-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcc_log_rel.v
2849 lines (2533 loc) · 120 KB
/
cc_log_rel.v
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
(* Step-indexed logical relation for L6 closure conversion.
* Part of the CertiCoq project.
* Author: Zoe Paraskevopoulou, 2017
*)
From Coq Require Import NArith.BinNat Relations.Relations MSets.MSets
MSets.MSetRBT Lists.List omega.Omega Sets.Ensembles.
From SFS Require Import functions cps cps_util identifiers ctx Ensembles_util set_util
List_util tactics map_util.
From SFS Require Import heap heap_defs heap_equiv GC space_sem.
From SFS Require Import Coqlib.
Import ListNotations.
Module CC_log_rel (H : Heap).
Module Sem := SpaceSem H.
Import H Sem.GC Sem.GC.Equiv Sem.GC.Equiv.Defs Sem.
(** ** Resource conditions *)
(** * Preconditions *)
(** Local precondition. Enforced as initial condition for the expressions being related *)
Definition IInv := relation (heap block * env * exp).
(** Global precondition.
Enforced as initial condition for future executions of the result *)
Definition GIInv :=
forall (B : Ensemble var) {H : ToMSet B},
nat -> nat -> relation (heap block * env * exp).
(** * Postconditions *)
(** Local postconditions. Holds for the result of the execution
of the expressions being related. *)
Definition Inv := relation (heap block * env * exp * nat * nat).
(** Global posconditions. Holds for the result of future execution of the result *)
Definition GInv :=
(* forall (B : Ensemble var) {H : ToMSet B}, nat -> *)
nat -> nat -> relation (heap block * env * exp * nat * nat).
(** Loc Injection *)
Definition Inj := loc -> loc.
(** Env Injection -- partial *)
Definition EInj := loc -> option loc.
(** Tag for closure records *)
Variable (clo_tag : cTag).
(** step-indexed relation on cps terms. Relates cps-terms with closure-converted terms *)
(** Definitions parametric on the value relation *)
Section cc_approx.
Variable (cc_approx_val : nat -> nat -> GIInv -> GInv -> Inj -> ans -> ans -> Prop).
Variable (cc_approx_val' : nat -> GIInv -> GInv -> Inj -> ans -> ans -> Prop).
(** * Expression relation *)
Definition cc_approx_exp
(* step indexes *)
(k : nat) (j : nat)
(* Invariants *)
(IIL : IInv) (IIG : GIInv) (IL : Inv) (IG : GInv)
(* related expressions *)
(p1 p2 : exp * env * heap block) : Prop :=
let '(e1, rho1, H1) := p1 in
let '(e2, rho2, H2) := p2 in
forall (b1 b2 : Inj) (H1' H2' : heap block) (rho1' rho2' : env) (r1 : ans) (c1 m1 : nat),
(occurs_free e1) |- (H1, rho1) ⩪_(id, b1) (H1', rho1') ->
injective_subdomain (reach' H1' (env_locs rho1' (occurs_free e1))) b1 ->
(occurs_free e2) |- (H2, rho2) ⩪_(b2, id) (H2', rho2') ->
injective_subdomain (reach' H2 (env_locs rho2 (occurs_free e2))) b2 ->
IIL (H1', rho1', e1) (H2', rho2', e2) ->
c1 <= k ->
big_step H1' rho1' e1 r1 c1 m1 ->
not_stuck H1' rho1' e1 ->
exists (r2 : ans) (c2 m2 : nat) (b : Inj),
big_step_GC_cc H2' rho2' e2 r2 c2 m2 /\
(* extra invariants for costs *)
IL (H1', rho1', e1, c1, m1) (H2', rho2', e2, c2, m2) /\
cc_approx_val (k - c1) j IIG IG b r1 r2.
Definition cc_approx_clos
(* step indexes *)
(j : nat)
(* Invariants *)
(GI : GIInv) (GP : GInv)
(b : Inj)
(p1 : loc * heap block)
(p2 : loc * heap block) : Prop :=
let '(l1, H1) := p1 in
let '(l2, H2) := p2 in
l2 = b l1 /\
exists rho1 c (vs : list value) FVs,
key_set rho1 <--> FromList FVs /\
NoDup FVs /\
get l1 H1 = Some (Env rho1) /\
get l2 H2 = Some (Constr c vs) /\
Forall2 (fun (x1 : var) (v2 : value) =>
exists l1, M.get x1 rho1 = Some (Loc l1) /\
cc_approx_val' j GI GP b (Res (Loc l1, H1)) (Res (v2, H2)))
FVs vs.
End cc_approx.
(** * Value relation *)
Fixpoint cc_approx_val (k : nat) {struct k} :=
let fix cc_approx_val_aux
(j : nat) (IP : GIInv) (P : GInv) (b : Inj) (r1 r2 : ans) {struct j} : Prop :=
match r1, r2 with
| OOT, OOT => True (* Both programs timeout *)
| Res (v1, H1), Res (v2, H2) => (* Both programs terminate *)
match v1, v2 with
| Loc l1, Loc l2 =>
b l1 = l2 /\
match get l1 H1, get l2 H2 with
| Some (Constr c1 vs1), Some (Constr c2 vs2) =>
c1 = c2 /\
(forall i,
(i < j)%nat ->
match j with
| 0 => True
| S j =>
let R l1 l2 := cc_approx_val_aux (j - (j - i)) IP P b (Res (l1, H1)) (Res (l2, H2)) in
Forall2 R vs1 vs2
end)
| Some (Clos (FunPtr B1 f1) (Loc env_loc1)), Some (Constr c [FunPtr B2 f2; Loc env_loc2]) =>
(forall i, (i < j)%nat ->
match j with
| 0 => True
| S j =>
cc_approx_clos cc_approx_val_aux (j - (j - i)) IP P b
(env_loc1, H1) (env_loc2, H2)
end) /\
forall (b1 b2 : Inj)
env_loc1' (rho_clo rho_clo1 rho_clo2 : env) (H1' H1'' H2' : heap block)
(env_loc2' : loc)
(xs1 : list var) (ft : fTag) (e1 : exp) (vs1 vs2 : list value),
(Loc env_loc1, H1) ≈_(id, b1) (Loc env_loc1', H1') ->
injective_subdomain (reach' H1' [set env_loc1']) b1 ->
(Loc env_loc2, H2) ≈_(b2, id) (Loc env_loc2', H2') ->
injective_subdomain (reach' H2 [set env_loc2]) b2 ->
find_def f1 B1 = Some (ft, xs1, e1) ->
get env_loc1' H1' = Some (Env rho_clo) ->
def_closures B1 B1 rho_clo H1' (Loc env_loc1') = (H1'', rho_clo1) ->
setlist xs1 vs1 rho_clo1 = Some rho_clo2 ->
length vs1 = length vs2 ->
exists (xs2 : list var) (e2 : exp) (rho2' : env),
find_def f2 B2 = Some (ft, xs2, e2) /\
Some rho2' = setlist xs2 ((Loc env_loc2') :: vs2) (def_funs B2 B2 (M.empty _)) /\
(forall i,
(i < k)%nat ->
match k with
| 0 => True
| S k =>
forall b',
let R j v1 v2 := cc_approx_val (k - (k - i)) j IP P b' (Res (v1, H1')) (Res (v2, H2')) in
(forall j, Forall2 (R j) vs1 vs2) ->
f_eq_subdomain (reach' H1' [set env_loc1']) (b2 ∘ b ∘ b1) b' ->
(forall (H2 : heap block) b2,
live' (env_locs rho2' (occurs_free e2)) H2' H2 b2 ->
IP (name_in_fundefs B1 :&: occurs_free e1 \\ FromList xs1) _
(reach_size H1'' rho_clo2 e1)
(1 + (PS.cardinal (fundefs_fv B1)))
(H1'', rho_clo2, e1) (H2, subst_env b2 rho2', e2)) /\
(forall j, cc_approx_exp cc_approx_val
(k - (k - i))
j
(IP (name_in_fundefs B1 :&: occurs_free e1 \\ FromList xs1) _
(reach_size H1'' rho_clo2 e1)
(1 + (PS.cardinal (fundefs_fv B1)))) IP
(P (reach_size H1'' rho_clo2 e1)
(1 + (PS.cardinal (fundefs_fv B1)))) P
(e1, rho_clo2, H1'') (e2, rho2', H2'))
end)
| _, _ => False
end
| _, _ => False
end
| _, _ => False
end
in cc_approx_val_aux.
