Change toRTMap to toRExpMap to make function purpose clearer, fix broken...

Change toRTMap to toRExpMap to make function purpose clearer, fix broken proofs up until ErrorBounds.v

coq/CertificateChecker.v

@@ -31,7 +31,7 @@ Definition CertificateChecker (e:expr Q) (absenv:analysisResult)
 Theorem Certificate_checking_is_sound (e:expr Q) (absenv:analysisResult) P
         defVars:
   forall (E1 E2:env),
-    approxEnv E1 (toRTMap defVars) absenv (usedVars e) NatSet.empty E2 ->
+    approxEnv E1 (toRExpMap defVars) absenv (usedVars e) NatSet.empty E2 ->
     (forall v, NatSet.In v (Expressions.usedVars e) ->
           exists vR, E1 v = Some vR /\
                 (Q2R (fst (P v)) <= vR <= Q2R (snd (P v)))%R) ->
@@ -70,8 +70,8 @@ Proof.
   { hnf; intros a in_empty.
     set_tac. }
   rename R into validFPRanges.
-  assert (validRanges e absenv E1 (toRTMap defVars)) as valid_e.
-  { eapply (RangeValidator_sound e (dVars:=NatSet.empty) (A:=absenv) (P:=P) (Gamma:=toRTMap defVars) (E:=E1));
+  assert (validRanges e absenv E1 (toRExpMap defVars)) as valid_e.
+  { eapply (RangeValidator_sound e (dVars:=NatSet.empty) (A:=absenv) (P:=P) (Gamma:=toRExpMap defVars) (E:=E1));
       auto. }
   pose proof (validRanges_single _ _ _ _ _ valid_e) as valid_single;
     destruct valid_single as [iv_e [ err_e [vR [ map_e [eval_real real_bounds_e]]]]].

coq/ErrorValidation.v

@@ -151,15 +151,15 @@ Qed.
 
 Lemma validErrorboundCorrectVariable_eval E1 E2 A (v:nat) e nR nlo nhi fVars
       dVars Gamma exprTypes:
-    eval_expr E1 (toRMap (toRTMap Gamma)) (toREval (toRExp (Var Q v))) nR REAL ->
+    eval_expr E1 (toRMap (toRExpMap Gamma)) (toREval (toRExp (Var Q v))) nR REAL ->
     validTypes (Var Q v) Gamma ->
-    approxEnv E1 (toRTMap Gamma) A fVars dVars E2 ->
-    validRanges (Var Q v) A E1 (toRTMap Gamma) ->
+    approxEnv E1 (toRExpMap Gamma) A fVars dVars E2 ->
+    validRanges (Var Q v) A E1 (toRExpMap Gamma) ->
     validErrorbound (Var Q v) exprTypes A dVars = true ->
     NatSet.Subset (NatSet.diff (usedVars (Var Q v)) dVars) fVars ->
     FloverMap.find (Var Q v) A = Some ((nlo, nhi), e) ->
     exists nF m,
-    eval_expr E2 (toRTMap Gamma) (toRExp (Var Q v)) nF m.
+    eval_expr E2 (toRExpMap Gamma) (toRExp (Var Q v)) nF m.
 Proof.
   intros eval_real typing_ok approxCEnv bounds_valid error_valid v_sound A_var.
   apply validRanges_single in bounds_valid.
@@ -180,11 +180,11 @@ Admitted.
 
 Lemma validErrorboundCorrectVariable:
   forall E1 E2 A (v:nat) e nR nF mF nlo nhi fVars dVars exprTypes,
-    eval_expr E1 (toRMap (toRTMap exprTypes)) (toREval (toRExp (Var Q v))) nR REAL ->
-    eval_expr E2 (toRTMap exprTypes) (toRExp (Var Q v)) nF mF ->
-    approxEnv E1 (toRTMap exprTypes) A fVars dVars E2 ->
+    eval_expr E1 (toRMap (toRExpMap exprTypes)) (toREval (toRExp (Var Q v))) nR REAL ->
+    eval_expr E2 (toRExpMap exprTypes) (toRExp (Var Q v)) nF mF ->
+    approxEnv E1 (toRExpMap exprTypes) A fVars dVars E2 ->
     validTypes (Var Q v) (exprTypes) ->
-    validRanges (Var Q v) A E1 (toRTMap exprTypes) ->
+    validRanges (Var Q v) A E1 (toRExpMap exprTypes) ->
     validErrorbound (Var Q v) exprTypes A dVars = true ->
     NatSet.Subset (NatSet.diff (usedVars (Var Q v)) dVars) fVars ->
     FloverMap.find (Var Q v) A = Some ((nlo, nhi), e) ->
@@ -215,7 +215,7 @@ Proof.
     repeat destr_factorize.
     rewrite computeErrorQ_computeErrorR in error_valid.
     eapply Rle_trans; eauto.
-    assert (m = mF) by admit; subst. (* comes from toRTMap... *)
+    assert (m = mF) by admit; subst. (* comes from toRExpMap... *)
     rewrite <- maxAbs_impl_RmaxAbs.
     apply computeErrorR_up.
     apply contained_leq_maxAbs.
@@ -223,10 +223,10 @@ Proof.
 Admitted.
 
