Library mcertikos.devdrivers.ConsoleBuffIntroGenLink
Require Import LinkTemplate.
Require Import DConsoleBuffIntro.
Require Import ConsoleBuffIntroGen.
Require Import ConsoleBuffIntroGenLinkSource.
Require Import MQTicketLock.
Require Import MQTicketLockCSource.
Require Import MQTicketLockCode.
Require Import AST.
Section WITHCOMPCERTIKOS.
Context `{compcertikos_prf: CompCertiKOS} `{real_params_prf: RealParams}.
Context `{oracle_prop: MultiOracleProp}.
Lemma init_correct:
init_correct_type DConsoleBuffIntro_module mqticketlock dconsolebuffintro.
Proof.
init_correct.
specialize (Globalenvs.Genv.init_mem_characterization _ _ Hbvi Hm); eauto.
unfold Globalenvs.Genv.perm_globvar. simpl. intros (Hperm & _ & init).
specialize (init eq_refl); destruct init as (init0 & init4 & _).
econstructor.
instantiate (1:= b).
split.
intros.
assert(Mem.valid_access m2 Mint32 b (ofs × 4) Writable).
{
split.
unfold Mem.range_perm; intros; apply Hperm.
simpl in H1.
change (Z.max 2056 0) with 2056.
omega.
eexists; reflexivity.
}
assert (readable : Mem.valid_access m2 Mint32 b (ofs × 4) Readable).
{ eapply Mem.valid_access_implies; eauto; constructor. }
exploit Mem.valid_access_load; eauto.
intros [ v load ].
∃ v; split; [| split ]; eauto.
simpl.
rewrite Maps.ZMap.gi.
econstructor.
split.
∃ (Vint Integers.Int.zero).
change (Z.max 2048 0) with 2048 in init0.
change (512 × 4) with 2048.
split.
assumption.
split.
assert(Mem.valid_access m2 Mint32 b 2048 Writable).
{
split.
unfold Mem.range_perm; intros; apply Hperm.
simpl in H0.
omega.
∃ 512.
reflexivity.
}
assert (readable : Mem.valid_access m2 Mint32 b 2048 Readable).
{ eapply Mem.valid_access_implies; eauto; constructor. }
exploit Mem.valid_access_load; eauto.
simpl.
econstructor.
reflexivity.
omega.
∃ (Vint Integers.Int.zero).
change (Z.max 2052 0) with 2052 in init0.
change ((512 + 1) × 4) with 2052.
split.
assumption.
split.
assert(Mem.valid_access m2 Mint32 b 2052 Writable).
{
split.
unfold Mem.range_perm; intros; apply Hperm.
simpl in H0.
omega.
∃ 513.
reflexivity.
}
assert (readable : Mem.valid_access m2 Mint32 b 2052 Readable).
{ eapply Mem.valid_access_implies; eauto; constructor. }
exploit Mem.valid_access_load; eauto.
simpl.
econstructor.
reflexivity.
omega.
assumption.
Qed.
Lemma link_correct_aux:
link_correct_aux_type DConsoleBuffIntro_module mqticketlock dconsolebuffintro.
Proof.
link_correct_aux.
- link_cfunction
cons_buf_init_concrete_spec_ref
MQTICKETLOCKCODE.cons_buf_init_correct.
- link_cfunction
cons_buf_write_concrete_spec_ref
MQTICKETLOCKCODE.cons_buf_write_correct.
- link_cfunction
cons_buf_read_concrete_spec_ref
MQTICKETLOCKCODE.cons_buf_read_correct.
- link_cfunction
cons_buf_wpos_concrete_spec_ref
MQTICKETLOCKCODE.cons_buf_wpos_correct.
- apply passthrough_correct.
Qed.
Theorem cl_backward_simulation:
cl_backward_simulation_type DConsoleBuffIntro_module mqticketlock dconsolebuffintro.
Proof.
cl_backward_simulation init_correct link_correct_aux.
Qed.
Theorem make_program_exists:
make_program_exist_type DConsoleBuffIntro_module mqticketlock dconsolebuffintro.
Proof.
make_program_exists link_correct_aux.