(** Notations for approximation relation *)
Notation "p1 ⪯ ^ ( k ; j ; P1 ; P2 ; P3 ; P4 ) p2" :=
(cc_approx_exp cc_approx_val k j P1 P2 P3 P4 p1 p2)
(at level 70, no associativity).
Notation "p1 << ^ ( k ; j ; P1 ; P2 ; b ) p2" :=
(cc_approx_clos (cc_approx_val k) j P1 P2 b p1 p2)
(at level 70, no associativity).
(** Unfold the recursion. A more compact definition of the value relation. *)
Definition cc_approx_val' (k : nat) (j : nat) (IP : GIInv) (P : GInv) (b : Inj) (r1 r2 : ans) : Prop :=
match r1, r2 with
| OOT, OOT => True (* Both programs timeout *)
| Res (v1, H1), Res (v2, H2) => (* Both programs terminate *)
match v1, v2 with
| Loc l1, Loc l2 =>
b l1 = l2 /\
match get l1 H1, get l2 H2 with
| Some (Constr c1 vs1), Some (Constr c2 vs2) =>
c1 = c2 /\
(forall i, (i < j)%nat ->
let R l1 l2 := cc_approx_val k i IP P b (Res (l1, H1)) (Res (l2, H2)) in
Forall2 R vs1 vs2)
| Some (Clos (FunPtr B1 f1) (Loc env_loc1)), Some (Constr c [FunPtr B2 f2; Loc env_loc2]) =>
(forall i, (i < j)%nat -> (env_loc1, H1) << ^ ( k ; i ; IP ; P ; b ) (env_loc2, H2) ) /\
forall (b1 b2 : Inj)
env_loc1' (rho_clo rho_clo1 rho_clo2 : env) (H1' H1'' H2' : heap block)
(env_loc2' : loc)
(xs1 : list var) (ft : fTag) (e1 : exp) (vs1 vs2 : list value),
(Loc env_loc1, H1) ≈_(id, b1) (Loc env_loc1', H1') ->
injective_subdomain (reach' H1' [set env_loc1']) b1 ->
(Loc env_loc2, H2) ≈_(b2, id) (Loc env_loc2', H2') ->
injective_subdomain (reach' H2 [set env_loc2]) b2 ->
find_def f1 B1 = Some (ft, xs1, e1) ->
get env_loc1' H1' = Some (Env rho_clo) ->
def_closures B1 B1 rho_clo H1' (Loc env_loc1') = (H1'', rho_clo1) ->
setlist xs1 vs1 rho_clo1 = Some rho_clo2 ->
length vs1 = length vs2 ->
exists (xs2 : list var) (e2 : exp) (rho2' : env),
find_def f2 B2 = Some (ft, xs2, e2) /\
Some rho2' = setlist xs2 ((Loc env_loc2') :: vs2) (def_funs B2 B2 (M.empty _)) /\
(forall i ,
(i < k)%nat ->
forall b',
let R j v1 v2 := cc_approx_val i j IP P b'(Res (v1, H1')) (Res (v2, H2')) in
(forall j, Forall2 (R j) vs1 vs2) ->
f_eq_subdomain (reach' H1' [set env_loc1']) (b2 ∘ b ∘ b1) b' ->
(forall (H2 : heap block) b2,
live' (env_locs rho2' (occurs_free e2)) H2' H2 b2 ->
IP (name_in_fundefs B1 :&: occurs_free e1 \\ FromList xs1) _
(reach_size H1'' rho_clo2 e1)
(1 + (PS.cardinal (fundefs_fv B1)))
(H1'', rho_clo2, e1) (H2, subst_env b2 rho2', e2)) /\
(forall j, cc_approx_exp cc_approx_val
i j
(IP (name_in_fundefs B1 :&: occurs_free e1 \\ FromList xs1) _
(reach_size H1'' rho_clo2 e1)
(1 + (PS.cardinal (fundefs_fv B1)))) IP
(P (reach_size H1'' rho_clo2 e1)
(1 + (PS.cardinal (fundefs_fv B1)))) P
(e1, rho_clo2, H1'') (e2, rho2', H2')))
| _, _ => False
end
| _, _ => False
end
| _, _ => False
end.
Opaque cc_approx_clos.
(** Correspondence of the two definitions *)
Lemma cc_approx_val_eq (k j : nat) IP P b (v1 v2 : ans) :
cc_approx_val k j IP P b v1 v2 <-> cc_approx_val' k j IP P b v1 v2.
Proof.
destruct k as [ | k ]; destruct j as [| j];
destruct v1 as [[[l1 | lf1 f1] H1] |]; destruct v2 as [[[l2 | lf2 f2] H2] |];
try (now split; intros; contradiction);
try (now simpl; eauto).
- split; simpl; [ intros [Heqb Hc] |];
destruct (get l1 H1) as [b1|]; destruct (get l2 H2) as [b2|]; try now eauto.