 Lemma validErrorboundCorrectConstant_eval E1 E2 m n nR Gamma:
-    eval_expr E1 (toRMap (toRTMap Gamma)) (toREval (toRExp (Const m n))) nR REAL ->
+    eval_expr E1 (toRMap (toRExpMap Gamma)) (toREval (toRExp (Const m n))) nR REAL ->
     validTypes (Const m n) Gamma ->
     exists nF m',
-      eval_expr E2 (toRTMap Gamma) (toRExp (Const m n)) nF m'.
+      eval_expr E2 (toRExpMap Gamma) (toRExp (Const m n)) nF m'.
 Proof.
   intros eval_real typing_ok.
   simpl in *.
@@ -288,13 +288,13 @@ Qed.
 Lemma validErrorboundCorrectAddition E1 E2 A
       (e1:expr Q) (e2:expr Q) (nR nR1 nR2 nF nF1 nF2 :R) (e err1 err2 :error)
       (alo ahi e1lo e1hi e2lo e2hi:Q) dVars m m1 m2 Gamma:
-  eval_expr E1 (toRMap (toRTMap Gamma)) (toREval (toRExp e1)) nR1 REAL ->
-  eval_expr E1 (toRMap (toRTMap Gamma)) (toREval (toRExp e2)) nR2 REAL ->
-  eval_expr E1 (toRMap (toRTMap Gamma)) (toREval (toRExp (Binop Plus e1 e2))) nR REAL ->
-  eval_expr E2 (toRTMap Gamma) (toRExp e1) nF1 m1 ->
-  eval_expr E2 (toRTMap Gamma) (toRExp e2) nF2 m2 ->
+  eval_expr E1 (toRMap (toRExpMap Gamma)) (toREval (toRExp e1)) nR1 REAL ->
+  eval_expr E1 (toRMap (toRExpMap Gamma)) (toREval (toRExp e2)) nR2 REAL ->
+  eval_expr E1 (toRMap (toRExpMap Gamma)) (toREval (toRExp (Binop Plus e1 e2))) nR REAL ->
+  eval_expr E2 (toRExpMap Gamma) (toRExp e1) nF1 m1 ->
+  eval_expr E2 (toRExpMap Gamma) (toRExp e2) nF2 m2 ->
   eval_expr (updEnv 2 nF2 (updEnv 1 nF1 emptyEnv))
-           (updDefVars (Var R 2) m2 (updDefVars (Var R 1) m1 (toRTMap Gamma)))
+           (updDefVars (Var R 2) m2 (updDefVars (Var R 1) m1 (toRExpMap Gamma)))
            (toRExp (Binop Plus (Var Q 1) (Var Q 2))) nF m ->
   validTypes (Binop Plus e1 e2) Gamma ->
   validErrorbound (Binop Plus e1 e2) Gamma A dVars = true ->
@@ -2111,16 +2111,16 @@ Qed.
 Theorem validErrorbound_sound (e:expr Q):
   forall E1 E2 fVars dVars A nR err elo ehi Gamma,
     validTypes e Gamma ->
-    approxEnv E1 (toRTMap Gamma) A fVars dVars E2 ->
+    approxEnv E1 (toRExpMap Gamma) A fVars dVars E2 ->
     NatSet.Subset (NatSet.diff (Expressions.usedVars e) dVars) fVars ->
-    eval_expr E1 (toRMap (toRTMap Gamma)) (toREval (toRExp e)) nR REAL ->
+    eval_expr E1 (toRMap (toRExpMap Gamma)) (toREval (toRExp e)) nR REAL ->
     validErrorbound e Gamma A dVars = true ->
-    validRanges e A E1 (toRTMap Gamma) ->
+    validRanges e A E1 (toRExpMap Gamma) ->
     FloverMap.find e A = Some ((elo,ehi),err) ->
     (exists nF m,
-      eval_expr E2 (toRTMap Gamma) (toRExp e) nF m) /\
+      eval_expr E2 (toRExpMap Gamma) (toRExp e) nF m) /\
     (forall nF m,
-        eval_expr E2 (toRTMap Gamma) (toRExp e) nF m ->
+        eval_expr E2 (toRExpMap Gamma) (toRExp e) nF m ->
     (Rabs (nR - nF) <= (Q2R err))%R).
 Proof.
   revert e; induction e;

coq/ExpressionSemantics.v

@@ -40,7 +40,6 @@ Inductive eval_expr (E:env)
     E x = Some v ->
     eval_expr E Gamma (Var R x) v m
 | Const_dist m n delta:
-    Gamma (Const m n) = Some m ->
     Rabs delta <= mTypeToR m ->
     eval_expr E Gamma (Const m n) (perturb n m delta) m
 | Unop_neg m mN f1 v1:
@@ -88,7 +87,6 @@ Hint Constructors eval_expr.
 Lemma Const_dist' m n delta v m' E Gamma:
   Rle (Rabs delta) (mTypeToR m') ->
   v = perturb n m delta ->
-  Gamma (Const m n) = Some m ->
   m' = m ->
   eval_expr E Gamma (Const m n) v m'.
 Proof.
@@ -171,24 +169,49 @@ Qed.
 
