) . 1) . 1). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations NLISTP, ZEROP, NOT, AND, and IMPLIES, to the new formula: (IMPLIES (AND (NOT (EQUAL INDEX 0)) (NUMBERP INDEX) (LESSP INDEX (LENGTH LST)) (LESSP (PLUS (UNTAG NAT) (SUB1 (LENGTH LST))) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT)) (LISTP (CDR LST))) (LESSP (SUB1 INDEX) (LENGTH (CDR LST)))), which simplifies, applying PLUS-0-REWRITE2, CDR-NLISTP, and SUB1-ADD1, and unfolding the definitions of LENGTH, SUB1, ZEROP, and LISTP, to the new goal: (IMPLIES (AND (NOT (EQUAL INDEX 0)) (NUMBERP INDEX) (LISTP LST) (LESSP INDEX (ADD1 (LENGTH (CDR LST)))) (LESSP (PLUS (UNTAG NAT) (LENGTH (CDR LST))) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT)) (LISTP (CDR LST))) (LESSP (SUB1 INDEX) (LENGTH (CDR LST)))), which again simplifies, using linear arithmetic, to: T. Q.E.D. The current goal, ((((MAIN . 2) . 1) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 2) . 1) . 1) . 2). (DIVE 2) (REWRITE DEPOSIT-TEMP-PRESERVES-LENGTH) Rewriting with DEPOSIT-TEMP-PRESERVES-LENGTH. Creating 1 new subgoal, (((((MAIN . 2) . 1) . 1) . 2) . 1). TOP PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations NLISTP, ZEROP, NOT, AND, and IMPLIES, to: (IMPLIES (AND (NOT (EQUAL INDEX 0)) (NUMBERP INDEX) (LESSP INDEX (LENGTH LST)) (LESSP (PLUS (UNTAG NAT) (SUB1 (LENGTH LST))) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT)) (LISTP (CDR LST))) (LESSP (PLUS (ADD1 (UNTAG NAT)) (SUB1 (LENGTH (CDR LST)))) (LENGTH TEMP-STK))). This simplifies, appealing to the lemmas PLUS-0-REWRITE2, CDR-NLISTP, SUB1-ADD1, LISTP-IMPLIES-NON-ZERO-LENGTH, PLUS-ADD1-SUB1, IDIFFERENCE-LESSP2, and IDIFFERENCE-LESSP, and opening up LENGTH, SUB1, ZEROP, and LISTP, to: T. Q.E.D. The proof of the current goal, ((((MAIN . 2) . 1) . 1) . 2), has been completed. However, the following subgoal of ((((MAIN . 2) . 1) . 1) . 2) remains to be proved: (((((MAIN . 2) . 1) . 1) . 2) . 1). Now proving (((((MAIN . 2) . 1) . 1) . 2) . 1). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations NLISTP, ZEROP, NOT, AND, and IMPLIES, to: (IMPLIES (AND (NOT (EQUAL INDEX 0)) (NUMBERP INDEX) (LESSP INDEX (LENGTH LST)) (LESSP (PLUS (UNTAG NAT) (SUB1 (LENGTH LST))) (LENGTH TEMP-STK)) (NUMBERP (UNTAG NAT)) (LISTP (CDR LST))) (LESSP (UNTAG NAT) (LENGTH TEMP-STK))), which simplifies, using linear arithmetic, to: T. Q.E.D. The current goal, (((((MAIN . 2) . 1) . 1) . 2) . 1), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.4 0.2 0.1 ] PUT-DEPOSIT-ARRAY-VALUE-REWRITE (DISABLE PUT-DEPOSIT-ARRAY-VALUE-REWRITE) [ 0.0 0.0 0.0 ] PUT-DEPOSIT-ARRAY-VALUE-REWRITE-OFF (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-DEPOSIT-ARRAY-VALUE-REWRITE (REWRITE) (IMPLIES (AND (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADR (ASSOC A MG-VARS)))) (ARRAY-IDENTIFIERP A MG-VARS)) (EQUAL (DEPOSIT-ARRAY-VALUE (PUT VALUE INDEX (CADDR (ASSOC A MG-VARS))) (CDR (ASSOC A BINDINGS)) (MAP-DOWN-VALUES MG-VARS BINDINGS TEMP-STK)) (RPUT (MG-TO-P-SIMPLE-LITERAL VALUE) (PLUS (UNTAG (CDR (ASSOC A BINDINGS))) INDEX) (MAP-DOWN-VALUES MG-VARS BINDINGS TEMP-STK)))) ((INSTRUCTIONS (INDUCT (MAP-DOWN-VALUES MG-VARS BINDINGS TEMP-STK)) PROVE (CLAIM (EQUAL A (CAAR MG-VARS)) 0) (= A (CAR (CAR MG-VARS)) 0) PROMOTE (= (ASSOC (CAAR MG-VARS) MG-VARS) (CAR MG-VARS)) PROMOTE (DROP 3) CHANGE-GOAL PROMOTE PROMOTE (DEMOTE 3) (DIVE 1 1) PUSH UP S-PROP UP PROMOTE (DIVE 1 1 3 1 1 1) X TOP (DIVE 1 3) X UP = (DROP 9) TOP (DIVE 2 3) X TOP S SPLIT (= * T ((ENABLE ALL-CARS-UNIQUE))) (REWRITE MG-ALISTP-CDR) (REWRITE DEPOSIT-ALIST-VALUE-PRESERVES-MG-VARS-LIST-OK) S (REWRITE NO-P-ALIASING-CDR) PROVE (PROVE (ENABLE ARRAY-IDENTIFIERP)) (DIVE 1 3) X (REWRITE MAP-DOWN-VALUES-DEPOSIT-ALIST-VALUE-COMMUTE) X (DIVE 1) (= * F ((ENABLE ARRAY-IDENTIFIERP))) UP S UP (REWRITE MULTIPLE-DEPOSIT-ARRAY-VALUES-CANCEL) UP (DIVE 2 3) X (REWRITE MAP-DOWN-VALUES-DEPOSIT-ALIST-VALUE-COMMUTE) X (DIVE 1) (= * F ((ENABLE ARRAY-IDENTIFIERP))) UP S UP UP (DIVE 1) (REWRITE PUT-DEPOSIT-ARRAY-VALUE-REWRITE) TOP S (DIVE 2) (REWRITE MEMBER-ARRAY-LENGTHS-MATCH (($LST MG-VARS))) TOP S X (PROVE (ENABLE ARRAY-IDENTIFIERP)) (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) UP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK (($LST MG-VARS))) X PROVE (REWRITE MG-VARS-LIST-OK-IN-P-STATE-CDR) (REWRITE MG-ALISTP-CDR) (REWRITE MG-VAR-OK-UNTAG-VALUE-NUMBERP (($LST MG-VARS))) X S S S S (DIVE 1) (REWRITE PUT-PRESERVES-LENGTH) TOP S (DIVE 2) (REWRITE MEMBER-ARRAY-LENGTHS-MATCH (($LST MG-VARS))) TOP S X PROVE (REWRITE MG-VAR-OK-UNTAG-VALUE-NUMBERP (($LST MG-VARS))) X (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) UP (DIVE 1 2 1) (REWRITE PUT-PRESERVES-LENGTH) TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK (($LST MG-VARS))) X PROVE (DIVE 2) (REWRITE MEMBER-ARRAY-LENGTHS-MATCH (($LST MG-VARS))) TOP S X PROVE (REWRITE MG-VARS-LIST-OK-IN-P-STATE-CDR) (REWRITE MG-ALISTP-CDR) S S S S))) *** Entering proof-checker *** (INDUCT (MAP-DOWN-VALUES MG-VARS BINDINGS TEMP-STK)) Creating 2 new subgoals, (MAIN . 1) and (MAIN . 2). The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 1) and (MAIN . 2). Now proving (MAIN . 1). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations AND, NLISTP, and IMPLIES, to: (IMPLIES (AND (NOT (LISTP MG-VARS)) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADR (ASSOC A MG-VARS)))) (ARRAY-IDENTIFIERP A MG-VARS)) (EQUAL (DEPOSIT-ARRAY-VALUE (PUT VALUE INDEX (CADDR (ASSOC A MG-VARS))) (CDR (ASSOC A BINDINGS)) (MAP-DOWN-VALUES MG-VARS BINDINGS TEMP-STK)) (RPUT (MG-TO-P-SIMPLE-LITERAL VALUE) (PLUS (UNTAG (CDR (ASSOC A BINDINGS))) INDEX) (MAP-DOWN-VALUES MG-VARS BINDINGS TEMP-STK)))). This simplifies, opening up the definitions of MG-ALISTP, LISTP, MG-VARS-LIST-OK-IN-P-STATE, ASSOC, CDR, CAR, ARRAY-LENGTH, EQUAL, and LESSP, to: T. Q.E.D. The current goal, (MAIN . 1), has been proved, and has no dependents. Now proving (MAIN . 2). (CLAIM (EQUAL A (CAAR MG-VARS)) 0) Creating one new subgoal, ((MAIN . 2) . 1). (= A (CAR (CAR MG-VARS)) 0) PROMOTE (= (ASSOC (CAAR MG-VARS) MG-VARS) (CAR MG-VARS)) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations NLISTP, NOT, AND, and IMPLIES, to: (IMPLIES (AND (EQUAL A (CAAR MG-VARS)) (LISTP MG-VARS) (IMPLIES (AND (ALL-CARS-UNIQUE (CDR MG-VARS)) (MG-ALISTP (CDR MG-VARS)) (MG-VARS-LIST-OK-IN-P-STATE (CDR MG-VARS) BINDINGS (DEPOSIT-ALIST-VALUE (CAR MG-VARS) BINDINGS TEMP-STK)) (NO-P-ALIASING BINDINGS (CDR MG-VARS)) (LESSP INDEX (ARRAY-LENGTH (CADR (ASSOC (CAAR MG-VARS) (CDR MG-VARS))))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) (CDR MG-VARS))) (EQUAL (DEPOSIT-ARRAY-VALUE (PUT VALUE INDEX (CADDR (ASSOC (CAAR MG-VARS) (CDR MG-VARS)))) (CDR (ASSOC (CAAR MG-VARS) BINDINGS)) (MAP-DOWN-VALUES (CDR MG-VARS) BINDINGS (DEPOSIT-ALIST-VALUE (CAR MG-VARS) BINDINGS TEMP-STK))) (RPUT (MG-TO-P-SIMPLE-LITERAL VALUE) (PLUS (UNTAG (CDR (ASSOC (CAAR MG-VARS) BINDINGS))) INDEX) (MAP-DOWN-VALUES (CDR MG-VARS) BINDINGS (DEPOSIT-ALIST-VALUE (CAR MG-VARS) BINDINGS TEMP-STK)))))) (EQUAL (ASSOC (CAAR MG-VARS) MG-VARS) (CAR MG-VARS))), which simplifies, expanding AND, IMPLIES, and ASSOC, to: T. Q.E.D. PROMOTE (DROP 3) Dropping hypothesis 3. CHANGE-GOAL Now proving ((MAIN . 2) . 1). PROMOTE PROMOTE (DEMOTE 3) (DIVE 1 1) PUSH Creating 1 new subgoal, (((MAIN . 2) . 1) . 1). UP S-PROP UP PROMOTE (DIVE 1 1 3 1 1 1) X TOP (DIVE 1 3) X UP = (DROP 9) Dropping hypothesis 9. TOP (DIVE 2 3) X TOP S The proof of the current goal, ((MAIN . 2) . 1), has been completed. However, the following subgoal of ((MAIN . 2) . 1) remains to be proved: (((MAIN . 2) . 1) . 1). Now proving (((MAIN . 2) . 1) . 1). SPLIT Creating 6 new subgoals, ((((MAIN . 2) . 1) . 1) . 1), ((((MAIN . 2) . 1) . 1) . 2) ((((MAIN . 2) . 1) . 1) . 3), ((((MAIN . 2) . 1) . 1) . 4), ((((MAIN . 2) . 1) . 1) . 5) and ((((MAIN . 2) . 1) . 1) . 6). The proof of the current goal, (((MAIN . 2) . 1) . 1), has been completed. However, the following subgoals of (((MAIN . 2) . 1) . 1) remain to be proved: ((((MAIN . 2) . 1) . 1) . 1) ((((MAIN . 2) . 1) . 1) . 2), ((((MAIN . 2) . 1) . 1) . 3), ((((MAIN . 2) . 1) . 1) . 4) ((((MAIN . 2) . 1) . 1) . 5), and ((((MAIN . 2) . 1) . 1) . 6). Now proving ((((MAIN . 2) . 1) . 1) . 1). (= * T ((ENABLE ALL-CARS-UNIQUE))) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations NLISTP, NOT, AND, IMPLIES, and ALL-CARS-UNIQUE, to: (IMPLIES (AND (NOT (EQUAL A (CAAR MG-VARS))) (LISTP MG-VARS) (NO-DUPLICATES (LISTCARS MG-VARS)) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADR (ASSOC A MG-VARS)))) (ARRAY-IDENTIFIERP A MG-VARS)) (EQUAL (NO-DUPLICATES (LISTCARS (CDR MG-VARS))) T)). This simplifies, rewriting with the lemmas CDR-CONS and CAR-CONS, and unfolding the definitions of LISTCARS and NO-DUPLICATES, to: T. Q.E.D. The current goal, ((((MAIN . 2) . 1) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 2) . 1) . 1) . 2). (REWRITE MG-ALISTP-CDR) Rewriting with MG-ALISTP-CDR. The current goal, ((((MAIN . 2) . 1) . 1) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 2) . 1) . 1) . 3). (REWRITE DEPOSIT-ALIST-VALUE-PRESERVES-MG-VARS-LIST-OK) Rewriting with DEPOSIT-ALIST-VALUE-PRESERVES-MG-VARS-LIST-OK. Creating 1 new subgoal, (((((MAIN . 2) . 1) . 1) . 3) . 1). The proof of the current goal, ((((MAIN . 2) . 1) . 1) . 3), has been completed. However, the following subgoal of ((((MAIN . 2) . 1) . 1) . 3) remains to be proved: (((((MAIN . 2) . 1) . 1) . 3) . 1). Now proving (((((MAIN . 2) . 1) . 1) . 3) . 1). S The current goal, (((((MAIN . 2) . 1) . 1) . 3) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 2) . 1) . 1) . 4). (REWRITE NO-P-ALIASING-CDR) Rewriting with NO-P-ALIASING-CDR. The current goal, ((((MAIN . 2) . 1) . 1) . 4), has been proved, and has no dependents. Now proving ((((MAIN . 2) . 1) . 1) . 5). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations NLISTP, NOT, AND, and IMPLIES, to: (IMPLIES (AND (NOT (EQUAL A (CAAR MG-VARS))) (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADR (ASSOC A MG-VARS)))) (ARRAY-IDENTIFIERP A MG-VARS)) (LESSP INDEX (ARRAY-LENGTH (CADR (ASSOC A (CDR MG-VARS)))))), which simplifies, expanding the functions MG-ALISTP, MG-VAR-OK-IN-P-STATE, M-TYPE, MEMBER, LISTP, CAR, CDR, SIMPLE-MG-TYPE-REFP, MG-VARS-LIST-OK-IN-P-STATE, and ASSOC, to: T. Q.E.D. The current goal, ((((MAIN . 2) . 1) . 1) . 5), has been proved, and has no dependents. Now proving ((((MAIN . 2) . 1) . 1) . 6). (PROVE (ENABLE ARRAY-IDENTIFIERP)) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations IDENTIFIERP, DEFINED-IDENTIFIERP, M-TYPE, GET-M-TYPE, HAS-ARRAY-TYPE, ARRAY-IDENTIFIERP, NLISTP, NOT, AND, and IMPLIES, to: (IMPLIES (AND (NOT (EQUAL A (CAAR MG-VARS))) (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADR (ASSOC A MG-VARS)))) (OK-MG-NAMEP A) (DEFINEDP A MG-VARS) (EQUAL (CAADR (ASSOC A MG-VARS)) 'ARRAY-MG)) (ARRAY-IDENTIFIERP A (CDR MG-VARS))). This simplifies, opening up the functions MG-ALISTP, MG-VAR-OK-IN-P-STATE, M-TYPE, MEMBER, LISTP, CAR, CDR, SIMPLE-MG-TYPE-REFP, MG-VARS-LIST-OK-IN-P-STATE, ASSOC, DEFINEDP, HAS-ARRAY-TYPE, GET-M-TYPE, EQUAL, DEFINED-IDENTIFIERP, IDENTIFIERP, and ARRAY-IDENTIFIERP, to: T. Q.E.D. The current goal, ((((MAIN . 2) . 1) . 1) . 6), has been proved, and has no dependents. Now proving (MAIN . 2). (DIVE 1 3) X (REWRITE MAP-DOWN-VALUES-DEPOSIT-ALIST-VALUE-COMMUTE) Rewriting with MAP-DOWN-VALUES-DEPOSIT-ALIST-VALUE-COMMUTE. Creating 4 new subgoals, ((MAIN . 2) . 2), ((MAIN . 2) . 3), ((MAIN . 2) . 4), and ((MAIN . 2) . 