{ destruct b1 as [c1 vs1 | [? | B1 f1] [ env_loc1 | ] | ];
destruct b2 as [c2 vs2 | | ]; try contradiction.
destruct Hc as [Heq' Hyp].
split. eauto. now split; eauto.
destruct vs2 as [ | [| B2 f2 ] [| [ env_loc2 |] [|]] ]; try contradiction.
destruct Hc as [Hcc Hyp].
split; eauto. split; eauto. split; eauto. omega. omega.
intros b1 b2 el tc1 tc2 tc3 H1' H1'' H2' env_loc' xs1 ft
e1 vs1 vs2 Heq1 Hr1 Heq2 Hr2 Hfind Hget Hdef Hset Hlen.
edestruct Hyp
as (xs2 & e2 & rho2' & Hfind' & Hset' & Hi); eauto.
do 3 eexists; split; [ | split ]; try now eauto. }
{ destruct b1 as [c1 vs1 | [? | B1 f1] [ env_loc1 |] | ];
destruct b2 as [c2 vs2 | | ]; eauto.
+ clear; now firstorder.
+ destruct vs2 as [ | [| B2 f2] [| [env_loc2 |] [|]] ]; eauto.
intros [Heqb [Him Hyp]]. split; eauto. split; eauto.
intros b1 b2 el tc1 tc2 tc3 H1' H1'' H2' env_loc' xs1 ft
e1 vs1 vs2 Heq1 Hr1 Heq2 Hr2 Hget Hfind Hdef Hset Hlen.
edestruct Hyp
as (xs2 & e2 & rho2' & Hfind' & Hset' & Hi); eauto.
do 3 eexists; split; [ | split ]; eauto. }
- split; simpl; [ intros [Heqb Hc] |];
destruct (get l1 H1) as [b1|]; destruct (get l2 H2) as [b2|]; try now eauto.
{ destruct b1 as [c1 vs1 | [? | B1 f1] [ env_loc1 |] | ];
destruct b2 as [c2 vs2 | | ]; try contradiction.
+ destruct Hc as [Hin Hyp].
split; [ eassumption | split; [ eassumption |]].
intros i Hleq. eapply Forall2_monotonic; [| now eauto ].
intros x1 x2 Hap.
assert (Heqi : j - (j - i) = i) by omega.
rewrite !Heqi in Hap.
eassumption.
+ destruct vs2 as [ | [| B2 f2] [| [env_loc2 |] [|]] ]; eauto.
destruct Hc as [Henv Hyp].
subst.
split; eauto. split.
intros i Hlt.
assert (Heqi : j - (j - i) = i) by omega.
rewrite <- Heqi. now eapply Henv; eauto.
intros b1 b2 el tc1 tc2 tc3 H1' H1'' H2' env_loc' xs1
ft e1 vs1 vs2 Heq1 Hr1 Heq2 Hr2 Hget Hfind Hdef Hset Hlen.
edestruct Hyp
as (xs2 & e2 & rho2' & Hfind' & Hset' & Hi); eauto.
do 3 eexists; split; [ | split ]; try (now eauto). }
{ destruct b1 as [c1 vs1 | [? | B1 f1] [ env_loc1|] | ];
destruct b2 as [c2 vs2 | | ]; eauto.
+ intros [Heq1 [Heq2 Hi]]. subst.
split; [ reflexivity | split; [ reflexivity |]].
intros i Hleq. eapply Forall2_monotonic; [| now eauto ].
intros x1 x2 Hap.
assert (Heqi : j - (j - i) = i) by omega. rewrite !Heqi.
eassumption.
+ destruct vs2 as [ | [| B2 f2] [| [env_loc2 |] [|]] ]; eauto.
intros [Heqb [Henv Hyp]]. split; eauto.
split.
intros i Hlt. assert (Heqi : j - (j - i) = i) by omega.
rewrite Heqi. now eapply Henv; eauto.
intros b1 b2 el tc1 tc2 tc3 H1' H1'' H2' env_loc' xs1 ft e1
vs1 vs2 Heq1 Hr1 Heq2 Hr2 Hget Hfind Hdef Hset Hlen.
edestruct Hyp
as (xs2 & e2 & rho2' & Hfind' & Hset' & Hi); eauto.
do 3 eexists; split; [ | split ]; try (now eauto). }
- split; simpl; [ intros [Heqb Hc] |];
destruct (get l1 H1) as [b1|]; destruct (get l2 H2) as [b2|]; try now eauto.
{ destruct b1 as [c1 vs1 | [? | B1 f1] [ env_loc1 |] | ];
destruct b2 as [c2 vs2 | | ]; try contradiction.
+ destruct Hc as [Hc Hyp].
split; eauto. split; eauto. intros; omega.
+ simpl. destruct vs2 as [ | [| B2 f2] [| [env_loc2 |] [|]] ]; eauto.
destruct Hc as [Henv Hyp].
subst. split; eauto. split.
intros; omega.
intros b1 b2 el tc1 tc2 tc3 H1' H1'' H2' env_loc' xs1 ft e1
vs1 vs2 Heq1 Hr1 Heq2 Hr2 Hget Hfind Hdef Hset Hlen.
edestruct Hyp
as (xs2 & e2 & rho2' & Hfind' & Hset' & Hi); eauto.
do 3 eexists; split; [ | split ]; try (now eauto).
simpl. intros i Hleq b' Hall Hfeq.
assert (Heqi : k - (k - i) = i) by omega.
replace i with (k - (k - i)) by eassumption.
eapply Hi; eauto. intros j'.
eapply Forall2_monotonic; [| now eauto ].
intros x1 x2 Hap. rewrite Heqi. simpl in Hap. eassumption.
}
{ destruct b1 as [c1 vs1 | [? | B1 f1] [ env_loc1 |] | ];
destruct b2 as [c2 vs2 | | ]; eauto.
+ intros [Heq1 [Heq2 Hi]].
subst. split; [ reflexivity | split; [ reflexivity |]]; eauto.
+ destruct vs2 as [ | [| B2 f2] [| [env_loc2 |] [|]] ]; eauto.
intros [Heq1 [Heq2 Hyp]].
subst. split; eauto. split.
intros i Hlt; omega.
intros le b1 b2 tc1 tc2 tc3 H1' H1'' H2' env_loc' xs1 ft
e1 vs1 vs2 Heq1 Hr1 Heq2' Hr2 Hget Hfind Hdef Hset Hlen.
edestruct Hyp
as (xs2 & e2 & rho2' & Hfind' & Hset' & Hi); eauto.
do 3 eexists; split; [ | split ]; try (now eauto).
intros i b' Hleq Hall Hfeq.
assert (Heqi : k - (k - i) = i) by omega.
replace i with (k - (k - i)) in Hi by eassumption.
eapply Hi; eauto. omega. }
(* eapply Forall2_monotonic; [| now eauto ]. *)
(* intros x1 x2 Hap. rewrite <- Heqi. eassumption. *)
(* } *)
- split; simpl; [ intros [Heqb Hc] |];
destruct (get l1 H1) as [b1|]; destruct (get l2 H2) as [b2|]; try now eauto.
{ destruct b1 as [c1 vs1 | [? | B1 f1] [ env_loc1 |] | ];
destruct b2 as [c2 vs2 | | ]; try contradiction.