 Hint Resolve Fma_dist'.
 
-Lemma Gamma_def e E Gamma v m:
-  eval_expr E Gamma e v m ->
-  Gamma e = Some m.
+Lemma Gamma_det e E Gamma v1 v2 m1 m2:
+  eval_expr E Gamma e v1 m1 ->
+  eval_expr E Gamma e v2 m2 ->
+  m1 = m2.
 Proof.
-  destruct e; intros * eval_e; inversion eval_e; subst; auto.
+  induction e; intros * eval_e1 eval_e2;
+    inversion eval_e1; subst;
+      inversion eval_e2; subst; try auto;
+        match goal with
+        | [H1: Gamma ?e = Some ?m1, H2: Gamma ?e = Some ?m2 |- _ ] =>
+          rewrite H1 in H2; inversion H2; subst
+        end;
+        auto.
 Qed.
 
 Lemma toRMap_eval_REAL f:
-  forall v E Gamma m, eval_expr E (toRMap Gamma) (toREval f) v m -> m = REAL.
+  forall v E Gamma m, eval_expr E (toRTMap Gamma) (toREval f) v m -> m = REAL.
 Proof.
-  induction f; intros * eval_f; inversion eval_f; subst;
+  induction f; intros * eval_f; inversion eval_f; subst.
   repeat
     match goal with
-    | H: context[toRMap _ _] |- _ => unfold toRMap in H
+    | H: context[toRTMap _ _] |- _ => unfold toRTMap in H
     | H: context[match ?Gamma ?v with | _ => _ end ] |- _ => destruct (Gamma v) eqn:?
     | H: Some ?m1 = Some ?m2 |- _ => inversion H; try auto
     | H: None = Some ?m |- _ => inversion H
     end; try auto.
+  - auto.
+  - rewrite (IHf _ _ _ _ H5) in H2.
+    unfold isCompat in H2.
+    destruct m; type_conv; subst; try congruence; auto.
+  - rewrite (IHf _ _ _ _ H4) in H2.
+    unfold isCompat in H2.
+    destruct m; type_conv; subst; try congruence; auto.
+  - rewrite (IHf1 _ _ _ _ H5) in H3.
+    rewrite (IHf2 _ _ _ _ H8) in H3.
+    unfold isJoin in H3; simpl in H3.
+    destruct m; try congruence; auto.
+  - rewrite (IHf1 _ _ _ _ H5) in H3.
+    rewrite (IHf2 _ _ _ _ H8) in H3.
+    rewrite (IHf3 _ _ _ _ H9) in H3.
+    unfold isJoin3 in H3; simpl in H3.
+    destruct m; try congruence; auto.
+  - auto.
 Qed.
 
 (**
@@ -207,8 +230,8 @@ Evaluation with 0 as machine epsilon is deterministic
 **)
 Lemma meps_0_deterministic (f:expr R) (E:env) Gamma:
   forall v1 v2,
-  eval_expr E (toRMap Gamma) (toREval f) v1 REAL ->
-  eval_expr E (toRMap Gamma) (toREval f) v2 REAL ->
+  eval_expr E (toRTMap Gamma) (toREval f) v1 REAL ->
+  eval_expr E (toRTMap Gamma) (toREval f) v2 REAL ->
   v1 = v2.
 Proof.
   induction f;
@@ -268,13 +291,18 @@ Proof.
   intros no_div_zero err_v eval_f1 eval_f2 eval_float.
   inversion eval_float; subst.
   rewrite H2 in *.
-  eapply Gamma_def in eval_f1; eapply Gamma_def in H6.
-  rewrite H6 in eval_f1; inversion eval_f1; subst.
-  eapply Gamma_def in eval_f2; eapply Gamma_def in H8;
-    rewrite H8 in eval_f2; inversion eval_f2; subst.
+  repeat
+    (match goal with
+     | [H1: eval_expr ?E ?Gamma ?f ?v1 ?m1, H2: eval_expr ?E ?Gamma ?f ?v2 ?m2 |- _] =>
+       assert (m1 = m2)
+         by (eapply Gamma_det; eauto);
+       revert H1 H2
+     end); intros; subst.
   eapply Binop_dist' with (v1:=v1) (v2:=v2) (delta:=delta); try eauto.
-  unfold updDefVars.
-  unfold R_orderedExps.compare; rewrite R_orderedExps.exprCompare_refl; auto.
+  - eapply Var_load; eauto.
+  - eapply Var_load; eauto.
+  - unfold updDefVars.
+    unfold R_orderedExps.compare; rewrite R_orderedExps.exprCompare_refl; auto.
 Qed.
 
