-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsmc_rtt_create.v
73 lines (68 loc) · 3.18 KB
/
smc_rtt_create.v
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
Require Import RefProofDeps.
Require Import RData.
Require Import EventReplay.
Require Import MoverTypes.
Require Import Constants.
Require Import CommonLib.
Require Import RefTactics.
Require Import TableWalk.Spec.
Require Import AbsAccessor.Spec.
Require Import TableAux3.Spec.
Require Import TableDataOpsIntro.Specs.table_create.
Require Import TableDataOpsIntro.LowSpecs.table_create.
Require Import TableDataOpsIntro.RefProof.RefRel.
Require Import TableAux.Specs.granule_fill_table.
Local Open Scope string_scope.
Local Open Scope Z_scope.
Local Opaque Z.add Z.mul Z.div Z.shiftl Z.shiftr Z.land Z.lor.
Section Refine.
Hint Unfold
table_walk_lock_unlock_spec
get_wi_g_llt_spec
get_wi_index_spec
is_null_spec
granule_map_spec
pgte_read_spec
entry_is_table_spec
buffer_unmap_spec
granule_unlock_spec
.
Lemma table_create_spec_exists:
forall habd habd' labd g_rd map_addr level g_rtt rtt_addr res
(Hspec: table_create_spec g_rd map_addr level g_rtt rtt_addr habd = Some (habd', res))
(Hlevel: level = (VZ64 2))
(Hrel: relate_RData habd labd),
exists labd', table_create_spec0 g_rd map_addr level g_rtt rtt_addr labd = Some (labd', res) /\ relate_RData habd' labd'.
Proof.
Local Opaque peq ptr_eq fill_table.
intros. destruct level as [level]. inv Hlevel.
destruct Hrel. inv id_rdata. destruct g_rd, g_rtt.
unfold table_create_spec, table_create_spec0 in *. simpl.
unfold table_walk_lock_unlock_spec. simpl in *.
unfold Assertion in *.
rm_bind Hspec; rm_bind'. simpl in *.
repeat simpl_hyp Hspec; extract_prop_dec.
- repeat destruct_con. simpl_query_oracle. simpl in *.
match type of Hcond0 with
| is_gidx ?gidx = true => remember gidx as llt_gidx eqn:Hllt_gidx; symmetry in Hllt_gidx
end.
repeat autounfold in *. simpl in *.
destruct_if. repeat destruct_con. bool_rel; omega.
solve_bool_range. grewrite. repeat solve_table_range.
repeat (try solve_peq; try solve_ptr_eq; simpl). simpl_htarget.
repeat (grewrite; try simpl_htarget; simpl; repeat solve_table_range).
unfold create_table in *. autounfold in *. simpl in *. repeat simpl_hyp Hspec; inversion Hspec; clear Hspec.
+ simpl. clear H0. repeat (grewrite; try simpl_htarget; repeat simpl_field; repeat swap_fields; simpl; repeat solve_table_range).
eexists; split. reflexivity. constructor. rewrite <- Prop0. simpl_field. bool_rel. rewrite C, <- C0. simpl_field.
simpl_htarget. simpl_field. reflexivity.
+ simpl. clear H0. rewrite ZMap.gso. bool_rel.
assert(Hne1: __addr_to_gidx z2 <> llt_gidx). red; intro T; srewrite; omega.
repeat (grewrite; try simpl_htarget; repeat simpl_field; repeat swap_fields; simpl; repeat solve_table_range).
eexists; split. reflexivity. constructor. rewrite <- Prop0. simpl_field.
repeat rewrite (zmap_comm _ _ Hne1). simpl_htarget. rewrite <- C0. simpl_field. reflexivity.
red; intro T; inv T.
- unfold get_wi_g_llt_spec, is_null_spec; simpl. solve_ptr_eq; simpl.
autounfold in *; solve_table_range. inv Hspec. eexists; split. reflexivity. constructor.
reflexivity.
Qed.
End Refine.