+ destruct Hc as [Heq2 Hi]; split; [ eassumption | split; [eassumption |]].
intros i Hleq. eapply Forall2_monotonic; [| now eauto ].
intros x1 x2 Hap.
assert (Heqi : j - (j - i) = i) by omega.
rewrite !Heqi in Hap.
eassumption.
+ destruct vs2 as [ | [| B2 f2] [| [env_loc2 |] [|]] ]; eauto.
destruct Hc as [Henv Hyp]; split; eauto. split.
intros i Hlt.
assert (Heqi : j - (j - i) = i) by omega.
rewrite <- Heqi. now eapply Henv; eauto.
intros b1 b2 el tc1 tc2 tc3 H1' H1'' H2' env_loc' xs1
ft e1 vs1 vs2 Heq1 Hr1 Heq2' Hr2 Hget Hfind Hdef Hset Hlen.
edestruct Hyp
as (xs2 & e2 & rho2' & Hfind' & Hset' & Hi); eauto.
do 3 eexists; split; [ | split ]; try (now eauto).
simpl. intros i b' Hleq Hfeq Hall.
assert (Heqi : k - (k - i) = i) by omega.
replace i with (k - (k - i)) by eassumption.
eapply Hi; eauto. intros j'.
eapply Forall2_monotonic; [| now eauto ].
intros x1 x2 Hap. rewrite Heqi. eapply Hap.
}
{ destruct b1 as [c1 vs1 | [? | B1 f1] [ env_loc1 |] | ];
destruct b2 as [c2 vs2 | | ]; eauto.
+ intros [Heq1 [Heq2 Hi]].
subst. split; [ reflexivity | split; [ reflexivity |]]; eauto.
intros i Hleq. eapply Forall2_monotonic; [| now eauto ].
intros x1 x2 Hap.
assert (Heqi : j - (j - i) = i) by omega. rewrite !Heqi.
eassumption.
+ destruct vs2 as [ | [| B2 f2] [| [env_loc2 |] [|]] ]; eauto.
intros [Hb [Henv Hyp]].
split; eauto. split.
intros i Hlt.
assert (Heqi : j - (j - i) = i) by omega.
rewrite Heqi. now eapply Henv; eauto.
intros el b1 b2 tc1 tc2 tc3 H1' H1'' H2' env_loc' xs1
ft e1 vs1 vs2 Heq1 Hr1 Heq2 Hr2 Hget Hfind Hdef Hset Hlen.
edestruct Hyp
as (xs2 & e2 & rho2' & Hfind' & Hset' & Hi); eauto.
do 3 eexists; split; [ | split ]; try (now eauto).
intros i b' Hleq Hfeq Hall'.
assert (Heqi : k - (k - i) = i) by omega.
replace i with (k - (k - i)) in Hi by eassumption.
eapply Hi; eauto. omega. }
Qed.
Opaque cc_approx_val.
(** * Environment relations *)
(** Environment relation for a single point (i.e. variable) :
* ρ1 ~_k^x ρ2 iff ρ1(x) = Some v -> ρ2(x) = Some v' /\ v ~_k v' *)
Definition cc_approx_var_env (k j : nat) IP P b (H1 : heap block) (rho1 : env)
(H2 : heap block) (rho2 : env) (x y : var) : Prop :=
forall l1,
M.get x rho1 = Some l1 ->
exists l2, M.get y rho2 = Some l2 /\
cc_approx_val' k j IP P b (Res (l1, H1)) (Res (l2, H2)).
(** Environment relation for a set of points (i.e. predicate over variables) :
* ρ1 ~_k^S ρ2 iff
* forall x, S x -> ρ1(x) = Some v -> ρ2(x) = Some v' /\ v ~_k v' *)
Definition cc_approx_env_P (S : Ensemble var) k j IP P b (c1 c2 : heap block * env) :=
let (H1, rho1) := c1 in
let (H2, rho2) := c2 in
forall (x : var), S x -> cc_approx_var_env k j IP P b H1 rho1 H2 rho2 x x.
Notation "p1 ≺ ^ ( k ; j ; IP ; P ; b ) p2" := (cc_approx_val' k j IP P b p1 p2)
(at level 70, no associativity).
Notation "p1 ⋞ ^ ( R ; k ; j ; IP ; P ; b ) p2" := (cc_approx_env_P R k j IP P b p1 p2)
(at level 70, no associativity).
Definition cc_approx_heap (S : Ensemble loc) k j IP P b (H1 H2 : heap block) :=
forall (x : loc), S x ->
Res (Loc x, H1) ≺ ^ ( k ; j ; IP ; P ; b ) Res (Loc (b x), H2) \/
(x, H1) << ^ ( k ; j ; IP ; P ; b ) (b x, H2).
Notation "S |- H1 ≼ ^ ( k ; j ; IP ; P ; b ) H2" :=
(cc_approx_heap S k j IP P b H1 H2) (at level 70, no associativity).
(** Environment relation for the whole domain of definition :
* ρ1 ~_k ρ2 iff forall x, ρ1(x) = v => ρ2(x) = v' /\ v ~_k v' *)
Definition cc_approx_env (k j : nat) IP P b c1 c2 : Prop :=
c1 ⋞ ^ (Full_set _; k; j; IP; P; b ) c2.
(** * Environment Invariants for Closure Conversion *)
(** Naming conventions in the following :
[Scope] : The set of variables currently in scope.
[Funs] : The set of variables in the current block of mutually recursive
functions.
[FVs] : The list of free variables (needs to be ordered).
[Γ] : The formal parameter of the environment after closure conversion. *)
Section LogRelLemmas.
Context (LIP : IInv)
(GIP : GIInv)
(LP : Inv)
(GP : GInv)
(b : Inj).
(** * Monotonicity Properties *)
(** The environment relation is antimonotonic in the set of free variables *)
Lemma cc_approx_env_P_antimon (S1 S2 : Ensemble var) (k j : nat)
(c1 c2 : (heap block) * env) :
c1 ⋞ ^ ( S2 ; k ; j ; GIP ; GP ; b ) c2 ->
S1 \subset S2 ->
c1 ⋞ ^ ( S1 ; k ; j ; GIP ; GP ; b ) c2.
Proof.
destruct c1 as [H1 rho1]; destruct c2 as [H2 rho2].
intros Hpre Hin x Hin'. eapply Hpre; eapply Hin; eauto.
Qed.
Lemma cc_approx_heap_antimon P1 P2 k j IP P (H1 H2 : heap block) :
P1 \subset P2 ->
P2 |- H1 ≼ ^ ( k ; j ; IP ; P ; b ) H2 ->
P1 |- H1 ≼ ^ ( k ; j ; IP ; P ; b ) H2.
Proof.
intros Hsub Hcc x Hin. eapply Hcc; eauto. eapply Hsub; eauto.
