summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--backend/Allocproof.v295
-rw-r--r--backend/LTL.v144
-rw-r--r--backend/LTLin.v63
-rw-r--r--backend/Linear.v46
-rw-r--r--backend/Linearizeproof.v25
-rw-r--r--backend/Reloadproof.v447
-rw-r--r--backend/Stackingproof.v12
-rw-r--r--backend/Tunnelingproof.v29
8 files changed, 538 insertions, 523 deletions
diff --git a/backend/Allocproof.v b/backend/Allocproof.v
index 051be1e..fd569ad 100644
--- a/backend/Allocproof.v
+++ b/backend/Allocproof.v
@@ -37,6 +37,7 @@ Require Import Allocation.
(** * Semantic properties of calling conventions *)
+(*************
(** The value of a parameter in the called function is the same
as the value of the corresponding argument in the caller function. *)
@@ -118,6 +119,7 @@ Proof.
symmetry. apply Locmap.gso. eapply Loc.in_notin_diff; eauto.
intros x [A B]. rewrite Locmap.gso; auto. apply Loc.diff_sym; auto.
Qed.
+****************)
(** * Properties of allocated locations *)
@@ -220,7 +222,7 @@ Hypothesis REGALLOC: regalloc f flive (live0 f flive) env = Some assign.
of [assign r] can be arbitrary. *)
Definition agree (live: Regset.t) (rs: regset) (ls: locset) : Prop :=
- forall (r: reg), Regset.In r live -> Val.lessdef (rs#r) (ls (assign r)).
+ forall (r: reg), Regset.In r live -> rs#r = ls (assign r).
(** What follows is a long list of lemmas expressing properties
of the [agree_live_regs] predicate that are useful for the
@@ -289,7 +291,7 @@ Qed.
Lemma agree_eval_reg:
forall r live rs ls,
- agree (reg_live r live) rs ls -> Val.lessdef (rs#r) (ls (assign r)).
+ agree (reg_live r live) rs ls -> rs#r = ls (assign r).
Proof.
intros. apply H. apply Regset.add_1. auto.
Qed.
@@ -299,11 +301,11 @@ Qed.
Lemma agree_eval_regs:
forall rl live rs ls,
agree (reg_list_live rl live) rs ls ->
- Val.lessdef_list (rs##rl) (List.map ls (List.map assign rl)).
+ rs##rl = List.map ls (List.map assign rl).
Proof.
induction rl; simpl; intros.
- constructor.
- constructor.
+ auto.
+ f_equal.
apply agree_eval_reg with live.
apply agree_reg_list_live with rl. auto.
eapply IHrl. eexact H.
@@ -345,17 +347,16 @@ Qed.
are mapped to locations other than that of [r]. *)
Lemma agree_assign_live:
- forall live r rs ls v v',
+ forall live r rs ls v,
(forall s,
Regset.In s live -> s <> r -> assign s <> assign r) ->
- Val.lessdef v v' ->
agree (reg_dead r live) rs ls ->
- agree live (rs#r <- v) (Locmap.set (assign r) v' ls).
+ agree live (rs#r <- v) (Locmap.set (assign r) v ls).
Proof.
unfold agree; intros. rewrite Regmap.gsspec.
destruct (peq r0 r).
subst r0. rewrite Locmap.gss. auto.
- rewrite Locmap.gso. apply H1. apply Regset.remove_2; auto.
+ rewrite Locmap.gso. apply H0. apply Regset.remove_2; auto.
eapply regalloc_noteq_diff. eauto. apply sym_not_equal. apply H. auto. auto.
Qed.
@@ -414,66 +415,70 @@ Qed.
a function call, provided that the states before the call agree
and that calling conventions are respected. *)
-Lemma agree_call:
- forall live args ros res rs v (ls ls': locset),
+Lemma agree_postcall:
+ forall live args ros res rs v (ls: locset),
(forall r,
Regset.In r live -> r <> res ->
~(In (assign r) Conventions.destroyed_at_call)) ->
(forall r,
Regset.In r live -> r <> res -> assign r <> assign res) ->
- Val.lessdef v (ls' (assign res)) ->
- (forall l,
- Loc.notin l destroyed_at_call -> loc_acceptable l -> Loc.diff l (assign res) ->
- ls' l = ls l) ->
agree (reg_list_live args (reg_sum_live ros (reg_dead res live))) rs ls ->
- agree live (rs#res <- v) ls'.
+ agree live (rs#res <- v) (Locmap.set (assign res) v (postcall_regs ls)).
Proof.
intros.
assert (agree (reg_dead res live) rs ls).
apply agree_reg_sum_live with ros.
apply agree_reg_list_live with args. assumption.
- red; intros.
- case (Reg.eq r res); intro.
- subst r. rewrite Regmap.gss. assumption.
- rewrite Regmap.gso; auto. rewrite H2. apply H4.
- apply Regset.remove_2; auto.
- eapply regalloc_notin_notin; eauto.
- eapply regalloc_acceptable; eauto.
- eapply regalloc_noteq_diff; eauto.
+ red; intros. rewrite Regmap.gsspec. destruct (peq r res).
+ subst r. rewrite Locmap.gss. auto.
+ rewrite Locmap.gso. transitivity (ls (assign r)).
+ apply H2. apply Regset.remove_2; auto.
+ unfold postcall_regs.
+ assert (~In (assign r) temporaries).
+ apply Loc.notin_not_in. eapply regalloc_not_temporary; eauto.
+ assert (~In (assign r) destroyed_at_call).
+ apply H. auto. auto.
+ caseEq (assign r); auto. intros m ASG. rewrite <- ASG.
+ destruct (In_dec Loc.eq (assign r) temporaries). contradiction.
+ destruct (In_dec Loc.eq (assign r) destroyed_at_call). contradiction.
+ auto.
+ eapply regalloc_noteq_diff; eauto. apply sym_not_eq. auto.
Qed.
(** Agreement between the initial register set at RTL function entry
and the location set at LTL function entry. *)
Lemma agree_init_regs:
- forall rl vl ls live,
+ forall live rl vl,
(forall r1 r2,
In r1 rl -> Regset.In r2 live -> r1 <> r2 ->
assign r1 <> assign r2) ->
- Val.lessdef_list vl (List.map ls (List.map assign rl)) ->
- agree live (init_regs vl rl) ls.
+ agree live (RTL.init_regs vl rl)
+ (LTL.init_locs vl (List.map assign rl)).
Proof.
+ intro live.
+ assert (agree live (Regmap.init Vundef) (Locmap.init Vundef)).
+ red; intros. rewrite Regmap.gi. auto.
induction rl; simpl; intros.
- red; intros. rewrite Regmap.gi. auto.
- inv H0.
- assert (agree live (init_regs vl1 rl) ls).
- apply IHrl. intros. apply H. tauto. auto. auto. auto.
- red; intros. case (Reg.eq a r); intro.
- subst r. rewrite Regmap.gss. auto.
- rewrite Regmap.gso; auto.
+ auto.
+ destruct vl. auto.
+ assert (agree live (init_regs vl rl) (init_locs vl (map assign rl))).
+ apply IHrl. intros. apply H0. tauto. auto. auto.
+ red; intros. rewrite Regmap.gsspec. destruct (peq r a).
+ subst r. rewrite Locmap.gss. auto.
+ rewrite Locmap.gso. apply H1; auto.
+ eapply regalloc_noteq_diff; eauto.
Qed.
Lemma agree_parameters:
- forall vl ls,
+ forall vl,
let params := f.(RTL.fn_params) in
- Val.lessdef_list vl (List.map ls (List.map assign params)) ->
agree (live0 f flive)
- (init_regs vl params)
- ls.
+ (RTL.init_regs vl params)
+ (LTL.init_locs vl (List.map assign params)).
Proof.
intros. apply agree_init_regs.
intros. eapply regalloc_correct_3; eauto.
- auto.
Qed.
End AGREE.
@@ -556,52 +561,40 @@ Inductive match_stackframes: list RTL.stackframe -> list LTL.stackframe -> Prop
| match_stackframes_nil:
match_stackframes nil nil
| match_stackframes_cons:
- forall s ts sig res f sp pc rs ls env live assign,
+ forall s ts res f sp pc rs ls env live assign,
match_stackframes s ts ->
- sig_res (RTL.fn_sig f) = sig_res (parent_callsig ts) ->
wt_function f env ->
analyze f = Some live ->
regalloc f live (live0 f live) env = Some assign ->
- (forall rv ls1,
- (forall l, Loc.notin l destroyed_at_call -> loc_acceptable l -> ls1 l = ls l) ->
- Val.lessdef rv (ls1 (R (loc_result sig))) ->
+ (forall rv,
agree assign (transfer f pc live!!pc)
(rs#res <- rv)
- (Locmap.set (assign res) (ls1 (R (loc_result sig))) ls1)) ->
+ (Locmap.set (assign res) rv ls)) ->
match_stackframes
(RTL.Stackframe res (RTL.fn_code f) sp pc rs :: s)
- (LTL.Stackframe sig (assign res) (transf_fun f live assign) sp ls pc :: ts).
+ (LTL.Stackframe (assign res) (transf_fun f live assign) sp ls pc :: ts).
Inductive match_states: RTL.state -> LTL.state -> Prop :=
| match_states_intro:
- forall s f sp pc rs m ts ls tm live assign env
+ forall s f sp pc rs m ts ls live assign env
(STACKS: match_stackframes s ts)
- (SIG: sig_res(RTL.fn_sig f) = sig_res(parent_callsig ts))
(WT: wt_function f env)
(ANL: analyze f = Some live)
(ASG: regalloc f live (live0 f live) env = Some assign)
- (AG: agree assign (transfer f pc live!!pc) rs ls)
- (MMD: Mem.lessdef m tm),
+ (AG: agree assign (transfer f pc live!!pc) rs ls),
match_states (RTL.State s (RTL.fn_code f) sp pc rs m)
- (LTL.State ts (transf_fun f live assign) sp pc ls tm)
+ (LTL.State ts (transf_fun f live assign) sp pc ls m)
| match_states_call:
- forall s f args m ts tf ls tm,
+ forall s f args m ts tf,
match_stackframes s ts ->
- sig_res(RTL.funsig f) = sig_res(parent_callsig ts) ->
transf_fundef f = OK tf ->
- Val.lessdef_list args (List.map ls (loc_arguments (funsig tf))) ->
- Mem.lessdef m tm ->
- (forall l, Loc.notin l destroyed_at_call -> loc_acceptable l -> ls l = parent_locset ts l) ->
match_states (RTL.Callstate s f args m)
- (LTL.Callstate ts tf ls tm)
+ (LTL.Callstate ts tf args m)
| match_states_return:
- forall s v m ts ls tm,
+ forall s v m ts,
match_stackframes s ts ->
- Val.lessdef v (ls (R (loc_result (parent_callsig ts)))) ->
- Mem.lessdef m tm ->
- (forall l, Loc.notin l destroyed_at_call -> loc_acceptable l -> ls l = parent_locset ts l) ->
match_states (RTL.Returnstate s v m)
- (LTL.Returnstate ts ls tm).
