Require Import Values Coqlib Clight GMemory FMemory FMemLemmas Footprint InteractionSemantics Cop_fp ClightLang DetLemma.
Lemma embed_eq:
forall fm m,
embed (
strip fm) (
Mem.freelist fm)
m ->
m =
fm.
Proof.
destruct fm,
m;
intro;
inv H.
unfold strip in *;
simpl in *.
inv H1.
assert (
nextblockid =
nextblockid0).
{
generalize valid_wd valid_wd0.
clear.
intros.
destruct (
Nat.lt_total nextblockid nextblockid0).
eapply valid_wd0 in H;
eauto.
eapply valid_wd in H;
eauto.
omega.
destruct H.
auto.
eapply valid_wd in H;
eauto.
eapply valid_wd0 in H;
eauto.
omega.
}
subst.
f_equal;
apply Axioms.proof_irr.
Qed.
Local Ltac solv_eq:=
match goal with
| [
H1: ?
P ,
H2 : ?
P |-
_] =>
clear H1
| [
H1: ?
P =
_,
H2: ?
P =
_ |-
_] =>
rewrite H1 in H2;
inv H2
| [
H1: ?
P =
_ ,
H2:
_ = ?
P |-
_] =>
rewrite H1 in H2;
inv H2
|
H:
Vptr _ _ =
Vptr _ _ |-
_=>
inv H
end
.
Local Ltac inv_eq:=
repeat (
try match goal with
|
H:?
P ,
H1: ?
P |-
_ =>
clear H
|
H:
Cminor.funsig _ |-
_ =>
unfold Cminor.funsig in H
|
H:
context[
match ?
x with _ =>
_ end] |-
_ =>
destruct x eqn:?;
try (
inversion H;
fail)
|
H:
None =
Some _ |-
_=>
inv H
|
H:
Some _ =
Some _ |-
_ =>
inv H
|
H:
Some _ =
None |-
_=>
inv H
|
H:
Values.Val.bool_of_val _ _ |-
_ =>
inv H
|
H:
Switch.switch_argument _ _ _ |-
_ =>
inv H
|
H:?
P = ?
Q,
H1:
context [ ?
P ] |-
_ =>
rewrite H in H1
|
H:?
P = ?
Q |-
context [ ?
P ] =>
rewrite H
end;
simpl in *;
subst;
try contradiction;
try discriminate).
Ltac inv_expr:=
try match goal with H:
eval_expr _ _ _ _ _ _|-
_ =>
inv H end;
repeat solv_eq;
auto.
Ltac check_lvalue:=
try (
repeat match goal with H:
eval_lvalue _ _ _ _ _ _ _ |-
_ =>
inv H end;
fail).
Ltac inv_lvalue:=
repeat (
match goal with H:
eval_lvalue _ _ _ _ _ _ _|-
_ =>
inv H end;
repeat solv_eq);
auto.
Ltac lvalue_det:=
match goal with
|
H1:
eval_lvalue ?
ge ?
e ?
le ?
m ?
a ?
loc ?
ofs ,
H2:
eval_lvalue ?
ge ?
e ?
le ?
m ?
a ?
loc' ?
ofs',
H3:
eval_lvalue ?
ge ?
e ?
le ?
m ?
a ?
loc ?
ofs->
forall loc0 ofs0,
eval_lvalue ?
ge ?
e ?
le ?
m ?
a loc0 ofs0->
loc0 = ?
loc /\
ofs0 = ?
ofs
|-
_ =>
eapply H3 in H2 as [];
eauto
end;
subst;
try congruence.
Ltac expr_det:=
match goal with
|
H1:
eval_expr ?
ge ?
e ?
le ?
m ?
a ?
v,
H2:
forall v',
eval_expr ?
ge ?
e ?
le ?
m ?
a v'->
?
v2 =
v'
|-
_ =>
eapply H2 in H1;
eauto
end;
subst;
try congruence.
Lemma deref_loc_det:
forall ty m loc ofs v,
deref_loc ty m loc ofs v ->
forall v',
deref_loc ty m loc ofs v'->
v =
v'.
Proof.
inversion 1;subst;inversion 1;subst;repeat solv_eq;auto.
Qed.
Ltac solv_deref_loc_det:=
match goal with
H:
deref_loc ?
ty ?
m ?
loc ?
ofs ?
v,
H':
deref_loc ?
ty ?
m ?
loc ?
ofs' ?
v'|-
_ =>
eapply deref_loc_det in H';
try apply H;
subst
end.
Lemma eval_expr_det:
forall ge e le m a v1,
eval_expr ge e le m a v1 ->
forall v2,
eval_expr ge e le m a v2 ->
v1 =
v2.
