Library mcertikos.multicore.semantics.OracleSemImpl
This file provide the semantics for the Asm instructions. Since we introduce paging mechanisms, the semantics of memory load and store are different from Compcert Asm
Require Import Coqlib.
Require Import Maps.
Require Import ASTExtra.
Require Import Integers.
Require Import Floats.
Require Import Values.
Require Import Events.
Require Import Globalenvs.
Require Import Conventions.
Require Import AuxLemma.
Require Import GlobIdent.
Require Import Smallstep.
Require Import CommonTactic.
Require Import Coq.Logic.FunctionalExtensionality.
Require Import AuxFunctions.
Require Import LAsm.
Require Import GlobalOracle.
Require Import liblayers.compat.CompatLayers.
Require Import MBoot.
Require Import RealParams.
Require Import AbstractDataType.
Require Import FlatMemory.
Require Import Decision.
Require Import LAsmModuleSem.
Require Import Soundness.
Require Import CompatExternalCalls.
Require Import LinkTactic.
Require Import I64Layer.
Require Import StencilImpl.
Require Import MakeProgram.
Require Import MakeProgramImpl.
Require Import LAsmModuleSemAux.
Require Import Concurrent_Linking_Lib.
Require Import Concurrent_Linking_Def.
Require Import Concurrent_Linking_Prop.
Require Import HWSemImpl.
Require Import ConcurrentOracle.
Require Import Machregs.
Require Import DeviceStateDataType.
Require Import liblayers.compat.CompatGenSem.
Require Import FutureTactic.
Section ORACLESEM.
Context `{Hmem: Mem.MemoryModelX}.
Context `{Hmwd: UseMemWithData mem}.
Context `{real_params: RealParams}.
Context `{multi_oracle_prop: MultiOracleProp}.
Context `{builtin_idents_norepet_prf: CompCertBuiltins.BuiltinIdentsNorepet}.
Notation LDATA := RData.
Notation LDATAOps := (cdata (cdata_ops := mboot_data_ops) LDATA).
Local Open Scope Z_scope.
Context `{pmap: PartialMap}.
Context `{fair: Fairness}.
Context `{zset_op: ZSet_operation}.
Existing Instance hdseting.
Existing Instance op_reorder.
Context `{mc_oracle: !MCLinkOracle}.
Context `{mc_oracle_cond: !MCLinkOracleCond}.
Section WITH_GE.
Variables (ge: genv) (sten: stencil) (M: module).
Context {Hmakege: make_globalenv (module_ops:= LAsm.module_ops) (mkp_ops:= make_program_ops)
sten M (mboot ⊕ L64) = ret ge}.
Local Obligation Tactic := intros.
Definition hdsem_instance := @hdsem mem memory_model_ops Hmem Hmwd real_params_ops oracle_ops0
oracle_ops big_ops builtin_idents_norepet_prf ge sten M Hmakege.
Definition oracle_step_aux :=
@oracle_step zset_op hdseting op_general hdsem_instance pmap hw_oracle.
Inductive oracle_step_aux_ge : genv → state → trace → state → Prop :=
| oracle_step_aux_ge_intro :
∀ s t s´,
oracle_step_aux s t s´ → oracle_step_aux_ge ge s t s´.
Inductive oracle_initial_state (p: AST.program fundef unit):
(state (hdset := hdseting)) → Prop :=
| initial_oracle_state_intro:
∀ (m0: mwd LDATAOps),
Genv.init_mem p = Some m0 →
let ge := Genv.globalenv p in
let rs0 :=
(Pregmap.init Vundef)
# Asm.PC <- (symbol_offset ge p.(prog_main) Int.zero)
# ESP <- Vzero in
oracle_initial_state p (State current_CPU_ID
(pset current_CPU_ID (LState (Asm.State rs0 m0) true)
(pinit (B := core_set) (LState (Asm.State rs0 m0) false)))
nil).
Definition oracle_final_state (s : state (hdset := hdseting)) (i : int) : Prop :=
False.
Ltac subst_except v :=
repeat match goal with
| [ H: v = _ |- _ ] ⇒ generalize H; clear H
| [ H: _ = v |- _ ] ⇒ generalize H; clear H
end; subst; intros.
Ltac clear_eq v :=
repeat match goal with
| [ H: v = _ |- _ ] ⇒ clear H
| [ H: _ = v |- _ ] ⇒ clear H
end.
