|
|
|---|
|
|
|
|---|
Check if a sequence of events is possible.
(events-possiblep events systate) → yes/no
Each event must be possible in the state that immediately precedes it,
starting with the input
Function:
(defun events-possiblep (events systate) (declare (xargs :guard (and (event-listp events) (system-statep systate)))) (let ((__function__ 'events-possiblep)) (declare (ignorable __function__)) (b* (((when (endp events)) t) ((unless (event-possiblep (car events) systate)) nil)) (events-possiblep (cdr events) (event-next (car events) systate)))))
Theorem:
(defthm booleanp-of-events-possiblep (b* ((yes/no (events-possiblep events systate))) (booleanp yes/no)) :rule-classes :rewrite)
Theorem:
(defthm events-possiblep-of-event-list-fix-events (equal (events-possiblep (event-list-fix events) systate) (events-possiblep events systate)))
Theorem:
(defthm events-possiblep-event-list-equiv-congruence-on-events (implies (event-list-equiv events events-equiv) (equal (events-possiblep events systate) (events-possiblep events-equiv systate))) :rule-classes :congruence)
Theorem:
(defthm events-possiblep-of-system-state-fix-systate (equal (events-possiblep events (system-state-fix systate)) (events-possiblep events systate)))
Theorem:
(defthm events-possiblep-system-state-equiv-congruence-on-systate (implies (system-state-equiv systate systate-equiv) (equal (events-possiblep events systate) (events-possiblep events systate-equiv))) :rule-classes :congruence)