+ (LTL.Returnstate ts v m).
(** The simulation proof is by case analysis over the RTL transition
taken in the source program. *)
@@ -652,10 +645,9 @@ Lemma transl_find_function:
transf_fundef f = OK tf.
Proof.
intros; destruct ros; simpl in *.
- assert (Val.lessdef (rs#r) (ls (alloc r))).
+ assert (rs#r = ls (alloc r)).
eapply agree_eval_reg. eapply agree_reg_list_live; eauto.
- inv H1. apply functions_translated. auto.
- exploit Genv.find_funct_inv; eauto. intros [b EQ]. congruence.
+ rewrite <- H1. apply functions_translated. auto.
rewrite symbols_preserved. destruct (Genv.find_symbol ge i).
apply function_ptr_translated. auto. discriminate.
Qed.
@@ -696,15 +688,11 @@ Proof.
rewrite <- H1. eapply agree_move_live; eauto.
(* Not a move *)
intros INMO CORR CODE.
- assert (exists v1,
- eval_operation tge sp op (map ls (map assign args)) tm = Some v1
- /\ Val.lessdef v v1).
- apply eval_operation_lessdef with m (rs##args); auto.
+ assert (eval_operation tge sp op (map ls (map assign args)) m = Some v).
+ replace (map ls (map assign args)) with (rs##args).
+ rewrite <- H0. apply eval_operation_preserved. exact symbols_preserved.
eapply agree_eval_regs; eauto.
- rewrite (eval_operation_preserved symbols_preserved). assumption.
- destruct H1 as [v1 [EV VMD]].
- econstructor; split. eapply exec_Lop; eauto.
- MatchStates.
+ econstructor; split. eapply exec_Lop; eauto. MatchStates.
apply agree_assign_live with f env live; auto.
eapply agree_reg_list_live; eauto.
(* Result is not live, instruction turned into a nop *)
@@ -717,15 +705,10 @@ Proof.
rewrite LV in AG.
(* dst is live *)
exploit Regset.mem_2; eauto. intro LV'.
- assert (exists a',
- eval_addressing tge sp addr (map ls (map assign args)) = Some a'
- /\ Val.lessdef a a').
- apply eval_addressing_lessdef with (rs##args).
- eapply agree_eval_regs; eauto.
+ assert (eval_addressing tge sp addr (map ls (map assign args)) = Some a).
+ replace (map ls (map assign args)) with (rs##args).
rewrite <- H0. apply eval_addressing_preserved. exact symbols_preserved.
- destruct H2 as [a' [EVAL VMD]].
- exploit Mem.loadv_lessdef; eauto.
- intros [v' [LOADV VMD2]].
+ eapply agree_eval_regs; eauto.
econstructor; split.
eapply exec_Lload; eauto. TranslInstr. rewrite LV; auto.
generalize (regalloc_correct_1 f env live _ _ _ _ ASG H).
@@ -740,106 +723,61 @@ Proof.
red; intro; exploit Regset.mem_1; eauto. congruence.
(* Istore *)
- assert (exists a',
- eval_addressing tge sp addr (map ls (map assign args)) = Some a'
- /\ Val.lessdef a a').
- apply eval_addressing_lessdef with (rs##args).
- eapply agree_eval_regs; eauto.
+ assert (eval_addressing tge sp addr (map ls (map assign args)) = Some a).
+ replace (map ls (map assign args)) with (rs##args).
rewrite <- H0. apply eval_addressing_preserved. exact symbols_preserved.
- destruct H2 as [a' [EVAL VMD]].
- assert (ESRC: Val.lessdef rs#src (ls (assign src))).
+ eapply agree_eval_regs; eauto.
+ assert (ESRC: rs#src = ls (assign src)).
eapply agree_eval_reg. eapply agree_reg_list_live. eauto.
- assert (exists tm', storev chunk tm a' (ls (assign src)) = Some tm'
- /\ Mem.lessdef m' tm').
- eapply Mem.storev_lessdef; eauto.
- destruct H2 as [m1' [STORE MMD']].
econstructor; split.
eapply exec_Lstore; eauto. TranslInstr.
+ rewrite <- ESRC. eauto.
MatchStates. eapply agree_reg_live. eapply agree_reg_list_live. eauto.
(* Icall *)
exploit transl_find_function; eauto. intros [tf [TFIND TF]].
generalize (regalloc_correct_1 f0 env live _ _ _ _ ASG H). unfold correct_alloc_instr. intros [CORR1 CORR2].
- exploit (parmov_spec ls (map assign args)
- (loc_arguments (RTL.funsig f))).
- apply loc_arguments_norepet.
- rewrite loc_arguments_length. inv WTI.
- rewrite <- H7. repeat rewrite list_length_map. auto.
- intros [PM1 PM2].
+ assert (rs##args = map ls (map assign args)).
+ eapply agree_eval_regs; eauto.
econstructor; split.
eapply exec_Lcall; eauto. TranslInstr.
rewrite (sig_function_translated _ _ TF). eauto.
- rewrite (sig_function_translated _ _ TF).
+ rewrite H1.
econstructor; eauto.
econstructor; eauto.
intros. eapply agree_succ with (n := pc); eauto.
unfold RTL.successors; rewrite H; auto with coqlib.
- eapply agree_call with (ls := ls); eauto.
- rewrite Locmap.gss. auto.
- intros. rewrite Locmap.gso. rewrite H1; auto. apply PM2; auto.
- eapply arguments_not_preserved; eauto. apply Loc.diff_sym; auto.
- rewrite (sig_function_translated _ _ TF).
- change Regset.elt with reg in PM1.
- rewrite PM1. eapply agree_eval_regs; eauto.
+ eapply agree_postcall; eauto.
(* Itailcall *)
exploit transl_find_function; eauto. intros [tf [TFIND TF]].
- exploit (parmov_spec ls (map assign args)
- (loc_arguments (RTL.funsig f))).
- apply loc_arguments_norepet.
- rewrite loc_arguments_length. inv WTI.
- rewrite <- H6. repeat rewrite list_length_map. auto.
- intros [PM1 PM2].
+ assert (rs##args = map ls (map assign args)).
+ eapply agree_eval_regs; eauto.
econstructor; split.
eapply exec_Ltailcall; eauto. TranslInstr.
rewrite (sig_function_translated _ _ TF). eauto.
- rewrite (sig_function_translated _ _ TF).
- econstructor; eauto.
- inv WTI. congruence.
- rewrite (sig_function_translated _ _ TF).
- rewrite return_regs_arguments.
- change Regset.elt with reg in PM1.
- rewrite PM1. eapply agree_eval_regs; eauto.
- inv WTI; auto.
- apply free_lessdef; auto.
- intros. rewrite return_regs_not_destroyed; auto.
+ rewrite H1. econstructor; eauto.
(* Ialloc *)
- assert (Val.lessdef (Vint sz) (ls (assign arg))).
- rewrite <- H0. eapply agree_eval_reg. eauto.
- inversion H2. subst v.
- pose (ls1 := Locmap.set (R loc_alloc_argument) (ls (assign arg)) ls).
- pose (ls2 := Locmap.set (R loc_alloc_result) (Vptr b Int.zero) ls1).
- pose (ls3 := Locmap.set (assign res) (ls2 (R loc_alloc_result)) ls2).
- caseEq (alloc tm 0 (Int.signed sz)). intros tm' b1 ALLOC1.
- exploit Mem.alloc_lessdef; eauto. intros [EQ MMD1]. subst b1.
- exists (State ts (transf_fun f live assign) sp pc' ls3 tm'); split.
- unfold ls3, ls2, ls1. eapply exec_Lalloc; eauto. TranslInstr.
+ assert (ls (assign arg) = Vint sz).
+ rewrite <- H0. symmetry. eapply agree_eval_reg; eauto.
+ econstructor; split.
+ eapply exec_Lalloc; eauto. TranslInstr.
generalize (regalloc_correct_1 f env live _ _ _ _ ASG H).
unfold correct_alloc_instr. intros [CORR1 CORR2].
MatchStates.
- eapply agree_call with (args := arg :: nil) (ros := inr reg 1%positive) (ls := ls); eauto.
- unfold ls3; rewrite Locmap.gss.
- unfold ls2; rewrite Locmap.gss. auto.
- intros. unfold ls3; rewrite Locmap.gso.
- unfold ls2; rewrite Locmap.gso.
- unfold ls1; apply Locmap.gso.
- apply Loc.diff_sym. eapply Loc.in_notin_diff; eauto.
- unfold loc_alloc_argument, destroyed_at_call; simpl; tauto.
- apply Loc.diff_sym. eapply Loc.in_notin_diff; eauto.
- unfold loc_alloc_result, destroyed_at_call; simpl; tauto.
- apply Loc.diff_sym; auto.
+ eapply agree_postcall with (args := arg :: nil) (ros := inr reg 1%positive); eauto.
(* Icond, true *)
- assert (COND: eval_condition cond (map ls (map assign args)) tm = Some true).
- eapply eval_condition_lessdef; eauto.
+ assert (COND: eval_condition cond (map ls (map assign args)) m = Some true).
+ replace (map ls (map assign args)) with (rs##args). auto.
eapply agree_eval_regs; eauto.
econstructor; split.
eapply exec_Lcond_true; eauto. TranslInstr.
MatchStates. eapply agree_reg_list_live. eauto.
(* Icond, false *)
- assert (COND: eval_condition cond (map ls (map assign args)) tm = Some false).
- eapply eval_condition_lessdef; eauto.
+ assert (COND: eval_condition cond (map ls (map assign args)) m = Some false).
+ replace (map ls (map assign args)) with (rs##args). auto.
eapply agree_eval_regs; eauto.
econstructor; split.
eapply exec_Lcond_false; eauto. TranslInstr.
@@ -848,16 +786,12 @@ Proof.
(* Ireturn *)
econstructor; split.
eapply exec_Lreturn; eauto. TranslInstr; eauto.
+ replace (regmap_optget or Vundef rs)
+ with (locmap_optget (option_map assign or) Vundef ls).
econstructor; eauto.
- rewrite return_regs_result.
- inv WTI. destruct or; simpl in *.
- replace (loc_result (parent_callsig ts))
- with (loc_result (RTL.fn_sig f)).
- rewrite Locmap.gss. eapply agree_eval_reg; eauto.
- unfold loc_result. rewrite SIG. auto.
- constructor.
- apply free_lessdef; auto.
- intros. apply return_regs_not_destroyed; auto.
+ inv WTI. destruct or; simpl in *.
+ symmetry; eapply agree_eval_reg; eauto.
+ auto.
(* internal function *)
generalize H7. simpl. unfold transf_function.
@@ -866,46 +800,21 @@ Proof.
caseEq (analyze f); simpl; try congruence. intros live ANL.
caseEq (regalloc f live (live0 f live) env); simpl; try congruence.
intros alloc ALLOC EQ. inv EQ. simpl in *.
- caseEq (Mem.alloc tm 0 (RTL.fn_stacksize f)). intros tm' stk' MEMALLOC.