Proof.
intros until 1.
pattern a,
v1.
eapply eval_expr_ind2
with(
ge:=
ge)(
e:=
e)(
le:=
le)(
m:=
m)
(
P0:=(
fun a loc'
ofs'=>
eval_lvalue ge e le m a loc'
ofs'->
forall loc ofs,
eval_lvalue ge e le m a loc ofs ->
loc =
loc' /\
ofs =
ofs'))
;
eauto;
intros.
all :
try(
inv_expr;
try lvalue_det;
try expr_det;
inv_lvalue;
fail).
try(
inv_expr;
check_lvalue;
repeat expr_det).
inv_expr;
check_lvalue;
repeat expr_det;
repeat lvalue_det;
try eapply deref_loc_det;
eauto.
all:
inv_lvalue;
repeat (
expr_det;
solv_eq;
auto).
Qed.
Ltac solv_expr_det:=
match goal with
H1:
eval_expr ?
ge ?
e ?
le ?
m ?
a ?
v,
H2 :
eval_expr ?
ge ?
e ?
le ?
m ?
a ?
v2 |-
_ =>
eapply eval_expr_det in H2;
try apply H1;
subst
end.
Lemma eval_lvalue_det:
forall ge e le m a loc ofs,
eval_lvalue ge e le m a loc ofs->
forall loc'
ofs',
eval_lvalue ge e le m a loc'
ofs' ->
loc =
loc' /\
ofs =
ofs'.
Proof.
induction 1;intros;inv_lvalue;try solv_expr_det;try solv_eq;auto.
Qed.
Ltac solv_lvalue_det:=
match goal with
H1:
eval_lvalue ?
ge ?
e ?
le ?
m ?
a ?
l ?
o ,
H2 :
eval_lvalue ?
ge ?
e ?
le ?
m ?
a ?
l' ?
o' |-
_ =>
eapply eval_lvalue_det in H2 as [];
try apply H1;
subst
end.
Ltac inv_exprfp:=
try match goal with H:
eval_expr_fp _ _ _ _ _ _|-
_ =>
inv H end;
repeat solv_eq;
auto.
Ltac check_lvaluefp:=
try (
repeat match goal with H:
eval_lvalue_fp _ _ _ _ _ _ _ |-
_ =>
inv H end;
fail).
Ltac inv_lvaluefp:=
repeat (
match goal with H:
eval_lvalue_fp _ _ _ _ _ _|-
_ =>
inv H end;
repeat solv_eq);
auto.
Ltac lvaluefp_det:=
match goal with
|
H1:
eval_lvalue_fp ?
ge ?
e ?
le ?
m ?
a ?
fp,
H2:
eval_lvalue_fp ?
ge ?
e ?
le ?
m ?
a ?
fp',
H3:
eval_lvalue_fp ?
ge ?
e ?
le ?
m ?
a ?
fp->
forall fp,
eval_lvalue_fp ?
ge ?
e ?
le ?
m ?
a fp->
?
fp =
fp
|-
_ =>
eapply H3 in H2;
eauto
end;
subst;
try congruence.
Ltac expr_fp_det:=
match goal with
|
H1:
eval_expr_fp ?
ge ?
e ?
le ?
m ?
a ?
v,
H2:
forall v',
eval_expr_fp ?
ge ?
e ?
le ?
m ?
a v'->
?
v2 =
v'
|-
_ =>
eapply H2 in H1;
eauto
end;
subst;
try congruence.
Lemma deref_loc_fp_det:
forall ty b ofs fp,
deref_loc_fp ty b ofs fp->
forall fp',
deref_loc_fp ty b ofs fp'->
fp =
fp'.
Proof.
intros;inv H;inv H0;solv_eq;auto. Qed.
Ltac solv_deref_loc_fp_det:=
match goal with
H:
deref_loc_fp ?
ty ?
b ?
ofs ?
fp,
H':
deref_loc_fp ?
ty ?
b ?
ofs ?
fp' |-
_ =>
eapply deref_loc_fp_det in H';
try apply H;
subst
end.
Lemma eval_expr_fp_det:
forall ge e le m a fp,
eval_expr_fp ge e le m a fp ->
forall fp',
eval_expr_fp ge e le m a fp'->
fp =
fp'.
Proof.
intros until 1.
pattern a,
fp.
eapply eval_expr_fp_ind2
with(
ge:=
ge)(
e:=
e)(
le:=
le)(
m:=
m)
(
P0:=
fun a0 fp0 =>
eval_lvalue_fp ge e le m a0 fp0 ->
forall fp',
eval_lvalue_fp ge e le m a0 fp'->
fp0 =
fp')
;
eauto;
intros.
all:
try (
inv_exprfp;
inv_lvalue;
fail).
all:
try (
inv_exprfp;
check_lvalue;
repeat solv_expr_det;
repeat solv_lvalue_det;
repeat expr_fp_det;
repeat lvaluefp_det;
repeat solv_deref_loc_det;
repeat solv_deref_loc_fp_det;
auto;
fail).
inv H1;
auto.
inv_lvaluefp.
inv_lvaluefp.