 Lemma fma_unfolding f1 f2 f3 E v1 v2 v3 m1 m2 m3 m Gamma delta:
@@ -295,8 +323,7 @@ Proof.
     (match goal with
      | [H1: eval_expr ?E ?Gamma ?f ?v1 ?m1, H2: eval_expr ?E ?Gamma ?f ?v2 ?m2 |- _] =>
        assert (m1 = m2)
-         by (eapply Gamma_def in H1; eapply Gamma_def in H2;
-             rewrite H2 in H1; inversion H1; subst; auto);
+         by (eapply Gamma_det; eauto);
        revert H1 H2
      end).
   intros; subst.

coq/FPRangeValidator.v

@@ -70,10 +70,10 @@ Ltac prove_fprangeval m v L1 R:=
 
 Theorem FPRangeValidator_sound:
   forall (e:expr Q) E1 E2 Gamma v m A fVars dVars,
-  approxEnv E1 (toRTMap Gamma) A fVars dVars E2 ->
-  eval_expr E2 (toRTMap Gamma) (toRExp e) v m ->
+  approxEnv E1 (toRExpMap Gamma) A fVars dVars E2 ->
+  eval_expr E2 (toRExpMap Gamma) (toRExp e) v m ->
   validTypes e Gamma ->
-  validRanges e A E1 (toRTMap Gamma) ->
+  validRanges e A E1 (toRExpMap Gamma) ->
   validErrorbound e Gamma A dVars = true ->
   FPRangeValidator e A Gamma dVars = true ->
   NatSet.Subset (NatSet.diff (usedVars e) dVars) fVars ->

coq/Infra/ExpressionAbbrevs.v

@@ -48,19 +48,20 @@ Proof.
     destruct e5; congruence.
 Qed.
 
-Lemma Qcompare_Rcompare q1 q2 c:
-  Qcompare q1 q2 = c ->
-  Rcompare (Q2R q1) (Q2R q2) = c.
+Lemma Qcompare_Rcompare q1 q2:
+  Qcompare q1 q2 = Rcompare (Q2R q1) (Q2R q2).
 Proof.
-  intros q_check; destruct c.
+  destruct (Qcompare q1 q2) eqn:q_check.
   - rewrite <- Qeq_alt in q_check.
     apply Qeq_eqR in q_check.
     rewrite q_check in *.
     rewrite R_orderedExps.V_orderedFacts.compare_refl in *; auto.
   - rewrite <- Qlt_alt in q_check.
     apply Qlt_Rlt in q_check.
+    symmetry.
     rewrite R_orderedExps.V_orderedFacts.compare_lt_iff; auto.
   - rewrite <- Qgt_alt in q_check.
+    symmetry.
     rewrite R_orderedExps.V_orderedFacts.compare_gt_iff.
     auto using Qlt_Rlt.
 Qed.
@@ -71,7 +72,7 @@ Proof.
   functional induction (Q_orderedExps.exprCompare e1 e2); simpl in *; try auto; try congruence;
     try rewrite e3;
   try rewrite <- IHc, e6; try auto.
-  - destruct (Qcompare v1 v2) eqn:q_comp; apply Qcompare_Rcompare in q_comp; auto.
+  - destruct (Qcompare v1 v2) eqn:q_comp; rewrite Qcompare_Rcompare in q_comp; auto.
   - rewrite e6; auto.
   - rewrite e6; auto.
   - rewrite e6; auto.
@@ -89,6 +90,16 @@ Proof.
   - rewrite e5, e8; auto.
 Qed.
 
+(* Lemma QcompareExp_toREvalcompare e1 e2: *)
+(*   Q_orderedExps.exprCompare e1 e2 = R_orderedExps.exprCompare (toREval (toRExp e1)) (toREval (toRExp e2)). *)
+(* Proof. *)
+(*   functional induction (Q_orderedExps.exprCompare e1 e2); *)
+(*     try auto; try congruence. *)
+(*   - rewrite Qcompare_Rcompare; auto. *)
+(*   - simpl in *; congruence. *)
+(*   - simpl in *; congruence. *)
+(*   -  *)
+
 Lemma usedVars_eq_compat e1 e2:
   Q_orderedExps.eq e1 e2 ->
   NatSet.eq (usedVars e1) (usedVars e2).
@@ -208,13 +219,27 @@ Proof.
   congruence.
 Qed.
 
