• Top
    • Documentation
    • Books
    • Boolean-reasoning
    • Projects
    • Debugging
    • Std
    • Community
    • Proof-automation
    • ACL2
    • Macro-libraries
    • Interfacing-tools
    • Hardware-verification
    • Software-verification
      • Kestrel-books
        • Crypto-hdwallet
        • Apt
        • Error-checking
        • Fty-extensions
        • Isar
        • Kestrel-utilities
        • Set
        • Soft
        • C
          • Syntax-for-tools
          • Atc
            • Atc-implementation
              • Atc-abstract-syntax
              • Atc-pretty-printer
              • Atc-event-and-code-generation
                • Atc-symbolic-computation-states
                • Atc-symbolic-execution-rules
                • Atc-gen-ext-declon-lists
                • Atc-function-and-loop-generation
                  • Atc-gen-cfun-correct-thm
                  • Atc-typed-formals
                  • Atc-gen-outer-bindings-and-hyps
                  • Atc-gen-fundef
                  • Atc-gen-exec-stmt-while-for-loop
                  • Atc-gen-context-preamble
                  • Atc-gen-pop-frame-thm
                  • Atc-gen-loop-correct-thm
                  • Atc-gen-init-scope-thms
                  • Atc-gen-fun-correct-thm
                  • Atc-gen-fn-result-thm
                  • Atc-gen-loop-body-correct-thm
                  • Atc-gen-loop
                  • Atc-gen-loop-test-correct-thm
                  • Atc-check-guard-conjunct
                  • Atc-find-affected
                  • Atc-gen-cfun-final-compustate
                    • Atc-gen-init-inscope-auto
                    • Atc-gen-init-inscope-static
                    • Atc-gen-push-init-thm
                    • Atc-gen-loop-measure-fn
                    • Atc-gen-fun-endstate
                    • Atc-gen-loop-termination-thm
                    • Atc-gen-formal-thm
                    • Atc-gen-loop-final-compustate
                    • Atc-gen-loop-measure-thm
                    • Atc-gen-object-disjoint-hyps
                    • Atc-loop-body-term-subst
                    • Atc-gen-omap-update-formals
                    • Atc-gen-loop-tthm-formula
                    • Atc-gen-init-inscope
                    • Atc-gen-fn-def*
                    • Atc-gen-param-declon-list
                    • Atc-formal-affectablep
                    • Atc-gen-cfun-fun-env-thm
                    • Atc-gen-add-var-formals
                    • Atc-gen-cfun-fun-env-thm-name
                    • Atc-gen-fn-guard
                    • Atc-filter-exec-fun-args
                    • Atc-gen-context-preamble-aux-aux
                    • Atc-typed-formals-to-extobjs
                    • Atc-formal-affectable-listp
                  • Atc-statement-generation
                  • Atc-gen-fileset
                  • Atc-gen-everything
                  • Atc-gen-obj-declon
                  • Atc-gen-fileset-event
                  • Atc-tag-tables
                  • Atc-expression-generation
                  • Atc-generation-contexts
                  • Atc-gen-wf-thm
                  • Term-checkers-atc
                  • Atc-variable-tables
                  • Term-checkers-common
                  • Atc-gen-init-fun-env-thm
                  • Atc-gen-appconds
                  • Read-write-variables
                  • Atc-gen-thm-assert-events
                  • Test*
                  • Atc-gen-prog-const
                  • Atc-gen-expr-bool
                  • Atc-theorem-generation
                  • Atc-tag-generation
                  • Atc-gen-expr-pure
                  • Atc-function-tables
                  • Atc-object-tables
                • Fty-pseudo-term-utilities
                • Atc-term-recognizers
                • Atc-input-processing
                • Atc-shallow-embedding
                • Atc-process-inputs-and-gen-everything
                • Atc-table
                • Atc-fn
                • Atc-pretty-printing-options
                • Atc-types
                • Atc-macro-definition
              • Atc-tutorial
            • Language
            • Representation
            • Transformation-tools
            • Insertion-sort
            • Pack
          • Bv
          • Imp-language
          • Event-macros
          • Java
          • Bitcoin
          • Ethereum
          • Yul
          • Zcash
          • ACL2-programming-language
          • Prime-fields
          • Json
          • Syntheto
          • File-io-light
          • Cryptography
          • Number-theory
          • Lists-light
          • Axe
          • Builtins
          • Solidity
          • Helpers
          • Htclient
          • Typed-lists-light
          • Arithmetic-light
        • X86isa
        • Axe
        • Execloader
      • Math
      • Testing-utilities
    • Atc-function-and-loop-generation

    Atc-gen-cfun-final-compustate

    Generate a term representing the final computation state after the execution of a C function.