Qed.
(** The expression relation is monotonic in the local invariant *)
Lemma cc_approx_exp_rel_mon_post k j LIP1 GIP1 (LP1 LP2 : Inv) (GP1 : GInv)
(p1 p2 : exp * env * heap block) :
p1 ⪯ ^ ( k ; j ; LIP1 ; GIP1 ; LP1 ; GP1 ) p2 ->
inclusion _ LP1 LP2 ->
p1 ⪯ ^ ( k ; j ; LIP1 ; GIP1 ; LP2 ; GP1 ) p2.
Proof.
destruct p1 as [[e1 H1] rho1].
destruct p2 as [[e2 H2] rho2].
intros Hcc Hin b1 b2 H1' H2' rho1' rho2' v1 c1 m1 HH1 Hr1 HH2 Hr2 Hip Hleq Hstep Hstuck.
edestruct Hcc as [v2 [c2 [m2 [b' [Hstep' [HInv Hval]]]]]]; eauto.
repeat eexists; eauto.
Qed.
(** The expression relation is monotonic in the local invariant *)
Lemma cc_approx_exp_rel_mon_pre k j LIP1 LIP2 GIP1 (LP1 : Inv) (GP1 : GInv)
(p1 p2 : exp * env * heap block) :
p1 ⪯ ^ ( k ; j ; LIP1 ; GIP1 ; LP1 ; GP1 ) p2 ->
inclusion _ LIP2 LIP1 ->
p1 ⪯ ^ ( k ; j ; LIP2 ; GIP1 ; LP1 ; GP1 ) p2.
Proof.
destruct p1 as [[e1 H1] rho1].
destruct p2 as [[e2 H2] rho2].
intros Hcc Hin b1 b2 H1' H2' rho1' rho2' v1 c1 m1 HH1 Hr1 HH2 Hr2 Hip Hleq Hstep Hstuck.
edestruct Hcc as [v2 [c2 [m2 [b' [Hstep' [HInv Hval]]]]]]; eauto.
Qed.
(** The logical relation respects equivalence of the global invariant *)
Lemma cc_approx_exp_same_rel_IH k j LIP1 GIP1 LP1 (GP1 GP2 : GInv) p1 p2 :
(forall m b r1 r2,
m <= k ->
r1 ≺ ^ (m ; j ; GIP1 ; GP1 ; b ) r2 ->
r1 ≺ ^ (m ; j ; GIP1 ; GP2 ; b ) r2) ->
p1 ⪯ ^ ( k ; j ; LIP1 ; GIP1 ; LP1 ; GP1 ) p2 ->
(forall k1 k2, same_relation _ (GP1 k1 k2) (GP2 k1 k2)) ->
p1 ⪯ ^ ( k ; j ; LIP1 ; GIP1 ; LP1 ; GP2 ) p2.
Proof.
destruct p1 as [[e1 H1] rho1].
destruct p2 as [[e2 H2] rho2].
intros IH Hcc Hin b1 b2 H1' H2' rho1' rho2'
v1 c1 m1 HH1 Hr1 HH2 Hr2 Hip Hleq Hstep Hstuck.
edestruct Hcc as [v2 [c2 [m2 [b' [Hstep' [HInv Hval]]]]]]; eauto.
repeat eexists; eauto.
rewrite cc_approx_val_eq.
eapply IH; eauto. omega.
rewrite <- cc_approx_val_eq; eauto.
Qed.
Opaque cc_approx_exp.
Lemma cc_approx_val_same_rel (k j : nat) (GP1 GP2 : GInv) (b1 : Inj) r1 r2 :
r1 ≺ ^ (k ; j ; GIP ; GP1 ; b1 ) r2 ->
(forall k1 k2, same_relation _ (GP1 k1 k2) (GP2 k1 k2)) ->
r1 ≺ ^ (k ; j ; GIP ; GP2 ; b1 ) r2.
Proof.
revert j b1 GP1 GP2 r1 r2.
induction k as [k IHk] using lt_wf_rec1. intros j.
induction j as [j IHj] using lt_wf_rec1.
intros b' GP1 GP2 r1 r2.
destruct r1 as [[[l1 | lf1 f1] H1] |];
destruct r2 as [[[l2 | lf2 f2] H2] |]; simpl;
try (now intros; contradiction); try (now simpl; eauto).
destruct (get l1 H1) as [b1|]; destruct (get l2 H2) as [b2|]; eauto.
destruct b1 as [c1 vs1 | [? | B1 f1] [ env_loc1 |] | ];
destruct b2 as [c2 vs2 | | ]; eauto; intros [Heq Hcc] Hrel; split; eauto.
- destruct Hcc as [Heq' Hcc]. split; [ eassumption |].
intros i Hleq. eapply Forall2_monotonic; [| now eauto ].
intros x1 x2 Hap.
rewrite cc_approx_val_eq in *. eapply IHj; try eassumption.
- destruct vs2 as [ | [| B2 f2] [| [env_loc2 |] [|]] ]; eauto.
destruct Hcc as [Henv Hcc]. split; eauto.
intros i Hlt.
edestruct Henv as (Heql & rhoc & c & vs & FVs & Hnd & Hget1 & Heqfv & Hget2 & Hall); try eassumption.
split; eauto. do 4 eexists. repeat (split; try eassumption).
eapply Forall2_monotonic; [| eassumption ].
intros x1 x2 [l1' [Hget Hval]].
eexists; split; eauto. rewrite cc_approx_val_eq in *.
eapply IHj; eassumption.
intros b1 b2 el tc1 tc2 tc3 H1' H1'' H2' env_loc' xs1 ft e1
vs1 vs2 Heq1 Hr1 Heq2 Hr2 Hget Hfind Hdef Hset Hlen.
edestruct Hcc
as (xs2 & e2 & rho2' & Hfind' & Hset' & Hi); eauto.
do 3 eexists; split; [ | split ]; try (now eauto).
intros i Hleq b''. simpl. intros Hrel' Hfeq1.
split.
edestruct (Hi i) as [HI Hcc']; eauto.
+ intros j'. eapply Forall2_monotonic; [| now eapply Hrel' ].
intros. rewrite cc_approx_val_eq.
eapply IHk; eauto. now rewrite <- cc_approx_val_eq; simpl in *; eauto.
intros. split; now eapply Hrel.
+ intros j'. eapply cc_approx_exp_same_rel_IH with (GP1 := GP1); try eassumption.
intros; eapply IHk. omega. eassumption. eassumption.
eapply cc_approx_exp_rel_mon_post. eapply Hi. eassumption.
intros j''.
eapply Forall2_monotonic; [| now eapply Hrel' ].
intros. rewrite cc_approx_val_eq.
eapply IHk; eauto. now rewrite <- cc_approx_val_eq; simpl in *; eauto.
intros. split; now eapply Hrel. eassumption.
now eapply Hrel.
