From 1f9cc5476da545c403ced80dbce484a6c769a31c Mon Sep 17 00:00:00 2001 From: alxest Date: Mon, 23 Dec 2019 17:07:30 +0900 Subject: [PATCH] Compiles with 2 admits in SelectionproofC --- backend/AllocproofC.v | 20 ++--- backend/CSEproofC.v | 16 ++-- backend/CleanupLabelsproofC.v | 18 ++--- backend/CminorC.v | 22 ++--- backend/CminorSelC.v | 22 ++--- backend/ConstpropproofC.v | 16 ++-- backend/DeadcodeproofC.v | 16 ++-- backend/DebugvarproofC.v | 18 ++--- backend/InliningproofC.v | 10 +-- backend/LTLC.v | 26 +++--- backend/LinearC.v | 30 +++---- backend/LinearizeproofC.v | 18 ++--- backend/LocationsC.v | 6 +- backend/MachC.v | 34 ++++---- backend/MachExtra.v | 2 +- backend/RTLC.v | 30 +++---- backend/RTLgenproofC.v | 16 ++-- backend/RenumberproofC.v | 16 ++-- backend/SelectionproofC.v | 27 ++++--- backend/SeparationC.v | 4 +- backend/StackingproofC.v | 58 +++++++------- backend/TailcallproofC.v | 16 ++-- backend/TunnelingproofC.v | 20 ++--- backend/UnusedglobproofC.v | 18 ++--- backend/ValueAnalysisC.v | 10 +-- backend/ValueDomainC.v | 4 +- bound/LinkingC2.v | 22 +++-- bound/LowerBound.v | 72 ++++++++--------- bound/UpperBound_A.v | 16 ++-- bound/UpperBound_AExtra.v | 8 +- bound/UpperBound_B.v | 26 +++--- cfrontend/ClightC.v | 28 +++---- cfrontend/CminorgenproofC.v | 10 +-- cfrontend/CopC.v | 2 +- cfrontend/CsemC.v | 20 ++--- cfrontend/CsharpminorC.v | 20 ++--- cfrontend/CshmgenproofC.v | 14 ++-- cfrontend/CstrategyC.v | 16 ++-- cfrontend/CstrategyproofC.v | 10 +-- cfrontend/CtypesC.v | 12 +-- cfrontend/CtypingC.v | 4 +- cfrontend/SimplExprproofC.v | 14 ++-- cfrontend/SimplLocalsproofC.v | 10 +-- common/ASTC.v | 14 ++-- common/GlobalenvsC.v | 16 ++-- common/MemoryC.v | 12 +-- compose/ModSem.v | 12 +-- compose/Sem.v | 26 +++--- compose/Skeleton.v | 115 ++++++++++++++------------- compose/System.v | 6 +- demo/mutrec/IdSimAsmIdInv.v | 6 +- demo/mutrec/IdSimClightIdInv.v | 6 +- demo/mutrec/MutrecABspec.v | 8 +- demo/mutrec/MutrecAproof.v | 10 +-- demo/mutrec/MutrecAspec.v | 12 +-- demo/mutrec/MutrecBproof.v | 12 +-- demo/mutrec/MutrecBspec.v | 12 +-- demo/mutrec/MutrecRefinement.v | 16 ++-- demo/mutrec/SimMemInjInvC.v | 14 ++-- demo/unreadglob/IdSimAsmDropInv.v | 6 +- demo/unreadglob/IdSimClightDropInv.v | 6 +- demo/unreadglob/SimSymbDropInv.v | 60 +++++++------- demo/unreadglob/UnreadglobproofC.v | 22 ++--- demo/utod/DemoSpec.v | 6 +- demo/utod/DemoSpecProof.v | 4 +- driver/CompilerC.v | 14 ++-- driver/SepComp.v | 2 +- lib/CoqlibC.v | 22 ++--- proof/AdequacyLocal.v | 68 ++++++++-------- proof/AdequacySound.v | 36 ++++----- proof/MatchSimModSemExcl.v | 2 +- proof/MatchSimModSemExcl2.v | 2 +- proof/MatchSimModSemSR.v | 2 +- proof/ModSemProps.v | 10 +-- proof/Ord.v | 2 +- proof/Preservation.v | 78 +++++++++--------- proof/SemProps.v | 20 ++--- proof/SimMem.v | 6 +- proof/SimMemExt.v | 2 +- proof/SimMemInjC.v | 30 +++---- proof/SimMod.v | 10 +-- proof/SimModSem.v | 6 +- proof/SimModSemLift.v | 4 +- proof/SimModSemSR.v | 12 +-- proof/SimProg.v | 8 +- proof/SimSymb.v | 24 +++--- proof/SimSymbDrop.v | 58 +++++++------- proof/SimSymbId.v | 12 +-- proof/Sound.v | 8 +- proof/SoundProduct.v | 24 +++--- proof/StoreArgumentsProps.v | 2 +- proof/UnreachC.v | 32 ++++---- selfsim/AsmStepExt.v | 23 ++---- selfsim/AsmStepInj.v | 24 ++---- selfsim/ClightStepExt.v | 2 +- selfsim/ClightStepInj.v | 4 +- selfsim/IdSimAsm.v | 56 ++++++------- selfsim/IdSimClight.v | 38 ++++----- x86/AsmC.v | 26 +++--- x86/AsmgenproofC.v | 24 +++--- x86/AsmregsC.v | 14 ++-- 101 files changed, 953 insertions(+), 952 deletions(-) diff --git a/backend/AllocproofC.v b/backend/AllocproofC.v index 4ed8154b..6af42cfa 100644 --- a/backend/AllocproofC.v +++ b/backend/AllocproofC.v @@ -22,7 +22,7 @@ Set Implicit Arguments. Definition strong_wf_tgt (st_tgt0: LTL.state): Prop := - exists sg_init ls_init, last_option st_tgt0.(LTLC.get_stack) = Some (LTL.dummy_stack sg_init ls_init). + exists sg_init ls_init, last_option (LTLC.get_stack st_tgt0) = Some (LTL.dummy_stack sg_init ls_init). Lemma agree_callee_save_after tstks ls sg tv @@ -42,7 +42,7 @@ Qed. Lemma match_stackframes_after tse tge stks tstks sg (STACKS: match_stackframes tse tge stks tstks sg): - <>. + <>. Proof. inv STACKS; econs; et. i. exploit STEPS; et. clear - H1. @@ -70,25 +70,25 @@ Variable prog: RTL.program. Variable tprog: LTL.program. Let md_src: Mod.t := (RTLC.module2 prog). Let md_tgt: Mod.t := (LTLC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states (idx: nat) (st_src0: RTL.state) (st_tgt0: LTL.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: Allocproof.match_states skenv_link tge st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(RTL.get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(LTLC.get_mem) = sm0.(SimMem.tgt)) + (MCOMPATSRC: (RTL.get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (LTLC.get_mem st_tgt0) = sm0.(SimMem.tgt)) (DUMMYTGT: strong_wf_tgt st_tgt0). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun _ f tf => transf_fundef f = OK tf) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. diff --git a/backend/CSEproofC.v b/backend/CSEproofC.v index 545a7ad3..664a10a6 100644 --- a/backend/CSEproofC.v +++ b/backend/CSEproofC.v @@ -22,25 +22,25 @@ Variable sm_link: SimMem.t. Variables prog tprog: program. Let md_src: Mod.t := (RTLC.module prog). Let md_tgt: Mod.t := (RTLC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states (idx: unit) (st_src0: RTL.state) (st_tgt0: RTL.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: CSEproof.match_states prog ge st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(get_mem) = sm0.(SimMem.tgt)). + (MCOMPATSRC: (get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (get_mem st_tgt0) = sm0.(SimMem.tgt)). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun cu f tf => transf_fundef (romem_for cu) f = OK tf) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. diff --git a/backend/CleanupLabelsproofC.v b/backend/CleanupLabelsproofC.v index ae2b9fff..49fe5ccc 100644 --- a/backend/CleanupLabelsproofC.v +++ b/backend/CleanupLabelsproofC.v @@ -19,7 +19,7 @@ Set Implicit Arguments. Definition strong_wf_tgt (st_tgt0: Linear.state): Prop := - exists sg_init ls_init, last_option st_tgt0.(LinearC.get_stack) = Some (Linear.dummy_stack sg_init ls_init). + exists sg_init ls_init, last_option (LinearC.get_stack st_tgt0) = Some (Linear.dummy_stack sg_init ls_init). Section SIMMODSEM. @@ -28,26 +28,26 @@ Variable sm_link: SimMem.t. Variable prog tprog: Linear.program. Let md_src: Mod.t := (LinearC.module prog). Let md_tgt: Mod.t := (LinearC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states (idx: nat) (st_src0 st_tgt0: Linear.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: CleanupLabelsproof.match_states st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(LinearC.get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(LinearC.get_mem) = sm0.(SimMem.tgt)) + (MCOMPATSRC: (LinearC.get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (LinearC.get_mem st_tgt0) = sm0.(SimMem.tgt)) (DUMMYTGT: strong_wf_tgt st_tgt0) (MEASURE: measure st_src0 = idx). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun ctx f tf => tf = transf_fundef f) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. diff --git a/backend/CminorC.v b/backend/CminorC.v index f47c5938..bc2578ce 100644 --- a/backend/CminorC.v +++ b/backend/CminorC.v @@ -31,24 +31,24 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: program. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) p.(Sk.of_program fn_sig). - Let ge: genv := skenv.(SkEnv.revive) p. + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (Sk.of_program fn_sig p). + Let ge: genv := (SkEnv.revive skenv) p. Inductive at_external: state -> Args.t -> Prop := | at_external_intro fptr_arg sg_arg vs_arg k0 m0 - (EXTERNAL: ge.(Genv.find_funct) fptr_arg = None) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr_arg = Some skd /\ Sk.get_csig skd = Some sg_arg): + (EXTERNAL: (Genv.find_funct ge) fptr_arg = None) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr_arg = Some skd /\ Sk.get_csig skd = Some sg_arg): at_external (Callstate fptr_arg sg_arg vs_arg k0 m0) (Args.mk fptr_arg vs_arg m0). Inductive initial_frame (args: Args.t): state -> Prop := | initial_frame_intro fd tvs (CSTYLE: Args.is_cstyle args /\ fd.(fn_sig).(sig_cstyle) = true) - (FINDF: Genv.find_funct ge args.(Args.fptr) = Some (Internal fd)) - (TYP: typecheck args.(Args.vs) fd.(fn_sig) tvs) - (LEN: args.(Args.vs).(length) = fd.(fn_sig).(sig_args).(length)): - initial_frame args (Callstate args.(Args.fptr) fd.(fn_sig) tvs Kstop args.(Args.m)). + (FINDF: Genv.find_funct ge (Args.fptr args) = Some (Internal fd)) + (TYP: typecheck (Args.vs args) fd.(fn_sig) tvs) + (LEN: (Args.vs args).(length) = fd.(fn_sig).(sig_args).(length)): + initial_frame args (Callstate (Args.fptr args) fd.(fn_sig) tvs Kstop (Args.m args)). Inductive final_frame: state -> Retv.t -> Prop := | final_frame_intro @@ -60,10 +60,10 @@ Section MODSEM. fptr_arg sg_arg vs_arg k m_arg retv tv (CSTYLE: Retv.is_cstyle retv) - (TYP: typify retv.(Retv.v) sg_arg.(proj_sig_res) = tv): + (TYP: typify (Retv.v retv) (proj_sig_res sg_arg) = tv): after_external (Callstate fptr_arg sg_arg vs_arg k m_arg) retv - (Returnstate tv k retv.(Retv.m)). + (Returnstate tv k (Retv.m retv)). Program Definition modsem: ModSem.t := {| ModSem.step := step; @@ -114,4 +114,4 @@ Section MODSEM. End MODSEM. Program Definition module (p: program): Mod.t := - {| Mod.data := p; Mod.get_sk := Sk.of_program fn_sig; Mod.get_modsem := modsem; |}. \ No newline at end of file + {| Mod.data := p; Mod.get_sk := Sk.of_program fn_sig; Mod.get_modsem := modsem; |}. diff --git a/backend/CminorSelC.v b/backend/CminorSelC.v index dda7bed6..b7195483 100644 --- a/backend/CminorSelC.v +++ b/backend/CminorSelC.v @@ -31,24 +31,24 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: program. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) p.(Sk.of_program fn_sig). - Let ge: genv := skenv.(SkEnv.revive) p. + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (Sk.of_program fn_sig p). + Let ge: genv := (SkEnv.revive skenv) p. Inductive at_external: state -> Args.t -> Prop := | at_external_intro fptr_arg sg_arg vs_arg k0 m0 - (EXTERNAL: ge.(Genv.find_funct) fptr_arg = None) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr_arg = Some skd /\ Sk.get_csig skd = Some sg_arg): + (EXTERNAL: (Genv.find_funct ge) fptr_arg = None) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr_arg = Some skd /\ Sk.get_csig skd = Some sg_arg): at_external (Callstate fptr_arg sg_arg vs_arg k0 m0) (Args.mk fptr_arg vs_arg m0). Inductive initial_frame (args: Args.t): state -> Prop := | initial_frame_intro fd tvs (CSTYLE: Args.is_cstyle args /\ fd.(fn_sig).(sig_cstyle) = true) - (FINDF: Genv.find_funct ge args.(Args.fptr) = Some (Internal fd)) - (TYP: typecheck args.(Args.vs) fd.(fn_sig) tvs) - (LEN: args.(Args.vs).(length) = fd.(fn_sig).(sig_args).(length)): - initial_frame args (Callstate args.(Args.fptr) fd.(fn_sig) tvs Kstop args.(Args.m)). + (FINDF: Genv.find_funct ge (Args.fptr args) = Some (Internal fd)) + (TYP: typecheck (Args.vs args) fd.(fn_sig) tvs) + (LEN: (Args.vs args).(length) = fd.(fn_sig).(sig_args).(length)): + initial_frame args (Callstate (Args.fptr args) fd.(fn_sig) tvs Kstop (Args.m args)). Inductive final_frame: state -> Retv.t -> Prop := | final_frame_intro @@ -59,10 +59,10 @@ Section MODSEM. | after_external_intro fptr_arg sg_arg vs_arg k m_arg retv tv (CSTYLE: Retv.is_cstyle retv) - (TYP: typify retv.(Retv.v) sg_arg.(proj_sig_res) = tv): + (TYP: typify (Retv.v retv) (proj_sig_res sg_arg) = tv): after_external (Callstate fptr_arg sg_arg vs_arg k m_arg) retv - (Returnstate tv k retv.(Retv.m)). + (Returnstate tv k (Retv.m retv)). Program Definition modsem: ModSem.t := {| ModSem.step := step; @@ -146,4 +146,4 @@ Section MODSEM. End MODSEM. Program Definition module (p: program): Mod.t := - {| Mod.data := p; Mod.get_sk := Sk.of_program fn_sig; Mod.get_modsem := modsem; |}. \ No newline at end of file + {| Mod.data := p; Mod.get_sk := Sk.of_program fn_sig; Mod.get_modsem := modsem; |}. diff --git a/backend/ConstpropproofC.v b/backend/ConstpropproofC.v index 6d643151..98114a99 100644 --- a/backend/ConstpropproofC.v +++ b/backend/ConstpropproofC.v @@ -21,24 +21,24 @@ Variable sm_link: SimMem.t. Variables prog tprog: program. Let md_src: Mod.t := (RTLC.module prog). Let md_tgt: Mod.t := (RTLC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states (idx: nat) (st_src0: RTL.state) (st_tgt0: RTL.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: Constpropproof.match_states prog idx st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(get_mem) = sm0.(SimMem.tgt)). + (MCOMPATSRC: (get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (get_mem st_tgt0) = sm0.(SimMem.tgt)). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun cu f tf => tf = transf_fundef (romem_for cu) f) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. diff --git a/backend/DeadcodeproofC.v b/backend/DeadcodeproofC.v index 45ec01b6..e1bc37b4 100644 --- a/backend/DeadcodeproofC.v +++ b/backend/DeadcodeproofC.v @@ -22,25 +22,25 @@ Variable sm_link: SimMem.t. Variables prog tprog: program. Let md_src: Mod.t := (RTLC.module prog). Let md_tgt: Mod.t := (RTLC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states (idx: unit) (st_src0: RTL.state) (st_tgt0: RTL.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: Deadcodeproof.match_states prog ge st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(get_mem) = sm0.(SimMem.tgt)). + (MCOMPATSRC: (get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (get_mem st_tgt0) = sm0.(SimMem.tgt)). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun cu f tf => transf_fundef (romem_for cu) f = OK tf) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. diff --git a/backend/DebugvarproofC.v b/backend/DebugvarproofC.v index c247dee7..6641d481 100644 --- a/backend/DebugvarproofC.v +++ b/backend/DebugvarproofC.v @@ -16,7 +16,7 @@ Set Implicit Arguments. Definition strong_wf_tgt (st_tgt0: Linear.state): Prop := - exists sg_init ls_init, last_option st_tgt0.(LinearC.get_stack) = Some (Linear.dummy_stack sg_init ls_init). + exists sg_init ls_init, last_option (LinearC.get_stack st_tgt0) = Some (Linear.dummy_stack sg_init ls_init). Section SIMMODSEM. @@ -25,25 +25,25 @@ Variable sm_link: SimMem.t. Variables prog tprog: program. Let md_src: Mod.t := (LinearC.module prog). Let md_tgt: Mod.t := (LinearC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states (idx: nat) (st_src0: Linear.state) (st_tgt0: Linear.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: Debugvarproof.match_states st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(get_mem) = sm0.(SimMem.tgt)) + (MCOMPATSRC: (get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (get_mem st_tgt0) = sm0.(SimMem.tgt)) (DUMMYTGT: strong_wf_tgt st_tgt0). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun _ f tf => transf_fundef f = Errors.OK tf) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. diff --git a/backend/InliningproofC.v b/backend/InliningproofC.v index ea322ee5..61b246b7 100644 --- a/backend/InliningproofC.v +++ b/backend/InliningproofC.v @@ -25,12 +25,12 @@ Variable sm_link: SimMem.t. Variables prog tprog: program. Let md_src: Mod.t := (RTLC.module prog). Let md_tgt: Mod.t := (RTLC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states @@ -40,7 +40,7 @@ Inductive match_states (MCOMPATIDX: idx = Inliningproof.measure st_src0). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun cunit f tf => transf_fundef (funenv_program cunit) f = OK tf) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. diff --git a/backend/LTLC.v b/backend/LTLC.v index ea6fb079..bd1b0e90 100644 --- a/backend/LTLC.v +++ b/backend/LTLC.v @@ -25,7 +25,7 @@ Definition get_stack (st: state): list stackframe := end. Definition step: state -> trace -> state -> Prop := fun st0 tr st1 => - <> /\ < []>>. + <> /\ < []>>. End NEWSTEP. @@ -55,7 +55,7 @@ Definition undef_outgoing_slots (ls: locset): locset := Definition stackframes_after_external (stack: list stackframe): list stackframe := match stack with | nil => nil - | Stackframe f sp ls bb :: tl => Stackframe f sp ls.(undef_outgoing_slots) bb :: tl + | Stackframe f sp ls bb :: tl => Stackframe f sp (undef_outgoing_slots ls) bb :: tl end. @@ -64,14 +64,14 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: program. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) p.(Sk.of_program fn_sig). - Let ge: genv := skenv.(SkEnv.revive) p. + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (Sk.of_program fn_sig p). + Let ge: genv := (SkEnv.revive skenv) p. Inductive at_external: state -> Args.t -> Prop := | at_external_intro stack fptr_arg sg_arg ls vs_arg m0 - (EXTERNAL: ge.(Genv.find_funct) fptr_arg = None) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr_arg = Some skd /\ Sk.get_csig skd = Some sg_arg) + (EXTERNAL: (Genv.find_funct ge) fptr_arg = None) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr_arg = Some skd /\ Sk.get_csig skd = Some sg_arg) (VALS: vs_arg = map (fun p => Locmap.getpair p ls) (loc_arguments sg_arg)): at_external (Callstate stack fptr_arg sg_arg ls m0) (Args.mk fptr_arg vs_arg m0). @@ -80,19 +80,19 @@ Section MODSEM. fd tvs ls_init sg (CSTYLE: Args.is_cstyle args /\ fd.(fn_sig).(sig_cstyle) = true) (SIG: sg = fd.(fn_sig)) - (FINDF: Genv.find_funct ge args.(Args.fptr) = Some (Internal fd)) - (TYP: typecheck args.(Args.vs) fd.(fn_sig) tvs) + (FINDF: Genv.find_funct ge (Args.fptr args) = Some (Internal fd)) + (TYP: typecheck (Args.vs args) fd.(fn_sig) tvs) (LOCSET: tvs = map (fun p => Locmap.getpair p ls_init) (loc_arguments sg)) n m0 - (JUNK: assign_junk_blocks args.(Args.m) n = m0) + (JUNK: assign_junk_blocks (Args.m args) n = m0) (PTRFREE: forall loc (* (NOTIN: Loc.notin loc (regs_of_rpairs (loc_arguments sg))) *) (NOTIN: ~In loc (regs_of_rpairs (loc_arguments sg))), - <>) + <>) (SLOT: forall sl ty ofs (NOTIN: ~In (S sl ty ofs) (regs_of_rpairs (loc_arguments sg))), <>): - initial_frame args (Callstate [dummy_stack sg ls_init] args.(Args.fptr) sg ls_init m0). + initial_frame args (Callstate [dummy_stack sg ls_init] (Args.fptr args) sg ls_init m0). Inductive final_frame: state -> Retv.t -> Prop := | final_frame_intro @@ -105,11 +105,11 @@ Section MODSEM. stack fptr_arg sg_arg ls_arg m_arg retv ls_after (CSTYLE: Retv.is_cstyle retv) (LSAFTER: ls_after = Locmap.setpair (loc_result sg_arg) - (typify retv.(Retv.v) sg_arg.(proj_sig_res)) + (typify (Retv.v retv) (proj_sig_res sg_arg)) (undef_caller_save_regs ls_arg)): after_external (Callstate stack fptr_arg sg_arg ls_arg m_arg) retv - (Returnstate stack.(stackframes_after_external) ls_after retv.(Retv.m)). + (Returnstate (stackframes_after_external stack) ls_after (Retv.m retv)). Program Definition modsem: ModSem.t := {| ModSem.step := step; diff --git a/backend/LinearC.v b/backend/LinearC.v index c36583cd..8f980157 100644 --- a/backend/LinearC.v +++ b/backend/LinearC.v @@ -25,7 +25,7 @@ Definition get_stack (st: state): list stackframe := end. Definition step: state -> trace -> state -> Prop := fun st0 tr st1 => - <> /\ < []>>. + <> /\ < []>>. End NEWSTEP. @@ -74,12 +74,12 @@ Definition undef_outgoing_slots (ls: locset): locset := Definition stackframes_after_external (stack: list stackframe): list stackframe := match stack with | nil => nil - | Stackframe f sp ls bb :: tl => Stackframe f sp ls.(undef_outgoing_slots) bb :: tl + | Stackframe f sp ls bb :: tl => Stackframe f sp (undef_outgoing_slots ls) bb :: tl end. Lemma parent_locset_after_external: forall stack, - <> - \/ <>. + <> + \/ <>. Proof. destruct stack; ss. { left; ss. } @@ -90,14 +90,14 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: program. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) p.(Sk.of_program fn_sig). - Let ge: genv := skenv.(SkEnv.revive) p. + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (Sk.of_program fn_sig p). + Let ge: genv := (SkEnv.revive skenv) p. Inductive at_external: state -> Args.t -> Prop := | at_external_intro stack fptr_arg sg ls vs_arg m0 - (EXTERNAL: ge.(Genv.find_funct) fptr_arg = None) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr_arg = Some skd /\ Sk.get_csig skd = Some sg) + (EXTERNAL: (Genv.find_funct ge) fptr_arg = None) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr_arg = Some skd /\ Sk.get_csig skd = Some sg) (VALS: vs_arg = map (fun p => Locmap.getpair p ls) (loc_arguments sg)): at_external (Callstate stack fptr_arg sg ls m0) (Args.Cstyle fptr_arg vs_arg m0). @@ -106,20 +106,20 @@ Section MODSEM. fd ls_init sg tvs n m0 (CSTYLE: Args.is_cstyle args /\ fd.(fn_sig).(sig_cstyle) = true) (SIG: sg = fd.(fn_sig)) - (FINDF: Genv.find_funct ge args.(Args.fptr) = Some (Internal fd)) - (TYP: typecheck args.(Args.vs) sg tvs) + (FINDF: Genv.find_funct ge (Args.fptr args) = Some (Internal fd)) + (TYP: typecheck (Args.vs args) sg tvs) (LOCSET: tvs = map (fun p => Locmap.getpair p ls_init) (loc_arguments sg)) - (JUNK: assign_junk_blocks args.(Args.m) n = m0) + (JUNK: assign_junk_blocks (Args.m args) n = m0) (PTRFREE: forall loc (* (NOTIN: Loc.notin loc (regs_of_rpairs (loc_arguments sg))) *) (NOTIN: ~In loc (regs_of_rpairs (loc_arguments sg))), - <>) + <>) (SLOT: forall sl ty ofs (NOTIN: ~In (S sl ty ofs) (regs_of_rpairs (loc_arguments sg))), <>): - initial_frame args (Callstate [dummy_stack sg ls_init] args.(Args.fptr) sg ls_init m0). + initial_frame args (Callstate [dummy_stack sg ls_init] (Args.fptr args) sg ls_init m0). Inductive final_frame: state -> Retv.t -> Prop := | final_frame_intro @@ -132,11 +132,11 @@ Section MODSEM. stack fptr_arg sg_arg ls_arg m_arg retv ls_after (CSTYLE: Retv.is_cstyle retv) (LSAFTER: ls_after = Locmap.setpair (loc_result sg_arg) - (typify retv.(Retv.v) sg_arg.(proj_sig_res)) + (typify (Retv.v retv) (proj_sig_res sg_arg)) (undef_caller_save_regs ls_arg)): after_external (Callstate stack fptr_arg sg_arg ls_arg m_arg) retv - (Returnstate stack.(stackframes_after_external) ls_after retv.(Retv.m)). + (Returnstate (stackframes_after_external stack) ls_after (Retv.m retv)). Program Definition modsem: ModSem.t := {| ModSem.step := step; diff --git a/backend/LinearizeproofC.v b/backend/LinearizeproofC.v index 2e12fd48..508a91b2 100644 --- a/backend/LinearizeproofC.v +++ b/backend/LinearizeproofC.v @@ -19,7 +19,7 @@ Set Implicit Arguments. Definition strong_wf_tgt (st_tgt0: Linear.state): Prop := - exists sg_init ls_init, last_option st_tgt0.(LinearC.get_stack) = Some (Linear.dummy_stack sg_init ls_init). + exists sg_init ls_init, last_option (LinearC.get_stack st_tgt0) = Some (Linear.dummy_stack sg_init ls_init). Section SIMMODSEM. @@ -29,26 +29,26 @@ Variable prog: LTL.program. Variable tprog: Linear.program. Let md_src: Mod.t := (LTLC.module prog). Let md_tgt: Mod.t := (LinearC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states (idx: nat) (st_src0: LTL.state) (st_tgt0: Linear.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: Linearizeproof.match_states st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(LTLC.get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(LinearC.get_mem) = sm0.(SimMem.tgt)) + (MCOMPATSRC: (LTLC.get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (LinearC.get_mem st_tgt0) = sm0.(SimMem.tgt)) (DUMMYTGT: strong_wf_tgt st_tgt0) (MEASURE: measure st_src0 = idx). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun _ f tf => transf_fundef f = OK tf) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. diff --git a/backend/LocationsC.v b/backend/LocationsC.v index cf3ede01..2352b011 100644 --- a/backend/LocationsC.v +++ b/backend/LocationsC.v @@ -101,8 +101,8 @@ Lemma loc_arguments_norepet_aux tys (ir fr ofs: Z) locs (LOCS: (regs_of_rpairs (loc_arguments_64 tys ir fr ofs)) = locs): (<>) - /\ (<>) - /\ (<>). + /\ (<>) + /\ (<>). Proof. ginduction tys; ii; clarify. { esplits; ii; ss; econs. } @@ -278,7 +278,7 @@ Fixpoint fill_arguments (ls0: locset) (args: list val) (locs: list (rpair loc)): match loc with | One loc => Some (locmap_put loc arg ls1) | Twolong hi lo => (* not used *) - Some (Locmap.set lo arg.(Val.loword) (Locmap.set hi arg.(Val.hiword) ls1)) + Some (Locmap.set lo (Val.loword arg) (Locmap.set hi (Val.hiword arg) ls1)) end | None => None end diff --git a/backend/MachC.v b/backend/MachC.v index 321c01f3..e1bd5970 100644 --- a/backend/MachC.v +++ b/backend/MachC.v @@ -36,7 +36,7 @@ Definition get_stack (st: state): list stackframe := end. Definition step: state -> trace -> state -> Prop := fun st0 tr st1 => - <> /\ < []>>. + <> /\ < []>>. End NEWSTEP. @@ -48,7 +48,7 @@ Definition locset_copy (diff: Z) (rs: Mach.regset): locset := | S _ _ _ => Vundef | R r => match rs r with - | Vptr blk ofs => Vptr (blk.(Zpos) + diff).(Z.to_pos) ofs + | Vptr blk ofs => Vptr (Z.to_pos (blk.(Zpos) + diff)) ofs | _ => rs r end end. @@ -70,8 +70,8 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: program. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) p.(Sk.of_program fn_sig). - Let ge: genv := skenv.(SkEnv.revive) p. + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (Sk.of_program fn_sig p). + Let ge: genv := (SkEnv.revive skenv) p. Record state := mkstate { init_rs: Mach.regset; @@ -83,13 +83,13 @@ Section MODSEM. | at_external_intro stack rs m0 m1 fptr sg vs blk ofs init_rs init_sg (EXTERNAL: Genv.find_funct ge fptr = None) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr = Some skd /\ Sk.get_csig skd = Some sg) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr = Some skd /\ Sk.get_csig skd = Some sg) (VALS: Mach.extcall_arguments rs m0 (parent_sp stack) sg vs) (ARGSRANGE: Ptrofs.unsigned ofs + 4 * size_arguments sg <= Ptrofs.max_unsigned) (RSP: (parent_sp stack) = Vptr blk ofs) (ALIGN: forall chunk (CHUNK: size_chunk chunk <= 4 * (size_arguments sg)), - (align_chunk chunk | ofs.(Ptrofs.unsigned))) - (FREE: Mem.free m0 blk ofs.(Ptrofs.unsigned) (ofs.(Ptrofs.unsigned) + 4 * (size_arguments sg)) = Some m1): + (align_chunk chunk | (Ptrofs.unsigned ofs))) + (FREE: Mem.free m0 blk (Ptrofs.unsigned ofs) ((Ptrofs.unsigned ofs) + 4 * (size_arguments sg)) = Some m1): at_external (mkstate init_rs init_sg (Callstate stack fptr rs m0)) (Args.mk fptr vs m1). Inductive initial_frame (args: Args.t) : state -> Prop := @@ -98,9 +98,9 @@ Section MODSEM. (CSTYLE: Args.is_cstyle args /\ fd.(fn_sig).(sig_cstyle) = true) (RAPTR: Val.has_type ra Tptr) (SIG: sg = fd.(fn_sig)) - (FINDF: Genv.find_funct ge args.(Args.fptr) = Some (Internal fd)) - (TYP: typecheck args.(Args.vs) sg targs) - (STORE: store_arguments args.(Args.m) rs targs sg m0) + (FINDF: Genv.find_funct ge (Args.fptr args) = Some (Internal fd)) + (TYP: typecheck (Args.vs args) sg targs) + (STORE: store_arguments (Args.m args) rs targs sg m0) (JUNK: assign_junk_blocks m0 n = m1) (PTRFREE: forall mr (* (NOTIN: Loc.notin (R mr) (regs_of_rpairs (loc_arguments sg))) *) @@ -108,8 +108,8 @@ Section MODSEM. <>): initial_frame args (mkstate rs sg (Callstate [dummy_stack - (Vptr args.(Args.m).(Mem.nextblock) Ptrofs.zero) ra] - args.(Args.fptr) rs m1)). + (Vptr (Args.m args).(Mem.nextblock) Ptrofs.zero) ra] + (Args.fptr args) rs m1)). (* TODO: change (Vptr args.(Args.m).(Mem.nextblock) Ptrofs.zero) into sp *) Inductive final_frame: state -> Retv.t -> Prop := @@ -125,11 +125,11 @@ Section MODSEM. | after_external_intro init_rs init_sg stack fptr ls0 m0 ls1 m1 retv sg blk ofs (CSTYLE: Retv.is_cstyle retv) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr = Some skd /\ Sk.get_csig skd = Some sg) - (REGSET: ls1 = (set_pair (loc_result sg) retv.(Retv.v) (regset_after_external ls0))) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr = Some skd /\ Sk.get_csig skd = Some sg) + (REGSET: ls1 = (set_pair (loc_result sg) (Retv.v retv) (regset_after_external ls0))) (RSP: (parent_sp stack) = Vptr blk ofs) - (MEMWF: Ple (Senv.nextblock skenv_link) retv.(Retv.m).(Mem.nextblock)) - (UNFREE: Mem_unfree retv.(Retv.m) blk ofs.(Ptrofs.unsigned) (ofs.(Ptrofs.unsigned) + 4 * (size_arguments sg)) = Some m1): + (MEMWF: Ple (Senv.nextblock skenv_link) (Retv.m retv).(Mem.nextblock)) + (UNFREE: Mem_unfree (Retv.m retv) blk (Ptrofs.unsigned ofs) (Ptrofs.unsigned (ofs) + 4 * (size_arguments sg)) = Some m1): after_external (mkstate init_rs init_sg (Callstate stack fptr ls0 m0)) retv (mkstate init_rs init_sg (Returnstate stack ls1 m1)). @@ -139,7 +139,7 @@ Section MODSEM. (STEP: Mach.step rao se ge st0.(st) tr st1.(st)) (INITRS: st0.(init_rs) = st1.(init_rs)) (INITFPTR: st0.(init_sg) = st1.(init_sg)) - (NOTDUMMY: st1.(st).(get_stack) <> []). + (NOTDUMMY: (get_stack st1.(st)) <> []). Lemma extcall_arguments_dtm rs m rsp sg vs0 vs1 diff --git a/backend/MachExtra.v b/backend/MachExtra.v index e8f86c34..7d81ef2e 100644 --- a/backend/MachExtra.v +++ b/backend/MachExtra.v @@ -30,7 +30,7 @@ Lemma mach_store_arguments_simmem <> /\ <> /\ <>. + (tgt_private sm1) sm0.(SimMem.tgt).(Mem.nextblock) ofs>>. Proof. i. subst_locals. inv STORE. exploit Mem.alloc_right_inject; try apply MWF; eauto. i; des. diff --git a/backend/RTLC.v b/backend/RTLC.v index e7ee1b97..4375ac60 100644 --- a/backend/RTLC.v +++ b/backend/RTLC.v @@ -16,34 +16,34 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: program. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) p.(Sk.of_program fn_sig). - Let ge: genv := skenv.(SkEnv.revive) p. + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (Sk.of_program fn_sig p). + Let ge: genv := (SkEnv.revive skenv) p. Inductive at_external: state -> Args.t -> Prop := | at_external_intro stack fptr_arg sg_arg vs_arg m0 - (EXTERNAL: ge.(Genv.find_funct) fptr_arg = None) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr_arg = Some skd /\ Sk.get_csig skd = Some sg_arg /\ sg_arg.(sig_cstyle)): + (EXTERNAL: (Genv.find_funct ge) fptr_arg = None) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr_arg = Some skd /\ Sk.get_csig skd = Some sg_arg /\ sg_arg.(sig_cstyle)): at_external (Callstate stack fptr_arg sg_arg vs_arg m0) (Args.mk fptr_arg vs_arg m0). Inductive initial_frame (args: Args.t): state -> Prop := | initial_frame_intro fd tvs (CSTYLE: Args.is_cstyle args /\ fd.(fn_sig).(sig_cstyle) = true) - (FINDF: Genv.find_funct ge args.(Args.fptr) = Some (Internal fd)) - (TYP: typecheck args.(Args.vs) fd.(fn_sig) tvs) - (LEN: args.(Args.vs).(length) = fd.(fn_sig).(sig_args).(length)): - initial_frame args (Callstate [] args.(Args.fptr) fd.(fn_sig) tvs args.(Args.m)). + (FINDF: Genv.find_funct ge (Args.fptr args) = Some (Internal fd)) + (TYP: typecheck (Args.vs args) fd.(fn_sig) tvs) + (LEN: (Args.vs args).(length) = fd.(fn_sig).(sig_args).(length)): + initial_frame args (Callstate [] (Args.fptr args) fd.(fn_sig) tvs (Args.m args)). Inductive initial_frame2 (args: Args.t): state -> Prop := | initial_frame2_intro fd tvs n m0 (CSTYLE: Args.is_cstyle args /\ fd.(fn_sig).(sig_cstyle) = true) - (FINDF: Genv.find_funct ge args.(Args.fptr) = Some (Internal fd)) - (TYP: typecheck args.(Args.vs) fd.(fn_sig) tvs) - (LEN: args.(Args.vs).(length) = fd.(fn_sig).(sig_args).(length)) - (JUNK: assign_junk_blocks args.(Args.m) n = m0): - initial_frame2 args (Callstate [] args.(Args.fptr) fd.(fn_sig) tvs m0). + (FINDF: Genv.find_funct ge (Args.fptr args) = Some (Internal fd)) + (TYP: typecheck (Args.vs args) fd.(fn_sig) tvs) + (LEN: (Args.vs args).(length) = fd.(fn_sig).(sig_args).(length)) + (JUNK: assign_junk_blocks (Args.m args) n = m0): + initial_frame2 args (Callstate [] (Args.fptr args) fd.(fn_sig) tvs m0). Inductive final_frame: state -> Retv.t -> Prop := | final_frame_intro @@ -54,10 +54,10 @@ Section MODSEM. | after_external_intro stack fptr_arg sg_arg vs_arg m_arg retv tv (CSTYLE: Retv.is_cstyle retv) - (TYP: typify retv.(Retv.v) sg_arg.(proj_sig_res) = tv): + (TYP: typify (Retv.v retv) (proj_sig_res sg_arg) = tv): after_external (Callstate stack fptr_arg sg_arg vs_arg m_arg) retv - (Returnstate stack tv retv.(Retv.m)). + (Returnstate stack tv (Retv.m retv)). Program Definition modsem: ModSem.t := {| ModSem.step := step; diff --git a/backend/RTLgenproofC.v b/backend/RTLgenproofC.v index b8d44eb7..cd5a1fe7 100644 --- a/backend/RTLgenproofC.v +++ b/backend/RTLgenproofC.v @@ -21,26 +21,26 @@ Variable prog: CminorSel.program. Variable tprog: RTL.program. Let md_src: Mod.t := (CminorSelC.module prog). Let md_tgt: Mod.t := (RTLC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states (idx: nat * nat) (st_src0: CminorSel.state) (st_tgt0: RTL.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: RTLgenproof.match_states st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(CminorSelC.get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(get_mem) = sm0.(SimMem.tgt)) + (MCOMPATSRC: (CminorSelC.get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (get_mem st_tgt0) = sm0.(SimMem.tgt)) (MEASRUE: idx = measure_state st_src0). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun cu f tf => transl_fundef f = Errors.OK tf) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. diff --git a/backend/RenumberproofC.v b/backend/RenumberproofC.v index 5c2104d0..38a95c81 100644 --- a/backend/RenumberproofC.v +++ b/backend/RenumberproofC.v @@ -19,24 +19,24 @@ Variable sm_link: SimMem.t. Variables prog tprog: program. Let md_src: Mod.t := (RTLC.module prog). Let md_tgt: Mod.t := (RTLC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states (idx: nat) (st_src0: RTL.state) (st_tgt0: RTL.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: Renumberproof.match_states st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(get_mem) = sm0.(SimMem.tgt)). + (MCOMPATSRC: (get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (get_mem st_tgt0) = sm0.(SimMem.tgt)). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun _ f tf => tf = transf_fundef f) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. diff --git a/backend/SelectionproofC.v b/backend/SelectionproofC.v index 4d168eb8..5a9b9477 100644 --- a/backend/SelectionproofC.v +++ b/backend/SelectionproofC.v @@ -27,26 +27,26 @@ Variable prog: Cminor.program. Variable tprog: CminorSel.program. Let md_src: Mod.t := (CminorC.module prog). Let md_tgt: Mod.t := (CminorSelC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states (idx: nat) (st_src0: Cminor.state) (st_tgt0: CminorSel.state) (sm0: SimMem.t): Prop := | match_states_intro - (MATCHST: Selectionproof.match_states prog skenv_link ge tge st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(CminorC.get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(CminorSelC.get_mem) = sm0.(SimMem.tgt)) + (MATCHST: Selectionproof.match_states prog ge st_src0 st_tgt0) + (MCOMPATSRC: (CminorC.get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (CminorSelC.get_mem st_tgt0) = sm0.(SimMem.tgt)) (MEASURE: idx = measure st_src0). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef match_fundef eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. @@ -122,7 +122,7 @@ Proof. eapply lessdef_typify; ss. - (* final fsim *) inv MATCH. inv FINALSRC; inv MATCHST; ss. rr in MC. destruct sm0; ss. clarify. - exploit MC; eauto. intro P. inv P. + inv MC. eexists (SimMemExt.mk _ _). esplits; ss; eauto. econs; eauto. - left; i. esplits; eauto. { apply CminorC.modsem_receptive; et. } @@ -149,6 +149,7 @@ Proof. rpapply PROG. f_equal. eapply Genv.genv_vars_inj; eauto. } { apply make_match_genvs; eauto. apply SIMSKENV. } + { admit "FILL THIS". } i; des_safe. folder. des. + esplits; eauto. * left. apply plus_one. ss. unfold DStep in *. des; ss. esplits; eauto. apply modsem_determinate; et. @@ -156,9 +157,13 @@ Proof. + clarify. esplits; eauto. * right. esplits; eauto. { apply star_refl. } * instantiate (1:= (SimMemExt.mk _ _)). ss. + + admit "". + (* clarify. esplits; eauto. *) + (* * left. apply plus_one. ss. unfold DStep in *. des; ss. esplits; eauto. apply modsem_determinate; et. *) + (* * instantiate (1:= (SimMemExt.mk _ _)). ss. *) Unshelve. all: ss. apply msp. - { eapply mk_helper_functions; ss; eauto. all: repeat econs; eauto. } + (* { eapply mk_helper_functions; ss; eauto. all: repeat econs; eauto. } *) Qed. End SIMMODSEM. diff --git a/backend/SeparationC.v b/backend/SeparationC.v index 3909cd57..b86dc222 100644 --- a/backend/SeparationC.v +++ b/backend/SeparationC.v @@ -234,7 +234,7 @@ Qed. Program Definition freed_range (b: block) (lo hi: Z): massert := {| m_pred := fun m => - <> /\ < m.(Mem.valid_block) b>> + <> /\ < (Mem.valid_block m) b>> ; m_footprint := brange b lo hi ; @@ -308,7 +308,7 @@ Lemma range_nonnil_valid_block (SEP: m |= range b lo hi) (RANGE: lo < hi) : - <>. + <>. Proof. ss. des. specialize (SEP1 lo). exploit SEP1; eauto. { lia. } i. eapply Mem.perm_valid_block; eauto. Unshelve. diff --git a/backend/StackingproofC.v b/backend/StackingproofC.v index 230fb493..fce06984 100644 --- a/backend/StackingproofC.v +++ b/backend/StackingproofC.v @@ -61,7 +61,7 @@ Lemma match_stacks_sp_valid se tse ge j cs cs' sg sm0 sp' (STKS: match_stacks se tse ge j cs cs' sg sm0) (SP: parent_sp cs' = Vptr sp' Ptrofs.zero): - <>. Proof. inv STKS; des_safe; ss; clarify; inv MAINARGS; esplits; eauto. Qed. @@ -80,7 +80,7 @@ Lemma arguments_private (STACKS: match_stacks se tse ge F stk_src stk_tgt sg sm) (SP: parent_sp stk_tgt = Vptr sp_tgt spdelta): <<_ : forall ofs (OFS: 0 <= ofs < 4 * size_arguments sg), - (<>)>>. + (<>)>>. Proof. ii. eapply separation_private; eauto. destruct stk_tgt; ss. { inv STACKS. inv MAINARGS. } des_ifs. destruct stk_src; ss. @@ -109,7 +109,7 @@ Lemma arguments_perm (STACKS: match_stacks se tse ge F stk_src stk_tgt sg sm) (SP: parent_sp stk_tgt = Vptr sp_tgt spdelta): <<_ : forall ofs (OFS: 0 <= ofs < 4 *size_arguments sg), - (<>)>>. + (<>)>>. Proof. ii. destruct stk_tgt; ss. { inv STACKS. inv MAINARGS. } des_ifs. destruct stk_src; ss. { sep_simpl_tac. des; ss. } @@ -143,7 +143,7 @@ Proof. ss. des. esplits; eauto. ii. eauto with mem. Qed. Lemma agree_callee_save_regs_undef_outgoing_slots ls0 ls1 (AG: agree_callee_save_regs ls0 ls1): - <>. + <>. Proof. ii. unfold undef_outgoing_slots. apply AG; ss. Qed. Program Definition freed_contains_locations (j: meminj) (sp: block) (pos bound: Z) (sl: slot) (ls: locset) : massert := {| @@ -238,7 +238,7 @@ Lemma unfree_freed_contains_locations ** CTX) (FREE: Mem_unfree m0 sp pos (pos + 4 * sz) = Some m1) (BOUND: sz <= bound): - <>. + <>. Proof. rewrite <- sep_assoc in SEP. hexploit Mem_unfree_perm; et. intro PERM; des. @@ -300,7 +300,7 @@ Definition frame_contents_at_external f (j: meminj) (sp: block) (ls ls0: locset) Fixpoint stack_contents_at_external (j: meminj) (cs: list Linear.stackframe) (cs': list Mach.stackframe) sg : massert := match cs, cs' with | [Linear.Stackframe f _ ls _], [Mach.Stackframe fb (Vptr sp' spofs) ra _] => - (freed_range sp' spofs.(Ptrofs.unsigned) (4 * (size_arguments sg))) + (freed_range sp' (Ptrofs.unsigned spofs) (4 * (size_arguments sg))) ** range sp' (4 * (size_arguments sg)) (4 * (size_arguments f.(Linear.fn_sig))) (* pure True *) | Linear.Stackframe f _ ls c :: cs, Mach.Stackframe fb (Vptr sp' spofs) ra c' :: cs' => @@ -321,7 +321,7 @@ Proof. ii; ss. des_ifs. Qed. Lemma stackframes_after_external_footprint: forall j cs cs', (stack_contents j cs cs').(m_footprint) = - (stack_contents j cs.(stackframes_after_external) cs').(m_footprint). + (stack_contents j (stackframes_after_external cs) cs').(m_footprint). Proof. i. apply func_ext1; i. apply func_ext1; i. apply prop_ext. split; i. @@ -476,7 +476,7 @@ End STACKINGEXTRA. Definition strong_wf_tgt (st_tgt0: Mach.state): Prop := - exists parent_sp parent_ra, last_option st_tgt0.(MachC.get_stack) = Some (Mach.dummy_stack parent_sp parent_ra). + exists parent_sp parent_ra, last_option (MachC.get_stack st_tgt0) = Some (Mach.dummy_stack parent_sp parent_ra). Local Transparent make_env sepconj. @@ -539,11 +539,11 @@ Hypothesis TRANSF: match_prog prog tprog. Variable rao: Mach.function -> Mach.code -> ptrofs -> Prop. Let md_src: Mod.t := (LinearC.module prog). Let md_tgt: Mod.t := (MachC.module tprog rao). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Hypothesis return_address_offset_exists: forall f sg ros c v (FUNCT: Genv.find_funct tge v = Some (Internal f)), is_tail (Mcall sg ros :: c) (fn_code f) -> @@ -592,19 +592,19 @@ Lemma init_match_frame_contents (locset_copy (sm_arg.(SimMemInj.src).(Mem.nextblock).(Zpos) - m_tgt0.(Mem.nextblock).(Zpos)) rs) (typify_list vs_src sg.(sig_args)) (loc_arguments sg) = Some ls) (SIMVS: Val.inject_list (SimMemInj.inj sm_arg) vs_src vs_tgt) - (SM0: sm_init = sm_arg.(SimMemInjC.update) sm_arg.(SimMemInj.src) m_tgt0 sm_arg.(SimMemInj.inj)) + (SM0: sm_init = (SimMemInjC.update sm_arg) sm_arg.(SimMemInj.src) m_tgt0 sm_arg.(SimMemInj.inj)) (PRIV: forall ofs (BDD: 0 <= ofs < 4 * size_arguments sg), SimMemInj.tgt_private sm_init (Mem.nextblock sm_arg.(SimMemInj.tgt)) ofs) (MLE0: SimMem.le sm_arg sm_init) (MWF0: SimMem.wf sm_init) - (SM1: sm_junkinj = sm_init.(SimMemInjC.update) (assign_junk_blocks sm_init.(SimMemInj.src) n) + (SM1: sm_junkinj = (SimMemInjC.update sm_init) (assign_junk_blocks sm_init.(SimMemInj.src) n) (assign_junk_blocks m_tgt0 n) (SimMemInjC.inject_junk_blocks sm_init.(SimMemInj.src) m_tgt0 n sm_arg.(SimMemInj.inj))) (MLE1: SimMem.le sm_init sm_junkinj) (MWF1: SimMem.wf sm_junkinj) - (NB: Ple (Genv.genv_next (SkEnv.project skenv_link md_src.(Mod.sk))) (Mem.nextblock m_tgt0)): + (NB: Ple (Genv.genv_next (SkEnv.project skenv_link (Mod.sk md_src))) (Mem.nextblock m_tgt0)): assign_junk_blocks m_tgt0 n |= dummy_frame_contents sm_arg.(SimMemInj.inj) ls sg (Mem.nextblock sm_arg.(SimMemInj.tgt)) 0 ** minjection sm_junkinj.(SimMemInj.inj) sm_junkinj.(SimMemInj.src) @@ -772,12 +772,12 @@ Qed. Lemma stack_contents_at_external_spec_elim sm_ret stack cs' sg sp sm_after - (STACKS: match_stacks tge _ (SimMemInj.inj sm_ret) stack.(stackframes_after_external) cs' sg sm_after) + (STACKS: match_stacks tge _ (SimMemInj.inj sm_ret) (stackframes_after_external stack) cs' sg sm_after) (RSP: parent_sp cs' = Vptr sp Ptrofs.zero) (UNFREETGT: Mem_unfree (SimMemInj.tgt sm_ret) sp 0 (4 * size_arguments sg) = Some (SimMemInj.tgt sm_after)) (SEP: SimMemInj.tgt sm_ret |= stack_contents_at_external (SimMemInj.inj sm_ret) stack cs' sg): <>. + (stackframes_after_external stack) cs'>>. Proof. hexploit Mem_nextblock_unfree; eauto. intro NB. hexploit Mem_unfree_perm; et. intro PERM. @@ -868,14 +868,14 @@ Inductive match_states (MATCHST: Stackingproof.match_states skenv_link skenv_link ge tge st_src0 st_tgt0.(st) sm0) (MWF: SimMem.wf sm0) (INITRS: exists dummy_stack_src, - <> /\ + <> /\ < st_tgt0.(init_rs) mr = Vundef>>) - /\ (< st_tgt0.(init_rs) mr = Vundef>>) + /\ (<>)>> /\ (* <> *) (* /\ <> *) - <>) + <>) (WFTGT: strong_wf_tgt st_tgt0.(MachC.st)). Inductive match_states_at @@ -888,7 +888,7 @@ Inductive match_states_at (SRCST: st_src0 = Linear.Callstate cs fptr sig ls (SimMemInj.src sm_arg)) (TGTST: st_tgt0 = mkstate init_rs init_sg (Callstate cs' tfptr rs (SimMemInj.tgt sm_at))) (RSP: parent_sp cs' = Vptr sp Ptrofs.zero) - (PRIV: brange sp 0 (4 * size_arguments sig) <2= sm_arg.(SimMemInj.tgt_private)) + (PRIV: brange sp 0 (4 * size_arguments sig) <2= (SimMemInj.tgt_private sm_arg)) (SIG: Genv.find_funct skenv_link fptr = Some skd) (VALID: Mem.valid_block (SimMemInj.tgt sm_arg) sp) (NB: sm_at.(SimMem.tgt).(Mem.nextblock) = sm_arg.(SimMem.tgt).(Mem.nextblock)) @@ -897,7 +897,7 @@ Inductive match_states_at globalenv_inject ge (SimMemInj.inj sm_arg)). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun cunit f tf => transf_fundef f = OK tf) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. @@ -905,14 +905,14 @@ Inductive has_footprint (st_src0: Linear.state): MachC.state -> SimMem.t -> Prop | has_footprint_intro (** copied from MachC **) stack rs m0 fptr sg blk ofs - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr = Some skd /\ Sk.get_csig skd = Some sg) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr = Some skd /\ Sk.get_csig skd = Some sg) (RSP: (parent_sp stack) = Vptr blk ofs) (OFSZERO: ofs = Ptrofs.zero) init_rs init_sg (** newly added **) sm0 - (FOOT: SimMemInjC.has_footprint bot2 (brange blk (ofs.(Ptrofs.unsigned)) - (ofs.(Ptrofs.unsigned) + 4 * (size_arguments sg))) sm0) + (FOOT: SimMemInjC.has_footprint bot2 (brange blk (Ptrofs.unsigned (ofs)) + (Ptrofs.unsigned (ofs) + 4 * (size_arguments sg))) sm0) (* (MTGT: m0 = sm0.(SimMem.tgt)) *): has_footprint st_src0 (mkstate init_rs init_sg (Callstate stack fptr rs m0)) sm0. @@ -921,12 +921,12 @@ Inductive mle_excl (st_src0: Linear.state): MachC.state -> SimMem.t -> SimMem.t (** copied from MachC **) init_rs init_sg stack fptr ls0 m0 sg blk ofs - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr = Some skd /\ Sk.get_csig skd = Some sg) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr = Some skd /\ Sk.get_csig skd = Some sg) (RSP: (parent_sp stack) = Vptr blk ofs) (** newly added **) sm0 sm1 - (MLEEXCL: SimMemInjC.le_excl bot2 (brange blk (ofs.(Ptrofs.unsigned)) - (ofs.(Ptrofs.unsigned) + 4 * (size_arguments sg))) sm0 sm1) + (MLEEXCL: SimMemInjC.le_excl bot2 (brange blk (Ptrofs.unsigned (ofs)) + (Ptrofs.unsigned (ofs) + 4 * (size_arguments sg))) sm0 sm1) (* (MTGT: m0 = sm0.(SimMem.tgt)) *): mle_excl st_src0 (mkstate init_rs init_sg (Callstate stack fptr ls0 m0)) sm0 sm1. diff --git a/backend/TailcallproofC.v b/backend/TailcallproofC.v index faca5150..7c29d931 100644 --- a/backend/TailcallproofC.v +++ b/backend/TailcallproofC.v @@ -19,26 +19,26 @@ Variable sm_link: SimMem.t. Variables prog tprog: program. Let md_src: Mod.t := (RTLC.module prog). Let md_tgt: Mod.t := (RTLC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states (idx: nat) (st_src0: RTL.state) (st_tgt0: RTL.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: Tailcallproof.match_states st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(get_mem) = sm0.(SimMem.tgt)) + (MCOMPATSRC: (get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (get_mem st_tgt0) = sm0.(SimMem.tgt)) (MCOMPATIDX: idx = Tailcallproof.measure st_src0). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun cu f tf => tf = transf_fundef f) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. diff --git a/backend/TunnelingproofC.v b/backend/TunnelingproofC.v index 625ccc88..8ba3a99f 100644 --- a/backend/TunnelingproofC.v +++ b/backend/TunnelingproofC.v @@ -16,7 +16,7 @@ Set Implicit Arguments. Definition strong_wf_tgt (st_tgt0: LTL.state): Prop := - exists sg_init ls_init, last_option st_tgt0.(LTLC.get_stack) = Some (LTL.dummy_stack sg_init ls_init). + exists sg_init ls_init, last_option (LTLC.get_stack st_tgt0) = Some (LTL.dummy_stack sg_init ls_init). Section SIMMODSEM. @@ -25,27 +25,27 @@ Variable sm_link: SimMem.t. Variables prog tprog: program. Let md_src: Mod.t := (LTLC.module prog). Let md_tgt: Mod.t := (LTLC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states (idx: nat) (st_src0: LTL.state) (st_tgt0: LTL.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: Tunnelingproof.match_states st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(get_mem) = sm0.(SimMem.tgt)) + (MCOMPATSRC: (get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (get_mem st_tgt0) = sm0.(SimMem.tgt)) (DUMMYTGT: strong_wf_tgt st_tgt0) (MEASURE: measure st_src0 = idx). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun ctx f tf => tf = tunnel_fundef f) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. @@ -201,4 +201,4 @@ Proof. - ii. inv SIMSKENVLINK. eapply sim_modsem; eauto. Qed. -End SIMMOD. \ No newline at end of file +End SIMMOD. diff --git a/backend/UnusedglobproofC.v b/backend/UnusedglobproofC.v index 8c330c26..e0c44835 100644 --- a/backend/UnusedglobproofC.v +++ b/backend/UnusedglobproofC.v @@ -26,16 +26,16 @@ Variable sm_link: SimMem.t. Variable prog tprog: RTL.program. Let md_src: Mod.t := (RTLC.module prog). Let md_tgt: Mod.t := (RTLC.module2 tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link_src md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link_tgt md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link_src (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link_tgt (Mod.sk md_tgt)). Hypothesis (WFSRC: SkEnv.wf skenv_link_src). Hypothesis (WFTGT: SkEnv.wf skenv_link_tgt). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link_src md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link_tgt md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link_src (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link_tgt (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := - ModSemPair.mk (md_src.(Mod.modsem) skenv_link_src) (md_tgt.(Mod.modsem) skenv_link_tgt) - (SimSymbDrop.mk ((prog.(defs) -1 tprog.(defs) -1 (Pos.eq_dec tprog.(prog_main))): ident -> Prop) md_src md_tgt) + ModSemPair.mk (Mod.modsem (md_src) skenv_link_src) (Mod.modsem (md_tgt) skenv_link_tgt) + (SimSymbDrop.mk (((defs prog) -1 (defs tprog) -1 (Pos.eq_dec tprog.(prog_main))): ident -> Prop) md_src md_tgt) sm_link. Inductive match_states @@ -56,8 +56,8 @@ Qed. Theorem sim_skenv_meminj_preserves_globals: forall sm_arg (SIMSKENV: SimSymbDrop.sim_skenv - sm_arg (SimSymbDrop.mk ((prog.(defs) -1 tprog.(defs) -1 (Pos.eq_dec tprog.(prog_main))): ident -> Prop) md_src md_tgt) - (SkEnv.project skenv_link_src md_src.(Mod.sk)) (SkEnv.project skenv_link_tgt md_tgt.(Mod.sk))), + sm_arg (SimSymbDrop.mk (((defs prog) -1 (defs tprog) -1 (Pos.eq_dec tprog.(prog_main))): ident -> Prop) md_src md_tgt) + (SkEnv.project skenv_link_src (Mod.sk md_src)) (SkEnv.project skenv_link_tgt (Mod.sk md_tgt))), <>. Proof. i. inv SIMSKENV. ss. bar. @@ -204,7 +204,7 @@ Variable tprog: RTL.program. Hypothesis TRANSL: match_prog prog tprog. Definition mp: ModPair.t := - ModPair.mk (RTLC.module prog) (RTLC.module2 tprog) (SimSymbDrop.mk ((prog.(defs) -1 tprog.(defs) -1 (Pos.eq_dec tprog.(prog_main))): ident -> Prop) (RTLC.module prog) (RTLC.module2 tprog)). + ModPair.mk (RTLC.module prog) (RTLC.module2 tprog) (SimSymbDrop.mk (((defs prog) -1 (defs tprog) -1 (Pos.eq_dec tprog.(prog_main))): ident -> Prop) (RTLC.module prog) (RTLC.module2 tprog)). Theorem sim_mod: ModPair.sim mp. Proof. diff --git a/backend/ValueAnalysisC.v b/backend/ValueAnalysisC.v index 76712dfc..a4f35dc6 100644 --- a/backend/ValueAnalysisC.v +++ b/backend/ValueAnalysisC.v @@ -34,12 +34,12 @@ Section PRSV. - i. inv INIT. ss. esplits; eauto; cycle 1. { destruct args; ss. refl. } econs; eauto. i. - set (ge := (SkEnv.revive (SkEnv.project skenv_link p.(Sk.of_program fn_sig)) p)) in *. + set (ge := (SkEnv.revive (SkEnv.project skenv_link (Sk.of_program fn_sig p)) p)) in *. set (f := fun b => if plt b (Genv.genv_next ge) then match Genv.invert_symbol ge b with None => BCglob None | Some id => BCglob (Some id) end else - if (plt b args.(Args.m).(Mem.nextblock)) && (negb (su_init b)) + if (plt b (Args.m args).(Mem.nextblock)) && (negb (su_init b)) then BCother else BCinvalid). assert(IMG: exists bc, bc.(bc_img) = f). { unshelve eexists (BC _ _ _); s; eauto. @@ -52,7 +52,7 @@ Section PRSV. clear SUARG. des. ss. unfold Sound.vals in *. rewrite Forall_forall in *. assert(FP: forall blk, su_init blk -> Ple ge.(Genv.genv_next) blk). { inv SKENV. ss. i. inv MEM. rewrite <- PUB. apply NNPP. ii. inv WF. exploit WFHI; eauto. } - assert(NB: Ple ge.(Genv.genv_next) args.(Args.m).(Mem.nextblock)). + assert(NB: Ple ge.(Genv.genv_next) (Args.m args).(Mem.nextblock)). { inv SKENV. ss. destruct args; ss. } assert(GE: genv_match bc ge). { r. esplits; eauto. @@ -216,7 +216,7 @@ Section PRSV. set (f := fun b => if plt b (Mem.nextblock m_arg) then bc b else - if plt b (Mem.nextblock retv.(Retv.m)) + if plt b (Mem.nextblock (Retv.m retv)) then if su_ret b then BCinvalid @@ -285,7 +285,7 @@ Section PRSV. exploit BELOW; eauto. i. ss. rewrite IMG. unfold f. des_ifs. } - assert (SMTOP: forall b, bc' b <> BCinvalid -> smatch bc' retv.(Retv.m) b Ptop). + assert (SMTOP: forall b, bc' b <> BCinvalid -> smatch bc' (Retv.m retv) b Ptop). { intros; split; intros. - destruct (su_gr b) eqn:T. + assert(Plt b (Mem.nextblock m_arg)). diff --git a/backend/ValueDomainC.v b/backend/ValueDomainC.v index 99968276..6e237074 100644 --- a/backend/ValueDomainC.v +++ b/backend/ValueDomainC.v @@ -16,7 +16,7 @@ Definition bc2su (bc: block_classification) (ge_nb: block) (nb: block): Unreach. Lemma sound_state_sound_args bc m0 p skenv_link vs_arg rm (ge: genv) - (GENV: ge = (SkEnv.revive (SkEnv.project skenv_link p.(Sk.of_program fn_sig)) p)) + (GENV: ge = (SkEnv.revive (SkEnv.project skenv_link (Sk.of_program fn_sig p)) p)) (ARGS: forall v : val, In v vs_arg -> vmatch bc v Vtop) (RO: romatch bc m0 rm) (MM: mmatch bc m0 mtop) @@ -73,7 +73,7 @@ Qed. (* copied from above *) Lemma sound_state_sound_retv bc m_ret p skenv_link v_ret rm (ge: genv) - (GENV: ge = (SkEnv.revive (SkEnv.project skenv_link p.(Sk.of_program fn_sig)) p)) + (GENV: ge = (SkEnv.revive (SkEnv.project skenv_link (Sk.of_program fn_sig p)) p)) (RES: vmatch bc v_ret Vtop) (RO: romatch bc m_ret rm) (MM: mmatch bc m_ret mtop) diff --git a/bound/LinkingC2.v b/bound/LinkingC2.v index 80189864..d132dfe0 100644 --- a/bound/LinkingC2.v +++ b/bound/LinkingC2.v @@ -1,5 +1,7 @@ Require Import CoqlibC Maps Errors AST Linking LinkingC sflib. +Local Obligation Tactic := idtac. + Remark link_transf_partial_fundef_rev: forall (A B: Type) (tr1 tr2: A -> res B) (f1 f2: fundef A) (tf1 tf2: fundef B) (tf: fundef B), link tf1 tf2 = Some tf -> @@ -171,14 +173,14 @@ Definition link_fundef (fd1 fd2: fundef) := then Some (External ef1 targs1 tres1 cc1) else None | Internal f, External ef targs tres cc => - if (list_eq_dec type_eq f.(fn_params).(map snd) targs.(typelist_to_listtype)) + if (list_eq_dec type_eq (map snd f.(fn_params)) (typelist_to_listtype targs)) && (type_eq f.(fn_return) tres) && (calling_convention_eq f.(fn_callconv) cc) then match ef with EF_external id sg => if signature_eq (signature_of_type targs tres cc) sg then Some (Internal f) else None | _ => None end else None | External ef targs tres cc, Internal f => - if (list_eq_dec type_eq f.(fn_params).(map snd) targs.(typelist_to_listtype)) + if (list_eq_dec type_eq (map snd f.(fn_params)) (typelist_to_listtype targs)) && (type_eq f.(fn_return) tres) && (calling_convention_eq f.(fn_callconv) cc) then @@ -192,13 +194,17 @@ Inductive linkorder_fundef: fundef -> fundef -> Prop := | linkorder_fundef_ext_int: forall f id sg targs tres cc, linkorder_fundef (External (EF_external id sg) targs tres cc) (Internal f). -Instance Linker_fundef: Linker (fundef) := { +Program Instance Linker_fundef: Linker (fundef) := { link := link_fundef; linkorder := linkorder_fundef }. -Proof. +Next Obligation. - intros; constructor. +Defined. +Next Obligation. - intros. inv H; inv H0; constructor. +Defined. +Next Obligation. - intros x y z EQ. destruct x, y; simpl in EQ. + discriminate. + des_ifs. split; constructor. @@ -232,14 +238,18 @@ Definition linkorder_program (p1 p2: program) : Prop := linkorder (program_of_program p1) (program_of_program p2) /\ (forall id co, p1.(prog_comp_env)!id = Some co -> p2.(prog_comp_env)!id = Some co). -Instance Linker_program: Linker (program) := { +Program Instance Linker_program: Linker (program) := { link := link_program; linkorder := linkorder_program }. -Proof. +Next Obligation. - intros; split. apply linkorder_refl. auto. +Defined. +Next Obligation. - intros. destruct H, H0. split. eapply linkorder_trans; eauto. intros; auto. +Defined. +Next Obligation. - intros until z. unfold link_program. destruct (link (program_of_program x) (program_of_program y)) as [p|] eqn:LP; try discriminate. destruct (lift_option (link (prog_types x) (prog_types y))) as [[typs EQ]|EQ]; try discriminate. diff --git a/bound/LowerBound.v b/bound/LowerBound.v index c2b44a78..ca018d4d 100644 --- a/bound/LowerBound.v +++ b/bound/LowerBound.v @@ -111,11 +111,11 @@ Section PRESERVATION. Let WFSKELINK: SkEnv.wf skenv_link. Proof. eapply SkEnv.load_skenv_wf. ss. Qed. - Let ININCL: forall p (IN: In p prog), <>. + Let ININCL: forall p (IN: In p prog), <>. Proof. eapply link_includes; et. Qed. Definition local_genv (p : Asm.program) := - (skenv_link.(SkEnv.project) p.(Sk.of_program fn_sig)).(SkEnv.revive) p. + (SkEnv.revive (SkEnv.project (skenv_link) (Sk.of_program fn_sig p))) p. Lemma match_genvs_sub A B V W R (ge1: Genv.t A V) (ge2: Genv.t B W) (MATCHGE: Genv.match_genvs R ge1 ge2): @@ -214,10 +214,10 @@ Section PRESERVATION. i. ss. } cinv match_skenv_link_tge. - cinv (@SkEnv.project_impl_spec skenv_link x.(Sk.of_program fn_sig) INCL). + cinv (@SkEnv.project_impl_spec skenv_link (Sk.of_program fn_sig x) INCL). unfold skenv_link in *. - assert (SKWF: SkEnv.wf_proj (SkEnv.project (Genv.globalenv sk) x.(Sk.of_program fn_sig))). + assert (SKWF: SkEnv.wf_proj (SkEnv.project (Genv.globalenv sk) (Sk.of_program fn_sig x))). { eapply SkEnv.project_spec_preserves_wf. - eapply SkEnv.load_skenv_wf. et. - eapply SkEnv.project_impl_spec; et. } @@ -319,7 +319,7 @@ Section PRESERVATION. (** ********************* initial memory *********************************) Variable m_init : mem. - Hypothesis INIT_MEM: sk.(Sk.load_mem) = Some m_init. + Hypothesis INIT_MEM: (Sk.load_mem sk) = Some m_init. Definition m_tgt_init := m_init. @@ -551,10 +551,10 @@ Section PRESERVATION. (AGREE: agree j rs_callee rs_tgt) (RETV: loc_result sg = One mr) (CALLEESAVE: forall mr, Conventions1.is_callee_save mr -> - Val.lessdef (init_rs mr.(to_preg)) (rs_callee mr.(to_preg))) + Val.lessdef (init_rs (to_preg mr)) (rs_callee (to_preg mr))) (RSRA: rs_callee # PC = init_rs # RA) (RSRSP: rs_callee # RSP = init_rs # RSP) - (RS: rs = (set_pair (loc_external_result sg) (rs_callee mr.(to_preg)) (Asm.regset_after_external rs_caller)) #PC <- (rs_caller RA)): + (RS: rs = (set_pair (loc_external_result sg) (rs_callee (to_preg mr)) (Asm.regset_after_external rs_caller)) #PC <- (rs_caller RA)): agree j rs rs_tgt. Proof. inv WF. clarify. @@ -578,28 +578,28 @@ Section PRESERVATION. init_rs P (RSRA: init_rs # RA = Vnullptr) (RSPC: init_rs # PC = Genv.symbol_address tge tprog.(prog_main) Ptrofs.zero) - (SIG: skenv_link.(Genv.find_funct) (Genv.symbol_address tge tprog.(prog_main) Ptrofs.zero) = Some (Internal signature_main)): + (SIG: (Genv.find_funct skenv_link) (Genv.symbol_address tge tprog.(prog_main) Ptrofs.zero) = Some (Internal signature_main)): match_stack j P init_rs nil | match_stack_cons fr frs p st init_rs0 init_rs1 P0 P1 sg blk ofs (FRAME: fr = Frame.mk (AsmC.modsem skenv_link p) (AsmC.mkstate init_rs1 st)) (STACK: match_stack j P0 init_rs1 frs) - (WF: wf_init_rs j st.(st_rs) init_rs0) + (WF: wf_init_rs j (st_rs st) init_rs0) (GELE: genv_le (local_genv p) tge) (PROGIN: In (AsmC.module p) prog) - (SIG: exists skd, skenv_link.(Genv.find_funct) (init_rs0 # PC) + (SIG: exists skd, (Genv.find_funct skenv_link) (init_rs0 # PC) = Some skd /\ Sk.get_csig skd = Some sg) - (RSPPTR: st.(st_rs) # RSP = Vptr blk ofs) + (RSPPTR: (st_rs st) # RSP = Vptr blk ofs) (RANGE: P0 \2/ (brange blk (Ptrofs.unsigned ofs) (Ptrofs.unsigned ofs + 4 * size_arguments sg)) <2= P1): match_stack j P1 init_rs0 (fr::frs) | match_stack_cons_asmstyle fr frs p st init_rs0 init_rs1 P0 (FRAME: fr = Frame.mk (AsmC.modsem skenv_link p) (AsmC.mkstate init_rs1 st)) (STACK: match_stack j P0 init_rs1 frs) - (WF: inj_same j (st.(st_rs) # RA) (init_rs0 # RA)) + (WF: inj_same j ((st_rs st) # RA) (init_rs0 # RA)) (GELE: genv_le (local_genv p) tge) (PROGIN: In (AsmC.module p) prog) - (SIG: exists skd, skenv_link.(Genv.find_funct) (init_rs0 # PC) + (SIG: exists skd, (Genv.find_funct skenv_link) (init_rs0 # PC) = Some skd /\ Sk.get_csig skd = None): match_stack j P0 init_rs0 (fr::frs) . @@ -609,18 +609,18 @@ Section PRESERVATION. init_rs m P (MEM: m = m_init) (INITRS: init_rs = initial_regset) - (SIG: skenv_link.(Genv.find_funct) (Genv.symbol_address tge tprog.(prog_main) Ptrofs.zero) = Some (Internal signature_main)): + (SIG: (Genv.find_funct skenv_link) (Genv.symbol_address tge tprog.(prog_main) Ptrofs.zero) = Some (Internal signature_main)): match_stack_call j m P init_rs nil | match_stack_call_cons fr frs p st init_rs0 init_rs1 m P0 P1 sg blk ofs (FRAME: fr = Frame.mk (AsmC.modsem skenv_link p) (AsmC.mkstate init_rs1 st)) - (INITRS: init_rs0 = st.(st_rs)) + (INITRS: init_rs0 = (st_rs st)) (STACK: match_stack j P0 init_rs1 frs) - (MEM: m = st.(st_m)) + (MEM: m = (st_m st)) (GELE: genv_le (local_genv p) tge) (PROGIN: In (AsmC.module p) prog) - (SIG: exists skd, skenv_link.(Genv.find_funct) (init_rs0 # PC) + (SIG: exists skd, (Genv.find_funct skenv_link) (init_rs0 # PC) = Some skd /\ Sk.get_csig skd = Some sg) (RSPPTR: init_rs0 # RSP = Vptr blk ofs) (RANGE: P0 \2/ (brange blk (Ptrofs.unsigned ofs) (Ptrofs.unsigned ofs + 4 * size_arguments sg)) <2= P1): @@ -629,12 +629,12 @@ Section PRESERVATION. fr frs p st init_rs0 init_rs1 m P0 (FRAME: fr = Frame.mk (AsmC.modsem skenv_link p) (AsmC.mkstate init_rs1 st)) - (INITRS: init_rs0 = st.(st_rs)) + (INITRS: init_rs0 = (st_rs st)) (STACK: match_stack j P0 init_rs1 frs) - (MEM: m = st.(st_m)) + (MEM: m = (st_m st)) (GELE: genv_le (local_genv p) tge) (PROGIN: In (AsmC.module p) prog) - (SIG: exists skd, skenv_link.(Genv.find_funct) (init_rs0 # PC) + (SIG: exists skd, (Genv.find_funct skenv_link) (init_rs0 # PC) = Some skd /\ Sk.get_csig skd = None): match_stack_call j m P0 init_rs0 (fr::frs). @@ -824,11 +824,11 @@ Section PRESERVATION. (INJECT: Mem.inject j m_src0 m_tgt) (ARGS: Asm.extcall_arguments rs m_src0 sg args) (RSRSP: rs RSP = Vptr blk ofs) - (FREE: freed_from m_src0 m_src1 blk ofs.(Ptrofs.unsigned) (ofs.(Ptrofs.unsigned) + 4 * (size_arguments sg))) + (FREE: freed_from m_src0 m_src1 blk (Ptrofs.unsigned ofs) (Ptrofs.unsigned (ofs) + 4 * (size_arguments sg))) (ARGRANGE: Ptrofs.unsigned ofs + 4 * size_arguments sg <= Ptrofs.max_unsigned) (TYP: typecheck args sg targs) (ALIGN: forall chunk (CHUNK: size_chunk chunk <= 4 * (size_arguments sg)), - (align_chunk chunk | ofs.(Ptrofs.unsigned))): + (align_chunk chunk | (Ptrofs.unsigned ofs))): Mem.inject (callee_initial_inj' blk ofs j m_src1) (callee_initial_mem' blk ofs m_src0 m_src1 sg targs) @@ -1244,15 +1244,15 @@ Section PRESERVATION. (GEINJECT: skenv_inject skenv_link j m_src) (FPTR: fptr_arg = init_rs # PC) (ARGRANGE: Ptrofs.unsigned ofs + 4 * size_arguments sg <= Ptrofs.max_unsigned) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr_arg + (SIG: exists skd, (Genv.find_funct skenv_link) fptr_arg = Some skd /\ Sk.get_csig skd = Some sg) (ALIGN: forall chunk (CHUNK: size_chunk chunk <= 4 * (size_arguments sg)), - (align_chunk chunk | ofs.(Ptrofs.unsigned))) + (align_chunk chunk | (Ptrofs.unsigned ofs))) (ARGS: Asm.extcall_arguments init_rs m_src sg vs_arg) (RSPPTR: init_rs # RSP = Vptr blk ofs) (WFINJ: inj_range_wf skenv_link j m_arg P) (RAPTR: <> /\ < Vundef>>) - (FREE: freed_from m_src m_arg blk ofs.(Ptrofs.unsigned) (ofs.(Ptrofs.unsigned) + 4 * (size_arguments sg))) + (FREE: freed_from m_src m_arg blk (Ptrofs.unsigned ofs) (Ptrofs.unsigned (ofs) + 4 * (size_arguments sg))) (ORD: n = 1%nat): match_states (Callstate args frs) (Asm.State rs_tgt m_tgt) n | match_states_call_asmstyle @@ -1264,7 +1264,7 @@ Section PRESERVATION. (INJECT: Mem.inject j m_src m_tgt) (MEMWF: Mem.unchanged_on (loc_not_writable m_init) m_init m_src) (GEINJECT: skenv_inject skenv_link j m_src) - (SIG: exists skd, skenv_link.(Genv.find_funct) (init_rs # PC) + (SIG: exists skd, (Genv.find_funct skenv_link) (init_rs # PC) = Some skd /\ Sk.get_csig skd = None) (WFINJ: inj_range_wf skenv_link j m_src P) (RAPTR: <> /\ < Vundef>>) @@ -1323,7 +1323,7 @@ Section PRESERVATION. Lemma asm_step_init_simulation args frs st_tgt p n (MTCHST: match_states (Callstate args frs) st_tgt n) - (OWNER: valid_owner args.(Args.get_fptr) p) + (OWNER: valid_owner (Args.get_fptr args) p) (PROGIN: In (AsmC.module p) prog): exists rs m, (AsmC.initial_frame skenv_link p args (AsmC.mkstate rs (Asm.State rs m))) /\ @@ -1864,7 +1864,7 @@ Section PRESERVATION. (STEP: fr0.(Frame.ms).(ModSem.step) skenv_link fr0.(Frame.ms).(ModSem.globalenv) fr0.(Frame.st) tr st0) (MTCHST: match_states (State (fr0 :: frs)) st_tgt0 n0): exists st_tgt1 n1, Asm.step skenv_link tge st_tgt0 tr st_tgt1 /\ - match_states (State ((fr0.(Frame.update_st) st0) :: frs)) st_tgt1 n1. + match_states (State (((Frame.update_st fr0) st0) :: frs)) st_tgt1 n1. Proof. inv MTCHST. inv STEP. exploit asm_step_internal_simulation; ss; eauto. @@ -1886,7 +1886,7 @@ Section PRESERVATION. (FINAL: fr0.(Frame.ms).(ModSem.final_frame) fr0.(Frame.st) retv) (AFTER: fr1.(Frame.ms).(ModSem.after_external) fr1.(Frame.st) retv st0) (MTCHST: match_states (State (fr0 :: fr1 :: frs)) st_tgt n0): - exists n1, match_states (State ((fr1.(Frame.update_st) st0) :: frs)) st_tgt n1 /\ (n1 < n0)%nat. + exists n1, match_states (State (((Frame.update_st fr1) st0) :: frs)) st_tgt n1 /\ (n1 < n0)%nat. Proof. inv MTCHST. inv STACK. { ss. inv FINAL; cycle 1. @@ -2006,7 +2006,7 @@ Section PRESERVATION. Lemma step_init_simulation args frs st_tgt p n (MTCHST: match_states (Callstate args frs) st_tgt n) - (OWNER: valid_owner args.(Args.get_fptr) p) + (OWNER: valid_owner (Args.get_fptr args) p) (PROGIN: In (AsmC.module p) prog): exists st_src, step ge (Callstate args frs) E0 st_src /\ match_states st_src st_tgt 0. Proof. @@ -2082,16 +2082,16 @@ Section PRESERVATION. Lemma init_case st args frs fptr (STATE: st = Callstate args frs) - (FPTR: fptr = args.(Args.get_fptr)): + (FPTR: fptr = (Args.get_fptr args)): (<>) \/ (<>) \/ (<>). Proof. - destruct (classic (exists p, Ge.find_fptr_owner ge args.(Args.get_fptr) (modsem skenv_link p) + destruct (classic (exists p, Ge.find_fptr_owner ge (Args.get_fptr args) (modsem skenv_link p) /\ In (AsmC.module p) prog)) as [[p OWNER] | NOOWNER]. - des. simpl_depind. - destruct (classic (valid_owner args.(Args.get_fptr) p)); eauto. + destruct (classic (valid_owner (Args.get_fptr args) p)); eauto. right. right. intros SAFE. exploit SAFE; [econs|]. i. des. + inv H0. @@ -2120,7 +2120,7 @@ Section PRESERVATION. Lemma syscall_receptive st_src0 st_src1 st_tgt0 args frs fptr tr0 n0 (STATE: st_src0 = Callstate args frs) - (FPTR: fptr = args.(Args.get_fptr)) + (FPTR: fptr = (Args.get_fptr args)) (SYSMOD: ge.(Ge.find_fptr_owner) fptr (System.modsem skenv_link)) (MTCHST: match_states st_src0 st_tgt0 n0) @@ -2135,7 +2135,7 @@ Section PRESERVATION. Lemma syscall_simulation st_src0 st_src1 st_src2 st_tgt0 args frs fptr tr0 tr1 n0 (STATE: st_src0 = Callstate args frs) - (FPTR: fptr = args.(Args.get_fptr)) + (FPTR: fptr = (Args.get_fptr args)) (SYSMOD: ge.(Ge.find_fptr_owner) fptr (System.modsem skenv_link)) (MTCHST: match_states st_src0 st_tgt0 n0) @@ -2177,7 +2177,7 @@ Section PRESERVATION. { unfold Sk.get_csig in *. des. unfold System.globalenv in *. des_ifs. } exists (if external_state (local_genv p) ((set_pair (loc_external_result (ef_sig ef)) vres' - (regset_after_external st.(st_rs))) # PC <- (st.(st_rs) RA) PC) + (regset_after_external (st_rs st))) # PC <- ((st_rs st) RA) PC) then (length frs0 + 2)%nat else 0%nat). splits. diff --git a/bound/UpperBound_A.v b/bound/UpperBound_A.v index 67244716..562a60fa 100644 --- a/bound/UpperBound_A.v +++ b/bound/UpperBound_A.v @@ -161,19 +161,19 @@ Section PRESERVATION. Variable cps: list Csyntax.program. Variable ctx: Syntax.program. Hypothesis FOCUS: link_list cps = Some cp_link. - Let prog_src := ctx ++ [cp_link.(CsemC.module)]. + Let prog_src := ctx ++ [(CsemC.module cp_link)]. Let prog_tgt := ctx ++ map CsemC.module cps. Variable sk_link: Sk.t. Let skenv_link: SkEnv.t := (Sk.load_skenv sk_link). Hypothesis (LINKSRC: link_sk prog_src = Some sk_link). - Notation " 'geof' cp" := (Build_genv (SkEnv.revive (SkEnv.project skenv_link cp.(CSk.of_program signature_of_function)) cp) cp.(prog_comp_env)) + Notation " 'geof' cp" := (Build_genv (SkEnv.revive (SkEnv.project skenv_link (CSk.of_program signature_of_function cp)) cp) cp.(prog_comp_env)) (at level 50, no associativity, only parsing). Let ge_cp_link: genv := geof cp_link. Hypothesis WTPROGLINK: wt_program cp_link. - Hypothesis WTSKLINK: Sk.wf cp_link.(CsemC.module). + Hypothesis WTSKLINK: Sk.wf (CsemC.module cp_link). Hypothesis WTPROGS: forall cp (IN: In cp cps), wt_program cp. - Hypothesis WTSKS: forall cp (IN: In cp cps), Sk.wf cp.(CsemC.module). + Hypothesis WTSKS: forall cp (IN: In cp cps), Sk.wf (CsemC.module cp). Hypothesis WT_EXTERNALLINK: forall id ef args res cc vargs m t vres m', @@ -203,13 +203,13 @@ Section PRESERVATION. Hypothesis CSTYLE_EXTERN_LINK: forall id ef tyargs ty cc, In (id, (Gfun (Ctypes.External ef tyargs ty cc))) cp_link.(prog_defs) -> - ef.(ef_sig).(sig_cstyle). + (ef_sig ef).(sig_cstyle). Hypothesis CSTYLE_EXTERN: forall id ef tyargs ty cc cp, is_focus cp -> In (id, (Gfun (Ctypes.External ef tyargs ty cc))) cp.(prog_defs) -> - ef.(ef_sig).(sig_cstyle). + (ef_sig ef).(sig_cstyle). Let INCL: SkEnv.includes skenv_link (CSk.of_program signature_of_function cp_link). Proof. @@ -1605,14 +1605,14 @@ End PRESERVATION. Require Import BehaviorsC. Let geof := fun skenv_link (cp: Csyntax.program) => - (Build_genv (SkEnv.revive (SkEnv.project skenv_link cp.(CSk.of_program signature_of_function)) cp) cp.(prog_comp_env)). + (Build_genv (SkEnv.revive (SkEnv.project skenv_link (CSk.of_program signature_of_function cp)) cp) cp.(prog_comp_env)). Theorem upperbound_a_correct builtins (cp_link: Csyntax.program) cps ctx (TYPEDS: Forall (fun cp => (typechecked builtins cp)) cps) (TYPEDLINK: typechecked builtins cp_link) (LINK: link_list cps = Some cp_link) : - (<>). Proof. eapply bsim_improves. diff --git a/bound/UpperBound_AExtra.v b/bound/UpperBound_AExtra.v index 6cb5f1a3..50179cfb 100644 --- a/bound/UpperBound_AExtra.v +++ b/bound/UpperBound_AExtra.v @@ -64,12 +64,12 @@ Section SIM. Variable cps: list Csyntax.program. Variable ctx: Syntax.program. Hypothesis FOCUS: link_list cps = Some cp_link. - Let prog_src := ctx ++ [cp_link.(CsemC.module)]. + Let prog_src := ctx ++ [(CsemC.module cp_link)]. Let prog_tgt := ctx ++ map CsemC.module cps. Variable sk_link: Sk.t. Let skenv_link: SkEnv.t := (Sk.load_skenv sk_link). Hypothesis (LINKSRC: link_sk prog_src = Some sk_link). - Notation " 'geof' cp" := (Build_genv (SkEnv.revive (SkEnv.project skenv_link cp.(CSk.of_program signature_of_function)) cp) cp.(prog_comp_env)) + Notation " 'geof' cp" := (Build_genv (SkEnv.revive (SkEnv.project skenv_link (CSk.of_program signature_of_function cp)) cp) cp.(prog_comp_env)) (at level 50, no associativity, only parsing). Let ge_cp_link: genv := geof cp_link. Hypothesis WTPROGLINK: wt_program cp_link. @@ -78,7 +78,7 @@ Section SIM. Hypothesis CSTYLE_EXTERN_LINK: forall id ef tyargs ty cc, In (id, (Gfun (Ctypes.External ef tyargs ty cc))) cp_link.(prog_defs) -> - ef.(ef_sig).(sig_cstyle). + (ef_sig ef).(sig_cstyle). Definition is_focus (cp: Csyntax.program): Prop := In cp cps. @@ -86,7 +86,7 @@ Section SIM. forall id ef tyargs ty cc cp, is_focus cp -> In (id, (Gfun (Ctypes.External ef tyargs ty cc))) cp.(prog_defs) -> - ef.(ef_sig).(sig_cstyle). + (ef_sig ef).(sig_cstyle). Lemma link_sk_match: <>. diff --git a/bound/UpperBound_B.v b/bound/UpperBound_B.v index 571a0d6f..58f3d2a4 100644 --- a/bound/UpperBound_B.v +++ b/bound/UpperBound_B.v @@ -91,10 +91,10 @@ Section PRESERVATION. Hypothesis CSTYLE_EXTERN: forall id ef tyargs ty cc, In (id, (Gfun (Ctypes.External ef tyargs ty cc))) prog.(prog_defs) -> - ef.(ef_sig).(sig_cstyle). + (ef_sig ef).(sig_cstyle). Definition local_genv (p : Csyntax.program) := - (skenv_link.(SkEnv.project) p.(CSk.of_program signature_of_function)).(SkEnv.revive) p. + (SkEnv.revive ((SkEnv.project skenv_link) (CSk.of_program signature_of_function p))) p. Inductive match_states : Csem.state -> Sem.state -> nat -> Prop := | match_states_intro @@ -105,11 +105,11 @@ Section PRESERVATION. fptr tyf vargs k m args fr (st: Csem.state) cconv tres targs n (STATE: st = (Csem.Callstate fptr tyf vargs k m)) (FRAME: fr = Frame.mk (CsemC.modsem skenv_link prog) st) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr = Some skd + (SIG: exists skd, (Genv.find_funct skenv_link) fptr = Some skd /\ Some (signature_of_type targs tres cconv) = Sk.get_csig skd) - (FPTR: args.(Args.fptr) = fptr) - (ARGS: args.(Args.vs) = vargs) - (MEM: args.(Args.m) = m) + (FPTR: (Args.fptr args) = fptr) + (ARGS: (Args.vs args) = vargs) + (MEM: (Args.m args) = m) (NOTPROG: Genv.find_funct (local_genv prog) (Args.fptr args) = None) (ORD: n = 0%nat): match_states (Csem.Callstate fptr tyf vargs k m) (Callstate args [fr]) n @@ -125,7 +125,7 @@ Section PRESERVATION. (** ********************* init_memory *********************************) Variable m_init : mem. - Hypothesis INIT_MEM: sk_tgt.(Sk.load_mem) = Some m_init. + Hypothesis INIT_MEM: (Sk.load_mem sk_tgt) = Some m_init. Definition m_src_init := m_init. @@ -164,7 +164,7 @@ Section PRESERVATION. Qed. Lemma proj_wf: - SkEnv.project_spec skenv_link prog.(CSk.of_program signature_of_function) (SkEnv.project skenv_link prog.(CSk.of_program signature_of_function)). + SkEnv.project_spec skenv_link (CSk.of_program signature_of_function prog) (SkEnv.project skenv_link (CSk.of_program signature_of_function prog)). Proof. eapply SkEnv.project_impl_spec. unfold skenv_link. @@ -376,7 +376,7 @@ Section PRESERVATION. { rewrite VAR in H0. inv H0. } symmetry in H0. eapply DEFSYMB in H0. des. des_ifs. - - destruct (Genv.invert_symbol (SkEnv.project skenv_link prog.(CSk.of_program signature_of_function)) blk) eqn:SYMINV; ss; cycle 1. + - destruct (Genv.invert_symbol (SkEnv.project skenv_link (CSk.of_program signature_of_function prog)) blk) eqn:SYMINV; ss; cycle 1. + assert ((prog_defmap prog) ! id = Some x). { rewrite Genv.find_def_symbol. exists blk. splits. unfold Genv.find_symbol in *. rewrite <- mge_symb. ss. @@ -866,7 +866,7 @@ Section PRESERVATION. Lemma init_case st args frs fptr tr st_src st_src' (STATE: st = Callstate args frs) - (FPTR: fptr = args.(Args.fptr)) + (FPTR: fptr = (Args.fptr args)) (MTCHST: match_states st_src st 0) (SAFESRC: Step (semantics prog) st_src tr st_src'): (<>) \/ @@ -874,7 +874,7 @@ Section PRESERVATION. fptr (System.modsem skenv_link)>>). Proof. subst. - destruct (classic (valid_owner args.(Args.fptr) prog)); eauto. + destruct (classic (valid_owner (Args.fptr args) prog)); eauto. right. inv MTCHST. (* syscall *) - inv SAFESRC; inv H0. @@ -911,7 +911,7 @@ Section PRESERVATION. rewrite <- mge_symb in H1. rewrite <- prog_sk_tgt in *. ss. rewrite Heq0 in H1. inversion H1. auto. } subst b0. assert (Genv.find_funct_ptr (Genv.globalenv prog) b = Some (Internal f) - <-> Genv.find_funct (SkEnv.project skenv_link prog.(CSk.of_program signature_of_function)) + <-> Genv.find_funct (SkEnv.project skenv_link (CSk.of_program signature_of_function prog)) (Genv.symbol_address (Sk.load_skenv sk_tgt) (AST.prog_main sk_tgt) Ptrofs.zero) = Some (AST.Internal signature_main)). { i. ss. des_ifs. @@ -1350,7 +1350,7 @@ Theorem upperbound_b_correct builtins (cprog: Csyntax.program) (MAIN: exists main_f, - (<>) + (<>) /\ (<>)) (TYPED: typechecked builtins cprog): diff --git a/cfrontend/ClightC.v b/cfrontend/ClightC.v index 8417a69f..1c7e4c0c 100644 --- a/cfrontend/ClightC.v +++ b/cfrontend/ClightC.v @@ -40,15 +40,15 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: program. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) p.(CSk.of_program signature_of_function). - Let ge: genv := Build_genv (skenv.(SkEnv.revive) p) p.(prog_comp_env). + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (CSk.of_program signature_of_function p). + Let ge: genv := Build_genv (SkEnv.revive (skenv) p) p.(prog_comp_env). Inductive at_external: state -> Args.t -> Prop := | at_external_intro fptr_arg vs_arg k0 m0 targs tres cconv - (EXTERNAL: ge.(Genv.find_funct) fptr_arg = None) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr_arg = Some skd + (EXTERNAL: (Genv.find_funct ge) fptr_arg = None) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr_arg = Some skd /\ Some (signature_of_type targs tres cconv) = Sk.get_csig skd): at_external (Callstate fptr_arg (Tfunction targs tres cconv) vs_arg k0 m0) (Args.mk fptr_arg vs_arg m0). @@ -56,10 +56,10 @@ Section MODSEM. | initial_frame1_intro fd tyf (CSTYLE: Args.is_cstyle args) - (FINDF: Genv.find_funct ge args.(Args.fptr) = Some (Internal fd)) + (FINDF: Genv.find_funct ge (Args.fptr args) = Some (Internal fd)) (TYPE: type_of_fundef (Internal fd) = tyf) (* TODO: rename this into sig *) - (TYP: CopC.typecheck args.(Args.vs) (type_of_params (fn_params fd))): - initial_frame1 args (Callstate args.(Args.fptr) tyf args.(Args.vs) Kstop args.(Args.m)). + (TYP: CopC.typecheck (Args.vs args) (type_of_params (fn_params fd))): + initial_frame1 args (Callstate (Args.fptr args) tyf (Args.vs args) Kstop (Args.m args)). Inductive final_frame: state -> Retv.t -> Prop := | final_frame_intro @@ -71,10 +71,10 @@ Section MODSEM. fptr_arg vs_arg m_arg k retv tv targs tres cconv (CSTYLE: Retv.is_cstyle retv) (* tyf *) - (TYP: typify_c retv.(Retv.v) tres tv): + (TYP: typify_c (Retv.v retv) tres tv): after_external1 (Callstate fptr_arg (Tfunction targs tres cconv) vs_arg k m_arg) retv - (Returnstate tv k retv.(Retv.m)). + (Returnstate tv k (Retv.m retv)). Program Definition modsem1: ModSem.t := {| ModSem.step := step1; @@ -91,20 +91,20 @@ Section MODSEM. | initial_frame2_intro tvs fd tyf (CSTYLE: Args.is_cstyle args) - (FINDF: Genv.find_funct ge args.(Args.fptr) = Some (Internal fd)) + (FINDF: Genv.find_funct ge (Args.fptr args) = Some (Internal fd)) (TYPE: type_of_fundef (Internal fd) = tyf) (* TODO: rename this into sig *) - (TYP: ValuesC.typecheck args.(Args.vs) (signature_of_function fd) tvs): - initial_frame2 args (Callstate args.(Args.fptr) tyf tvs Kstop args.(Args.m)). + (TYP: ValuesC.typecheck (Args.vs args) (signature_of_function fd) tvs): + initial_frame2 args (Callstate (Args.fptr args) tyf tvs Kstop (Args.m args)). Inductive after_external2: state -> Retv.t -> state -> Prop := | after_external2_intro fptr_arg vs_arg m_arg k retv tv targs tres cconv (CSTYLE: Retv.is_cstyle retv) (* tyf *) - (TYP: tv = typify retv.(Retv.v) (typ_of_type tres)): + (TYP: tv = typify (Retv.v retv) (typ_of_type tres)): after_external2 (Callstate fptr_arg (Tfunction targs tres cconv) vs_arg k m_arg) retv - (Returnstate tv k retv.(Retv.m)). + (Returnstate tv k (Retv.m retv)). Program Definition modsem2: ModSem.t := {| ModSem.step := step2; diff --git a/cfrontend/CminorgenproofC.v b/cfrontend/CminorgenproofC.v index b2c44c1f..b853b317 100644 --- a/cfrontend/CminorgenproofC.v +++ b/cfrontend/CminorgenproofC.v @@ -26,12 +26,12 @@ Variable prog: Csharpminor.program. Variable tprog: Cminor.program. Let md_src: Mod.t := (CsharpminorC.module prog). Let md_tgt: Mod.t := (CminorC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge: Csharpminor.genv := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge: Cminor.genv := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge: Csharpminor.genv := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge: Cminor.genv := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states @@ -41,7 +41,7 @@ Inductive match_states (MCOMPATIDX: idx = Cminorgenproof.measure st_src0). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun cu f tf => transl_fundef f = OK tf) eq prog) ge tge. Proof. subst_locals. ss. eapply SimSymbId.sim_skenv_revive; eauto. Qed. diff --git a/cfrontend/CopC.v b/cfrontend/CopC.v index 470241f1..472dbcd2 100644 --- a/cfrontend/CopC.v +++ b/cfrontend/CopC.v @@ -22,7 +22,7 @@ Lemma val_casted_has_type v ty (WT: val_casted v ty) (NVOID: ty <> Tvoid): - Val.has_type v ty.(typ_of_type). + Val.has_type v (typ_of_type ty). Proof. inv WT; ss. Qed. Lemma val_casted_has_type_list diff --git a/cfrontend/CsemC.v b/cfrontend/CsemC.v index af5b774c..b2fd75df 100644 --- a/cfrontend/CsemC.v +++ b/cfrontend/CsemC.v @@ -39,7 +39,7 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: program. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) p.(CSk.of_program signature_of_function). + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (CSk.of_program signature_of_function p). Let ce_ge: composite_env := prog_comp_env p. Let ge_ge: Genv.t fundef type := SkEnv.revive skenv p. Let ge: genv := Build_genv ge_ge ce_ge. @@ -47,8 +47,8 @@ Section MODSEM. Inductive at_external : state -> Args.t -> Prop := | at_external_intro fptr_arg vs_arg targs tres cconv k0 m0 - (EXTERNAL: ge.(Genv.find_funct) fptr_arg = None) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr_arg = Some skd + (EXTERNAL: (Genv.find_funct ge) fptr_arg = None) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr_arg = Some skd /\ Some (signature_of_type targs tres cconv) = Sk.get_csig skd) (CALL: is_call_cont_strong k0): (* how can i check sg_args and tyf are same type? *) @@ -59,10 +59,10 @@ Section MODSEM. | initial_frame_intro fd tyf (CSTYLE: Args.is_cstyle args) - (FINDF: Genv.find_funct ge args.(Args.fptr) = Some (Internal fd)) + (FINDF: Genv.find_funct ge (Args.fptr args) = Some (Internal fd)) (TYPE: type_of_fundef (Internal fd) = tyf) (* TODO: rename this into sig *) - (TYP: typecheck args.(Args.vs) (type_of_params (fn_params fd))): - initial_frame args (Callstate args.(Args.fptr) tyf args.(Args.vs) Kstop args.(Args.m)). + (TYP: typecheck (Args.vs args) (type_of_params (fn_params fd))): + initial_frame args (Callstate (Args.fptr args) tyf (Args.vs args) Kstop (Args.m args)). Inductive final_frame: state -> Retv.t -> Prop := | final_frame_intro @@ -75,10 +75,10 @@ Section MODSEM. fptr_arg vs_arg m_arg k retv tv targs tres cconv (CSTYLE: Retv.is_cstyle retv) (* tyf *) - (TYP: typify_c retv.(Retv.v) tres tv): + (TYP: typify_c (Retv.v retv) tres tv): after_external (Callstate fptr_arg (Tfunction targs tres cconv) vs_arg k m_arg) retv - (Returnstate tv k retv.(Retv.m)). + (Returnstate tv k (Retv.m retv)). Program Definition modsem: ModSem.t := {| ModSem.step := step; @@ -138,7 +138,7 @@ Inductive typechecked (builtins: list (ident * globdef (Ctypes.fundef function) (WF: Sk.wf (module p)) (* this property is already checked by the compiler, though they are not in Coq side *) (CSTYLE: forall id ef tyargs ty cc (IN: In (id, (Gfun (Ctypes.External ef tyargs ty cc))) p.(prog_defs)), - ef.(ef_sig).(sig_cstyle)) + (ef_sig ef).(sig_cstyle)) (* C cannot call Asm-style function. *) (* Actually, this property is checked by linker, so we can remove the property by changing UBD-B to: *) (* C \plink empty >= C \llink empty *) @@ -149,4 +149,4 @@ Inductive typechecked (builtins: list (ident * globdef (Ctypes.fundef function) (BUILTIN: ~ is_external_fd fd), In (id, Gfun fd) builtins) (* This condition basically says that all malloc/free/builtin functions share the same identifier among modules. *) -. \ No newline at end of file +. diff --git a/cfrontend/CsharpminorC.v b/cfrontend/CsharpminorC.v index 0b515355..75966a17 100644 --- a/cfrontend/CsharpminorC.v +++ b/cfrontend/CsharpminorC.v @@ -31,14 +31,14 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: program. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) p.(Sk.of_program fn_sig). - Let ge: genv := skenv.(SkEnv.revive) p. + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (Sk.of_program fn_sig p). + Let ge: genv := (SkEnv.revive skenv) p. Inductive at_external: state -> Args.t -> Prop := | at_external_intro fptr_arg sg_arg vs_arg k0 m0 - (EXTERNAL: ge.(Genv.find_funct) fptr_arg = None) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr_arg = Some skd /\ Sk.get_csig skd = Some sg_arg) + (EXTERNAL: (Genv.find_funct ge) fptr_arg = None) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr_arg = Some skd /\ Sk.get_csig skd = Some sg_arg) : at_external (Callstate fptr_arg sg_arg vs_arg k0 m0) (Args.mk fptr_arg vs_arg m0). @@ -47,11 +47,11 @@ Section MODSEM. | initial_frame_intro fd tvs (CSTYLE: Args.is_cstyle args /\ fd.(fn_sig).(sig_cstyle) = true) - (FINDF: Genv.find_funct ge args.(Args.fptr) = Some (Internal fd)) - (TYP: typecheck args.(Args.vs) fd.(fn_sig) tvs) - (LEN: args.(Args.vs).(length) = fd.(fn_sig).(sig_args).(length)) + (FINDF: Genv.find_funct ge (Args.fptr args) = Some (Internal fd)) + (TYP: typecheck (Args.vs args) fd.(fn_sig) tvs) + (LEN: (Args.vs args).(length) = fd.(fn_sig).(sig_args).(length)) : - initial_frame args (Callstate args.(Args.fptr) fd.(fn_sig) tvs Kstop args.(Args.m)). + initial_frame args (Callstate (Args.fptr args) fd.(fn_sig) tvs Kstop (Args.m args)). Inductive final_frame: state -> Retv.t -> Prop := | final_frame_intro @@ -64,11 +64,11 @@ Section MODSEM. fptr_arg sg_arg vs_arg k0 m_arg retv tv (CSTYLE: Retv.is_cstyle retv) - (TYP: typify retv.(Retv.v) sg_arg.(proj_sig_res) = tv) + (TYP: typify (Retv.v retv) (proj_sig_res sg_arg) = tv) : after_external (Callstate fptr_arg sg_arg vs_arg k0 m_arg) retv - (Returnstate tv k0 retv.(Retv.m)). + (Returnstate tv k0 (Retv.m retv)). Program Definition modsem: ModSem.t := {| diff --git a/cfrontend/CshmgenproofC.v b/cfrontend/CshmgenproofC.v index 32646157..da53d8f7 100644 --- a/cfrontend/CshmgenproofC.v +++ b/cfrontend/CshmgenproofC.v @@ -36,23 +36,23 @@ Variable prog: Clight.program. Variable tprog: Csharpminor.program. Let md_src: Mod.t := (ClightC.module2 prog). Let md_tgt: Mod.t := (CsharpminorC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := Build_genv (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog) prog.(prog_comp_env). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := Build_genv (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog) prog.(prog_comp_env). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states (idx: nat) (st_src0: Clight.state) (st_tgt0: Csharpminor.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: Cshmgenproof.match_states prog ge st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(ClightC.get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(CsharpminorC.get_mem) = sm0.(SimMem.tgt)). + (MCOMPATSRC: (ClightC.get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (CsharpminorC.get_mem st_tgt0) = sm0.(SimMem.tgt)). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef match_fundef match_varinfo prog) ge tge. Proof. subst_locals. ss. eapply SimSymbId.sim_skenv_revive; eauto. Qed. diff --git a/cfrontend/CstrategyC.v b/cfrontend/CstrategyC.v index d1ceeef1..492d29b7 100644 --- a/cfrontend/CstrategyC.v +++ b/cfrontend/CstrategyC.v @@ -40,7 +40,7 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: program. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) p.(CSk.of_program signature_of_function). + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (CSk.of_program signature_of_function p). Let ce_ge: composite_env := prog_comp_env p. Let ge_ge: Genv.t fundef type := SkEnv.revive skenv p. Let ge: genv := Build_genv ge_ge ce_ge. @@ -48,8 +48,8 @@ Section MODSEM. Inductive at_external : state -> Args.t -> Prop := | at_external_intro fptr_arg vs_arg targs tres cconv k0 m0 - (EXTERNAL: ge.(Genv.find_funct) fptr_arg = None) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr_arg = Some skd + (EXTERNAL: (Genv.find_funct ge) fptr_arg = None) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr_arg = Some skd /\ Some (signature_of_type targs tres cconv) = Sk.get_csig skd) (CALL: is_call_cont_strong k0): at_external (Callstate fptr_arg (Tfunction targs tres cconv) vs_arg k0 m0) (Args.mk fptr_arg vs_arg m0). @@ -58,10 +58,10 @@ Section MODSEM. | initial_frame_intro fd tyf (CSTYLE: Args.is_cstyle args) - (FINDF: Genv.find_funct ge args.(Args.fptr) = Some (Internal fd)) + (FINDF: Genv.find_funct ge (Args.fptr args) = Some (Internal fd)) (TYPE: type_of_fundef (Internal fd) = tyf) (* TODO: rename this into sig *) - (TYP: typecheck args.(Args.vs) (type_of_params (fn_params fd))): - initial_frame args (Callstate args.(Args.fptr) tyf args.(Args.vs) Kstop args.(Args.m)). + (TYP: typecheck (Args.vs args) (type_of_params (fn_params fd))): + initial_frame args (Callstate (Args.fptr args) tyf (Args.vs args) Kstop (Args.m args)). Inductive final_frame: state -> Retv.t -> Prop := | final_frame_intro @@ -73,10 +73,10 @@ Section MODSEM. fptr_arg vs_arg m_arg k retv tv targs tres cconv (CSTYLE: Retv.is_cstyle retv) (* tyf *) - (TYP: typify_c retv.(Retv.v) tres tv): + (TYP: typify_c (Retv.v retv) tres tv): after_external (Callstate fptr_arg (Tfunction targs tres cconv) vs_arg k m_arg) retv - (Returnstate tv k retv.(Retv.m)). + (Returnstate tv k (Retv.m retv)). Program Definition modsem: ModSem.t := {| ModSem.step := step; diff --git a/cfrontend/CstrategyproofC.v b/cfrontend/CstrategyproofC.v index 1569a298..4ebfdba3 100644 --- a/cfrontend/CstrategyproofC.v +++ b/cfrontend/CstrategyproofC.v @@ -33,11 +33,11 @@ Variable sm_link: SimMem.t. Variables prog: program. Let md_src: Mod.t := (CsemC.module prog). Let md_tgt: Mod.t := (module prog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). -Let ge: genv := Build_genv (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog) prog.(prog_comp_env). -Let tge: genv := Build_genv (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) prog) prog.(prog_comp_env). +Let ge: genv := Build_genv (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog) prog.(prog_comp_env). +Let tge: genv := Build_genv (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) prog) prog.(prog_comp_env). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states @@ -106,7 +106,7 @@ End SIMMODSEM. Section SIMMOD. Variables prog: program. -Definition mp: ModPair.t := SimSymbId.mk_mp (CsemC.module prog) (module prog).(Mod.Atomic.trans). +Definition mp: ModPair.t := SimSymbId.mk_mp (CsemC.module prog) (Mod.Atomic.trans (module prog)). Theorem sim_mod: ModPair.sim mp. Proof. diff --git a/cfrontend/CtypesC.v b/cfrontend/CtypesC.v index 71bc40e2..72945776 100644 --- a/cfrontend/CtypesC.v +++ b/cfrontend/CtypesC.v @@ -38,7 +38,7 @@ Module CSk. Lemma of_program_defs F get_sg (p: Ctypes.program F): - (of_program get_sg p).(defs) = p.(defs). + (defs (of_program get_sg p)) = (defs p). Proof. destruct p; ss. Local Opaque in_dec. @@ -91,7 +91,7 @@ Module CSk. (@match_fundef _ _ (get_sg)) top2 tt) - (p.(prog_defmap) ! id) ((of_program get_sg p).(prog_defmap) ! id)>>. + ((prog_defmap p) ! id) ((prog_defmap (of_program get_sg p)) ! id)>>. Proof. ii. unfold prog_defmap, of_program, skdefs_of_gdefs. ss. rewrite prog_defmap_update_snd. rewrite prog_defmap_update_snd. @@ -108,7 +108,7 @@ Module CSk. Local Opaque prog_defmap. Lemma of_program_internals: forall F get_sg (p: Ctypes.program F), - (of_program get_sg p).(internals) = p.(internals). + (internals (of_program get_sg p)) = (internals p). Proof. unfold internals. destruct p; ss. apply Axioms.functional_extensionality. intro id; ss. u. @@ -130,14 +130,14 @@ Module CSkEnv. (* (DEFS0: forall id, In id prog.(prog_defs_names) -> is_some (skenv.(Genv.find_symbol) id)) *) (* (WF: wf skenv) *) (* (PROJ: skenv = SkEnv.project skenv_link prog) *) - (PROJ: SkEnv.project_spec skenv_link prog.(CSk.of_program get_sg) skenv) + (PROJ: SkEnv.project_spec skenv_link (CSk.of_program get_sg prog) skenv) (* (WF: SkEnv.wf skenv_link) *) (* (PRECISE: SkEnv.genv_precise (SkEnv.revive skenv prog) prog *) - (INCL: SkEnv.includes skenv_link prog.(CSk.of_program get_sg)): + (INCL: SkEnv.includes skenv_link (CSk.of_program get_sg prog)): <>. Proof. assert(H: DUMMY_PROP) by ss. - assert(DEFS: prog.(defs) <1= fun id => is_some (skenv.(Genv.find_symbol) id)). + assert(DEFS: (defs prog) <1= fun id => is_some (Genv.find_symbol (skenv) id)). { ii; ss. u. des_ifs. exfalso. bar. inv PROJ. bar. inv INCL. bar. exploit SYMBKEEP; et. diff --git a/cfrontend/CtypingC.v b/cfrontend/CtypingC.v index f281e247..79684d2d 100644 --- a/cfrontend/CtypingC.v +++ b/cfrontend/CtypingC.v @@ -68,13 +68,13 @@ Lemma wt_val_has_type v ty (WT: wt_val v ty) (NVOID: ty <> Tvoid): - <>. + <>. Proof. inv WT; ss. Qed. Lemma wt_retval_has_type v ty (WT: wt_retval v ty): - <>. + <>. Proof. inv WT; ss. inv WTV; ss. erewrite NVOID; ss. Qed. Lemma typify_inject diff --git a/cfrontend/SimplExprproofC.v b/cfrontend/SimplExprproofC.v index 71ecb65b..05918324 100644 --- a/cfrontend/SimplExprproofC.v +++ b/cfrontend/SimplExprproofC.v @@ -25,12 +25,12 @@ Variable prog: Csyntax.program. Variable tprog: Clight.program. Let md_src: Mod.t := (CstrategyC.module prog). Let md_tgt: Mod.t := (ClightC.module1 tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge: Csem.genv := Csem.Build_genv (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog) prog.(prog_comp_env). -Let tge: genv := Build_genv (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog) tprog.(prog_comp_env). +Let ge: Csem.genv := Csem.Build_genv (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog) prog.(prog_comp_env). +Let tge: genv := Build_genv (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog) tprog.(prog_comp_env). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states @@ -41,8 +41,8 @@ Inductive match_states (MEASURE: measure st_src0 = idx). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun (ctx : AST.program Csyntax.fundef type) f tf => tr_fundef f tf) eq prog) ge tge /\ prog_comp_env prog = prog_comp_env tprog. Proof. subst_locals. ss. rr in TRANSL. destruct TRANSL. r in H. esplits. @@ -126,7 +126,7 @@ Section SIMMOD. Variable prog: Csyntax.program. Variable tprog: Clight.program. Hypothesis TRANSL: match_prog prog tprog. -Definition mp: ModPair.t := SimSymbId.mk_mp (CstrategyC.module prog).(Mod.Atomic.trans) (ClightC.module1 tprog). +Definition mp: ModPair.t := SimSymbId.mk_mp (Mod.Atomic.trans (CstrategyC.module prog)) (ClightC.module1 tprog). Theorem sim_mod: ModPair.sim mp. Proof. diff --git a/cfrontend/SimplLocalsproofC.v b/cfrontend/SimplLocalsproofC.v index 8ffd6e0c..2eea3211 100644 --- a/cfrontend/SimplLocalsproofC.v +++ b/cfrontend/SimplLocalsproofC.v @@ -66,12 +66,12 @@ Variable sm_link: SimMem.t. Variable prog tprog: Clight.program. Let md_src: Mod.t := (ClightC.module1 prog). Let md_tgt: Mod.t := (ClightC.module2 tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSL: match_prog prog tprog. -Let ge := Build_genv (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog) prog.(prog_comp_env). -Let tge := Build_genv (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog) tprog.(prog_comp_env). +Let ge := Build_genv (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog) prog.(prog_comp_env). +Let tge := Build_genv (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog) tprog.(prog_comp_env). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Inductive match_states @@ -80,7 +80,7 @@ Inductive match_states (MATCHST: SimplLocalsproof.match_states skenv_link skenv_link ge st_src0 st_tgt0 sm0). Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun (ctx: AST.program fundef type) f tf => transf_fundef f = OK tf) eq prog) ge tge /\ prog_comp_env prog = prog_comp_env tprog. Proof. diff --git a/common/ASTC.v b/common/ASTC.v index 7dcc2495..4b356873 100644 --- a/common/ASTC.v +++ b/common/ASTC.v @@ -14,7 +14,7 @@ Generalizable Variables F. Lemma prog_defmap_spec F V (p: program F V) id: - In id p.(prog_defs_names) <-> exists g, p.(prog_defmap) ! id = Some g. + In id (prog_defs_names p) <-> exists g, (prog_defmap p) ! id = Some g. Proof. split; ii. - exploit prog_defmap_dom; eauto. @@ -133,7 +133,7 @@ Section PROGRAMS. Variable p: program F V. Definition good_prog (p: program F V): Prop := - incl p.(prog_public) p.(prog_defs_names). + incl p.(prog_public) (prog_defs_names p). (* It also makes sense to add list_norept of prog_defs_names. "prog_defmap_norepet" *) (* Actually both are enforced in Unusedglob. *) (*** valid_used_set in Unusedglobproof.v @@ -147,9 +147,9 @@ https://sflab.slack.com/archives/G25737B47/p1517939898000786 I think the same is true for prog_public thing too. ***) - Definition defs: ident -> bool := fun id => In_dec ident_eq id p.(prog_defs_names). + Definition defs: ident -> bool := fun id => In_dec ident_eq id (prog_defs_names p). Check (defs: ident -> Prop). - Definition defs_old: ident -> Prop := fun id => exists gd, p.(prog_defmap)!id = Some gd. + Definition defs_old: ident -> Prop := fun id => exists gd, (prog_defmap p)!id = Some gd. Goal defs <1= defs_old. Proof. ii. exploit prog_defmap_dom; eauto. inv PR. @@ -184,14 +184,14 @@ Section PROGRAMS2. Variable p: program F V. Definition internals: ident -> bool := - fun id => match p.(prog_defmap)!id with + fun id => match (prog_defmap p)!id with | Some gd => negb (is_external gd) | None => false end. Definition internals': ident -> bool := fun id => is_some - (List.find (fun idg => andb (ident_eq id idg.(fst)) (is_external idg.(snd))) p.(prog_defs)). + (List.find (fun idg => andb (ident_eq id (fst idg)) (is_external (snd idg))) p.(prog_defs)). End PROGRAMS2. @@ -201,7 +201,7 @@ Hint Unfold defs_old privs_old internals'. Lemma internals_defs `{HasExternal F} V (p: AST.program F V): - p.(internals) <1= p.(defs). + (internals p) <1= (defs p). Proof. u. ii. des_sumbool. eapply prog_defmap_spec. des_ifs; et. Qed. diff --git a/common/GlobalenvsC.v b/common/GlobalenvsC.v index 334efa3c..ea8beefd 100644 --- a/common/GlobalenvsC.v +++ b/common/GlobalenvsC.v @@ -154,7 +154,7 @@ Section MAP. (f: block -> globdef F1 V1 -> option (globdef F2 V2)): Genv.t F2 V2 := {| Genv.genv_public := ge0.(Genv.genv_public); Genv.genv_symb := ge0.(Genv.genv_symb); - Genv.genv_defs := ge0.(Genv.genv_defs).(PTree_filter_map f); + Genv.genv_defs := (PTree_filter_map f ge0.(Genv.genv_defs)); Genv.genv_next := ge0.(Genv.genv_next); |}. Next Obligation. eapply Genv.genv_symb_range; eauto. Qed. @@ -163,8 +163,8 @@ Section MAP. Lemma Genv_map_defs_def ge (f: block -> globdef F1 V1 -> option (globdef F2 V2)) blk gd2 - (FIND: (ge.(Genv_map_defs) f).(Genv.find_def) blk = Some gd2): - exists gd1, <> /\ <>. + (FIND: (Genv.find_def (Genv_map_defs ge f)) blk = Some gd2): + exists gd1, <> /\ <>. Proof. unfold Genv.find_def in *. unfold Genv_map_defs in *. ss. rewrite PTree_filter_map_spec in *. u in FIND. des_ifs. esplits; eauto. @@ -172,9 +172,9 @@ Section MAP. Lemma Genv_map_defs_def_inv ge blk gd - (FIND: ge.(Genv.find_def) blk = Some gd): + (FIND: (Genv.find_def ge) blk = Some gd): < globdef F1 V1 -> option (globdef F2 V2)), - (ge.(Genv_map_defs) f).(Genv.find_def) blk = f blk gd>>. + (Genv.find_def (Genv_map_defs ge f)) blk = f blk gd>>. Proof. ii. unfold Genv.find_def in *. unfold Genv_map_defs in *. ss. rewrite PTree_filter_map_spec in *. u. des_ifs. @@ -182,14 +182,14 @@ Section MAP. Lemma Genv_map_defs_symb ge (f: block -> globdef F1 V1 -> option (globdef F2 V2)): - <>. + <>. Proof. ii; ss. Qed. (* Note: genv_defs will have spurious data, but this is actually Compcert's interpretation. *) Program Definition Genv_filter_symb (ge0: Genv.t F1 V1) (f: ident -> bool): Genv.t F1 V1 := {| Genv.genv_public := ge0.(Genv.genv_public); - Genv.genv_symb := ge0.(Genv.genv_symb).(PTree_filter_key f); + Genv.genv_symb := (PTree_filter_key f ge0.(Genv.genv_symb)); Genv.genv_defs := ge0.(Genv.genv_defs); Genv.genv_next := ge0.(Genv.genv_next); |}. @@ -342,7 +342,7 @@ Section MATCHPROG. Hypothesis (MATCHPROG: match_program_gen match_fundef match_varinfo ctx p_src p_tgt). Lemma match_program_gen_defs: - <>. + <>. Proof. apply Axioms.functional_extensionality. ii; ss. u. inv MATCHPROG. des. (* hexploit (match_program_defmap _ _ ctx p_src p_tgt MATCH x). intro REL. *) diff --git a/common/MemoryC.v b/common/MemoryC.v index dde14ef6..306c0975 100644 --- a/common/MemoryC.v +++ b/common/MemoryC.v @@ -377,7 +377,7 @@ Qed. Program Definition Mem_unfree (m: mem) (b: block) (lo hi: Z): option mem := if plt b m.(Mem.nextblock) then Some (Mem.mkmem - (PMap.set b (Mem.setN (list_repeat (hi-lo).(Z.to_nat) Undef) lo ((Mem.mem_contents m) # b)) + (PMap.set b (Mem.setN (list_repeat (Z.to_nat (hi-lo)) Undef) lo ((Mem.mem_contents m) # b)) (Mem.mem_contents m)) (PMap.set b (fun ofs k => if zle lo ofs && zlt ofs hi then Some Freeable else m.(Mem.mem_access)#b ofs k) @@ -408,7 +408,7 @@ Proof. unfold Mem_unfree in *. des_ifs; ss. Qed. Lemma Mem_valid_block_unfree m0 m1 blk lo hi (UNFR: Mem_unfree m0 blk lo hi = Some m1): - all1 (m0.(Mem.valid_block) <1> m1.(Mem.valid_block)). + all1 ((Mem.valid_block m0) <1> (Mem.valid_block m1)). Proof. unfold Mem_unfree in *. des_ifs; ss. Qed. Lemma Mem_unfree_unchanged_on0 @@ -480,7 +480,7 @@ Local Ltac simp := repeat (bsimpl; des; des_sumbool; ss; clarify). Lemma Mem_setN_in_repeat n v p q c - (IN: p <= q < p + n.(Z.of_nat)): + (IN: p <= q < p + (Z.of_nat n)): (ZMap.get q (Mem.setN (list_repeat n v) p c)) = v. Proof. exploit (Mem.setN_in (list_repeat n v) p q c); eauto. @@ -533,7 +533,7 @@ Proof. { instantiate (1:= Ptrofs.zero). rewrite Ptrofs.unsigned_zero. xomega. } left. rewrite Ptrofs.unsigned_zero. eapply Mem.perm_cur_max. perm_impl_tac. eapply PERM. split; try xomega. - exploit Mem.mi_representable; try apply MWF; eauto; cycle 1. - { instantiate (1:= sz.(Ptrofs.repr)). rewrite Ptrofs.unsigned_repr; try xomega. } + { instantiate (1:= (Ptrofs.repr sz)). rewrite Ptrofs.unsigned_repr; try xomega. } right. rewrite Ptrofs.unsigned_repr; try xomega. eapply Mem.perm_cur_max. perm_impl_tac. eapply PERM. split; try xomega. Qed. @@ -586,9 +586,9 @@ Theorem Mem_free_parallel_inject' f m1 m2 blk_src blk_tgt ofs_src ofs_tgt sz m1' (INJ: Mem.inject f m1 m2) (VAL: Val.inject f (Vptr blk_src ofs_src) (Vptr blk_tgt ofs_tgt)) - (FREE: Mem.free m1 blk_src ofs_src.(Ptrofs.unsigned) (ofs_src.(Ptrofs.unsigned) + sz) = Some m1'): + (FREE: Mem.free m1 blk_src (Ptrofs.unsigned ofs_src) ((Ptrofs.unsigned ofs_src) + sz) = Some m1'): exists m2', - (<>) + (<>) /\ (<>). Proof. inv VAL. destruct (zlt 0 sz). diff --git a/compose/ModSem.v b/compose/ModSem.v index 2017a7bd..64353537 100644 --- a/compose/ModSem.v +++ b/compose/ModSem.v @@ -78,7 +78,7 @@ Module Args. end . - Lemma get_m_m: forall args (CSTYLE: is_cstyle args), args.(get_m) = args.(m). Proof. destruct args; ss. Qed. + Lemma get_m_m: forall args (CSTYLE: is_cstyle args), (get_m args) = (m args). Proof. destruct args; ss. Qed. End Args. @@ -128,7 +128,7 @@ Module Retv. end . - Lemma get_m_m: forall retv (CSTYLE: is_cstyle retv), retv.(get_m) = retv.(m). Proof. destruct retv; ss. Qed. + Lemma get_m_m: forall retv (CSTYLE: is_cstyle retv), (get_m retv) = (m retv). Proof. destruct retv; ss. Qed. End Retv. @@ -208,16 +208,16 @@ Module ModSem. step se ge (ev :: tr, st0) [ev] (tr, st0). Definition at_external (st0: state) (args: Args.t): Prop := - st0.(fst) = [] /\ ms.(at_external) st0.(snd) args. + (fst st0) = [] /\ ms.(at_external) (snd st0) args. Definition initial_frame (args: Args.t) (st0: state): Prop := - st0.(fst) = [] /\ ms.(initial_frame) args st0.(snd). + (fst st0) = [] /\ ms.(initial_frame) args (snd st0). Definition final_frame (st0: state) (retv: Retv.t): Prop := - st0.(fst) = [] /\ ms.(final_frame) st0.(snd) retv. + (fst st0) = [] /\ ms.(final_frame) (snd st0) retv. Definition after_external (st0: state) (retv: Retv.t) (st1: state): Prop := - st0.(fst) = [] /\ ms.(after_external) st0.(snd) retv st1.(snd) /\ st1.(fst) = []. + (fst st0) = [] /\ ms.(after_external) (snd st0) retv (snd st1) /\ (fst st1) = []. Program Definition trans: t := mk step at_external initial_frame final_frame after_external diff --git a/compose/Sem.v b/compose/Sem.v index f0e86ac0..2e33ee17 100644 --- a/compose/Sem.v +++ b/compose/Sem.v @@ -43,7 +43,7 @@ Module Ge. Inductive find_fptr_owner (ge: t) (fptr: val) (ms: ModSem.t): Prop := | find_fptr_owner_intro - (MODSEM: In ms ge.(fst)) + (MODSEM: In ms (fst ge)) if_sig (INTERNAL: Genv.find_funct ms.(ModSem.skenv) fptr = Some (Internal if_sig)). @@ -72,7 +72,7 @@ Inductive step (ge: Ge.t): state -> trace -> state -> Prop := | step_init args frs ms st_init - (MSFIND: ge.(Ge.find_fptr_owner) args.(Args.get_fptr) ms) + (MSFIND: ge.(Ge.find_fptr_owner) (Args.get_fptr args) ms) (INIT: ms.(ModSem.initial_frame) args st_init): step ge (Callstate args frs) E0 (State ((Frame.mk ms st_init) :: frs)) @@ -81,13 +81,13 @@ Inductive step (ge: Ge.t): state -> trace -> state -> Prop := fr0 frs tr st0 (STEP: Step (fr0.(Frame.ms)) fr0.(Frame.st) tr st0): step ge (State (fr0 :: frs)) - tr (State ((fr0.(Frame.update_st) st0) :: frs)) + tr (State (((Frame.update_st fr0) st0) :: frs)) | step_return fr0 fr1 frs retv st0 (FINAL: fr0.(Frame.ms).(ModSem.final_frame) fr0.(Frame.st) retv) (AFTER: fr1.(Frame.ms).(ModSem.after_external) fr1.(Frame.st) retv st0): step ge (State (fr0 :: fr1 :: frs)) - E0 (State ((fr1.(Frame.update_st) st0) :: frs)). + E0 (State (((Frame.update_st fr1) st0) :: frs)). @@ -99,15 +99,15 @@ Section SEMANTICS. Definition link_sk: option Sk.t := link_list (List.map Mod.sk p). Definition skenv_fill_internals (skenv: SkEnv.t): SkEnv.t := - skenv.(Genv_map_defs) (fun _ gd => Some + (Genv_map_defs skenv) (fun _ gd => Some match gd with - | Gfun (External ef) => (Gfun (Internal ef.(ef_sig))) + | Gfun (External ef) => (Gfun (Internal (ef_sig ef))) | Gfun _ => gd | Gvar gv => gd end). Definition load_system (skenv: SkEnv.t): (ModSem.t * SkEnv.t) := - (System.modsem skenv, skenv.(skenv_fill_internals)). + (System.modsem skenv, (skenv_fill_internals skenv)). Definition load_modsems (skenv: SkEnv.t): list ModSem.t := List.map ((flip Mod.modsem) skenv) p. @@ -120,10 +120,10 @@ Section SEMANTICS. | initial_state_intro sk_link skenv_link m_init fptr_init (INITSK: link_sk = Some sk_link) - (INITSKENV: sk_link.(Sk.load_skenv) = skenv_link) - (INITMEM: sk_link.(Sk.load_mem) = Some m_init) + (INITSKENV: (Sk.load_skenv sk_link) = skenv_link) + (INITMEM: (Sk.load_mem sk_link) = Some m_init) (FPTR: fptr_init = (Genv.symbol_address skenv_link sk_link.(prog_main) Ptrofs.zero)) - (SIG: skenv_link.(Genv.find_funct) fptr_init = Some (Internal signature_main)) + (SIG: (Genv.find_funct skenv_link) fptr_init = Some (Internal signature_main)) (WF: forall md (IN: In md p), <>): initial_state (Callstate (Args.mk fptr_init [] m_init) []). @@ -131,18 +131,18 @@ Section SEMANTICS. | final_state_intro fr0 retv i (FINAL: fr0.(Frame.ms).(ModSem.final_frame) fr0.(Frame.st) retv) - (INT: retv.(Retv.v) = Vint i): + (INT: (Retv.v retv) = Vint i): final_state (State [fr0]) i. Definition sem: semantics := (Semantics_gen (fun _ => step) initial_state final_state (match link_sk with - | Some sk_link => load_genv sk_link.(Sk.load_skenv) + | Some sk_link => load_genv (Sk.load_skenv sk_link) | None => (nil, SkEnv.empty) end) (* NOTE: The symbolenv here is never actually evoked in our semantics. Putting this value is merely for our convenience. (lifting receptive/determinate) Whole proof should be sound even if we put dummy data here. *) (match link_sk with - | Some sk_link => sk_link.(Sk.load_skenv) + | Some sk_link => (Sk.load_skenv sk_link) | None => SkEnv.empty end)). (* Note: I don't want to make it option type. If it is option type, there is a problem. *) diff --git a/compose/Skeleton.v b/compose/Skeleton.v index b392c89b..38056a25 100644 --- a/compose/Skeleton.v +++ b/compose/Skeleton.v @@ -91,7 +91,7 @@ Module Sk. F V (p: AST.program (AST.fundef F) V) get_sg: <>. + ((prog_defmap p) ! id) ((prog_defmap (of_program get_sg p)) ! id)>>. Proof. ii. unfold prog_defmap, of_program, skdefs_of_gdefs. ss. rewrite prog_defmap_update_snd. destruct ((PTree_Properties.of_list (prog_defs p)) ! id) eqn:T; ss. @@ -106,7 +106,7 @@ Module Sk. Lemma of_program_defs_names F V get_sg (p: AST.program (AST.fundef F) V): - (of_program get_sg p).(prog_defs_names) = p.(prog_defs_names). + (prog_defs_names (of_program get_sg p)) = (prog_defs_names p). Proof. destruct p; ss. Local Opaque in_dec. @@ -117,7 +117,7 @@ Module Sk. Lemma of_program_defs F V get_sg (p: AST.program (AST.fundef F) V): - (of_program get_sg p).(defs) = p.(defs). + (defs (of_program get_sg p)) = (defs p). Proof. unfold defs. rewrite of_program_defs_names; ss. Qed. @@ -125,7 +125,7 @@ Module Sk. Local Opaque prog_defmap. Lemma of_program_internals F V get_sg (p: AST.program (AST.fundef F) V): - (of_program get_sg p).(internals) = p.(internals). + (internals (of_program get_sg p)) = (internals p). Proof. unfold internals. destruct p; ss. apply Axioms.functional_extensionality. intro id; ss. @@ -137,7 +137,7 @@ Module Sk. Lemma of_program_internals' F V get_sg (p: AST.program (AST.fundef F) V): - (of_program get_sg p).(internals') = p.(internals'). + (internals' (of_program get_sg p)) = (internals' p). Proof. destruct p; ss. unfold internals', of_program. ss. apply Axioms.functional_extensionality. intro id; ss. @@ -165,25 +165,25 @@ Module Sk. | Internal sg0 => if sg0.(sig_cstyle) then Some sg0 else None | External ef => - if ef.(ef_sig).(sig_cstyle) then Some ef.(ef_sig) else None + if (ef_sig ef).(sig_cstyle) then Some (ef_sig ef) else None end . Definition get_sig (skdef: (AST.fundef signature)): signature := match skdef with | Internal sg0 => sg0 - | External ef => ef.(ef_sig) + | External ef => (ef_sig ef) end. Inductive wf (sk: t): Prop := | wf_intro - (NODUP: NoDup sk.(prog_defs_names)) (* list_norepet *) + (NODUP: NoDup (prog_defs_names sk)) (* list_norepet *) (WFPTR: forall id_fr gv id_to _ofs (IN: In (id_fr, (Gvar gv)) sk.(prog_defs)) (* (IN: sk.(prog_defmap) ! id_fr = Some (Gvar gv)) *) (INDAT: In (Init_addrof id_to _ofs) gv.(gvar_init)), - <>) - (PUBINCL: incl sk.(prog_public) sk.(prog_defs_names)) + <>) + (PUBINCL: incl sk.(prog_public) (prog_defs_names sk)) (* The sum of the sizes of the function parameters must be less than INT_MAX. *) (WFPARAM: forall id skd (IN: In (id, (Gfun skd)) sk.(prog_defs)), @@ -201,31 +201,31 @@ Module SkEnv. Inductive wf (skenv: t): Prop := | wf_intro (SYMBDEF: forall id blk - (SYMB: skenv.(Genv.find_symbol) id = Some blk), - <>) + (SYMB: (Genv.find_symbol skenv) id = Some blk), + <>) (DEFSYMB: forall blk skd - (DEF: skenv.(Genv.find_def) blk = Some skd), - <>) + (DEF: (Genv.find_def skenv) blk = Some skd), + <>) (WFPARAM: forall blk skd - (DEF: skenv.(Genv.find_def) blk = Some (Gfun skd)), + (DEF: (Genv.find_def skenv) blk = Some (Gfun skd)), <>). Inductive wf_mem (skenv: t) (sk: Sk.t) (m0: mem): Prop := | wf_mem_intro (WFPTR: forall blk_fr _ofs_fr blk_to _ofs_to id_fr _q _n gv - (SYMB: skenv.(Genv.find_symbol) id_fr = Some blk_fr) + (SYMB: (Genv.find_symbol skenv) id_fr = Some blk_fr) (* (IN: In id_fr sk.(prog_defs_names)) *) (IN: In (id_fr, (Gvar gv)) sk.(prog_defs)) (NONVOL: gv.(gvar_volatile) = false) (DEFINITIVE: classify_init gv.(gvar_init) = Init_definitive gv.(gvar_init)) (* (IN: sk.(prog_defmap) ! id_fr = Some (Gvar gv)) *) (LOAD: Mem.loadbytes m0 blk_fr _ofs_fr 1 = Some [Fragment (Vptr blk_to _ofs_to) _q _n]), - exists id_to, (<>) - /\ (<>)). + exists id_to, (<>) + /\ (<>)). Lemma load_skenv_wf sk (WF: Sk.wf sk): - <>. + <>. Proof. unfold Sk.load_skenv. u. econs; try r. - unfold Genv.globalenv, Genv.find_symbol, Genv.find_def. eapply Genv.add_globals_preserves; i; ss. @@ -273,9 +273,9 @@ Module SkEnv. Inductive includes (skenv: SkEnv.t) (sk: AST.program (AST.fundef signature) unit): Prop := | includes_intro (DEFS: forall id gd0 - (DEF: sk.(prog_defmap) ! id = Some gd0), - exists blk gd1, (<>) /\ - (<>) /\ + (DEF: (prog_defmap sk) ! id = Some gd0), + exists blk gd1, (<>) /\ + (<>) /\ (<>)) (PUBS: incl sk.(prog_public) skenv.(Genv.genv_public)). @@ -283,29 +283,29 @@ Module SkEnv. | project_spec_intro (NEXT: skenv.(Genv.genv_next) = skenv_proj.(Genv.genv_next)) (SYMBKEEP: forall id - (KEEP: prog.(defs) id), - (<>)) + (KEEP: (defs prog) id), + (<>)) (SYMBDROP: forall id - (DROP: ~ prog.(defs) id), - <>) + (DROP: ~ (defs prog) id), + <>) (DEFKEEP: forall id blk gd_big - (INV: skenv.(Genv.invert_symbol) blk = Some id) - (KEEP: prog.(internals) id) - (BIG: skenv.(Genv.find_def) blk = Some gd_big), - exists gd_small, <> + (INV: (Genv.invert_symbol skenv) blk = Some id) + (KEEP: (internals prog) id) + (BIG: (Genv.find_def skenv) blk = Some gd_big), + exists gd_small, <> /\ <> /\ <> - /\ <>) + /\ <>) (DEFKEPT: forall id blk gd_small - (INV: skenv.(Genv.invert_symbol) blk = Some id) - (SMALL: skenv_proj.(Genv.find_def) blk = Some gd_small), - <> /\ <> - /\ <> /\ - exists gd_big, <> /\ <>) + (INV: (Genv.invert_symbol skenv) blk = Some id) + (SMALL: (Genv.find_def skenv_proj) blk = Some gd_small), + <> /\ <> + /\ <> /\ + exists gd_big, <> /\ <>) (DEFORPHAN: forall (* TODO: is it needed? *) blk - (INV: skenv.(Genv.invert_symbol) blk = None), - <>) + (INV: (Genv.invert_symbol skenv) blk = None), + <>) (PUBLIC: prog.(prog_public) = skenv_proj.(Genv.genv_public)). (* NOTE: it is total function! This is helpful because we don't need to state bsim of this, like @@ -313,13 +313,14 @@ Module SkEnv. I think "sim_skenv_monotone" should be sufficient. *) Definition project (skenv: t) (prog: Sk.t): t := - ((Genv_update_publics skenv prog.(prog_public)).(Genv_filter_symb) (fun id => prog.(defs) id)) - .(Genv_map_defs) (fun blk gd => (do id <- skenv.(Genv.invert_symbol) blk; - assertion(prog.(internals) id); + (Genv_map_defs + ((Genv_filter_symb (Genv_update_publics skenv prog.(prog_public))) (fun id => (defs prog) id)) + (fun blk gd => (do id <- (Genv.invert_symbol skenv) blk; + assertion((internals prog) id); (* assertion(prog.(defs) id); *) (* assertion(negb (is_external gd)); *) (* <--------- this is wrong *) - do gd <- prog.(prog_defmap) ! id; - Some gd)). + do gd <- (prog_defmap prog) ! id; + Some gd))). Lemma match_globdef_is_external_gd (gd1 gd2: globdef (AST.fundef signature) unit) @@ -356,8 +357,8 @@ I think "sim_skenv_monotone" should be sufficient. Inductive wf_proj (skenv: t): Prop := | wf_proj_intro (DEFSYMB: forall blk skd - (DEF: skenv.(Genv.find_def) blk = Some skd), - <> /\ <>). + (DEF: (Genv.find_def skenv) blk = Some skd), + <> /\ <>). Lemma project_spec_preserves_wf skenv @@ -377,33 +378,33 @@ I think "sim_skenv_monotone" should be sufficient. Qed. Definition internals (skenv: t): list block := - List.map fst (skenv.(Genv.genv_defs).(PTree.elements)). + List.map fst (PTree.elements (skenv.(Genv.genv_defs))). (* We will not need this for now. Fix it when we need it (dynamic linking/incremental compilation) *) Definition filter_symbols (skenv: t) (symbols: list ident): t := - skenv.(Genv_filter_symb) (fun id => List.in_dec ident_eq id symbols). + (Genv_filter_symb skenv) (fun id => List.in_dec ident_eq id symbols). (* Note: We only remove definitions. One can still get the address of external identifier. *) Definition revive `{HasExternal F} {V} (skenv: SkEnv.t) (prog: AST.program F V): Genv.t F V := - (skenv.(Genv_map_defs) - (fun blk gd => (do id <- skenv.(Genv.invert_symbol) blk; - do gd <- prog.(prog_defmap) ! id; + (Genv_map_defs (skenv) + (fun blk gd => (do id <- (Genv.invert_symbol skenv) blk; + do gd <- (prog_defmap prog) ! id; (* assertion (negb (is_external gd)); *) Some gd))). Inductive genv_precise `{HasExternal F} {V} (ge: Genv.t F V) (p: program F V): Prop := | genv_compat_intro (P2GE: forall id g - (PROG: p.(prog_defmap) ! id = Some g), + (PROG: (prog_defmap p) ! id = Some g), (exists b, <> /\ <>)) (GE2P: forall b g (DEF: Genv.find_def ge b = Some g), - exists id, <> /\ <> + exists id, <> /\ <> /\ <>) (SYMB2P: forall id blk (SYMB: Genv.find_symbol ge id = Some blk), - <>). + <>). Lemma project_revive_precise F V @@ -413,16 +414,16 @@ I think "sim_skenv_monotone" should be sufficient. skenv_link (* (PROJ: skenv = SkEnv.project skenv_link prog) *) get_sg - (PROJ: SkEnv.project_spec skenv_link prog.(Sk.of_program get_sg) skenv) + (PROJ: SkEnv.project_spec skenv_link (Sk.of_program get_sg prog) skenv) (* (WF: SkEnv.wf skenv_link) *) - (INCL: SkEnv.includes skenv_link prog.(Sk.of_program get_sg)) + (INCL: SkEnv.includes skenv_link (Sk.of_program get_sg prog)) (* (PRECISE: SkEnv.genv_precise (SkEnv.revive skenv prog) prog *) : <> . Proof. assert(H: DUMMY_PROP) by ss. - assert(DEFS: prog.(defs) <1= fun id => is_some (skenv.(Genv.find_symbol) id)). + assert(DEFS: (defs prog) <1= fun id => is_some (Genv.find_symbol (skenv) id)). { ii; ss. u. des_ifs. exfalso. bar. inv PROJ. bar. inv INCL. bar. exploit SYMBKEEP; et. @@ -511,7 +512,7 @@ I think "sim_skenv_monotone" should be sufficient. Definition privs (skenv: SkEnv.t): ident -> bool := fun id => - match skenv.(Genv.find_symbol) id with + match (Genv.find_symbol skenv) id with | Some _ => negb (proj_sumbool (in_dec ident_eq id skenv.(Genv.genv_public))) | None => false end. diff --git a/compose/System.v b/compose/System.v index 1c240959..54be68da 100644 --- a/compose/System.v +++ b/compose/System.v @@ -22,9 +22,9 @@ Section SYSMODSEM. Definition globalenv: genvtype := skenv_link. Definition skenv: SkEnv.t := - skenv_link.(Genv_map_defs)(fun _ gd => + (Genv_map_defs skenv_link)(fun _ gd => match gd with - | Gfun (External ef) => Some (Gfun (Internal (ef.(ef_sig)))) + | Gfun (External ef) => Some (Gfun (Internal (ef_sig (ef)))) | Gfun _ => None | Gvar gv => Some gd end). @@ -51,7 +51,7 @@ Section SYSMODSEM. Inductive step (se: Senv.t) (ge: genvtype): state -> trace -> state -> Prop := | step_intro ef fptr vs m0 v m1 tr - (FPTR: ge.(Genv.find_funct) fptr = Some (External ef)) + (FPTR: (Genv.find_funct ge) fptr = Some (External ef)) (EXTCALL: external_call ef ge vs m0 tr v m1): step se ge (Callstate fptr vs m0) tr (Returnstate v m1). diff --git a/demo/mutrec/IdSimAsmIdInv.v b/demo/mutrec/IdSimAsmIdInv.v index 35e975f7..7400a170 100644 --- a/demo/mutrec/IdSimAsmIdInv.v +++ b/demo/mutrec/IdSimAsmIdInv.v @@ -47,12 +47,12 @@ Local Existing Instance SoundTop.Top. Lemma asm_inj_inv_id (asm: Asm.program) - (WF: Sk.wf asm.(module)) + (WF: Sk.wf (module asm)) : exists mp, (<>) - /\ (<>) - /\ (<>) + /\ (<>) + /\ (<>) . Proof. eexists (ModPair.mk _ _ _); s. diff --git a/demo/mutrec/IdSimClightIdInv.v b/demo/mutrec/IdSimClightIdInv.v index 7aa4c497..aad059bb 100644 --- a/demo/mutrec/IdSimClightIdInv.v +++ b/demo/mutrec/IdSimClightIdInv.v @@ -60,12 +60,12 @@ Inductive match_states_clight_inv Lemma clight_inj_inv_id (clight: Clight.program) - (WF: Sk.wf clight.(module2)) + (WF: Sk.wf (module2 clight)) : exists mp, (<>) - /\ (<>) - /\ (<>) + /\ (<>) + /\ (<>) . Proof. eexists (ModPair.mk _ _ _); s. instantiate (3:= (SimMemInjInvC.mk bot1 _ _)). diff --git a/demo/mutrec/MutrecABspec.v b/demo/mutrec/MutrecABspec.v index b4f85ef5..a8f99c7b 100644 --- a/demo/mutrec/MutrecABspec.v +++ b/demo/mutrec/MutrecABspec.v @@ -26,7 +26,7 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: unit. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) sk_link. + Let skenv: SkEnv.t := (SkEnv.project skenv_link) sk_link. Let ge: SkEnv.t := skenv. Inductive state: Type := @@ -48,9 +48,9 @@ Section MODSEM. Inductive initial_frame (args: Args.t): state -> Prop := | initial_frame1_intro i m func_fg - (FINDF: Genv.find_funct ge args.(Args.fptr) = Some (AST.Internal func_fg)) - (VS: args.(Args.vs) = [Vint i]) - (M: args.(Args.m) = m) + (FINDF: Genv.find_funct ge (Args.fptr args) = Some (AST.Internal func_fg)) + (VS: (Args.vs args) = [Vint i]) + (M: (Args.m args) = m) (RANGE: 0 <= i.(Int.intval) < MAX) : initial_frame args (Callstate i m) diff --git a/demo/mutrec/MutrecAproof.v b/demo/mutrec/MutrecAproof.v index 67b3e82c..5cdf0e4c 100644 --- a/demo/mutrec/MutrecAproof.v +++ b/demo/mutrec/MutrecAproof.v @@ -99,10 +99,10 @@ Variable skenv_link: SkEnv.t. Variable sm_link: SimMem.t. Let md_src: Mod.t := (MutrecAspec.module). Let md_tgt: Mod.t := (ClightC.module2 prog). -Hypothesis (INCL: SkEnv.includes skenv_link md_src.(Mod.sk)). +Hypothesis (INCL: SkEnv.includes skenv_link (Mod.sk md_src)). Hypothesis (WF: SkEnv.wf skenv_link). -Let ge := (SkEnv.project skenv_link md_src.(Mod.sk)). -Let tge := Build_genv (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) prog) prog.(prog_comp_env). +Let ge := (SkEnv.project skenv_link (Mod.sk md_src)). +Let tge := Build_genv (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) prog) prog.(prog_comp_env). Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimMemInjInvC.mk symbol_memoized md_src md_tgt) sm_link. @@ -129,8 +129,8 @@ Inductive match_states (idx: nat) (st_src0: MutrecAspec.state) (st_tgt0: Clight.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: match_states_internal idx st_src0 st_tgt0) - (MCOMPATSRC: st_src0.(get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(ClightC.get_mem) = sm0.(SimMem.tgt)) + (MCOMPATSRC: (get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (ClightC.get_mem st_tgt0) = sm0.(SimMem.tgt)) (MWF: SimMem.wf sm0) . diff --git a/demo/mutrec/MutrecAspec.v b/demo/mutrec/MutrecAspec.v index dce562b6..b65b4bb9 100644 --- a/demo/mutrec/MutrecAspec.v +++ b/demo/mutrec/MutrecAspec.v @@ -18,7 +18,7 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: unit. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) prog.(CSk.of_program signature_of_function). + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (CSk.of_program signature_of_function prog). Inductive state: Type := | Callstate @@ -44,10 +44,10 @@ Section MODSEM. | initial_frame1_intro i m blk (SYMB: Genv.find_symbol skenv f_id = Some blk) - (FPTR: args.(Args.fptr) = Vptr blk Ptrofs.zero) + (FPTR: (Args.fptr args) = Vptr blk Ptrofs.zero) (RANGE: 0 <= i.(Int.intval) < MAX) - (VS: args.(Args.vs) = [Vint i]) - (M: args.(Args.m) = m) + (VS: (Args.vs args) = [Vint i]) + (M: (Args.m args) = m) : initial_frame args (Callstate i m) . @@ -64,10 +64,10 @@ Section MODSEM. | after_external_intro i m retv i_after - (INT: retv.(Retv.v) = Vint i_after) + (INT: (Retv.v retv) = Vint i_after) (SUM: i_after = sum (Int.sub i Int.one)) : - after_external (Interstate i m) retv (Returnstate (sum i) retv.(Retv.m)) + after_external (Interstate i m) retv (Returnstate (sum i) (Retv.m retv)) . Inductive step (se: Senv.t) (ge: SkEnv.t): state -> trace -> state -> Prop := diff --git a/demo/mutrec/MutrecBproof.v b/demo/mutrec/MutrecBproof.v index 53dbb55d..b505c75b 100644 --- a/demo/mutrec/MutrecBproof.v +++ b/demo/mutrec/MutrecBproof.v @@ -116,10 +116,10 @@ Variable skenv_link: SkEnv.t. Variable sm_link: SimMem.t. Let md_src: Mod.t := (MutrecBspec.module). Let md_tgt: Mod.t := (AsmC.module prog). -Hypothesis (INCL: SkEnv.includes skenv_link md_src.(Mod.sk)). +Hypothesis (INCL: SkEnv.includes skenv_link (Mod.sk md_src)). Hypothesis (WF: SkEnv.wf skenv_link). -Let tge := (skenv_link.(SkEnv.project) prog.(Sk.of_program fn_sig)).(SkEnv.revive) prog. +Let tge := (SkEnv.revive ((SkEnv.project skenv_link) (Sk.of_program fn_sig prog))) prog. Definition msp: ModSemPair.t := ModSemPair.mk (md_src skenv_link) (md_tgt skenv_link) (SimMemInjInvC.mk symbol_memoized md_src md_tgt) sm_link. @@ -127,7 +127,7 @@ Inductive well_saved (initstk stk: block) : regset -> regset -> mem -> Prop := | well_saved_intro (init_rs rs: regset) m - (INITSIG: tge.(Genv.find_funct) (init_rs # PC) = Some (Internal func_g)) + (INITSIG: (Genv.find_funct tge) (init_rs # PC) = Some (Internal func_g)) (INITRSPVAL: init_rs RSP = Vptr initstk Ptrofs.zero) (RANOTFPTR: forall blk ofs (RAVAL: init_rs RA = Vptr blk ofs), ~ Plt blk (Genv.genv_next skenv_link)) @@ -136,7 +136,7 @@ Inductive well_saved (initstk stk: block) (RASAVED: Mem.loadv Mptr m (Val.offset_ptr (rs RSP) (Ptrofs.repr 16)) = Some (init_rs RA)) (RSPSAVED: Mem.loadv Mptr m (Val.offset_ptr (rs RSP) Ptrofs.zero) = Some (init_rs RSP)) (REGSAVED: forall mr (CALLEESAVE: Conventions1.is_callee_save mr) - (INREG: mr <> Machregs.BX), init_rs mr.(to_preg) = rs mr.(to_preg)) + (INREG: mr <> Machregs.BX), init_rs (to_preg mr) = rs (to_preg mr)) (REGSAVEDSTK: Mem.loadv Many64 m (Val.addl (rs RSP) (Vlong (Int64.repr 8))) = Some (init_rs RBX)) : well_saved @@ -149,7 +149,7 @@ Lemma well_saved_keep init_rs initstk stk rs0 rs1 m0 m1 init_rs rs0 m0) (REGSAME: forall mr (CALLEESAVE: Conventions1.is_callee_save mr) (INREG: mr <> Machregs.BX), - rs0 mr.(to_preg) = rs1 mr.(to_preg)) + rs0 (to_preg mr) = rs1 (to_preg mr)) (RSPSAME: rs0 RSP = rs1 RSP) (UNCHSTK: Mem.unchanged_on (fun blk _ => blk = stk) m0 m1) @@ -348,7 +348,7 @@ Lemma match_states_lxsim . Proof. destruct (Genv.find_symbol - ((skenv_link.(SkEnv.project) prog.(Sk.of_program fn_sig)).(SkEnv.revive) prog) + ((SkEnv.revive ((SkEnv.project skenv_link) (Sk.of_program fn_sig prog))) prog) _memoized) as [b_memo|] eqn:BLK; cycle 1. { exfalso. clear - INCL BLK. inversion INCL; subst. exploit DEFS; eauto. diff --git a/demo/mutrec/MutrecBspec.v b/demo/mutrec/MutrecBspec.v index a8512e9c..3dca51e5 100644 --- a/demo/mutrec/MutrecBspec.v +++ b/demo/mutrec/MutrecBspec.v @@ -17,7 +17,7 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: unit. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) prog.(Sk.of_program fn_sig). + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (Sk.of_program fn_sig prog). Inductive state: Type := | Callstate @@ -41,10 +41,10 @@ Section MODSEM. | initial_frame1_intro i m blk (SYMB: Genv.find_symbol skenv g_id = Some blk) - (FPTR: args.(Args.fptr) = Vptr blk Ptrofs.zero) + (FPTR: (Args.fptr args) = Vptr blk Ptrofs.zero) (RANGE: 0 <= i.(Int.intval) < MAX) - (VS: args.(Args.vs) = [Vint i]) - (M: args.(Args.m) = m) : + (VS: (Args.vs args) = [Vint i]) + (M: (Args.m args) = m) : initial_frame args (Callstate i m). Inductive at_external: state -> Args.t -> Prop := @@ -57,9 +57,9 @@ Section MODSEM. | after_external_intro i m retv i_after - (INT: retv.(Retv.v) = Vint i_after) + (INT: (Retv.v retv) = Vint i_after) (SUM: i_after = sum (Int.sub i Int.one)) : - after_external (Interstate i m) retv (Returnstate (sum i) retv.(Retv.m)). + after_external (Interstate i m) retv (Returnstate (sum i) (Retv.m retv)). Inductive step (se: Senv.t) (ge: SkEnv.t): state -> trace -> state -> Prop := | step_sum diff --git a/demo/mutrec/MutrecRefinement.v b/demo/mutrec/MutrecRefinement.v index 299b8a94..78d2134c 100644 --- a/demo/mutrec/MutrecRefinement.v +++ b/demo/mutrec/MutrecRefinement.v @@ -30,7 +30,7 @@ Definition mutrec_relations := Lemma asm_self_related (asm: Asm.program) : - self_related mutrec_relations [asm.(AsmC.module)]. + self_related mutrec_relations [(AsmC.module asm)]. Proof. intros r RELIN. unfold mutrec_relations in *. ss. des; clarify; eapply relate_single_program; intros WF. @@ -39,7 +39,7 @@ Qed. Lemma clight_self_related (cls: Clight.program) : - self_related mutrec_relations [cls.(ClightC.module2)]. + self_related mutrec_relations [(ClightC.module2 cls)]. Proof. intros r RELIN. unfold mutrec_relations in *. ss. des; clarify; eapply relate_single_program; intros WF. @@ -52,7 +52,7 @@ Lemma asms_self_related (asms: list Asm.program) Proof. induction asms; ss; ii. exploit IHasms; ss; eauto. i. - eapply (@program_relation.horizontal _ [a.(AsmC.module)] _ [a.(AsmC.module)]); eauto. + eapply (@program_relation.horizontal _ [(AsmC.module a)] _ [(AsmC.module a)]); eauto. eapply asm_self_related; eauto. Qed. @@ -62,7 +62,7 @@ Lemma clights_self_related (cls: list Clight.program) Proof. induction cls; ss; ii. exploit IHcls; ss; eauto. i. - eapply (@program_relation.horizontal _ [a.(ClightC.module2)] _ [a.(ClightC.module2)]); eauto. + eapply (@program_relation.horizontal _ [(ClightC.module2 a)] _ [(ClightC.module2 a)]); eauto. eapply clight_self_related; eauto. Qed. @@ -91,7 +91,7 @@ Qed. Lemma MutrecA_rusc : - rusc mutrec_relations [MutrecAspec.module] [MutrecA.prog.(ClightC.module2)]. + rusc mutrec_relations [MutrecAspec.module] [(ClightC.module2 MutrecA.prog)]. Proof. eapply (@relate_single_rusc _ @@ -104,7 +104,7 @@ Qed. Lemma MutrecB_rusc : - rusc mutrec_relations [MutrecBspec.module] [MutrecB.prog.(AsmC.module)]. + rusc mutrec_relations [MutrecBspec.module] [(AsmC.module MutrecB.prog)]. Proof. eapply (@relate_single_rusc _ @@ -127,7 +127,7 @@ Lemma MutrecAB_impl_rusc : rusc mutrec_relations [MutrecABspec.module] - [MutrecA.prog.(ClightC.module2); MutrecB.prog.(AsmC.module)]. + [(ClightC.module2 MutrecA.prog); (AsmC.module MutrecB.prog)]. Proof. etrans. - eapply rusc_mon; [|eapply MutrecAB_AB_rusc]; ss. @@ -146,7 +146,7 @@ Theorem Mutrec_correct (hands: list Asm.program) : improves (sem ((map ClightC.module2 srcs) ++ (map AsmC.module hands) ++ [MutrecABspec.module])) - (sem ((map ClightC.module2 srcs) ++ (map AsmC.module hands) ++ [MutrecA.prog.(ClightC.module2); MutrecB.prog.(AsmC.module)])). + (sem ((map ClightC.module2 srcs) ++ (map AsmC.module hands) ++ [(ClightC.module2 MutrecA.prog); (AsmC.module MutrecB.prog)])). Proof. replace (map ClightC.module2 srcs ++ map AsmC.module hands ++ [MutrecABspec.module]) with ((map ClightC.module2 srcs ++ map AsmC.module hands) ++ [MutrecABspec.module]); cycle 1. diff --git a/demo/mutrec/SimMemInjInvC.v b/demo/mutrec/SimMemInjInvC.v index 5b9ba855..8e836a4f 100644 --- a/demo/mutrec/SimMemInjInvC.v +++ b/demo/mutrec/SimMemInjInvC.v @@ -317,7 +317,7 @@ Section SIMSYMBINV. id (IN: (ss1 -1 ss0) id) , - <> /\ <>) + <> /\ <>) (SKLESRC: linkorder ss0.(src) ss1.(src)) (SKLETGT: linkorder ss0.(tgt) ss1.(tgt)) . @@ -363,13 +363,13 @@ Section SIMSYMBINV. (SKSAME: ss.(src) = ss.(tgt)) (CLOSED: forall id (SS: ss id), exists g, - (<>) /\ + (<>) /\ (<>) /\ (<>)) (NOMAIN: ~ ss ss.(src).(prog_main)) (NOREF: forall id gv - (PROG: ss.(tgt).(prog_defmap) ! id = Some (Gvar gv)) + (PROG: (prog_defmap ss.(tgt)) ! id = Some (Gvar gv)) , <>) . @@ -390,7 +390,7 @@ Section SIMSYMBINV. Inductive sim_skenv_inj (sm: SimMemInjInv.t') (ss: t') (skenv_src skenv_tgt: SkEnv.t): Prop := | sim_skenv_inj_intro - (INVCOMPAT: forall id blk (FIND: skenv_tgt.(Genv.find_symbol) id = Some blk), + (INVCOMPAT: forall id blk (FIND: (Genv.find_symbol skenv_tgt) id = Some blk), ss id <-> sm.(mem_inv_tgt) blk) (PUBKEPT: (fun id => In id skenv_src.(Genv.genv_public)) <1= ~1 ss) (INJECT: skenv_inject skenv_src sm.(SimMemInj.inj) sm.(mem_inv_tgt)) @@ -529,9 +529,9 @@ Section SIMSYMBINV. unfold ref_init in *. des. esplits; ss; eauto. } { eapply H1; eauto. } - { zsimpl. rewrite nat_of_Z_eq. + { zsimpl. rewrite Z2Nat.id. - eapply H1; eauto. - - eapply init_data_list_size_pos. } + - hexploit (init_data_list_size_pos (gvar_init v)); eauto. i. xomega. } - i. des_ifs. - i. des_ifs. - ii. des_ifs. eapply mi_no_overlap; eauto; des_ifs. @@ -668,7 +668,7 @@ Section SIMSYMBINV. else None). eexists (SimMemInjInv.mk (SimMemInj.mk _ _ j bot2 bot2 (Mem.nextblock m_src) (Mem.nextblock m_src) _ _) _ _). ss. instantiate (1:=fun blk => exists id, - (<>) /\ + (<>) /\ (<>)). unfold Sk.load_mem, Sk.load_skenv in *. dup LOADMEMSRC. apply Genv.init_mem_genv_next in LOADMEMSRC. diff --git a/demo/unreadglob/IdSimAsmDropInv.v b/demo/unreadglob/IdSimAsmDropInv.v index 3fcba333..d81100b6 100644 --- a/demo/unreadglob/IdSimAsmDropInv.v +++ b/demo/unreadglob/IdSimAsmDropInv.v @@ -46,12 +46,12 @@ Local Existing Instance SoundTop.Top. Lemma asm_inj_inv_drop (asm: Asm.program) - (WF: Sk.wf asm.(module)) + (WF: Sk.wf (module asm)) : exists mp, (<>) - /\ (<>) - /\ (<>) + /\ (<>) + /\ (<>) . Proof. eexists (ModPair.mk _ _ _); s. diff --git a/demo/unreadglob/IdSimClightDropInv.v b/demo/unreadglob/IdSimClightDropInv.v index ac49c976..7a3fb8d9 100644 --- a/demo/unreadglob/IdSimClightDropInv.v +++ b/demo/unreadglob/IdSimClightDropInv.v @@ -60,12 +60,12 @@ Inductive match_states_clight_inv Lemma clight_inj_inv_drop (clight: Clight.program) - (WF: Sk.wf clight.(module2)) + (WF: Sk.wf (module2 clight)) : exists mp, (<>) - /\ (<>) - /\ (<>) + /\ (<>) + /\ (<>) . Proof. eexists (ModPair.mk _ _ _); s. diff --git a/demo/unreadglob/SimSymbDropInv.v b/demo/unreadglob/SimSymbDropInv.v index 2cd210bb..c505d770 100644 --- a/demo/unreadglob/SimSymbDropInv.v +++ b/demo/unreadglob/SimSymbDropInv.v @@ -41,15 +41,15 @@ Inductive wf (ss: t'): Prop := | sim_sk_intro (KEPT: forall id (KEPT: ~ ss id), - ss.(tgt).(prog_defmap) ! id = ss.(src).(prog_defmap) ! id) + (prog_defmap ss.(tgt)) ! id = (prog_defmap ss.(src)) ! id) (DROP: forall id (DROP: ss id), - ss.(tgt).(prog_defmap) ! id = None) - (CLOSED: ss <1= ss.(src).(privs)) + (prog_defmap ss.(tgt)) ! id = None) + (CLOSED: ss <1= (privs ss.(src))) (PUB: ss.(src).(prog_public) = ss.(tgt).(prog_public)) (MAIN: ss.(src).(prog_main) = ss.(tgt).(prog_main)) (NOREF: forall id gv - (PROG: ss.(tgt).(prog_defmap) ! id = Some (Gvar gv)), + (PROG: (prog_defmap ss.(tgt)) ! id = Some (Gvar gv)), <>) (NODUP: NoDup (prog_defs_names ss.(tgt))) (NOMAIN: ~ ss ss.(src).(prog_main)). @@ -59,41 +59,41 @@ Inductive sim_skenv (sm0: SimMem.t) (ss: t') (skenv_src skenv_tgt: SkEnv.t): Pro (SIMSYMB1: forall id blk_src blk_tgt delta (SIMVAL: sm0.(SimMemInj.inj) blk_src = Some (blk_tgt, delta)) - (BLKSRC: skenv_src.(Genv.find_symbol) id = Some blk_src) + (BLKSRC: (Genv.find_symbol skenv_src) id = Some blk_src) , (<>) /\ - (<>) /\ + (<>) /\ (<>) ) (SIMSYMB2: forall id (KEPT: ~ ss id) blk_src - (BLKSRC: skenv_src.(Genv.find_symbol) id = Some blk_src) + (BLKSRC: (Genv.find_symbol skenv_src) id = Some blk_src) , exists blk_tgt, - (<>) /\ + (<>) /\ (<>)) (SIMSYMB3: forall id blk_tgt - (BLKTGT: skenv_tgt.(Genv.find_symbol) id = Some blk_tgt) + (BLKTGT: (Genv.find_symbol skenv_tgt) id = Some blk_tgt) , exists blk_src, - (<>) /\ + (<>) /\ (<>) ) (SSINV: forall id blk_src (KEPT: ss id) - (BLKSRC: skenv_src.(Genv.find_symbol) id = Some blk_src) + (BLKSRC: (Genv.find_symbol skenv_src) id = Some blk_src) , sm0.(SimMemInjInv.mem_inv_src) blk_src) (SIMDEF: forall blk_src blk_tgt delta def_src (SIMVAL: sm0.(SimMemInj.inj) blk_src = Some (blk_tgt, delta)) - (DEFSRC: skenv_src.(Genv.find_def) blk_src = Some def_src) + (DEFSRC: (Genv.find_def skenv_src) blk_src = Some def_src) , - exists def_tgt, (<>) /\ + exists def_tgt, (<>) /\ (<>) /\ (<>)) (DISJ: forall @@ -106,9 +106,9 @@ Inductive sim_skenv (sm0: SimMem.t) (ss: t') (skenv_src skenv_tgt: SkEnv.t): Pro (SIMDEFINV: forall blk_src blk_tgt delta def_tgt (SIMVAL: sm0.(SimMemInj.inj) blk_src = Some (blk_tgt, delta)) - (DEFTGT: skenv_tgt.(Genv.find_def) blk_tgt = Some def_tgt) + (DEFTGT: (Genv.find_def skenv_tgt) blk_tgt = Some def_tgt) , - exists def_src, (<>) /\ + exists def_src, (<>) /\ (<>) /\ (<>)) (PUBKEPT: (fun id => In id skenv_src.(Genv.genv_public)) <1= ~1 ss) @@ -159,10 +159,10 @@ Definition sim_skenv_splittable (sm0: SimMem.t) (ss: t') (skenv_src skenv_tgt: S (<>) /\ - (<>) /\ + (<>) /\ (<>) >>) /\ @@ -170,34 +170,34 @@ Definition sim_skenv_splittable (sm0: SimMem.t) (ss: t') (skenv_src skenv_tgt: S id (KEPT: ~ ss id) blk_src - (BLKSRC: skenv_src.(Genv.find_symbol) id = Some blk_src) + (BLKSRC: (Genv.find_symbol skenv_src) id = Some blk_src) , exists blk_tgt, - (<>) /\ + (<>) /\ (<>)>>) /\ (<>) /\ + (<>) /\ (<>) >>) /\ (<>) /\ (<>) /\ + exists def_tgt, (<>) /\ (<>) /\ (<>)>>) /\ @@ -212,9 +212,9 @@ Definition sim_skenv_splittable (sm0: SimMem.t) (ss: t') (skenv_src skenv_tgt: S (<>) /\ + exists def_src, (<>) /\ (<>) /\ (<>)>>) /\ @@ -241,7 +241,7 @@ Inductive le (ss0: t') (ss1: t'): Prop := id (IN: (ss1 -1 ss0) id) , - <> /\ <>) + <> /\ <>) (SKLESRC: linkorder ss0.(src) ss1.(src)) (SKLETGT: linkorder ss0.(tgt) ss1.(tgt)) . @@ -252,7 +252,7 @@ Lemma linkorder_defs (p0 p1: AST.program F V) (LINKORD: linkorder p0 p1) : - <> + <> . Proof. inv LINKORD. @@ -685,11 +685,11 @@ Next Obligation. generalize (S1 NO). unfold Mem.loadbytes. destruct Mem.range_perm_dec; intros E1; inv E1. generalize (S2 NO). unfold Mem.loadbytes. destruct Mem.range_perm_dec; intros E2; inv E2. rewrite Z.add_0_r. - apply Mem_getN_forall2 with (p := 0) (n := nat_of_Z (init_data_list_size (gvar_init v))). + apply Mem_getN_forall2 with (p := 0) (n := Z.to_nat (init_data_list_size (gvar_init v))). rewrite H3, H4. eapply bytes_of_init_inject; et. { ii. inv SIMSK. eapply NOREF; et. eapply Genv.find_def_symbol. eexists. split; et. } omega. - rewrite nat_of_Z_eq by (apply init_data_list_size_pos). omega. + rewrite Z2Nat.id; try xomega. } - destruct ((init_meminj ss.(src) ss.(tgt)) b) as [[b' delta]|] eqn:INJ; auto. elim H. exploit init_meminj_invert; eauto. intros (A & id & B & C & D). diff --git a/demo/unreadglob/UnreadglobproofC.v b/demo/unreadglob/UnreadglobproofC.v index 76fb25fa..5e8a35c4 100644 --- a/demo/unreadglob/UnreadglobproofC.v +++ b/demo/unreadglob/UnreadglobproofC.v @@ -31,16 +31,16 @@ Variable prog: RTL.program. Variable tprog: RTL.program. Let md_src: Mod.t := (RTLC.module prog). Let md_tgt: Mod.t := (RTLC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link_src md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link_tgt md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link_src (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link_tgt (Mod.sk md_tgt)). Hypothesis (WFSRC: SkEnv.wf skenv_link_src). Hypothesis (WFTGT: SkEnv.wf skenv_link_tgt). Hypothesis TRANSL: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link_src md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link_tgt md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link_src (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link_tgt (Mod.sk md_tgt)) tprog). Definition msp: ModSemPair.t := - ModSemPair.mk (md_src.(Mod.modsem) skenv_link_src) (md_tgt.(Mod.modsem) skenv_link_tgt) - (SimSymbDropInv.mk (prog.(defs) -1 tprog.(defs) -1 (Pos.eq_dec tprog.(prog_main))) md_src md_tgt) + ModSemPair.mk (Mod.modsem (md_src) skenv_link_src) (Mod.modsem (md_tgt) skenv_link_tgt) + (SimSymbDropInv.mk (defs (prog) -1 (defs tprog) -1 (Pos.eq_dec tprog.(prog_main))) md_src md_tgt) sm_link . @@ -48,8 +48,8 @@ Inductive match_states (idx: nat) (st_src0: RTL.state) (st_tgt0: RTL.state) (sm0: SimMem.t): Prop := | match_states_intro (MATCHST: Unreadglobproof.match_states prog tprog (used_set tprog) skenv_link_src skenv_link_tgt ge tge st_src0 st_tgt0 sm0) - (MCOMPATSRC: st_src0.(RTL.get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(RTL.get_mem) = sm0.(SimMem.tgt)) + (MCOMPATSRC: (RTL.get_mem st_src0) = sm0.(SimMem.src)) + (MCOMPATTGT: (RTL.get_mem st_tgt0) = sm0.(SimMem.tgt)) . Lemma find_funct_inject @@ -71,8 +71,8 @@ Theorem sim_skenv_meminj_preserves_globals sm_arg (SIMSKENV: SimSymbDropInv.sim_skenv - sm_arg (SimSymbDropInv.mk (prog.(defs) -1 tprog.(defs) -1 (Pos.eq_dec tprog.(prog_main))) md_src md_tgt) - (SkEnv.project skenv_link_src md_src.(Mod.sk)) (SkEnv.project skenv_link_tgt md_tgt.(Mod.sk))) + sm_arg (SimSymbDropInv.mk (defs (prog) -1 (defs tprog) -1 (Pos.eq_dec tprog.(prog_main))) md_src md_tgt) + (SkEnv.project skenv_link_src (Mod.sk md_src)) (SkEnv.project skenv_link_tgt (Mod.sk md_tgt))) : <> . @@ -284,7 +284,7 @@ Variable tprog: RTL.program. Hypothesis TRANSL: match_prog prog tprog. Definition mp: ModPair.t := - ModPair.mk (RTLC.module prog) (RTLC.module tprog) (SimSymbDropInv.mk (prog.(defs) -1 tprog.(defs) -1 (Pos.eq_dec tprog.(prog_main))) (RTLC.module prog) (RTLC.module tprog)) + ModPair.mk (RTLC.module prog) (RTLC.module tprog) (SimSymbDropInv.mk (defs (prog) -1 (defs tprog) -1 (Pos.eq_dec tprog.(prog_main))) (RTLC.module prog) (RTLC.module tprog)) . Theorem sim_mod diff --git a/demo/utod/DemoSpec.v b/demo/utod/DemoSpec.v index dc2d1e98..168c9b2b 100644 --- a/demo/utod/DemoSpec.v +++ b/demo/utod/DemoSpec.v @@ -22,15 +22,15 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: unit. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) prog.(Sk.of_program id). + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (Sk.of_program id prog). Record state := mkstate { get_arg: int64; get_mem: mem; }. Inductive initial_frame (args: Args.t): state -> Prop := | initial_frame1_intro st - (VS: args.(Args.vs) = [Vlong st.(get_arg)]) - (M: args.(Args.m) = st.(get_mem)) + (VS: (Args.vs args) = [Vlong st.(get_arg)]) + (M: (Args.m args) = st.(get_mem)) : initial_frame args st . diff --git a/demo/utod/DemoSpecProof.v b/demo/utod/DemoSpecProof.v index 2830ec85..133eb423 100644 --- a/demo/utod/DemoSpecProof.v +++ b/demo/utod/DemoSpecProof.v @@ -16,14 +16,14 @@ Require DemoTarget. Require Import DemoHeader. Require Import Floats Integers IntegersC. -Require Import Fappli_rnd_odd. +(* Require Import Fappli_rnd_odd. *) Definition round_to_odd (v: val): val := Val.orl (Val.shrlu v (Vint Int.one)) (Val.andl v (Vlong Int64.one)). Lemma arithmetic_fact l : Val.floatoflongu (Vlong l) = - if zlt l.(Int64.unsigned) Int64.half_modulus + if zlt (Int64.unsigned l) Int64.half_modulus then Val.floatoflong (Vlong l) else match Val.floatoflong (round_to_odd (Vlong l)) with diff --git a/driver/CompilerC.v b/driver/CompilerC.v index 91b71784..c3eedb6b 100644 --- a/driver/CompilerC.v +++ b/driver/CompilerC.v @@ -87,7 +87,7 @@ Definition CompCert_relations_list: list program_relation.t := Definition CompCert_relations := (fun r => In r CompCert_relations_list). Lemma asm_self_related (asm: Asm.program): - self_related CompCert_relations [asm.(AsmC.module)]. + self_related CompCert_relations [(AsmC.module asm)]. Proof. intros r RELIN. unfold CompCert_relations in *. ss. des; clarify; eapply relate_single_program; intros WF. @@ -104,12 +104,12 @@ Lemma asms_self_related (asms: list Asm.program): Proof. induction asms; ss; ii. exploit IHasms; ss; eauto. i. - eapply (@program_relation.horizontal _ [a.(AsmC.module)] _ [a.(AsmC.module)]); eauto. + eapply (@program_relation.horizontal _ [(AsmC.module a)] _ [(AsmC.module a)]); eauto. eapply asm_self_related; eauto. Qed. Lemma clight_self_related (cl: Clight.program): - self_related CompCert_relations [cl.(ClightC.module2)]. + self_related CompCert_relations [(ClightC.module2 cl)]. Proof. intros r RELIN. unfold CompCert_relations in *. ss. des; clarify; eapply relate_single_program; intros WF. @@ -126,7 +126,7 @@ Lemma clights_self_related (cls: list Clight.program): Proof. induction cls; ss; ii. exploit IHcls; ss; eauto. i. - eapply (@program_relation.horizontal _ [a.(ClightC.module2)] _ [a.(ClightC.module2)]); eauto. + eapply (@program_relation.horizontal _ [(ClightC.module2 a)] _ [(ClightC.module2 a)]); eauto. eapply clight_self_related; eauto. Qed. @@ -139,7 +139,7 @@ Section Cstrategy. (TRANSF: src = tgt): relate_single SimMemId.SimMemId SimMemId.SimSymbId SoundTop.Top - (CsemC.module src) (CstrategyC.module tgt).(Mod.Atomic.trans). + (CsemC.module src) (Mod.Atomic.trans (CstrategyC.module tgt)). Proof. unfold relate_single. clarify. exploit CstrategyproofC.sim_mod; eauto. esplits; eauto; ss. Qed. @@ -155,7 +155,7 @@ Section SimplExpr. (TRANSF: SimplExpr.transl_program src = OK tgt): relate_single SimMemId.SimMemId SimMemId.SimSymbId SoundTop.Top - (CstrategyC.module src).(Mod.Atomic.trans) (ClightC.module1 tgt). + (Mod.Atomic.trans (CstrategyC.module src)) (ClightC.module1 tgt). Proof. unfold relate_single. exploit SimplExprproofC.sim_mod; i; esplits; eauto; ss. eapply SimplExprproof.transf_program_match; eauto. @@ -580,7 +580,7 @@ Lemma compiler_single_rusc (src: Clight.program) (tgt: Asm.program) (TRANSF: transf_clight_program src = OK tgt): - rusc CompCert_relations [src.(ClightC.module2)] [tgt.(AsmC.module)]. + rusc CompCert_relations [(ClightC.module2 src)] [(AsmC.module tgt)]. Proof. unfold transf_clight_program in *. unfold transf_cminor_program in *. unfold transf_rtl_program in *. unfold time in *. unfold print in *. cbn in *. unfold apply_total, apply_partial in *. des_ifs_safe. diff --git a/driver/SepComp.v b/driver/SepComp.v index b486e6e1..161811c8 100644 --- a/driver/SepComp.v +++ b/driver/SepComp.v @@ -29,7 +29,7 @@ Theorem separate_compilation_correct (TYPECHECKLINK: CsemC.typechecked builtins src_link) (LINK: link_list srcs = Some src_link) (MAIN: exists main_f, - (<>) /\ + (<>) /\ (<>)) (TR: Errors.mmap transf_c_program srcs = Errors.OK tgts): (<>) \/ diff --git a/lib/CoqlibC.v b/lib/CoqlibC.v index f328501e..2b447e33 100644 --- a/lib/CoqlibC.v +++ b/lib/CoqlibC.v @@ -39,9 +39,9 @@ Ltac determ_tac LEMMA := (* TODO: if it is mature enough, move it to sflib & remove this file *) -Definition update_fst {A B C: Type} (f: A -> C) (ab: A * B): C * B := (f ab.(fst), ab.(snd)). +Definition update_fst {A B C: Type} (f: A -> C) (ab: A * B): C * B := (f (fst ab), (snd ab)). -Definition update_snd {A B C: Type} (f: B -> C) (ab: A * B): A * C := (ab.(fst), f ab.(snd)). +Definition update_snd {A B C: Type} (f: B -> C) (ab: A * B): A * C := ((fst ab), f (snd ab)). Lemma dep_split_right (A B: Prop) (PA: A) @@ -96,7 +96,7 @@ Definition is_none {X} := negb <*> (@is_some X). Hint Unfold is_some is_none. -Notation "x $" := (x.(proj1_sig)) (at level 50, no associativity (* , only parsing *)). +Notation "x $" := ((proj1_sig x)) (at level 50, no associativity (* , only parsing *)). Notation top1 := (fun _ => True). Notation top2 := (fun _ _ => True). @@ -276,10 +276,10 @@ Definition o_join A (a: option (option A)): option A := Definition o_bind A B (oa: option A) (f: A -> option B): option B := o_join (o_map oa f). Hint Unfold o_map o_join o_bind. -Definition curry2 A B C (f: A -> B -> C): (A * B) -> C := fun ab => f ab.(fst) ab.(snd). +Definition curry2 A B C (f: A -> B -> C): (A * B) -> C := fun ab => f (fst ab) (snd ab). Definition o_bind2 A B C (oab: option (A * B)) (f: A -> B -> option C) : option C := -o_join (o_map oab f.(curry2)). +o_join (o_map oab (curry2 f)). (* Notation "o >>= f" := (o_bind o f) (at level 50, no associativity) : option_monad_scope. *) @@ -1047,14 +1047,14 @@ Qed. Lemma pos_elim_succ: forall p, <> \/ - <>. + <>. Proof. i. hexploit (Pos.succ_pred_or p); eauto. i; des; ss; eauto. Qed. Lemma ple_elim_succ p q (PLE: Ple p q): <> \/ - <>. + <>. Proof. revert_until p. pattern p. apply Pos.peano_ind; clear p; i. { hexploit (pos_elim_succ q); eauto. i. des; clarify; eauto. right. r. xomega. } @@ -1077,10 +1077,10 @@ Variable A B C D: Type. Variable f: A -> B -> C -> D. Let put_dummy_arg_without_filp A DUMMY B: (A -> B) -> (A -> DUMMY -> B) := fun f => (fun a _ => f a). -Let put_dummy_arg1 A DUMMY B: (A -> B) -> (A -> DUMMY -> B) := fun f => (fun _ => f).(flip). -Let put_dummy_arg21 A DUMMY B C: (A -> B -> C) -> (A -> DUMMY -> B -> C) := fun f => (fun _ => f).(flip). +Let put_dummy_arg1 A DUMMY B: (A -> B) -> (A -> DUMMY -> B) := fun f => (flip (fun _ => f)). +Let put_dummy_arg21 A DUMMY B C: (A -> B -> C) -> (A -> DUMMY -> B -> C) := fun f => (flip (fun _ => f)). Let put_dummy_arg22 A B DUMMY C: (A -> B -> C) -> (A -> B -> DUMMY -> C) := - fun f => (fun _ => f).(flip).(flip2). + fun f => (flip2 (flip (fun _ => f))). End FLIPS. Hint Unfold flip2 flip3 flip4. @@ -1100,7 +1100,7 @@ Local Transparent list_nth_z. Lemma list_nth_z_eq A (l: list A) z (POS: 0 <= z): - list_nth_z l z = List.nth_error l z.(Z.to_nat). + list_nth_z l z = List.nth_error l (Z.to_nat z). Proof. ginduction l; ii; ss. - destruct ((Z.to_nat z)); ss. diff --git a/proof/AdequacyLocal.v b/proof/AdequacyLocal.v index a70d217e..9359b190 100644 --- a/proof/AdequacyLocal.v +++ b/proof/AdequacyLocal.v @@ -38,8 +38,8 @@ Section SIMGE. (GETGT: ge_tgt = (map (ModSemPair.tgt) msps)) (SIMSKENVLINK: exists ss_link, SimSymb.sim_skenv sm0 ss_link skenv_link_src skenv_link_tgt) (MFUTURE: List.Forall (fun msp => SimMem.future msp.(ModSemPair.sm) sm0) msps) - (SESRC: List.Forall (fun ms => ms.(ModSem.to_semantics).(symbolenv) = skenv_link_src) ge_src) - (SETGT: List.Forall (fun ms => ms.(ModSem.to_semantics).(symbolenv) = skenv_link_tgt) ge_tgt): + (SESRC: List.Forall (fun ms => (ModSem.to_semantics ms).(symbolenv) = skenv_link_src) ge_src) + (SETGT: List.Forall (fun ms => (ModSem.to_semantics ms).(symbolenv) = skenv_link_tgt) ge_tgt): sim_ge sm0 (ge_src, skenv_link_src) (ge_tgt, skenv_link_tgt). Lemma find_fptr_owner_fsim @@ -108,8 +108,8 @@ Section SIMGE. sm_init mp skenv_src skenv_tgt ss_link (WFSRC: SkEnv.wf skenv_src) (WFTGT: SkEnv.wf skenv_tgt) - (INCLSRC: SkEnv.includes skenv_src mp.(ModPair.src).(Mod.sk)) - (INCLTGT: SkEnv.includes skenv_tgt mp.(ModPair.tgt).(Mod.sk)) + (INCLSRC: SkEnv.includes skenv_src (Mod.sk mp.(ModPair.src))) + (INCLTGT: SkEnv.includes skenv_tgt (Mod.sk mp.(ModPair.tgt))) (SIMMP: ModPair.sim mp) (LESS: SimSymb.le (ModPair.ss mp) ss_link) (SIMSKENV: SimSymb.sim_skenv sm_init ss_link skenv_src skenv_tgt): @@ -125,8 +125,8 @@ Section SIMGE. pp p_src p_tgt ss_link skenv_link_src skenv_link_tgt m_src (NOTNIL: pp <> []) (SIMPROG: ProgPair.sim pp) - (PSRC: p_src = pp.(ProgPair.src)) - (PTGT: p_tgt = pp.(ProgPair.tgt)) + (PSRC: p_src = (ProgPair.src pp)) + (PTGT: p_tgt = (ProgPair.tgt pp)) (SSLE: Forall (fun mp => SimSymb.le (ModPair.ss mp) ss_link) pp) (SIMSK: SimSymb.wf ss_link) (SKSRC: link_sk p_src = Some ss_link.(SimSymb.src)) @@ -143,16 +143,16 @@ Section SIMGE. /\ <> /\ <> /\ (<>) - /\ (<>) - /\ (<>) + /\ (<>) + /\ (<>) /\ (<>) /\ (<>). Proof. - assert(INCLSRC: forall mp (IN: In mp pp), SkEnv.includes skenv_link_src mp.(ModPair.src).(Mod.sk)). + assert(INCLSRC: forall mp (IN: In mp pp), SkEnv.includes skenv_link_src (Mod.sk mp.(ModPair.src))). { ii. clarify. eapply link_includes; eauto. unfold ProgPair.src. rewrite in_map_iff. esplits; et. } - assert(INCLTGT: forall mp (IN: In mp pp), SkEnv.includes skenv_link_tgt mp.(ModPair.tgt).(Mod.sk)). + assert(INCLTGT: forall mp (IN: In mp pp), SkEnv.includes skenv_link_tgt (Mod.sk mp.(ModPair.tgt))). { ii. clarify. eapply link_includes; eauto. unfold ProgPair.tgt. rewrite in_map_iff. esplits; et. } clarify. exploit SimSymb.wf_load_sim_skenv; eauto. i; des. rename sm into sm_init. clarify. @@ -291,8 +291,8 @@ Section ADQMATCH. Context `{SU: Sound.class}. Variable pp: ProgPair.t. - Let p_src := pp.(ProgPair.src). - Let p_tgt := pp.(ProgPair.tgt). + Let p_src := (ProgPair.src pp). + Let p_tgt := (ProgPair.tgt pp). Variable sk_link_src sk_link_tgt: Sk.t. Hypothesis LINKSRC: (link_sk p_src) = Some sk_link_src. @@ -300,8 +300,8 @@ Section ADQMATCH. Let sem_src := Sem.sem p_src. Let sem_tgt := Sem.sem p_tgt. - Let skenv_link_src := sk_link_src.(Sk.load_skenv). - Let skenv_link_tgt := sk_link_tgt.(Sk.load_skenv). + Let skenv_link_src := (Sk.load_skenv sk_link_src). + Let skenv_link_tgt := (Sk.load_skenv sk_link_tgt). Inductive lxsim_stack: SimMem.t -> list Frame.t -> list Frame.t -> Prop := @@ -330,8 +330,8 @@ Section ADQMATCH. /\ (<>) /\ (< forall si, exists su m_arg, (sound_states_local si) su m_arg st) i1 lst_src1 lst_tgt1 sm_after>>)) - (SESRC: ms_src.(ModSem.to_semantics).(symbolenv) = skenv_link_src) - (SETGT: ms_tgt.(ModSem.to_semantics).(symbolenv) = skenv_link_tgt): + (SESRC: (ModSem.to_semantics ms_src).(symbolenv) = skenv_link_src) + (SETGT: (ModSem.to_semantics ms_tgt).(symbolenv) = skenv_link_tgt): lxsim_stack sm_init ((Frame.mk ms_src lst_src0) :: tail_src) ((Frame.mk ms_tgt lst_tgt0) :: tail_tgt). @@ -358,8 +358,8 @@ Section ADQMATCH. (PRSV: forall si, local_preservation_noguarantee ms_src (sound_states_local si)) (TOP: lxsim ms_src ms_tgt (fun st => forall si, exists su m_arg, (sound_states_local si) su m_arg st) i0 lst_src lst_tgt sm0) - (SESRC: ms_src.(ModSem.to_semantics).(symbolenv) = skenv_link_src) - (SETGT: ms_tgt.(ModSem.to_semantics).(symbolenv) = skenv_link_tgt): + (SESRC: (ModSem.to_semantics ms_src).(symbolenv) = skenv_link_src) + (SETGT: (ModSem.to_semantics ms_tgt).(symbolenv) = skenv_link_tgt): lxsim_lift i0 (State ((Frame.mk ms_src lst_src) :: tail_src)) (State ((Frame.mk ms_tgt lst_tgt) :: tail_tgt)) sm0 | lxsim_lift_callstate sm_arg tail_src tail_tgt tail_sm args_src args_tgt @@ -393,8 +393,8 @@ Section ADQINIT. Variable pp: ProgPair.t. Hypothesis NOTNIL: pp <> []. Hypothesis SIMPROG: ProgPair.sim pp. - Let p_src := pp.(ProgPair.src). - Let p_tgt := pp.(ProgPair.tgt). + Let p_src := (ProgPair.src pp). + Let p_tgt := (ProgPair.tgt pp). Variable sk_link_src sk_link_tgt: Sk.t. Hypothesis LINKSRC: (link_sk p_src) = Some sk_link_src. @@ -405,8 +405,8 @@ Section ADQINIT. Let sem_src := Sem.sem p_src. Let sem_tgt := Sem.sem p_tgt. - Let skenv_link_src := sk_link_src.(Sk.load_skenv). - Let skenv_link_tgt := sk_link_tgt.(Sk.load_skenv). + Let skenv_link_src := (Sk.load_skenv sk_link_src). + Let skenv_link_tgt := (Sk.load_skenv sk_link_tgt). Theorem init_lxsim_lift_forward st_init_src @@ -414,8 +414,8 @@ Section ADQINIT. exists idx st_init_tgt sm_init, <> /\ (<>) - /\ (<>) - /\ (<>). + /\ (<>) + /\ (<>). Proof. ss. inv INITSRC; ss. clarify. rename INITSK into INITSKSRC. rename INITMEM into INITMEMSRC. @@ -466,8 +466,8 @@ Section ADQSTEP. Variable pp: ProgPair.t. Hypothesis SIMPROG: ProgPair.sim pp. - Let p_src := pp.(ProgPair.src). - Let p_tgt := pp.(ProgPair.tgt). + Let p_src := (ProgPair.src pp). + Let p_tgt := (ProgPair.tgt pp). Variable sk_link_src sk_link_tgt: Sk.t. Hypothesis LINKSRC: (link_sk p_src) = Some sk_link_src. @@ -478,13 +478,13 @@ Section ADQSTEP. Let sem_src := Sem.sem p_src. Let sem_tgt := Sem.sem p_tgt. - Let skenv_link_src := sk_link_src.(Sk.load_skenv). - Let skenv_link_tgt := sk_link_tgt.(Sk.load_skenv). + Let skenv_link_src := (Sk.load_skenv sk_link_src). + Let skenv_link_tgt := (Sk.load_skenv sk_link_tgt). Variable ss_link: SimSymb.t. Hypothesis (SIMSKENV: exists sm, SimSymb.sim_skenv sm ss_link skenv_link_src skenv_link_tgt). - Hypothesis (INCLSRC: forall mp (IN: In mp pp), SkEnv.includes skenv_link_src mp.(ModPair.src).(Mod.sk)). - Hypothesis (INCLTGT: forall mp (IN: In mp pp), SkEnv.includes skenv_link_tgt mp.(ModPair.tgt).(Mod.sk)). + Hypothesis (INCLSRC: forall mp (IN: In mp pp), SkEnv.includes skenv_link_src (Mod.sk mp.(ModPair.src))). + Hypothesis (INCLTGT: forall mp (IN: In mp pp), SkEnv.includes skenv_link_tgt (Mod.sk mp.(ModPair.tgt))). Hypothesis (SSLE: forall mp (IN: In mp pp), SimSymb.le mp.(ModPair.ss) ss_link). Hypothesis (WFKSSRC: forall md (IN: In md (ProgPair.src pp)), <>). @@ -698,8 +698,8 @@ Section ADQ. Variable pp: ProgPair.t. Hypothesis SIMPROG: ProgPair.sim pp. - Let p_src := pp.(ProgPair.src). - Let p_tgt := pp.(ProgPair.tgt). + Let p_src := (ProgPair.src pp). + Let p_tgt := (ProgPair.tgt pp). Let sem_src := Sem.sem p_src. Let sem_tgt := Sem.sem p_tgt. @@ -739,8 +739,8 @@ Program Definition mkPR (MR: SimMem.class) (SR: SimSymb.class MR) (MP: Sound.cla forall (WF: forall x (IN: In x p_src), Sk.wf x), exists pp, (<>) - /\ (<>) - /\ (<>)) _ _ _. + /\ (<>) + /\ (<>)) _ _ _. Next Obligation. (* horizontal composition *) exploit REL0; eauto. { i. eapply WF. rewrite in_app_iff. eauto. } intro T0; des. diff --git a/proof/AdequacySound.v b/proof/AdequacySound.v index d8af5eed..781d76df 100644 --- a/proof/AdequacySound.v +++ b/proof/AdequacySound.v @@ -27,8 +27,8 @@ Section ADQSOUND. Variable pp: ProgPair.t. Hypothesis SIMPROG: ProgPair.sim pp. - Let p_src := pp.(ProgPair.src). - Let p_tgt := pp.(ProgPair.tgt). + Let p_src := (ProgPair.src pp). + Let p_tgt := (ProgPair.tgt pp). Hypothesis (WFSKSRC: forall md (IN: In md p_src), <>). Hypothesis (WFSKTGT: forall md (IN: In md p_tgt), <>). @@ -38,14 +38,14 @@ Section ADQSOUND. Let sem_src := Sem.sem p_src. Let sem_tgt := Sem.sem p_tgt. - Let skenv_link_src := sk_link_src.(Sk.load_skenv). - Let skenv_link_tgt := sk_link_tgt.(Sk.load_skenv). + Let skenv_link_src := (Sk.load_skenv sk_link_src). + Let skenv_link_tgt := (Sk.load_skenv sk_link_tgt). Variable ss_link: SimSymb.t. Hypothesis (SIMSKENV: exists sm, SimSymb.sim_skenv sm ss_link skenv_link_src skenv_link_tgt). - Hypothesis INCLSRC: forall mp (IN: In mp pp), SkEnv.includes skenv_link_src mp.(ModPair.src).(Mod.sk). - Hypothesis INCLTGT: forall mp (IN: In mp pp), SkEnv.includes skenv_link_tgt mp.(ModPair.tgt).(Mod.sk). + Hypothesis INCLSRC: forall mp (IN: In mp pp), SkEnv.includes skenv_link_src (Mod.sk mp.(ModPair.src)). + Hypothesis INCLTGT: forall mp (IN: In mp pp), SkEnv.includes skenv_link_tgt (Mod.sk mp.(ModPair.tgt)). Hypothesis SSLE: forall mp (IN: In mp pp), SimSymb.le mp.(ModPair.ss) ss_link. Let WFSKLINKSRC: Sk.wf sk_link_src. eapply link_list_preserves_wf_sk; et. Qed. @@ -55,7 +55,7 @@ Section ADQSOUND. Inductive sound_ge (su0: Sound.t) (m0: mem): Prop := | sound_ge_intro - (GE: Forall (fun ms => su0.(Sound.skenv) m0 ms.(ModSem.skenv)) sem_src.(Smallstep.globalenv).(fst)). + (GE: Forall (fun ms => su0.(Sound.skenv) m0 ms.(ModSem.skenv)) (fst sem_src.(Smallstep.globalenv))). Lemma lepriv_preserves_sound_ge m0 su0 su1 @@ -88,18 +88,18 @@ Section ADQSOUND. (* stack can go preservation when su0 is given *) Inductive sound_stack (args: Args.t): list Frame.t -> Prop := | sound_stack_nil - (EXSU: exists su_ex, Sound.args su_ex args /\ sound_ge su_ex args.(Args.get_m)): + (EXSU: exists su_ex, Sound.args su_ex args /\ sound_ge su_ex (Args.get_m args)): sound_stack args [] | sound_stack_cons args_tail tail ms lst0 (TL: sound_stack args_tail tail) (FORALLSU: forall su0 (SUARGS: Sound.args su0 args_tail) - (SUGE: sound_ge su0 args_tail.(Args.get_m)), + (SUGE: sound_ge su0 (Args.get_m args_tail)), (<>>>) + <>>>) /\ (<>) *) - sound_state_all su0 args_tail.(Args.get_m) lst1>>) + sound_state_all su0 (Args.get_m args_tail) lst1>>) >>) /\ - (<>) + (<>) ) - (EXSU: exists su_ex, Sound.args su_ex args_tail /\ sound_ge su_ex args_tail.(Args.get_m)) + (EXSU: exists su_ex, Sound.args su_ex args_tail /\ sound_ge su_ex (Args.get_m args_tail)) (EX: exists sound_state_ex, local_preservation ms sound_state_ex): sound_stack args ((Frame.mk ms lst0) :: tail). @@ -131,13 +131,13 @@ Section ADQSOUND. (EXSU: exists su_ex, Sound.args su_ex args_tail /\ sound_ge su_ex m_arg) (FORALLSU: forall su0 (SUARGS: Sound.args su0 args_tail) - (SUGE: sound_ge su0 args_tail.(Args.get_m)), + (SUGE: sound_ge su0 (Args.get_m args_tail)), (<>>>)) (EX: exists sound_state_ex, local_preservation ms sound_state_ex) - (ABCD: args_tail.(Args.get_m) = m_arg) + (ABCD: (Args.get_m args_tail) = m_arg) : sound_state m_arg (State ((Frame.mk ms lst0) :: tail)) | sound_state_call @@ -145,7 +145,7 @@ Section ADQSOUND. (* (ARGS: Sound.args su0 args) *) (STK: sound_stack args frs) (* (MLE: Sound.mle su0 m_tail args.(Args.get_m)) *) - (EQ: args.(Args.get_m) = m_tail) + (EQ: (Args.get_m args) = m_tail) (EXSU: exists su_ex, Sound.args su_ex args /\ sound_ge su_ex m_tail): sound_state m_tail (Callstate args frs). @@ -162,7 +162,7 @@ Section ADQSOUND. { econs. rewrite Forall_forall. intros ? IN. ss. des_ifs. u in IN. rewrite in_map_iff in IN. des; ss; clarify. + s. rewrite <- Sound.system_skenv; eauto. - + assert(INCL: SkEnv.includes (Sk.load_skenv sk_link_src) x0.(Mod.sk)). + + assert(INCL: SkEnv.includes (Sk.load_skenv sk_link_src) (Mod.sk x0)). { unfold p_src in IN0. unfold ProgPair.src in *. rewrite in_map_iff in IN0. des. clarify. eapply INCLSRC; et. } eapply Sound.skenv_project; eauto. { eapply link_load_skenv_wf_mem; et. } diff --git a/proof/MatchSimModSemExcl.v b/proof/MatchSimModSemExcl.v index ba3a05a5..ab07569b 100644 --- a/proof/MatchSimModSemExcl.v +++ b/proof/MatchSimModSemExcl.v @@ -186,7 +186,7 @@ Section MATCHSIMFORWARD. (* <> *) < forall si, exists su0 m_init, sound_states si su0 m_init st) has_footprint mle_excl - i0.(Ord.lift_idx WFORD) st_src0 st_tgt0 sm0>>. + (Ord.lift_idx WFORD i0) st_src0 st_tgt0 sm0>>. Proof. (* move su0 at top. *) revert_until BAR. pcofix CIH. i. pfold. ii. diff --git a/proof/MatchSimModSemExcl2.v b/proof/MatchSimModSemExcl2.v index abe29ec5..abd1a1de 100644 --- a/proof/MatchSimModSemExcl2.v +++ b/proof/MatchSimModSemExcl2.v @@ -164,7 +164,7 @@ Section MATCHSIMFORWARD. (* su0 *) (* <> *) < forall si, exists su0 m_init, sound_states si su0 m_init st) - i0.(Ord.lift_idx WFORD) st_src0 st_tgt0 sm0>>. + (Ord.lift_idx WFORD i0) st_src0 st_tgt0 sm0>>. Proof. (* move su0 at top. *) revert_until BAR. pcofix CIH. i. pfold. ii. diff --git a/proof/MatchSimModSemSR.v b/proof/MatchSimModSemSR.v index 8654f0aa..7d6a35d4 100644 --- a/proof/MatchSimModSemSR.v +++ b/proof/MatchSimModSemSR.v @@ -167,7 +167,7 @@ Section MATCHSIMFORWARD. (* su0 *) (* <> *) < unit -> exists su0 m_init, sound_state su0 m_init st) - i0.(Ord.lift_idx WFORD) st_src0 st_tgt0 sm0>>. + (Ord.lift_idx WFORD i0) st_src0 st_tgt0 sm0>>. Proof. (* move su0 at top. *) revert_until BAR. pcofix CIH. i. pfold. ii. diff --git a/proof/ModSemProps.v b/proof/ModSemProps.v index 2277da9c..f985c2e7 100644 --- a/proof/ModSemProps.v +++ b/proof/ModSemProps.v @@ -197,17 +197,17 @@ Proof. Qed. Lemma atomic_single_events_at: forall (ms: ModSem.t), - <>. + <>. Proof. ii. inv H; ss. xomega. Qed. Lemma atomic_single_evnents: forall (ms: ModSem.t), - <>. + <>. Proof. ii. inv H; ss. xomega. Qed. Lemma atomic_receptive_at (ms: ModSem.t) st0 (SSR: strongly_receptive_at ms st0): - <>. + <>. Proof. generalize (@atomic_single_evnents ms); eauto. intro SINGLE. inv SSR. econs; ss. @@ -226,7 +226,7 @@ Proof. Qed. Lemma atomic_receptive_at_nonnil: forall (ms: ModSem.t), - <>. + <>. Proof. i. generalize (@atomic_single_evnents ms); eauto. intro SINGLE. ii. econs; ss. { ii. ss. destruct t1; ss. @@ -244,7 +244,7 @@ Qed. Lemma atomic_receptive (ms: ModSem.t) (SSR: strongly_receptive ms): - <>. + <>. Proof. generalize (@atomic_single_evnents ms); eauto. intro SINGLE. inv SSR. econs; ss. diff --git a/proof/Ord.v b/proof/Ord.v index ca41f522..56c4088b 100644 --- a/proof/Ord.v +++ b/proof/Ord.v @@ -195,7 +195,7 @@ Section LIFT. Lemma lift_idx_spec i0 i1 (ORD: order i0 i1): - <>. + <>. Proof. econs; eauto. cbn. instantiate (1:= eq_refl). cbn. ss. Qed. Hint Unfold lift_idx. diff --git a/proof/Preservation.v b/proof/Preservation.v index 71f80b5f..ed2fb75c 100644 --- a/proof/Preservation.v +++ b/proof/Preservation.v @@ -29,10 +29,10 @@ Inductive local_preservation (sound_state: Sound.t -> mem -> ms.(state) -> Prop) | local_preservation_intro (INIT: forall su_init args st_init (SUARG: Sound.args su_init args) - (SKENV: Sound.skenv su_init args.(Args.get_m) ms.(ModSem.skenv)) + (SKENV: Sound.skenv su_init (Args.get_m args) ms.(ModSem.skenv)) (INIT: ms.(ModSem.initial_frame) args st_init) , - <>) + <>) (STEP: forall m_arg su0 st0 tr st1 (SUST: sound_state su0 m_arg st0) @@ -42,14 +42,14 @@ Inductive local_preservation (sound_state: Sound.t -> mem -> ms.(state) -> Prop) (CALL: forall m_arg su0 st0 args (SUST: sound_state su0 m_arg st0) (AT: ms.(ModSem.at_external) st0 args), - <> /\ + <> /\ exists su_gr, (<>) /\ (<>) /\ (<>)>>)) @@ -57,7 +57,7 @@ Inductive local_preservation (sound_state: Sound.t -> mem -> ms.(state) -> Prop) (SUST: sound_state su0 m_arg st0) (FINAL: ms.(ModSem.final_frame) st0 retv), exists su_ret, <> /\ - <> /\ <>) + <> /\ <>) . (* It does not need to show "mle". *) @@ -65,10 +65,10 @@ Inductive local_preservation_noguarantee (sound_state: Sound.t -> mem -> ms.(sta | local_preservation_noguarantee_intro (INIT: forall su_init args st_init (SUARG: Sound.args su_init args) - (SKENV: Sound.skenv su_init args.(Args.get_m) ms.(ModSem.skenv)) + (SKENV: Sound.skenv su_init (Args.get_m args) ms.(ModSem.skenv)) (INIT: ms.(ModSem.initial_frame) args st_init) , - <>) + <>) (STEP: forall m_arg su0 st0 tr st1 (SUST: sound_state su0 m_arg st0) @@ -84,7 +84,7 @@ Inductive local_preservation_noguarantee (sound_state: Sound.t -> mem -> ms.(sta (<>)>>)) @@ -103,12 +103,12 @@ Inductive local_preservation_standard (sound_state: Sound.t -> ms.(state) -> Pro | local_preservation_standard_intro (INIT: forall su_arg args st_init (SUARG: Sound.args su_arg args) - (SKENV: Sound.skenv su_arg args.(Args.get_m) ms.(ModSem.skenv)) + (SKENV: Sound.skenv su_arg (Args.get_m args) ms.(ModSem.skenv)) (INIT: ms.(ModSem.initial_frame) args st_init) , exists su_init, (<>) /\ (<>) - /\ (<>)) + /\ (<>)) (STEP: forall su0 st0 tr st1 (SUST: sound_state su0 st0) @@ -119,25 +119,25 @@ Inductive local_preservation_standard (sound_state: Sound.t -> ms.(state) -> Pro (SUST: sound_state su0 st0) (AT: ms.(ModSem.at_external) st0 args) , - <> /\ + <> /\ exists su_gr, (<>) /\ (<>) /\ (<> /\ - (<> /\ <>)>>)) + (<> /\ <>)>>)) (RET: forall su0 st0 retv (SUST: sound_state su0 st0) (FINAL: ms.(ModSem.final_frame) st0 retv), exists su_ret, <> /\ - <> /\ <>) + <> /\ <>) . Theorem local_preservation_standard_spec @@ -169,10 +169,10 @@ Inductive local_preservation_strong (sound_state: Sound.t -> ms.(state) -> Prop) (LIFTPRIV: lift <2= Sound.lepriv) (INIT: forall su_init args st_init (SUARG: Sound.args su_init args) - (SKENV: Sound.skenv su_init args.(Args.get_m) ms.(ModSem.skenv)) + (SKENV: Sound.skenv su_init (Args.get_m args) ms.(ModSem.skenv)) (INIT: ms.(ModSem.initial_frame) args st_init) , - <> /\ <>) + <> /\ <>) (STEP: forall su0 st0 tr st1 (SKENV: Sound.skenv su0 st0.(get_mem) ms.(ModSem.skenv)) @@ -185,7 +185,7 @@ Inductive local_preservation_strong (sound_state: Sound.t -> ms.(state) -> Prop) (SUST: sound_state su0 st0) (AT: ms.(ModSem.at_external) st0 args) , - <> /\ + <> /\ <> /\ exists su_gr, (<>) /\ @@ -193,20 +193,20 @@ Inductive local_preservation_strong (sound_state: Sound.t -> ms.(state) -> Prop) (<> /\ <>)>>)) + sound_state su0 st1>> /\ <>)>>)) (RET: forall su0 st0 retv (SKENV: Sound.skenv su0 st0.(get_mem) ms.(ModSem.skenv)) (SUST: sound_state su0 st0) (FINAL: ms.(ModSem.final_frame) st0 retv), exists su_ret, <> /\ - <> /\ <>). + <> /\ <>). Theorem local_preservation_strong_spec sound_state @@ -236,12 +236,12 @@ Inductive local_preservation_strong_horizontal (sound_state: Sound.t -> ms.(stat (LIFTPRIV: lift <2= Sound.lepriv) (INIT: forall su_arg args st_init (SUARG: Sound.args su_arg args) - (SKENV: Sound.skenv su_arg args.(Args.get_m) ms.(ModSem.skenv)) + (SKENV: Sound.skenv su_arg (Args.get_m args) ms.(ModSem.skenv)) (INIT: ms.(ModSem.initial_frame) args st_init) , exists su_init, (<>) /\ (<>) - /\ (<>)) + /\ (<>)) (STEP: forall su0 st0 tr st1 (SUST: sound_state su0 st0) @@ -251,24 +251,24 @@ Inductive local_preservation_strong_horizontal (sound_state: Sound.t -> ms.(stat (CALL: forall su0 st0 args (SUST: sound_state su0 st0) (AT: ms.(ModSem.at_external) st0 args), - <> /\ + <> /\ exists su_gr, (<>) /\ (<>) /\ (<> /\ - (<> /\ <>)>>)) + (<> /\ <>)>>)) (RET: forall su0 st0 retv (SUST: sound_state su0 st0) (FINAL: ms.(ModSem.final_frame) st0 retv), exists su_ret, <> /\ - <> /\ <>). + <> /\ <>). Theorem local_preservation_strong_horizontal_spec sound_state @@ -307,10 +307,10 @@ Inductive local_preservation_strong_excl (sound_state: Sound.t -> ms.(state) -> <>) (INIT: forall su_init args st_init (SUARG: Sound.args su_init args) - (SKENV: Sound.skenv su_init args.(Args.get_m) ms.(ModSem.skenv)) + (SKENV: Sound.skenv su_init (Args.get_m args) ms.(ModSem.skenv)) (INIT: ms.(ModSem.initial_frame) args st_init) , - <> /\ <>) + <> /\ <>) (STEP: forall su0 st0 tr st1 (SUST: sound_state su0 st0) @@ -320,7 +320,7 @@ Inductive local_preservation_strong_excl (sound_state: Sound.t -> ms.(state) -> (CALL: forall su0 st0 args (SUST: sound_state su0 st0) (AT: ms.(ModSem.at_external) st0 args), - <> /\ + <> /\ <> /\ <> /\ exists su_gr, @@ -329,15 +329,15 @@ Inductive local_preservation_strong_excl (sound_state: Sound.t -> ms.(state) -> (<> /\ <>)>>)) + (<> /\ <>)>>)) (RET: forall su0 st0 retv (SUST: sound_state su0 st0) (FINAL: ms.(ModSem.final_frame) st0 retv), exists su_ret, <> /\ - <> /\ <>). + <> /\ <>). Theorem local_preservation_strong_excl_spec sound_state @@ -365,11 +365,11 @@ Inductive local_preservation_strong_horizontal_excl (sound_state: Sound.t -> ms. <>) (INIT: forall su_arg args st_init (SUARG: Sound.args su_arg args) - (SKENV: Sound.skenv su_arg args.(Args.get_m) ms.(ModSem.skenv)) + (SKENV: Sound.skenv su_arg (Args.get_m args) ms.(ModSem.skenv)) (INIT: ms.(ModSem.initial_frame) args st_init), exists su_init, (<>) /\ (<>) - /\ (<>)) + /\ (<>)) (STEP: forall su0 st0 tr st1 (SUST: sound_state su0 st0) @@ -379,7 +379,7 @@ Inductive local_preservation_strong_horizontal_excl (sound_state: Sound.t -> ms. (CALL: forall su0 st0 args (SUST: sound_state su0 st0) (AT: ms.(ModSem.at_external) st0 args), - <> /\ + <> /\ <> /\ exists su_gr, (<>) /\ @@ -387,17 +387,17 @@ Inductive local_preservation_strong_horizontal_excl (sound_state: Sound.t -> ms. (<> /\ - (<> /\ <>)>>)) + (<> /\ <>)>>)) (RET: forall su0 st0 retv (SUST: sound_state su0 st0) (FINAL: ms.(ModSem.final_frame) st0 retv), exists su_ret, <> /\ - <> /\ <>). + <> /\ <>). Theorem local_preservation_strong_horizontal_excl_spec sound_state diff --git a/proof/SemProps.v b/proof/SemProps.v index 3bef2ea0..e600046c 100644 --- a/proof/SemProps.v +++ b/proof/SemProps.v @@ -36,7 +36,7 @@ Lemma link_includes (LINK: link_sk p = Some sk_link_src) md (IN: In md p): - SkEnv.includes (Sk.load_skenv sk_link_src) md.(Mod.sk). + SkEnv.includes (Sk.load_skenv sk_link_src) (Mod.sk md). Proof. unfold link_sk in *. (* TODO: can we remove `_ LINK` ? *) @@ -260,7 +260,7 @@ Section INITDTM. Lemma skenv_fill_internals_preserves_wf skenv0 skenv1 (WF: SkEnv.wf skenv0) - (FILL: skenv0.(skenv_fill_internals) = skenv1): + (FILL: (skenv_fill_internals skenv0) = skenv1): <>. Proof. inv WF. unfold skenv_fill_internals. econs; i; ss; eauto. @@ -278,7 +278,7 @@ Section INITDTM. (MOD: In md p) (MODSEM: Genv.find_funct (ModSem.skenv (Mod.get_modsem md skenv_link (Mod.data md))) fptr = Some (Internal md_def)) - (INCL: SkEnv.includes skenv_link md.(Mod.sk)): + (INCL: SkEnv.includes skenv_link (Mod.sk md)): False. Proof. hexploit (@Mod.get_modsem_projected_sk md skenv_link); eauto. intro SPEC; des. @@ -303,7 +303,7 @@ Section INITDTM. Proof. ss. des_ifs; cycle 1. { econs; eauto. ii; ss. inv FIND0. ss. } - assert(WFBIG: t.(Sk.load_skenv).(SkEnv.wf)). + assert(WFBIG: (Sk.load_skenv t).(SkEnv.wf)). { eapply SkEnv.load_skenv_wf. eapply link_list_preserves_wf_sk; et. } econs; eauto. ii; ss. inv FIND0; inv FIND1. generalize (link_includes p Heq). intro INCLS. @@ -550,7 +550,7 @@ Section WFMEM. (* TODO: move to proper place *) Lemma Genv_bytes_of_init_data_length F V (ge: Genv.t F V) a: - Datatypes.length (Genv.bytes_of_init_data ge a) = nat_of_Z (init_data_size a). + Datatypes.length (Genv.bytes_of_init_data ge a) = Z.to_nat (init_data_size a). Proof. clear - a. destruct a; ss; des_ifs. rewrite length_list_repeat. rewrite Z2Nat.inj_max. ss. xomega. Qed. @@ -558,15 +558,15 @@ Qed. Inductive wf_mem_weak (skenv ge0: SkEnv.t) (sk: Sk.t) (m0: mem): Prop := | wf_mem_weak_intro (WFPTR: forall blk_fr _ofs_fr blk_to _ofs_to id_fr _q _n gv - (SYMB: ge0.(Genv.find_symbol) id_fr = Some blk_fr) + (SYMB: (Genv.find_symbol ge0) id_fr = Some blk_fr) (* (IN: In id_fr sk.(prog_defs_names)) *) (IN: In (id_fr, (Gvar gv)) sk.(prog_defs)) (NONVOL: gv.(gvar_volatile) = false) (DEFINITIVE: classify_init gv.(gvar_init) = Init_definitive gv.(gvar_init)) (* (IN: sk.(prog_defmap) ! id_fr = Some (Gvar gv)) *) (LOAD: Mem.loadbytes m0 blk_fr _ofs_fr 1 = Some [Fragment (Vptr blk_to _ofs_to) _q _n]), - exists id_to, (<>) - /\ (<>)). + exists id_to, (<>) + /\ (<>)). Let link_load_skenv_wf_sem_one: forall md sk_link m0 m1 id gd ge0 (WF: Sk.wf md) @@ -730,9 +730,9 @@ Proof. + exfalso. unfold Mem.loadbytes in *. des_ifs. rename H0 into P. rename H1 into Q. clear - P Q T RANGE POS. abstr ((Mem.mem_contents m1) !! blk) MC. clear_tac. assert(POS0: 0 <= Z.max z 0) by xomega. - exploit (@Mem.getN_in MC ofs_mid (Z.max z 0).(Z.to_nat) ofs_bound); eauto. + exploit (@Mem.getN_in MC ofs_mid (Z.to_nat (Z.max z 0)) ofs_bound); eauto. { split; try xomega. rewrite Z2Nat.id; ss. } - intro R. rewrite Q in *. unfold nat_of_Z in *. rewrite P in *. clear - R. apply in_list_repeat in R. ss. + intro R. rewrite Q in *. unfold Z.to_nat in *. rewrite P in *. clear - R. apply in_list_repeat in R. ss. + des_ifs; cycle 1. { exfalso. unfold Mem.loadbytes in *. des_ifs. diff --git a/proof/SimMem.v b/proof/SimMem.v index 77274b22..fe629f57 100644 --- a/proof/SimMem.v +++ b/proof/SimMem.v @@ -69,7 +69,7 @@ Module SimMem. rs_src m_src rs_tgt m_tgt (ASMSRC: args_src = Args.Asmstyle rs_src m_src) (ASMTGT: args_tgt = Args.Asmstyle rs_tgt m_tgt) - (RS: sm0.(sim_regset) rs_src rs_tgt) + (RS: (sim_regset sm0) rs_src rs_tgt) (MEMSRC: m_src = sm0.(SimMem.src)) (MEMTGT: m_tgt = sm0.(SimMem.tgt)). @@ -85,12 +85,12 @@ Module SimMem. rs_src m_src rs_tgt m_tgt (ASMSRC: retv_src = Retv.Asmstyle rs_src m_src) (ASMTGT: retv_tgt = Retv.Asmstyle rs_tgt m_tgt) - (RS: sm0.(sim_regset) rs_src rs_tgt) + (RS: (sim_regset sm0) rs_src rs_tgt) (MEMSRC: m_src = sm0.(SimMem.src)) (MEMTGT: m_tgt = sm0.(SimMem.tgt)). Lemma sim_args_sim_fptr `{SM: class}: forall sm0 args_src args_tgt (ARGS: sim_args args_src args_tgt sm0), - sm0.(sim_val) args_src.(Args.get_fptr) args_tgt.(Args.get_fptr). + sm0.(sim_val) (Args.get_fptr args_src) (Args.get_fptr args_tgt). Proof. i. inv ARGS; ss. Qed. Lemma sim_val_list_le diff --git a/proof/SimMemExt.v b/proof/SimMemExt.v index 66eeb351..7727786a 100644 --- a/proof/SimMemExt.v +++ b/proof/SimMemExt.v @@ -79,7 +79,7 @@ Qed. Next Obligation. inv ARGS; ss. destruct sm0; ss; clarify. exploit external_call_mem_extends; eauto. i. des. - exists (mk retv_src.(Retv.m) m2'). exists (Retv.mk vres' m2'). + exists (mk (Retv.m retv_src) m2'). exists (Retv.mk vres' m2'). esplits; ss; eauto. { eapply external_call_symbols_preserved; eauto. eapply SimSymbId.sim_skenv_equiv; eauto. } diff --git a/proof/SimMemInjC.v b/proof/SimMemInjC.v index 859a0fd3..7cab981e 100644 --- a/proof/SimMemInjC.v +++ b/proof/SimMemInjC.v @@ -34,7 +34,7 @@ Lemma update_src_private sm0 sm1 (INJ: sm0.(inj) = sm1.(inj)) (SRC: sm0.(src).(Mem.nextblock) = sm1.(src).(Mem.nextblock)): - sm0.(src_private) = (sm1).(src_private). + (src_private sm0) = (src_private (sm1)). Proof. repeat (apply Axioms.functional_extensionality; i). apply prop_ext1. u. split; ii; des; esplits; eauto with congruence. @@ -45,7 +45,7 @@ Lemma update_tgt_private (SRC: sm0.(src) = sm1.(src)) (TGT: sm0.(tgt).(Mem.nextblock) = sm1.(tgt).(Mem.nextblock)) (INJ: sm0.(inj) = sm1.(inj)): - sm0.(tgt_private) = sm1.(tgt_private). + (tgt_private sm0) = (tgt_private sm1). Proof. repeat (apply Axioms.functional_extensionality; i). apply prop_ext1. u. split; ii; des; esplits; eauto with congruence. @@ -204,7 +204,7 @@ Lemma unfree_right /\ (<>) /\ (<>). Proof. - exists (sm0.(update) sm0.(src) m_tgt0 sm0.(inj)). + exists (update (sm0) sm0.(src) m_tgt0 sm0.(inj)). exploit Mem_unfree_unchanged_on; et. intro UNCH. esplits; u; ss; eauto. - econs; ss; eauto; try (by inv MWF; ss). + inv MWF. eapply Mem_unfree_right_inject; eauto. @@ -296,7 +296,7 @@ Lemma alloc_left_zero_simmem sm0 blk_src sz m_src1 blk_tgt (MWF: SimMem.wf sm0) (ALLOC: Mem.alloc sm0.(SimMem.src) 0 sz = (m_src1, blk_src)) - (TGTPRIV: (range 0 sz) <1= sm0.(tgt_private) blk_tgt) + (TGTPRIV: (range 0 sz) <1= (tgt_private sm0) blk_tgt) (TGTNOTEXT: ((range 0 sz) /1\ sm0.(tgt_external) blk_tgt) <1= bot1) (TGTPERM: forall ofs k p (BOUND: 0 <= ofs < sz), Mem.perm sm0.(SimMem.tgt) blk_tgt ofs k p) (* (SZPOS: 0 < sz) *) @@ -470,7 +470,7 @@ Next Obligation. - instantiate (1:= Retv.mk _ _); ss. eapply external_call_symbols_preserved; eauto. eapply SimSymbId.sim_skenv_equiv; eauto. eapply SIMSKENV. - destruct retv_src; ss. instantiate (1:= mk _ _ _ _ _ _ _ _ _). econs 1; ss; eauto. - instantiate (1:= retv_src.(Retv.m)). ss. + instantiate (1:= (Retv.m retv_src)). ss. - assert(FROZEN: frozen inj f' src_parent_nb tgt_parent_nb). { eapply inject_separated_frozen in H5. inv H5. econs; eauto. i. exploit NEW_IMPLIES_OUTSIDE; eauto. i; des. esplits; xomega. } @@ -534,8 +534,8 @@ Lemma inject_junk_blocks_tgt (<>) /\ (<>) /\ (<>) /\ - (<>) /\ - (<>). + (<>) /\ + (<>). Proof. esplits; eauto. - ss. inv MWF. econs; ss; eauto. @@ -570,8 +570,8 @@ Lemma inject_junk_blocks_parallel (inject_junk_blocks sm0.(SimMem.src) sm0.(SimMem.tgt) n sm0.(SimMemInj.inj))>>) /\ (<>) /\ (<>) /\ - (<>) /\ - (<>). + (<>) /\ + (<>). Proof. unfold inject_junk_blocks. esplits; eauto. - ss. inv MWF. econs; ss; eauto. @@ -654,11 +654,11 @@ Lemma Mem_free_parallel' sm0 blk_src blk_tgt ofs_src ofs_tgt sz m_src0 (MWF: wf' sm0) (VAL: Val.inject sm0.(inj) (Vptr blk_src ofs_src) (Vptr blk_tgt ofs_tgt)) - (FREESRC: Mem.free sm0.(src) blk_src ofs_src.(Ptrofs.unsigned) (ofs_src.(Ptrofs.unsigned) + sz) = Some m_src0): + (FREESRC: Mem.free sm0.(src) blk_src (Ptrofs.unsigned ofs_src) (Ptrofs.unsigned (ofs_src) + sz) = Some m_src0): exists sm1, (<>) /\ (<>) - /\ (<>) + /\ (<>) /\ (<>) /\ (<>). Proof. @@ -722,7 +722,7 @@ Lemma minjection_disjoint_footprint_private sm0 P (SEP: (SimMemInj.tgt sm0) |= P) (DISJ: disjoint_footprint (minjection (SimMemInj.inj sm0) (SimMemInj.src sm0)) P): - P.(m_footprint) <2= sm0.(SimMemInj.tgt_private). + P.(m_footprint) <2= (SimMemInj.tgt_private sm0). Proof. u. ii. esplits; eauto. - ii. eapply DISJ; eauto. ss. esplits; eauto. @@ -731,7 +731,7 @@ Qed. Lemma minjection_private_disjoint_footprint sm0 P - (PRIV: P.(m_footprint) <2= sm0.(SimMemInj.tgt_private)): + (PRIV: P.(m_footprint) <2= (SimMemInj.tgt_private sm0)): <>. Proof. - ii. ss. des. eapply PRIV; eauto. @@ -752,8 +752,8 @@ Lemma external_call_parallel_rule_simmem (MLE0: SimMem.le (SimMemLift.lift sm_arg) sm_ret) (MLE1: SimMem.le (SimMemLift.unlift sm_at sm_ret) sm_after) (MLEAFTR: SimMem.le sm_arg (SimMemLift.unlift sm_arg sm_ret)) - (PRIV0: sm_at.(SimMemInj.tgt_private) = sm_arg.(SimMemInj.tgt_private)) - (PRIV1: sm_ret.(SimMemInj.tgt_private) = sm_after.(SimMemInj.tgt_private)) + (PRIV0: (SimMemInj.tgt_private sm_at) = (SimMemInj.tgt_private sm_arg)) + (PRIV1: (SimMemInj.tgt_private sm_ret) = (SimMemInj.tgt_private sm_after)) (UNCH0: Mem.unchanged_on (SimMemInj.tgt_private sm_arg) (SimMemInj.tgt sm_at) (SimMemInj.tgt sm_arg)) (UNCH1: Mem.unchanged_on (SimMemInj.tgt_private sm_arg) (SimMemInj.tgt sm_ret) (SimMemInj.tgt sm_after)): <>). + <>). (* Design: ModPair only has data, properties are stated in sim *) diff --git a/proof/SimModSem.v b/proof/SimModSem.v index bc5cb36d..ab70c6fa 100644 --- a/proof/SimModSem.v +++ b/proof/SimModSem.v @@ -170,9 +170,9 @@ Context {SM: SimMem.class} {SS: SimSymb.class SM} {SU: Sound.class}. (SIM: forall sm_arg args_src args_tgt sg_init_src sg_init_tgt - (FINDFSRC: msp.(src).(ModSem.skenv).(Genv.find_funct) args_src.(Args.get_fptr) = + (FINDFSRC: (Genv.find_funct msp.(src).(ModSem.skenv)) (Args.get_fptr args_src) = Some (Internal sg_init_src)) - (FINDFTGT: msp.(tgt).(ModSem.skenv).(Genv.find_funct) args_tgt.(Args.get_fptr) = + (FINDFTGT: (Genv.find_funct msp.(tgt).(ModSem.skenv)) (Args.get_fptr args_tgt) = Some (Internal sg_init_tgt)) (SIMARGS: SimMem.sim_args args_src args_tgt sm_arg) (SIMSKENV: sim_skenv msp sm_arg) @@ -294,7 +294,7 @@ Section FACTORTARGET. Theorem factor_simmodsem_target (SIM: ModSemPair.sim (ModSemPair.mk ms_src ms_tgt ss sm)): - ModSemPair.sim (ModSemPair.mk ms_src ms_tgt.(ModSem.Atomic.trans) ss sm). + ModSemPair.sim (ModSemPair.mk ms_src (ModSem.Atomic.trans ms_tgt) ss sm). Proof. inv SIM. ss. econs; eauto. ss. i. exploit SIM0; eauto. { inv SIMSKENV. ss. econs; eauto. } diff --git a/proof/SimModSemLift.v b/proof/SimModSemLift.v index bbe3cb7c..04291fba 100644 --- a/proof/SimModSemLift.v +++ b/proof/SimModSemLift.v @@ -197,9 +197,9 @@ Context {SMLIFT: SimMemLift.class SM}. (SIM: forall sm_arg args_src args_tgt sg_init_src sg_init_tgt - (FINDFSRC: msp.(ModSemPair.src).(ModSem.skenv).(Genv.find_funct) args_src.(Args.get_fptr) = + (FINDFSRC: (Genv.find_funct msp.(ModSemPair.src).(ModSem.skenv)) (Args.get_fptr args_src) = Some (Internal sg_init_src)) - (FINDFTGT: msp.(ModSemPair.tgt).(ModSem.skenv).(Genv.find_funct) args_tgt.(Args.get_fptr) = + (FINDFTGT: (Genv.find_funct msp.(ModSemPair.tgt).(ModSem.skenv)) (Args.get_fptr args_tgt) = Some (Internal sg_init_tgt)) (SIMARGS: SimMem.sim_args args_src args_tgt sm_arg) (SIMSKENV: ModSemPair.sim_skenv msp sm_arg) diff --git a/proof/SimModSemSR.v b/proof/SimModSemSR.v index f4c59cee..d54823e7 100644 --- a/proof/SimModSemSR.v +++ b/proof/SimModSemSR.v @@ -213,9 +213,9 @@ Context {SM: SimMem.class} {SS: SimSymb.class SM} {SU: Sound.class}. sm_arg args_src args_tgt sg_init_src sg_init_tgt - (FINDFSRC: msp.(src).(ModSem.skenv).(Genv.find_funct) args_src.(Args.get_fptr) = + (FINDFSRC: (Genv.find_funct msp.(src).(ModSem.skenv)) (Args.get_fptr args_src) = Some (Internal sg_init_src)) - (FINDFTGT: msp.(tgt).(ModSem.skenv).(Genv.find_funct) args_tgt.(Args.get_fptr) = + (FINDFTGT: (Genv.find_funct msp.(tgt).(ModSem.skenv)) (Args.get_fptr args_tgt) = Some (Internal sg_init_tgt)) (SIMARGS: SimMem.sim_args args_src args_tgt sm_arg) (SIMSKENV: sim_skenv msp sm_arg) @@ -280,7 +280,7 @@ Section FACTORSOURCE. Lemma factor_lxsim_source: forall idx0 st_src0 tr st_tgt0 sm0 (SIM: ffs_match idx0 (tr, st_src0) st_tgt0 sm0), - < sound_states st.(snd)) idx0 (tr, st_src0) st_tgt0 sm0>>. + < sound_states (snd st)) idx0 (tr, st_src0) st_tgt0 sm0>>. Proof. clear_tac. unfold NW. pcofix CIH. i. pfold. inv SIM; cycle 1. (* exploit atomic_receptive; eauto. intro RECEP. *) @@ -352,10 +352,10 @@ Section FACTORSOURCE. Theorem factor_simmodsem_source (SIM: ModSemPair.simSR (ModSemPair.mk ms_src ms_tgt ss sm)): - ModSemPair.sim (ModSemPair.mk ms_src.(ModSem.Atomic.trans) ms_tgt ss sm). + ModSemPair.sim (ModSemPair.mk (ModSem.Atomic.trans ms_src) ms_tgt ss sm). Proof. inv SIM. ss. econs; eauto; ss. - { instantiate (1:= fun su m st_src => sound_state_ex su m st_src.(snd)). ss. + { instantiate (1:= fun su m st_src => sound_state_ex su m (snd st_src)). ss. i. specialize (PRSV). inv PRSV. econs; ss; eauto. - ii. exploit INIT; eauto. rr in INIT0. des. ss. - ii. inv STEP0; ss. @@ -376,7 +376,7 @@ Section FACTORSOURCE. i. exploit K; eauto. rr in AFTER. des. ss. - i. exploit RET; eauto. rr in FINAL. des. ss. } - { i. instantiate (1:= fun si su m st_src => sound_states si su m st_src.(snd)). ss. + { i. instantiate (1:= fun si su m st_src => sound_states si su m (snd st_src)). ss. i. specialize (PRSVNOGR si). inv PRSVNOGR. econs; ss; eauto. - ii. exploit INIT; eauto. rr in INIT0. des. ss. diff --git a/proof/SimProg.v b/proof/SimProg.v index 17ff06f8..1f042333 100644 --- a/proof/SimProg.v +++ b/proof/SimProg.v @@ -56,17 +56,17 @@ Context `{SM: SimMem.class} {SS: SimSymb.class SM} {SU: Sound.class}. Variable pp: ProgPair.t. Hypothesis SIMPROG: ProgPair.sim pp. - Let p_src := pp.(ProgPair.src). - Let p_tgt := pp.(ProgPair.tgt). + Let p_src := (ProgPair.src pp). + Let p_tgt := (ProgPair.tgt pp). Theorem sim_link_sk sk_link_src - (LOADSRC: p_src.(link_sk) = Some sk_link_src) + (LOADSRC: (link_sk p_src) = Some sk_link_src) (WF: forall md, In md p_src -> <>): exists ss_link sk_link_tgt, - <> + <> /\ <> /\ <> /\ <> diff --git a/proof/SimSymb.v b/proof/SimSymb.v index 44c78de2..50601b02 100644 --- a/proof/SimSymb.v +++ b/proof/SimSymb.v @@ -24,8 +24,8 @@ Module SimSymb. | skenv_func_bisim_intro (FUNCFSIM: forall fptr_src fptr_tgt def_src (SIMFPTR: sim_val fptr_src fptr_tgt) - (FUNCSRC: skenv_src.(Genv.find_funct) fptr_src = Some def_src), - exists def_tgt, <> /\ <>). + (FUNCSRC: (Genv.find_funct skenv_src) fptr_src = Some def_src), + exists def_tgt, <> /\ <>). Class class (SM: SimMem.class) := { t: Type; @@ -61,15 +61,15 @@ Module SimSymb. sim_skenv_public_symbols: forall sm0 ss0 skenv_src skenv_tgt (SIMSKE: sim_skenv sm0 ss0 skenv_src skenv_tgt), - skenv_src.(Genv.public_symbol) = skenv_tgt.(Genv.public_symbol); + (Genv.public_symbol skenv_src) = (Genv.public_symbol skenv_tgt); wf_load_sim_skenv: forall ss skenv_src skenv_tgt m_src (SIMSK: wf ss) - (LOADSRC: ss.(src).(Sk.load_skenv) = skenv_src) - (LOADTGT: ss.(tgt).(Sk.load_skenv) = skenv_tgt) - (LOADMEMSRC: ss.(src).(Sk.load_mem) = Some m_src), + (LOADSRC: (Sk.load_skenv ss.(src)) = skenv_src) + (LOADTGT: (Sk.load_skenv ss.(tgt)) = skenv_tgt) + (LOADMEMSRC: (Sk.load_mem ss.(src)) = Some m_src), exists m_tgt sm, - (<>) /\ + (<>) /\ (<>) /\ (<>) /\ (<>) /\ @@ -102,7 +102,7 @@ Module SimSymb. system_sim_skenv: forall sm ss skenv_src skenv_tgt (SIMSKENV: sim_skenv sm ss skenv_src skenv_tgt), - <>; + <>; system_axiom: forall sm0 ss_sys skenv_sys_src skenv_sys_tgt args_src args_tgt tr retv_src ef @@ -111,13 +111,13 @@ Module SimSymb. (CSTYLE: Args.is_cstyle args_src) (CSTYLE: Retv.is_cstyle retv_src) (ARGS: SimMem.sim_args args_src args_tgt sm0) - (SYSSRC: external_call ef skenv_sys_src (args_src.(Args.vs)) (args_src.(Args.m)) + (SYSSRC: external_call ef skenv_sys_src (Args.vs (args_src)) (Args.m (args_src)) tr - (retv_src.(Retv.v)) (retv_src.(Retv.m))), + (Retv.v (retv_src)) (Retv.m (retv_src))), exists sm1 retv_tgt, - (<>) + (Retv.v (retv_tgt)) (Retv.m (retv_tgt))>>) /\ (<>) /\ (<>) /\ (<>); diff --git a/proof/SimSymbDrop.v b/proof/SimSymbDrop.v index 11d1d786..fc14c64f 100644 --- a/proof/SimSymbDrop.v +++ b/proof/SimSymbDrop.v @@ -38,19 +38,19 @@ Inductive wf (ss: t'): Prop := | sim_sk_intro (KEPT: forall id (KEPT: ~ ss id), - ss.(tgt).(prog_defmap) ! id = ss.(src).(prog_defmap) ! id) + (prog_defmap ss.(tgt)) ! id = (prog_defmap ss.(src)) ! id) (DROP: forall id (DROP: ss id), - ss.(tgt).(prog_defmap) ! id = None) + (prog_defmap ss.(tgt)) ! id = None) (* (SIMSK: forall *) (* id *) (* , *) (* sk_tgt.(prog_defmap) ! id = if ss id then None else sk_src.(prog_defmap) ! id) *) - (CLOSED: ss <1= ss.(src).(privs)) + (CLOSED: ss <1= (privs ss.(src))) (PUB: ss.(src).(prog_public) = ss.(tgt).(prog_public)) (MAIN: ss.(src).(prog_main) = ss.(tgt).(prog_main)) (NOREF: forall id gv - (PROG: ss.(tgt).(prog_defmap) ! id = Some (Gvar gv)), + (PROG: (prog_defmap ss.(tgt)) ! id = Some (Gvar gv)), <>) (NODUP: NoDup (prog_defs_names ss.(tgt))) (NOMAIN: ~ ss ss.(src).(prog_main)). @@ -59,26 +59,26 @@ Inductive sim_skenv (sm0: SimMem.t) (ss: t') (skenv_src skenv_tgt: SkEnv.t): Pro | sim_skenv_intro (SIMSYMB1: forall id blk_src blk_tgt delta (SIMVAL: sm0.(SimMemInj.inj) blk_src = Some (blk_tgt, delta)) - (BLKSRC: skenv_src.(Genv.find_symbol) id = Some blk_src), + (BLKSRC: (Genv.find_symbol skenv_src) id = Some blk_src), (<>) /\ - (<>) /\ + (<>) /\ (<>)) (SIMSYMB2: forall id blk_src (KEPT: ~ ss id) - (BLKSRC: skenv_src.(Genv.find_symbol) id = Some blk_src), + (BLKSRC: (Genv.find_symbol skenv_src) id = Some blk_src), exists blk_tgt, - (<>) /\ + (<>) /\ (<>)) (SIMSYMB3: forall id blk_tgt - (BLKTGT: skenv_tgt.(Genv.find_symbol) id = Some blk_tgt), + (BLKTGT: (Genv.find_symbol skenv_tgt) id = Some blk_tgt), exists blk_src, - (<>) /\ + (<>) /\ (<>)) (* /\ <> <---------- This can be obtained via SIMSYMB1. *) (SIMDEF: forall blk_src blk_tgt delta def_src (SIMVAL: sm0.(SimMemInj.inj) blk_src = Some (blk_tgt, delta)) - (DEFSRC: skenv_src.(Genv.find_def) blk_src = Some def_src), - exists def_tgt, (<>) /\ + (DEFSRC: (Genv.find_def skenv_src) blk_src = Some def_src), + exists def_tgt, (<>) /\ (<>) /\ (<>)) (DISJ: forall id blk_src0 blk_src1 blk_tgt @@ -88,8 +88,8 @@ Inductive sim_skenv (sm0: SimMem.t) (ss: t') (skenv_src skenv_tgt: SkEnv.t): Pro blk_src0 = blk_src1) (SIMDEFINV: forall blk_src blk_tgt delta def_tgt (SIMVAL: sm0.(SimMemInj.inj) blk_src = Some (blk_tgt, delta)) - (DEFTGT: skenv_tgt.(Genv.find_def) blk_tgt = Some def_tgt), - exists def_src, (<>) /\ + (DEFTGT: (Genv.find_def skenv_tgt) blk_tgt = Some def_tgt), + exists def_src, (<>) /\ (<>) /\ (<>)) (PUBKEPT: (fun id => In id skenv_src.(Genv.genv_public)) <1= ~1 ss) @@ -127,26 +127,26 @@ Qed. Definition sim_skenv_splittable (sm0: SimMem.t) (ss: t') (skenv_src skenv_tgt: SkEnv.t): Prop := (<>) /\ - (<>) /\ + (<>) /\ (<>)>>) /\ (<>) /\ + (<>) /\ (<>)>>) /\ (<>) /\ + (<>) /\ (<>)>>) /\ (* /\ <> <---------- This can be obtained via SIMSYMB1. *) (<>) /\ + (DEFSRC: (Genv.find_def skenv_src) blk_src = Some def_src), + exists def_tgt, (<>) /\ (<>) /\ (<>)>>) /\ (<>) /\ (<>) /\ + (DEFTGT: (Genv.find_def skenv_tgt) blk_tgt = Some def_tgt), + exists def_src, (<>) /\ (<>) /\ (<>)>>) /\ (< In id skenv_src.(Genv.genv_public)) <1= ~1 ss>>) /\ @@ -178,7 +178,7 @@ Inductive le (ss0: t') (ss1: t'): Prop := (LE: ss0 <1= ss1) (OUTSIDE: forall id (IN: (ss1 -1 ss0) id), - <> /\ <>) + <> /\ <>) (SKLESRC: linkorder ss0.(src) ss1.(src)) (SKLETGT: linkorder ss0.(tgt) ss1.(tgt)) . @@ -188,7 +188,7 @@ Lemma linkorder_defs `{Linker F} `{Linker V} (p0 p1: AST.program F V) (LINKORD: linkorder p0 p1): - <>. + <>. Proof. inv LINKORD. ii. u in *. des. simpl_bool. des_sumbool. apply prog_defmap_spec in PR. des. @@ -557,10 +557,10 @@ Next Obligation. Local Transparent Mem.loadbytes. generalize (S1 NO). unfold Mem.loadbytes. destruct Mem.range_perm_dec; intros E1; inv E1. generalize (S2 NO). unfold Mem.loadbytes. destruct Mem.range_perm_dec; intros E2; inv E2. - rewrite Z.add_0_r. apply Mem_getN_forall2 with (p := 0) (n := nat_of_Z (init_data_list_size (gvar_init v))); try omega. + rewrite Z.add_0_r. apply Mem_getN_forall2 with (p := 0) (n := Z.to_nat (init_data_list_size (gvar_init v))); try omega. rewrite H3, H4. eapply bytes_of_init_inject; et. { ii. inv SIMSK. eapply NOREF; et. eapply Genv.find_def_symbol. eexists. split; et. } - rewrite nat_of_Z_eq by (apply init_data_list_size_pos). omega. + rewrite Z2Nat.id; try xomega. } - destruct ((init_meminj ss.(src) ss.(tgt)) b) as [[b' delta]|] eqn:INJ; auto. elim H. exploit init_meminj_invert; eauto. intros (A & id & B & C & D). @@ -818,7 +818,7 @@ Next Obligation. do 2 eexists. dsplits; eauto. - instantiate (1:= Retv.mk _ _); ss. eauto. - destruct retv_src; ss. instantiate (1:= SimMemInj.mk _ _ _ _ _ _ _ _ _). econs 1; ss; eauto. - instantiate (1:= retv_src.(Retv.m)). ss. + instantiate (1:= (Retv.m retv_src)). ss. - econs; ss; eauto. + eapply Mem.unchanged_on_implies; eauto. u. i; des; ss. eapply SRCEXT in H6. unfold src_private in *. ss. des; ss. diff --git a/proof/SimSymbId.v b/proof/SimSymbId.v index acdc3615..d73ac794 100644 --- a/proof/SimSymbId.v +++ b/proof/SimSymbId.v @@ -30,7 +30,7 @@ Proof. rewrite SIMSKENV. eapply GlobalenvsC.Senv_eq_equiv_obligation_1. Qed. Lemma system_sim_skenv skenv_src skenv_tgt (SIMSKENV: sim_skenv skenv_src skenv_tgt): - <>. + <>. Proof. inv SIMSKENV. econs; eauto. Qed. Record t' := mk { @@ -63,10 +63,10 @@ Qed. Lemma wf_load_sim_skenv: forall ss skenv_src skenv_tgt m_src (SIMSK: wf ss) - (LOADSRC: ss.(src).(Sk.load_skenv) = skenv_src) - (LOADTGT: ss.(tgt).(Sk.load_skenv) = skenv_tgt) - (LOADMEMSRC: ss.(src).(Sk.load_mem) = Some m_src), - (<>) /\ + (LOADSRC: (Sk.load_skenv ss.(src)) = skenv_src) + (LOADTGT: (Sk.load_skenv ss.(tgt)) = skenv_tgt) + (LOADMEMSRC: (Sk.load_mem ss.(src)) = Some m_src), + (<>) /\ (<>) /\ (<>). @@ -129,4 +129,4 @@ Section REVIVE. End REVIVE. Require Import SimMod. -Notation mk_mp := (fun md_src md_tgt => ModPair.mk md_src md_tgt (mk md_src md_tgt)). \ No newline at end of file +Notation mk_mp := (fun md_src md_tgt => ModPair.mk md_src md_tgt (mk md_src md_tgt)). diff --git a/proof/Sound.v b/proof/Sound.v index c7c14105..d4565dfa 100644 --- a/proof/Sound.v +++ b/proof/Sound.v @@ -114,16 +114,16 @@ Module Sound. <>; system_skenv: forall su m0 skenv_link, - su.(skenv) m0 skenv_link <-> su.(skenv) m0 skenv_link.(System.skenv); + su.(skenv) m0 skenv_link <-> su.(skenv) m0 (System.skenv skenv_link); system_axiom: forall ef skenv0 su0 args0 tr v_ret m_ret (CSTYLE: Args.is_cstyle args0) (ARGS: su0.(args) args0) - (SKE: skenv su0 args0.(Args.m) skenv0) - (EXT: (external_call ef) skenv0 args0.(Args.vs) args0.(Args.m) tr v_ret m_ret), - exists su1, <> /\ <> /\ <>; + (SKE: skenv su0 (Args.m args0) skenv0) + (EXT: (external_call ef) skenv0 (Args.vs args0) (Args.m args0) tr v_ret m_ret), + exists su1, <> /\ <> /\ <>; }. Section SOUND. diff --git a/proof/SoundProduct.v b/proof/SoundProduct.v index 51ae0903..76295fed 100644 --- a/proof/SoundProduct.v +++ b/proof/SoundProduct.v @@ -25,13 +25,13 @@ Section SOUNDPRODUCT. Global Program Instance sound_class_product: Sound.class := { Sound.t := SU0.(@Sound.t) * SU1.(@Sound.t); - Sound.mle su0 m0 m1 := SU0.(@Sound.mle) su0.(fst) m0 m1 /\ SU1.(@Sound.mle) su0.(snd) m0 m1; - Sound.lepriv su0 su1 := SU0.(@Sound.lepriv) su0.(fst) su1.(fst) /\ SU1.(@Sound.lepriv) su0.(snd) su1.(snd); - Sound.hle su0 su1 := SU0.(@Sound.hle) su0.(fst) su1.(fst) /\ SU1.(@Sound.hle) su0.(snd) su1.(snd); - Sound.wf su0 := SU0.(@Sound.wf) su0.(fst) /\ SU1.(@Sound.wf) su0.(snd); - Sound.val su0 v := SU0.(@Sound.val) su0.(fst) v /\ SU1.(@Sound.val) su0.(snd) v; - Sound.mem su0 m := SU0.(@Sound.mem) su0.(fst) m /\ SU1.(@Sound.mem) su0.(snd) m; - Sound.skenv su0 m ske := SU0.(@Sound.skenv) su0.(fst) m ske /\ SU1.(@Sound.skenv) su0.(snd) m ske + Sound.mle su0 m0 m1 := SU0.(@Sound.mle) (fst su0) m0 m1 /\ SU1.(@Sound.mle) (snd su0) m0 m1; + Sound.lepriv su0 su1 := SU0.(@Sound.lepriv) (fst su0) (fst su1) /\ SU1.(@Sound.lepriv) (snd su0) (snd su1); + Sound.hle su0 su1 := SU0.(@Sound.hle) (fst su0) (fst su1) /\ SU1.(@Sound.hle) (snd su0) (snd su1); + Sound.wf su0 := SU0.(@Sound.wf) (fst su0) /\ SU1.(@Sound.wf) (snd su0); + Sound.val su0 v := SU0.(@Sound.val) (fst su0) v /\ SU1.(@Sound.val) (snd su0) v; + Sound.mem su0 m := SU0.(@Sound.mem) (fst su0) m /\ SU1.(@Sound.mem) (snd su0) m; + Sound.skenv su0 m ske := SU0.(@Sound.skenv) (fst su0) m ske /\ SU1.(@Sound.skenv) (snd su0) m ske } . Next Obligation. @@ -138,12 +138,12 @@ Section SOUNDPRODUCT. (PRSV0: @local_preservation SU0 ms sound_state0) (PRSV1: @local_preservation SU1 ms sound_state1): < sound_state0 su.(fst) m st /\ sound_state1 su.(snd) m st)>>. + (fun su m st => sound_state0 (fst su) m st /\ sound_state1 (snd su) m st)>>. Proof. inv PRSV0. inv PRSV1. econs; eauto. - clear - INIT INIT0. ii. ss. - specialize (INIT su_init.(fst)). - specialize (INIT0 su_init.(snd)). + specialize (INIT (fst su_init)). + specialize (INIT0 (snd su_init)). split; ss. + eapply INIT; eauto. { destruct su_init; ss. eapply sound_args_iff in SUARG; eauto. ss; des; ss. } @@ -152,7 +152,7 @@ Section SOUNDPRODUCT. { destruct su_init; ss. eapply sound_args_iff in SUARG; eauto. des. ss. } { destruct su_init; ss. eapply sound_skenv_iff in SKENV; eauto. ss; des; ss. } - clear - STEP STEP0. ii. ss. des. - specialize (STEP m_arg su0.(fst)). specialize (STEP0 m_arg su0.(snd)). + specialize (STEP m_arg (fst su0)). specialize (STEP0 m_arg (snd su0)). split; ss. + eapply STEP; eauto. + eapply STEP0; eauto. @@ -167,7 +167,7 @@ Section SOUNDPRODUCT. + eapply K; eauto. destruct su_ret; ss. eapply sound_retv_iff in RETV. des; ss. + eapply K0; eauto. destruct su_ret; ss. eapply sound_retv_iff in RETV. des; ss. - clear - RET RET0. ii. ss. des. - specialize (RET m_arg su0.(fst)). specialize (RET0 m_arg su0.(snd)). + specialize (RET m_arg (fst su0)). specialize (RET0 m_arg (snd su0)). exploit RET; eauto. i; des. exploit RET0; eauto. i; des. exists (su_ret, su_ret0). esplits; eauto. eapply sound_retv_iff. ss. diff --git a/proof/StoreArgumentsProps.v b/proof/StoreArgumentsProps.v index 030c6d41..34d43f6e 100644 --- a/proof/StoreArgumentsProps.v +++ b/proof/StoreArgumentsProps.v @@ -19,7 +19,7 @@ Definition agree (j: meminj) (rs0 rs1: Mach.regset) : Prop := forall mr, Val.inject j (rs0 mr) (rs1 mr). Lemma typesize_chunk: forall ty, - size_chunk (chunk_of_type ty) = 4 * ty.(typesize). + size_chunk (chunk_of_type ty) = 4 * (typesize ty). Proof. destruct ty; ss. Qed. Section STOREARGUMENTS_PROPERTY. diff --git a/proof/UnreachC.v b/proof/UnreachC.v index e4e6144a..22c23315 100644 --- a/proof/UnreachC.v +++ b/proof/UnreachC.v @@ -44,7 +44,7 @@ Definition val' (su: Unreach.t) (v: val): Prop := forall blk ofs (PTR: v = Vptr blk ofs), ~su blk /\ (blk < su.(nb))%positive. Definition memval' (su: Unreach.t) (mv: memval): Prop := - forall v q n (PTR: mv = Fragment v q n), su.(val') v. + forall v q n (PTR: mv = Fragment v q n), (val' su) v. Inductive mem': Unreach.t -> Memory.mem -> Prop := | mem'_intro @@ -52,8 +52,8 @@ Inductive mem': Unreach.t -> Memory.mem -> Prop := (SOUND: forall blk ofs (PUB: ~ su blk) (PERM: Mem.perm m0 blk ofs Cur Readable), (* <------------ Cur? *) - su.(memval') (ZMap.get ofs (Mem.mem_contents m0) !! blk)) - (BOUND: su.(Unreach.unreach) <1= m0.(Mem.valid_block)) + (memval' su) (ZMap.get ofs (Mem.mem_contents m0) !! blk)) + (BOUND: su.(Unreach.unreach) <1= (Mem.valid_block m0)) (* (BOUND: Ple su.(Unreach.nb) m0.(Mem.nextblock)) *) (GENB: Ple su.(Unreach.ge_nb) m0.(Mem.nextblock)) (NB: su.(Unreach.nb) = m0.(Mem.nextblock)): @@ -75,7 +75,7 @@ Qed. Definition args' (su: Unreach.t) (args0: Args.t) := (<>) - /\ (<>) + /\ (<>) /\ (<>) (* /\ (<>) *) (* /\ (<>) *) @@ -181,12 +181,12 @@ Inductive J: positive -> Unreach.t -> nat -> Prop := fuel su n (PRED: J fuel su n) (TRUE: su fuel = true): - J fuel.(Pos.succ) su (2 * n + 1) + J (Pos.succ fuel) su (2 * n + 1) | J_false fuel su n (PRED: J fuel su n) (FALSE: su fuel = false): - J fuel.(Pos.succ) su (2 * n). + J (Pos.succ fuel) su (2 * n). Let eta x0 x1 @@ -238,7 +238,7 @@ Qed. Let J_bound: forall fuel x n (J: J fuel x n), - (n <= 3 ^ fuel.(Pos.to_nat))%nat. + (n <= 3 ^ (Pos.to_nat fuel))%nat. Proof. intro fuel. pattern fuel. eapply Pos.peano_ind; clear fuel; i. { inv J0; try xomega. } @@ -356,7 +356,7 @@ Definition loadable_init_data (m: mem) (ske: SkEnv.t) (b: block) (p: Z) (id: ini | Init_float32 n => Mem.load Mfloat32 m b p = Some (Vsingle n) | Init_float64 n => Mem.load Mfloat64 m b p = Some (Vfloat n) | Init_addrof symb ofs => - match ske.(Genv.find_symbol) symb with + match (Genv.find_symbol ske) symb with | None => False | Some b' => Mem.load Mptr m b p = Some (Vptr b' ofs) end @@ -403,9 +403,9 @@ Qed. Definition romem_for_ske (ske: SkEnv.t): ident -> option ablock := fun id => - match ske.(Genv.find_symbol) id with + match (Genv.find_symbol ske) id with | Some blk => - match ske.(Genv.find_var_info) blk with + match (Genv.find_var_info ske) blk with | Some gv => (* if <> && <> *) (* && <> *) @@ -421,8 +421,8 @@ Definition romem_for_ske (ske: SkEnv.t): ident -> option ablock := Lemma romem_for_ske_complete blk ske id gv - (SYMB: ske.(Genv.find_symbol) id = Some blk) - (VAR: ske.(Genv.find_var_info) blk = Some gv) + (SYMB: (Genv.find_symbol ske) id = Some blk) + (VAR: (Genv.find_var_info ske) blk = Some gv) (RO: gv.(gvar_readonly) = true) (VOL: gv.(gvar_volatile) = false) (DEFI: definitive_initializer gv.(gvar_init) = true): @@ -484,7 +484,7 @@ Qed. Inductive skenv (su: Unreach.t) (m0: mem) (ske: SkEnv.t): Prop := | skenv_intro (PUB: su.(ge_nb) = ske.(Genv.genv_next)) - (ROMATCH: romatch_ske ske.(ske2bc) m0 (romem_for_ske ske)) + (ROMATCH: romatch_ske (ske2bc ske) m0 (romem_for_ske ske)) (NB: Ple ske.(Genv.genv_next) m0.(Mem.nextblock)). (* Lemma loadbytes_loadable *) @@ -725,7 +725,7 @@ Next Obligation. - econs; eauto. rpapply ROMATCH; ss. Qed. Next Obligation. - assert(T: <> /\ <> /\ <> /\ <>). + assert(T: <> /\ <> /\ <> /\ <>). { des_ifs. } clear ARGS. des. (* des. rename H into VAL. rename H0 into VALS. rename H1 into MEM. rename H2 into WF. *) @@ -788,7 +788,7 @@ Proof. ii. eapply mle_monotone; try eassumption; eauto. r in LE. des; ss. Qed. -Definition get_greatest (su0: t) (args: Args.t) := greatest le' (fun su => <> /\ su.(args') args). +Definition get_greatest (su0: t) (args: Args.t) := greatest le' (fun su => <> /\ (args' su) args). Lemma greatest_dtm: forall args0 su0 su_gr0 su_gr1 (GR0: get_greatest su0 args0 su_gr0) @@ -829,7 +829,7 @@ Proof. { hexploit BOUND0; eauto. i. r in H4. xomega. } { hexploit BOUND; eauto. i. r in H4. xomega. } + ii. eapply J_func. - + i. exists (3 ^ (m.(Mem.nextblock)).(Pos.to_nat))%nat. i. eapply J_bound; eauto. + + i. exists (3 ^ (Pos.to_nat (m.(Mem.nextblock))))%nat. i. eapply J_bound; eauto. - ii. eapply lubclosed; try apply LUB; eauto. - esplits; eauto. rr in INHAB0; ss. des_ifs; ss. Qed. diff --git a/selfsim/AsmStepExt.v b/selfsim/AsmStepExt.v index dd6c98a1..0b6f420f 100644 --- a/selfsim/AsmStepExt.v +++ b/selfsim/AsmStepExt.v @@ -489,27 +489,20 @@ Section ASMSTEP. * apply nextinstr_agree. unfold compare_longs. (repeat eapply agree_step; eauto); agree_invs AGREE. + esplits; eauto. * econs; eauto; ss. - repeat erewrite (@eval_testcond_ext rs_src0 rs_tgt0); ss; eauto. - unfold goto_label, nextinstr. repeat f_equal. - * repeat (eapply agree_step; eauto); ss. unfold Pregmap.set. des_ifs. - cinv (AGREE PC); ss. + * exploit eval_testcond_ext; eauto. intro T. rewrite T. + repeat (eapply agree_step; eauto); ss. + eapply Val_offset_ptr_lessdef; eauto. + eapply AGREE. + esplits; eauto. * econs; eauto; ss. - repeat erewrite (@eval_testcond_ext rs_src0 rs_tgt0); ss; eauto. - unfold goto_label, nextinstr. repeat f_equal. - * repeat (eapply agree_step; eauto); ss. - cinv (AGREE PC); eauto. + * exploit eval_testcond_ext; eauto. intro T. rewrite T. + repeat (eapply agree_step; eauto); ss. + eapply Val_offset_ptr_lessdef; eauto. + eapply AGREE. + esplits; eauto. * econs; eauto; ss. - instantiate (1 := match eval_testcond c rs_tgt0 with - | Some true => (nextinstr rs_tgt0 # rd <- (rs_tgt0 r1)) - | Some false => (nextinstr rs_tgt0) - | None => (nextinstr rs_tgt0 # rd <- Vundef) - end). - des_ifs; eauto. * unfold nextinstr. des_ifs; ss; repeat eapply agree_step; eauto; try (by repeat (rewrite Pregmap.gso; [| ii; clarify]); cinv (AGREE PC); eauto). - unfold Pregmap.set. ii. des_ifs; eauto. + esplits; eauto. * econs; eauto; ss. * repeat (eapply agree_step; eauto); ss. diff --git a/selfsim/AsmStepInj.v b/selfsim/AsmStepInj.v index 131a62cb..aa96dc07 100644 --- a/selfsim/AsmStepInj.v +++ b/selfsim/AsmStepInj.v @@ -174,10 +174,10 @@ Section ASMSTEP. Lemma mem_free_inject j m_src0 m_tgt0 m_src1 ofs_src ofs_tgt blk_src blk_tgt sz (INJ: Mem.inject j m_src0 m_tgt0) (VAL: Val.inject j (Vptr blk_src ofs_src) (Vptr blk_tgt ofs_tgt)) - (FREE: Mem.free m_src0 blk_src ofs_src.(Ptrofs.unsigned) (ofs_src.(Ptrofs.unsigned) + sz) = Some m_src1): + (FREE: Mem.free m_src0 blk_src (Ptrofs.unsigned ofs_src) (Ptrofs.unsigned (ofs_src) + sz) = Some m_src1): exists m_tgt1, (<>) /\ - (<>) /\ + (<>) /\ (<>) /\ (<>). Proof. @@ -897,36 +897,28 @@ Section ASMSTEP. * refl. + esplits; eauto. * econs; eauto; ss. - repeat erewrite (@eval_testcond_inj rs_src0 rs_tgt0); ss; eauto. - unfold goto_label, nextinstr. repeat f_equal. - * repeat (eapply agree_step; eauto); ss. + * exploit eval_testcond_inj; eauto. intro T. rewrite T. + repeat (eapply agree_step; eauto); ss. eapply Val.offset_ptr_inject. apply agree_step; eauto. * eapply inject_separated_refl. * refl. * refl. + esplits; eauto. * econs; eauto; ss. - repeat erewrite (@eval_testcond_inj rs_src0 rs_tgt0); ss; eauto. - unfold goto_label, nextinstr. repeat f_equal. - * repeat (eapply agree_step; eauto); ss. + * exploit eval_testcond_inj; eauto. intro T. rewrite T. + repeat (eapply agree_step; eauto); ss. eapply Val.offset_ptr_inject. eauto. + eapply AGREE. * eapply inject_separated_refl. * refl. * refl. + esplits; eauto. * econs; eauto; ss. - instantiate (1 := match eval_testcond c rs_tgt0 with - | Some true => (nextinstr rs_tgt0 # rd <- (rs_tgt0 r1)) - | Some false => (nextinstr rs_tgt0) - | None => (nextinstr rs_tgt0 # rd <- Vundef) - end). - des_ifs; eauto. * unfold nextinstr. des_ifs; ss; repeat eapply agree_step; eauto. -- apply Val.offset_ptr_inject. repeat (rewrite Pregmap.gso; [| ii; clarify]). eauto. -- unfold Pregmap.set. ii. des_ifs; eauto. - -- apply Val.offset_ptr_inject. - repeat (rewrite Pregmap.gso; [| ii; clarify]). eauto. + eapply Val.offset_ptr_inject. eapply AGREE. -- apply Val.offset_ptr_inject. repeat (rewrite Pregmap.gso; [| ii; clarify]). eauto. * eapply inject_separated_refl. diff --git a/selfsim/ClightStepExt.v b/selfsim/ClightStepExt.v index 65dd8741..49b13532 100644 --- a/selfsim/ClightStepExt.v +++ b/selfsim/ClightStepExt.v @@ -411,7 +411,7 @@ End CLIGHTEXT. Lemma match_states_clight_get_mem st_src st_tgt j m_src m_tgt (MATCH: match_states_clight_internal st_src st_tgt j m_src m_tgt): - (<>) /\ (<>). + (<>) /\ (<>). Proof. inv MATCH; ss. Qed. Definition flattize_inj (j: meminj): meminj := diff --git a/selfsim/ClightStepInj.v b/selfsim/ClightStepInj.v index 771582c9..eb8a1a94 100644 --- a/selfsim/ClightStepInj.v +++ b/selfsim/ClightStepInj.v @@ -27,7 +27,7 @@ Local Opaque Z.mul Z.add Z.sub Z.div. Lemma clight_step_readonly se ge st0 st1 tr (STEP: step se ge (function_entry2 ge) st0 tr st1): - Mem.unchanged_on (loc_not_writable st0.(get_mem)) st0.(get_mem) st1.(get_mem). + Mem.unchanged_on (loc_not_writable (get_mem st0)) (get_mem st0) (get_mem st1). Proof. inv STEP; ss; try refl; try (by eapply mem_free_list_readonly; eauto); try (by eapply external_call_readonly; eauto). - inv H2. @@ -207,7 +207,7 @@ Section CLIGHTINJ. { replace (sizeof ce ty) with (Z.of_nat (List.length bytes)). - eapply Mem.range_perm_implies; try eapply perm_any_N. eapply Mem.storebytes_range_perm; eauto. - exploit Mem.loadbytes_length; try apply H3; eauto. intros LEN. - rewrite LEN. apply nat_of_Z_eq. omega. } + rewrite LEN. rewrite Z2Nat.id; try omega. } assert (PSRC: Mem.perm (SimMemInj.src sm0) b' (Ptrofs.unsigned ofs') Cur Nonempty) by (apply RPSRC; omega). assert (PDST: Mem.perm (SimMemInj.src sm0) blk_src (Ptrofs.unsigned ofs_src) Cur Nonempty) by (apply RPDST; omega). exploit Mem.address_inject; try apply PSRC; eauto. intros EQ1. diff --git a/selfsim/IdSimAsm.v b/selfsim/IdSimAsm.v index 863d3ecf..bc264a3f 100644 --- a/selfsim/IdSimAsm.v +++ b/selfsim/IdSimAsm.v @@ -41,11 +41,11 @@ Local Opaque Z.mul Z.add Z.sub Z.div. Lemma asm_id (asm: Asm.program) - (WF: Sk.wf asm.(module)): + (WF: Sk.wf (module asm)): exists mp, (<>) - /\ (<>) - /\ (<>). + /\ (<>) + /\ (<>). Proof. eapply any_id; eauto. Qed. @@ -68,18 +68,18 @@ Section LOCALPRIV. | has_footprint_intro su0 blk1 ofs init_rs (rs0: regset) m_unused m1 sg - (SIG: exists skd, skenv_link.(Genv.find_funct) (rs0 # PC) + (SIG: exists skd, (Genv.find_funct skenv_link) (rs0 # PC) = Some skd /\ Sk.get_csig skd = Some sg) (RSP: rs0 RSP = Vptr blk1 ofs) - (FREEABLE: Mem.range_perm m1 blk1 (ofs.(Ptrofs.unsigned)) - (ofs.(Ptrofs.unsigned) + 4 * (size_arguments sg)) + (FREEABLE: Mem.range_perm m1 blk1 (Ptrofs.unsigned (ofs)) + (Ptrofs.unsigned (ofs) + 4 * (size_arguments sg)) Cur Freeable) (VALID: Mem.valid_block m1 blk1) (PUB: ~ su0.(Unreach.unreach) blk1): has_footprint (mkstate init_rs (State rs0 m_unused)) su0 m1 | has_footprint_asmstyle su0 init_rs (rs0: regset) m_unused m1 - (SIG: exists skd, skenv_link.(Genv.find_funct) (rs0 # PC) + (SIG: exists skd, (Genv.find_funct skenv_link) (rs0 # PC) = Some skd /\ Sk.get_csig skd = None) : has_footprint (mkstate init_rs (State rs0 m_unused)) su0 m1. @@ -88,21 +88,21 @@ Section LOCALPRIV. | mle_excl_intro init_rs rs0 m_unused (su0: Unreach.t) m0 m1 blk1 sg ofs1 - (SIG: exists skd, skenv_link.(Genv.find_funct) (rs0 # PC) + (SIG: exists skd, (Genv.find_funct skenv_link) (rs0 # PC) = Some skd /\ Sk.get_csig skd = Some sg) (RSP: rs0 RSP = Vptr blk1 ofs1) UNFR - (UNFRDEF: UNFR = (brange blk1 ofs1.(Ptrofs.unsigned) - (ofs1.(Ptrofs.unsigned) + 4 * (size_arguments sg)))) + (UNFRDEF: UNFR = (brange blk1 (Ptrofs.unsigned ofs1) + (Ptrofs.unsigned (ofs1) + 4 * (size_arguments sg)))) (PERM: forall blk ofs - (VALID: m0.(Mem.valid_block) blk) + (VALID: (Mem.valid_block m0) blk) (UNFREE: ~ UNFR blk ofs), - m1.(Mem.perm) blk ofs Max <1= m0.(Mem.perm) blk ofs Max) + (Mem.perm m1) blk ofs Max <1= (Mem.perm m0) blk ofs Max) (UNCH: Mem.unchanged_on (~2 UNFR) m0 m1): mle_excl (mkstate init_rs (State rs0 m_unused)) su0 m0 m1 | mle_excl_asmstyle init_rs rs0 m_unused (su0: Unreach.t) m0 m1 - (SIG: exists skd, skenv_link.(Genv.find_funct) (rs0 # PC) + (SIG: exists skd, (Genv.find_funct skenv_link) (rs0 # PC) = Some skd /\ Sk.get_csig skd = None) (MEM: m0 = m1): mle_excl (mkstate init_rs (State rs0 m_unused)) su0 m0 m1. @@ -656,11 +656,11 @@ End LOCALPRIV. Lemma asm_ext_unreach (asm: Asm.program) - (WF: Sk.wf asm.(module)): + (WF: Sk.wf (module asm)): exists mp, (<>) - /\ (<>) - /\ (<>). + /\ (<>) + /\ (<>). Proof. eexists (ModPair.mk _ _ _); s. assert(PROGSKEL: match_program (fun _ => eq) eq (Sk.of_program fn_sig asm) (Sk.of_program fn_sig asm)). @@ -946,11 +946,11 @@ Qed. (* It's ***exactly*** same as asm_ext_sound *) Lemma asm_ext_top (asm: Asm.program) - (WF: Sk.wf asm.(module)): + (WF: Sk.wf (module asm)): exists mp, (<>) - /\ (<>) - /\ (<>). + /\ (<>) + /\ (<>). Proof. eexists (ModPair.mk _ _ _); s. assert(PROGSKEL: match_program (fun _ => eq) eq (Sk.of_program fn_sig asm) (Sk.of_program fn_sig asm)). @@ -1272,11 +1272,11 @@ Inductive match_states Lemma asm_inj_drop_bot (asm: Asm.program) - (WF: Sk.wf asm.(module)): + (WF: Sk.wf (module asm)): exists mp, (<>) - /\ (<>) - /\ (<>) + /\ (<>) + /\ (<>) /\ (<>). Proof. eexists (ModPair.mk _ _ _); s. esplits; eauto. econs; ss; i. @@ -1745,22 +1745,22 @@ Qed. Lemma asm_inj_drop (asm: Asm.program) - (WF: Sk.wf asm.(module)): + (WF: Sk.wf (module asm)): exists mp, (<>) - /\ (<>) - /\ (<>). + /\ (<>) + /\ (<>). Proof. exploit asm_inj_drop_bot; eauto. i. des. eauto. Qed. Lemma asm_inj_id (asm: Asm.program) - (WF: Sk.wf asm.(module)): + (WF: Sk.wf (module asm)): exists mp, (<>) - /\ (<>) - /\ (<>). + /\ (<>) + /\ (<>). Proof. eapply sim_inj_drop_bot_id; eauto. apply asm_inj_drop_bot; auto. Qed. diff --git a/selfsim/IdSimClight.v b/selfsim/IdSimClight.v index 9b77f9d2..12187eb7 100644 --- a/selfsim/IdSimClight.v +++ b/selfsim/IdSimClight.v @@ -28,22 +28,22 @@ Local Opaque Z.mul Z.add Z.sub Z.div. Lemma clight_id (clight: Clight.program) - (WF: Sk.wf clight.(module2)): + (WF: Sk.wf (module2 clight)): exists mp, (<>) - /\ (<>) - /\ (<>). + /\ (<>) + /\ (<>). Proof. eapply any_id; eauto. Qed. Lemma clight_ext_unreach (clight: Clight.program) - (WF: Sk.wf clight.(module2)): + (WF: Sk.wf (module2 clight)): exists mp, (<>) - /\ (<>) - /\ (<>). + /\ (<>) + /\ (<>). Proof. eexists (ModPair.mk _ _ _); s. esplits; eauto. instantiate (1:=(SimSymbId.mk _ _)). econs; ss; i. destruct SIMSKENVLINK. @@ -91,11 +91,11 @@ Qed. Lemma clight_ext_top (clight: Clight.program) - (WF: Sk.wf clight.(module2)): + (WF: Sk.wf (module2 clight)): exists mp, (<>) - /\ (<>) - /\ (<>). + /\ (<>) + /\ (<>). Proof. eexists (ModPair.mk _ _ _); s. esplits; eauto. instantiate (1:=(SimSymbId.mk _ _)). econs; ss; i. destruct SIMSKENVLINK. @@ -145,12 +145,12 @@ Qed. Lemma clight_inj_drop_bot (clight: Clight.program) - (WF: Sk.wf clight.(module2)): + (WF: Sk.wf (module2 clight)): exists mp, (<>) - /\ (<>) - /\ (<>) - /\ (<>). + /\ (<>) + /\ (<>) + /\ (<>). Proof. eexists (ModPair.mk _ _ _); s. esplits; eauto. econs; ss; i. { econs; ss; i; clarify. inv WF. auto. } @@ -206,22 +206,22 @@ Qed. Lemma clight_inj_drop (clight: Clight.program) - (WF: Sk.wf clight.(module2)): + (WF: Sk.wf (module2 clight)): exists mp, (<>) - /\ (<>) - /\ (<>). + /\ (<>) + /\ (<>). Proof. exploit clight_inj_drop_bot; eauto. i. des. eauto. Qed. Lemma clight_inj_id (clight: Clight.program) - (WF: Sk.wf clight.(module2)): + (WF: Sk.wf (module2 clight)): exists mp, (<>) - /\ (<>) - /\ (<>). + /\ (<>) + /\ (<>). Proof. eapply sim_inj_drop_bot_id. apply clight_inj_drop_bot; auto. Qed. diff --git a/x86/AsmC.v b/x86/AsmC.v index 16aea0f2..f54c7567 100644 --- a/x86/AsmC.v +++ b/x86/AsmC.v @@ -45,8 +45,8 @@ Section MODSEM. Variable skenv_link: SkEnv.t. Variable p: program. - Let skenv: SkEnv.t := skenv_link.(SkEnv.project) p.(Sk.of_program fn_sig). - Let ge: genv := skenv.(SkEnv.revive) p. + Let skenv: SkEnv.t := (SkEnv.project skenv_link) (Sk.of_program fn_sig p). + Let ge: genv := (SkEnv.revive skenv) p. Record state := mkstate { init_rs: regset; @@ -63,14 +63,14 @@ Section MODSEM. fptr rs m0 m1 sg vs blk1 ofs init_rs (FPTR: rs # PC = fptr) (EXTERNAL: Genv.find_funct ge fptr = None) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr = Some skd /\ Sk.get_csig skd = Some sg) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr = Some skd /\ Sk.get_csig skd = Some sg) (RAPTR: <> /\ < Vundef>>) (VALS: Asm.extcall_arguments rs m0 sg vs) (RSP: rs RSP = Vptr blk1 ofs) (ARGSRANGE: Ptrofs.unsigned ofs + 4 * size_arguments sg <= Ptrofs.max_unsigned) (ALIGN: forall chunk (CHUNK: size_chunk chunk <= 4 * (size_arguments sg)), - (align_chunk chunk | ofs.(Ptrofs.unsigned))) - (FREE: Mem.free m0 blk1 ofs.(Ptrofs.unsigned) (ofs.(Ptrofs.unsigned) + 4 * (size_arguments sg)) = Some m1) + (align_chunk chunk | (Ptrofs.unsigned ofs))) + (FREE: Mem.free m0 blk1 (Ptrofs.unsigned ofs) (Ptrofs.unsigned (ofs) + 4 * (size_arguments sg)) = Some m1) : at_external (mkstate init_rs (State rs m0)) (Args.Cstyle fptr vs m1) | at_external_asmstyle @@ -78,7 +78,7 @@ Section MODSEM. init_rs (FPTR: rs # PC = fptr) (EXTERNAL: Genv.find_funct ge fptr = None) - (SIG: exists skd, skenv_link.(Genv.find_funct) fptr = Some skd /\ Sk.get_csig skd = None) + (SIG: exists skd, (Genv.find_funct skenv_link) fptr = Some skd /\ Sk.get_csig skd = None) (RAPTR: <> /\ < Vundef>>) : at_external (mkstate init_rs (State rs m0)) (Args.Asmstyle rs m0) @@ -123,21 +123,21 @@ Section MODSEM. Inductive final_frame: state -> Retv.t -> Prop := | final_frame_cstyle (init_rs rs: regset) m0 m1 blk sg mr - (INITSIG: exists fd, ge.(Genv.find_funct) (init_rs # PC) = Some (Internal fd) /\ fd.(fn_sig) = sg /\ sg.(sig_cstyle) = true) + (INITSIG: exists fd, (Genv.find_funct ge) (init_rs # PC) = Some (Internal fd) /\ fd.(fn_sig) = sg /\ sg.(sig_cstyle) = true) (EXTERNAL: external_state ge (rs # PC)) (RSRA: rs # PC = init_rs # RA) (RANOTFPTR: Genv.find_funct skenv_link (init_rs RA) = None) (CALLEESAVE: forall mr, Conventions1.is_callee_save mr -> - Val.lessdef (init_rs mr.(to_preg)) (rs mr.(to_preg))) + Val.lessdef (init_rs (to_preg mr)) (rs (to_preg mr))) (INITRSP: init_rs # RSP = Vptr blk Ptrofs.zero) (RSRSP: rs # RSP = init_rs # RSP) (FREE: Mem.free m0 blk 0 (4 * size_arguments sg) = Some m1) (RETV: loc_result sg = One mr) : - final_frame (mkstate init_rs (State rs m0)) (Retv.Cstyle (rs mr.(to_preg)) m1) + final_frame (mkstate init_rs (State rs m0)) (Retv.Cstyle (rs (to_preg mr)) m1) | final_frame_asmstyle (init_rs rs: regset) m0 - (INITSIG: exists fd, ge.(Genv.find_funct) (init_rs # PC) = Some (Internal fd) /\ fd.(fn_sig).(sig_cstyle) = false) + (INITSIG: exists fd, (Genv.find_funct ge) (init_rs # PC) = Some (Internal fd) /\ fd.(fn_sig).(sig_cstyle) = false) (EXTERNAL: external_state ge (rs # PC)) (RSRA: rs # PC = init_rs # RA) (RANOTFPTR: Genv.find_funct skenv_link (init_rs RA) = None) @@ -149,18 +149,18 @@ Section MODSEM. | after_external_cstyle init_rs rs0 m0 rs1 m1 retv retv_v retv_m sg blk ofs (CSTYLE: retv = (Retv.Cstyle retv_v retv_m)) - (SIG: exists skd, skenv_link.(Genv.find_funct) (rs0 # PC) + (SIG: exists skd, (Genv.find_funct skenv_link) (rs0 # PC) = Some skd /\ Sk.get_csig skd = Some sg) (RS: rs1 = (set_pair (loc_external_result sg) retv_v (regset_after_external rs0)) #PC <- (rs0 RA)) (RSRSP: rs0 RSP = Vptr blk ofs) - (UNFREE: Mem_unfree retv_m blk ofs.(Ptrofs.unsigned) (ofs.(Ptrofs.unsigned) + 4 * (size_arguments sg)) = Some m1): + (UNFREE: Mem_unfree retv_m blk (Ptrofs.unsigned ofs) (Ptrofs.unsigned (ofs) + 4 * (size_arguments sg)) = Some m1): after_external (mkstate init_rs (State rs0 m0)) retv (mkstate init_rs (State rs1 m1)) | after_external_asmstyle init_rs rs0 m0 rs1 retv retv_rs retv_m (ASMSTYLE: retv = (Retv.Asmstyle retv_rs retv_m)) - (SIG: exists skd, skenv_link.(Genv.find_funct) (rs0 # PC) = Some skd /\ Sk.get_csig skd = None) + (SIG: exists skd, (Genv.find_funct skenv_link) (rs0 # PC) = Some skd /\ Sk.get_csig skd = None) (RS: rs1 = retv_rs # PC <- (rs0 # RA)) : after_external (mkstate init_rs (State rs0 m0)) diff --git a/x86/AsmgenproofC.v b/x86/AsmgenproofC.v index 558312ee..d283d623 100644 --- a/x86/AsmgenproofC.v +++ b/x86/AsmgenproofC.v @@ -24,21 +24,21 @@ Variable prog: Mach.program. Variable tprog: Asm.program. Let md_src: Mod.t := (MachC.module prog return_address_offset). Let md_tgt: Mod.t := (AsmC.module tprog). -Hypothesis (INCLSRC: SkEnv.includes skenv_link md_src.(Mod.sk)). -Hypothesis (INCLTGT: SkEnv.includes skenv_link md_tgt.(Mod.sk)). +Hypothesis (INCLSRC: SkEnv.includes skenv_link (Mod.sk md_src)). +Hypothesis (INCLTGT: SkEnv.includes skenv_link (Mod.sk md_tgt)). Hypothesis (WF: SkEnv.wf skenv_link). Hypothesis TRANSF: match_prog prog tprog. -Let ge := (SkEnv.revive (SkEnv.project skenv_link md_src.(Mod.sk)) prog). -Let tge := (SkEnv.revive (SkEnv.project skenv_link md_tgt.(Mod.sk)) tprog). +Let ge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_src)) prog). +Let tge := (SkEnv.revive (SkEnv.project skenv_link (Mod.sk md_tgt)) tprog). Variable sm_link: SimMem.t. Definition msp: ModSemPair.t := ModSemPair.mk (SM := SimMemExt) - (md_src.(Mod.modsem) skenv_link) - (md_tgt.(Mod.modsem) skenv_link) + (Mod.modsem (md_src) skenv_link) + (Mod.modsem (md_tgt) skenv_link) (SimSymbId.mk md_src md_tgt) sm_link. Definition get_rs (ms: Mach.state) : Mach.regset := @@ -72,7 +72,7 @@ Inductive match_init_data init_sp init_ra (INITRA: init_ra = init_rs_tgt RA) (INITRAPTR: <> /\ < Vundef>>) (INITRS: agree_eq init_rs_src init_sp init_rs_tgt init_sg_src ) - (SIG: exists fd, tge.(Genv.find_funct) (init_rs_tgt PC) = Some (Internal fd) /\ fd.(fn_sig) = init_sg_src /\ init_sg_src.(sig_cstyle)). + (SIG: exists fd, (Genv.find_funct tge) (init_rs_tgt PC) = Some (Internal fd) /\ fd.(fn_sig) = init_sg_src /\ init_sg_src.(sig_cstyle)). Inductive stack_base (initial_parent_sp initial_parent_ra: val): list Mach.stackframe -> Prop := | stack_base_dummy: @@ -99,8 +99,8 @@ Inductive match_states init_sp init_ra st_src0.(MachC.init_rs) st_src0.(init_sg) st_tgt0.(init_rs)) (MATCHST: Asmgenproof.match_states ge st_src0.(MachC.st) st_tgt0) (* (SPPTR: ValuesC.is_real_ptr (st_tgt0.(init_rs) RSP)) *) - (MCOMPATSRC: st_src0.(MachC.st).(MachC.get_mem) = sm0.(SimMem.src)) - (MCOMPATTGT: st_tgt0.(get_mem) = sm0.(SimMem.tgt)) + (MCOMPATSRC: (MachC.get_mem st_src0.(MachC.st)) = sm0.(SimMem.src)) + (MCOMPATTGT: (get_mem st_tgt0) = sm0.(SimMem.tgt)) (IDX: measure st_src0.(MachC.st) = idx). Lemma asm_step_dstep init_rs st0 st1 tr @@ -129,8 +129,8 @@ Proof. Qed. Theorem make_match_genvs : - SimSymbId.sim_skenv (SkEnv.project skenv_link md_src.(Mod.sk)) - (SkEnv.project skenv_link md_tgt.(Mod.sk)) -> + SimSymbId.sim_skenv (SkEnv.project skenv_link (Mod.sk md_src)) + (SkEnv.project skenv_link (Mod.sk md_tgt)) -> Genv.match_genvs (match_globdef (fun _ f tf => transf_fundef f = OK tf) eq prog) ge tge. Proof. subst_locals. eapply SimSymbId.sim_skenv_revive; eauto. Qed. @@ -360,7 +360,7 @@ Proof. } rewrite <- INITRS. rewrite <- INITFPTR. auto. * right. split; eauto. apply star_refl. - * instantiate (1 := SimMemExt.mk (MachC.get_mem (MachC.st st_src1)) st_tgt0.(st).(get_mem)). + * instantiate (1 := SimMemExt.mk (MachC.get_mem (MachC.st st_src1)) (get_mem st_tgt0.(st))). econs; ss; eauto. { instantiate (1:=init_rs st_tgt0 RSP). destruct st_src0, st_src1. clear - STEP STACKWF NOTDUMMY. inv STEP; ss; clarify. diff --git a/x86/AsmregsC.v b/x86/AsmregsC.v index ca10e9f3..4b0d3f32 100644 --- a/x86/AsmregsC.v +++ b/x86/AsmregsC.v @@ -11,8 +11,8 @@ Set Implicit Arguments. Lemma to_mreg_injective pr0 pr1 - (SOME: is_some (pr0.(to_mreg))) - (EQ: pr0.(to_mreg) = pr1.(to_mreg)): + (SOME: is_some ((to_mreg pr0))) + (EQ: (to_mreg pr0) = (to_mreg pr1)): <>. Proof. destruct pr0; ss; destruct pr1; ss; des_ifs. Qed. @@ -23,22 +23,22 @@ Lemma preg_of_injective Proof. destruct mr0, mr1; ss. Qed. Lemma to_mreg_to_preg: forall pr0, - o_map (pr0.(to_mreg)) (to_preg) = Some pr0 \/ pr0.(to_mreg) = None. + o_map ((to_mreg pr0)) (to_preg) = Some pr0 \/ (to_mreg pr0) = None. Proof. destruct pr0; ss; des_ifs; eauto. Qed. Corollary to_mreg_some_to_preg pr0 mr0 - (SOME: pr0.(to_mreg) = Some mr0): - <>. + (SOME: (to_mreg pr0) = Some mr0): + <>. Proof. - eapply to_mreg_injective with (pr0 := mr0.(to_preg)) (pr1 := pr0). + eapply to_mreg_injective with (pr0 := (to_preg mr0)) (pr1 := pr0). { rewrite to_preg_to_mreg; ss. } rewrite to_preg_to_mreg; ss. Qed. Definition to_pregset (mrs: Mach.regset): regset := fun pr => - match pr.(to_mreg) with + match (to_mreg pr) with | Some mr => mrs mr | None => Vundef end.