- exploit alloc_lessdef; eauto. intros [EQ LDM]. subst stk'.
econstructor; split.
eapply exec_function_internal; simpl; eauto.
simpl. econstructor; eauto.
- apply agree_init_regs. intros; eapply regalloc_correct_3; eauto.
- inv WTF.
- exploit (parmov_spec (call_regs ls)
- (loc_parameters (RTL.fn_sig f))
- (map alloc (RTL.fn_params f))).
- eapply regalloc_norepet_norepet; eauto.
- eapply regalloc_correct_2; eauto.
- rewrite loc_parameters_length. symmetry.
- transitivity (length (map env (RTL.fn_params f))).
- repeat rewrite list_length_map. auto.
- rewrite wt_params; auto.
- intros [PM1 PM2].
- change Regset.elt with reg in PM1. rewrite PM1.
- replace (map (call_regs ls) (loc_parameters (RTL.fn_sig f)))
- with (map ls (loc_arguments (RTL.fn_sig f))).
- auto.
- symmetry. unfold loc_parameters. rewrite list_map_compose.
- apply list_map_exten. intros. symmetry. eapply call_regs_param_of_arg; eauto.
+ change (transfer f (RTL.fn_entrypoint f) live !! (RTL.fn_entrypoint f))
+ with (live0 f live).
+ eapply agree_parameters; eauto.
(* external function *)
injection H7; intro EQ; inv EQ.
- exploit event_match_lessdef; eauto. intros [tres [A B]].
econstructor; split.
eapply exec_function_external; eauto.
eapply match_states_return; eauto.
- replace (loc_result (parent_callsig ts))
- with (loc_result (ef_sig ef)).
- rewrite Locmap.gss. auto.
- unfold loc_result. rewrite <- H6. auto.
- intros. rewrite <- H11; auto. apply Locmap.gso.
- apply Loc.diff_sym. eapply Loc.in_notin_diff; eauto.
- apply loc_result_caller_save.
(* return *)
- inv H3.
+ inv H4.
econstructor; split.
eapply exec_return; eauto.
econstructor; eauto.
@@ -920,27 +829,21 @@ Lemma transf_initial_states:
Proof.
intros. inversion H.
exploit function_ptr_translated; eauto. intros [tf [FIND TR]].
- assert (SIG2: funsig tf = mksignature nil (Some Tint)).
- rewrite <- H2. apply sig_function_translated; auto.
- assert (VPARAMS: Val.lessdef_list nil (map (Locmap.init Vundef) (loc_arguments (funsig tf)))).
- rewrite SIG2. simpl. constructor.
- assert (GENV: (Genv.init_mem tprog) = (Genv.init_mem prog)).
+ assert (MEM: (Genv.init_mem tprog) = (Genv.init_mem prog)).
exact (Genv.init_mem_transf_partial _ _ TRANSF).
- assert (MMD: Mem.lessdef (Genv.init_mem prog) (Genv.init_mem tprog)).
- rewrite GENV. apply Mem.lessdef_refl.
- exists (LTL.Callstate nil tf (Locmap.init Vundef) (Genv.init_mem tprog)); split.
+ exists (LTL.Callstate nil tf nil (Genv.init_mem tprog)); split.
econstructor; eauto.
rewrite symbols_preserved.
rewrite (transform_partial_program_main _ _ TRANSF). auto.
- constructor; auto. constructor. rewrite H2; auto.
+ rewrite <- H2. apply sig_function_translated; auto.
+ rewrite MEM. constructor; auto. constructor.
Qed.
Lemma transf_final_states:
forall st1 st2 r,
match_states st1 st2 -> RTL.final_state st1 r -> LTL.final_state st2 r.
Proof.
- intros. inv H0. inv H. inv H3. econstructor.
- simpl in H4. inv H4. auto.
+ intros. inv H0. inv H. inv H4. econstructor.
Qed.
Theorem transf_program_correct:
diff --git a/backend/LTL.v b/backend/LTL.v
index a082e12..e39a4ec 100644
--- a/backend/LTL.v
+++ b/backend/LTL.v
@@ -72,53 +72,20 @@ Definition funsig (fd: fundef) :=
Definition genv := Genv.t fundef.
Definition locset := Locmap.t.
-Section RELSEM.
-
-(** Calling conventions are reflected at the level of location sets
- (environments mapping locations to values) by the following two
- functions.
+Definition locmap_optget (ol: option loc) (dfl: val) (ls: locset) : val :=
+ match ol with
+ | None => dfl
+ | Some l => ls l
+ end.
- [call_regs caller] returns the location set at function entry,
- as a function of the location set [caller] of the calling function.
-- Machine registers have the same values as in the caller.
-- Incoming stack slots (used for parameter passing) have the same
- values as the corresponding outgoing stack slots (used for argument
- passing) in the caller.
-- Local and outgoing stack slots are initialized to undefined values.
-*)
+Fixpoint init_locs (vl: list val) (rl: list loc) {struct rl} : locset :=
+ match rl, vl with
+ | r1 :: rs, v1 :: vs => Locmap.set r1 v1 (init_locs vs rs)
+ | _, _ => Locmap.init Vundef
+ end.
-Definition call_regs (caller: locset) : locset :=
- fun (l: loc) =>
- match l with
- | R r => caller (R r)
- | S (Local ofs ty) => Vundef
- | S (Incoming ofs ty) => caller (S (Outgoing ofs ty))
- | S (Outgoing ofs ty) => Vundef
- end.
-(** [return_regs caller callee] returns the location set after
- a call instruction, as a function of the location set [caller]
- of the caller before the call instruction and of the location
- set [callee] of the callee at the return instruction.
-- Callee-save machine registers have the same values as in the caller
- before the call.
-- Caller-save machine registers have the same values
- as in the callee at the return point.
-- Stack slots have the same values as in the caller before the call.
-*)
-
-Definition return_regs (caller callee: locset) : locset :=
- fun (l: loc) =>
- match l with
- | R r =>
- if In_dec Loc.eq (R r) Conventions.temporaries then
- callee (R r)
- else if In_dec Loc.eq (R r) Conventions.destroyed_at_call then
- callee (R r)
- else
- caller (R r)
- | S s => caller (S s)
- end.
+Section RELSEM.
(** [parmov srcs dsts ls] performs the parallel assignment
of locations [dsts] to the values of the corresponding locations
@@ -130,18 +97,29 @@ Fixpoint parmov (srcs dsts: list loc) (ls: locset) {struct srcs} : locset :=
| _, _ => ls
end.
-Definition set_result_reg (s: signature) (or: option loc) (ls: locset) :=
- match or with
- | Some r => Locmap.set (R (loc_result s)) (ls r) ls
- | None => ls
- end.
+(** [postcall_regs ls] returns the location set [ls] after a function
+ call. Caller-save registers and temporary registers
+ are set to [undef], reflecting the fact that the called
+ function can modify them freely. *)
+
+Definition postcall_regs (ls: locset) : locset :=
+ fun (l: loc) =>
+ match l with
+ | R r =>
+ if In_dec Loc.eq (R r) Conventions.temporaries then
+ Vundef
+ else if In_dec Loc.eq (R r) Conventions.destroyed_at_call then
+ Vundef
+ else
+ ls (R r)
+ | S s => ls (S s)
+ end.
(** LTL execution states. *)
Inductive stackframe : Set :=
| Stackframe:
- forall (sig: signature) (**r signature of call *)
- (res: loc) (**r where to store the result *)
+ forall (res: loc) (**r where to store the result *)
(f: function) (**r calling function *)
(sp: val) (**r stack pointer in calling function *)
(ls: locset) (**r location state in calling function *)
@@ -160,27 +138,15 @@ Inductive state : Set :=
| Callstate:
forall (stack: list stackframe) (**r call stack *)
(f: fundef) (**r function to call *)
- (ls: locset) (**r location state at point of call *)
+ (args: list val) (**r arguments to the call *)
(m: mem), (**r memory state *)
state
| Returnstate:
forall (stack: list stackframe) (**r call stack *)
- (ls: locset) (**r location state at point of return *)
+ (v: val) (**r return value for the call *)
(m: mem), (**r memory state *)
state.
-Definition parent_locset (stack: list stackframe) : locset :=
- match stack with
- | nil => Locmap.init Vundef
- | Stackframe sg res f sp ls pc :: stack' => ls
- end.
-
-Definition parent_callsig (stack: list stackframe) : signature :=
- match stack with
- | nil => mksignature nil (Some Tint)
- | Stackframe sg res f sp ls pc :: stack' => sg
- end.
-
Variable ge: genv.
Definition find_function (los: loc + ident) (rs: locset) : option fundef :=
@@ -265,28 +231,23 @@ Inductive step: state -> trace -> state -> Prop :=
(fn_code f)!pc = Some(Lcall sig ros args res pc') ->
find_function ros rs = Some f' ->
funsig f' = sig ->
- let rs1 := parmov args (loc_arguments sig) rs in
step (State s f sp pc rs m)
- E0 (Callstate (Stackframe sig res f sp rs1 pc' :: s) f' rs1 m)
+ E0 (Callstate (Stackframe res f sp (postcall_regs rs) pc' :: s)
+ f' (List.map rs args) m)
| exec_Ltailcall:
forall s f stk pc rs m sig ros args f',
(fn_code f)!pc = Some(Ltailcall sig ros args) ->
find_function ros rs = Some f' ->
funsig f' = sig ->
- let rs1 := parmov args (loc_arguments sig) rs in
- let rs2 := return_regs (parent_locset s) rs1 in
step (State s f (Vptr stk Int.zero) pc rs m)
- E0 (Callstate s f' rs2 (Mem.free m stk))
+ E0 (Callstate s f' (List.map rs args) (Mem.free m stk))
| exec_Lalloc:
forall s f sp pc rs m pc' arg res sz m' b,
(fn_code f)!pc = Some(Lalloc arg res pc') ->
rs arg = Vint sz ->
Mem.alloc m 0 (Int.signed sz) = (m', b) ->
- let rs1 := Locmap.set (R loc_alloc_argument) (rs arg) rs in
- let rs2 := Locmap.set (R loc_alloc_result) (Vptr b Int.zero) rs1 in
- let rs3 := Locmap.set res (rs2 (R loc_alloc_result)) rs2 in
step (State s f sp pc rs m)
- E0 (State s f sp pc' rs3 m')
+ E0 (State s f sp pc' (Locmap.set res (Vptr b Int.zero) (postcall_regs rs)) m')
| exec_Lcond_true:
forall s f sp pc rs m cond args ifso ifnot,
(fn_code f)!pc = Some(Lcond cond args ifso ifnot) ->
@@ -302,30 +263,22 @@ Inductive step: state -> trace -> state -> Prop :=
| exec_Lreturn:
forall s f stk pc rs m or,
(fn_code f)!pc = Some(Lreturn or) ->
- let rs1 := set_result_reg f.(fn_sig) or rs in
- let rs2 := return_regs (parent_locset s) rs1 in
step (State s f (Vptr stk Int.zero) pc rs m)
- E0 (Returnstate s rs2 (Mem.free m stk))
+ E0 (Returnstate s (locmap_optget or Vundef rs) (Mem.free m stk))
| exec_function_internal:
- forall s f rs m m' stk,
+ forall s f args m m' stk,
Mem.alloc m 0 f.(fn_stacksize) = (m', stk) ->
- let rs1 := call_regs rs in
- let rs2 := parmov (loc_parameters f.(fn_sig)) f.(fn_params) rs1 in
- step (Callstate s (Internal f) rs m)
- E0 (State s f (Vptr stk Int.zero) f.(fn_entrypoint) rs2 m')
+ step (Callstate s (Internal f) args m)
+ E0 (State s f (Vptr stk Int.zero) f.(fn_entrypoint) (init_locs args f.(fn_params)) m')
| exec_function_external:
- forall s ef t res rs m,
- let args := map rs (Conventions.loc_arguments ef.(ef_sig)) in
+ forall s ef t args res m,
event_match ef args t res ->
- let rs1 :=
- Locmap.set (R (Conventions.loc_result ef.(ef_sig))) res rs in
- step (Callstate s (External ef) rs m)
- t (Returnstate s rs1 m)
+ step (Callstate s (External ef) args m)
+ t (Returnstate s res m)
| exec_return:
- forall res f sp rs0 pc s sig rs m,
- let rs1 := Locmap.set res (rs (R (loc_result sig))) rs in
- step (Returnstate (Stackframe sig res f sp rs0 pc :: s) rs m)
- E0 (State s f sp pc rs1 m).