Qed.
Ltac solv_expr_fp_det:=
match goal with
H1:
eval_expr_fp ?
ge ?
e ?
le ?
m ?
a ?
v,
H2 :
eval_expr_fp ?
ge ?
e ?
le ?
m ?
a ?
v2 |-
_ =>
eapply eval_expr_fp_det in H2;
try apply H1;
subst
end.
Lemma eval_lvalue_fp_det:
forall ge e le m a fp,
eval_lvalue_fp ge e le m a fp ->
forall fp',
eval_lvalue_fp ge e le m a fp'->
fp =
fp'.
Proof.
inversion 1;subst;inversion 1;subst;auto.
all : solv_expr_det;solv_expr_fp_det;auto.
Qed.
Ltac solv_lvalue_fp_det:=
match goal with
H1:
eval_lvalue_fp ?
ge ?
e ?
le ?
m ?
a ?
v,
H2 :
eval_lvalue_fp ?
ge ?
e ?
le ?
m ?
a ?
v2 |-
_ =>
eapply eval_lvalue_fp_det in H2;
try apply H1;
subst
end.
Lemma assign_loc_det:
forall ce ty m b ofs v m',
assign_loc ce ty m b ofs v m'->
forall m'',
assign_loc ce ty m b ofs v m''->
m' =
m''.
Proof.
intros;inv H;inv H0;repeat solv_eq;auto. Qed.
Ltac solv_assign_loc_det:=
match goal with
H1:
assign_loc ?
ce ?
ty ?
m ?
b ?
ofs ?
v _,
H2 :
assign_loc ?
ce ?
ty ?
m ?
b ?
ofs ?
v _ |-
_ =>
eapply assign_loc_det in H2;
try apply H1;
subst
end.
Lemma assign_loc_fp_det:
forall ce ty m b ofs fp,
assign_loc_fp ce ty m b ofs fp->
forall fp',
assign_loc_fp ce ty m b ofs fp'->
fp =
fp'.
Proof.
intros;inv H;inv H0;repeat solv_eq;auto. Qed.
Ltac solv_assign_loc_fp_det:=
match goal with
H1:
assign_loc_fp ?
ce ?
ty ?
m ?
b ?
ofs _,
H2 :
assign_loc_fp ?
ce ?
ty ?
m ?
b ?
ofs _ |-
_ =>
eapply assign_loc_fp_det in H2;
try apply H1;
subst
end.
Lemma eval_exprlist_det:
forall ge e le m a vl v1,
eval_exprlist ge e le m a vl v1->
forall v2,
eval_exprlist ge e le m a vl v2->
v1 =
v2.
Proof.
induction 1;intros.
inv H;auto.
inv H2. solv_expr_det.
eapply IHeval_exprlist in H10;eauto. subst.
solv_eq. auto.
Qed.
Ltac solv_exprlist_det:=
match goal with
H1:
eval_exprlist ?
ge ?
e ?
le ?
lm ?
a ?
vl _,
H2 :
eval_exprlist ?
ge ?
e ?
le ?
m ?
a ?
vl _ |-
_ =>
eapply eval_exprlist_det in H2;
try apply H1;
subst
end.
Lemma eval_exprlist_fp_det:
forall ge e le m a vl v1,
eval_exprlist_fp ge e le m a vl v1->
forall v2,
eval_exprlist_fp ge e le m a vl v2->
v1 =
v2.
Proof.
induction 1;intros.
inv H;auto.
inv H5.
solv_expr_det.
solv_expr_fp_det.
eapply IHeval_exprlist_fp in H15;eauto. subst.
solv_eq. auto.
Qed.
Ltac solv_exprlist_fp_det:=
match goal with
H1:
eval_exprlist_fp ?
ge ?
e ?
le ?
lm ?
a ?
vl _,
H2 :
eval_exprlist_fp ?
ge ?
e ?
le ?
m ?
a ?
vl _ |-
_ =>
eapply eval_exprlist_fp_det in H2;
try apply H1;
subst
end.
Lemma alloc_variables_det:
forall ge env m f e m',
alloc_variables ge env m f e m'->
forall e'
m'',
alloc_variables ge env m f e'
m''->
e =
e' /\
m' =
m''.
Proof.
induction 1;intros.
inv H;auto.
inv H1. solv_eq.
eapply IHalloc_variables in H10;eauto.
Qed.