Qed.
Transparent cc_approx_exp.
Lemma cc_approx_exp_same_rel (P : relation nat) k j (GP' : GInv)
p1 p2 :
p1 ⪯ ^ ( k ; j ; LIP ; GIP ; LP ; GP ) p2 ->
(forall k1 k2, same_relation _ (GP k1 k2) (GP' k1 k2)) ->
p1 ⪯ ^ ( k ; j ; LIP ; GIP ; LP ; GP' ) p2.
Proof.
intros Hcc Hin. eapply cc_approx_exp_same_rel_IH; try eassumption.
intros. eapply cc_approx_val_same_rel in Hin; eauto.
Qed.
(** The value relation is monotonic in the step index *)
Lemma cc_approx_val_monotonic (k m j : nat) (r1 r2 : ans) b' :
r1 ≺ ^ (k; j; GIP ; GP; b') r2 ->
m <= k ->
r1 ≺ ^ (m; j; GIP ; GP; b') r2.
Proof.
revert j k r1 r2. induction m as [m IHk] using lt_wf_rec1.
intros j. induction j as [j IHj] using lt_wf_rec1.
intros k r1 r2.
destruct r1 as [[[l1 | lf1 f1] H1] |]; destruct r2 as [[[l2 | lf2 f2] H2] |]; simpl;
try (now intros; contradiction); try (now simpl; eauto).
- destruct (get l1 H1) as [b1|]; destruct (get l2 H2) as [b2|]; eauto.
intros [Heq Hcc] Hleq. split; [ eassumption |].
destruct b1 as [c1 vs1 | [? | B1 f1] [ env_loc1 | ] | ];
destruct b2 as [c2 vs2 | | ]; eauto.
+ destruct Hcc as [Heq' Hi]; split; [ eassumption |].
intros i Hleq'. simpl.
eapply Forall2_monotonic; [| now eauto ].
intros x1 x2 Hap.
rewrite cc_approx_val_eq in *. eapply IHj; try eassumption.
+ destruct vs2 as [ | [| B2 f2] [| [env_loc2 |] [|]] ]; eauto.
destruct Hcc as [Henv Hcc]. split; eauto.
intros i Hlt.
edestruct Henv as (Heql & rhoc & c & vs & FVs & Hnd & Hget1 & Heqfv & Hget2 & Hall); try eassumption.
split; eauto. do 4 eexists. repeat (split; try eassumption).
eapply Forall2_monotonic; [| eassumption ].
intros x1 x2 [l1' [Hget Hval]]. eexists; split. eassumption.
rewrite cc_approx_val_eq in *. eapply IHj; eassumption.
intros b1 b2 el tc1 tc2 tc3 H1' H1'' H2' env_loc'
xs1 ft e1 vs1 vs2 Heq1 Hr1 Heq2 Hr2 Hget Hfind Hdef Hset Hlen.
edestruct Hcc
as (xs2 & e2 & rho2' & Hfind' & Hset' & Hi'); eauto.
do 3 eexists; split; [ | split ]; try (now eauto).
intros i Hleq' R Hfeq Hall.
eapply Hi'; try eassumption. omega.
Qed.
Lemma cc_approx_clos_monotonic (k m j : nat) (p1 : loc * heap block)
(p2 : loc * heap block) b' :
p1 << ^ (k; j; GIP; GP; b') p2 ->
m <= k ->
p1 << ^ (m; j; GIP; GP; b') p2.
Proof.
intros Hheap Hleq. destruct p1 as [l1 H1]. destruct p2 as [l2 H2].
edestruct Hheap as (Heql & rho1 & c & vs & FVs & Hnd & Hget1 & Heqfv & Hget2 & Hall); try eassumption.
split; eauto.
do 4 eexists. repeat (split; try eassumption).
eapply Forall2_monotonic; [| eassumption ].
intros x1 x2 [y [Hval Hcc]].
eexists; split.
eassumption.
rewrite cc_approx_val_eq in *.
eapply cc_approx_val_monotonic; eauto.
Qed.
Lemma cc_approx_heap_monotonic S (k m j : nat) (H1 H2 : heap block) b' :
S |- H1 ≼ ^ (k; j; GIP; GP; b') H2 ->
m <= k ->
S |- H1 ≼ ^ (m; j; GIP; GP; b') H2.
Proof.
intros Hheap Hleq x Hin. eapply Hheap in Hin. inv Hin.
left. eapply cc_approx_val_monotonic; eauto.
right. eapply cc_approx_clos_monotonic; eauto.
Qed.
(** The expression relation is anti-monotonic in the step index *)
Lemma cc_approx_exp_monotonic (k m j : nat) p1 p2 :
p1 ⪯ ^ ( k ; j ; LIP ; GIP ; LP ; GP ) p2 ->
m <= k ->
p1 ⪯ ^ ( m ; j ; LIP ; GIP ; LP ; GP ) p2.
Proof.
destruct p1 as [[e1 H1] rho1]; destruct p2 as [[e2 H2] rho2].
intros Hpre Hleq b1 b2 H1' H2' rho1' rho2' v1 c1 m1 HH1 Hr1 HH2 Hr2 HIP Hleq' Hstep Hstuck.
edestruct (Hpre b1 b2 H1' H2' rho1' rho2' v1 c1)
as [v2 [c2 [m2 [b2' [Hstep2 [Hleq2 H3]]]]]]; eauto.
omega. do 5 eexists; repeat split; eauto.
rewrite cc_approx_val_eq in *.
eapply cc_approx_val_monotonic; eauto. omega.
Qed.
(** The environment relations are anti-monotonic in the step index *)
Lemma cc_approx_env_P_monotonic (R : Ensemble var) (k m j : nat)
c1 c2 :
c1 ⋞ ^ ( R ; k ; j ; GIP ; GP ; b ) c2 ->
m <= k ->
c1 ⋞ ^ ( R ; m ; j ; GIP ; GP ; b ) c2.
Proof.
destruct c1 as [H1 rho1]; destruct c2 as [H2 rho2].
intros Hcc Hleq x HP v Hget.
edestruct Hcc as [v2 [Heq Hpre2]]; eauto.
eexists; split; eauto.
eapply cc_approx_val_monotonic; eauto.
Qed.
Lemma cc_approx_env_monotonic (k m j : nat) c1 c2 :
cc_approx_env k j GIP GP b c1 c2 ->
m <= k ->
cc_approx_env m j GIP GP b c1 c2.
Proof.
intros Hleq H. eapply cc_approx_env_P_monotonic; eauto.
Qed.
(** The value relation is monotonic in the heap index *)
Lemma cc_approx_val_j_monotonic GIP' GP' (k i j : nat) (r1 r2 : ans) b' :
r1 ≺ ^ (k; j; GIP' ; GP' ; b' ) r2 ->
i <= j ->
r1 ≺ ^ (k; i; GIP' ; GP' ; b' ) r2.
