(rml128 lin-addr r-x x86) → (mv * * x86)
Theorem:
(defthm rb-and-rvm128 (implies (and (app-view x86) (x86p x86) (canonical-address-p lin-addr) (canonical-address-p (+ 15 lin-addr))) (equal (rvm128 lin-addr x86) (rb 16 lin-addr r-x x86))))
Theorem:
(defthm unsigned-byte-p-128-of-merge-16-u8s-linear (implies (and (unsigned-byte-p 8 h7) (unsigned-byte-p 8 h6) (unsigned-byte-p 8 h5) (unsigned-byte-p 8 h4) (unsigned-byte-p 8 h3) (unsigned-byte-p 8 h2) (unsigned-byte-p 8 h1) (unsigned-byte-p 8 h0) (unsigned-byte-p 8 l7) (unsigned-byte-p 8 l6) (unsigned-byte-p 8 l5) (unsigned-byte-p 8 l4) (unsigned-byte-p 8 l3) (unsigned-byte-p 8 l2) (unsigned-byte-p 8 l1) (unsigned-byte-p 8 l0)) (unsigned-byte-p 128 (merge-16-u8s h7 h6 h5 h4 h3 h2 h1 h0 l7 l6 l5 l4 l3 l2 l1 l0))) :rule-classes (:rewrite (:linear :corollary (implies (and (unsigned-byte-p 8 h7) (unsigned-byte-p 8 h6) (unsigned-byte-p 8 h5) (unsigned-byte-p 8 h4) (unsigned-byte-p 8 h3) (unsigned-byte-p 8 h2) (unsigned-byte-p 8 h1) (unsigned-byte-p 8 h0) (unsigned-byte-p 8 l7) (unsigned-byte-p 8 l6) (unsigned-byte-p 8 l5) (unsigned-byte-p 8 l4) (unsigned-byte-p 8 l3) (unsigned-byte-p 8 l2) (unsigned-byte-p 8 l1) (unsigned-byte-p 8 l0)) (and (<= 0 (merge-16-u8s h7 h6 h5 h4 h3 h2 h1 h0 l7 l6 l5 l4 l3 l2 l1 l0)) (< (merge-16-u8s h7 h6 h5 h4 h3 h2 h1 h0 l7 l6 l5 l4 l3 l2 l1 l0) 340282366920938463463374607431768211456))) :hints (("Goal" :in-theory (e/d* (unsigned-byte-p) (bitops::unsigned-byte-p-128-of-merge-16-u8s)) :use ((:instance bitops::unsigned-byte-p-128-of-merge-16-u8s)))))))
Function:
(defun rml128 (lin-addr r-x x86) (declare (xargs :stobjs (x86))) (declare (type (signed-byte 48) lin-addr) (type (member :r :x) r-x)) (declare (xargs :guard (canonical-address-p lin-addr))) (let ((__function__ 'rml128)) (declare (ignorable __function__)) (if (mbt (canonical-address-p lin-addr)) (let* ((15+lin-addr (the (signed-byte 49) (+ 15 (the (signed-byte 48) lin-addr))))) (if (mbe :logic (canonical-address-p 15+lin-addr) :exec (< (the (signed-byte 49) 15+lin-addr) 140737488355328)) (if (app-view x86) (mbe :logic (rb 16 lin-addr r-x x86) :exec (rvm128 lin-addr x86)) (b* (((mv flag (the (unsigned-byte 52) p-addr0) x86) (la-to-pa lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 49) 1+lin-addr) (+ 1 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr1) x86) (la-to-pa 1+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 50) 2+lin-addr) (+ 2 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr2) x86) (la-to-pa 2+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 51) 3+lin-addr) (+ 3 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr3) x86) (la-to-pa 3+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 52) 4+lin-addr) (+ 4 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr4) x86) (la-to-pa 4+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 53) 5+lin-addr) (+ 5 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr5) x86) (la-to-pa 5+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 54) 6+lin-addr) (+ 6 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr6) x86) (la-to-pa 6+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 55) 7+lin-addr) (+ 7 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr7) x86) (la-to-pa 7+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 56) 8+lin-addr) (+ 8 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr8) x86) (la-to-pa 8+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 57) 9+lin-addr) (+ 9 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr9) x86) (la-to-pa 9+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 58) 10+lin-addr) (+ 10 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr10) x86) (la-to-pa 10+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 59) 11+lin-addr) (+ 11 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr11) x86) (la-to-pa 11+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 60) 12+lin-addr) (+ 12 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr12) x86) (la-to-pa 