Ltac solv_alloc_variables_det:=
match goal with
H1:
alloc_variables ?
ge ?
e ?
lm ?
f _ _,
H2 :
alloc_variables ?
ge ?
e ?
lm ?
f _ _ |-
_ =>
eapply alloc_variables_det in H2 as [];
try apply H1;
subst
end.
Lemma alloc_variables_fp_det:
forall ge m f m',
alloc_variables_fp ge m f m'->
forall m'',
alloc_variables_fp ge m f m''->
m' =
m''.
Proof.
induction 1;intros.
inv H;auto.
inv H2. solv_eq. solv_eq.
eapply IHalloc_variables_fp in H10;subst. auto.
Qed.
Ltac solv_alloc_variables_fp_det:=
match goal with
H1:
alloc_variables_fp ?
ge ?
e ?
lm _,
H2 :
alloc_variables_fp ?
ge ?
e ?
lm _ |-
_ =>
eapply alloc_variables_fp_det in H2;
try apply H1;
subst
end.
Ltac solv_det:=
repeat solv_expr_det;
repeat solv_eq;
repeat solv_expr_fp_det;
repeat solv_eq;
repeat solv_lvalue_det;
repeat solv_eq;
repeat solv_lvalue_fp_det;
repeat solv_eq;
repeat solv_assign_loc_det;
repeat solv_eq;
repeat solv_assign_loc_fp_det;
repeat solv_eq;
repeat solv_deref_loc_det;
repeat solv_eq;
repeat solv_deref_loc_fp_det;
repeat solv_eq;
repeat solv_exprlist_det;
repeat solv_eq;
repeat solv_exprlist_fp_det;
repeat solv_eq;
repeat solv_alloc_variables_det;
repeat solv_eq;
repeat solv_alloc_variables_fp_det;
repeat solv_eq.
Theorem Clight_det2:
lang_det Clight_IS_2.
Proof.
unfold lang_det,
step_det,
Clight_IS_2;
simpl;
intros.
inv H;
inv H0;
inv H1.
apply embed_eq in H;
subst.
pose proof H2 as STEP1;
pose proof H3 as STEP2.
inv H2;
inv H3;
repeat (
solv_det;
auto).
all:
try (
match goal with
H:
_ \/
_ |-
_=>
destruct H as [
R|
R];
inv R
end;
fail).
all:
try match goal with H:
is_call_cont _ |-
_ =>
inv H end.
inv H;
inv H0;
inv H9;
inv H10;
solv_det;
auto.
Qed.
Lemma bind_parameters_det:
forall ge e p m v m1 m2,
bind_parameters ge e m p v m1 ->
bind_parameters ge e m p v m2 ->
m1 =
m2.
Proof.
induction p;intros;inv H;inv H0;auto.
solv_eq. solv_det.
eapply IHp in H8;eauto.
Qed.
Lemma function_entry1_det:
forall ge f v m e le m'
m2 e2 le2,
function_entry1 ge f v m e le m'->
function_entry1 ge f v m e2 le2 m2->
e =
e2 /\
le =
le2 /\
m' =
m2.
Proof.
Lemma bind_parameters_fp_det:
forall ge e p m m1 m2,
bind_parameters_fp ge e m p m1 ->
bind_parameters_fp ge e m p m2 ->
m1 =
m2.
Proof.
induction p;intros;inv H;inv H0;auto.
solv_eq. solv_det.
eapply IHp in H7;eauto. subst.
auto.
Qed.
Lemma function_entry1_fp_det:
forall ge f v m e m'
m2,
function_entry1_fp ge f v m e m'->
function_entry1_fp ge f v m e m2->
m' =
m2.
Proof.
Theorem Clight_det:
lang_det Clight_IS.
Proof.
Lemma assign_loc_eff:
forall ge ty m loc ofs v m'
fp,
assign_loc ge ty m loc ofs v m'->
assign_loc_fp ge ty loc ofs v fp ->
LEffect (
strip m)(
strip m')
fp (
Mem.freelist m).
Proof.
Lemma mem_freelist_eff:
forall b m m',
Mem.free_list m b =
Some m'->
LEffect (
strip m)(
strip m')(
FMemOpFP.free_list_fp b)(
Mem.freelist m).
Proof.
Lemma alloc_variables_eff:
forall ge e l e0 m0 m'0
fp,
alloc_variables_fp ge m0 l fp ->
alloc_variables ge e0 m0 l e m'0 ->
LEffect (
strip m0) (
strip m'0)
fp (
Mem.freelist m0).
Proof.
Lemma assign_loc_fleq:
forall ge ty m b o v m',
assign_loc ge ty m b o v m'->
Mem.freelist m =
Mem.freelist m'.
Proof.
Lemma bind_parameters_eff:
forall ge e l m vargs m'
fp,
bind_parameters ge e m l vargs m'->
bind_parameters_fp ge e l vargs fp ->
LEffect (
strip m)(
strip m')
fp (
Mem.freelist m).