+ forall res f sp rs pc s vres m,
+ step (Returnstate (Stackframe res f sp rs pc :: s) vres m)
+ E0 (State s f sp pc (Locmap.set res vres rs) m).
End RELSEM.
@@ -341,12 +294,11 @@ Inductive initial_state (p: program): state -> Prop :=
Genv.find_symbol ge p.(prog_main) = Some b ->
Genv.find_funct_ptr ge b = Some f ->
funsig f = mksignature nil (Some Tint) ->
- initial_state p (Callstate nil f (Locmap.init Vundef) m0).
+ initial_state p (Callstate nil f nil m0).
Inductive final_state: state -> int -> Prop :=
- | final_state_intro: forall rs m r,
- rs (R (loc_result (mksignature nil (Some Tint)))) = Vint r ->
- final_state (Returnstate nil rs m) r.
+ | final_state_intro: forall n m,
+ final_state (Returnstate nil (Vint n) m) n.
Definition exec_program (p: program) (beh: program_behavior) : Prop :=
program_behaves step (initial_state p) final_state (Genv.globalenv p) beh.
diff --git a/backend/LTLin.v b/backend/LTLin.v
index 157b6d4..83787ce 100644
--- a/backend/LTLin.v
+++ b/backend/LTLin.v
@@ -112,8 +112,7 @@ Fixpoint find_label (lbl: label) (c: code) {struct c} : option code :=
Inductive stackframe : Set :=
| Stackframe:
- forall (sig: signature) (**r signature of call *)
- (res: loc) (**r where to store the result *)
+ forall (res: loc) (**r where to store the result *)
(f: function) (**r calling function *)
(sp: val) (**r stack pointer in calling function *)
(ls: locset) (**r location state in calling function *)
@@ -132,26 +131,22 @@ Inductive state : Set :=
| Callstate:
forall (stack: list stackframe) (**r call stack *)
(f: fundef) (**r function to call *)
- (ls: locset) (**r location state at point of call *)
+ (args: list val) (**r arguments to the call *)
(m: mem), (**r memory state *)
state
| Returnstate:
forall (stack: list stackframe) (**r call stack *)
- (ls: locset) (**r location state at point of return *)
+ (v: val) (**r return value for the call *)
(m: mem), (**r memory state *)
state.
-Definition parent_locset (stack: list stackframe) : locset :=
- match stack with
- | nil => Locmap.init Vundef
- | Stackframe sg res f sp ls pc :: stack' => ls
- end.
-
+(*
Definition parent_callsig (stack: list stackframe) : signature :=
match stack with
| nil => mksignature nil (Some Tint)
| Stackframe sg res f sp ls pc :: stack' => sg
end.
+*)
Section RELSEM.
@@ -189,26 +184,21 @@ Inductive step: state -> trace -> state -> Prop :=
forall s f sp sig ros args res b rs m f',
find_function ros rs = Some f' ->
sig = funsig f' ->
- let rs1 := parmov args (loc_arguments sig) rs in
step (State s f sp (Lcall sig ros args res :: b) rs m)
- E0 (Callstate (Stackframe sig res f sp rs1 b :: s) f' rs1 m)
+ E0 (Callstate (Stackframe res f sp (postcall_regs rs) b :: s)
+ f' (List.map rs args) m)
| exec_Ltailcall:
forall s f stk sig ros args b rs m f',
find_function ros rs = Some f' ->
sig = funsig f' ->
- let rs1 := parmov args (loc_arguments sig) rs in
- let rs2 := return_regs (parent_locset s) rs1 in
step (State s f (Vptr stk Int.zero) (Ltailcall sig ros args :: b) rs m)
- E0 (Callstate s f' rs2 (Mem.free m stk))
+ E0 (Callstate s f' (List.map rs args) (Mem.free m stk))
| exec_Lalloc:
forall s f sp arg res b rs m sz m' blk,
rs arg = Vint sz ->
Mem.alloc m 0 (Int.signed sz) = (m', blk) ->
- let rs1 := Locmap.set (R loc_alloc_argument) (rs arg) rs in
- let rs2 := Locmap.set (R loc_alloc_result) (Vptr blk Int.zero) rs1 in
- let rs3 := Locmap.set res (rs2 (R loc_alloc_result)) rs2 in
step (State s f sp (Lalloc arg res :: b) rs m)
- E0 (State s f sp b rs3 m')
+ E0 (State s f sp b (Locmap.set res (Vptr blk Int.zero) (postcall_regs rs)) m')
| exec_Llabel:
forall s f sp lbl b rs m,
step (State s f sp (Llabel lbl :: b) rs m)
@@ -231,30 +221,22 @@ Inductive step: state -> trace -> state -> Prop :=
E0 (State s f sp b rs m)
| exec_Lreturn:
forall s f stk rs m or b,
- let rs1 := set_result_reg f.(fn_sig) or rs in
- let rs2 := return_regs (parent_locset s) rs1 in
step (State s f (Vptr stk Int.zero) (Lreturn or :: b) rs m)
- E0 (Returnstate s rs2 (Mem.free m stk))
+ E0 (Returnstate s (locmap_optget or Vundef rs) (Mem.free m stk))
| exec_function_internal:
- forall s f rs m m' stk,
+ forall s f args m m' stk,
Mem.alloc m 0 f.(fn_stacksize) = (m', stk) ->
- let rs1 := call_regs rs in
- let rs2 := parmov (loc_parameters f.(fn_sig)) f.(fn_params) rs1 in
- step (Callstate s (Internal f) rs m)
- E0 (State s f (Vptr stk Int.zero) f.(fn_code) rs2 m')
+ step (Callstate s (Internal f) args m)
+ E0 (State s f (Vptr stk Int.zero) f.(fn_code) (init_locs args f.(fn_params)) m')
| exec_function_external:
- forall s ef t res rs m,
- let args := map rs (Conventions.loc_arguments ef.(ef_sig)) in
+ forall s ef args t res m,
event_match ef args t res ->
- let rs1 :=
- Locmap.set (R (Conventions.loc_result ef.(ef_sig))) res rs in
- step (Callstate s (External ef) rs m)
- t (Returnstate s rs1 m)
+ step (Callstate s (External ef) args m)
+ t (Returnstate s res m)
| exec_return:
- forall res f sp rs0 b s sig rs m,
- let rs1 := Locmap.set res (rs (R (loc_result sig))) rs in
- step (Returnstate (Stackframe sig res f sp rs0 b :: s) rs m)
- E0 (State s f sp b rs1 m).
+ forall res f sp rs b s vres m,
+ step (Returnstate (Stackframe res f sp rs b :: s) vres m)
+ E0 (State s f sp b (Locmap.set res vres rs) m).
End RELSEM.
@@ -265,12 +247,11 @@ Inductive initial_state (p: program): state -> Prop :=
Genv.find_symbol ge p.(prog_main) = Some b ->
Genv.find_funct_ptr ge b = Some f ->
funsig f = mksignature nil (Some Tint) ->
- initial_state p (Callstate nil f (Locmap.init Vundef) m0).
+ initial_state p (Callstate nil f nil m0).
Inductive final_state: state -> int -> Prop :=
- | final_state_intro: forall rs m r,
- rs (R (loc_result (mksignature nil (Some Tint)))) = Vint r ->
- final_state (Returnstate nil rs m) r.
+ | final_state_intro: forall n m,
+ final_state (Returnstate nil (Vint n) m) n.
Definition exec_program (p: program) (beh: program_behavior) : Prop :=
program_behaves step (initial_state p) final_state (Genv.globalenv p) beh.
diff --git a/backend/Linear.v b/backend/Linear.v
index b9880ff..ca1a2bc 100644
--- a/backend/Linear.v
+++ b/backend/Linear.v
@@ -116,6 +116,52 @@ Definition find_function (ros: mreg + ident) (rs: locset) : option fundef :=
Definition reglist (rs: locset) (rl: list mreg) : list val :=
List.map (fun r => rs (R r)) rl.
+(** Calling conventions are reflected at the level of location sets
+ (environments mapping locations to values) by the following two
+ functions.
+
+ [call_regs caller] returns the location set at function entry,
+ as a function of the location set [caller] of the calling function.
+- Machine registers have the same values as in the caller.
+- Incoming stack slots (used for parameter passing) have the same
+ values as the corresponding outgoing stack slots (used for argument
+ passing) in the caller.
+- Local and outgoing stack slots are initialized to undefined values.
+*)
+
+Definition call_regs (caller: locset) : locset :=
+ fun (l: loc) =>
+ match l with
+ | R r => caller (R r)
+ | S (Local ofs ty) => Vundef
+ | S (Incoming ofs ty) => caller (S (Outgoing ofs ty))
+ | S (Outgoing ofs ty) => Vundef
+ end.
+
+(** [return_regs caller callee] returns the location set after
+ a call instruction, as a function of the location set [caller]
+ of the caller before the call instruction and of the location
+ set [callee] of the callee at the return instruction.
+- Callee-save machine registers have the same values as in the caller
+ before the call.
+- Caller-save machine registers have the same values
+ as in the callee at the return point.
+- Stack slots have the same values as in the caller before the call.
+*)
+
+Definition return_regs (caller callee: locset) : locset :=
+ fun (l: loc) =>
+ match l with
+ | R r =>
+ if In_dec Loc.eq (R r) Conventions.temporaries then
+ callee (R r)
+ else if In_dec Loc.eq (R r) Conventions.destroyed_at_call then
+ callee (R r)
+ else
+ caller (R r)
+ | S s => caller (S s)
+ end.
+
(** Linear execution states. *)
Inductive stackframe: Set :=
diff --git a/backend/Linearizeproof.v b/backend/Linearizeproof.v
index 303482e..3451cdb 100644
--- a/backend/Linearizeproof.v
+++ b/backend/Linearizeproof.v
@@ -468,15 +468,15 @@ Qed.