Qed.
End WITHCOMPCERTIKOS.
Require Import DConsoleBuffIntro.
Require Import ConsoleBuffIntroGen.
Require Import ConsoleBuffIntroGenLinkSource.
Require Import MQTicketLock.
Require Import MQTicketLockCSource.
Require Import MQTicketLockCode.
Require Import AST.
Section WITHCOMPCERTIKOS.
Context `{compcertikos_prf: CompCertiKOS} `{real_params_prf: RealParams}.
Context `{oracle_prop: MultiOracleProp}.
Lemma init_correct:
init_correct_type DConsoleBuffIntro_module mqticketlock dconsolebuffintro.
Proof.
init_correct.
specialize (Globalenvs.Genv.init_mem_characterization _ _ Hbvi Hm); eauto.
unfold Globalenvs.Genv.perm_globvar. simpl. intros (Hperm & _ & init).
specialize (init eq_refl); destruct init as (init0 & init4 & _).
econstructor.
instantiate (1:= b).
split.
intros.
assert(Mem.valid_access m2 Mint32 b (ofs × 4) Writable).
{
split.
unfold Mem.range_perm; intros; apply Hperm.
simpl in H1.
change (Z.max 2056 0) with 2056.
omega.
eexists; reflexivity.
}
assert (readable : Mem.valid_access m2 Mint32 b (ofs × 4) Readable).
{ eapply Mem.valid_access_implies; eauto; constructor. }
exploit Mem.valid_access_load; eauto.
intros [ v load ].
∃ v; split; [| split ]; eauto.
simpl.
rewrite Maps.ZMap.gi.
econstructor.
split.
∃ (Vint Integers.Int.zero).
change (Z.max 2048 0) with 2048 in init0.
change (512 × 4) with 2048.
split.
assumption.
split.
assert(Mem.valid_access m2 Mint32 b 2048 Writable).
{
split.
unfold Mem.range_perm; intros; apply Hperm.
simpl in H0.
omega.
∃ 512.
reflexivity.
}
assert (readable : Mem.valid_access m2 Mint32 b 2048 Readable).
{ eapply Mem.valid_access_implies; eauto; constructor. }
exploit Mem.valid_access_load; eauto.
simpl.
econstructor.
reflexivity.
omega.
∃ (Vint Integers.Int.zero).
change (Z.max 2052 0) with 2052 in init0.
change ((512 + 1) × 4) with 2052.
split.
assumption.
split.
assert(Mem.valid_access m2 Mint32 b 2052 Writable).
{
split.
unfold Mem.range_perm; intros; apply Hperm.
simpl in H0.
omega.
∃ 513.
reflexivity.
}
assert (readable : Mem.valid_access m2 Mint32 b 2052 Readable).
{ eapply Mem.valid_access_implies; eauto; constructor. }
exploit Mem.valid_access_load; eauto.
simpl.
econstructor.
reflexivity.
omega.
assumption.
Qed.
Lemma link_correct_aux:
link_correct_aux_type DConsoleBuffIntro_module mqticketlock dconsolebuffintro.
Proof.
link_correct_aux.
- link_cfunction
cons_buf_init_concrete_spec_ref
MQTICKETLOCKCODE.cons_buf_init_correct.
- link_cfunction
cons_buf_write_concrete_spec_ref
MQTICKETLOCKCODE.cons_buf_write_correct.
- link_cfunction
cons_buf_read_concrete_spec_ref
MQTICKETLOCKCODE.cons_buf_read_correct.
- link_cfunction
cons_buf_wpos_concrete_spec_ref
MQTICKETLOCKCODE.cons_buf_wpos_correct.
- apply passthrough_correct.
Qed.
Theorem cl_backward_simulation:
cl_backward_simulation_type DConsoleBuffIntro_module mqticketlock dconsolebuffintro.
Proof.
cl_backward_simulation init_correct link_correct_aux.
Qed.
Theorem make_program_exists:
make_program_exist_type DConsoleBuffIntro_module mqticketlock dconsolebuffintro.
Proof.
make_program_exists link_correct_aux.
Qed.
End WITHCOMPCERTIKOS.