    Signature
    (atc-gen-cfun-final-compustate affect typed-formals 
                               subst compst-var prec-objs) 
 
  → 
term
    Arguments
    affect — Guard (symbol-listp affect).
    typed-formals — Guard (atc-symbol-varinfo-alistp typed-formals).
    subst — Guard (symbol-symbol-alistp subst).
    compst-var — Guard (symbolp compst-var).
    prec-objs — Guard (atc-string-objinfo-alistp prec-objs).
    Returns
    term — An untranslated term.

    The correctness theorem of a C function says that executing the function on a generic computation state (satisfying conditions in the hypotheses of the theorem) and on generic arguments yields an optional result (absent if the function is void) and a computation state obtained by modifying zero or more arrays and structures in the computation state. These are the arrays and structures affected by the C function, which the correctness theorem binds to the results of the ACL2 function that represents the C function. The modified computation state is expressed as a nest of write-object and write-static-var calls, based on whether the affected object are in the heap or in static storage. This ACL2 code here generates that nest.

    The parameter affect passed to this code consists of the formals of fn that represent arrays and structures affected by the body of the ACL2 function that represents the C function. The parameter subst is the result of atc-gen-outer-bindings-and-hyps that maps array and structure formals of the ACL2 function to the corresponding pointer variables used by the correctness theorems. Thus, we go through affect, looking up the corresponding pointer variables in subst, and we construct each nested write-object call, which needs both a pointer and an array or structure; we distinguish between arrays and structures via the types of the formals. This is the case for arrays and structures in the heap; for arrays in static storage, we generate a call of write-static-var, and there are no pointers involved.

    Note that, in the correctness theorem, the new array and structure variables are bound to the possibly modified arrays and structures returned by the ACL2 function: these new array and structure variables are obtained by adding -NEW to the corresponding formals of the ACL2 function; these new names should not cause any conflicts, because the names of the formals must be portable C identifiers.

    Definitions and Theorems

    Function: atc-gen-cfun-final-compustate

    (defun atc-gen-cfun-final-compustate
       (affect typed-formals
               subst compst-var prec-objs)
 (declare
      (xargs :guard (and (symbol-listp affect)
                         (atc-symbol-varinfo-alistp typed-formals)
                         (symbol-symbol-alistp subst)
                         (symbolp compst-var)
                         (atc-string-objinfo-alistp prec-objs))))
 (let ((__function__ 'atc-gen-cfun-final-compustate))
  (declare (ignorable __function__))
  (b*
   (((when (endp affect)) compst-var)
    (formal (car affect))
    (info (cdr (assoc-eq formal typed-formals)))
    ((when (not info))
     (raise "Internal error: formal ~x0 not found."
            formal))
    (type (atc-var-info->type info))
    ((unless (or (type-case type :pointer)
                 (type-case type :array)
                 (atc-var-info->externalp info)))
     (raise
      "Internal error:
                affected formal ~x0 has type ~x1 and is not an external object."
      formal type)))
   (if
    (consp (assoc-equal (symbol-name formal)
                        prec-objs))
    (cons
     'write-static-var
     (cons
      (cons 'ident
            (cons (symbol-name formal) 'nil))
      (cons
       (add-suffix-to-fn formal "-NEW")
       (cons
          (atc-gen-cfun-final-compustate (cdr affect)
                                         typed-formals
                                         subst compst-var prec-objs)
          'nil))))
    (cons
     'write-object
     (cons
      (cons 'value-pointer->designator
            (cons (cdr (assoc-eq formal subst))
                  'nil))
      (cons
       (add-suffix-to-fn formal "-NEW")
       (cons
          (atc-gen-cfun-final-compustate (cdr affect)
                                         typed-formals
                                         subst compst-var prec-objs)
          'nil))))))))