Proof.
Lemma alloc_variables_fleq:
forall ge p e a m m',
alloc_variables ge e m p a m'->
Mem.freelist m =
Mem.freelist m'.
Proof.
induction p;
intros.
inv H;
auto.
inv H.
eapply IHp in H7;
eauto.
apply mem_alloc_fleq in H4.
congruence.
Qed.
Lemma Clight_eff:
corestep_local_eff (
InteractionSemantics.step Clight_IS).
Proof.
Lemma Clight_eff_2:
corestep_local_eff (
InteractionSemantics.step Clight_IS_2).
Proof.
Lemma deref_loc_loc:
forall ty m loc ofs v fp,
deref_loc ty m loc ofs v ->
deref_loc_fp ty loc ofs fp ->
forall m',
MemPre (
strip m)(
strip m')
fp ->
FreelistEq (
strip m)(
strip m')(
Mem.freelist m) ->
deref_loc ty m'
loc ofs v.
Proof.
intros.
inv H0;
inv H;
solv_eq.
eapply MemPre_mem_loadv_eq2 in H4;
eauto.
econstructor;
eauto.
econstructor 2;
eauto.
econstructor 3;
eauto.
Qed.
Lemma sem_unary_operation_loc:
forall op v ty m fp v1,
FCop.sem_unary_operation op v ty m =
Some v1->
sem_unary_operation_fp op v ty m =
Some fp->
forall m',
MemPre (
strip m)(
strip m')
fp ->
FreelistEq (
strip m)(
strip m')(
Mem.freelist m)->
FCop.sem_unary_operation op v ty m' =
Some v1 /\
sem_unary_operation_fp op v ty m' =
Some fp.
Proof.
Lemma sem_cast_loc:
forall v ty f m res fp,
FCop.sem_cast v ty f m =
Some res ->
sem_cast_fp v ty f m =
Some fp ->
forall m',
MemPre (
strip m)(
strip m')
fp ->
FreelistEq (
strip m)(
strip m')(
Mem.freelist m)->
FCop.sem_cast v ty f m' =
Some res /\
sem_cast_fp v ty f m' =
Some fp.
Proof.
Lemma sem_binarith_loc:
forall a b c d v ty v'
ty'
m f1 fp,
FCop.sem_binarith a b c d v ty v'
ty'
m =
Some f1->
sem_binarith_fp a b c d v ty v'
ty'
m =
Some fp ->
forall m',
MemPre (
strip m)(
strip m')
fp ->
FreelistEq (
strip m)(
strip m')(
Mem.freelist m)->
FCop.sem_binarith a b c d v ty v'
ty'
m' =
Some f1/\
sem_binarith_fp a b c d v ty v'
ty'
m' =
Some fp.
Proof.
Lemma cmp_ptr_loc:
forall c v v'
res fp m,
FCop.cmp_ptr m c v v' =
Some res ->
cmp_ptr_fp m c v v' =
Some fp ->
forall m',
MemPre (
strip m)(
strip m')
fp->
FreelistEq (
strip m)(
strip m')(
Mem.freelist m)->
FCop.cmp_ptr m'
c v v' =
Some res /\
cmp_ptr_fp m'
c v v'=
Some fp.
Proof.
Lemma sem_cmp_loc:
forall c v ty v'
ty'
m v1 fp,
FCop.sem_cmp c v ty v'
ty'
m =
Some v1 ->
sem_cmp_fp c v ty v'
ty'
m =
Some fp->
forall m',
MemPre (
strip m)(
strip m')
fp ->
FreelistEq (
strip m)(
strip m')(
Mem.freelist m)->
FCop.sem_cmp c v ty v'
ty'
m' =
Some v1 /\
sem_cmp_fp c v ty v'
ty'
m' =
Some fp.
Proof.
Lemma sem_binary_operation_loc:
forall e op v ty v'
ty'
m fp v1,
FCop.sem_binary_operation e op v ty v'
ty'
m =
Some v1->
sem_binary_operation_fp e op v ty v'
ty'
m =
Some fp->
forall m',
MemPre (
strip m)(
strip m')
fp ->
FreelistEq (
strip m)(
strip m')(
Mem.freelist m)->
FCop.sem_binary_operation e op v ty v'
ty'
m' =
Some v1 /\
sem_binary_operation_fp e op v ty v'
ty'
m' =
Some fp.