Inductive match_stackframes: LTL.stackframe -> LTLin.stackframe -> Prop :=
| match_stackframe_intro:
- forall sig res f sp pc ls tf c,
+ forall res f sp pc ls tf c,
transf_function f = OK tf ->
(reachable f)!!pc = true ->
valid_successor f pc ->
is_tail c (fn_code tf) ->
wt_function f ->
match_stackframes
- (LTL.Stackframe sig res f sp ls pc)
- (LTLin.Stackframe sig res tf sp ls (add_branch pc c)).
+ (LTL.Stackframe res f sp ls pc)
+ (LTLin.Stackframe res tf sp ls (add_branch pc c)).
Inductive match_states: LTL.state -> LTLin.state -> Prop :=
| match_states_intro:
@@ -501,14 +501,6 @@ Inductive match_states: LTL.state -> LTLin.state -> Prop :=
match_states (LTL.Returnstate s ls m)
(LTLin.Returnstate ts ls m).
-Remark parent_locset_match:
- forall s ts,
- list_forall2 match_stackframes s ts ->
- parent_locset ts = LTL.parent_locset s.
-Proof.
- induction 1; simpl; auto. inv H; auto.
-Qed.
-
Hypothesis wt_prog: wt_program prog.
Theorem transf_step_correct:
@@ -578,8 +570,6 @@ Proof.
traceEq.
econstructor; eauto.
(* Lcall *)
- unfold rs1 in *. inv MS. fold rs1.
- generalize (wt_instrs _ WTF _ _ H); intro WTI.
destruct (find_label_lin_inv _ _ _ _ _ TRF H REACH AT) as [c' EQ].
simpl in EQ. subst c.
assert (REACH': (reachable f)!!pc' = true).
@@ -600,14 +590,12 @@ Proof.
eapply Genv.find_funct_ptr_prop; eauto.
(* Ltailcall *)
- unfold rs2, rs1 in *. inv MS. fold rs1; fold rs2.
destruct (find_label_lin_inv _ _ _ _ _ TRF H REACH AT) as [c' EQ].
simpl in EQ. subst c.
exploit find_function_translated; eauto. intros [tf' [A B]].
econstructor; split.
apply plus_one. eapply exec_Ltailcall with (f' := tf'); eauto.
symmetry; apply sig_preserved; auto.
- rewrite (parent_locset_match _ _ STACKS).
econstructor; eauto.
destruct ros; simpl in H0.
eapply Genv.find_funct_prop; eauto.
@@ -677,8 +665,7 @@ Proof.
simpl in EQ. subst c.
econstructor; split.
apply plus_one. eapply exec_Lreturn; eauto.
- rewrite (parent_locset_match _ _ STACKS).
- monadInv TRF. simpl. econstructor; eauto.
+ econstructor; eauto.
(* internal function *)
assert (REACH: (reachable f)!!(LTL.fn_entrypoint f) = true).
@@ -714,7 +701,7 @@ Lemma transf_initial_states:
Proof.
intros. inversion H.
exploit function_ptr_translated; eauto. intros [tf [A B]].
- exists (Callstate nil tf (Locmap.init Vundef) (Genv.init_mem tprog)); split.
+ exists (Callstate nil tf nil (Genv.init_mem tprog)); split.
econstructor; eauto.
replace (prog_main tprog) with (prog_main prog).
rewrite symbols_preserved. eauto.
@@ -730,7 +717,7 @@ Lemma transf_final_states:
forall st1 st2 r,
match_states st1 st2 -> LTL.final_state st1 r -> LTLin.final_state st2 r.
Proof.
- intros. inv H0. inv H. inv H5. constructor. auto.
+ intros. inv H0. inv H. inv H4. constructor.
Qed.
Theorem transf_program_correct:
diff --git a/backend/Reloadproof.v b/backend/Reloadproof.v
index f0b17e1..372a261 100644
--- a/backend/Reloadproof.v
+++ b/backend/Reloadproof.v
@@ -414,22 +414,22 @@ End LINEAR_CONSTRUCTORS.
that is, non-temporary registers and [Local] stack slots. *)
Definition agree (rs1 rs2: locset) : Prop :=
- forall l, loc_acceptable l -> rs2 l = rs1 l.
+ forall l, loc_acceptable l -> Val.lessdef (rs1 l) (rs2 l).
Lemma agree_loc:
forall rs1 rs2 l,
- agree rs1 rs2 -> loc_acceptable l -> rs2 l = rs1 l.
+ agree rs1 rs2 -> loc_acceptable l -> Val.lessdef (rs1 l) (rs2 l).
Proof.
auto.
Qed.
Lemma agree_locs:
forall rs1 rs2 ll,
- agree rs1 rs2 -> locs_acceptable ll -> map rs2 ll = map rs1 ll.
+ agree rs1 rs2 -> locs_acceptable ll -> Val.lessdef_list (map rs1 ll) (map rs2 ll).
Proof.
induction ll; simpl; intros.
- auto.
- f_equal. apply H. apply H0; auto with coqlib.
+ constructor.
+ constructor. apply H. apply H0; auto with coqlib.
apply IHll; auto. red; intros. apply H0; auto with coqlib.
Qed.
@@ -446,7 +446,7 @@ Qed.
Lemma agree_set:
forall rs1 rs2 rs2' l v,
loc_acceptable l ->
- rs2' l = v ->
+ Val.lessdef v (rs2' l) ->
(forall l', Loc.diff l l' -> Loc.notin l' temporaries -> rs2' l' = rs2 l') ->
agree rs1 rs2 -> agree (Locmap.set l v rs1) rs2'.
Proof.
@@ -458,6 +458,7 @@ Proof.
apply temporaries_not_acceptable; auto.
Qed.
+(*****
Lemma agree_return_regs:
forall rs1 ls1 rs2 ls2,
agree rs1 ls1 -> agree rs2 ls2 ->
@@ -624,6 +625,140 @@ Proof.
destruct (In_dec Loc.eq (R m) destroyed_at_call); auto.
contradiction.
Qed.
+**********)
+
+Lemma agree_find_funct:
+ forall (ge: Linear.genv) rs ls r f,
+ Genv.find_funct ge (rs r) = Some f ->
+ agree rs ls ->
+ loc_acceptable r ->
+ Genv.find_funct ge (ls r) = Some f.
+Proof.
+ intros.
+ assert (Val.lessdef (rs r) (ls r)). eapply agree_loc; eauto.
+ exploit Genv.find_funct_inv; eauto. intros [b EQ]. rewrite EQ in H2.
+ inv H2. rewrite <- EQ. auto.
+Qed.
+
+Lemma agree_postcall_1:
+ forall rs ls,
+ agree rs ls ->
+ agree (LTL.postcall_regs rs) ls.
+Proof.
+ intros; red; intros. unfold LTL.postcall_regs.
+ destruct l; auto.
+ destruct (In_dec Loc.eq (R m) temporaries). constructor.
+ destruct (In_dec Loc.eq (R m) destroyed_at_call). constructor.
+ auto.
+Qed.
+
+Lemma agree_postcall_2:
+ forall rs ls ls',
+ agree (LTL.postcall_regs rs) ls ->
+ (forall l, loc_acceptable l -> ~In l destroyed_at_call -> ~In l temporaries -> ls' l = ls l) ->
+ agree (LTL.postcall_regs rs) ls'.
+Proof.
+ intros; red; intros. generalize (H l H1). unfold LTL.postcall_regs.
+ destruct l.
+ destruct (In_dec Loc.eq (R m) temporaries). intro; constructor.
+ destruct (In_dec Loc.eq (R m) destroyed_at_call). intro; constructor.
+ intro. rewrite H0; auto.
+ intro. rewrite H0; auto.
+ simpl. intuition congruence.
+ simpl. intuition congruence.
+Qed.
+
+Lemma agree_postcall_call:
+ forall rs ls ls' sig,
+ agree rs ls ->
+ (forall l, Loc.notin l (loc_arguments sig) -> Loc.notin l temporaries -> ls' l = ls l) ->
+ agree (LTL.postcall_regs rs) ls'.
+Proof.
+ intros. apply agree_postcall_2 with ls. apply agree_postcall_1; auto.
+ intros. apply H0.
+ apply arguments_not_preserved; auto.
+ destruct l; simpl. simpl in H2. intuition congruence.
+ destruct s; tauto.
+ apply temporaries_not_acceptable; auto.
+Qed.
+
+Lemma agree_postcall_alloc:
+ forall rs ls ls2 v,
+ agree rs ls ->
+ (forall l, Loc.diff (R loc_alloc_argument) l -> ls2 l = ls l) ->
+ agree (LTL.postcall_regs rs) (Locmap.set (R loc_alloc_result) v ls2).
+Proof.
+ intros. apply agree_postcall_2 with ls. apply agree_postcall_1; auto.
+ intros. destruct (Loc.eq l (R loc_alloc_result)).
+ subst l. elim H2. simpl. tauto.
+ rewrite Locmap.gso. apply H0.
+ red. destruct l; auto. red; intro. subst m. elim H2.
+ simpl. tauto.
+ apply Loc.diff_sym. apply loc_acceptable_noteq_diff; auto.
+Qed.
+
+Lemma agree_init_locs:
+ forall ls dsts vl,
+ locs_acceptable dsts ->
+ Loc.norepet dsts ->
+ Val.lessdef_list vl (map ls dsts) ->
+ agree (LTL.init_locs vl dsts) ls.
+Proof.
+ induction dsts; intros; simpl.
+ red; intros. unfold Locmap.init. constructor.
+ simpl in H1. inv H1. inv H0.
+ apply agree_set with ls. apply H; auto with coqlib. auto. auto.
+ apply IHdsts; auto. red; intros; apply H; auto with coqlib.
+Qed.
+
+Lemma call_regs_parameters:
+ forall ls sig,
+ map (call_regs ls) (loc_parameters sig) =
+ map ls (loc_arguments sig).
+Proof.
+ intros. unfold loc_parameters. rewrite list_map_compose.
+ apply list_map_exten; intros.
+ unfold call_regs, parameter_of_argument.
+ generalize (loc_arguments_acceptable _ _ H).
+ unfold loc_argument_acceptable.
+ destruct x. auto.
+ destruct s; intros; try contradiction. auto.
+Qed.
+
+Lemma return_regs_arguments:
+ forall ls1 ls2 sig,
+ tailcall_possible sig ->
+ map (return_regs ls1 ls2) (loc_arguments sig) = map ls2 (loc_arguments sig).
+Proof.
+ intros. symmetry. apply list_map_exten; intros.
+ unfold return_regs. generalize (H x H0). destruct x; intros.
+ destruct (In_dec Loc.eq (R m) temporaries). auto.
+ destruct (In_dec Loc.eq (R m) destroyed_at_call). auto.
+ elim n0. eapply arguments_caller_save; eauto.
+ contradiction.
+Qed.
+
+Lemma return_regs_result:
+ forall ls1 ls2 sig,
+ return_regs ls1 ls2 (R (loc_result sig)) = ls2 (R (loc_result sig)).