-Definition toRTMap (tMap:FloverMap.t mType) : expr R -> option mType :=
+Definition toRExpMap (tMap:FloverMap.t mType) : expr R -> option mType :=
   let elements := FloverMap.elements (elt:=mType) tMap in
   fun (e:expr R) =>
-    olet p := findA (fun p => match R_orderedExps.compare e (toRExp p) with
-                   | Eq => true |_ => false end) elements in
+    olet p := findA
+                (fun p => match R_orderedExps.compare e (toRExp p) with
+                       | Eq => true |_ => false end)
+                elements
+      in
         Some p.
 
+Definition toRTMap (Gamma:expr R -> option mType) :expr R -> option mType :=
+  fun (e:expr R) =>
+    match e with
+    | Var _ _ =>
+     match Gamma e with
+     |Some m => Some REAL
+     | _ => None
+     end
+    | _ => Some REAL
+    end.
+
 Definition updDefVars  (e:expr R) (m:mType) Gamma :=
   fun eNew =>
     match R_orderedExps.compare eNew e with
@@ -256,7 +281,7 @@ Proof.
   induction l; intros f_eq find1; simpl in *; try congruence.
   destruct a.
   destruct (f1 a) eqn:?.
-  - rewrite <- f_eq; rewrite Heqb0; congruence.
+  - rewrite <- f_eq; rewrite Heqb0; auto.
   - rewrite <- f_eq; rewrite Heqb0.
     apply IHl; auto.
 Qed.
@@ -273,14 +298,14 @@ Proof.
     apply IHl; auto.
 Qed.
 
-Lemma toRTMap_some tMap e e2 m:
+Lemma toRExpMap_some tMap e e2 m:
   e2 = toRExp e ->
   FloverMap.find e tMap = Some m ->
-  toRTMap tMap e2 = Some m.
+  toRExpMap tMap e2 = Some m.
 Proof.
   intros ? find_Q; subst.
   rewrite  FloverMapFacts.P.F.elements_o in find_Q.
-  unfold toRTMap.
+  unfold toRExpMap.
   unfold optionBind.
   erewrite <- findA_swap2 with (f1 := FloverMapFacts.P.F.eqb e).
   - rewrite find_Q; auto.
@@ -291,12 +316,12 @@ Proof.
     destruct (Q_orderedExps.exprCompare e k) eqn:q_comp; auto.
 Qed.
 
-Lemma toRTMap_find_map tMap e m:
-  toRTMap tMap (toRExp e) = Some m ->
+Lemma toRExpMap_find_map tMap e m:
+  toRExpMap tMap (toRExp e) = Some m ->
   FloverMap.find e tMap = Some m.
 Proof.
   intros RTMap_def.
-  unfold toRTMap, optionBind in *.
+  unfold toRExpMap, optionBind in *.
   Flover_compute.
   inversion RTMap_def; subst.
   rewrite FloverMapFacts.P.F.elements_o.
@@ -308,19 +333,72 @@ Proof.
   destruct (Q_orderedExps.exprCompare e k) eqn:q_comp; auto.
 Qed.
 
-Lemma toRTMap_some_cases tMap e1 e2 m1 m2:
-  toRTMap (FloverMap.add e1 m1 tMap) (toRExp e2) = Some m2 ->
-  (R_orderedExps.exprCompare (toRExp e1) (toRExp e2) = Eq /\ m1 = m2) \/ toRTMap tMap (toRExp e2) = Some m2.
+Lemma toRExpMap_some_cases tMap e1 e2 m1 m2:
+  toRExpMap (FloverMap.add e1 m1 tMap) (toRExp e2) = Some m2 ->
+  (R_orderedExps.exprCompare (toRExp e1) (toRExp e2) = Eq /\ m1 = m2) \/ toRExpMap tMap (toRExp e2) = Some m2.
 Proof.
   intros map_def.
-  apply toRTMap_find_map in map_def.
+  apply toRExpMap_find_map in map_def.
   rewrite FloverMapFacts.P.F.add_o in map_def.
   destruct (FloverMap.E.eq_dec e1 e2) eqn:?.
   - left. inversion map_def; split; try auto.
     rewrite <- QcompareExp_RcompareExp; auto.
-  - right. eauto using toRTMap_some.
+  - right. eauto using toRExpMap_some.
+Qed.
+
+Lemma eqb_cmp_eq e1 e2:
+  FloverMapFacts.P.F.eqb e1 e2 = match Q_orderedExps.exprCompare e1 e2 with
+                                 | Eq => true
+                                 | _ => false end.
+Proof.
+  unfold FloverMapFacts.P.F.eqb, FloverMapFacts.P.F.eq_dec.
+  destruct (Q_orderedExps.exprCompare e1 e2) eqn:q_comp; auto.
 Qed.
 
+Lemma Q_compare_eq_Rcompare_eq e1 e2:
+  Q_orderedExps.exprCompare e1 e2 = Eq ->
+  R_orderedExps.exprCompare (toREval (toRExp e1)) (toREval (toRExp e2)) = Eq.
+Proof.
+  functional induction (Q_orderedExps.exprCompare e1 e2);
+    simpl in *; try congruence;
+      intros;
+      try eauto.
+  - rewrite <- Qcompare_Rcompare; auto.
+  - apply Pos.compare_eq in e6; subst.
+    apply N.compare_eq in H; subst.
+    rewrite Pos.eqb_refl, N.eqb_refl in e3; simpl in *; congruence.
+  - rewrite IHc, e5; auto.
+  - rewrite IHc; auto.
+  - rewrite IHc, IHc0; auto.
+  - rewrite IHc, IHc0; auto.
+  - rewrite IHc, IHc0; auto.
+  - rewrite IHc, IHc0; auto.
+  - apply Pos.compare_eq in e8; subst.
+    apply N.compare_eq in H; subst.
+    rewrite Pos.eqb_refl, N.eqb_refl in e5; simpl in *; congruence.
+Qed.
+
+(*
+Lemma toRExpMap_toRTMap e Gamma m:
+  toRExpMap Gamma (toRExp e) = Some m ->
+  toRTMap Gamma (toREval (toRExp e)) = Some REAL.
+Proof.
+  intros map_def.
+  unfold toRTMap.
+  apply toRExpMap_find_map in map_def.
+  Flover_compute.
+  rewrite FloverMapFacts.P.F.elements_o in map_def.
+  erewrite findA_swap2 with
+      (f2 := FloverMapFacts.P.F.eqb e) in Heqo; try congruence.
+  intros. unfold R_orderedExps.compare.
+  rewrite eqb_cmp_eq.
+  clear map_def Heqo.
+  destruct (Q_orderedExps.exprCompare e k) eqn:?.
+  unfold FloverMapFacts.P.F.eqb, FloverMapFacts.P.F.eq_dec.
+  rewrite <- QcompareExp_RcompareExp.
+  destruct (Q_orderedExps.exprCompare e k) eqn:q_comp; auto.
+*)
+
 (**
 We treat a function mapping an exprression arguing on fractions as value type
 to pairs of intervals on rationals and rational errors as the analysis result

coq/RealRangeArith.v

@@ -48,14 +48,14 @@ Fixpoint validRanges e (A:analysisResult) E Gamma :Prop :=
   end /\
   exists iv err vR,
     FloverMap.find e A = Some (iv, err) /\
-    eval_expr E (toRMap Gamma) (toREval (toRExp e)) vR REAL /\
+    eval_expr E Gamma (toREval (toRExp e)) vR REAL /\
     (Q2R (fst iv) <= vR <= Q2R (snd iv))%R.
 
 Corollary validRanges_single e A E Gamma:
   validRanges e A E Gamma ->
   exists iv err vR,
     FloverMap.find e A = Some (iv, err) /\
-    eval_expr E (toRMap Gamma) (toREval (toRExp e)) vR REAL /\
+    eval_expr E Gamma (toREval (toRExp e)) vR REAL /\
     (Q2R (fst iv) <= vR <= Q2R (snd iv))%R.
 Proof.
   destruct e; intros [_ valid_e]; simpl in *; try auto.
@@ -63,7 +63,7 @@ Qed.
 
 Lemma validRanges_swap Gamma1 Gamma2:
   forall e A E,
-    (forall n, (toRMap Gamma1) n =  toRMap (Gamma2) n) ->
+    (forall n, Gamma1 n =  Gamma2 n) ->
     validRanges e A E Gamma1 ->
     validRanges e A E Gamma2.
 Proof.
@@ -71,7 +71,7 @@ Proof.
     try (
         destruct valid1 as [_ [? [? [? [? [? ?]]]]]];
         repeat eexists; eauto;
-        [eapply swap_Gamma_eval_expr with (Gamma1 := (toRMap Gamma1)); eauto |
+        [eapply swap_Gamma_eval_expr with (Gamma1 := Gamma1); eauto |
          lra |
          lra]).
   - destruct valid1; auto.
@@ -84,29 +84,28 @@ Fixpoint validRangesCmd (f:cmd Q) A E Gamma {struct f} : Prop :=
   match f with
   | Let m x e g =>
     validRanges e A E Gamma /\
-    (forall vR, eval_expr E (toRMap Gamma) (toREval (toRExp e)) vR REAL ->
-             validRangesCmd g A (updEnv x vR E) (updDefVars (Var R x) REAL Gamma))
+    (forall vR, eval_expr E Gamma (toREval (toRExp e)) vR REAL ->
+             validRangesCmd g A (updEnv x vR E) Gamma)
   | Ret e => validRanges e A E Gamma
   end /\
   exists iv_e err_e vR,
     FloverMap.find (getRetExp f) A = Some (iv_e, err_e) /\
-    bstep (toREvalCmd (toRCmd f)) E (toRMap Gamma) vR REAL /\
+    bstep (toREvalCmd (toRCmd f)) E Gamma vR REAL /\
     (Q2R (fst iv_e) <=  vR <= Q2R (snd iv_e))%R.
 
 Corollary validRangesCmd_single f A E Gamma:
   validRangesCmd f A E Gamma ->
   exists iv_e err_e vR,
     FloverMap.find (getRetExp f) A = Some (iv_e, err_e) /\
-    bstep (toREvalCmd (toRCmd f)) E (toRMap Gamma) vR REAL /\
+    bstep (toREvalCmd (toRCmd f)) E Gamma vR REAL /\
     (Q2R (fst iv_e) <=  vR <= Q2R (snd iv_e))%R.
 Proof.
   destruct f; simpl in *; intros [ _ valid_f]; auto.
 Qed.
 
-
 Lemma validRangesCmd_swap:
   forall f A E Gamma1 Gamma2,
-    (forall n, (toRMap Gamma1) n =  toRMap (Gamma2) n) ->
+    (forall n, Gamma1 n =  Gamma2 n) ->
     validRangesCmd f A E Gamma1 ->
     validRangesCmd f A E Gamma2.
 Proof.
@@ -114,15 +113,13 @@ Proof.
     try (
         destruct valid1 as [_ [? [? [? [? [? ?]]]]]];
         repeat eexists; eauto;
-        [eapply swap_Gamma_bstep with (Gamma1 := (toRMap Gamma1)); eauto |
+        [eapply swap_Gamma_bstep with (Gamma1 := Gamma1); eauto |
          lra |
          lra]).
   - destruct valid1 as [[? valid_all_exec] ?]; split.
     + eapply validRanges_swap; eauto.
-    + intros. eapply IHf; [ | eapply valid_all_exec].
-      * intros x. unfold updDefVars.
-        destruct (R_orderedExps.compare x (Var R n)) eqn:?; auto.
-      * eapply swap_Gamma_eval_expr with (Gamma1 := toRMap Gamma2); eauto.
+    + intros. eapply IHf; [ auto | eapply valid_all_exec].
+      eapply swap_Gamma_eval_expr with (Gamma1 := Gamma2); eauto.
   - destruct valid1.
     eapply validRanges_swap; eauto.
 Qed.
@@ -297,30 +294,34 @@ Lemma validRanges_ssa_extension (e: expr Q) (e' : expr Q) A E Gamma vR' m n c fV
   ~ (n ∈ fVars ∪ dVars) ->
   validRanges e A E Gamma ->
   validRanges e A (updEnv n vR' E) (updDefVars (Var R n) REAL Gamma).
+  (*(updDefVars (Var R n) REAL Gamma). *)
 Proof.
   intros Hssa Hsub Hnotin Hranges.
   induction e.
   - split; auto.
     destruct Hranges as [_ [iv [err [vR Hranges]]]].
     exists iv, err, vR; intuition.
-    eapply swap_Gamma_eval_expr.
-    eapply Rmap_updVars_comm.
-    eapply eval_expr_ssa_extension; try eassumption.
+    eapply eval_expr_ssa_extension; eassumption.
+    (*eapply swap_Gamma_eval_expr.
+    + intros *. symmetry. eapply Rmap_updVars_comm.
+    eapply eval_expr_ssa_extension; try eassumption. *)
   - split; auto.
     destruct Hranges as [_ [iv [err [vR Hranges]]]].
     exists iv, err, vR; intuition.
-    eapply swap_Gamma_eval_expr.
+    eapply eval_expr_ssa_extension; eassumption.
+    (* eapply swap_Gamma_eval_expr.
     eapply Rmap_updVars_comm.
-    eapply eval_expr_ssa_extension; try eassumption.
+    eapply eval_expr_ssa_extension; try eassumption. *)
   - simpl in Hsub.
     destruct Hranges as [Hunopranges Hranges].
     specialize (IHe Hsub Hunopranges).
     split; auto.
     destruct Hranges as [iv [err [vR Hranges]]].
     exists iv, err, vR; intuition.
-    eapply swap_Gamma_eval_expr.
+    eapply eval_expr_ssa_extension; eauto.
+    (* eapply swap_Gamma_eval_expr.
     eapply Rmap_updVars_comm.
-    eapply eval_expr_ssa_extension; try eassumption.
+    eapply eval_expr_ssa_extension; try eassumption. *)
     rewrite usedVars_toREval_toRExp_compat; auto.
   - simpl in Hsub.
     assert (NatSet.Subset (usedVars e1) (fVars ∪ dVars)) as Hsub1 by set_tac.
@@ -332,9 +333,10 @@ Proof.
     repeat split; auto.
     destruct Hranges as [iv [err [vR Hranges]]].
     exists iv, err, vR; intuition.
-    eapply swap_Gamma_eval_expr.
+    eapply eval_expr_ssa_extension; eauto.
+    (* eapply swap_Gamma_eval_expr.
     eapply Rmap_updVars_comm.
-    eapply eval_expr_ssa_extension; try eassumption.
+    eapply eval_expr_ssa_extension; try eassumption. *)
     simpl.
     repeat rewrite usedVars_toREval_toRExp_compat; auto.
   - simpl in Hsub.
@@ -349,9 +351,10 @@ Proof.
     repeat split; auto.
     destruct Hranges as [iv [err [vR Hranges]]].
     exists iv, err, vR; intuition.
-    eapply swap_Gamma_eval_expr.
+    eapply eval_expr_ssa_extension; eauto.
+    (* eapply swap_Gamma_eval_expr.
     eapply Rmap_updVars_comm.
-    eapply eval_expr_ssa_extension; try eassumption.
+    eapply eval_expr_ssa_extension; try eassumption. *)
     simpl.
     repeat rewrite usedVars_toREval_toRExp_compat; auto.
   - simpl in Hsub.
@@ -360,8 +363,9 @@ Proof.
     split; auto.
     destruct Hranges as [iv [err [vR Hranges]]].
     exists iv, err, vR; intuition.
-    eapply swap_Gamma_eval_expr.
+    eapply eval_expr_ssa_extension; eauto.
+    (* eapply swap_Gamma_eval_expr.
     eapply Rmap_updVars_comm.
-    eapply eval_expr_ssa_extension; try eassumption.
+    eapply eval_expr_ssa_extension; try eassumption. *)
     rewrite usedVars_toREval_toRExp_compat; auto.
 Qed.
\ No newline at end of file

coq/RealRangeValidator.v

-Require Import Coq.Reals.Reals Coq.QArith.Qreals.
-Require Import Flover.Infra.RealSimps Flover.Infra.RationalSimps Flover.Infra.RealRationalProps Flover.Infra.Ltacs Flover.AffineForm Flover.TypeValidator.
+From Coq
+     Require Import Reals.Reals QArith.Qreals.
+
+From Flover
+     Require Import Infra.RealSimps Infra.RationalSimps Infra.RealRationalProps
+     Infra.Ltacs AffineForm TypeValidator.
+
 (*Flover.AffineValidation*)
-Require Export Flover.IntervalValidation Flover.RealRangeArith.
-Require Export Coq.QArith.QArith.
-Require Export Flover.Infra.ExpressionAbbrevs Flover.Commands.
+From Coq Require Export QArith.QArith.
+
+From Flover
+     Require Export IntervalValidation RealRangeArith Infra.ExpressionAbbrevs Commands.
 
 Definition RangeValidator e A P dVars:=
   if
@@ -23,7 +29,7 @@ Theorem RangeValidator_sound (e : expr Q) (A : analysisResult) (P : precond) dVa
  (* affine_dVars_range_valid dVars E A 1 (FloverMap.empty (affine_form Q)) (fun _: nat => None) -> *)
   validTypes e Gamma ->
   fVars_P_sound (usedVars e) E P ->
-  validRanges e A E (toRTMap Gamma).
+  validRanges e A E (toRTMap (toRExpMap Gamma)).
 Proof.
   intros.
   unfold RangeValidator in *.
@@ -74,15 +80,15 @@ Definition RangeValidatorCmd e A P dVars:=
        end*).
 
 Theorem RangeValidatorCmd_sound (f : cmd Q) (A : analysisResult) (P : precond) dVars
-        (E : env) (Gamma : nat -> option mType) fVars outVars:
+        (E : env) Gamma fVars outVars:
   RangeValidatorCmd f A P dVars = true ->
   ssa f (NatSet.union fVars dVars) outVars ->
   dVars_range_valid dVars E A ->
   (*affine_dVars_range_valid dVars E A 1 (FloverMap.empty (affine_form Q)) (fun _: nat => None) ->*)
   fVars_P_sound fVars E P ->
-  vars_typed (NatSet.union fVars dVars) Gamma ->
   NatSet.Subset (freeVars f -- dVars) fVars ->
-  validRangesCmd f A E (fun x => Some REAL).
+  validTypesCmd f Gamma ->
+  validRangesCmd f A E (toRTMap (toRExpMap Gamma)).
 Proof.
   intros ranges_valid; intros.
   unfold RangeValidatorCmd in ranges_valid.

coq/RoundoffErrorValidator.v

@@ -16,16 +16,16 @@ forall (e : expr Q) (E1 E2 : env) (fVars dVars : NatSet.t) (A : analysisResult)
          (nR : R) (err : error) (elo ehi : Q) (Gamma : FloverMap.t mType)
          (defVars : nat -> option mType),
   validTypes e Gamma ->
-  approxEnv E1 (toRTMap Gamma) A fVars dVars E2 ->
+  approxEnv E1 (toRExpMap Gamma) A fVars dVars E2 ->
   NatSet.Subset (usedVars e -- dVars) fVars ->
-  eval_expr E1 (toRMap (toRTMap Gamma)) (toREval (toRExp e)) nR REAL ->
+  eval_expr E1