The
That is, if they return a new set of variables (i.e. not an error), the new set is a superset of (or equal to) the initial set.
Theorem:
(defthm statement-unique-vars-extend (implies (identifier-setp allvars) (b* ((allvars1 (statement-unique-vars stmt allvars))) (implies (not (reserrp allvars1)) (subset allvars allvars1)))))
Theorem:
(defthm statement-list-unique-vars-extend (implies (identifier-setp allvars) (b* ((allvars1 (statement-list-unique-vars stmts allvars))) (implies (not (reserrp allvars1)) (subset allvars allvars1)))))
Theorem:
(defthm block-unique-vars-extend (implies (identifier-setp allvars) (b* ((allvars1 (block-unique-vars block allvars))) (implies (not (reserrp allvars1)) (subset allvars allvars1)))))
Theorem:
(defthm block-option-unique-vars-extend (implies (identifier-setp allvars) (b* ((allvars1 (block-option-unique-vars block? allvars))) (implies (not (reserrp allvars1)) (subset allvars allvars1)))))
Theorem:
(defthm swcase-unique-vars-extend (implies (identifier-setp allvars) (b* ((allvars1 (swcase-unique-vars case allvars))) (implies (not (reserrp allvars1)) (subset allvars allvars1)))))
Theorem:
(defthm swcase-list-unique-vars-extend (implies (identifier-setp allvars) (b* ((allvars1 (swcase-list-unique-vars cases allvars))) (implies (not (reserrp allvars1)) (subset allvars allvars1)))))
Theorem:
(defthm fundef-unique-vars-extend (implies (identifier-setp allvars) (b* ((allvars1 (fundef-unique-vars fundef allvars))) (implies (not (reserrp allvars1)) (subset allvars allvars1)))))