+Proof.
+ intros. unfold return_regs.
+ destruct (In_dec Loc.eq (R (loc_result sig)) temporaries). auto.
+ destruct (In_dec Loc.eq (R (loc_result sig)) destroyed_at_call). auto.
+ elim n0. apply loc_result_caller_save.
+Qed.
+
+Lemma return_regs_preserve:
+ forall ls1 ls2 l,
+ ~ In l temporaries ->
+ ~ In l destroyed_at_call ->
+ return_regs ls1 ls2 l = ls1 l.
+Proof.
+ intros. unfold return_regs. destruct l; auto.
+ destruct (In_dec Loc.eq (R m) temporaries). contradiction.
+ destruct (In_dec Loc.eq (R m) destroyed_at_call). contradiction.
+ auto.
+Qed.
(** * Preservation of labels and gotos *)
@@ -770,56 +905,63 @@ Qed.
only acceptable locations are accessed by this code.
*)
-Inductive match_stackframes: list LTLin.stackframe -> list Linear.stackframe -> Prop :=
+Inductive match_stackframes: list LTLin.stackframe -> list Linear.stackframe -> signature -> Prop :=
| match_stackframes_nil:
- match_stackframes nil nil
+ forall sig,
+ sig.(sig_res) = Some Tint ->
+ match_stackframes nil nil sig
| match_stackframes_cons:
forall res f sp c rs s s' c' ls sig,
- match_stackframes s s' ->
- sig_res (LTLin.fn_sig f) = sig_res (parent_callsig s) ->
+ match_stackframes s s' (LTLin.fn_sig f) ->
c' = add_spill (loc_result sig) res (transf_code f c) ->
- agree rs ls ->
+ agree (LTL.postcall_regs rs) ls ->
loc_acceptable res ->
wt_function f ->
is_tail c (LTLin.fn_code f) ->
- match_stackframes (LTLin.Stackframe sig res f sp rs c :: s)
- (Linear.Stackframe (transf_function f) sp ls c' :: s').
+ match_stackframes (LTLin.Stackframe res f sp (LTL.postcall_regs rs) c :: s)
+ (Linear.Stackframe (transf_function f) sp ls c' :: s')
+ sig.
Inductive match_states: LTLin.state -> Linear.state -> Prop :=
| match_states_intro:
- forall s f sp c rs m s' ls
- (STACKS: match_stackframes s s')
- (SIG: sig_res (LTLin.fn_sig f) = sig_res (parent_callsig s))
+ forall s f sp c rs m s' ls tm
+ (STACKS: match_stackframes s s' (LTLin.fn_sig f))
(AG: agree rs ls)
(WT: wt_function f)
- (TL: is_tail c (LTLin.fn_code f)),
+ (TL: is_tail c (LTLin.fn_code f))
+ (MMD: Mem.lessdef m tm),
match_states (LTLin.State s f sp c rs m)
- (Linear.State s' (transf_function f) sp (transf_code f c) ls m)
+ (Linear.State s' (transf_function f) sp (transf_code f c) ls tm)
| match_states_call:
- forall s f rs m s' ls
- (STACKS: match_stackframes s s')
- (SIG: sig_res (LTLin.funsig f) = sig_res (parent_callsig s))
- (AG: agree_arguments (LTLin.funsig f) rs ls)
- (WT: wt_fundef f),
- match_states (LTLin.Callstate s f rs m)
- (Linear.Callstate s' (transf_fundef f) ls m)
+ forall s f args m s' ls tm
+ (STACKS: match_stackframes s s' (LTLin.funsig f))
+ (AG: Val.lessdef_list args (map ls (Conventions.loc_arguments (LTLin.funsig f))))
+ (PRES: forall l, ~In l temporaries -> ~In l destroyed_at_call ->
+ ls l = parent_locset s' l)
+ (WT: wt_fundef f)
+ (MMD: Mem.lessdef m tm),
+ match_states (LTLin.Callstate s f args m)
+ (Linear.Callstate s' (transf_fundef f) ls tm)
| match_states_return:
- forall s rs m s' ls
- (STACKS: match_stackframes s s')
- (AG: agree rs ls),
- match_states (LTLin.Returnstate s rs m)
- (Linear.Returnstate s' ls m).
-
-Remark parent_locset_match:
- forall s s',
- match_stackframes s s' ->
- agree (LTLin.parent_locset s) (parent_locset s').
+ forall s res m s' ls tm sig
+ (STACKS: match_stackframes s s' sig)
+ (AG: Val.lessdef res (ls (R (Conventions.loc_result sig))))
+ (PRES: forall l, ~In l temporaries -> ~In l destroyed_at_call ->
+ ls l = parent_locset s' l)
+ (MMD: Mem.lessdef m tm),
+ match_states (LTLin.Returnstate s res m)
+ (Linear.Returnstate s' ls tm).
+
+Lemma match_stackframes_change_sig:
+ forall s s' sig1 sig2,
+ match_stackframes s s' sig1 ->
+ sig2.(sig_res) = sig1.(sig_res) ->
+ match_stackframes s s' sig2.
Proof.
- induction 1; simpl.
- red; intros; auto.
- auto.
+ intros. inv H. constructor. congruence.
+ econstructor; eauto. unfold loc_result. rewrite H0. auto.
Qed.
-
+
Ltac ExploitWT :=
match goal with
| [ WT: wt_function _, TL: is_tail _ _ |- _ ] =>
@@ -850,6 +992,8 @@ Definition measure (st: LTLin.state) : nat :=
| LTLin.Returnstate s ls m => 0%nat
end.
+Axiom ADMITTED: forall (P: Prop), P.
+
Theorem transf_step_correct:
forall s1 t s2, LTLin.step ge s1 t s2 ->
forall s1' (MS: match_states s1 s1'),
@@ -863,18 +1007,18 @@ Proof.
ExploitWT. inv WTI.
(* move *)
simpl.
- destruct (add_move_correct tge s' (transf_function f) sp r1 res (transf_code f b) ls m)
+ destruct (add_move_correct tge s' (transf_function f) sp r1 res (transf_code f b) ls tm)
as [ls2 [A [B C]]].
inv A.
right. split. omega. split. auto.
rewrite H1. rewrite H1. econstructor; eauto with coqlib.
- apply agree_set with ls2; auto.
+ apply agree_set with ls2; auto.
rewrite B. simpl in H; inversion H. auto.
left; econstructor; split. eapply plus_left; eauto.
econstructor; eauto with coqlib.
apply agree_set with ls; auto.
rewrite B. simpl in H; inversion H. auto.
- intros. simpl in H1. apply C. apply Loc.diff_sym; auto.
+ intros. apply C. apply Loc.diff_sym; auto.
simpl in H7; tauto. simpl in H7; tauto.
(* other ops *)
assert (is_move_operation op args = None).
@@ -885,18 +1029,22 @@ Proof.
exploit add_reloads_correct.
eapply length_op_args; eauto.
apply locs_acceptable_disj_temporaries; auto.
- intros [ls2 [A [B C]]].
+ intros [ls2 [A [B C]]]. instantiate (1 := ls) in B.
+ assert (exists tv, eval_operation tge sp op (reglist ls2 (regs_for args)) tm = Some tv
+ /\ Val.lessdef v tv).
+ apply eval_operation_lessdef with m (map rs args); auto.
+ rewrite B. eapply agree_locs; eauto.
+ rewrite <- H. apply eval_operation_preserved. exact symbols_preserved.
+ destruct H1 as [tv [P Q]].
exploit add_spill_correct.
intros [ls3 [D [E F]]].
left; econstructor; split.
eapply star_plus_trans. eexact A.
- eapply plus_left. eapply exec_Lop with (v := v).
- rewrite <- H. rewrite B. rewrite (agree_locs _ _ _ AG H5).
- apply eval_operation_preserved. exact symbols_preserved.
+ eapply plus_left. eapply exec_Lop with (v := tv); eauto.
eexact D. eauto. traceEq.
econstructor; eauto with coqlib.
apply agree_set with ls; auto.
- rewrite E. apply Locmap.gss.
+ rewrite E. rewrite Locmap.gss. auto.
intros. rewrite F; auto. rewrite Locmap.gso. auto.
apply reg_for_diff; auto.
@@ -906,17 +1054,23 @@ Proof.
apply le_S. eapply length_addr_args; eauto.
apply locs_acceptable_disj_temporaries; auto.
intros [ls2 [A [B C]]].
+ assert (exists ta, eval_addressing tge sp addr (reglist ls2 (regs_for args)) = Some ta
+ /\ Val.lessdef a ta).
+ apply eval_addressing_lessdef with (map rs args); auto.
+ rewrite B. eapply agree_locs; eauto.
+ rewrite <- H. apply eval_addressing_preserved. exact symbols_preserved.
+ destruct H1 as [ta [P Q]].
+ exploit Mem.loadv_lessdef; eauto.
+ intros [tv [R S]].
exploit add_spill_correct.
intros [ls3 [D [E F]]].
left; econstructor; split.
eapply star_plus_trans. eauto.
eapply plus_left. eapply exec_Lload; eauto.
- rewrite B. rewrite <- H. rewrite (agree_locs _ _ _ AG H7).
- apply eval_addressing_preserved. exact symbols_preserved.
eauto. auto. traceEq.
econstructor; eauto with coqlib.
apply agree_set with ls; auto.
- rewrite E. apply Locmap.gss.
+ rewrite E. rewrite Locmap.gss. auto.
intros. rewrite F; auto. rewrite Locmap.gso. auto.
apply reg_for_diff; auto.
@@ -936,20 +1090,25 @@ Proof.
intros [ls2 [A [B C]]]. rewrite EQ in A. rewrite EQ in B.
injection B. intros D E.
simpl in B.
+ assert (exists ta, eval_addressing tge sp addr (reglist ls2 rargs) = Some ta
+ /\ Val.lessdef a ta).
+ apply eval_addressing_lessdef with (map rs args); auto.
+ rewrite D. eapply agree_locs; eauto.
+ rewrite <- H. apply eval_addressing_preserved. exact symbols_preserved.
+ destruct H2 as [ta [P Q]].
+ assert (X: Val.lessdef (rs src) (ls2 (R rsrc))).
+ rewrite E. eapply agree_loc; eauto.
+ exploit Mem.storev_lessdef. eexact MMD. eexact Q. eexact X. eauto.
+ intros [tm2 [Y Z]].
left; econstructor; split.
eapply plus_right. eauto.
- eapply exec_Lstore with (a := a); eauto.
- rewrite D. rewrite <- H. rewrite (agree_locs _ _ _ AG H7).
- apply eval_addressing_preserved. exact symbols_preserved.
- rewrite E. rewrite (agree_loc _ _ _ AG H8). eauto.
+ eapply exec_Lstore with (a := ta); eauto.
traceEq.
econstructor; eauto with coqlib.
apply agree_exten with ls; auto.
(* Lcall *)
- inversion MS. subst s0 f0 sp0 c rs0 m0.
- simpl transf_code.