12+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 61) 13+lin-addr) (+ 13 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr13) x86) (la-to-pa 13+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 62) 14+lin-addr) (+ 14 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr14) x86) (la-to-pa 14+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) ((the (signed-byte 63) 15+lin-addr) (+ 15 lin-addr)) ((mv flag (the (unsigned-byte 52) p-addr15) x86) (la-to-pa 15+lin-addr r-x x86)) ((when flag) (mv flag 0 x86)) (byte0 (memi p-addr0 x86)) (byte1 (memi p-addr1 x86)) (byte2 (memi p-addr2 x86)) (byte3 (memi p-addr3 x86)) (byte4 (memi p-addr4 x86)) (byte5 (memi p-addr5 x86)) (byte6 (memi p-addr6 x86)) (byte7 (memi p-addr7 x86)) (byte8 (memi p-addr8 x86)) (byte9 (memi p-addr9 x86)) (byte10 (memi p-addr10 x86)) (byte11 (memi p-addr11 x86)) (byte12 (memi p-addr12 x86)) (byte13 (memi p-addr13 x86)) (byte14 (memi p-addr14 x86)) (byte15 (memi p-addr15 x86)) (oword (the (unsigned-byte 128) (merge-16-u8s byte15 byte14 byte13 byte12 byte11 byte10 byte9 byte8 byte7 byte6 byte5 byte4 byte3 byte2 byte1 byte0)))) (mv nil oword x86))) (mv 'rml128 0 x86))) (mv 'rml128 0 x86))))
Theorem:
(defthm n128p-mv-nth-1-rml128 (unsigned-byte-p 128 (mv-nth 1 (rml128 lin-addr r-x x86))) :rule-classes (:rewrite (:type-prescription :corollary (natp (mv-nth 1 (rml128 lin-addr r-x x86))) :hints (("Goal" :in-theory '(unsigned-byte-p integer-range-p natp)))) (:linear :corollary (and (<= 0 (mv-nth 1 (rml128 lin-addr r-x x86))) (< (mv-nth 1 (rml128 lin-addr r-x x86)) 340282366920938463463374607431768211456)) :hints (("Goal" :in-theory (e/d (signed-byte-p) (rb)))))))
Theorem:
(defthm x86p-rml128 (implies (force (x86p x86)) (x86p (mv-nth 2 (rml128 lin-addr r-x x86)))) :rule-classes (:rewrite :type-prescription))
Theorem:
(defthm rml128-value-when-error (implies (mv-nth 0 (rml128 lin-addr r-x x86)) (equal (mv-nth 1 (rml128 lin-addr r-x x86)) 0)))
Theorem:
(defthm rml128-x86-unmodified-in-app-view (implies (app-view x86) (equal (mv-nth 2 (rml128 lin-addr r-x x86)) x86)))
Theorem:
(defthm xr-rml128-state-sys-view (implies (and (not (app-view x86)) (not (equal fld :mem)) (not (equal fld :fault)) (not (equal fld :tlb)) (member-equal fld *x86-field-names-as-keywords*)) (equal (xr fld index (mv-nth 2 (rml128 lin-addr r-x x86))) (xr fld index x86))))
Theorem:
(defthm rml128-xw-app-view (implies (and (app-view x86) (not (equal fld :mem)) (not (equal fld :app-view))) (and (equal (mv-nth 0 (rml128 lin-addr r-x (xw fld index value x86))) (mv-nth 0 (rml128 lin-addr r-x x86))) (equal (mv-nth 1 (rml128 lin-addr r-x (xw fld index value x86))) (mv-nth 1 (rml128 lin-addr r-x x86))))))
Theorem:
(defthm rml128-xw-sys-view (implies (and (not (app-view x86)) (not (equal fld :fault)) (not (equal fld :seg-visible)) (not (equal fld :seg-hidden-base)) (not (equal fld :seg-hidden-limit)) (not (equal fld :seg-hidden-attr)) (not (equal fld :mem)) (not (equal fld :ctr)) (not (equal fld :msr)) (not (equal fld :rflags)) (not (equal fld :app-view)) (not (equal fld :marking-view)) (not (equal fld :tlb)) (not (equal fld :implicit-supervisor-access)) (member-equal fld *x86-field-names-as-keywords*)) (and (equal (mv-nth 0 (rml128 lin-addr r-x (xw fld index value x86))) (mv-nth 0 (rml128 lin-addr r-x x86))) (equal (mv-nth 1 (rml128 lin-addr r-x (xw fld index value x86))) (mv-nth 1 (rml128 lin-addr r-x x86))) (equal (mv-nth 2 (rml128 lin-addr r-x (xw fld index value x86))) (xw fld index value (mv-nth 2 (rml128 lin-addr r-x x86)))))))
Theorem:
(defthm rml128-xw-sys-view-rflags-not-ac (implies (and (not (app-view x86)) (equal (rflagsbits->ac value) (rflagsbits->ac (rflags x86)))) (and (equal (mv-nth 0 (rml128 lin-addr r-x (xw :rflags nil value x86))) (mv-nth 0 (rml128 lin-addr r-x x86))) (equal (mv-nth 1 (rml128 lin-addr r-x (xw :rflags nil value x86))) (mv-nth 1 (rml128 lin-addr r-x x86))) (equal (mv-nth 2 (rml128 lin-addr r-x (xw :rflags nil value x86))) (xw :rflags nil value (mv-nth 2 (rml128 lin-addr r-x x86)))))))