Proof.
unfold FCop.sem_binary_operation,
sem_binary_operation_fp;
intros;
ex_match;
subst;
try solv_eq;
auto.
all:
try(
unfold FCop.sem_add,
sem_add_fp,
FCop.sem_sub,
sem_sub_fp,
FCop.sem_mul,
sem_mul_fp,
FCop.sem_div,
sem_div_fp,
FCop.sem_mod,
sem_mod_fp,
FCop.sem_and,
sem_and_fp,
FCop.sem_or,
sem_or_fp,
FCop.sem_cmp,
sem_cmp_fp in *;
ex_match;
inv_eq;
auto;
eapply sem_binarith_loc in H;
eauto;
fail).
all:
eapply sem_cmp_loc;
eauto.
Qed.
Lemma eval_expr_loc:
forall ge e le m a v fp,
eval_expr ge e le m a v ->
eval_expr_fp ge e le m a fp ->
forall m',
MemPre (
strip m) (
strip m')
fp ->
FreelistEq (
strip m)(
strip m')(
Mem.freelist m)->
eval_expr ge e le m'
a v /\
eval_expr_fp ge e le m'
a fp.
Proof.
intros until 2.
revert fp H0.
pattern a,
v.
eapply eval_expr_ind2 with
(
P0:=
fun a0 loc ofs=>
eval_lvalue ge e le m a0 loc ofs->
forall fp :
FP.t,
eval_lvalue_fp ge e le m a0 fp ->
forall m' :
mem,
MemPre (
strip m) (
strip m')
fp ->
FreelistEq (
strip m) (
strip m') (
Mem.freelist m) ->
eval_lvalue ge e le m'
a0 loc ofs /\
eval_lvalue_fp ge e le m'
a0 fp)
;
eauto;
intros.
all:
try(
inv_exprfp;
check_lvalue;
split;
try constructor;
auto;
fail).
{
inv_exprfp;
check_lvalue.
eapply H1 in H3 as [];
eauto.
split;
econstructor;
eauto.
}
{
inv H3;
check_lvalue;
solv_det.
apply MemPre_split in H4 as [].
eapply H1 in H3 as [];
eauto.
eapply sem_unary_operation_loc in H2 as [];
eauto.
split;
econstructor;
eauto.
}
{
inv_exprfp;
check_lvalue.
repeat solv_det.
apply MemPre_split in H6 as ?.
destruct H5.
apply MemPre_split in H5 as [].
eapply H1 in H5 as [];
eauto.
eapply H3 in H9 as [];
eauto.
eapply sem_binary_operation_loc in H4 as [];
eauto.
split;
econstructor;
eauto.
}
{
inv_exprfp;
check_lvalue;
repeat solv_det.
apply MemPre_split in H4 as [].
eapply H1 in H3 as [];
eauto.
eapply sem_cast_loc in H2 as [];
eauto.
split;
econstructor;
eauto.
}
{
inv_exprfp;
check_lvalue;
repeat solv_det.
apply MemPre_split in H4 as [].
eapply H1 in H0 as [];
eauto.
eapply deref_loc_loc in H2;
eauto.
split;
econstructor;
eauto.
}
{
split.
econstructor;
eauto.
inv H2.
constructor.
}
{
inv H3.
split.
econstructor 2;
eauto.
constructor.
}
{
inv H2;
inv H3.
solv_det.
eapply H1 in H5 as [];
eauto.
split;
econstructor;
eauto.
}
{
inv H6.
solv_det.
eapply H1 in H14 as [];
eauto.
split;
econstructor;
eauto.
}
{
inv H5;
solv_det.
eapply H1 in H13 as [];
eauto.
split;
econstructor;
eauto.
}
Qed.
Lemma eval_lvalue_loc:
forall ge e le m a b v fp,
eval_lvalue ge e le m a b v ->
eval_lvalue_fp ge e le m a fp ->
forall m',
MemPre (
strip m) (
strip m')
fp ->
FreelistEq (
strip m)(
strip m')(
Mem.freelist m)->
eval_lvalue ge e le m'
a b v /\
eval_lvalue_fp ge e le m'
a fp.
Proof.
intros.
inv H0;
solv_det;
inv H;
solv_det.
all :
try (
split;
econstructor;
eauto;
fail).
all:
try (
eapply eval_expr_loc in H4 as [];
eauto;
split;
econstructor;
eauto;
fail).
Qed.
Lemma eval_exprlist_loc:
forall ge e le vl m a v fp,
eval_exprlist ge e le m a v vl->
eval_exprlist_fp ge e le m a v fp ->
forall m',
MemPre (
strip m) (
strip m')
fp ->
FreelistEq (
strip m)(
strip m')(
Mem.freelist m)->
eval_exprlist ge e le m'
a v vl /\
eval_exprlist_fp ge e le m'
a v fp.
Proof.
induction vl;
intros.
inv H.
inv H0.
split;
constructor.
inv H.
inv H0.
solv_det.
apply MemPre_split in H1 as [].
apply MemPre_split in H as [].
eapply IHvl in H9 as [];
eauto.
eapply sem_cast_loc in H12 as [];
eauto.
eapply eval_expr_loc in H5 as [];
eauto.
split;
econstructor;
eauto.