5). X (DIVE 1) (= * F ((ENABLE ARRAY-IDENTIFIERP))) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations IDENTIFIERP, DEFINED-IDENTIFIERP, M-TYPE, GET-M-TYPE, HAS-ARRAY-TYPE, ARRAY-IDENTIFIERP, NLISTP, NOT, AND, and IMPLIES, to the new formula: (IMPLIES (AND (EQUAL A (CAAR MG-VARS)) (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (OK-MG-NAMEP (CAAR MG-VARS)) (DEFINEDP (CAAR MG-VARS) MG-VARS) (EQUAL (CAADR (ASSOC (CAAR MG-VARS) MG-VARS)) 'ARRAY-MG)) (EQUAL (MEMBER (CADAR MG-VARS) '(INT-MG BOOLEAN-MG CHARACTER-MG)) F)), which simplifies, rewriting with MEMBER-DEFINED-NAME and ASSOC-UNIQUE-MEMBER, and expanding the functions MEMBER, CDR, CAR, and LISTP, to the following three new goals: Case 3. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (OK-MG-NAMEP (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG)) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG))). This again simplifies, opening up the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 2. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (OK-MG-NAMEP (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG))), which again simplifies, unfolding the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 1. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (OK-MG-NAMEP (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG))), which again simplifies, expanding the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Q.E.D. UP S UP (REWRITE MULTIPLE-DEPOSIT-ARRAY-VALUES-CANCEL) Rewriting with MULTIPLE-DEPOSIT-ARRAY-VALUES-CANCEL. Creating 3 new subgoals, ((MAIN . 2) . 6), ((MAIN . 2) . 7), and ((MAIN . 2) . 8). UP (DIVE 2 3) X (REWRITE MAP-DOWN-VALUES-DEPOSIT-ALIST-VALUE-COMMUTE) Rewriting with MAP-DOWN-VALUES-DEPOSIT-ALIST-VALUE-COMMUTE. Creating 4 new subgoals, ((MAIN . 2) . 9), ((MAIN . 2) . 10), ((MAIN . 2) . 11), and ((MAIN . 2) . 12). X (DIVE 1) (= * F ((ENABLE ARRAY-IDENTIFIERP))) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations IDENTIFIERP, DEFINED-IDENTIFIERP, M-TYPE, GET-M-TYPE, HAS-ARRAY-TYPE, ARRAY-IDENTIFIERP, NLISTP, NOT, AND, and IMPLIES, to the new formula: (IMPLIES (AND (EQUAL A (CAAR MG-VARS)) (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (OK-MG-NAMEP (CAAR MG-VARS)) (DEFINEDP (CAAR MG-VARS) MG-VARS) (EQUAL (CAADR (ASSOC (CAAR MG-VARS) MG-VARS)) 'ARRAY-MG)) (EQUAL (MEMBER (CADAR MG-VARS) '(INT-MG BOOLEAN-MG CHARACTER-MG)) F)), which simplifies, rewriting with MEMBER-DEFINED-NAME and ASSOC-UNIQUE-MEMBER, and expanding the functions MEMBER, CDR, CAR, and LISTP, to the following three new goals: Case 3. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (OK-MG-NAMEP (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG)) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG))). This again simplifies, opening up the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 2. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (OK-MG-NAMEP (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG))), which again simplifies, unfolding the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 1. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (OK-MG-NAMEP (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG))), which again simplifies, expanding the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Q.E.D. UP S UP UP (DIVE 1) (REWRITE PUT-DEPOSIT-ARRAY-VALUE-REWRITE) Rewriting with PUT-DEPOSIT-ARRAY-VALUE-REWRITE. Creating 3 new subgoals, ((MAIN . 2) . 13), ((MAIN . 2) . 14), and ((MAIN . 2) . 15). TOP S The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoals of (MAIN . 2) remain to be proved: ((MAIN . 2) . 13), ((MAIN . 2) . 14), ((MAIN . 2) . 15), ((MAIN . 2) . 9), ((MAIN . 2) . 10), ((MAIN . 2) . 11), ((MAIN . 2) . 12), ((MAIN . 2) . 6), ((MAIN . 2) . 7), ((MAIN . 2) . 8), ((MAIN . 2) . 2), ((MAIN . 2) . 3), ((MAIN . 2) . 4), and ((MAIN . 2) . 5). Now proving ((MAIN . 2) . 13). (DIVE 2) (REWRITE MEMBER-ARRAY-LENGTHS-MATCH (($LST MG-VARS))) Rewriting with MEMBER-ARRAY-LENGTHS-MATCH. Creating 2 new subgoals, (((MAIN . 2) . 13) . 1) and (((MAIN . 2) . 13) . 2). TOP S The proof of the current goal, ((MAIN . 2) . 13), has been completed. However, the following subgoals of ((MAIN . 2) . 13) remain to be proved: (((MAIN . 2) . 13) . 1) and (((MAIN . 2) . 13) . 2). Now proving (((MAIN . 2) . 13) . 1). X The current goal, (((MAIN . 2) . 13) . 1), has been proved, and has no dependents. Now proving (((MAIN . 2) . 13) . 2). (PROVE (ENABLE ARRAY-IDENTIFIERP)) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations IDENTIFIERP, DEFINED-IDENTIFIERP, GET-M-TYPE, HAS-ARRAY-TYPE, ARRAY-IDENTIFIERP, NLISTP, NOT, AND, IMPLIES, M-TYPE, and SIMPLE-MG-TYPE-REFP, to: (IMPLIES (AND (EQUAL A (CAAR MG-VARS)) (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (OK-MG-NAMEP (CAAR MG-VARS)) (DEFINEDP (CAAR MG-VARS) MG-VARS) (EQUAL (CAADR (ASSOC (CAAR MG-VARS) MG-VARS)) 'ARRAY-MG)) (NOT (MEMBER (CADAR MG-VARS) '(INT-MG BOOLEAN-MG CHARACTER-MG)))). This simplifies, rewriting with the lemmas MEMBER-DEFINED-NAME and ASSOC-UNIQUE-MEMBER, and unfolding the definitions of MEMBER, CDR, CAR, and LISTP, to the following three new formulas: Case 3. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (OK-MG-NAMEP (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG)) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG))). But this again simplifies, expanding the functions ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 2. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (OK-MG-NAMEP (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG))), which again simplifies, unfolding the functions ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 1. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (OK-MG-NAMEP (CAAR MG-VARS)) (EQUAL (CAADAR MG-VARS) 'ARRAY-MG)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG))), which again simplifies, opening up the functions ARRAY-LENGTH, EQUAL, and LESSP, to: T. Q.E.D. The current goal, (((MAIN . 2) . 13) . 2), has been proved, and has no dependents. Now proving ((MAIN . 2) . 14). (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 2 new subgoals, (((MAIN . 2) . 14) . 1) and (((MAIN . 2) . 14) . 2). UP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK (($LST MG-VARS))) Rewriting with MG-VAR-OK-ARRAY-INDEX-OK. Creating 2 new subgoals, (((MAIN . 2) . 14) . 3) and (((MAIN . 2) . 14) . 4). The proof of the current goal, ((MAIN . 2) . 14), has been completed. However, the following subgoals of ((MAIN . 2) . 14) remain to be proved: (((MAIN . 2) . 14) . 3), (((MAIN . 2) . 14) . 4), (((MAIN . 2) . 14) . 1), and (((MAIN . 2) . 14) . 2). Now proving (((MAIN . 2) . 14) . 3). X The current goal, (((MAIN . 2) . 14) . 3), has been proved, and has no dependents. Now proving (((MAIN . 2) . 14) . 4). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations NLISTP, NOT, AND, IMPLIES, M-TYPE, and SIMPLE-MG-TYPE-REFP, to: (IMPLIES (AND (EQUAL A (CAAR MG-VARS)) (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (MEMBER (CADAR MG-VARS) '(INT-MG BOOLEAN-MG CHARACTER-MG)))). This simplifies, opening up CDR, CAR, LISTP, and MEMBER, to the following three new conjectures: Case 3. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG))). However this again simplifies, opening up the functions ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 2. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG))), which again simplifies, expanding the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 1. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG))), which again simplifies, expanding the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Q.E.D. The current goal, (((MAIN . 2) . 14) . 4), has been proved, and has no dependents. Now proving (((MAIN . 2) . 14) . 1). (REWRITE MG-VARS-LIST-OK-IN-P-STATE-CDR) Rewriting with MG-VARS-LIST-OK-IN-P-STATE-CDR. The current goal, (((MAIN . 2) . 14) . 1), has been proved, and has no dependents. Now proving (((MAIN . 2) . 14) . 2). (REWRITE MG-ALISTP-CDR) Rewriting with MG-ALISTP-CDR. The current goal, (((MAIN . 2) . 14) . 2), has been proved, and has no dependents. Now proving ((MAIN . 2) . 15). (REWRITE MG-VAR-OK-UNTAG-VALUE-NUMBERP (($LST MG-VARS))) **WARNING**: The following variables occur free in the lemma: MG-VAR-OK-UNTAG-VALUE-NUMBERP but were not explicitly substituted for: TEMP-STK. Rewriting with MG-VAR-OK-UNTAG-VALUE-NUMBERP. Creating 1 new subgoal, (((MAIN . 2) . 15) . 1). The proof of the current goal, ((MAIN . 2) . 15), has been completed. However, the following subgoal of ((MAIN . 2) . 15) remains to be proved: (((MAIN . 2) . 15) . 1). Now proving (((MAIN . 2) . 15) . 1). X The current goal, (((MAIN . 2) . 15) . 1), has been proved, and has no dependents. Now proving ((MAIN . 2) . 9). S The current goal, ((MAIN . 2) . 9), has been proved, and has no dependents. Now proving ((MAIN . 2) . 10). S The current goal, ((MAIN . 2) . 10), has been proved, and has no dependents. Now proving ((MAIN . 2) . 11). S The current goal, ((MAIN . 2) . 11), has been proved, and has no dependents. Now proving ((MAIN . 2) . 12). S The current goal, ((MAIN . 2) . 12), has been proved, and has no dependents. Now proving ((MAIN . 2) . 6). (DIVE 1) (REWRITE PUT-PRESERVES-LENGTH) Rewriting with PUT-PRESERVES-LENGTH. Creating 1 new subgoal, (((MAIN . 2) . 6) . 1). TOP S The proof of the current goal, ((MAIN . 2) . 6), has been completed. However, the following subgoal of ((MAIN . 2) . 6) remains to be proved: (((MAIN . 2) . 6) . 1). Now proving (((MAIN . 2) . 6) . 1). (DIVE 2) (REWRITE MEMBER-ARRAY-LENGTHS-MATCH (($LST MG-VARS))) Rewriting with MEMBER-ARRAY-LENGTHS-MATCH. Creating 2 new subgoals, ((((MAIN . 2) . 6) . 1) . 1) and: ((((MAIN . 2) . 6) . 1) . 2). TOP S The proof of the current goal, (((MAIN . 2) . 6) . 1), has been completed. However, the following subgoals of (((MAIN . 2) . 6) . 1) remain to be proved: ((((MAIN . 2) . 6) . 1) . 1) and ((((MAIN . 2) . 6) . 1) . 2). Now proving ((((MAIN . 2) . 6) . 1) . 1). X The current goal, ((((MAIN . 2) . 6) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 2) . 6) . 1) . 2). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations NLISTP, NOT, AND, IMPLIES, M-TYPE, and SIMPLE-MG-TYPE-REFP, to: (IMPLIES (AND (EQUAL A (CAAR MG-VARS)) (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (MEMBER (CADAR MG-VARS) '(INT-MG BOOLEAN-MG CHARACTER-MG)))). This simplifies, opening up CDR, CAR, LISTP, and MEMBER, to the following three new conjectures: Case 3. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG))). However this again simplifies, opening up the functions ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 2. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG))), which again simplifies, expanding the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 1. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG))), which again simplifies, expanding the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Q.E.D. The current goal, ((((MAIN . 2) . 6) . 1) . 2), has been proved, and has no dependents. Now proving ((MAIN . 2) . 7). (REWRITE MG-VAR-OK-UNTAG-VALUE-NUMBERP (($LST MG-VARS))) **WARNING**: The following variables occur free in the lemma: MG-VAR-OK-UNTAG-VALUE-NUMBERP but were not explicitly substituted for: TEMP-STK. Rewriting with MG-VAR-OK-UNTAG-VALUE-NUMBERP. Creating 1 new subgoal, (((MAIN . 2) . 7) . 1). The proof of the current goal, ((MAIN . 2) . 7), has been completed. However, the following subgoal of ((MAIN . 2) . 7) remains to be proved: (((MAIN . 2) . 7) . 1). Now proving (((MAIN . 2) . 7) . 1). X The current goal, (((MAIN . 2) . 7) . 1), has been proved, and has no dependents. Now proving ((MAIN . 2) . 