From 97a1231b8f3de4d413fc3347f941812860616575 Mon Sep 17 00:00:00 2001
From: xleroy <xleroy@fca1b0fc-160b-0410-b1d3-a4f43f01ea2e>
Date: Mon, 22 Aug 2011 09:41:12 +0000
Subject: Changelog, doc: updated for release 1.9 lib/Integers, Makefile:
 unsuccessful experiments with coqchk

git-svn-id: https://yquem.inria.fr/compcert/svn/compcert/trunk@1723 fca1b0fc-160b-0410-b1d3-a4f43f01ea2e
---
 Changelog      |  2 +-
 Makefile       |  7 +++++++
 doc/index.html | 10 +++++++++-
 lib/Integers.v | 15 +++++++--------
 4 files changed, 24 insertions(+), 10 deletions(-)

diff --git a/Changelog b/Changelog
index cebff9a..e3fae53 100644
--- a/Changelog
+++ b/Changelog
@@ -1,4 +1,4 @@
-Release 1.9, 2011-xx-xx
+Release 1.9, 2011-08-22
 =======================
 
 - The reduction semantics of CompCert C was made executable and turned
diff --git a/Makefile b/Makefile
index 54c0cf4..5d572eb 100644
--- a/Makefile
+++ b/Makefile
@@ -20,6 +20,7 @@ COQC=coqc -q $(INCLUDES)
 COQDEP=coqdep $(INCLUDES)
 COQDOC=coqdoc
 COQEXEC=coqtop $(INCLUDES) -batch -load-vernac-source
+COQCHK=coqchk $(INCLUDES)
 
 OCAMLBUILD=ocamlbuild
 OCB_OPTIONS=\
@@ -186,6 +187,12 @@ distclean:
 check-admitted: $(FILES)
 	@grep -w 'admit\|Admitted\|ADMITTED' $^ || echo "Nothing admitted."
 
+# Problems with coqchk:
+#   Integers.one_bits_range takes forever to check
+#   Mach#<>#instruction causes a failure
+check-proof: $(FILES)
+	$(COQCHK) -admit Integers Complements
+
 include .depend
 
 FORCE:
diff --git a/doc/index.html b/doc/index.html
index 4c1d536..84d2905 100644
--- a/doc/index.html
+++ b/doc/index.html
@@ -24,7 +24,7 @@ a:active {color : Red; text-decoration : underline; }
 
 <H1 align="center">The Compcert verified compiler</H1>
 <H2 align="center">Commented Coq development</H2>
-<H3 align="center">Version 1.8.2, 2011-05-24</H3>
+<H3 align="center">Version 1.9, 2011-08-22</H3>
 
 <H2>Introduction</H2>
 
@@ -263,6 +263,13 @@ code.
       <A HREF="html/Reloadproof.html">Reloadproof</A></TD>
 </TR>
 
+<TR valign="top">
+  <TD>Redundant reload elimination</TD>
+  <TD>Linear to Linear</TD>
+  <TD><A HREF="html/RRE.html">RRE</A></TD>
+  <TD><A HREF="html/RREproof.html">RREproof</A></TD>
+</TR>
+
 <TR valign="top">
   <TD>Laying out the activation records</TD>
   <TD>Linear to Mach</TD>
@@ -301,6 +308,7 @@ Proofs that compiler passes are type-preserving:
 <LI> <A HREF="html/Linearizetyping.html">Linearizetyping</A> (code linearization).
 <LI> <A HREF="html/CleanupLabelstyping.html">CleanupLabelstyping</A> (removal of unreferenced labels).
 <LI> <A HREF="html/Reloadtyping.html">Reloadtyping</A> (spilling and reloading).
+<LI> <A HREF="html/RREtyping.html">RREtyping</A> (redundant reload elimination).
 <LI> <A HREF="html/Stackingtyping.html">Stackingtyping</A> (layout of activation records).
 </UL>
 
diff --git a/lib/Integers.v b/lib/Integers.v
index 6e7a6cb..75bc63d 100644
--- a/lib/Integers.v
+++ b/lib/Integers.v
@@ -2742,18 +2742,17 @@ Qed.
 
 (** ** Properties of [one_bits] (decomposition in sum of powers of two) *)
 
-Opaque Z_one_bits. (* Otherwise, next Qed blows up! *)
-
 Theorem one_bits_range:
   forall x i, In i (one_bits x) -> ltu i iwordsize = true.
 Proof.
+  assert (A: forall p, 0 <= p < Z_of_nat wordsize -> ltu (repr p) iwordsize = true).
+    intros. unfold ltu, iwordsize. apply zlt_true. 
+    repeat rewrite unsigned_repr. tauto. 
+    generalize wordsize_max_unsigned. omega.
+    generalize wordsize_max_unsigned. omega.
   intros. unfold one_bits in H.
-  elim (list_in_map_inv _ _ _ H). intros i0 [EQ IN].
-  subst i. unfold ltu. unfold iwordsize. apply zlt_true. 
-  generalize (Z_one_bits_range _ _ IN). intros.
-  assert (0 <= Z_of_nat wordsize <= max_unsigned).
-    generalize wordsize_pos wordsize_max_unsigned; omega.
-  repeat rewrite unsigned_repr; omega.
+  destruct (list_in_map_inv _ _ _ H) as [i0 [EQ IN]].
+  subst i. apply A. apply Z_one_bits_range with (unsigned x); auto.
 Qed.
 
 Fixpoint int_of_one_bits (l: list int) : int :=
-- 
cgit v1.2.3