Qed.
Lemma sem_unary_operation_emp_eff:
forall op v ty m fp,
sem_unary_operation_fp op v ty m =
Some fp->
Locs.eq (
effects fp)
Locs.emp.
Proof.
Local Ltac emp_eff:=
try (
unfold FP.emp,
effects;
simpl;
repeat rewrite Locs.emp_union_locs;
repeat rewrite Locs.locs_union_emp;
apply Locs.eq_refl).
Lemma sem_cast_fp_emp_eff:
forall v ty f m fp,
sem_cast_fp v ty f m =
Some fp ->
Locs.eq (
effects fp)
Locs.emp.
Proof.
Lemma sem_binarith_fp_emp_eff:
forall a b c d v ty v'
ty'
m fp,
sem_binarith_fp a b c d v ty v'
ty'
m =
Some fp ->
Locs.eq (
effects fp)
Locs.emp.
Proof.
Lemma cmp_ptr_fp_emp_eff:
forall m c v v'
fp,
cmp_ptr_fp m c v v' =
Some fp->
Locs.eq (
effects fp)
Locs.emp.
Proof.
Lemma sem_binary_operation_emp_eff:
forall op e v ty v'
ty'
m fp,
sem_binary_operation_fp e op v ty v'
ty'
m =
Some fp->
Locs.eq (
effects fp)
Locs.emp.
Proof.
unfold sem_binary_operation_fp;
intros;
ex_match.
all:
try(
unfold FCop.sem_add,
sem_add_fp,
FCop.sem_sub,
sem_sub_fp,
FCop.sem_mul,
sem_mul_fp,
FCop.sem_div,
sem_div_fp,
FCop.sem_mod,
sem_mod_fp,
FCop.sem_and,
sem_and_fp,
FCop.sem_or,
sem_or_fp,
FCop.sem_cmp,
sem_cmp_fp in *;
ex_match;
inv_eq;
emp_eff).
all:
try (
eapply sem_binarith_fp_emp_eff;
eauto;
fail).
all:
try (
eapply cmp_ptr_fp_emp_eff;
eauto;
fail).
Qed.
Lemma deref_loc_emp_eff:
forall ty loc ofs fp,
deref_loc_fp ty loc ofs fp ->
Locs.eq (
effects fp)
Locs.emp.
Proof.
inversion 1;subst;emp_eff.
Qed.
Lemma eval_expr_emp_eff:
forall ge e le m a fp,
eval_expr_fp ge e le m a fp->
Locs.eq (
effects fp)
Locs.emp.
Proof.
intros until 1.
pattern a,
fp.
eapply eval_expr_fp_ind2 with
(
P0:=
fun a fp=>
eval_lvalue_fp ge e le m a fp ->
Locs.eq (
effects fp)
Locs.emp);
eauto;
intros.
all:
try(
unfold effects,
FP.emp;
simpl;
try rewrite Locs.locs_union_emp;
try apply Locs.eq_refl;
fail).
eapply sem_unary_operation_emp_eff in H4;
eauto.
apply Locs.locs_eq in H4.
apply Locs.locs_eq in H2.
rewrite <-
H5,
effects_union,
H2,
H4,
Locs.locs_union_emp;
apply Locs.eq_refl.
eapply sem_binary_operation_emp_eff in H7.
rewrite <-
H8.
apply Locs.locs_eq in H2.
apply Locs.locs_eq in H5.
apply Locs.locs_eq in H7.
repeat (
rewrite effects_union).
rewrite H2,
H5,
H7;
emp_eff.
apply sem_cast_fp_emp_eff in H4.
apply Locs.locs_eq in H4.
apply Locs.locs_eq in H2.
rewrite <-
H5,
effects_union,
H2,
H4;
emp_eff.
eapply deref_loc_emp_eff in H4.
Hsimpl.
apply Locs.locs_eq in H4.
apply Locs.locs_eq in H2.
rewrite <-
H5,
effects_union,
H2,
H4;
emp_eff.
Qed.
Lemma eval_lvalue_emp_eff:
forall ge e le m ex fp,
eval_lvalue_fp ge e le m ex fp->
Locs.eq (
effects fp)
Locs.emp.
Proof.
Lemma eval_exprlist_emp_eff:
forall ge e le m vl a fp,
eval_exprlist_fp ge e le m a vl fp ->
Locs.eq (
effects fp)
Locs.emp.
Proof.
Lemma MemPost_union:
forall m m'
fp fp',
MemPost m m'
fp->
MemPost m m'
fp'->
MemPost m m' (
FP.union fp fp').
Proof.