8). (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 2 new subgoals, (((MAIN . 2) . 8) . 1) and (((MAIN . 2) . 8) . 2). UP (DIVE 1 2 1) (REWRITE PUT-PRESERVES-LENGTH) Rewriting with PUT-PRESERVES-LENGTH. Creating 1 new subgoal, (((MAIN . 2) . 8) . 3). TOP (REWRITE MG-VAR-OK-ARRAY-INDEX-OK (($LST MG-VARS))) Rewriting with MG-VAR-OK-ARRAY-INDEX-OK. Creating 2 new subgoals, (((MAIN . 2) . 8) . 4) and (((MAIN . 2) . 8) . 5). The proof of the current goal, ((MAIN . 2) . 8), has been completed. However, the following subgoals of ((MAIN . 2) . 8) remain to be proved: (((MAIN . 2) . 8) . 4), (((MAIN . 2) . 8) . 5), (((MAIN . 2) . 8) . 3), (((MAIN . 2) . 8) . 1), and (((MAIN . 2) . 8) . 2). Now proving (((MAIN . 2) . 8) . 4). X The current goal, (((MAIN . 2) . 8) . 4), has been proved, and has no dependents. Now proving (((MAIN . 2) . 8) . 5). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations NLISTP, NOT, AND, IMPLIES, M-TYPE, and SIMPLE-MG-TYPE-REFP, to: (IMPLIES (AND (EQUAL A (CAAR MG-VARS)) (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (MEMBER (CADAR MG-VARS) '(INT-MG BOOLEAN-MG CHARACTER-MG)))). This simplifies, opening up CDR, CAR, LISTP, and MEMBER, to the following three new conjectures: Case 3. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG))). However this again simplifies, opening up the functions ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 2. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG))), which again simplifies, expanding the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 1. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG))), which again simplifies, expanding the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Q.E.D. The current goal, (((MAIN . 2) . 8) . 5), has been proved, and has no dependents. Now proving (((MAIN . 2) . 8) . 3). (DIVE 2) (REWRITE MEMBER-ARRAY-LENGTHS-MATCH (($LST MG-VARS))) Rewriting with MEMBER-ARRAY-LENGTHS-MATCH. Creating 2 new subgoals, ((((MAIN . 2) . 8) . 3) . 1) and: ((((MAIN . 2) . 8) . 3) . 2). TOP S The proof of the current goal, (((MAIN . 2) . 8) . 3), has been completed. However, the following subgoals of (((MAIN . 2) . 8) . 3) remain to be proved: ((((MAIN . 2) . 8) . 3) . 1) and ((((MAIN . 2) . 8) . 3) . 2). Now proving ((((MAIN . 2) . 8) . 3) . 1). X The current goal, ((((MAIN . 2) . 8) . 3) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 2) . 8) . 3) . 2). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations NLISTP, NOT, AND, IMPLIES, M-TYPE, and SIMPLE-MG-TYPE-REFP, to: (IMPLIES (AND (EQUAL A (CAAR MG-VARS)) (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (MEMBER (CADAR MG-VARS) '(INT-MG BOOLEAN-MG CHARACTER-MG)))). This simplifies, opening up CDR, CAR, LISTP, and MEMBER, to the following three new conjectures: Case 3. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (EQUAL (CADAR MG-VARS) 'INT-MG))). However this again simplifies, opening up the functions ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 2. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (EQUAL (CADAR MG-VARS) 'BOOLEAN-MG))), which again simplifies, expanding the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Case 1. (IMPLIES (AND (LISTP MG-VARS) (ALL-CARS-UNIQUE MG-VARS) (MG-ALISTP MG-VARS) (MG-VARS-LIST-OK-IN-P-STATE MG-VARS BINDINGS TEMP-STK) (NO-P-ALIASING BINDINGS MG-VARS) (LESSP INDEX (ARRAY-LENGTH (CADAR MG-VARS))) (ARRAY-IDENTIFIERP (CAAR MG-VARS) MG-VARS)) (NOT (EQUAL (CADAR MG-VARS) 'CHARACTER-MG))), which again simplifies, expanding the definitions of ARRAY-LENGTH, EQUAL, and LESSP, to: T. Q.E.D. The current goal, ((((MAIN . 2) . 8) . 3) . 2), has been proved, and has no dependents. Now proving (((MAIN . 2) . 8) . 1). (REWRITE MG-VARS-LIST-OK-IN-P-STATE-CDR) Rewriting with MG-VARS-LIST-OK-IN-P-STATE-CDR. The current goal, (((MAIN . 2) . 8) . 1), has been proved, and has no dependents. Now proving (((MAIN . 2) . 8) . 2). (REWRITE MG-ALISTP-CDR) Rewriting with MG-ALISTP-CDR. The current goal, (((MAIN . 2) . 8) . 2), has been proved, and has no dependents. Now proving ((MAIN . 2) . 2). S The current goal, ((MAIN . 2) . 2), has been proved, and has no dependents. Now proving ((MAIN . 2) . 3). S The current goal, ((MAIN . 2) . 3), has been proved, and has no dependents. Now proving ((MAIN . 2) . 4). S The current goal, ((MAIN . 2) . 4), has been proved, and has no dependents. Now proving ((MAIN . 2) . 5). S The current goal, ((MAIN . 2) . 5), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 0.9 0.6 0.4 ] MG-ARRAY-ELEMENT-ASSIGNMENT-DEPOSIT-ARRAY-VALUE-REWRITE (DISABLE MG-ARRAY-ELEMENT-ASSIGNMENT-DEPOSIT-ARRAY-VALUE-REWRITE) [ 0.0 0.0 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-DEPOSIT-ARRAY-VALUE-REWRITE-OFF (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-25-NO-ERROR (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))))) (EQUAL (P-STEP (P-STATE (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 7))) CTRL-STK (PUSH (TAG 'NAT (SUB1 (UNTAG (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST)))) (RPUT (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (PLUS (UNTAG (VALUE (CAR (CALL-ACTUALS STMT)) (BINDINGS (TOP CTRL-STK)))) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (MAP-DOWN-VALUES (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK))) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN)) (P-STATE (TAG 'PC (CONS SUBR (IF (NORMAL (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LENGTH (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (FIND-LABEL (FETCH-LABEL (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LABEL-ALIST (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2))))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) S (= (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT 0) S (S LEMMAS) UP X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (= * T ((ENABLE MG-COND-TO-P-NAT CONDITION-INDEX SMALL-NATURALP))) UP S (S LEMMAS) (DIVE 1) (= * F ((ENABLE MG-COND-TO-P-NAT CONDITION-INDEX))) UP S UP S (= (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK))) (MG-STATE 'NORMAL (SET-ALIST-VALUE (CAR (CALL-ACTUALS STMT)) (PUT (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))) (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (CADDR (ASSOC (CAR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MG-ALIST MG-STATE)) (MG-PSW MG-STATE)) 0) S (S LEMMAS) SPLIT (DEMOTE 15) DROP (PROVE (ENABLE MG-COND-TO-P-NAT CONDITION-INDEX)) (DIVE 2) (REWRITE SET-ALIST-VALUE-DEPOSIT-ARRAY-VALUE-RELATION) TOP (S-PROP VALUE) (DIVE 2) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-DEPOSIT-ARRAY-VALUE-REWRITE) TOP (DIVE 1 2 2) (REWRITE INT-LITERALP-MAPPING) TOP S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (DIVE 2 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) UP (= * (CADDDR (CALL-ACTUALS STMT)) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) TOP (REWRITE IDIFFERENCE-LESSP) PROVE PROVE PROVE (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE PUT-PRESERVES-OK-MG-ARRAY-VALUE) (REWRITE ARRAYS-HAVE-OK-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE SIMPLE-TYPED-IDENTIFIER-HAS-SIMPLE-TYPED-LITERAL-VALUE) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (DIVE 2 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) UP UP (REWRITE SIGNATURES-MATCH-PRESERVES-SIMPLE-TYPED-IDENTIFIERP (($ALIST1 NAME-ALIST))) (REWRITE SIGNATURES-MATCH-SYMMETRIC) (REWRITE OK-MG-STATEP-ALIST-PLISTP) (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) (DIVE 2) (= * (CADDDR (CALL-ACTUALS STMT)) 0) UP (REWRITE IDIFFERENCE-LESSP) PROVE PROVE PROVE (DIVE 1) (REWRITE ARRAY-IDENTIFIER-LENGTHS-MATCH) (DIVE 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) TOP (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) PROVE (DIVE 1) (REWRITE PREDEFINED-PROC-CALL-MEANING-R-2) S X (= (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT 0) S TOP S-PROP SPLIT (CONTRADICT 19) (DROP 19) (DIVE 2) (= * (CADDDR (CALL-ACTUALS STMT)) 0) TOP (REWRITE IDIFFERENCE-LESSP) PROVE PROVE (DIVE 1 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) TOP (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) (CONTRADICT 18) (DROP 18) (CLAIM (INTEGERP (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))) 0) (DEMOTE 18) (DIVE 1) X (DIVE 1) (= F) TOP S (CONTRADICT 18) (REWRITE UNTAG-INT-LITERAL-INTEGERP) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS)))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-25-NO-ERROR contains the free variables CODE2, NAME-ALIST, R-COND-LIST, and N which will be chosen by instantiating the hypotheses (NOT (ZEROP N)), (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). WARNING: the previously added lemma, P-STEP-EXPANSION, could be applied whenever the newly proposed MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-25-NO-ERROR could! *** Entering proof-checker *** PROMOTE (DIVE 1) X (S LEMMAS) (DIVE 1 1 2) (REWRITE TRANSLATE-DEF-BODY-REWRITE) Rewriting with TRANSLATE-DEF-BODY-REWRITE. UP (S LEMMAS) (REWRITE GET-LENGTH-PLUS) Rewriting with GET-LENGTH-PLUS. S (= (CALL-NAME STMT) (QUOTE MG-ARRAY-ELEMENT-ASSIGNMENT) 0) S (S LEMMAS) UP X UP X (S LEMMAS) (DIVE 1) X (S LEMMAS) (= * T ((ENABLE MG-COND-TO-P-NAT CONDITION-INDEX SMALL-NATURALP))) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, UNTAG-CONS, MG-COND-TO-P-NAT, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (SMALL-NATURALP (SUB1 (CONDITION-INDEX (CC MG-STATE) T-COND-LIST)) 32) T)), which simplifies, rewriting with the lemmas MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, and INT-LITERALP-MAPPING, and expanding the functions OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, CONDITION-INDEX, SUB1, and SMALL-NATURALP, to: T. Q.E.D. UP S (S LEMMAS) (DIVE 1) (= * F ((ENABLE MG-COND-TO-P-NAT CONDITION-INDEX))) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, UNTAG-CONS, MG-COND-TO-P-NAT, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (EQUAL (SUB1 (CONDITION-INDEX (CC MG-STATE) T-COND-LIST)) 0) F)), which simplifies, rewriting with the lemmas MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, and INT-LITERALP-MAPPING, and expanding the functions OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, CONDITION-INDEX, and SUB1, to: T. Q.E.D. UP S UP S : (= (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK))) (MG-STATE 'NORMAL (SET-ALIST-VALUE (CAR (CALL-ACTUALS STMT)) (PUT (CADDR (ASSOC (CADDR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))) (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (CADDR (ASSOC (CAR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) (MG-ALIST MG-STATE)) (MG-PSW MG-STATE)) 0) Creating 1 new subgoal, (MAIN . 1). S (S LEMMAS) SPLIT Creating 3 new subgoals, (MAIN . 2), (MAIN . 3), and (MAIN . 4). The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 2), (MAIN . 3), (MAIN . 4), and (MAIN . 1). Now proving (MAIN . 2). (DEMOTE 15) DROP (PROVE (ENABLE MG-COND-TO-P-NAT CONDITION-INDEX)) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations IMPLIES, APPEND-CONS-REWRITE2, MG-COND-TO-P-NAT, and NORMAL, to the new conjecture: (IMPLIES (EQUAL (CC MG-STATE) 'NORMAL) (EQUAL (LIST (CONDITION-INDEX (CC MG-STATE) T-COND-LIST)) '(2))), which simplifies, unfolding the functions EQUAL, CONDITION-INDEX, and CONS, to: T. Q.E.D. The current goal, (MAIN . 2), has been proved, and has no dependents. Now proving (MAIN . 3). (DIVE 2) (REWRITE SET-ALIST-VALUE-DEPOSIT-ARRAY-VALUE-RELATION) Rewriting with SET-ALIST-VALUE-DEPOSIT-ARRAY-VALUE-RELATION. Creating 3 new subgoals, ((MAIN . 3) . 1), ((MAIN . 3) . 2), and ((MAIN . 3) . 