Definition oracle_semantics (p: program) :=
Smallstep.Semantics oracle_step_aux_ge (oracle_initial_state p)
oracle_final_state (Genv.globalenv p).
Lemma oracle_semantics_single_events:
∀ p, single_events (oracle_semantics p).
Proof.
intros p s t s´ Hstep; inversion Hstep.
inversion H.
simpl; omega.
simpl; omega.
Qed.
Lemma oracle_semantics_receptive (pl: program):
receptive (oracle_semantics pl).
Proof.
intros; constructor.
- inversion 1.
inversion H0.
+ substx; try solve [inversion 1; substx; eauto].
intros.
inversion H8; substx.
∃ s1.
simpl.
unfold oracle_step_aux.
simpl in H1.
rewrite <- H1.
eapply oracle_step_aux_ge_intro.
unfold oracle_step_aux.
rewrite <- H7.
econstructor; eauto.
+ substx; try solve [inversion 1; substx; eauto].
intros.
inversion H8; substx.
∃ s1.
simpl.
unfold oracle_step_aux.
simpl in H1.
rewrite <- H1.
eapply oracle_step_aux_ge_intro.
unfold oracle_step_aux.
rewrite <- H7.
econstructor; eauto.
- eapply oracle_semantics_single_events.
Qed.
Lemma oracle_semantics_determinate (pl: program):
determinate (oracle_semantics pl).
Proof.
econstructor.
- simpl in ×.
intros s t1 s1 t2 s2 Hs1 Hs2.
inversion Hs1; inversion Hs2; subst_except ge; clear Hs1 Hs2.
rename H into Hs1, H4 into Hs2; unfold oracle_step_aux in ×.
assert (t1 = E0 ∧ t2 = E0 ∧ s1 = s2) as Hs.
{
eapply oracle_step_determ.
+ exact Hs1.
+ exact Hs2.
}
destruct Hs as (Ht1 & Ht2 & Hs).
split; eauto.
rewrite Ht1, Ht2.
constructor.
- eapply oracle_semantics_single_events.
- intros.
simpl in ×.
inv H; inv H0.
unfold ge0, rs0, ge1, rs1.
simpl in ×.
rewrite H1 in H; inv H.
eauto.
- intros; simpl in ×.
inv H.
- intros.
simpl in ×.
inv H.
Qed.
End WITH_GE.
End ORACLESEM.
Require Import Maps.
Require Import ASTExtra.
Require Import Integers.
Require Import Floats.
Require Import Values.
Require Import Events.
Require Import Globalenvs.
Require Import Conventions.
Require Import AuxLemma.
Require Import GlobIdent.
Require Import Smallstep.
Require Import CommonTactic.
Require Import Coq.Logic.FunctionalExtensionality.
Require Import AuxFunctions.
Require Import LAsm.
Require Import GlobalOracle.
Require Import liblayers.compat.CompatLayers.
Require Import MBoot.
Require Import RealParams.
Require Import AbstractDataType.
Require Import FlatMemory.
Require Import Decision.
Require Import LAsmModuleSem.
Require Import Soundness.
Require Import CompatExternalCalls.
Require Import LinkTactic.
Require Import I64Layer.
Require Import StencilImpl.
Require Import MakeProgram.
Require Import MakeProgramImpl.
Require Import LAsmModuleSemAux.
Require Import Concurrent_Linking_Lib.
Require Import Concurrent_Linking_Def.
Require Import Concurrent_Linking_Prop.
Require Import HWSemImpl.
Require Import ConcurrentOracle.
Require Import Machregs.
Require Import DeviceStateDataType.
Require Import liblayers.compat.CompatGenSem.
Require Import FutureTactic.
Section ORACLESEM.
Context `{Hmem: Mem.MemoryModelX}.
Context `{Hmwd: UseMemWithData mem}.
Context `{real_params: RealParams}.
Context `{multi_oracle_prop: MultiOracleProp}.
Context `{builtin_idents_norepet_prf: CompCertBuiltins.BuiltinIdentsNorepet}.
Notation LDATA := RData.
Notation LDATAOps := (cdata (cdata_ops := mboot_data_ops) LDATA).
Local Open Scope Z_scope.
Context `{pmap: PartialMap}.
Context `{fair: Fairness}.
Context `{zset_op: ZSet_operation}.
Existing Instance hdseting.
Existing Instance op_reorder.
Context `{mc_oracle: !MCLinkOracle}.
Context `{mc_oracle_cond: !MCLinkOracleCond}.
