|
|
|---|
|
|
|
|---|
We say the environments
This is a universal equivalence, introduced using def-universal-equiv.
Function:
(defun aig-env-equiv (x y) (declare (xargs :non-executable t)) (declare (xargs :guard t)) (prog2$ (throw-nonexec-error 'aig-env-equiv (list x y)) (let ((key (aig-env-equiv-witness x y))) (and (iff (aig-env-lookup key x) (aig-env-lookup key y))))))
Theorem:
(defthm aig-env-equiv-necc (implies (not (and (iff (aig-env-lookup key x) (aig-env-lookup key y)))) (not (aig-env-equiv x y))))
Theorem:
(defthm aig-env-equiv-witnessing-witness-rule-correct (implies (not ((lambda (key y x) (not (iff (aig-env-lookup key x) (aig-env-lookup key y)))) (aig-env-equiv-witness x y) y x)) (aig-env-equiv x y)) :rule-classes nil)
Theorem:
(defthm aig-env-equiv-instancing-instance-rule-correct (implies (not (iff (aig-env-lookup key x) (aig-env-lookup key y))) (not (aig-env-equiv x y))) :rule-classes nil)
Theorem:
(defthm aig-env-equiv-is-an-equivalence (and (booleanp (aig-env-equiv x y)) (aig-env-equiv x x) (implies (aig-env-equiv x y) (aig-env-equiv y x)) (implies (and (aig-env-equiv x y) (aig-env-equiv y z)) (aig-env-equiv x z))) :rule-classes (:equivalence))
Theorem:
(defthm aig-env-equiv-implies-equal-aig-env-lookup-2 (implies (aig-env-equiv x x-equiv) (equal (aig-env-lookup key x) (aig-env-lookup key x-equiv))) :rule-classes (:congruence))
Theorem:
(defthm alist-equiv-refines-aig-env-equiv (implies (alist-equiv x y) (aig-env-equiv x y)) :rule-classes (:refinement))