3). TOP (S-PROP VALUE) (DIVE 2) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-DEPOSIT-ARRAY-VALUE-REWRITE) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-DEPOSIT-ARRAY-VALUE-REWRITE. Creating 3 new subgoals, ((MAIN . 3) . 4), ((MAIN . 3) . 5), and ((MAIN . 3) . 6). TOP (DIVE 1 2 2) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((MAIN . 3) . 7). TOP S The proof of the current goal, (MAIN . 3), has been completed. However, the following subgoals of (MAIN . 3) remain to be proved: ((MAIN . 3) . 7), ((MAIN . 3) . 4), ((MAIN . 3) . 5), ((MAIN . 3) . 6), ((MAIN . 3) . 1), ((MAIN . 3) . 2), and ((MAIN . 3) . 3). Now proving ((MAIN . 3) . 7). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((MAIN . 3) . 7) . 1) and (((MAIN . 3) . 7) . 2). The proof of the current goal, ((MAIN . 3) . 7), has been completed. However, the following subgoals of ((MAIN . 3) . 7) remain to be proved: (((MAIN . 3) . 7) . 1) and (((MAIN . 3) . 7) . 2). Now proving (((MAIN . 3) . 7) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((MAIN . 3) . 7) . 1), has been proved, and has no dependents. Now proving (((MAIN . 3) . 7) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((MAIN . 3) . 7) . 2), has been proved, and has no dependents. Now proving ((MAIN . 3) . 4). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 3) . 4), has been proved, and has no dependents. Now proving ((MAIN . 3) . 5). (DIVE 2 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. UP : (= * (CADDDR (CALL-ACTUALS STMT)) ((ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS))) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the new goal: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) (LENGTH (PREDEFINED-PROC-CALL-SEQUENCE STMT (LABEL-ALIST CINFO)))))))) (EQUAL (ARRAY-LENGTH (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) NAME-ALIST))) (CADDDR (CALL-ACTUALS STMT)))), which simplifies, expanding OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. TOP (REWRITE IDIFFERENCE-LESSP) Rewriting with IDIFFERENCE-LESSP. Creating 3 new subgoals, (((MAIN . 3) . 5) . 1), (((MAIN . 3) . 5) . 2), and (((MAIN . 3) . 5) . 3). The proof of the current goal, ((MAIN . 3) . 5), has been completed. However, the following subgoals of ((MAIN . 3) . 5) remain to be proved: (((MAIN . 3) . 5) . 1), (((MAIN . 3) . 5) . 2), and (((MAIN . 3) . 5) . 3). Now proving (((MAIN . 3) . 5) . 1). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) (LENGTH (PREDEFINED-PROC-CALL-SEQUENCE STMT (LABEL-ALIST CINFO)))))))) (NOT (NEGATIVEP (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))). This simplifies, applying the lemmas MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, and INT-LITERALP-MAPPING, and expanding the definitions of OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, and MEMBER, to: T. Q.E.D. The current goal, (((MAIN . 3) . 5) . 1), has been proved, and has no dependents. Now proving (((MAIN . 3) . 5) . 2). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the new conjecture: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) (LENGTH (PREDEFINED-PROC-CALL-SEQUENCE STMT (LABEL-ALIST CINFO)))))))) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))), which simplifies, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, and CDR-CONS, and expanding OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, LENGTH, and ADD1, to: T. Q.E.D. The current goal, (((MAIN . 3) . 5) . 2), has been proved, and has no dependents. Now proving (((MAIN . 3) . 5) . 3). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the conjecture: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) (LENGTH (PREDEFINED-PROC-CALL-SEQUENCE STMT (LABEL-ALIST CINFO)))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))) 0))). This simplifies, appealing to the lemmas MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, and CDR-CONS, and opening up the definitions of OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, LENGTH, and ADD1, to: T. Q.E.D. The current goal, (((MAIN . 3) . 5) . 3), has been proved, and has no dependents. Now proving ((MAIN . 3) . 6). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 3) . 6), has been proved, and has no dependents. Now proving ((MAIN . 3) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 3) . 1), has been proved, and has no dependents. Now proving ((MAIN . 3) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((MAIN . 3) . 2), has been proved, and has no dependents. Now proving ((MAIN . 3) . 3). (REWRITE PUT-PRESERVES-OK-MG-ARRAY-VALUE) Rewriting with PUT-PRESERVES-OK-MG-ARRAY-VALUE. Creating 3 new subgoals, (((MAIN . 3) . 3) . 1), (((MAIN . 3) . 3) . 2), and (((MAIN . 3) . 3) . 3). The proof of the current goal, ((MAIN . 3) . 3), has been completed. However, the following subgoals of ((MAIN . 3) . 3) remain to be proved: (((MAIN . 3) . 3) . 1), (((MAIN . 3) . 3) . 2), and (((MAIN . 3) . 3) . 3). Now proving (((MAIN . 3) . 3) . 1). (REWRITE ARRAYS-HAVE-OK-VALUES) Rewriting with ARRAYS-HAVE-OK-VALUES. Creating 2 new subgoals, ((((MAIN . 3) . 3) . 1) . 1) and: ((((MAIN . 3) . 3) . 1) . 2). The proof of the current goal, (((MAIN . 3) . 3) . 1), has been completed. However, the following subgoals of (((MAIN . 3) . 3) . 1) remain to be proved: ((((MAIN . 3) . 3) . 1) . 1) and ((((MAIN . 3) . 3) . 1) . 2). Now proving ((((MAIN . 3) . 3) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 3) . 3) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 3) . 3) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 3) . 3) . 1) . 2), has been proved, and has no dependents. Now proving (((MAIN . 3) . 3) . 2). (REWRITE SIMPLE-TYPED-IDENTIFIER-HAS-SIMPLE-TYPED-LITERAL-VALUE) Rewriting with SIMPLE-TYPED-IDENTIFIER-HAS-SIMPLE-TYPED-LITERAL-VALUE. Creating 2 new subgoals, ((((MAIN . 3) . 3) . 2) . 1) and: ((((MAIN . 3) . 3) . 2) . 2). The proof of the current goal, (((MAIN . 3) . 3) . 2), has been completed. However, the following subgoals of (((MAIN . 3) . 3) . 2) remain to be proved: ((((MAIN . 3) . 3) . 2) . 1) and ((((MAIN . 3) . 3) . 2) . 2). Now proving ((((MAIN . 3) . 3) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 3) . 3) . 2) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 3) . 3) . 2) . 2). (DIVE 2 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. UP UP : (REWRITE SIGNATURES-MATCH-PRESERVES-SIMPLE-TYPED-IDENTIFIERP (($ALIST1 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-SIMPLE-TYPED-IDENTIFIERP. Creating 2 new subgoals, (((((MAIN . 3) . 3) . 2) . 2) . 1) and: (((((MAIN . 3) . 3) . 2) . 2) . 2). The proof of the current goal, ((((MAIN . 3) . 3) . 2) . 2), has been completed. However, the following subgoals of ((((MAIN . 3) . 3) . 2) . 2) remain to be proved: (((((MAIN . 3) . 3) . 2) . 2) . 1) and: (((((MAIN . 3) . 3) . 2) . 2) . 2). Now proving (((((MAIN . 3) . 3) . 2) . 2) . 1). (REWRITE SIGNATURES-MATCH-SYMMETRIC) Rewriting with SIGNATURES-MATCH-SYMMETRIC. Creating 1 new subgoal, ((((((MAIN . 3) . 3) . 2) . 2) . 1) . 1). The proof of the current goal, (((((MAIN . 3) . 3) . 2) . 2) . 1), has been completed. However, the following subgoal of: (((((MAIN . 3) . 3) . 2) . 2) . 1) remains to be proved: ((((((MAIN . 3) . 3) . 2) . 2) . 1) . 1). Now proving ((((((MAIN . 3) . 3) . 2) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-ALIST-PLISTP) Rewriting with OK-MG-STATEP-ALIST-PLISTP. The current goal, ((((((MAIN . 3) . 3) . 2) . 2) . 1) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 3) . 3) . 2) . 2) . 2). : (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) (LENGTH (PREDEFINED-PROC-CALL-SEQUENCE STMT (LABEL-ALIST CINFO)))))))) (SIMPLE-TYPED-IDENTIFIERP (CADDR (CALL-ACTUALS STMT)) (ARRAY-ELEMTYPE (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) NAME-ALIST))) NAME-ALIST)). This simplifies, opening up the definitions of OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS, MAXINT, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. The current goal, (((((MAIN . 3) . 3) . 2) . 2) . 2), has been proved, and has no dependents. Now proving (((MAIN . 3) . 3) . 3). (DIVE 2) (= * (CADDDR (CALL-ACTUALS STMT)) 0) Creating 1 new subgoal, ((((MAIN . 3) . 3) . 3) . 1). UP (REWRITE IDIFFERENCE-LESSP) Rewriting with IDIFFERENCE-LESSP. Creating 3 new subgoals, ((((MAIN . 3) . 3) . 3) . 2), ((((MAIN . 3) . 3) . 3) . 3) and ((((MAIN . 3) . 3) . 3) . 4). The proof of the current goal, (((MAIN . 3) . 3) . 3), has been completed. However, the following subgoals of (((MAIN . 3) . 3) . 3) remain to be proved: ((((MAIN . 3) . 3) . 3) . 2) ((((MAIN . 3) . 3) . 3) . 3), ((((MAIN . 3) . 3) . 3) . 4), and: ((((MAIN . 3) . 3) . 3) . 1). Now proving ((((MAIN . 3) . 3) . 3) . 2). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) (LENGTH (PREDEFINED-PROC-CALL-SEQUENCE STMT (LABEL-ALIST CINFO)))))))) (NOT (NEGATIVEP (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))). This simplifies, applying the lemmas MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, and INT-LITERALP-MAPPING, and expanding the definitions of OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, and MEMBER, to: T. Q.E.D. The current goal, ((((MAIN . 3) . 3) . 3) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 3) . 3) . 3) . 3). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the new conjecture: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) (LENGTH (PREDEFINED-PROC-CALL-SEQUENCE STMT (LABEL-ALIST CINFO)))))))) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))), which simplifies, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, and CDR-CONS, and expanding OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, LENGTH, and ADD1, to: T. Q.E.D. The current goal, ((((MAIN . 3) . 3) . 3) . 3), has been proved, and has no dependents. Now proving ((((MAIN . 3) . 3) . 3) . 4). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the conjecture: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) (LENGTH (PREDEFINED-PROC-CALL-SEQUENCE STMT (LABEL-ALIST CINFO)))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))) 0))). This simplifies, appealing to the lemmas MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, and CDR-CONS, and opening up the definitions of OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, LENGTH, and ADD1, to: T. Q.E.D. The current goal, ((((MAIN . 3) . 3) . 3) . 4), has been proved, and has no dependents. Now proving ((((MAIN . 3) . 3) . 3) . 1). (DIVE 1) (REWRITE ARRAY-IDENTIFIER-LENGTHS-MATCH) Rewriting with ARRAY-IDENTIFIER-LENGTHS-MATCH. Creating 2 new subgoals, (((((MAIN . 3) . 3) . 3) . 1) . 1) and: (((((MAIN . 3) . 3) . 3) . 1) . 2). (DIVE 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. TOP : (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the new goal: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) (LENGTH (PREDEFINED-PROC-CALL-SEQUENCE STMT (LABEL-ALIST CINFO)))))))) (EQUAL (ARRAY-LENGTH (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) NAME-ALIST))) (CADDDR (CALL-ACTUALS STMT)))), which simplifies, expanding OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. The proof of the current goal, ((((MAIN . 3) . 3) . 3) . 1), has been completed. However, the following subgoals of ((((MAIN . 3) . 3) . 3) . 1) remain to be proved: (((((MAIN . 3) . 3) . 3) . 1) . 1) and: (((((MAIN . 3) . 3) . 3) . 1) . 2). Now proving (((((MAIN . 3) . 3) . 3) . 1) . 1). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 3) . 3) . 3) . 1) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 3) . 3) . 3) . 1) . 2). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 3) . 3) . 3) . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 4). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) 8))) (TAG 'PC (CONS SUBR (PLUS (LENGTH (CODE CINFO)) (LENGTH (PREDEFINED-PROC-CALL-SEQUENCE STMT (LABEL-ALIST CINFO)))))))). This simplifies, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, and CDR-CONS, and unfolding the functions OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, LENGTH, and ADD1, to: T. Q.E.D. The current goal, (MAIN . 4), has been proved, and has no dependents. Now proving (MAIN . 1). (DIVE 1) (REWRITE PREDEFINED-PROC-CALL-MEANING-R-2) Rewriting with PREDEFINED-PROC-CALL-MEANING-R-2. S X (= (CALL-NAME STMT) (QUOTE MG-ARRAY-ELEMENT-ASSIGNMENT) 0) S TOP S-PROP SPLIT Creating 2 new subgoals, ((MAIN . 1) . 1) and ((MAIN . 1) . 2). The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 1) and ((MAIN . 1) . 2). Now proving ((MAIN . 1) . 1). (CONTRADICT 19) (DROP 19) Dropping hypothesis 19. (DIVE 2) (= * (CADDDR (CALL-ACTUALS STMT)) 0) Creating 1 new subgoal, (((MAIN . 1) . 1) . 1). TOP (REWRITE IDIFFERENCE-LESSP) Rewriting with IDIFFERENCE-LESSP. Creating 2 new subgoals, (((MAIN . 1) . 1) . 2) and (((MAIN . 1) . 1) . 3). The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoals of ((MAIN . 1) . 1) remain to be proved: (((MAIN . 1) . 1) . 2), (((MAIN . 1) . 1) . 3), and (((MAIN . 1) . 1) . 1). Now proving (((MAIN . 1) . 1) . 2). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the conjecture: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NUMBERP (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))). This simplifies, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, and INT-LITERALP-MAPPING, and unfolding OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, and MEMBER, to: T. Q.E.D. The current goal, (((MAIN . 1) . 1) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 3). PROVE ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NUMBERP (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))) 0))), which simplifies, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, IDIFFERENCE-LESSP, and IDIFFERENCE-LESSP2, and unfolding the functions OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, and MEMBER, to: T. Q.E.D. The current goal, (((MAIN . 1) . 1) . 3), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 1). (DIVE 1 1) (REWRITE SIGNATURES-MATCH-PRESERVES-GET-M-TYPE (($ALIST2 NAME-ALIST))) Rewriting with SIGNATURES-MATCH-PRESERVES-GET-M-TYPE. TOP : (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL OK-PREDEFINED-PROC-ARGS)) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NUMBERP (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (EQUAL (ARRAY-LENGTH (CADR (ASSOC (CAR (CALL-ACTUALS STMT)) NAME-ALIST))) (CADDDR (CALL-ACTUALS STMT)))). This simplifies, unfolding the functions OK-PREDEFINED-PROC-CALL, PREDEFINED-PROCP, OK-MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS, OK-PREDEFINED-PROC-ARGS, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. The current goal, (((MAIN . 1) . 1) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (CONTRADICT 18) (DROP 18) Dropping hypothesis 18. : (CLAIM (INTEGERP (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))) 0) Creating one new subgoal, (((MAIN . 1) . 2) . 1). (DEMOTE 18) (DIVE 1) X (DIVE 1) (= F) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to the formula: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (EQUAL (NEGATIVEP (UNTAG (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))) F)). This simplifies, applying MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, and INT-LITERALP-MAPPING, and unfolding the functions OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, and MEMBER, to: T. Q.E.D. TOP S The proof of the current goal, ((MAIN . 1) . 2), has been completed. However, the following subgoal of ((MAIN . 1) . 2) remains to be proved: (((MAIN . 1) . 2) . 1). Now proving (((MAIN . 1) . 2) . 1). (CONTRADICT 18) (REWRITE UNTAG-INT-LITERAL-INTEGERP) Rewriting with UNTAG-INT-LITERAL-INTEGERP. Creating 1 new subgoal, ((((MAIN . 1) . 2) . 1) . 1). The proof of the current goal, (((MAIN . 1) . 2) . 1), has been completed. However, the following subgoal of (((MAIN . 1) . 2) . 1) remains to be proved: ((((MAIN . 1) . 2) . 1) . 1). Now proving ((((MAIN . 1) . 2) . 1) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 2) . 1) . 1) . 1) and: (((((MAIN . 1) . 2) . 1) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 2) . 1) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 2) . 1) . 1) remain to be proved: (((((MAIN . 1) . 2) . 1) . 1) . 1) and: (((((MAIN . 1) . 2) . 1) . 1) . 2). Now proving (((((MAIN . 1) . 2) . 1) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 2) . 1) . 1) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 2) . 1) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 2) . 1) . 1) . 2), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 1.6 2.0 0.3 ] MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-25-NO-ERROR (PROVE-LEMMA MG-ARRAY-ELEMENT-ASSIGNMENT-EXACT-TIME-LEMMA (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (NORMAL MG-STATE)) (EQUAL (P (MAP-DOWN MG-STATE PROC-LIST CTRL-STK TEMP-STK (TAG 'PC (CONS SUBR (LENGTH (CODE CINFO)))) T-COND-LIST) (CLOCK STMT PROC-LIST MG-STATE N)) (P-STATE (TAG 'PC (CONS SUBR (IF (NORMAL (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LENGTH (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (FIND-LABEL (FETCH-LABEL (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LABEL-ALIST (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2))))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1 2) X (= (CAR STMT) 'PREDEFINED-PROC-CALL-MG 0) S X (= (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT 0) S (CLAIM (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0) (= * 15 0) UP (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-0-UNWINDING-LEMMA) (DIVE 1 1 1 1 1 1 1 1 1 1 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-1-4) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-5) UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-6-8) UP UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-12-NEG-INDEX) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-LAST-STEP-ERROR-CASE) UP S-PROP S-PROP (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP S (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) X (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP S (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (DEMOTE 16) (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) TOP (S-PROP UNTAG) S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (CLAIM (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) 0) (= * 19 0) UP (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-0-UNWINDING-LEMMA) (DIVE 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-1-4) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-5) UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-6-8) UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-11-NO-ERROR) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-12-NO-ERROR) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-INDEX-ERROR) UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-14-16-INDEX-ERROR) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-LAST-STEP-ERROR-CASE) UP S-PROP S-PROP (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP S (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) X (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP S (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (DEMOTE 16 17) (DIVE 1 1 1 1) (REWRITE INT-LITERALP-MAPPING) TOP (DIVE 1 2 1 2) (REWRITE INT-LITERALP-MAPPING) TOP (S-PROP UNTAG) S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (= * 25 0) UP (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-ADD1-3) (REWRITE P-0-UNWINDING-LEMMA) (DIVE 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-1-4) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-5) UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-6-8) UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-11-NO-ERROR) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-12-NO-ERROR) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-NO-ERROR) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-14-NO-ERROR) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-15-NO-ERROR) UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-16-17-NO-ERROR) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-18-NO-ERROR) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-19-NO-ERROR) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-20-NO-ERROR) UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-21-22-NO-ERROR) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC) UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-25-NO-ERROR) UP S-PROP (DIVE 1 3 1) (REWRITE RPUT-PRESERVES-LENGTH) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP S (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH) (DEMOTE 16) (DIVE 1 1 1) (REWRITE INT-LITERALP-MAPPING) TOP S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) PROVE (DIVE 1 3 1) (REWRITE RPUT-PRESERVES-LENGTH) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP S (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) TOP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH) (DEMOTE 16) (DIVE 1 1 1) (REWRITE INT-LITERALP-MAPPING) TOP S (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (DEMOTE 16 17) (DIVE 1 1 1 1) (REWRITE INT-LITERALP-MAPPING) TOP (DIVE 1 2 1 1 2) (REWRITE INT-LITERALP-MAPPING) TOP (PROVE (ENABLE UNTAG)) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS)))) WARNING: Note that MG-ARRAY-ELEMENT-ASSIGNMENT-EXACT-TIME-LEMMA contains the free variables CODE2, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypotheses: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and: (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)). *** Entering proof-checker *** PROMOTE (DIVE 1 2) X (= (CAR STMT) (QUOTE PREDEFINED-PROC-CALL-MG) 0) S X (= (CALL-NAME STMT) (QUOTE MG-ARRAY-ELEMENT-ASSIGNMENT) 0) S : (CLAIM (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0) Creating one new subgoal, (MAIN . 1). (= * 15 0) Creating 1 new subgoal, (MAIN . 2). UP (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-0-UNWINDING-LEMMA) Rewriting with P-0-UNWINDING-LEMMA. (DIVE 1 1 1 1 1 1 1 1 1 1 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-1-4) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-1-4. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-5) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-5. UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-6-8) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-6-8. UP UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-12-NEG-INDEX) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-12-NEG-INDEX. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC) **WARNING**: The following variables occur free in the lemma: MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC but were not explicitly substituted for: CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC. Creating 1 new subgoal, (MAIN . 3). UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC) **WARNING**: The following variables occur free in the lemma: MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC but were not explicitly substituted for: CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC. Creating 2 new subgoals, (MAIN . 4) and (MAIN . 5). UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-LAST-STEP-ERROR-CASE) **WARNING**: The following variables occur free in the lemma: MG-ARRAY-ELEMENT-ASSIGNMENT-LAST-STEP-ERROR-CASE but were not explicitly substituted for: CODE2, T-COND-LIST, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-LAST-STEP-ERROR-CASE. Creating 1 new subgoal, (MAIN . 6). UP S-PROP The proof of the current goal, MAIN, has been completed. However, the following subgoals of MAIN remain to be proved: (MAIN . 6), (MAIN . 4), (MAIN . 5), (MAIN . 3), (MAIN . 2), and (MAIN . 1). Now proving (MAIN . 6). S-PROP The current goal, (MAIN . 6), has been proved, and has no dependents. Now proving (MAIN . 4). (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, ((MAIN . 4) . 1). TOP S The proof of the current goal, (MAIN . 4), has been completed. However, the following subgoal of (MAIN . 4) remains to be proved: ((MAIN . 4) . 1). Now proving ((MAIN . 4) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 4) . 1), has been proved, and has no dependents. Now proving (MAIN . 5). X The current goal, (MAIN . 5), has been proved, and has no dependents. Now proving (MAIN . 3). (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, ((MAIN . 3) . 1). TOP S The proof of the current goal, (MAIN . 3), has been completed. However, the following subgoal of (MAIN . 3) remains to be proved: ((MAIN . 3) . 1). Now proving ((MAIN . 3) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((MAIN . 3) . 1), has been proved, and has no dependents. Now proving (MAIN . 2). (DEMOTE 16) (DIVE 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((MAIN . 2) . 1). TOP (S-PROP UNTAG) S The proof of the current goal, (MAIN . 2), has been completed. However, the following subgoal of (MAIN . 2) remains to be proved: ((MAIN . 2) . 1). Now proving ((MAIN . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((MAIN . 2) . 1) . 1) and (((MAIN . 2) . 1) . 2). The proof of the current goal, ((MAIN . 2) . 1), has been completed. However, the following subgoals of ((MAIN . 2) . 1) remain to be proved: (((MAIN . 2) . 1) . 1) and (((MAIN . 2) . 1) . 2). Now proving (((MAIN . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((MAIN . 2) . 1) . 1), has been proved, and has no dependents. Now proving (((MAIN . 2) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((MAIN . 2) . 1) . 2), has been proved, and has no dependents. Now proving (MAIN . 1). : (CLAIM (ZEROP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) 0) Creating one new subgoal, ((MAIN . 1) . 1). (= * 19 0) Creating 1 new subgoal, ((MAIN . 1) . 2). UP (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-0-UNWINDING-LEMMA) Rewriting with P-0-UNWINDING-LEMMA. (DIVE 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-1-4) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-1-4. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-5) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-5. UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-6-8) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-6-8. UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-11-NO-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-11-NO-ERROR. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-12-NO-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-12-NO-ERROR. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-INDEX-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-INDEX-ERROR. UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-14-16-INDEX-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-14-16-INDEX-ERROR. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC) **WARNING**: The following variables occur free in the lemma: MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC but were not explicitly substituted for: CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC. Creating 1 new subgoal, ((MAIN . 1) . 3). UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC) **WARNING**: The following variables occur free in the lemma: MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC but were not explicitly substituted for: CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC. Creating 2 new subgoals, ((MAIN . 1) . 4) and ((MAIN . 1) . 5). UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-LAST-STEP-ERROR-CASE) **WARNING**: The following variables occur free in the lemma: MG-ARRAY-ELEMENT-ASSIGNMENT-LAST-STEP-ERROR-CASE but were not explicitly substituted for: CODE2, T-COND-LIST, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-LAST-STEP-ERROR-CASE. Creating 1 new subgoal, ((MAIN . 1) . 6). UP S-PROP The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoals of (MAIN . 1) remain to be proved: ((MAIN . 1) . 6), ((MAIN . 1) . 4), ((MAIN . 1) . 5), ((MAIN . 1) . 3), ((MAIN . 1) . 2), and ((MAIN . 1) . 1). Now proving ((MAIN . 1) . 6). S-PROP The current goal, ((MAIN . 1) . 6), has been proved, and has no dependents. Now proving ((MAIN . 1) . 4). (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (((MAIN . 1) . 4) . 1). TOP S The proof of the current goal, ((MAIN . 1) . 4), has been completed. However, the following subgoal of ((MAIN . 1) . 4) remains to be proved: (((MAIN . 1) . 4) . 1). Now proving (((MAIN . 1) . 4) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((MAIN . 1) . 4) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 5). X The current goal, ((MAIN . 1) . 5), has been proved, and has no dependents. Now proving ((MAIN . 1) . 3). (DIVE 1 3 1) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (((MAIN . 1) . 3) . 1). TOP S The proof of the current goal, ((MAIN . 1) . 3), has been completed. However, the following subgoal of ((MAIN . 1) . 3) remains to be proved: (((MAIN . 1) . 3) . 1). Now proving (((MAIN . 1) . 3) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((MAIN . 1) . 3) . 1), has been proved, and has no dependents. Now proving ((MAIN . 1) . 2). (DEMOTE 16 17) (DIVE 1 1 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (((MAIN . 1) . 2) . 1). TOP (DIVE 1 2 1 2) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, (((MAIN . 1) . 2) . 2). TOP (S-PROP UNTAG) S The proof of the current goal, ((MAIN . 1) . 2), has been completed. However, the following subgoals of ((MAIN . 1) . 2) remain to be proved: (((MAIN . 1) . 2) . 2) and (((MAIN . 1) . 2) . 1). Now proving (((MAIN . 1) . 2) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 1) . 2) . 2) . 1) and: ((((MAIN . 1) . 2) . 2) . 2). The proof of the current goal, (((MAIN . 1) . 2) . 2), has been completed. However, the following subgoals of (((MAIN . 1) . 2) . 2) remain to be proved: ((((MAIN . 1) . 2) . 2) . 1) and ((((MAIN . 1) . 2) . 2) . 2). Now proving ((((MAIN . 1) . 2) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 2) . 2) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 2) . 2) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 1) . 2) . 2) . 2), has been proved, and has no dependents. Now proving (((MAIN . 1) . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, ((((MAIN . 1) . 2) . 1) . 1) and: ((((MAIN . 1) . 2) . 1) . 2). The proof of the current goal, (((MAIN . 1) . 2) . 1), has been completed. However, the following subgoals of (((MAIN . 1) . 2) . 1) remain to be proved: ((((MAIN . 1) . 2) . 1) . 1) and ((((MAIN . 1) . 2) . 1) . 2). Now proving ((((MAIN . 1) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 2) . 1) . 1), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 2) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, ((((MAIN . 1) . 2) . 1) . 2), has been proved, and has no dependents. Now proving ((MAIN . 1) . 1). (= * 25 0) Creating 1 new subgoal, (((MAIN . 1) . 1) . 1). UP (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-ADD1-3) Rewriting with P-ADD1-3. (REWRITE P-0-UNWINDING-LEMMA) Rewriting with P-0-UNWINDING-LEMMA. (DIVE 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-1-4) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-1-4. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-5) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-5. UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-6-8) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-6-8. UP UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-11-NO-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-9-11-NO-ERROR. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-12-NO-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-12-NO-ERROR. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-NO-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-13-NO-ERROR. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-14-NO-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-14-NO-ERROR. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-15-NO-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-15-NO-ERROR. UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-16-17-NO-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-16-17-NO-ERROR. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-18-NO-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-18-NO-ERROR. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-19-NO-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-19-NO-ERROR. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-20-NO-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-20-NO-ERROR. UP UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-21-22-NO-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEPS-21-22-NO-ERROR. UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC) **WARNING**: The following variables occur free in the lemma: MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC but were not explicitly substituted for: CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-PUSH-CC. Creating 1 new subgoal, (((MAIN . 1) . 1) . 2). UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC) **WARNING**: The following variables occur free in the lemma: MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC but were not explicitly substituted for: CODE2, T-COND-LIST, MG-STATE, NAME-ALIST, R-COND-LIST, STMT, and N. Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-SUB1-CC. Creating 2 new subgoals, (((MAIN . 1) . 1) . 3) and (((MAIN . 1) . 1) . 4). UP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-25-NO-ERROR) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-STEP-25-NO-ERROR. UP S-PROP The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoals of ((MAIN . 1) . 1) remain to be proved: (((MAIN . 1) . 1) . 3), (((MAIN . 1) . 1) . 4), (((MAIN . 1) . 1) . 2), and (((MAIN . 1) . 1) . 1). Now proving (((MAIN . 1) . 1) . 3). (DIVE 1 3 1) (REWRITE RPUT-PRESERVES-LENGTH) Rewriting with RPUT-PRESERVES-LENGTH. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 3) . 1). (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 3) . 2). TOP S The proof of the current goal, (((MAIN . 1) . 1) . 3), has been completed. However, the following subgoals of (((MAIN . 1) . 1) . 3) remain to be proved: ((((MAIN . 1) . 1) . 3) . 2) and ((((MAIN . 1) . 1) . 3) . 1). Now proving ((((MAIN . 1) . 1) . 3) . 2). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 1) . 3) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 1) . 3) . 1). (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (((((MAIN . 1) . 1) . 3) . 1) . 1). TOP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH) **WARNING**: The following variables occur free in the lemma: MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH but were not explicitly substituted for: PROC-LIST, NAME-ALIST, and R-COND-LIST. Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH. Creating 1 new subgoal, (((((MAIN . 1) . 1) . 3) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 3) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 3) . 1) remain to be proved: (((((MAIN . 1) . 1) . 3) . 1) . 2) and: (((((MAIN . 1) . 1) . 3) . 1) . 1). Now proving (((((MAIN . 1) . 1) . 3) . 1) . 2). (DEMOTE 16) (DIVE 1 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((((MAIN . 1) . 1) . 3) . 1) . 2) . 1). TOP S The proof of the current goal, (((((MAIN . 1) . 1) . 3) . 1) . 2), has been completed. However, the following subgoal of: (((((MAIN . 1) . 1) . 3) . 1) . 2) remains to be proved: ((((((MAIN . 1) . 1) . 3) . 1) . 2) . 1). Now proving ((((((MAIN . 1) . 1) . 3) . 1) . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((((MAIN . 1) . 1) . 3) . 1) . 2) . 1) . 1) and: (((((((MAIN . 1) . 1) . 3) . 1) . 2) . 1) . 2). The proof of the current goal, ((((((MAIN . 1) . 1) . 3) . 1) . 2) . 1), has been completed. However, the following subgoals of: ((((((MAIN . 1) . 1) . 3) . 1) . 2) . 1) remain to be proved: (((((((MAIN . 1) . 1) . 3) . 1) . 2) . 1) . 1) and: (((((((MAIN . 1) . 1) . 3) . 1) . 2) . 1) . 2). Now proving (((((((MAIN . 1) . 1) . 3) . 1) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((((MAIN . 1) . 1) . 3) . 1) . 2) . 1) . 1), has been proved, and has no dependents. Now proving (((((((MAIN . 1) . 1) . 3) . 1) . 2) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((((MAIN . 1) . 1) . 3) . 1) . 2) . 1) . 2), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 3) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 3) . 1) . 1), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 4). PROVE ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (UNTAG (MG-TO-P-SIMPLE-LITERAL (CADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))))) (MEMBER (MG-COND-TO-P-NAT (CC MG-STATE) T-COND-LIST) '((NAT 1) (NAT 2)))). This simplifies, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, ASSOCIATIVITY-OF-APPEND, INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES, OK-MG-STATEP-MG-ALIST-MG-ALISTP, INT-LITERALP-MAPPING, and SPECIAL-CONDITIONS-MG-COND-TO-P-NAT, and opening up OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, and MEMBER, to: T. Q.E.D. The current goal, (((MAIN . 1) . 1) . 4), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 2). (DIVE 1 3 1) (REWRITE RPUT-PRESERVES-LENGTH) Rewriting with RPUT-PRESERVES-LENGTH. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 2) . 1). (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 2) . 2). TOP S The proof of the current goal, (((MAIN . 1) . 1) . 2), has been completed. However, the following subgoals of (((MAIN . 1) . 1) . 2) remain to be proved: ((((MAIN . 1) . 1) . 2) . 2) and ((((MAIN . 1) . 1) . 2) . 1). Now proving ((((MAIN . 1) . 1) . 2) . 2). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, ((((MAIN . 1) . 1) . 2) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 1) . 2) . 1). (DIVE 2) (REWRITE MAP-DOWN-VALUES-PRESERVES-LENGTH) Rewriting with MAP-DOWN-VALUES-PRESERVES-LENGTH. Creating 1 new subgoal, (((((MAIN . 1) . 1) . 2) . 1) . 1). TOP (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH) **WARNING**: The following variables occur free in the lemma: MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH but were not explicitly substituted for: PROC-LIST, NAME-ALIST, and R-COND-LIST. Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-INDEX-LESSP-TEMP-STK-LENGTH. Creating 1 new subgoal, (((((MAIN . 1) . 1) . 2) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 2) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 2) . 1) remain to be proved: (((((MAIN . 1) . 1) . 2) . 1) . 2) and: (((((MAIN . 1) . 1) . 2) . 1) . 1). Now proving (((((MAIN . 1) . 1) . 2) . 1) . 2). (DEMOTE 16) (DIVE 1 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((((MAIN . 1) . 1) . 2) . 1) . 2) . 1). TOP S The proof of the current goal, (((((MAIN . 1) . 1) . 2) . 1) . 2), has been completed. However, the following subgoal of: (((((MAIN . 1) . 1) . 2) . 1) . 2) remains to be proved: ((((((MAIN . 1) . 1) . 2) . 1) . 2) . 1). Now proving ((((((MAIN . 1) . 1) . 2) . 1) . 2) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((((MAIN . 1) . 1) . 2) . 1) . 2) . 1) . 1) and: (((((((MAIN . 1) . 1) . 2) . 1) . 2) . 1) . 2). The proof of the current goal, ((((((MAIN . 1) . 1) . 2) . 1) . 2) . 1), has been completed. However, the following subgoals of: ((((((MAIN . 1) . 1) . 2) . 1) . 2) . 1) remain to be proved: (((((((MAIN . 1) . 1) . 2) . 1) . 2) . 1) . 1) and: (((((((MAIN . 1) . 1) . 2) . 1) . 2) . 1) . 2). Now proving (((((((MAIN . 1) . 1) . 2) . 1) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((((MAIN . 1) . 1) . 2) . 1) . 2) . 1) . 1), has been proved, and has no dependents. Now proving (((((((MAIN . 1) . 1) . 2) . 1) . 2) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((((MAIN . 1) . 1) . 2) . 1) . 2) . 1) . 2), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 2) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 2) . 1) . 1), has been proved, and has no dependents. Now proving (((MAIN . 1) . 1) . 1). (DEMOTE 16 17) (DIVE 1 1 1 1) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 1) . 1). TOP (DIVE 1 2 1 1 2) (REWRITE INT-LITERALP-MAPPING) Rewriting with INT-LITERALP-MAPPING. Creating 1 new subgoal, ((((MAIN . 1) . 1) . 1) . 2). TOP (PROVE (ENABLE UNTAG)) ***** Now entering the theorem prover *****: This conjecture can be simplified, using the abbreviations PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, ZEROP, NOT, AND, IMPLIES, UNTAG, and NORMAL, to the formula: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-MG-STATEP MG-STATE R-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (LISTP CTRL-STK) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (EQUAL (CC MG-STATE) 'NORMAL) (NOT (NEGATIVEP (CADADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))) (NOT (EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (CADADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) 0)) (NUMBERP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (CADADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))))) (EQUAL (PLUS 8 (COND ((NEGATIVEP (CADADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) 7) ((EQUAL (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (CADADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE)))) 0) 11) ((NEGATIVEP (IDIFFERENCE (CADDDR (CALL-ACTUALS STMT)) (CADADDR (ASSOC (CADR (CALL-ACTUALS STMT)) (MG-ALIST MG-STATE))))) 11) (T 17))) 25)). This simplifies, rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS, PREDEFINED-CALL-TRANSLATION-2, CODE-MAKE-CINFO, APPEND-NIL-LEMMA, APPEND-CONS-REWRITE, and ASSOCIATIVITY-OF-APPEND, and unfolding the functions OK-MG-DEF-PLISTP, MG-ARRAY-ELEMENT-ASSIGNMENT-CALL-SEQUENCE, FETCH-LABEL, EQUAL, PREDEFINED-PROC-CALL-SEQUENCE, ADD-CODE, CDR, CAR, LISTP, MEMBER, and PLUS, to: T. Q.E.D. The proof of the current goal, (((MAIN . 1) . 1) . 1), has been completed. However, the following subgoals of (((MAIN . 1) . 1) . 1) remain to be proved: ((((MAIN . 1) . 1) . 1) . 2) and ((((MAIN . 1) . 1) . 1) . 1). Now proving ((((MAIN . 1) . 1) . 1) . 2). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 1) . 2) . 1) and: (((((MAIN . 1) . 1) . 1) . 2) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 2), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 1) . 2) remain to be proved: (((((MAIN . 1) . 1) . 1) . 2) . 1) and: (((((MAIN . 1) . 1) . 1) . 2) . 2). Now proving (((((MAIN . 1) . 1) . 1) . 2) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 1) . 2) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 1) . 2) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 1) . 2) . 2), has been proved, and has no dependents. Now proving ((((MAIN . 1) . 1) . 1) . 1). (REWRITE INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES) Rewriting with INT-IDENTIFIERS-HAVE-INT-LITERAL-VALUES. Creating 2 new subgoals, (((((MAIN . 1) . 1) . 1) . 1) . 1) and: (((((MAIN . 1) . 1) . 1) . 1) . 2). The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 1), has been completed. However, the following subgoals of ((((MAIN . 1) . 1) . 1) . 1) remain to be proved: (((((MAIN . 1) . 1) . 1) . 1) . 1) and: (((((MAIN . 1) . 1) . 1) . 1) . 2). Now proving (((((MAIN . 1) . 1) . 1) . 1) . 1). (REWRITE OK-MG-STATEP-MG-ALIST-MG-ALISTP) Rewriting with OK-MG-STATEP-MG-ALIST-MG-ALISTP. The current goal, (((((MAIN . 1) . 1) . 1) . 1) . 1), has been proved, and has no dependents. Now proving (((((MAIN . 1) . 1) . 1) . 1) . 2). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-ARGS-HAVE-SIMPLE-MG-TYPE-REFPS. The current goal, (((((MAIN . 1) . 1) . 1) . 1) . 2), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 6.5 0.3 0.0 ] MG-ARRAY-ELEMENT-ASSIGNMENT-EXACT-TIME-LEMMA (PROVE-LEMMA PREDEFINED-PROC-CALL-EXACT-TIME-LEMMA (REWRITE) (IMPLIES (AND (NOT (ZEROP N)) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (OK-TRANSLATION-PARAMETERS CINFO T-COND-LIST STMT PROC-LIST CODE2) (OK-MG-STATEP MG-STATE R-COND-LIST) (COND-SUBSETP R-COND-LIST T-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (USER-DEFINED-PROCP SUBR PROC-LIST) (PLISTP TEMP-STK) (LISTP CTRL-STK) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (NORMAL MG-STATE) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (NOT (RESOURCE-ERRORP (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))))) (EQUAL (P (MAP-DOWN MG-STATE PROC-LIST CTRL-STK TEMP-STK (TAG 'PC (CONS SUBR (LENGTH (CODE CINFO)))) T-COND-LIST) (CLOCK STMT PROC-LIST MG-STATE N)) (P-STATE (TAG 'PC (CONS SUBR (IF (NORMAL (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LENGTH (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (FIND-LABEL (FETCH-LABEL (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LABEL-ALIST (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2))))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) (MG-WORD-SIZE) 'RUN))) ((INSTRUCTIONS PROMOTE (DIVE 1) (CLAIM (EQUAL (CALL-NAME STMT) 'MG-SIMPLE-VARIABLE-ASSIGNMENT) 0) (REWRITE MG-SIMPLE-VARIABLE-ASSIGNMENT-EXACT-TIME-LEMMA) TOP S-PROP (CLAIM (EQUAL (CALL-NAME STMT) 'MG-SIMPLE-CONSTANT-ASSIGNMENT) 0) (REWRITE MG-SIMPLE-CONSTANT-ASSIGNMENT-EXACT-TIME-LEMMA) TOP S-PROP (CLAIM (EQUAL (CALL-NAME STMT) 'MG-SIMPLE-VARIABLE-EQ) 0) (REWRITE MG-SIMPLE-VARIABLE-EQ-EXACT-TIME-LEMMA) TOP S-PROP (CLAIM (EQUAL (CALL-NAME STMT) 'MG-SIMPLE-CONSTANT-EQ) 0) (REWRITE MG-SIMPLE-CONSTANT-EQ-EXACT-TIME-LEMMA) TOP S-PROP (CLAIM (EQUAL (CALL-NAME STMT) 'MG-INTEGER-LE) 0) (REWRITE MG-INTEGER-LE-EXACT-TIME-LEMMA) TOP S-PROP (CLAIM (EQUAL (CALL-NAME STMT) 'MG-INTEGER-UNARY-MINUS) 0) (REWRITE MG-INTEGER-UNARY-MINUS-EXACT-TIME-LEMMA) TOP S-PROP (CLAIM (EQUAL (CALL-NAME STMT) 'MG-INTEGER-ADD) 0) (REWRITE MG-INTEGER-ADD-EXACT-TIME-LEMMA) TOP S-PROP (CLAIM (EQUAL (CALL-NAME STMT) 'MG-INTEGER-SUBTRACT) 0) (REWRITE MG-INTEGER-SUBTRACT-EXACT-TIME-LEMMA) TOP S-PROP (CLAIM (EQUAL (CALL-NAME STMT) 'MG-BOOLEAN-OR) 0) (REWRITE MG-BOOLEAN-OR-EXACT-TIME-LEMMA) TOP S-PROP (CLAIM (EQUAL (CALL-NAME STMT) 'MG-BOOLEAN-AND) 0) (REWRITE MG-BOOLEAN-AND-EXACT-TIME-LEMMA) TOP S-PROP (CLAIM (EQUAL (CALL-NAME STMT) 'MG-BOOLEAN-NOT) 0) (REWRITE MG-BOOLEAN-NOT-EXACT-TIME-LEMMA) TOP S-PROP (CLAIM (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY) 0) (REWRITE MG-INDEX-ARRAY-EXACT-TIME-LEMMA) TOP S-PROP (CLAIM (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT) 0) (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-EXACT-TIME-LEMMA) TOP S-PROP TOP (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL))))) WARNING: Note that PREDEFINED-PROC-CALL-EXACT-TIME-LEMMA contains the free variables CODE2, NAME-ALIST, and R-COND-LIST which will be chosen by instantiating the hypotheses: (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) and (OK-TRANSLATION-PARAMETERS CINFO T-COND-LIST STMT PROC-LIST CODE2). WARNING: the newly proposed lemma, PREDEFINED-PROC-CALL-EXACT-TIME-LEMMA, could be applied whenever the previously added lemma: MG-SIMPLE-CONSTANT-ASSIGNMENT-EXACT-TIME-LEMMA could. WARNING: the newly proposed lemma, PREDEFINED-PROC-CALL-EXACT-TIME-LEMMA, could be applied whenever the previously added lemma: MG-SIMPLE-VARIABLE-ASSIGNMENT-EXACT-TIME-LEMMA could. *** Entering proof-checker *** PROMOTE (DIVE 1) (CLAIM (EQUAL (CALL-NAME STMT) (QUOTE MG-SIMPLE-VARIABLE-ASSIGNMENT)) 0) Creating one new subgoal, (MAIN . 1). (REWRITE MG-SIMPLE-VARIABLE-ASSIGNMENT-EXACT-TIME-LEMMA) Rewriting with MG-SIMPLE-VARIABLE-ASSIGNMENT-EXACT-TIME-LEMMA. TOP S-PROP The proof of the current goal, MAIN, has been completed. However, the following subgoal of MAIN remains to be proved: (MAIN . 1). Now proving (MAIN . 1). (CLAIM (EQUAL (CALL-NAME STMT) (QUOTE MG-SIMPLE-CONSTANT-ASSIGNMENT)) 0) Creating one new subgoal, ((MAIN . 1) . 1). (REWRITE MG-SIMPLE-CONSTANT-ASSIGNMENT-EXACT-TIME-LEMMA) Rewriting with MG-SIMPLE-CONSTANT-ASSIGNMENT-EXACT-TIME-LEMMA. TOP S-PROP The proof of the current goal, (MAIN . 1), has been completed. However, the following subgoal of (MAIN . 1) remains to be proved: ((MAIN . 1) . 1). Now proving ((MAIN . 1) . 1). (CLAIM (EQUAL (CALL-NAME STMT) (QUOTE MG-SIMPLE-VARIABLE-EQ)) 0) Creating one new subgoal, (((MAIN . 1) . 1) . 1). (REWRITE MG-SIMPLE-VARIABLE-EQ-EXACT-TIME-LEMMA) Rewriting with MG-SIMPLE-VARIABLE-EQ-EXACT-TIME-LEMMA. TOP S-PROP The proof of the current goal, ((MAIN . 1) . 1), has been completed. However, the following subgoal of ((MAIN . 1) . 1) remains to be proved: (((MAIN . 1) . 1) . 1). Now proving (((MAIN . 1) . 1) . 1). (CLAIM (EQUAL (CALL-NAME STMT) (QUOTE MG-SIMPLE-CONSTANT-EQ)) 0) Creating one new subgoal, ((((MAIN . 1) . 1) . 1) . 1). (REWRITE MG-SIMPLE-CONSTANT-EQ-EXACT-TIME-LEMMA) Rewriting with MG-SIMPLE-CONSTANT-EQ-EXACT-TIME-LEMMA. TOP S-PROP The proof of the current goal, (((MAIN . 1) . 1) . 1), has been completed. However, the following subgoal of (((MAIN . 1) . 1) . 1) remains to be proved: ((((MAIN . 1) . 1) . 1) . 1). Now proving ((((MAIN . 1) . 1) . 1) . 1). (CLAIM (EQUAL (CALL-NAME STMT) (QUOTE MG-INTEGER-LE)) 0) Creating one new subgoal, (((((MAIN . 1) . 1) . 1) . 1) . 1). (REWRITE MG-INTEGER-LE-EXACT-TIME-LEMMA) Rewriting with MG-INTEGER-LE-EXACT-TIME-LEMMA. TOP S-PROP The proof of the current goal, ((((MAIN . 1) . 1) . 1) . 1), has been completed. However, the following subgoal of ((((MAIN . 1) . 1) . 1) . 1) remains to be proved: (((((MAIN . 1) . 1) . 1) . 1) . 1). Now proving (((((MAIN . 1) . 1) . 1) . 1) . 1). (CLAIM (EQUAL (CALL-NAME STMT) (QUOTE MG-INTEGER-UNARY-MINUS)) 0) Creating one new subgoal, ((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1). (REWRITE MG-INTEGER-UNARY-MINUS-EXACT-TIME-LEMMA) Rewriting with MG-INTEGER-UNARY-MINUS-EXACT-TIME-LEMMA. TOP S-PROP The proof of the current goal, (((((MAIN . 1) . 1) . 1) . 1) . 1), has been completed. However, the following subgoal of: (((((MAIN . 1) . 1) . 1) . 1) . 1) remains to be proved: ((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1). Now proving ((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1). (CLAIM (EQUAL (CALL-NAME STMT) (QUOTE MG-INTEGER-ADD)) 0) Creating one new subgoal, (((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1). (REWRITE MG-INTEGER-ADD-EXACT-TIME-LEMMA) Rewriting with MG-INTEGER-ADD-EXACT-TIME-LEMMA. TOP S-PROP The proof of the current goal, ((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1), has been completed. However, the following subgoal of: ((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) remains to be proved: (((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1). Now proving (((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1). (CLAIM (EQUAL (CALL-NAME STMT) (QUOTE MG-INTEGER-SUBTRACT)) 0) Creating one new subgoal, ((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). (REWRITE MG-INTEGER-SUBTRACT-EXACT-TIME-LEMMA) Rewriting with MG-INTEGER-SUBTRACT-EXACT-TIME-LEMMA. TOP S-PROP The proof of the current goal, (((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1), has been completed. However, the following subgoal of: (((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) remains to be proved: ((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). Now proving ((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). (CLAIM (EQUAL (CALL-NAME STMT) (QUOTE MG-BOOLEAN-OR)) 0) Creating one new subgoal, (((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). (REWRITE MG-BOOLEAN-OR-EXACT-TIME-LEMMA) Rewriting with MG-BOOLEAN-OR-EXACT-TIME-LEMMA. TOP S-PROP The proof of the current goal, ((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1), has been completed. However, the following subgoal of: ((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) remains to be proved: (((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). Now proving (((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). (CLAIM (EQUAL (CALL-NAME STMT) (QUOTE MG-BOOLEAN-AND)) 0) Creating one new subgoal, ((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). (REWRITE MG-BOOLEAN-AND-EXACT-TIME-LEMMA) Rewriting with MG-BOOLEAN-AND-EXACT-TIME-LEMMA. TOP S-PROP The proof of the current goal, (((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1), has been completed. However, the following subgoal of: (((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) remains to be proved: ((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). Now proving ((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). (CLAIM (EQUAL (CALL-NAME STMT) (QUOTE MG-BOOLEAN-NOT)) 0) Creating one new subgoal, (((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). (REWRITE MG-BOOLEAN-NOT-EXACT-TIME-LEMMA) Rewriting with MG-BOOLEAN-NOT-EXACT-TIME-LEMMA. TOP S-PROP The proof of the current goal, ((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1), has been completed. However, the following subgoal of: ((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) remains to be proved: (((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). Now proving: (((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). (CLAIM (EQUAL (CALL-NAME STMT) (QUOTE MG-INDEX-ARRAY)) 0) Creating one new subgoal, ((((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). (REWRITE MG-INDEX-ARRAY-EXACT-TIME-LEMMA) Rewriting with MG-INDEX-ARRAY-EXACT-TIME-LEMMA. TOP S-PROP The proof of the current goal, (((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1), has been completed. However, the following subgoal of: (((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) remains to be proved: ((((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). Now proving: ((((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). (CLAIM (EQUAL (CALL-NAME STMT) (QUOTE MG-ARRAY-ELEMENT-ASSIGNMENT)) 0) Creating one new subgoal, (((((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). (REWRITE MG-ARRAY-ELEMENT-ASSIGNMENT-EXACT-TIME-LEMMA) Rewriting with MG-ARRAY-ELEMENT-ASSIGNMENT-EXACT-TIME-LEMMA. TOP S-PROP The proof of the current goal, ((((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1), has been completed. However, the following subgoal of: ((((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) remains to be proved: (((((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). Now proving: (((((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1). TOP (PROVE (ENABLE OK-MG-STATEMENT OK-PREDEFINED-PROC-CALL)) ***** Now entering the theorem prover *****: This formula can be simplified, using the abbreviations RESOURCE-ERRORP, PREDEFINED-PROCEDURE-LIST, USER-DEFINED-PROCP, LABEL-HOLE-BIG-ENOUGH, OK-CINFOP, OK-TRANSLATION-PARAMETERS, ZEROP, NOT, AND, IMPLIES, MG-WORD-SIZE, TRANSLATE-PRESERVES-FIELDS, FETCH-LABEL, and NORMAL, to: (IMPLIES (AND (NOT (EQUAL N 0)) (NUMBERP N) (NOT (RESOURCES-INADEQUATEP STMT PROC-LIST (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (EQUAL (CAR STMT) 'PREDEFINED-PROC-CALL-MG) (OK-MG-STATEMENT STMT R-COND-LIST NAME-ALIST PROC-LIST) (OK-MG-DEF-PLISTP PROC-LIST) (PLISTP (CODE CINFO)) (OK-COND-LIST T-COND-LIST) (ALL-LABELS-UNIQUE (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (OK-MG-STATEP MG-STATE R-COND-LIST) (COND-SUBSETP R-COND-LIST T-COND-LIST) (EQUAL (CODE (TRANSLATE-DEF-BODY (ASSOC SUBR PROC-LIST) PROC-LIST)) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2)) (NOT (MEMBER SUBR '(MG-SIMPLE-VARIABLE-ASSIGNMENT MG-SIMPLE-CONSTANT-ASSIGNMENT MG-SIMPLE-VARIABLE-EQ MG-SIMPLE-CONSTANT-EQ MG-INTEGER-LE MG-INTEGER-UNARY-MINUS MG-INTEGER-ADD MG-INTEGER-SUBTRACT MG-BOOLEAN-OR MG-BOOLEAN-AND MG-BOOLEAN-NOT MG-INDEX-ARRAY MG-ARRAY-ELEMENT-ASSIGNMENT))) (DEFINEDP SUBR PROC-LIST) (PLISTP TEMP-STK) (LISTP CTRL-STK) (MG-VARS-LIST-OK-IN-P-STATE (MG-ALIST MG-STATE) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (NO-P-ALIASING (BINDINGS (TOP CTRL-STK)) (MG-ALIST MG-STATE)) (SIGNATURES-MATCH (MG-ALIST MG-STATE) NAME-ALIST) (EQUAL (CC MG-STATE) 'NORMAL) (ALL-CARS-UNIQUE (MG-ALIST MG-STATE)) (EQUAL (MG-PSW (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) 'RUN) (NOT (EQUAL (CALL-NAME STMT) 'MG-SIMPLE-VARIABLE-ASSIGNMENT)) (NOT (EQUAL (CALL-NAME STMT) 'MG-SIMPLE-CONSTANT-ASSIGNMENT)) (NOT (EQUAL (CALL-NAME STMT) 'MG-SIMPLE-VARIABLE-EQ)) (NOT (EQUAL (CALL-NAME STMT) 'MG-SIMPLE-CONSTANT-EQ)) (NOT (EQUAL (CALL-NAME STMT) 'MG-INTEGER-LE)) (NOT (EQUAL (CALL-NAME STMT) 'MG-INTEGER-UNARY-MINUS)) (NOT (EQUAL (CALL-NAME STMT) 'MG-INTEGER-ADD)) (NOT (EQUAL (CALL-NAME STMT) 'MG-INTEGER-SUBTRACT)) (NOT (EQUAL (CALL-NAME STMT) 'MG-BOOLEAN-OR)) (NOT (EQUAL (CALL-NAME STMT) 'MG-BOOLEAN-AND)) (NOT (EQUAL (CALL-NAME STMT) 'MG-BOOLEAN-NOT)) (NOT (EQUAL (CALL-NAME STMT) 'MG-INDEX-ARRAY)) (NOT (EQUAL (CALL-NAME STMT) 'MG-ARRAY-ELEMENT-ASSIGNMENT))) (EQUAL (P (MAP-DOWN MG-STATE PROC-LIST CTRL-STK TEMP-STK (TAG 'PC (CONS SUBR (LENGTH (CODE CINFO)))) T-COND-LIST) (CLOCK STMT PROC-LIST MG-STATE N)) (P-STATE (TAG 'PC (CONS SUBR (IF (EQUAL (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) 'NORMAL) (LENGTH (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST))) (FIND-LABEL (CDR (ASSOC (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (LABEL-ALIST CINFO))) (APPEND (CODE (TRANSLATE CINFO T-COND-LIST STMT PROC-LIST)) CODE2))))) CTRL-STK (MAP-DOWN-VALUES (MG-ALIST (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) (BINDINGS (TOP CTRL-STK)) TEMP-STK) (TRANSLATE-PROC-LIST PROC-LIST) (LIST (LIST 'C-C (MG-COND-TO-P-NAT (CC (MG-MEANING-R STMT PROC-LIST MG-STATE N (LIST (LENGTH TEMP-STK) (P-CTRL-STK-SIZE CTRL-STK)))) T-COND-LIST))) (MG-MAX-CTRL-STK-SIZE) (MG-MAX-TEMP-STK-SIZE) 32 'RUN))), which simplifies, rewriting with MEMBER-CONS, and unfolding OK-PREDEFINED-PROC-CALL, MEMBER, LISTP, PREDEFINED-PROCEDURE-LIST, PREDEFINED-PROCP, EQUAL, and OK-MG-STATEMENT, to: T. Q.E.D. The current goal, (((((((((((((MAIN . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1) . 1), has been proved, and has no dependents. *!*!*!*!*!*!* All goals have been proved! *!*!*!*!*!*!* [ 2.6 0.1 0.0 ] PREDEFINED-PROC-CALL-EXACT-TIME-LEMMA (MAKE-LIB "c-predefined4") Making the lib for "c-predefined4". Finished making the lib for "c-predefined4". (/stage/ftp/pub/boyer/pc-nqthm/pc-nqthm-1992/examples/mg/c-predefined4.lib /stage/ftp/pub/boyer/pc-nqthm/pc-nqthm-1992/examples/mg/c-predefined4.lisp)