Track more precisely tuple to tuple assignments in sim

[cassiersg]

Fixes #666

[cassiersg]

@strub @bgregoir here it is.

[cassiersg]

@bgregoir Unfortunately it seems that now that we introduce intermediate variables, sim fails again:

module T = {
  proc test(x: int): int = {
    var l: int;
    (l, x) <- (0, x);
    return l;
  }
}.

equiv t: T.test ~ T.test : true ==> res{1} = res{2}.
proof.
proc.
sim.
qed.

results in

forall &1 &2, true => ={ 0}

(where 0 is the new variable we introduced).

Do you see what's wrong with the code? Or do you have suggestions on how to debug this ?

[bgregoir]

I think the order of the list should be reversed (remember rev) :
(mk_assigns lvs' es) @ (mk_assigns lvs (lvs2expr lvs')) -->
((mk_assigns lvs (lvs2expr lvs') @ (mk_assigns lvs' es))
or
rev ((mk_assigns lvs' es) @ (mk_assigns lvs (lvs2expr lvs')))

[cassiersg]

Thanks that was the issue indeed. Now all gimli CT proof work.

[cassiersg]

Now you can criticize me (constructively) for using the variable name hack.

[bgregoir]

I would love to do that. Unfortunately I don't know how we can propose a nicer solution without an important modification of the code. We need to have the memories of the two current functions to be able to create fresh names properly.

[cassiersg]

I'm fine with leaving this as-is, if it is sound.

[bgregoir]

I think we should use this function :
let me, anames = EcMemory.bindall_fresh f.f_sig.fs_anames me in
like in ecPhlInline.ml.
But we need a memenv (in fact 2), we can discuss of this tomorrow.

[cassiersg]

@bgregoir This is now ready.