Proof.
destruct r1 as [[[l1 | lf1 f1] H1] |]; destruct r2 as [[[l2 | lf2 f2] H2] |]; simpl;
try (now intros; contradiction); try (now simpl; eauto).
destruct (get l1 H1) as [b1|]; destruct (get l2 H2) as [b2|]; eauto.
intros [Heq Hcc] Hleq. split; [ eassumption |].
destruct b1 as [c1 vs1 | [? | B1 f1] [ env_loc1 |] | ];
destruct b2 as [c2 vs2 | | ]; eauto.
+ destruct Hcc as [Heq' Hi]; split; [ eassumption |].
intros i' Hleq'. simpl. eapply (Hi i'); omega.
+ destruct vs2 as [ | [| B2 f2] [| [env_loc2 |] [|]] ]; eauto.
destruct Hcc as [Henv Hcc]. split; eauto.
intros j' Hlt. eapply Henv. omega.
Qed.
Lemma cc_approx_clos_j_monotonic (k j i : nat) (p1 : loc * heap block)
(p2 : loc * heap block) b' :
p1 << ^ (k; j; GIP; GP; b' ) p2 ->
i <= j ->
p1 << ^ (k; i; GIP; GP; b' ) p2.
Proof.
intros Hheap Hleq. destruct p1 as [rho1 H1]. destruct p2 as [l2 H2].
edestruct Hheap as (Hleq' & rho & c & vs & FVs & Hnd & Hget1 & Heqfv & Hget & Hall); try eassumption.
split; eauto.
do 4 eexists. repeat (split; try eassumption).
eapply Forall2_monotonic; [| eassumption ].
intros x1 x2 [y [Hget' Hval]].
eexists; split; eauto.
rewrite cc_approx_val_eq in *.
eapply cc_approx_val_j_monotonic; eauto.
Qed.
Lemma cc_approx_heap_j_monotonic S (k j i : nat) (H1 H2 : heap block) b' :
S |- H1 ≼ ^ (k; j; GIP; GP; b') H2 ->
i <= j ->
S |- H1 ≼ ^ (k; i; GIP; GP; b') H2.
Proof.
intros Hheap Hleq x Hin. eapply Hheap in Hin. inv Hin.
left. eapply cc_approx_val_j_monotonic; eauto.
right. eapply cc_approx_clos_j_monotonic; eauto.
Qed.
(** The expression relation is anti-monotonic in the step index *)
Lemma cc_approx_exp_j_monotonic (k j j' : nat) p1 p2 :
p1 ⪯ ^ ( k ; j ; LIP ; GIP ; LP ; GP ) p2 ->
j' <= j ->
p1 ⪯ ^ ( k ; j' ; LIP ; GIP ; LP ; GP ) p2.
Proof.
destruct p1 as [[e1 H1] rho1]; destruct p2 as [[e2 H2] rho2].
intros Hpre Hleq b1 b2 H1' H2' rho1' rho2' v1 c1 m1 HH1 Hr1 HH2 Hr2 HIP Hleq' Hstep Hstuck.
edestruct (Hpre b1 b2 H1' H2' rho1' rho2' v1 c1)
as [v2 [c2 [m2 [b2' [Hstep2 [Hleq2 H3]]]]]]; eauto.
do 5 eexists; repeat split; eauto.
rewrite cc_approx_val_eq in *.
eapply cc_approx_val_j_monotonic; eauto.
Qed.
(** The environment relations are anti-monotonic in the step index *)
Lemma cc_approx_env_P_j_monotonic (R : Ensemble var) (k j j' : nat)
c1 c2 :
c1 ⋞ ^ ( R ; k ; j ; GIP ; GP ; b ) c2 ->
j' <= j ->
c1 ⋞ ^ ( R ; k ; j' ; GIP ; GP ; b ) c2.
Proof.
destruct c1 as [H1 rho1]; destruct c2 as [H2 rho2].
intros Hcc Hleq x HP v Hget.
edestruct Hcc as [v2 [Heq Hpre2]]; eauto.
eexists; split; eauto.
eapply cc_approx_val_j_monotonic; eauto.
Qed.
Lemma cc_approx_env_j_monotonic (k j' j : nat) c1 c2 :
cc_approx_env k j GIP GP b c1 c2 ->
j' <= j ->
cc_approx_env k j' GIP GP b c1 c2.
Proof.
intros Hleq H. eapply cc_approx_env_P_j_monotonic; eauto.
Qed.
(** * Set lemmas *)
Lemma cc_approx_env_Empty_set (k j : nat) c1 c2 :
c1 ⋞ ^ ( Empty_set var ; k ; j ; GIP ; GP ; b ) c2.
Proof.
destruct c1 as [H1 rho1]; destruct c2 as [H2 rho2].
simpl. intros x Hc. inv Hc.
Qed.
Lemma cc_approx_env_P_union (P1 P2 : Ensemble var) (k j : nat) c1 c2 :
c1 ⋞ ^ ( P1 ; k ; j ; GIP ; GP ; b ) c2 ->
c1 ⋞ ^ ( P2 ; k ; j ; GIP ; GP ; b ) c2 ->
c1 ⋞ ^ ( P1 :|: P2 ; k ; j ; GIP ; GP ; b ) c2.
Proof.
destruct c1 as [H1 rho1]; destruct c2 as [H2 rho2].
intros Hpre1 Hpre2 x HP2. inv HP2; eauto.
Qed.
Lemma cc_approx_env_P_inter_l (P1 P2 : Ensemble var) (k j : nat) c1 c2 :
c1 ⋞ ^ ( P1 ; k ; j ; GIP ; GP ; b ) c2 ->
c1 ⋞ ^ ( P1 :&: P2 ; k ; j ; GIP ; GP ; b ) c2.
Proof.
destruct c1 as [H1 rho1]; destruct c2 as [H2 rho2].
intros Hpre x HP2. inv HP2; eauto.
Qed.
Lemma cc_approx_env_P_inter_r (P1 P2 : Ensemble var) (k j : nat) c1 c2 :
c1 ⋞ ^ ( P2 ; k ; j ; GIP ; GP ; b ) c2 ->
c1 ⋞ ^ ( P1 :&: P2 ; k ; j ; GIP ; GP ; b ) c2.
Proof.
destruct c1 as [H1 rho1]; destruct c2 as [H2 rho2].
intros Hpre x HP2. inv HP2; eauto.
Qed.
Lemma cc_approx_heap_Empty_set (k j : nat) c1 c2 :
Empty_set var |- c1 ≼ ^ (k ; j ; GIP ; GP ; b ) c2.
Proof.
now firstorder.
Qed.
Lemma cc_approx_heap_union (S1 S2 : Ensemble var) (k j : nat) c1 c2 :
S1 |- c1 ≼ ^ (k ; j ; GIP ; GP ; b ) c2 ->
S2 |- c1 ≼ ^ (k ; j ; GIP ; GP ; b ) c2 ->
S1 :|: S2 |- c1 ≼ ^ (k ; j ; GIP ; GP ; b ) c2.
Proof.
intros Hcc1 Hcc2 x Hin; inv Hin; eauto.
Qed.
Lemma cc_approx_heap_inter_l (S1 S2 : Ensemble var) (k j : nat) c1 c2 :
S1 |- c1 ≼ ^ (k ; j ; GIP ; GP ; b ) c2 ->
S1 :&: S2 |- c1 ≼ ^ (k ; j ; GIP ; GP ; b ) c2.
Proof.
intros Hpre x HP2. eapply Hpre; eauto.
now inv HP2.
Qed.
Lemma cc_approx_heap_inter_r (S1 S2 : Ensemble var) (k j : nat) c1 c2 :
S2 |- c1 ≼ ^ (k ; j ; GIP ; GP ; b ) c2 ->
S1 :&: S2 |- c1 ≼ ^ (k ; j ; GIP ; GP ; b ) c2.
Proof.
intros Hpre x HP2. eapply Hpre; eauto.
now inv HP2.
Qed.
(** * Preservation under enviroment extension lemmas *)
Lemma cc_approx_var_env_set_eq :
forall (k j : nat) (rho1 rho2 : env) (H1 H2 : heap block)
(x y : var) (v1 v2 : value),
(Res (v1, H1)) ≺ ^ (k ; j ; GIP ; GP ; b ) (Res (v2, H2)) ->
cc_approx_var_env k j GIP GP b H1 (M.set x v1 rho1) H2 (M.set y v2 rho2) x y.
Proof.
intros rho1 rho2 H1 H2 k j x y v1 v2 Hval x' Hget.
rewrite M.gss in Hget. inv Hget. eexists.
rewrite M.gss. split; eauto.
Qed.
Lemma cc_approx_var_env_set_neq :
forall (k j : nat) (rho1 rho2 : env) (H1 H2 : heap block)
(x1 x2 y1 y2 : var) (v1 v2 : value),
cc_approx_var_env k j GIP GP b H1 rho1 H2 rho2 y1 y2 ->
y1 <> x1 -> y2 <> x2 ->
cc_approx_var_env k j GIP GP b H1 (M.set x1 v1 rho1) H2 (M.set x2 v2 rho2) y1 y2.
Proof.
intros k j rho1 rho2 H1 H2 x1 x2 y1 y2 v1 v2 Hval Hneq Hneq' x' Hget.
rewrite M.gso in *; eauto.
Qed.
Lemma cc_approx_var_env_set :
forall (k j : nat) (rho1 rho2 : env) (H1 H2 : heap block)
(x y : var) (v1 v2 : value),
cc_approx_var_env k j GIP GP b H1 rho1 H2 rho2 y y ->
(Res (v1, H1)) ≺ ^ (k; j; GIP ; GP; b ) (Res (v2, H2)) ->
cc_approx_var_env k j GIP GP b H1 (M.set x v1 rho1) H2 (M.set x v2 rho2) y y.
Proof.
intros k j rho1 rho2 H1 H2 x y v1 v2 Hvar Hval.
destruct (peq y x); subst.
- apply cc_approx_var_env_set_eq; eauto.
- apply cc_approx_var_env_set_neq; eauto.
Qed.
Lemma cc_approx_var_env_set_neq_r :
forall (k j : nat) (rho1 rho2 : env) (H1 H2 : heap block)
(y1 x2 y2 : var) ( v2 : value),
cc_approx_var_env k j GIP GP b H1 rho1 H2 rho2 y1 y2 ->
y2 <> x2 ->
cc_approx_var_env k j GIP GP b H1 rho1 H2 (M.set x2 v2 rho2) y1 y2.
Proof.
intros k j rho1 rho2 H1 H2 x2 y1 y2 v2 Hval Hneq x' Hget.
rewrite M.gso in *; eauto.
Qed.
(** Extend the related environments with a single point *)
Lemma cc_approx_env_P_set (S : Ensemble var) (k j : nat)
(rho1 rho2 : env) (H1 H2 : heap block) (x : var) (v1 v2 : value) :
(H1, rho1) ⋞ ^ ( S \\ [set x] ; k ; j ; GIP ; GP ; b ) (H2, rho2) ->
(Res (v1, H1)) ≺ ^ (k ; j ; GIP ; GP; b ) (Res (v2, H2)) ->
(H1, M.set x v1 rho1) ⋞ ^ ( S ; k ; j ; GIP ; GP ; b ) (H2, M.set x v2 rho2).
Proof.
intros Henv Hval x' HP v1' Hget.
rewrite M.gsspec in Hget. destruct (peq x' x); subst.
- inv Hget. eexists. rewrite M.gss. split; eauto.
- apply Henv in Hget; eauto. destruct Hget as [v2' [Heq Hpre]].
eexists; split; eauto. rewrite M.gso; eauto. constructor; eauto.
intros Hin. inv Hin. congruence.
Qed.
(** Extend the related environments with a list *)
Lemma cc_approx_env_P_setlist_l (S : Ensemble var) (k j : nat)
(rho1 rho2 rho1' rho2' : env) (H1 H2 : heap block) xs (vs1 vs2 : list value) :
(H1, rho1) ⋞ ^ ( S \\ (FromList xs) ; k ; j ; GIP ; GP ; b ) (H2, rho2) ->
Forall2 (fun v1 v2 => (Res (v1, H1)) ≺ ^ (k ; j ; GIP ; GP ; b ) (Res (v2, H2))) vs1 vs2 ->
setlist xs vs1 rho1 = Some rho1' ->
setlist xs vs2 rho2 = Some rho2' ->
(H1, rho1') ⋞ ^ ( S ; k ; j ; GIP ; GP ; b ) (H2, rho2').
Proof.
intros Hcc Hall Hset1 Hset2 x HP v Hget.
destruct (in_dec var_dec x xs).
- edestruct (@setlist_Forall2_get value) as [v1 [v2 [Hget1 [Hget2 HP']]]];
try eassumption. subst_exp. repeat eexists; eauto.
- erewrite <- setlist_not_In in Hget; eauto.
edestruct Hcc as [v2 [Hget' Hpre']]; eauto.
constructor; eauto. repeat eexists; eauto.
erewrite <- setlist_not_In; eauto.
Qed.
Lemma cc_approx_env_P_set_not_in_P_l (S : Ensemble var) (k j : nat)
(rho1 rho2 : env) (H1 H2 : heap block) (x : var) (v : value) :
(H1, rho1) ⋞ ^ ( S ; k ; j ; GIP ; GP ; b ) (H2, rho2) ->
~ x \in S ->
(H1, M.set x v rho1) ⋞ ^ ( S ; k ; j ; GIP ; GP ; b ) (H2, rho2).
Proof.