- ExploitWT. inversion WTI. subst sig0 ros0 args0 res0.
+ ExploitWT. inversion WTI. subst ros0 args0 res0. rewrite <- H0.
assert (WTF': wt_fundef f'). eapply find_function_wt; eauto.
destruct ros as [fn | id].
(* indirect call *)
@@ -957,44 +1116,41 @@ Proof.
(parallel_move args (loc_arguments sig)
(Lcall sig (inl ident IT3)
:: add_spill (loc_result sig) res (transf_code f b)))
- ls m)
+ ls tm)
as [ls2 [A [B C]]].
+ rewrite <- H0 in H5.
destruct (parallel_move_arguments_correct tge s' (transf_function f) sp
args sig
(Lcall sig (inl ident IT3)
:: add_spill (loc_result sig) res (transf_code f b))
- ls2 m H7 H10)
+ ls2 tm H5 H8)
as [ls3 [D [E [F G]]]].
- assert (AG_ARGS: agree_arguments (LTLin.funsig f') rs1 ls3).
- rewrite <- H0.
- unfold rs1. apply agree_set_arguments with ls; auto.
- rewrite E. apply list_map_exten; intros. symmetry. apply C.
- assert (Loc.notin x temporaries). apply temporaries_not_acceptable; auto.
- simpl in H3. apply Loc.diff_sym. tauto.
- intros. rewrite G; auto. apply C.
- simpl in H3. apply Loc.diff_sym. tauto.
+ assert (ARGS: Val.lessdef_list (map rs args)
+ (map ls3 (loc_arguments sig))).
+ rewrite E. apply agree_locs. apply agree_exten with ls; auto.
+ intros. apply C. simpl in H1. apply Loc.diff_sym. tauto. auto.
left; econstructor; split.
- eapply star_plus_trans. eauto. eapply plus_right. eauto.
+ eapply star_plus_trans. eexact A. eapply plus_right. eexact D.
eapply exec_Lcall; eauto.
- simpl. rewrite F. rewrite B.
- rewrite (agree_loc rs ls fn); auto.
+ simpl. rewrite F. rewrite B. eapply agree_find_funct; eauto.
apply functions_translated. eauto.
rewrite H0; symmetry; apply sig_preserved.
eauto. traceEq.
econstructor; eauto.
- econstructor; eauto with coqlib.
- eapply agree_arguments_agree; eauto.
- simpl. congruence.
+ econstructor; eauto with coqlib. rewrite H0; auto.
+ apply agree_postcall_call with ls sig; auto.
+ intros. rewrite G; auto. apply C. simpl in H2. apply Loc.diff_sym. tauto.
+ congruence.
(* direct call *)
+ rewrite <- H0 in H5.
destruct (parallel_move_arguments_correct tge s' (transf_function f) sp
args sig
(Lcall sig (inr mreg id)
:: add_spill (loc_result sig) res (transf_code f b))
- ls m H7 H10)
+ ls tm H5 H8)
as [ls3 [D [E [F G]]]].
- assert (AG_ARGS: agree_arguments (LTLin.funsig f') rs1 ls3).
- rewrite <- H0.
- unfold rs1. apply agree_set_arguments with ls; auto.
+ assert (ARGS: Val.lessdef_list (map rs args) (map ls3 (loc_arguments sig))).
+ rewrite E. apply agree_locs; auto.
left; econstructor; split.
eapply plus_right. eauto.
eapply exec_Lcall; eauto.
@@ -1004,58 +1160,53 @@ Proof.
rewrite H0. symmetry; apply sig_preserved.
traceEq.
econstructor; eauto.
- econstructor; eauto with coqlib.
- eapply agree_arguments_agree; eauto.
- simpl; congruence.
+ econstructor; eauto with coqlib. rewrite H0; auto.
+ apply agree_postcall_call with ls sig; auto.
+ congruence.
(* Ltailcall *)
- inversion MS. subst s0 f0 sp c rs0 m0 s1'.
- simpl transf_code.
- ExploitWT. inversion WTI. subst sig0 ros0 args0.
+ ExploitWT. inversion WTI. subst ros0 args0.
assert (WTF': wt_fundef f'). eapply find_function_wt; eauto.
+ rewrite <- H0.
destruct ros as [fn | id].
(* indirect call *)
destruct (add_reload_correct tge s' (transf_function f) (Vptr stk Int.zero) fn IT3
(parallel_move args (loc_arguments sig)
(Ltailcall sig (inl ident IT3) :: transf_code f b))
- ls m)
+ ls tm)
as [ls2 [A [B C]]].
+ rewrite <- H0 in H4.
destruct (parallel_move_arguments_correct tge s' (transf_function f) (Vptr stk Int.zero)
args sig
(Ltailcall sig (inl ident IT3) :: transf_code f b)
- ls2 m H5 H7)
+ ls2 tm H4 H6)
as [ls3 [D [E [F G]]]].
- assert (AG_ARGS: agree_arguments (LTLin.funsig f') rs2 (LTL.return_regs (parent_locset s') ls3)).
- rewrite <- H0. unfold rs2.
- apply agree_arguments_return_regs; auto.
- eapply parent_locset_match; eauto.
- unfold rs1. apply agree_set_arguments with ls; auto.
- rewrite E. apply list_map_exten; intros. symmetry. apply C.
- assert (Loc.notin x temporaries). apply temporaries_not_acceptable; auto.
- simpl in H2. apply Loc.diff_sym. tauto.
- intros. rewrite G; auto. apply C.
- simpl in H2. apply Loc.diff_sym. tauto.
+ assert (ARGS: Val.lessdef_list (map rs args)
+ (map ls3 (loc_arguments sig))).
+ rewrite E. apply agree_locs. apply agree_exten with ls; auto.
+ intros. apply C. simpl in H1. apply Loc.diff_sym. tauto. auto.
left; econstructor; split.
eapply star_plus_trans. eauto. eapply plus_right. eauto.
eapply exec_Ltailcall; eauto.
- simpl. rewrite F. rewrite B.
- rewrite (agree_loc rs ls fn); auto.
+ simpl. rewrite F. rewrite B. eapply agree_find_funct; eauto.
apply functions_translated. eauto.
rewrite H0; symmetry; apply sig_preserved.
eauto. traceEq.
- econstructor; eauto. congruence.
-
+ econstructor; eauto.
+ eapply match_stackframes_change_sig; eauto.
+ rewrite return_regs_arguments; auto. congruence.
+ exact (return_regs_preserve (parent_locset s') ls3).
+ apply Mem.free_lessdef; auto.
(* direct call *)
+ rewrite <- H0 in H4.
destruct (parallel_move_arguments_correct tge s' (transf_function f) (Vptr stk Int.zero)
args sig
(Ltailcall sig (inr mreg id) :: transf_code f b)
- ls m H5 H7)
+ ls tm H4 H6)
as [ls3 [D [E [F G]]]].
- assert (AG_ARGS: agree_arguments (LTLin.funsig f') rs2 (LTL.return_regs (parent_locset s') ls3)).
- rewrite <- H0. unfold rs2.
- apply agree_arguments_return_regs; auto.
- eapply parent_locset_match; eauto.
- unfold rs1. apply agree_set_arguments with ls; auto.
+ assert (ARGS: Val.lessdef_list (map rs args)
+ (map ls3 (loc_arguments sig))).
+ rewrite E. apply agree_locs. apply agree_exten with ls; auto. auto.
left; econstructor; split.
eapply plus_right. eauto.
eapply exec_Ltailcall; eauto.
@@ -1064,28 +1215,33 @@ Proof.
apply function_ptr_translated; auto. congruence.
rewrite H0. symmetry; apply sig_preserved.
traceEq.
- econstructor; eauto. congruence.
+ econstructor; eauto.
+ eapply match_stackframes_change_sig; eauto.
+ rewrite return_regs_arguments; auto. congruence.
+ exact (return_regs_preserve (parent_locset s') ls3).
+ apply Mem.free_lessdef; auto.
(* Lalloc *)
ExploitWT; inv WTI.
+ caseEq (alloc tm 0 (Int.signed sz)). intros tm' blk' TALLOC.
+ assert (blk = blk' /\ Mem.lessdef m' tm').
+ eapply Mem.alloc_lessdef; eauto.
exploit add_reload_correct. intros [ls2 [A [B C]]].
exploit add_spill_correct. intros [ls3 [D [E F]]].
+ destruct H1 as [P Q]. subst blk'.
+ assert (ls arg = Vint sz).
+ assert (Val.lessdef (rs arg) (ls arg)). eapply agree_loc; eauto.
+ rewrite H in H1; inversion H1; auto.
left; econstructor; split.
eapply star_plus_trans. eauto.
eapply plus_left. eapply exec_Lalloc; eauto.
- rewrite B. rewrite <- H. apply AG. auto.
+ rewrite B. eauto.
eauto. eauto. traceEq.
econstructor; eauto with coqlib.
- unfold rs3; apply agree_set with (Locmap.set (R loc_alloc_result) (Vptr blk Int.zero) ls2).
- auto. rewrite E. rewrite Locmap.gss.
- unfold rs2; rewrite Locmap.gss. auto.
- auto.
- unfold rs2. apply agree_set with ls2.
- unfold loc_alloc_result; simpl; intuition congruence.
- apply Locmap.gss. intros. apply Locmap.gso; auto.
- unfold rs1. apply agree_set with ls.
- unfold loc_alloc_argument; simpl; intuition congruence.
- rewrite B. apply AG; auto. auto. auto.
+ apply agree_set with (Locmap.set (R loc_alloc_result) (Vptr blk Int.zero) ls2).
+ auto. rewrite E. rewrite Locmap.gss. constructor.
+ auto.
+ apply agree_postcall_alloc with ls; auto.
(* Llabel *)
left; econstructor; split.
@@ -1106,7 +1262,8 @@ Proof.
intros [ls2 [A [B C]]].
left; econstructor; split.
eapply plus_right. eauto. eapply exec_Lcond_true; eauto.
- rewrite B. rewrite (agree_locs _ _ _ AG H5). auto.
+ rewrite B. apply eval_condition_lessdef with m (map rs args); auto.
+ eapply agree_locs; eauto.
apply find_label_transf_function; eauto.
traceEq.
econstructor; eauto.
@@ -1121,44 +1278,44 @@ Proof.
intros [ls2 [A [B C]]].
left; econstructor; split.
eapply plus_right. eauto. eapply exec_Lcond_false; eauto.
- rewrite B. rewrite (agree_locs _ _ _ AG H4). auto.
+ rewrite B. apply eval_condition_lessdef with m (map rs args); auto.
+ eapply agree_locs; eauto.
traceEq.
econstructor; eauto with coqlib.
apply agree_exten with ls; auto.
(* Lreturn *)
ExploitWT; inv WTI.
- unfold rs2, rs1; destruct or; simpl.
+ destruct or; simpl.
(* with an argument *)
exploit add_reload_correct.
intros [ls2 [A [B C]]].
left; econstructor; split.
eapply plus_right. eauto. eapply exec_Lreturn; eauto.
traceEq.
- econstructor; eauto.
- apply agree_return_regs; auto.