Section WITH_GE.
Variables (ge: genv) (sten: stencil) (M: module).
Context {Hmakege: make_globalenv (module_ops:= LAsm.module_ops) (mkp_ops:= make_program_ops)
sten M (mboot ⊕ L64) = ret ge}.
Local Obligation Tactic := intros.
Definition hdsem_instance := @hdsem mem memory_model_ops Hmem Hmwd real_params_ops oracle_ops0
oracle_ops big_ops builtin_idents_norepet_prf ge sten M Hmakege.
Definition oracle_step_aux :=
@oracle_step zset_op hdseting op_general hdsem_instance pmap hw_oracle.
Inductive oracle_step_aux_ge : genv → state → trace → state → Prop :=
| oracle_step_aux_ge_intro :
∀ s t s´,
oracle_step_aux s t s´ → oracle_step_aux_ge ge s t s´.
Inductive oracle_initial_state (p: AST.program fundef unit):
(state (hdset := hdseting)) → Prop :=
| initial_oracle_state_intro:
∀ (m0: mwd LDATAOps),
Genv.init_mem p = Some m0 →
let ge := Genv.globalenv p in
let rs0 :=
(Pregmap.init Vundef)
# Asm.PC <- (symbol_offset ge p.(prog_main) Int.zero)
# ESP <- Vzero in
oracle_initial_state p (State current_CPU_ID
(pset current_CPU_ID (LState (Asm.State rs0 m0) true)
(pinit (B := core_set) (LState (Asm.State rs0 m0) false)))
nil).
Definition oracle_final_state (s : state (hdset := hdseting)) (i : int) : Prop :=
False.
Ltac subst_except v :=
repeat match goal with
| [ H: v = _ |- _ ] ⇒ generalize H; clear H
| [ H: _ = v |- _ ] ⇒ generalize H; clear H
end; subst; intros.
Ltac clear_eq v :=
repeat match goal with
| [ H: v = _ |- _ ] ⇒ clear H
| [ H: _ = v |- _ ] ⇒ clear H
end.
Definition oracle_semantics (p: program) :=
Smallstep.Semantics oracle_step_aux_ge (oracle_initial_state p)
oracle_final_state (Genv.globalenv p).
Lemma oracle_semantics_single_events:
∀ p, single_events (oracle_semantics p).
Proof.
intros p s t s´ Hstep; inversion Hstep.
inversion H.
simpl; omega.
simpl; omega.
Qed.
Lemma oracle_semantics_receptive (pl: program):
receptive (oracle_semantics pl).
Proof.
intros; constructor.
- inversion 1.
inversion H0.
+ substx; try solve [inversion 1; substx; eauto].
intros.
inversion H8; substx.
∃ s1.
simpl.
unfold oracle_step_aux.
simpl in H1.
rewrite <- H1.
eapply oracle_step_aux_ge_intro.
unfold oracle_step_aux.
rewrite <- H7.
econstructor; eauto.
+ substx; try solve [inversion 1; substx; eauto].
intros.
inversion H8; substx.
∃ s1.
simpl.
unfold oracle_step_aux.
simpl in H1.
rewrite <- H1.
eapply oracle_step_aux_ge_intro.
unfold oracle_step_aux.
rewrite <- H7.
econstructor; eauto.
- eapply oracle_semantics_single_events.
Qed.
Lemma oracle_semantics_determinate (pl: program):
determinate (oracle_semantics pl).
Proof.
econstructor.
- simpl in ×.
intros s t1 s1 t2 s2 Hs1 Hs2.
inversion Hs1; inversion Hs2; subst_except ge; clear Hs1 Hs2.
rename H into Hs1, H4 into Hs2; unfold oracle_step_aux in ×.
assert (t1 = E0 ∧ t2 = E0 ∧ s1 = s2) as Hs.
{
eapply oracle_step_determ.
+ exact Hs1.
+ exact Hs2.
}
destruct Hs as (Ht1 & Ht2 & Hs).
split; eauto.
rewrite Ht1, Ht2.
constructor.
- eapply oracle_semantics_single_events.
- intros.
simpl in ×.
inv H; inv H0.
unfold ge0, rs0, ge1, rs1.
simpl in ×.
rewrite H1 in H; inv H.
eauto.
- intros; simpl in ×.
inv H.
- intros.
simpl in ×.
inv H.
Qed.
End WITH_GE.
End ORACLESEM.