Lemma mem_freelist_loc:
forall l m m',
Mem.free_list m l =
Some m'->
forall m2,
MemPre (
strip m)(
strip m2) (
FMemOpFP.free_list_fp l) ->
FreelistEq (
strip m)(
strip m2)(
Mem.freelist m) ->
exists m3,
Mem.free_list m2 l =
Some m3 /\
LPost (
strip m')(
strip m3)(
FMemOpFP.free_list_fp l)(
Mem.freelist m).
Proof.
Lemma bool_val_loc:
forall v ty m b fp,
FCop.bool_val v ty m =
Some b ->
bool_val_fp v ty m =
Some fp->
forall m',
MemPre (
strip m)(
strip m')
fp->
FreelistEq (
strip m)(
strip m')(
Mem.freelist m)->
FCop.bool_val v ty m' =
Some b/\
bool_val_fp v ty m' =
Some fp.
Proof.
Lemma bool_val_emp_eff:
forall v ty m fp,
bool_val_fp v ty m =
Some fp->
Locs.eq (
effects fp)
Locs.emp.
Proof.
Lemma alloc_variables_loc:
forall ge p f m e m'
fp,
alloc_variables ge f m p e m'->
alloc_variables_fp ge m p fp ->
forall m2,
MemPre (
strip m)(
strip m2)
fp->
Mem.freelist m =
Mem.freelist m2 ->
Mem.nextblockid m =
Mem.nextblockid m2 ->
FreelistEq (
strip m)(
strip m2)(
Mem.freelist m)->
exists m3,
alloc_variables ge f m2 p e m3 /\
alloc_variables_fp ge m2 p fp /\
LPost (
strip m')(
strip m3)
fp (
Mem.freelist m)/\
Mem.freelist m' =
Mem.freelist m3 /\
Mem.nextblockid m' =
Mem.nextblockid m3.
Proof.
Lemma bind_parameters_loc:
forall ge e p m v m'
fp,
bind_parameters ge e m p v m'->
bind_parameters_fp ge e p v fp ->
forall m2,
MemPre (
strip m)(
strip m2)
fp ->
FreelistEq (
strip m)(
strip m2)(
Mem.freelist m)->
Mem.freelist m =
Mem.freelist m2 ->
Mem.nextblockid m =
Mem.nextblockid m2 ->
exists m3,
bind_parameters ge e m2 p v m3 /\
LPost (
strip m')(
strip m3)
fp (
Mem.freelist m).
Proof.
Lemma function_entry1_loc:
forall ge f vargs m e le m'
fp,
function_entry1 ge f vargs m e le m'->
function_entry1_fp ge f vargs m e fp ->
forall m2,
MemPre (
strip m)(
strip m2)
fp->
Mem.freelist m =
Mem.freelist m2 ->
Mem.nextblockid m =
Mem.nextblockid m2 ->
FreelistEq (
strip m)(
strip m2)(
Mem.freelist m)->
exists m3,
function_entry1 ge f vargs m2 e le m3 /\
function_entry1_fp ge f vargs m2 e fp /\
LPost (
strip m')(
strip m3)
fp (
Mem.freelist m).
Proof.
Lemma Clight_loc:
corestep_locality_1 (
InteractionSemantics.step Clight_IS) .
Proof.
Lemma freelist_forward:
forall l m m',
Mem.free_list m l =
Some m'->
GMem.forward (
strip m)(
strip m').
Proof.
Lemma function_entry2_loc:
forall ge f vargs m e le m'
fp,
function_entry2 ge f vargs m e le m'->
function_entry2_fp ge f vargs m e fp ->
forall m2,
MemPre (
strip m)(
strip m2)
fp->
Mem.freelist m =
Mem.freelist m2 ->
Mem.nextblockid m =
Mem.nextblockid m2 ->
FreelistEq (
strip m)(
strip m2)(
Mem.freelist m)->
exists m3,
function_entry2 ge f vargs m2 e le m3 /\
function_entry2_fp ge f vargs m2 e fp /\
LPost (
strip m')(
strip m3)
fp (
Mem.freelist m).
Proof.
Lemma Clight_loc2:
corestep_locality_1 (
InteractionSemantics.step Clight_IS_2) .
Proof.
Lemma alloc_variables_forward:
forall ge p f m e m',
alloc_variables ge f m p e m'->
GMem.forward (
strip m)(
strip m').
Proof.
Lemma bind_parameters_forward:
forall ge l e m v m',
bind_parameters ge e m l v m'->
GMem.forward (
strip m)(
strip m').
Proof.
Theorem Clight_wd:
wd Clight_IS.
Proof.
Theorem Clight_wdFP:
wdFP Clight_IS.
Proof.
Theorem Clight_wd2:
wd Clight_IS_2.
Proof.