- eapply parent_locset_match; eauto.
- apply agree_set with ls.
- apply loc_result_acceptable.
- rewrite B. eapply agree_loc; eauto.
- auto. auto.
+ econstructor; eauto.
+ rewrite return_regs_result. rewrite B. apply agree_loc; auto.
+ apply return_regs_preserve.
+ apply Mem.free_lessdef; auto.
(* without an argument *)
left; econstructor; split.
apply plus_one. eapply exec_Lreturn; eauto.
econstructor; eauto.
- apply agree_return_regs; auto.
- eapply parent_locset_match; eauto.
+ apply return_regs_preserve.
+ apply Mem.free_lessdef; auto.
(* internal function *)
simpl in WT. inversion_clear WT. inversion H0. simpl in AG.
+ caseEq (alloc tm 0 (LTLin.fn_stacksize f)). intros tm' tstk TALLOC.
+ exploit Mem.alloc_lessdef; eauto. intros [P Q]. subst tstk.
destruct (parallel_move_parameters_correct tge s' (transf_function f)
(Vptr stk Int.zero) (LTLin.fn_params f) (LTLin.fn_sig f)
- (transf_code f (LTLin.fn_code f)) (LTL.call_regs ls) m'
+ (transf_code f (LTLin.fn_code f)) (call_regs ls) tm'
wt_params wt_acceptable wt_norepet)
as [ls2 [A [B [C D]]]].
- assert (AG2: agree rs2 ls2).
- unfold rs2. eapply agree_set_parameters; eauto.
- unfold rs1. apply agree_call_regs; auto.
+ assert (AG2: agree (LTL.init_locs args (fn_params f)) ls2).
+ apply agree_init_locs; auto.
+ rewrite B. rewrite call_regs_parameters. auto.
left; econstructor; split.
eapply plus_left.
eapply exec_function_internal; eauto.
@@ -1166,15 +1323,14 @@ Proof.
econstructor; eauto with coqlib.
(* external function *)
+ exploit event_match_lessdef; eauto.
+ intros [res' [A B]].
left; econstructor; split.
apply plus_one. eapply exec_function_external; eauto.
- unfold args. symmetry. eapply agree_arguments_locs; auto.
econstructor; eauto.
- unfold rs1. apply agree_set with ls; auto.
- apply loc_result_acceptable.
- apply Locmap.gss.
- intros. apply Locmap.gso; auto.
- eapply agree_arguments_agree; eauto.
+ simpl. rewrite Locmap.gss. auto.
+ intros. rewrite Locmap.gso. auto.
+ simpl. destruct l; auto. red; intro. elim H1. subst m0. apply loc_result_caller_save.
(* return *)
inv STACKS.
@@ -1183,8 +1339,10 @@ Proof.
eapply plus_left. eapply exec_return; eauto.
eauto. traceEq.
econstructor; eauto.
- unfold rs1. apply agree_set with ls; auto.
- rewrite B. apply AG. apply loc_result_acceptable.
+ apply agree_set with ls; auto.
+ rewrite B. auto.
+ unfold parent_locset in PRES.
+ apply agree_postcall_2 with ls0; auto.
Qed.
Lemma transf_initial_states:
@@ -1200,9 +1358,9 @@ Proof.
rewrite sig_preserved. auto.
replace (Genv.init_mem tprog) with (Genv.init_mem prog).
econstructor; eauto. constructor. rewrite H2; auto.
- red; intros. auto.
+ rewrite H2. simpl. constructor.
eapply Genv.find_funct_ptr_prop; eauto.
- symmetry. unfold tprog, transf_program. apply Genv.init_mem_transf; auto.
+ apply Mem.lessdef_refl. symmetry. unfold tprog, transf_program. apply Genv.init_mem_transf; auto.
Qed.
Lemma transf_final_states:
@@ -1210,8 +1368,7 @@ Lemma transf_final_states:
match_states st1 st2 -> LTLin.final_state st1 r -> Linear.final_state st2 r.
Proof.
intros. inv H0. inv H. inv STACKS. econstructor.
- rewrite (agree_loc _ _ (R R3) AG). auto.
- simpl. intuition congruence.
+ unfold loc_result in AG. rewrite H in AG. inv AG. auto.
Qed.
Theorem transf_program_correct:
diff --git a/backend/Stackingproof.v b/backend/Stackingproof.v
index 1759d7f..a9187ee 100644
--- a/backend/Stackingproof.v
+++ b/backend/Stackingproof.v
@@ -726,9 +726,9 @@ Lemma agree_return_regs:
(forall r,
In r int_callee_save_regs \/ In r float_callee_save_regs ->
rs' r = ls0 (R r)) ->
- (forall r, LTL.return_regs ls0 ls (R r) = rs' r).
+ (forall r, return_regs ls0 ls (R r) = rs' r).
Proof.
- intros; unfold LTL.return_regs.
+ intros; unfold return_regs.
case (In_dec Loc.eq (R r) temporaries); intro.
rewrite H0. eapply agree_reg; eauto.
apply int_callee_save_not_destroyed; auto.
@@ -778,10 +778,10 @@ Qed.
Lemma agree_callee_save_return_regs:
forall ls1 ls2,
- agree_callee_save (LTL.return_regs ls1 ls2) ls1.
+ agree_callee_save (return_regs ls1 ls2) ls1.
Proof.
intros; red; intros.
- unfold LTL.return_regs. destruct l; auto.
+ unfold return_regs. destruct l; auto.
generalize (int_callee_save_not_destroyed m); intro.
generalize (float_callee_save_not_destroyed m); intro.
destruct (In_dec Loc.eq (R m) temporaries). tauto.
@@ -988,7 +988,7 @@ Lemma save_callee_save_correct:
star step tge
(State stack tf sp (save_callee_save fe k) rs empty_frame m)
E0 (State stack tf sp k rs fr' m)
- /\ agree (LTL.call_regs ls) ls rs fr' cs.
+ /\ agree (call_regs ls) ls rs fr' cs.
Proof.
intros. unfold save_callee_save.
exploit save_callee_save_int_correct; eauto.
@@ -997,7 +997,7 @@ Proof.
intros [fr2 [A2 [B2 C2]]].
exists fr2.
split. eapply star_trans. eexact A1. eexact A2. traceEq.
- constructor; unfold LTL.call_regs; auto.
+ constructor; unfold call_regs; auto.
(* agree_local *)
intros. rewrite C2; auto with stacking.
rewrite C1; auto with stacking.
diff --git a/backend/Tunnelingproof.v b/backend/Tunnelingproof.v
index cb0a6d8..cefad10 100644
--- a/backend/Tunnelingproof.v
+++ b/backend/Tunnelingproof.v
@@ -190,10 +190,10 @@ Definition tunneled_code (f: function) :=
Inductive match_stackframes: stackframe -> stackframe -> Prop :=
| match_stackframes_intro:
- forall sig res f sp ls0 pc,
+ forall res f sp ls0 pc,
match_stackframes
- (Stackframe sig res f sp ls0 pc)
- (Stackframe sig res (tunnel_function f) sp ls0 (branch_target f pc)).
+ (Stackframe res f sp ls0 pc)
+ (Stackframe res (tunnel_function f) sp ls0 (branch_target f pc)).
Inductive match_states: state -> state -> Prop :=
| match_states_intro:
@@ -212,12 +212,6 @@ Inductive match_states: state -> state -> Prop :=
match_states (Returnstate s ls m)
(Returnstate ts ls m).
-Lemma parent_locset_match:
- forall s ts, list_forall2 match_stackframes s ts -> parent_locset ts = parent_locset s.
-Proof.
- induction 1; simpl; auto. inv H; auto.
-Qed.
-
(** To preserve non-terminating behaviours, we show that the transformed
code cannot take an infinity of "zero transition" cases.
We use the following [measure] function over source states,
@@ -286,32 +280,27 @@ Proof.
rewrite <- H0. apply eval_addressing_preserved. exact symbols_preserved.
econstructor; eauto.
(* Lcall *)
- unfold rs1. inv MS.
left; econstructor; split.
eapply exec_Lcall with (f' := tunnel_fundef f'); eauto.
rewrite (branch_target_identity f pc); [idtac | rewrite H; auto].
rewrite (tunnel_function_lookup _ _ _ H); simpl.
rewrite sig_preserved. auto.
apply find_function_translated; auto.
- rewrite sig_preserved; auto. fold rs1.
econstructor; eauto.
constructor; auto.
constructor; auto.
(* Ltailcall *)
- unfold rs2, rs1 in *. inv MS. fold rs1. fold rs2.
left; econstructor; split.
eapply exec_Ltailcall with (f' := tunnel_fundef f'); eauto.
rewrite (branch_target_identity f pc); [idtac | rewrite H; auto].
rewrite (tunnel_function_lookup _ _ _ H); simpl.
rewrite sig_preserved. auto.
apply find_function_translated; auto.
- rewrite sig_preserved; auto. fold rs1.
- rewrite (parent_locset_match _ _ H9).
econstructor; eauto.
(* Lalloc *)
rewrite (branch_target_identity f pc); [idtac | rewrite H; auto].
- left; exists (State ts (tunnel_function f) sp (branch_target f pc') rs3 m'); split.
- unfold rs3, rs2, rs1; eapply exec_Lalloc; eauto.
+ left; exists (State ts (tunnel_function f) sp (branch_target f pc') (Locmap.set res (Vptr b Integers.Int.zero) (postcall_regs rs)) m'); split.
+ eapply exec_Lalloc; eauto.
rewrite (tunnel_function_lookup _ _ _ H); simpl; auto.
econstructor; eauto.
(* cond *)
@@ -330,7 +319,7 @@ Proof.
left; econstructor; split.
eapply exec_Lreturn; eauto.
rewrite (tunnel_function_lookup _ _ _ H); simpl; eauto.
- simpl. rewrite (parent_locset_match _ _ H7). constructor; auto.
+ simpl. constructor; auto.
(* internal function *)
simpl. left; econstructor; split.
eapply exec_function_internal; eauto.
@@ -343,7 +332,7 @@ Proof.
inv H3. inv H1.
left; econstructor; split.
eapply exec_return; eauto.
- fold rs1. constructor. auto.
+ constructor. auto.
Qed.
Lemma transf_initial_states:
@@ -351,7 +340,7 @@ Lemma transf_initial_states:
exists st2, initial_state tp st2 /\ match_states st1 st2.
Proof.
intros. inversion H.
- exists (Callstate nil (tunnel_fundef f) (Locmap.init Vundef) (Genv.init_mem tp)); split.
+ exists (Callstate nil (tunnel_fundef f) nil (Genv.init_mem tp)); split.
econstructor; eauto.
change (prog_main tp) with (prog_main p).
rewrite symbols_preserved. eauto.
@@ -366,7 +355,7 @@ Lemma transf_final_states:
forall st1 st2 r,
match_states st1 st2 -> final_state st1 r -> final_state st2 r.
Proof.
- intros. inv H0. inv H. inv H5. constructor. auto.
+ intros. inv H0. inv H. inv H4. constructor.
Qed.
Theorem transf_program_correct: