Commit 8585245b authored by Heiko Becker's avatar Heiko Becker

Fix ssa predicate usage in validator proof

parent d83bd3db
......@@ -130,8 +130,8 @@ Proof.
apply validRanges_single in valid_e2.
destruct valid_e1 as [iv1 [ err1 [v1' [map_e1 [eval_real_e1 bounds_e1]]]]].
destruct valid_e2 as [iv2 [ err2 [v2' [map_e2 [eval_real_e2 bounds_e2]]]]].
pose proof (meps_0_deterministic _ eval_real_e1 H13); subst.
pose proof (meps_0_deterministic _ eval_real_e2 H16); subst.
pose proof (meps_0_deterministic _ eval_real_e1 H14); subst.
pose proof (meps_0_deterministic _ eval_real_e2 H17); subst.
rewrite map_e1, map_e2 in *.
inversion Heqo0; inversion Heqo1; subst.
rename i into iv1; rename e into err1; rename i0 into iv2;
......@@ -154,7 +154,7 @@ Proof.
destruct L0 as [nodivzero | nodivzero];
apply Qlt_Rlt in nodivzero;
try rewrite Q2R_plus in *; try rewrite Q2R_minus in *; lra. }
destruct H2 as [m1 [m2 [? [? valid_join]]]].
destruct H3 as [m1 [m2 [? [? valid_join]]]].
assert (m1 = mF1) by (eapply validTypes_exec in H0; eauto);
assert (m2 = mF2) by (eapply validTypes_exec in H1; eauto);
subst.
......@@ -167,7 +167,7 @@ Proof.
+ intros * eval_float.
clear eval_float1 eval_float2.
inversion eval_float; subst.
eapply (binary_unfolding H25 H20 H18 H21 H24) in eval_float; try auto.
eapply (binary_unfolding H26 H21 H19 H22 H25) in eval_float; try auto.
destruct b.
* eapply (validErrorboundCorrectAddition (e1:=e1) A); eauto.
{ cbn. instantiate (1:=dVars); Flover_compute.
......@@ -261,9 +261,9 @@ Proof.
destruct valid_e1 as [iv1 [ err1 [v1' [map_e1 [eval_real_e1 bounds_e1]]]]].
destruct valid_e2 as [iv2 [ err2 [v2' [map_e2 [eval_real_e2 bounds_e2]]]]].
destruct valid_e3 as [iv3 [ err3 [v3' [map_e3 [eval_real_e3 bounds_e3]]]]].
pose proof (meps_0_deterministic _ eval_real_e1 H9); subst.
pose proof (meps_0_deterministic _ eval_real_e2 H12); subst.
pose proof (meps_0_deterministic _ eval_real_e3 H13); subst.
pose proof (meps_0_deterministic _ eval_real_e1 H10); subst.
pose proof (meps_0_deterministic _ eval_real_e2 H13); subst.
pose proof (meps_0_deterministic _ eval_real_e3 H14); subst.
rewrite map_e1, map_e2, map_e3 in *.
inversion Heqo0; inversion Heqo1; inversion Heqo2; subst.
rename i into iv1; rename e into err1; rename i0 into iv2;
......@@ -287,7 +287,7 @@ Proof.
+ intros * eval_float.
clear eval_float1 eval_float2 eval_float3.
inversion eval_float; subst.
eapply (fma_unfolding H15 H11 H16 H19 H20) in eval_float; try auto.
eapply (fma_unfolding H16 H12 H17 H20 H21) in eval_float; try auto.
eapply (validErrorboundCorrectFma (e1:=e1) (e2:=e2) (e3:=e3) A); eauto.
{ simpl.
rewrite A_eq.
......@@ -378,7 +378,9 @@ Proof.
* eapply (toRExpMap_some _ (Var Q n)); eauto.
* apply Rle_trans with (r2:= Q2R e0); try lra.
eapply bounded_e; eauto.
+ eapply ssa_equal_set; eauto.
+ eapply ssa_outVars_extensible with (outVars1 := outVars2); try eauto;
[ | set_tac].
eapply ssa_equal_set; eauto.
hnf. intros a; split; intros in_set.
* rewrite NatSet.add_spec, NatSet.union_spec;
rewrite NatSet.union_spec, NatSet.add_spec in in_set.
......@@ -391,7 +393,6 @@ Proof.
destruct in_diff as [ in_freeVars no_dVar].
apply fVars_subset.
set_tac.
(* rewrite NatSet.diff_spec, NatSet.union_spec, NatSet.remove_spec. *)
repeat split; tauto.
}
intros vR (elo, ehi) err eval_real A_res.
......@@ -410,7 +411,10 @@ Proof.
1: eapply (toRExpMap_some _ (Var Q n)); now eauto.
rewrite <- L0; auto.
eapply evalHasError; eauto.
+ eapply ssa_equal_set; eauto.
+ instantiate (1:= outVars2).
eapply ssa_outVars_extensible with (outVars1 := outVars2); try eauto;
[ | set_tac].
eapply ssa_equal_set; eauto.
hnf. intros a; split; intros in_set.
* rewrite NatSet.add_spec, NatSet.union_spec;
rewrite NatSet.union_spec, NatSet.add_spec in in_set.
......@@ -423,7 +427,6 @@ Proof.
destruct in_diff as [ in_freeVars no_dVar].
apply fVars_subset.
set_tac.
(* rewrite NatSet.diff_spec, NatSet.remove`_spec, NatSet.union_spec. *)
split; tauto.
}
eapply validErrorBoundsRec_single in Hsound2; eauto.
......@@ -452,240 +455,10 @@ Proof.
- eapply ssa_equal_set; eauto.
split; set_tac; tauto.
- intros a ?. apply fVars_subset. set_tac.
split; [right| intros ?; apply H3; set_tac].
split; [right| intros ?; apply H4; set_tac].
split; auto.
intros ?; subst. apply H3. set_tac. }
intros ?; subst. apply H4. set_tac. }
eapply validErrorBoundsRec_single in H2; eauto.
destruct H2. eapply H3; eauto.
destruct H2. eapply H4; eauto.
(* - cbn in *. Flover_compute; congruence. *)
Qed.
(*
Theorem validErrorboundCmd_gives_eval (f:cmd Q) :
forall (A:analysisResult) E1 E2 outVars fVars dVars vR elo ehi err Gamma DeltaMap,
(forall (e' : expr R) (m' : mType),
exists d : R, DeltaMap e' m' = Some d /\ (Rabs d <= mTypeToR m')%R) ->
approxEnv E1 (toRExpMap Gamma) A fVars dVars E2 ->
ssa f (NatSet.union fVars dVars) outVars ->
NatSet.Subset (NatSet.diff (Commands.freeVars f) dVars) fVars ->
bstep (toREvalCmd (toRCmd f)) E1 (toRTMap (toRExpMap Gamma)) DeltaMapR vR REAL ->
validErrorboundCmd f Gamma A dVars = true ->
validTypesCmd f Gamma ->
validRangesCmd f A E1 (toRTMap (toRExpMap Gamma)) ->
FloverMap.find (getRetExp f) A = Some ((elo,ehi),err) ->
(exists vF m,
bstep (toRCmd f) E2 (toRExpMap Gamma) DeltaMap vF m).
Proof.
induction f;
intros * deltas_matched approxc1c2 ssa_f freeVars_subset eval_real valid_bounds
valid_types valid_intv A_res;
cbn in *; Flover_compute; try congruence; type_conv; subst.
- (* let-binding *)
inversion eval_real; subst.
inversion ssa_f; subst.
simpl in freeVars_subset.
assert (NatSet.Subset (usedVars e -- dVars) fVars) as valid_varset.
{ set_tac.
split; try auto.
split; try set_tac.
hnf; intros; subst; set_tac. }
destruct i as [ivlo_e ivhi_e]; rename e0 into err_e.
eapply validErrorbound_sound in L0; eauto.
eapply validErrorBounds_single in L0; eauto.
destruct L0 as [[vF [ mF eval_float_e]] bounded_e].
canonize_hyps.
destruct valid_types
as [[mG [find_e [find_x [morePrecise_mG [valid_e valid_f]]]]] valid_bstep].
type_conv; subst.
assert (approxEnv (updEnv n v E1) (toRExpMap Gamma) A fVars
(NatSet.add n dVars) (updEnv n vF E2)).
+ eapply approxUpdBound; try eauto; simpl in *.
* eapply toRExpMap_some; eauto.
simpl; auto.
* apply Rle_trans with (r2:= Q2R err_e); try lra.
eapply bounded_e; eauto.
+ rename R into valid_rec.
eapply validTypes_exec in find_e; try eauto. subst.
destruct valid_intv as [[valid_range_e valid_cont] valid_intv].
destruct (IHf A (updEnv n v E1) (updEnv n vF E2) outVars fVars
(NatSet.add n dVars) vR elo ehi err Gamma DeltaMap)
as [vF_res [m_res step_res]];
eauto.
{ eapply ssa_equal_set; eauto.
hnf. intros a; split; intros in_set.
- rewrite NatSet.add_spec, NatSet.union_spec;
rewrite NatSet.union_spec, NatSet.add_spec in in_set.
destruct in_set as [P1 | [ P2 | P3]]; auto.
- rewrite NatSet.add_spec, NatSet.union_spec in in_set;
rewrite NatSet.union_spec, NatSet.add_spec.
destruct in_set as [P1 | [ P2 | P3]]; auto. }
{ hnf. intros a in_diff.
rewrite NatSet.diff_spec, NatSet.add_spec in in_diff.
destruct in_diff as [ in_freeVars no_dVar].
apply freeVars_subset.
simpl.
rewrite NatSet.diff_spec, NatSet.remove_spec, NatSet.union_spec.
split; try auto. }
(* { eapply swap_Gamma_bstep with (Gamma1 := updDefVars n REAL (toRTMap Gamma)); *)
(* eauto using Rmap_updVars_comm. } *)
(* { apply validRangesCmd_swap with (Gamma1 := updDefVars n REAL Gamma). *)
(* - intros x. *)
(* unfold toRTMap, updDefVars. *)
(* destruct (x =? n) eqn:?; auto. *)
(* - apply valid_cont. *)
(* apply swap_Gamma_eval_expr with (Gamma1 := toRTMap Gamma); try auto. } *)
(* { intros v1 v1_mem; set_tac. *)
(* unfold updDefVars. *)
(* case_eq (v1 =? n); intros case_v1; try rewrite case_v1 in *; try eauto. *)
(* apply types_defined. *)
(* clear H5; set_tac. *)
(* destruct v1_mem as [v_fVar | v_dVar]; try set_tac. *)
(* destruct v_dVar as [? | [? ?]]; try auto. *)
(* rewrite Nat.eqb_neq in case_v1; congruence. } *)
{ exists vF_res; exists m_res; try auto.
econstructor; eauto. }
+ destruct valid_types as [[? [? [? [? [? ?]]]]] ?]; auto.
+ destruct valid_intv as [[? ?] ?]; auto.
- inversion eval_real; subst.
unfold updEnv; simpl.
unfold validErrorboundCmd in valid_bounds.
destruct valid_intv.
destruct valid_types.
assert (validErrorBounds e E1 E2 A Gamma DeltaMap) as Hsound
by (eapply validErrorbound_sound; eauto).
eapply validErrorBounds_single in Hsound; eauto.
edestruct Hsound as [[vF [mF eval_e]] bounded_e]; eauto.
exists vF; exists mF; econstructor; eauto.
Qed.
Theorem validErrorboundCmd_sound (f:cmd Q):
forall A E1 E2 outVars fVars dVars Gamma DeltaMap,
(forall (e' : expr R) (m' : mType),
exists d : R, DeltaMap e' m' = Some d /\ (Rabs d <= mTypeToR m')%R) ->
approxEnv E1 (toRExpMap Gamma) A fVars dVars E2 ->
ssa f (NatSet.union fVars dVars) outVars ->
NatSet.Subset (NatSet.diff (Commands.freeVars f) dVars) fVars ->
validErrorboundCmd f Gamma A dVars = true ->
validTypesCmd f Gamma ->
validRangesCmd f A E1 (toRTMap (toRExpMap Gamma)) ->
validErrorBoundsCmd f E1 E2 A Gamma DeltaMap.
Proof.
induction f;
intros * deltas_matched approxc1c2 ssa_f freeVars_subset valid_bounds valid_types valid_intv;
cbn in *; Flover_compute; try congruence; type_conv; subst.
- inversion ssa_f; subst.
assert (NatSet.Subset (usedVars e -- dVars) fVars) as valid_varset.
{ set_tac.
split; try auto.
split; try set_tac.
hnf; intros; subst; set_tac. }
pose proof valid_types as valid_types';
pose proof valid_intv as valid_intv'.
destruct valid_types as [[me [find_me [find_x [? [validt_e validt_f]]]]] validt_exec].
destruct valid_intv as [[? ?] ?]; auto.
assert (validErrorBounds e E1 E2 A Gamma DeltaMap) as Hsound
by (eapply validErrorbound_sound; eauto).
split.
{
split.
- eapply validErrorbound_sound; eauto.
- intros vR vF eval_real eval_float.
eapply validErrorBounds_single in Hsound; eauto.
destruct Hsound as [[vFe [mFe eval_float_e]] bounded_e].
canonize_hyps.
rename R into valid_rec.
eapply validTypes_exec in find_me; eauto; subst.
type_conv; subst.
eapply IHf with (fVars := fVars) (outVars := outVars); eauto.
+ eapply approxUpdBound; try eauto; simpl in *.
* eapply toRExpMap_some; eauto.
simpl; auto.
* apply Rle_trans with (r2:= Q2R e0); try lra.
eapply bounded_e; eauto.
+ eapply ssa_equal_set; eauto.
hnf. intros a; split; intros in_set.
* rewrite NatSet.add_spec, NatSet.union_spec;
rewrite NatSet.union_spec, NatSet.add_spec in in_set.
destruct in_set as [P1 | [ P2 | P3]]; auto.
* rewrite NatSet.add_spec, NatSet.union_spec in in_set;
rewrite NatSet.union_spec, NatSet.add_spec.
destruct in_set as [P1 | [ P2 | P3]]; auto.
+ hnf. intros a in_diff.
rewrite NatSet.diff_spec, NatSet.add_spec in in_diff.
destruct in_diff as [ in_freeVars no_dVar].
apply freeVars_subset.
simpl.
rewrite NatSet.diff_spec, NatSet.remove_spec, NatSet.union_spec.
split; try auto.
}
intros vR (elo, ehi) err eval_real A_res.
split.
{
replace (Let m n (toRExp e) (toRCmd f)) with (toRCmd (Let m n e f)) by trivial.
eapply validErrorboundCmd_gives_eval; eauto.
cbn.
Flover_compute.
intuition.
}
intros vF mF eval_float.
inversion eval_real;
inversion eval_float;
subst.
eapply validErrorBounds_single in Hsound; eauto.
destruct Hsound as [[vFe [mFe eval_float_e]] bounded_e].
assert (validErrorBoundsCmd f (updEnv n v E1) (updEnv n v0 E2) A Gamma DeltaMap) as IHf'.
{
apply (IHf A (updEnv n v E1) (updEnv n v0 E2) outVars fVars
(NatSet.add n dVars) Gamma DeltaMap);
eauto.
+ eapply approxUpdBound; try eauto; simpl in *.
* eapply toRExpMap_some; eauto.
simpl; auto.
* apply Rle_trans with (r2:= Q2R e0); try lra.
eapply bounded_e; eauto.
rewrite Qeq_bool_iff in R0.
apply Qeq_eqR in R0.
lra.
+ eapply ssa_equal_set; eauto.
hnf. intros a; split; intros in_set.
* rewrite NatSet.add_spec, NatSet.union_spec;
rewrite NatSet.union_spec, NatSet.add_spec in in_set.
destruct in_set as [P1 | [ P2 | P3]]; auto.
* rewrite NatSet.add_spec, NatSet.union_spec in in_set;
rewrite NatSet.union_spec, NatSet.add_spec.
destruct in_set as [P1 | [ P2 | P3]]; auto.
+ hnf. intros a in_diff.
rewrite NatSet.diff_spec, NatSet.add_spec in in_diff.
destruct in_diff as [ in_freeVars no_dVar].
apply freeVars_subset.
simpl.
rewrite NatSet.diff_spec, NatSet.remove_spec, NatSet.union_spec.
split; try auto.
}
eapply validErrorBoundsCmd_single in IHf'; eauto.
specialize IHf' as (? & IHf').
eapply IHf'; eauto.
- pose proof valid_intv as valid_intv'.
pose proof valid_types as valid_types'.
destruct valid_intv as [? ?].
destruct valid_types as [? ?].
assert (validErrorBounds e E1 E2 A Gamma DeltaMap) as Hsound
by (eapply validErrorbound_sound; eauto).
split; auto.
intros * eval_real A_res.
split.
{
replace (Ret (toRExp e)) with (toRCmd (Ret e)) by trivial.
destruct iv.
eapply validErrorboundCmd_gives_eval; eauto.
}
intros vF mF eval_float.
inversion eval_real; subst.
inversion eval_float; subst.
unfold updEnv; simpl.
unfold validErrorboundCmd in valid_bounds.
eapply validErrorBounds_single in Hsound; eauto.
specialize Hsound as (? & Hsound).
eapply Hsound; eauto.
Qed.
*)
\ No newline at end of file
Qed.
\ No newline at end of file
......@@ -150,7 +150,7 @@ Definition toRMap (d:expr R -> option mType) (e: expr R) :=
Arguments toRMap _ _/.
(**
Define the set of "used" variables of an exprression to be the set of variables
Define the set of "used" variables of an expression to be the set of variables
occuring in it
**)
(*
......@@ -162,7 +162,7 @@ Fixpoint usedVars (V:Type) (e:expr V) :NatSet.t :=
| Binop b e1 e2 => NatSet.union (usedVars e1) (usedVars e2)
| Fma e1 e2 e3 => NatSet.union (usedVars e1) (NatSet.union (usedVars e2) (usedVars e3))
| Downcast _ e1 => usedVars e1
| Let _ _ e1 e2 => usedVars e1 usedVars e2
| Let _ x e1 e2 => NatSet.union (NatSet.singleton x) (NatSet.union (usedVars e1) (usedVars e2))
| Cond e1 e2 e3 => usedVars e1 usedVars e2 usedVars e3
end.
*)
......
......@@ -245,11 +245,15 @@ Proof.
apply Rlt_Qlt in H3. lra. }
- destruct types_defined
as [? [? [[? [? ?]]?]]].
inversion ssa_f.
assert (validRanges f1 A E (toRTMap (toRExpMap Gamma))) as valid_f1
by (Flover_compute; try congruence; eapply IHf1; eauto; set_tac).
assert (validRanges f2 A E (toRTMap (toRExpMap Gamma))) as valid_f2
by (Flover_compute; try congruence; eapply IHf2; eauto; set_tac).
inversion ssa_f; subst.
assert (validRanges f1 A E (toRTMap (toRExpMap Gamma))) as valid_f1.
{ Flover_compute; try congruence. eapply IHf1; try eauto.
- now extended_ssa.
- set_tac. }
assert (validRanges f2 A E (toRTMap (toRExpMap Gamma))) as valid_f2.
{ Flover_compute; try congruence. eapply IHf2; try eauto.
- now extended_ssa.
- set_tac. }
repeat split;
[ intros; subst; Flover_compute; congruence |
auto | auto |].
......@@ -321,11 +325,11 @@ Proof.
- destruct L; rewrite <- Q2R0_is_0; [left | right]; apply Qlt_Rlt; auto.
- assert (~ (snd iv_f2) == 0).
{ hnf; intros. destruct L; try lra.
assert (0 < (snd iv_f2)) by (apply Rlt_Qlt; apply Qlt_Rlt in H7; lra).
assert (0 < (snd iv_f2)) by (apply Rlt_Qlt; apply Qlt_Rlt in H12; lra).
lra. }
assert (~ (fst iv_f2) == 0).
{ hnf; intros; destruct L; try lra.
assert ((fst iv_f2) < 0) by (apply Rlt_Qlt; apply Qlt_Rlt in H8; lra).
assert ((fst iv_f2) < 0) by (apply Rlt_Qlt; apply Qlt_Rlt in H13; lra).
lra. }
repeat (rewrite <- Q2R_inv in *; try auto).
repeat rewrite <- Q2R_mult in *.
......@@ -336,12 +340,18 @@ Proof.
- destruct types_defined
as [mG [find_mg [[validt_f1 [validt_f2 [validt_f3 valid_join]]] valid_exec]]].
inversion ssa_f.
assert (validRanges f1 A E (toRTMap (toRExpMap Gamma))) as valid_f1
by (Flover_compute; try congruence; eapply IHf1; eauto; set_tac).
assert (validRanges f2 A E (toRTMap (toRExpMap Gamma))) as valid_f2
by (Flover_compute; try congruence; eapply IHf2; eauto; set_tac).
assert (validRanges f3 A E (toRTMap (toRExpMap Gamma))) as valid_f3
by (Flover_compute; try congruence; eapply IHf3; eauto; set_tac).
assert (validRanges f1 A E (toRTMap (toRExpMap Gamma))) as valid_f1.
{ Flover_compute; try congruence. eapply IHf1; try eauto.
- now extended_ssa.
- set_tac. }
assert (validRanges f2 A E (toRTMap (toRExpMap Gamma))) as valid_f2.
{ Flover_compute; try congruence. eapply IHf2; try eauto.
- now extended_ssa.
- set_tac. }
assert (validRanges f3 A E (toRTMap (toRExpMap Gamma))) as valid_f3.
{ Flover_compute; try congruence. eapply IHf3; try eauto.
- now extended_ssa.
- set_tac. }
repeat split; try auto.
apply validRanges_single in valid_f1;
apply validRanges_single in valid_f2;
......@@ -393,14 +403,18 @@ Proof.
Flover_compute; try congruence.
inversion ssa_f; subst.
canonize_hyps.
assert (validRanges f1 A E (toRTMap (toRExpMap Gamma))) as valid_f1
by (Flover_compute; try congruence; eapply IHf1; eauto; set_tac).
assert (validRanges f1 A E (toRTMap (toRExpMap Gamma))) as valid_f1.
{ Flover_compute; try congruence. eapply IHf1; try eauto.
- eapply ssa_outVars_extensible; try eauto. set_tac.
- set_tac. }
pose proof (validRanges_single _ _ _ _ valid_f1) as valid_single_f1.
destruct valid_single_f1 as [iv_f1 [err_f1 [v [find_v [eval_f1 valid_bounds_f1]]]]].
rewrite find_v in *; inversion Heqo0; subst.
assert (validRanges f2 A (updEnv n v E) (toRTMap (toRExpMap Gamma))) as valid_f2.
{ eapply IHf2; eauto.
- eapply ssa_equal_set; eauto.
- eapply ssa_outVars_extensible with (outVars1:=outVars2); try eauto;
[ | set_tac].
eapply ssa_equal_set; eauto.
intros x. split; set_tac; intros; tauto.
- intros v0 mem_v0.
unfold updEnv.
......@@ -426,7 +440,7 @@ Proof.
set_tac.
assert (NatSet.In n fVars) as in_free
by (apply preVars_free; eapply preIntvVars_sound; eauto).
exfalso. apply H5. set_tac. }
exfalso. apply H3. set_tac. }
repeat split; auto.
+ intros vR ?.
assert (vR = v) by (eapply meps_0_deterministic; eauto); now subst.
......@@ -437,122 +451,4 @@ Proof.
eexists. eexists. exists v2.
repeat split; eauto; try lra.
econstructor; eauto; reflexivity.
Qed.
(*
Theorem validIntervalboundsCmd_sound (f:cmd Q) (A:analysisResult):
forall Gamma E fVars dVars outVars P,
ssa f (NatSet.union fVars dVars) outVars ->
dVars_range_valid dVars E A ->
P_intv_sound E P ->
NatSet.Subset (preIntvVars P) fVars ->
NatSet.Subset (NatSet.diff (Commands.freeVars f) dVars) fVars ->
validIntervalboundsCmd f A P dVars = true ->
validTypesCmd f Gamma ->
validRangesCmd f A E (toRTMap (toRExpMap Gamma)).
Proof.
induction f;
intros * ssa_f dVars_sound fVars_valid preIntvVars_free usedVars_subset
valid_bounds_f valid_types_f;
cbn in *.
- Flover_compute.
inversion ssa_f; subst.
canonize_hyps.
pose proof (validIntervalbounds_sound e Gamma (E:=E) (fVars:=fVars) L) as validIV_e.
destruct valid_types_f
as [[mG [find_mG [_ [_ [validt_e validt_f]]]]] _].
assert (validRanges e A E (toRTMap (toRExpMap Gamma))) as valid_e.
{ apply validIV_e; try auto.
set_tac. repeat split; auto.
hnf; intros; subst.
set_tac. }
assert (NatSet.Equal (NatSet.add n (NatSet.union fVars dVars)) (NatSet.union fVars (NatSet.add n dVars))).
{ hnf. intros a; split; intros in_set; set_tac.
- destruct in_set as [ ? | [? ?]]; try auto; set_tac.
destruct H0; auto.
- destruct in_set as [? | ?]; try auto; set_tac.
destruct H as [? | [? ?]]; auto. }
pose proof (validRanges_single _ _ _ _ valid_e) as valid_single_e.
destruct valid_single_e as [iv_e [err_v [v [find_v [eval_e valid_bounds_e]]]]].
rewrite find_v in *; inversion Heqo; subst.
specialize (IHf Gamma (updEnv n v E) fVars (NatSet.add n dVars)) as IHf_spec.
assert (validRangesCmd f A (updEnv n v E) (toRTMap (toRExpMap Gamma))).
{ eapply IHf_spec; eauto.
- eapply ssa_equal_set. symmetry in H. apply H. apply H7.
- intros v0 mem_v0.
unfold updEnv.
case_eq (v0 =? n); intros v0_eq.
+ rename R1 into eq_lo;
rename R0 into eq_hi.
rewrite Nat.eqb_eq in v0_eq; subst.
exists v; eexists; eexists; repeat split; try eauto; simpl in *; lra.
+ apply dVars_sound.
set_tac.
destruct mem_v0 as [? | [? ?]]; try auto.
rewrite Nat.eqb_neq in v0_eq.
congruence.
- hnf. intros x ? ?.
unfold updEnv.
case_eq (x =? n); intros case_x; auto.
rewrite Nat.eqb_eq in case_x. subst.
set_tac.
assert (NatSet.In n fVars) as in_free
by (apply preIntvVars_free; eapply preIntvVars_sound; eauto).
(* by (destruct (fVars_valid n iv); auto; set_tac). *)
exfalso. apply H6. set_tac.
- intros x x_contained.
set_tac.
repeat split; try auto.
+ hnf; intros; subst. apply H1; set_tac.
+ hnf; intros. apply H1; set_tac. }
(*
destruct x_contained as [x_free | x_def].
+ destruct (types_valid x) as [m_x Gamma_x]; try set_tac.
exists m_x.
unfold updDefVars. case_eq (x =? n); intros eq_case; try auto.
rewrite Nat.eqb_eq in eq_case.
subst.
exfalso; apply H6; set_tac.
+ set_tac.
destruct x_def as [x_n | x_def]; subst.
* exists REAL; unfold updDefVars; rewrite Nat.eqb_refl; auto.
* destruct x_def. destruct (types_valid x) as [m_x Gamma_x].
{ rewrite NatSet.union_spec; auto. }
{ exists m_x.
unfold updDefVars; case_eq (x =? n); intros eq_case; try auto.
rewrite Nat.eqb_eq in eq_case; subst.
congruence. }
{ clear L R1 R0 R IHf.
hnf. intros a a_freeVar.
rewrite NatSet.diff_spec in a_freeVar.
destruct a_freeVar as [a_freeVar a_no_dVar].
apply usedVars_subset.
simpl.
rewrite NatSet.diff_spec, NatSet.remove_spec, NatSet.union_spec.
repeat split; try auto.
+ hnf; intros; subst.
apply a_no_dVar.
rewrite NatSet.add_spec; auto.
+ hnf; intros a_dVar.
apply a_no_dVar.
rewrite NatSet.add_spec; auto. } *)
{ repeat split; try auto.
- intros vR ?.
assert (vR = v) by (eapply meps_0_deterministic; eauto); subst.
auto.
- apply validRangesCmd_single in H0.
destruct H0 as [? [? [? [? [? ?]]]]].
repeat eexists; eauto.
econstructor; try eauto.
+ lra.
+ lra. }
- unfold validIntervalboundsCmd in valid_bounds_f.
pose proof (validIntervalbounds_sound e (E:=E) Gamma valid_bounds_f dVars_sound usedVars_subset) as valid_iv_e.
destruct valid_types_f as [? ?].
assert (validRanges e A E (toRTMap (toRExpMap Gamma))) as valid_e by (apply valid_iv_e; auto).
split; try auto.
apply validRanges_single in valid_e.
destruct valid_e as [?[?[? [? [? ?]]]]]; try auto.
simpl in *. repeat eexists; repeat split; try eauto; [econstructor; eauto| | ]; lra.
Qed.
*)
Qed.
\ No newline at end of file
......@@ -341,7 +341,7 @@ Proof.
destruct validr1 as [iv [err [vR [Hfind [Hee Hcont]]]]].
apply nat_compare_eq in e4; subst.
repeat split; auto.
+ intros v ?.
+ intros v ?.
eapply IHc0; eauto.
apply validsub2.
erewrite expr_compare_eq_eval_compat; eauto.
......@@ -384,6 +384,7 @@ Proof.
*)
Qed.
(*
Lemma validRanges_ssa_extension (e: expr Q) A E Gamma
vR' n fVars:
NatSet.Subset (freeVars e) fVars ->
......@@ -463,15 +464,18 @@ Proof.
eapply Rmap_updVars_comm.
eapply eval_expr_ssa_extension; try eassumption. *)
rewrite freeVars_toREval_toRExp_compat; auto.
- simpl in Hsub.
- rename n0 into x. simpl in Hsub.
assert (NatSet.Subset (freeVars e1) fVars) as Hsub1 by set_tac.
destruct Hranges as [[Hranges1 Hranges2] Hranges].
specialize (IHe1 _ _ Hsub1 Hnotin Hranges1).
destruct Hranges as [iv [err [vR Hranges]]].
destruct Hranges as (iv & err & vR & find_e & eval_real & bounded_e).
inversion eval_real; subst.
specialize (Hranges2 v1 H7).
specialize (IHe2 (updEnv x v1 E) fVars).
repeat split; auto.
+ intros.
destruct (n =? n0)%nat eqn:Heqn.
* admit.
* rewrite Nat.eqb_eq in Heqn; subst.
* admit.
+ exists iv, err, vR; intuition.
eapply eval_expr_ssa_extension; eauto.
......@@ -498,3 +502,4 @@ Proof.
rewrite !freeVars_toREval_toRExp_compat; auto.
*)
Abort.
*)
\ No newline at end of file
......@@ -64,61 +64,55 @@ Proof.
- inversion H; subst; econstructor; eauto.
+ assert (m1 = REAL) by (eapply toRTMap_eval_REAL; eauto).
inversion ssa_e; subst.
subst. eauto.
subst.
eapply IHe1; try eauto.
now extended_ssa.
+ assert (m2 = REAL) by (eapply toRTMap_eval_REAL; eauto).
inversion ssa_e; subst.
subst. eauto.
eapply IHe2; try eauto.
now extended_ssa.
- inversion H; subst; econstructor; eauto.
+ assert (m1 = REAL) by (eapply toRTMap_eval_REAL; eauto).
inversion ssa_e; subst.
subst. eauto.
eapply IHe1; try eauto.
now extended_ssa.
+ assert (m2 = REAL) by (eapply toRTMap_eval_REAL; eauto).
inversion ssa_e; subst.
subst. eauto.
eapply IHe2; try eauto.
now extended_ssa.
+ assert (m3 = REAL) by (eapply toRTMap_eval_REAL; eauto).
inversion ssa_e; subst.
subst. eauto.
eapply IHe3; try eauto.
now extended_ssa.
- inversion H; subst; econstructor; eauto.
inversion ssa_e; subst.
assert (m1 = REAL) by (eapply toRTMap_eval_REAL; eauto).
subst. eauto.
- inversion H; subst.
inversion ssa_e; subst.
econstructor; eauto.
destruct m2; try discriminate.
eapply (IHe2 _ (NatSet.add n inVars)); eauto.
2: intros; set_tac; right; eapply LfVars_valid; eauto;
set_tac; tauto.
intros x e v'.
unfold updEnv.
destruct (x =? n) eqn: Heq.
+ intros Hx He.
apply beq_nat_true in Heq; subst.
set_tac. exfalso. apply H10. eapply LfVars_valid; eauto.
set_tac.
(*
inversion He; subst.
rewrite Heq in *.
assert (v' = v1) by congruence. subst.
apply eval_expr_ignore_bind; auto.
* eapply Lsound.
admit.
(*
apply eval_expr_ignore_bind; auto.
*
rewrite freeVars_toREval_toRExp_compat.
set_tac.
intros <- H0. inversion H0; subst.
*)
*)
+ intros H0 H1.
inversion H1; subst. rewrite Heq in *.
apply eval_expr_ignore_bind.
* eapply Lsound; eauto. now constructor.
* rewrite freeVars_toREval_toRExp_compat.
set_tac. intros ?.
apply H10. eapply LfVars_valid; eauto.
set_tac.
econstructor; try eauto.
+ eapply IHe1; try eauto.
now extended_ssa.
+ destruct m2; try discriminate.
eapply (IHe2 _ (NatSet.add n inVars)); eauto.
2: intros; set_tac; right; eapply LfVars_valid; eauto;
set_tac; tauto.
intros x e v'.
unfold updEnv.
destruct (x =? n) eqn: Heq.