From 2a4ac5a1ec11cb26c1adae708c5d25305feacab2 Mon Sep 17 00:00:00 2001 From: Andrew Appel Date: Tue, 1 Jul 2025 14:14:07 -0400 Subject: [PATCH 01/11] Fix deprecations for Rocq 9 --- Makefile | 2 +- aes/list_utils.v | 2 +- atomics/SC_atomics_base.v | 2 +- atomics/verif_hashtable1.v | 2 +- compcert/VERSION | 2 +- compcert_new/common/Memdata.v | 2 +- concurrency/cancelable_invariants.v | 2 +- concurrency/ghosts.v | 6 +- concurrency/juicy/invariant_machine.v | 4 +- concurrency/juicy/join_lemmas.v | 4 +- concurrency/juicy/juicy_machine.v | 4 +- concurrency/memory_lemmas.v | 2 +- concurrency/sc_drf/executions.v | 8 +-- concurrency/sc_drf/spinlocks.v | 66 +++++++++---------- concurrency/threads.v | 2 +- examples/lam_ref/lam_ref_type_lemmas.v | 6 +- examples/rnd_hoare/random_oracle.v | 2 +- floyd/Clightnotations.v | 2 +- floyd/Component.v | 2 +- floyd/PTops.v | 2 +- floyd/align_compatible_dec.v | 19 ++++++ floyd/assert_lemmas.v | 4 +- floyd/call_lemmas.v | 2 +- floyd/canon.v | 12 ++-- floyd/client_lemmas.v | 10 +-- floyd/compact_prod_sum.v | 2 +- floyd/computable_theorems.v | 5 +- floyd/coqlib3.v | 9 ++- floyd/data_at_lemmas.v | 2 +- floyd/entailer.v | 6 +- floyd/field_at.v | 2 +- floyd/field_compat.v | 4 +- floyd/find_nth_tactic.v | 3 +- floyd/finish.v | 2 + floyd/forward.v | 20 +++--- floyd/freezer.v | 2 +- floyd/functional_base.v | 6 +- floyd/globals_lemmas.v | 12 ++-- floyd/jmeq_lemmas.v | 6 +- floyd/mapsto_memory_block.v | 6 +- floyd/proofauto.v | 2 +- floyd/replace_refill_reptype_lemmas.v | 2 +- floyd/seplog_tactics.v | 2 +- floyd/stronger.v | 4 +- hmacdrbg/HMAC_DRBG_nonadaptive.v | 6 +- hmacdrbg/HMAC_DRBG_pure_lemmas.v | 2 +- hmacdrbg/entropy_lemmas.v | 2 +- mailbox/atomic_exchange.v | 2 +- mailbox/mailbox.v | 2 +- mailbox/verif_atomic_exchange.v | 2 +- mailbox/verif_lockfree_linsearch.v | 2 +- mailbox/verif_mailbox_bad_write.v | 4 +- mailbox/verif_mailbox_specs.v | 2 +- mailbox/verif_mailbox_write.v | 4 +- mc_reify/verif_sha_bdo7.v | 2 +- msl/Axioms.v | 4 +- msl/Extensionality.v | 4 +- msl/age_to.v | 2 +- msl/ageable.v | 4 +- msl/base.v | 6 +- msl/boolean_alg.v | 2 +- msl/ghost_seplog.v | 2 +- msl/iter_sepcon.v | 8 +-- msl/knot.v | 2 +- msl/knot_full_variant.v | 2 +- msl/log_normalize.v | 11 ++-- msl/msl_classical.v | 2 +- msl/predicates_rec.v | 4 +- msl/predicates_sa.v | 4 +- msl/sepalg_list.v | 2 +- msl/subtypes.v | 2 +- msl/tree_shares.v | 3 +- progs/append.v | 2 +- progs/bin_search.v | 2 +- progs/bst.v | 2 +- progs/bst_oo.v | 2 +- progs/cast_test.v | 2 +- progs/conc_queue_specs.v | 2 +- progs/cond.v | 2 +- progs/dotprod.v | 2 +- progs/dry_mem_lemmas.v | 2 +- progs/even.v | 2 +- progs/fib.v | 2 +- progs/field_loadstore.v | 2 +- progs/float.v | 2 +- progs/floyd_tests.v | 2 +- progs/funcptr.v | 2 +- progs/global.v | 2 +- progs/incr.v | 2 +- progs/incr2.v | 2 +- progs/incrN.v | 2 +- progs/insertionsort.v | 2 +- progs/int_or_ptr.v | 2 +- progs/io.v | 2 +- progs/io_mem.v | 2 +- progs/io_mem_dry.v | 2 +- progs/io_os_connection.v | 42 ++++++------ progs/libglob.v | 2 +- progs/load_demo.v | 2 +- progs/logical_compare.v | 2 +- progs/loop_minus1.v | 2 +- progs/merge.v | 2 +- progs/message.v | 2 +- progs/min.v | 2 +- progs/min64.v | 2 +- progs/mmap_dry.v | 2 +- progs/nest2.v | 2 +- progs/nest3.v | 2 +- progs/object.v | 2 +- progs/objectSelf.v | 2 +- progs/objectSelfFancy.v | 2 +- progs/objectSelfFancyOverriding.v | 2 +- progs/odd.v | 2 +- progs/peel.v | 2 +- progs/printf.v | 2 +- progs/ptr_compare.v | 2 +- progs/queue.v | 2 +- progs/queue2.v | 2 +- progs/revarray.v | 2 +- progs/reverse.v | 2 +- progs/reverse_client.v | 2 +- progs/rotate.v | 2 +- progs/stackframe_demo.v | 2 +- progs/store_demo.v | 2 +- progs/string.v | 2 +- progs/strlib.v | 2 +- progs/structcopy.v | 2 +- progs/sumarray.v | 2 +- progs/sumarray2.v | 2 +- progs/switch.v | 2 +- progs/tree.v | 2 +- progs/union.v | 2 +- progs/verif_btree.v | 26 ++++---- progs/verif_cond_queue.v | 6 +- progs/verif_queue_ex.v | 4 +- progs64/VSUpile/apile.v | 2 +- progs64/VSUpile/fast/fastapile.v | 2 +- progs64/VSUpile/fast/fastpile.v | 2 +- progs64/VSUpile/main.v | 2 +- progs64/VSUpile/onepile.v | 2 +- progs64/VSUpile/pile.v | 2 +- progs64/VSUpile/stdlib.v | 2 +- progs64/VSUpile/triang.v | 2 +- progs64/append.v | 2 +- progs64/bin_search.v | 2 +- progs64/bst.v | 2 +- progs64/dry_mem_lemmas.v | 2 +- progs64/field_loadstore.v | 2 +- progs64/float.v | 2 +- progs64/fptr_cmp.v | 2 +- progs64/global.v | 2 +- progs64/incr.v | 2 +- progs64/incrN.v | 2 +- progs64/io.v | 2 +- progs64/io_combine.v | 2 +- progs64/io_mem.v | 2 +- progs64/io_mem_dry.v | 2 +- progs64/io_os_connection.v | 55 ++++++++-------- progs64/io_os_specs.v | 3 +- progs64/logical_compare.v | 2 +- progs64/message.v | 2 +- progs64/min.v | 2 +- progs64/min64.v | 2 +- progs64/nest2.v | 2 +- progs64/nest3.v | 2 +- progs64/object.v | 2 +- progs64/os_combine.v | 2 +- progs64/printf.v | 2 +- progs64/ptr_cmp.v | 2 +- progs64/revarray.v | 2 +- progs64/reverse.v | 2 +- progs64/shift.v | 2 +- progs64/strlib.v | 2 +- progs64/sumarray.v | 2 +- progs64/switch.v | 2 +- progs64/union.v | 2 +- progs64/verif_min.v | 4 +- progs64/verif_min64.v | 4 +- progs64/verif_switch.v | 2 +- progs64/verif_union.v | 4 +- sepcomp/Address.v | 2 +- sepcomp/event_semantics.v | 6 +- sepcomp/extspec.v | 2 +- sepcomp/mem_lemmas.v | 2 +- sepcomp/step_lemmas.v | 2 +- sepcomp/submit_shmem/effect_properties.v | 4 +- sha/ByteBitRelations.v | 4 +- sha/HMAC256_equivalence.v | 6 +- sha/HMAC256_spec_list.v | 20 +++--- sha/HMAC256_spec_pad.v | 4 +- sha/HMAC_common_defs.v | 10 +-- sha/HMAC_equivalence.v | 2 +- sha/HMAC_spec_list.v | 2 +- sha/HMAC_spec_pad.v | 4 +- sha/SHA256.v | 4 +- sha/ShaInstantiation.v | 14 ++-- sha/functional_prog.v | 28 ++++---- sha/hkdf.v | 2 +- sha/hmac.v | 2 +- sha/hmac_common_lemmas.v | 6 +- sha/hmac_pure_lemmas.v | 6 +- sha/pure_lemmas.v | 10 +-- sha/sha.v | 2 +- sha/sha_lemmas.v | 2 +- sha/sha_padding_lemmas.v | 6 +- sha/verif_hmac_init.v | 4 +- sha/verif_hmac_init_part2.v | 4 +- sha/verif_sha_bdo7.v | 2 +- tweetnacl20140427/split_array_lemmas.v | 24 +++---- tweetnacl20140427/tweetNaclBase.v | 4 +- .../verif_crypto_stream_salsa20_xor.v | 4 +- tweetnacl20140427/verif_salsa_base.v | 10 +-- util/make_version | 2 +- veric/Clight_base.v | 2 +- veric/Clight_evsem.v | 2 +- veric/Clight_initial_world.v | 12 ++-- veric/Cop2.v | 4 +- veric/Memory.v | 9 +-- veric/SeparationLogic.v | 16 ++--- veric/align_mem.v | 6 +- veric/base.v | 3 +- veric/composite_compute.v | 6 +- veric/coqlib4.v | 10 ++- veric/expr_lemmas.v | 2 +- veric/expr_lemmas3.v | 6 +- veric/initial_world.v | 28 ++++---- veric/initialize.v | 35 +++++----- veric/invariants.v | 66 +++++++++---------- veric/local.v | 2 +- veric/own.v | 12 ++-- veric/semax_call.v | 4 +- veric/semax_ext.v | 2 +- veric/semax_ext_oracle.v | 2 +- veric/semax_prog.v | 6 +- veric/superprecise.v | 6 +- veric/val_lemmas.v | 4 +- veristar/clause_universe.v | 2 +- veristar/redblack.v | 2 +- zlist/Zlength_solver.v | 6 +- zlist/list_solver.v | 11 ++-- zlist/sublist.v | 48 +++++++------- 241 files changed, 611 insertions(+), 617 deletions(-) diff --git a/Makefile b/Makefile index 97f109bcd1..3292545800 100644 --- a/Makefile +++ b/Makefile @@ -21,7 +21,7 @@ COQLIB=$(shell $(COQC) -where | tr -d '\r' | tr '\\' '/') # Check Coq version -COQVERSION= 8.19.1 or-else 8.19.2 or-else 8.20.0 or-else 8.20.1 +COQVERSION= 8.19.1 or-else 8.19.2 or-else 8.20.0 or-else 8.20.1 or-else 9.2+alpha COQV=$(shell $(COQC) -v) ifneq ($(IGNORECOQVERSION),true) diff --git a/aes/list_utils.v b/aes/list_utils.v index 5270bf5a7e..ad4246fd73 100644 --- a/aes/list_utils.v +++ b/aes/list_utils.v @@ -37,7 +37,7 @@ Qed. Lemma repeat_op_table_nat_length: forall {T: Type} (i: nat) (x: T) (f: T -> T), length (repeat_op_table_nat i x f) = i. Proof. - intros. induction i. reflexivity. simpl. rewrite app_length. simpl. + intros. induction i. reflexivity. simpl. rewrite length_app. simpl. rewrite IHi. lia. Qed. diff --git a/atomics/SC_atomics_base.v b/atomics/SC_atomics_base.v index 9fa58eb41b..740ed8512b 100644 --- a/atomics/SC_atomics_base.v +++ b/atomics/SC_atomics_base.v @@ -1,6 +1,6 @@ (* SC atomics without importing Iris *) -Require Import Ensembles. +From Stdlib Require Import Ensembles. Require Import VST.veric.rmaps. Require Import VST.veric.compcert_rmaps. Require Import VST.concurrency.ghosts. diff --git a/atomics/verif_hashtable1.v b/atomics/verif_hashtable1.v index f58f4095d9..b93ad271cb 100644 --- a/atomics/verif_hashtable1.v +++ b/atomics/verif_hashtable1.v @@ -1098,7 +1098,7 @@ Proof. rewrite Z2Nat.inj_add, repeat_plus by omega; simpl. rewrite !combine_app, map_app, sepcon_app; simpl. unfold atomic_entry, atomic_loc_hist; entailer!. - { rewrite combine_length, repeat_length, Zlength_correct, Nat2Z.id, Nat.min_l; auto. + { rewrite length_combine, repeat_length, Zlength_correct, Nat2Z.id, Nat.min_l; auto. apply Nat2Z.inj_le; rewrite <- !Zlength_correct; omega. } { apply Nat2Z.inj; rewrite <- !Zlength_correct; omega. } - Intros entries ghosts. diff --git a/compcert/VERSION b/compcert/VERSION index a814d7d20c..cb085aaedb 100644 --- a/compcert/VERSION +++ b/compcert/VERSION @@ -1,4 +1,4 @@ -version=3.15 +version=3.16 buildnr= tag= branch= diff --git a/compcert_new/common/Memdata.v b/compcert_new/common/Memdata.v index 7144d72c37..88c7d9f8cd 100644 --- a/compcert_new/common/Memdata.v +++ b/compcert_new/common/Memdata.v @@ -196,7 +196,7 @@ Lemma rev_if_be_length: forall l, length (rev_if_be l) = length l. Proof. intros; unfold rev_if_be; destruct Archi.big_endian. - apply List.rev_length. + apply List.length_rev. auto. Qed. diff --git a/concurrency/cancelable_invariants.v b/concurrency/cancelable_invariants.v index fe77a0c81d..c1e2ea89e6 100644 --- a/concurrency/cancelable_invariants.v +++ b/concurrency/cancelable_invariants.v @@ -1,5 +1,5 @@ (* recapitulate iris/base_logic/lib/cancelable_invariants.v *) -Require Import Ensembles. +From Stdlib Require Import Ensembles. Require Import VST.msl.shares. Require Import VST.veric.shares. Require Import VST.msl.ghost. diff --git a/concurrency/ghosts.v b/concurrency/ghosts.v index 5152e2e17f..b3631aa89b 100644 --- a/concurrency/ghosts.v +++ b/concurrency/ghosts.v @@ -1356,7 +1356,7 @@ Proof. - if_tac. + subst; rewrite nth_error_app2, Nat.sub_diag; auto. + intro X; apply H; rewrite nth_error_app1 in X; auto. - assert (t < length (l ++ [e]))%nat; [|rewrite app_length in *; simpl in *; lia]. + assert (t < length (l ++ [e]))%nat; [|rewrite length_app in *; simpl in *; lia]. rewrite <- nth_error_Some, X; discriminate. Qed. @@ -1527,7 +1527,7 @@ Proof. + pose proof (hist_list_lt _ _ Hl) as Hn. intro t; specialize (Hn t). subst h0; simpl; if_tac; [contradiction|]. - intro X; specialize (Hn X); rewrite app_length in Hn; simpl in Hn; lia. + intro X; specialize (Hn X); rewrite length_app in Hn; simpl in Hn; lia. + apply IHl. intros t e; specialize (Hl t e). subst h0; simpl; if_tac. @@ -1537,7 +1537,7 @@ Proof. { erewrite nth_error_app1 by auto; reflexivity. } split; intro X. -- assert (t < length (l ++ [x]))%nat by (rewrite <- nth_error_Some, X; discriminate); - rewrite app_length in *; simpl in *; lia. + rewrite length_app in *; simpl in *; lia. -- assert (t < length l)%nat by (rewrite <- nth_error_Some, X; discriminate); contradiction. + unfold map_upd; subst h0; simpl. extensionality k'; if_tac; subst; auto. diff --git a/concurrency/juicy/invariant_machine.v b/concurrency/juicy/invariant_machine.v index f0da91455e..52b8aa94ed 100644 --- a/concurrency/juicy/invariant_machine.v +++ b/concurrency/juicy/invariant_machine.v @@ -135,7 +135,7 @@ Module InvMachine. Lemma length_enum n : List.length (enums_equality.enum n) = n. Proof. unfold enums_equality.enum. - rewrite Coq.Lists.List.rev_length. + rewrite Stdlib.Lists.List.length_rev. apply length_enum_from. Qed. @@ -197,7 +197,7 @@ Module InvMachine. apply unlift_m_inv in Heq; auto. { repeat match goal with |-context[nth_error ?l ?i] => destruct (nth_error_None l i) as [_ H]; - erewrite H by (rewrite rev_length length_enum_from; omega); clear H end; auto. } + erewrite H by (rewrite length_rev length_enum_from; omega); clear H end; auto. } - unfold ordinal_pos_incr; simpl. replace (introT _ _) with (pos_incr_lt (num_threads tp)) by apply proof_irr. rewrite unlift_none; auto. diff --git a/concurrency/juicy/join_lemmas.v b/concurrency/juicy/join_lemmas.v index c459c31c16..c15993fedf 100644 --- a/concurrency/juicy/join_lemmas.v +++ b/concurrency/juicy/join_lemmas.v @@ -282,11 +282,11 @@ Proof. destruct (eq_dec i (List.length l)). + subst i. simpl. replace (List.length l - 0 - List.length l)%nat with O by omega. simpl. - apply upd_last. symmetry. apply List.rev_length. + apply upd_last. symmetry. apply List.length_rev. + simpl in li. assert (U : (i < List.length l)%nat) by omega. pose proof U as Hi. - rewrite <- List.rev_length in U. + rewrite <- List.length_rev in U. rewrite <-(upd_lt _ x) in U. destruct (upd i x (rev l)) as [o|] eqn:Eo. 2:tauto. clear U. specialize (IHl i Hi). diff --git a/concurrency/juicy/juicy_machine.v b/concurrency/juicy/juicy_machine.v index 3b1ffbe957..2e5af7ca8e 100644 --- a/concurrency/juicy/juicy_machine.v +++ b/concurrency/juicy/juicy_machine.v @@ -136,7 +136,7 @@ Module Concur. Lemma length_enum n : List.length (enums_equality.enum n) = n. Proof. unfold enums_equality.enum. - rewrite Coq.Lists.List.rev_length. + rewrite Stdlib.Lists.List.length_rev. apply length_enum_from. Qed. @@ -198,7 +198,7 @@ Module Concur. apply unlift_m_inv in Heq; auto. { repeat match goal with |-context[nth_error ?l ?i] => destruct (nth_error_None l i) as [_ H]; - erewrite H by (rewrite rev_length length_enum_from; omega); clear H end; auto. } + erewrite H by (rewrite length_rev length_enum_from; omega); clear H end; auto. } - unfold ordinal_pos_incr; simpl. replace (introT _ _) with (pos_incr_lt (num_threads tp)) by apply proof_irr. rewrite unlift_none; auto. diff --git a/concurrency/memory_lemmas.v b/concurrency/memory_lemmas.v index 881ab3e3d2..7055ab9614 100644 --- a/concurrency/memory_lemmas.v +++ b/concurrency/memory_lemmas.v @@ -387,7 +387,7 @@ Module MemoryLemmas. rewrite List.app_nth2. rewrite NPeano.Nat.sub_diag. reflexivity. omega. - + rewrite List.app_length in H. + + rewrite List.length_app in H. simpl in H. rewrite NPeano.Nat.add_1_r in H. simpl in H. diff --git a/concurrency/sc_drf/executions.v b/concurrency/sc_drf/executions.v index db4cd9ad42..0b70601fb9 100644 --- a/concurrency/sc_drf/executions.v +++ b/concurrency/sc_drf/executions.v @@ -261,7 +261,7 @@ Module Executions. rewrite <- app_assoc. rewrite <- app_assoc in Hexec'''. split. eauto. - rewrite app_length. + rewrite length_app. rewrite Hnth. ssromega. Qed. @@ -320,9 +320,9 @@ Module Executions. rewrite <- app_assoc. rewrite <- app_assoc in Hexec'''. split. eauto. - do 2 rewrite app_length. + do 2 rewrite length_app. rewrite <- plus_assoc. - rewrite app_length in Hnth. + rewrite length_app in Hnth. rewrite Hnth. ssromega. Qed. @@ -411,7 +411,7 @@ Module Executions. inversion H2. assert (length U = length ((U' ++ (n :: U))%list)) by (erewrite <- H7; reflexivity). - rewrite app_length in H5. clear - H5. + rewrite length_app in H5. clear - H5. simpl in H5. ssromega. + subst. eapply IHU with (U' := (U' ++ [:: a])). diff --git a/concurrency/sc_drf/spinlocks.v b/concurrency/sc_drf/spinlocks.v index f4f3cc51fc..7a34978301 100644 --- a/concurrency/sc_drf/spinlocks.v +++ b/concurrency/sc_drf/spinlocks.v @@ -324,7 +324,7 @@ Module SpinLocks. Some evj). { rewrite <- nth_error_app2. rewrite <- app_assoc. assumption. - rewrite app_length. simpl. ssromega. + rewrite length_app. simpl. ssromega. } eapply multi_step_inv with (ev := evj) in Hexec'; eauto. destruct Hexec' as (Uj' & Uj'' & tpj'' & mj'' & trj'' & pre_j & post_j & @@ -350,13 +350,13 @@ Module SpinLocks. } destruct H as [trj''' H]. subst. - do 2 rewrite app_length in Hsizej. + do 2 rewrite length_app in Hsizej. simpl in Hsizej. eapply (Hfreelock (length (tr'' ++ [:: external tidi (mklock a)]) + u)). apply/andP. split. - rewrite app_length. simpl. + rewrite length_app. simpl. ssromega. - rewrite app_length. + rewrite length_app. simpl. (** u is smaller than length of trj''*) assert (Hu: (u < length trj'')%coq_nat) @@ -1322,13 +1322,13 @@ Module SpinLocks. split. simpl. - apply/andP. split. - + rewrite! app_length. + + rewrite! length_app. clear - Horder. simpl. move/andP:Horder => [Hle ?]. - rewrite app_length in Hle. + rewrite length_app in Hle. now ssromega. + clear - Hj_not_in_tr. - erewrite! app_length in *. + erewrite! length_app in *. simpl in *. ssromega. - split. @@ -1354,12 +1354,12 @@ Module SpinLocks. by (repeat rewrite <- app_assoc; reflexivity). apply app_inv_head in Heq. subst. eapply (Hmaximal (length (tr0 ++ pre_k ++ [:: evk] ++ post_k ++ tr_pre_u)%list) evu). - - rewrite! app_length. + - rewrite! length_app. apply/andP. split. + simpl. ssromega. + clear - Hj_not_in_tr. - rewrite! app_length in Hj_not_in_tr. + rewrite! length_app in Hj_not_in_tr. simpl in *. ssromega. - rewrite! app_assoc. @@ -1406,12 +1406,12 @@ Module SpinLocks. by (repeat rewrite <- app_assoc; reflexivity). apply app_inv_head in Heq. subst. eapply (Hmaximal (length (tr0 ++ pre_k ++ [:: evk] ++ post_k ++ tr_pre_u)%list) evu). - - rewrite! app_length. + - rewrite! length_app. apply/andP. split. + simpl. ssromega. + clear - Hj_not_in_tr. - rewrite! app_length in Hj_not_in_tr. + rewrite! length_app in Hj_not_in_tr. simpl in *. ssromega. - rewrite! app_assoc. @@ -1497,11 +1497,11 @@ Module SpinLocks. repeat split; auto. + clear - Horder. erewrite! app_assoc. - erewrite! app_length in *. + erewrite! length_app in *. now ssromega. + clear - Hj_not_in_tr Hev. erewrite! app_assoc in *. - erewrite! app_length in *. + erewrite! length_app in *. erewrite <- Nat.le_ngt in Hj_not_in_tr. pose proof ((nth_error_Some tr''0 v).1 ltac:(intros Hcontra; congruence)). simpl in *. @@ -1560,11 +1560,11 @@ Module SpinLocks. repeat split; auto. * clear - Horder. erewrite! app_assoc. - erewrite! app_length in *. + erewrite! length_app in *. now ssromega. * clear - Hj_not_in_tr Hv. erewrite! app_assoc in *. - erewrite! app_length in *. + erewrite! length_app in *. erewrite <- Nat.le_ngt in Hj_not_in_tr. pose proof ((nth_error_Some tr_pre_fl v).1 ltac:(intros Hcontra; congruence)). simpl in *. @@ -1629,13 +1629,13 @@ Module SpinLocks. repeat split; auto. + clear - Horder Hev Hj_not_in_tr. erewrite! app_assoc in *. - erewrite! app_length in *. + erewrite! length_app in *. erewrite <- Nat.le_ngt in Hj_not_in_tr. pose proof ((nth_error_Some tr'' v).1 ltac:(intros Hcontra; congruence)). simpl in *. now ssromega. + clear - Hj_not_in_tr Hev. erewrite! app_assoc in *. - erewrite! app_length in *. + erewrite! length_app in *. erewrite <- Nat.le_ngt in Hj_not_in_tr. pose proof ((nth_error_Some tr'' v).1 ltac:(intros Hcontra; congruence)). simpl in *. @@ -1692,14 +1692,14 @@ Module SpinLocks. * clear - Horder Hj_not_in_tr Hv. rewrite cats0 in Horder. erewrite! app_assoc in *. - erewrite! app_length in *. + erewrite! length_app in *. erewrite <- Nat.le_ngt in Hj_not_in_tr. pose proof ((nth_error_Some tr_pre_fl v).1 ltac:(intros Hcontra; congruence)). simpl in *. now ssromega. * clear - Hj_not_in_tr Hv. erewrite! app_assoc in *. - erewrite! app_length in *. + erewrite! length_app in *. erewrite <- Nat.le_ngt in Hj_not_in_tr. pose proof ((nth_error_Some tr_pre_fl v).1 ltac:(intros Hcontra; congruence)). simpl in *. @@ -1775,7 +1775,7 @@ Module SpinLocks. repeat split. + clear - Hj_not_in_tr Horder. erewrite! app_assoc in *. - erewrite! app_length in *. + erewrite! length_app in *. simpl. apply/andP. split. @@ -1821,7 +1821,7 @@ Module SpinLocks. (length ((((tr0 ++ pre_k) ++ [:: evk]) ++ post_k) ++ tr_pre_v)%list) evk evv). simpl in Hsynchronized. - destruct (Hsynchronized ltac:(clear; erewrite! app_length in *; ssromega) + destruct (Hsynchronized ltac:(clear; erewrite! length_app in *; ssromega) ltac:(clear; do 4 rewrite <- app_assoc; rewrite <- addn0; rewrite <- nth_error_app; reflexivity) @@ -1837,12 +1837,12 @@ Module SpinLocks. repeat split; auto. * clear - Horderra Horderra' Horder. rewrite! app_assoc_reverse in Horderra'. - erewrite! app_length in *. + erewrite! length_app in *. apply/andP. split; now ssromega. * clear - Horderra Horderra' Horder Hj_not_in_tr. rewrite! app_assoc_reverse in Horderra'. - erewrite! app_length in *. + erewrite! length_app in *. ssromega. * eapply nth_error_app_inv; eassumption. @@ -1854,7 +1854,7 @@ Module SpinLocks. repeat split; auto. * clear - Horders Horder Hj_not_in_tr. erewrite! app_assoc_reverse in *. - erewrite! app_length in *. + erewrite! length_app in *. ssromega. * eapply nth_error_app_inv; now eauto. @@ -1891,7 +1891,7 @@ Module SpinLocks. (length ((((tr0 ++ pre_k) ++ [:: evk]) ++ post_k) ++ tr_pre_v)%list) evk evv). simpl in Hsynchronized. - destruct (Hsynchronized ltac:(clear; erewrite! app_length in *; ssromega) + destruct (Hsynchronized ltac:(clear; erewrite! length_app in *; ssromega) ltac:(clear; do 4 rewrite <- app_assoc; rewrite <- addn0; rewrite <- nth_error_app; reflexivity) @@ -1907,12 +1907,12 @@ Module SpinLocks. repeat split; auto. * clear - Horderra Horderra' Horder. rewrite! app_assoc_reverse in Horderra'. - erewrite! app_length in *. + erewrite! length_app in *. apply/andP. split; now ssromega. * clear - Horderra Horderra' Horder Hj_not_in_tr. rewrite! app_assoc_reverse in Horderra'. - erewrite! app_length in *. + erewrite! length_app in *. ssromega. * eapply nth_error_app_inv; eassumption. @@ -1924,7 +1924,7 @@ Module SpinLocks. repeat split; auto. * clear - Horders Horder Hj_not_in_tr. erewrite! app_assoc_reverse in *. - erewrite! app_length in *. + erewrite! length_app in *. ssromega. * eapply nth_error_app_inv; now eauto. @@ -1970,7 +1970,7 @@ Module SpinLocks. repeat split. * clear - Hu Hj_not_in_tr Horder. erewrite! app_assoc in *. - erewrite! app_length in *. + erewrite! length_app in *. simpl in *. apply/andP. move/andP:Horder=>[? ?]. @@ -1980,7 +1980,7 @@ Module SpinLocks. now ssromega. * clear - Hj_not_in_tr. erewrite! app_assoc in *; - erewrite! app_length in *. + erewrite! length_app in *. erewrite <- Nat.le_ngt in Hj_not_in_tr. simpl in *. now ssromega. * do 3 rewrite <- app_assoc. @@ -2029,7 +2029,7 @@ Module SpinLocks. repeat split. * clear - Hu Hj_not_in_tr Horder. erewrite! app_assoc in *. - erewrite! app_length in *. + erewrite! length_app in *. simpl in *. apply/andP. move/andP:Horder=>[? ?]. @@ -2039,7 +2039,7 @@ Module SpinLocks. now ssromega. * clear - Hj_not_in_tr. erewrite! app_assoc in *; - erewrite! app_length in *. + erewrite! length_app in *. erewrite <- Nat.le_ngt in Hj_not_in_tr. simpl in *. now ssromega. * rewrite! app_assoc. @@ -2072,7 +2072,7 @@ Module SpinLocks. repeat split. + clear - Hj_not_in_tr Horder. erewrite! app_assoc in *. - erewrite! app_length in *. + erewrite! length_app in *. simpl. apply/andP. split. diff --git a/concurrency/threads.v b/concurrency/threads.v index 1761c83967..facaef92aa 100644 --- a/concurrency/threads.v +++ b/concurrency/threads.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/examples/lam_ref/lam_ref_type_lemmas.v b/examples/lam_ref/lam_ref_type_lemmas.v index 2deaceb1c6..bfc3b396f0 100644 --- a/examples/lam_ref/lam_ref_type_lemmas.v +++ b/examples/lam_ref/lam_ref_type_lemmas.v @@ -388,13 +388,13 @@ Proof. destruct e; simpl in *; auto. elim H0. replace (length l + 0) with (length l0). - rewrite rev_length. + rewrite length_rev. apply subst_closed'. replace (S (length l0)) with (length G); auto. - rewrite <- rev_length. + rewrite <- length_rev. rewrite H3; simpl. auto. - rewrite <- (rev_length l0). + rewrite <- (length_rev l0). revert H4; generalize (rev l0); clear. induction l; intros. destruct l; simpl in H4. diff --git a/examples/rnd_hoare/random_oracle.v b/examples/rnd_hoare/random_oracle.v index d9eb3906aa..a4c4187700 100644 --- a/examples/rnd_hoare/random_oracle.v +++ b/examples/rnd_hoare/random_oracle.v @@ -862,7 +862,7 @@ Lemma length_firstn_list_from_fun: forall {A} (f: nat -> A) n, length (fisrtn_li Proof. intros. induction n; simpl; auto. - rewrite app_length, IHn. + rewrite length_app, IHn. simpl. omega. Qed. diff --git a/floyd/Clightnotations.v b/floyd/Clightnotations.v index 97a116240c..d8be02ab77 100644 --- a/floyd/Clightnotations.v +++ b/floyd/Clightnotations.v @@ -26,7 +26,7 @@ some operators. Global Set Warnings "-notation-overridden,-parsing". Require Import compcert.export.Clightdefs. -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Integers Floats Maps Errors AST Ctypes Cop Clight. Declare Scope None_scope. diff --git a/floyd/Component.v b/floyd/Component.v index 62e3426d38..5c52e6824e 100644 --- a/floyd/Component.v +++ b/floyd/Component.v @@ -322,7 +322,7 @@ Proof. + split; trivial. eapply semax_external_binaryintersection. apply EXT1. apply EXT2. apply BI. - rewrite Sig2; simpl. rewrite map_length. trivial. + rewrite Sig2; simpl. rewrite length_map. trivial. Qed. Lemma find_funspec_sub: forall specs' specs diff --git a/floyd/PTops.v b/floyd/PTops.v index 86457b9605..5bf323cf76 100644 --- a/floyd/PTops.v +++ b/floyd/PTops.v @@ -1,4 +1,4 @@ -Require Import ZArith. +From Stdlib Require Import ZArith. Require Import VST.msl.Extensionality. Require Import compcert.lib.Coqlib. Require Import VST.msl.Coqlib2. diff --git a/floyd/align_compatible_dec.v b/floyd/align_compatible_dec.v index c809441a4f..120e32d3a0 100644 --- a/floyd/align_compatible_dec.v +++ b/floyd/align_compatible_dec.v @@ -22,6 +22,25 @@ Context {cs: compspecs}. Definition dec_type := sigT (fun P: Z -> Prop => forall z: Z, {P z} + {~ P z}). +Lemma Zdivide_dec : forall a b : Z, {(a | b)} + {~ (a | b)}. +Proof. +intros. +pose proof (Z.BoolSpec_divide a b). +destruct (Z.eqb_spec b 0). +left. subst. apply Z.divide_0_r. +destruct (Z.eqb_spec a 0). +subst. +right; intro. +apply Z.divide_0_l in H0. contradiction. +simpl in H. +destruct (Z.eqb_spec (b mod a) 0). +left. +Search (_ mod _ = 0) (_ | _). +apply Z.mod_divide; auto. +right; intro. +apply Z.mod_divide in H0; auto. +Qed. + Definition dec_by_value (ch: memory_chunk): dec_type := existT (fun P: Z -> Prop => forall z: Z, {P z} + {~ P z}) (fun z => (Memdata.align_chunk ch | z)) diff --git a/floyd/assert_lemmas.v b/floyd/assert_lemmas.v index cba0e154d5..324359e221 100644 --- a/floyd/assert_lemmas.v +++ b/floyd/assert_lemmas.v @@ -117,7 +117,7 @@ Proof. destruct R; reflexivity. Qed. #[export] Hint Rewrite RA_normal_loop2_ret_assert : ret_assert. Lemma liftTrue: forall rho, `True rho. -Proof. intro. unfold_lift; apply Coq.Init.Logic.I. Qed. +Proof. intro. unfold_lift; apply Logic.I. Qed. #[export] Hint Resolve liftTrue : core. Lemma overridePost_normal: @@ -241,7 +241,7 @@ Proof. intros. red. destruct (tc_eval_gvar_zero _ _ _ _ H H0 H1) as [b ?]. - rewrite H2. destruct (eqb_type _ _); apply Coq.Init.Logic.I. + rewrite H2. destruct (eqb_type _ _); apply Logic.I. Qed. Lemma local_lift2_and: forall P Q, local (`and P Q) = diff --git a/floyd/call_lemmas.v b/floyd/call_lemmas.v index d7f13e3a33..38d1294220 100644 --- a/floyd/call_lemmas.v +++ b/floyd/call_lemmas.v @@ -141,7 +141,7 @@ eapply semax_pre_post'; [ | | apply (semax_call_subsume fs A Pre Post NEPre NEPost argsig retty cc Hsub Delta ts x (PROPx P (LOCALx Q (SEPx R))) None a bl H)]. 3:{ split; intros; congruence. } -3:{ apply Coq.Init.Logic.I. } +3:{ apply Logic.I. } + intro rho; normalize. autorewrite with norm1 norm2; normalize. unfold func_ptr'. diff --git a/floyd/canon.v b/floyd/canon.v index c62eaab59d..89ea2f9448 100644 --- a/floyd/canon.v +++ b/floyd/canon.v @@ -1,4 +1,4 @@ -Require Export Coq.Sorting.Permutation. +Require Export Stdlib.Sorting.Permutation. Require Import VST.veric.seplog. Require Import VST.floyd.base2. Import LiftNotation. @@ -11,7 +11,7 @@ Inductive localdef : Type := | lvar: ident -> type -> val -> localdef (* local variable *) | gvars: globals -> localdef. (* global variables *) -Arguments temp i%positive v. +Arguments temp i%_positive v. Definition lvar_denote (i: ident) (t: type) (v: val) rho := match Map.get (ve_of rho) i with @@ -502,7 +502,7 @@ Notation "'EX' x .. y , P " := Notation " 'ENTAIL' d ',' P '|--' Q " := (@derives (environ->mpred) _ (andp (local (tc_environ d)) P%assert) Q%assert) (at level 99, P at level 79, Q at level 79). -Arguments semax {CS} {Espec} Delta Pre%assert cmd Post%assert. +Arguments semax {CS} {Espec} Delta Pre%_assert cmd Post%_assert. Lemma insert_prop : forall (P: Prop) PP QR, prop P && (PROPx PP QR) = PROPx (P::PP) QR. Proof. @@ -1868,7 +1868,7 @@ Ltac not_conj_notation := | |- not_conj_notation (_ <= _ <= _)%nat => fail 1 | |- not_conj_notation (_ <= _ < _)%nat => fail 1 | |- not_conj_notation (_ < _ <= _)%nat => fail 1 - | |- _ => apply Coq.Init.Logic.I + | |- _ => apply Logic.I end. Lemma split_first_PROP {A}: @@ -2670,7 +2670,7 @@ Lemma lvar_isptr: Proof. intros. hnf in H. destruct (Map.get (ve_of rho) i) as [[? ?]|]; try contradiction. -destruct H; subst; apply Coq.Init.Logic.I. +destruct H; subst; apply Logic.I. Qed. Lemma gvars_isptr: @@ -2681,7 +2681,7 @@ subst. red in H. destruct_glob_types i. rewrite Heqo0. -apply Coq.Init.Logic.I. +apply Logic.I. Qed. Lemma lvar_isptr_eval_var : diff --git a/floyd/client_lemmas.v b/floyd/client_lemmas.v index 190bc5679b..f072cf5984 100644 --- a/floyd/client_lemmas.v +++ b/floyd/client_lemmas.v @@ -399,7 +399,7 @@ Lemma liftx_local_retval: Proof. intros. reflexivity. Qed. #[export] Hint Rewrite liftx_local_retval : norm2. -#[export] Hint Rewrite bool_val_notbool_ptr using apply Coq.Init.Logic.I : norm. +#[export] Hint Rewrite bool_val_notbool_ptr using apply Logic.I : norm. Lemma Vint_inj': forall i j, (Vint i = Vint j) = (i=j). Proof. intros; apply prop_ext; split; intro; congruence. Qed. @@ -464,7 +464,7 @@ destruct x; try tauto; intuition (try congruence); revert H0; simple_if_tac; intro H0; inv H0. Qed. -#[export] Hint Rewrite typed_true_isptr using apply Coq.Init.Logic.I : norm. +#[export] Hint Rewrite typed_true_isptr using apply Logic.I : norm. Ltac super_unfold_lift_in H := cbv delta [liftx LiftEnviron Tarrow Tend lift_S lift_T @@ -585,7 +585,7 @@ try rewrite (is_true_negb _ H); try rewrite (is_true_negb _ H0); destruct v; inv H1; auto. Qed. -#[export] Hint Rewrite sem_cast_pointer2' using (try apply Coq.Init.Logic.I; try assumption; reflexivity) : norm. +#[export] Hint Rewrite sem_cast_pointer2' using (try apply Logic.I; try assumption; reflexivity) : norm. Lemma sem_cast_pointer2: forall v t1 t2 t3 t1' t2', @@ -1823,7 +1823,7 @@ Lemma isptr_force_ptr'' : forall p Q, Proof. intros. apply X. -destruct p; inv H; apply Coq.Init.Logic.I. +destruct p; inv H; apply Logic.I. Qed. Lemma isptr_offset_val'': forall i p Q, @@ -1832,7 +1832,7 @@ Lemma isptr_offset_val'': forall i p Q, Proof. intros. apply X. -destruct p; inv H; apply Coq.Init.Logic.I. +destruct p; inv H; apply Logic.I. Qed. Lemma ptr_eq_e': forall v1 v2 B, diff --git a/floyd/compact_prod_sum.v b/floyd/compact_prod_sum.v index f7e897aaf0..6416430d43 100644 --- a/floyd/compact_prod_sum.v +++ b/floyd/compact_prod_sum.v @@ -1,4 +1,4 @@ -Require Import Coq.Lists.List. +Require Import Stdlib.Lists.List. Require Import compcert.lib.Coqlib. Require Import VST.msl.Coqlib2 VST.floyd.coqlib3. Require Import VST.floyd.jmeq_lemmas. diff --git a/floyd/computable_theorems.v b/floyd/computable_theorems.v index ff913787c9..1eb27b6d80 100644 --- a/floyd/computable_theorems.v +++ b/floyd/computable_theorems.v @@ -1,7 +1,4 @@ -Require Import Coq.ZArith.ZArith. -Require Import Coq.ZArith.Znumtheory. -Require Import Coq.Lists.List. -Require Import Coq.Bool.Bool. +From Stdlib Require Import ZArith.ZArith ZArith.Znumtheory Lists.List Bool.Bool. Require Import compcert.cfrontend.Ctypes. Definition in_eq: forall {A: Type} (a:A) l, In a (a::l) := diff --git a/floyd/coqlib3.v b/floyd/coqlib3.v index e33c8df11e..fe23147f9a 100644 --- a/floyd/coqlib3.v +++ b/floyd/coqlib3.v @@ -1,10 +1,9 @@ -Require Coq.funind.Recdef. +Require Stdlib.funind.Recdef. Require Import compcert.lib.Coqlib. Require Import compcert.lib.Integers. -Require Import Coq.Strings.String. -Require Import Coq.Strings.Ascii. -Require Import Coq.Lists.List. -Require Import Coq.Sorting.Permutation. +From Stdlib Require Import Strings.String Strings.Ascii. +Require Import Stdlib.Lists.List. +Require Import Stdlib.Sorting.Permutation. Require Import VST.msl.Coqlib2. Require Import VST.veric.coqlib4. diff --git a/floyd/data_at_lemmas.v b/floyd/data_at_lemmas.v index 72e2a323b8..65cac47cf9 100644 --- a/floyd/data_at_lemmas.v +++ b/floyd/data_at_lemmas.v @@ -780,7 +780,7 @@ intros. unfold decode_int. unfold rev_if_be. destruct Archi.big_endian. -rewrite <- rev_length. +rewrite <- length_rev. apply int_of_bytes_range. apply int_of_bytes_range. Qed. diff --git a/floyd/entailer.v b/floyd/entailer.v index 8ac9fdd349..f8406bd59f 100644 --- a/floyd/entailer.v +++ b/floyd/entailer.v @@ -421,7 +421,7 @@ Qed. Ltac prove_it_now := first [ splittable; fail 1 | computable - | apply Coq.Init.Logic.I + | apply Logic.I | reflexivity | rewrite ?intsigned_intrepr_bytesigned; rep_lia | prove_signed_range @@ -525,7 +525,7 @@ Ltac entailer' := repeat (progress (ent_iter; normalize)); try simple apply prop_and_same_derives; prune_conjuncts; - try rewrite (prop_true_andp True) by apply Coq.Init.Logic.I; + try rewrite (prop_true_andp True) by apply Logic.I; try solve_valid_pointer; try first [apply derives_refl | simple apply FF_left @@ -553,7 +553,7 @@ Ltac my_auto_iter H := | red in H (* remove conjuncts_marker*); apply H ]. -Ltac all_True := solve [repeat simple apply conj; simple apply Coq.Init.Logic.I]. +Ltac all_True := solve [repeat simple apply conj; simple apply Logic.I]. Ltac my_auto_reiter := first [simple apply conj; [all_True | ]; my_auto_reiter diff --git a/floyd/field_at.v b/floyd/field_at.v index efa7219cf1..181480fc11 100644 --- a/floyd/field_at.v +++ b/floyd/field_at.v @@ -2359,7 +2359,7 @@ Proof. intros. rewrite value_fits_eq; simpl. destruct (attr_volatile a); auto. -hnf. intro. apply Coq.Init.Logic.I. +hnf. intro. apply Logic.I. Qed. (* TODO: move all change type lemmas into one file. Also those change compspecs lemmas. *) diff --git a/floyd/field_compat.v b/floyd/field_compat.v index 523cd3a771..b8e6525a01 100644 --- a/floyd/field_compat.v +++ b/floyd/field_compat.v @@ -1091,7 +1091,7 @@ Proof. intros. pose proof (size_chunk_pos s). eapply field_compatible_byvalue; eauto; -try (apply Zmod_divide; [ try lia | auto ]). +try (apply Z.mod_divide; [ try lia | auto ]). pose proof (align_chunk_pos s); lia. apply Z.leb_le; auto. apply Z.leb_le; auto. @@ -1112,7 +1112,7 @@ eapply field_compatible_byvalue'; eauto. apply Z.leb_le. rewrite Z.add_0_l. pose proof (size_chunk_pos s). -apply Zmod_divide in H2; [ | lia]. +apply Z.mod_divide in H2; [ | lia]. destruct H2. pose proof (size_chunk_pos b). assert (0 < x) by lia. diff --git a/floyd/find_nth_tactic.v b/floyd/find_nth_tactic.v index 05cfb37099..eb86b46140 100644 --- a/floyd/find_nth_tactic.v +++ b/floyd/find_nth_tactic.v @@ -1,5 +1,4 @@ -Require Import Coq.Lists.List. -Require Import Lia. +From Stdlib Require Import Lists.List Lia. Fixpoint delete_nth {A} (n: nat) (xs: list A) {struct n} : list A := match n, xs with diff --git a/floyd/finish.v b/floyd/finish.v index 6f0816ee04..97e00ed5f3 100644 --- a/floyd/finish.v +++ b/floyd/finish.v @@ -1,5 +1,7 @@ From Ltac2 Require Import Ltac2. +Set Warnings "-ltac2-unused-variable". + Require Import VST.floyd.base2. Require Import VST.floyd.functional_base. Require Import VST.floyd.client_lemmas. diff --git a/floyd/forward.v b/floyd/forward.v index 28a4e85d4f..b861072e42 100644 --- a/floyd/forward.v +++ b/floyd/forward.v @@ -147,10 +147,10 @@ unfold size_compatible. rewrite prop_true_andp. rewrite TT_andp. rewrite memory_block_data_at_. cancel. -split3; auto. apply Coq.Init.Logic.I. +split3; auto. apply Logic.I. split3; auto. apply la_env_cs_sound; auto. -apply Coq.Init.Logic.I. +apply Logic.I. split; auto. rewrite memory_block_isptr; normalize. rewrite memory_block_isptr; normalize. @@ -1010,7 +1010,7 @@ eapply (semax_call_id1_x_wow_nil H); clear H; lazymatch goal with Frame := _ : list mpred |- _ => try clear Frame end; [ check_result_type | check_result_type - | apply Coq.Init.Logic.I | apply Coq.Init.Logic.I | reflexivity + | apply Logic.I | apply Logic.I | reflexivity | (clear; let H := fresh in intro H; inversion H) | match_postcondition | prove_delete_temp @@ -1025,7 +1025,7 @@ eapply (semax_call_id1_x_wow H); clear H; lazymatch goal with Frame := _ : list mpred |- _ => try clear Frame end; [ check_result_type | check_result_type - | apply Coq.Init.Logic.I | apply Coq.Init.Logic.I | reflexivity + | apply Logic.I | apply Logic.I | reflexivity | (clear; let H := fresh in intro H; inversion H) | match_postcondition | prove_delete_temp @@ -1040,7 +1040,7 @@ eapply (semax_call_id1_y_wow_nil H); clear H; lazymatch goal with Frame := _ : list mpred |- _ => try clear Frame end; [ check_result_type | check_result_type - | apply Coq.Init.Logic.I | apply Coq.Init.Logic.I | reflexivity + | apply Logic.I | apply Logic.I | reflexivity | (clear; let H := fresh in intro H; inversion H) | match_postcondition | prove_delete_temp @@ -1055,7 +1055,7 @@ eapply (semax_call_id1_y_wow H); clear H; lazymatch goal with Frame := _ : list mpred |- _ => try clear Frame end; [ check_result_type | check_result_type - | apply Coq.Init.Logic.I | apply Coq.Init.Logic.I | reflexivity + | apply Logic.I | apply Logic.I | reflexivity | (clear; let H := fresh in intro H; inversion H) | match_postcondition | prove_delete_temp @@ -1069,7 +1069,7 @@ let H := fresh in intro H; eapply (semax_call_id01_wow_nil H); clear H; lazymatch goal with Frame := _ : list mpred |- _ => try clear Frame end; - [ apply Coq.Init.Logic.I + [ apply Logic.I | match_postcondition | unify_postcondition_exps | prove_PROP_preconditions @@ -1080,7 +1080,7 @@ let H := fresh in intro H; eapply (semax_call_id01_wow H); clear H; lazymatch goal with Frame := _ : list mpred |- _ => try clear Frame end; - [ apply Coq.Init.Logic.I + [ apply Logic.I | match_postcondition | unify_postcondition_exps | prove_PROP_preconditions @@ -1946,13 +1946,13 @@ Proof. destruct v; match type of H with | None = Some true => inv H | _ => idtac end. + destruct Archi.ptr64 eqn:Hp; destruct (Int.eq i Int.zero); inv H. + destruct Archi.ptr64 eqn:Hp; destruct (Int64.eq i Int64.zero); inv H. - + apply Coq.Init.Logic.I. + + apply Logic.I. Qed. Lemma typed_false_ptr_e: forall t v, typed_false (tptr t) v -> v=nullval. Proof. - intros. destruct v; inv H; try apply Coq.Init.Logic.I. + intros. destruct v; inv H; try apply Logic.I. unfold nullval. f_equal. try (pose proof (Int64.eq_spec i Int64.zero); diff --git a/floyd/freezer.v b/floyd/freezer.v index ec5cbaf6ed..f32aca749d 100644 --- a/floyd/freezer.v +++ b/floyd/freezer.v @@ -1,7 +1,7 @@ Require Import VST.floyd.base2. Require Import VST.floyd.canon. Require Import VST.floyd.entailer. -Require Import Coq.Lists.List. +Require Import Stdlib.Lists.List. Export ListNotations. Require Import VST.floyd.client_lemmas. diff --git a/floyd/functional_base.v b/floyd/functional_base.v index eb6689d512..2244505c5f 100644 --- a/floyd/functional_base.v +++ b/floyd/functional_base.v @@ -1,5 +1,5 @@ -Require Export Coq.Lists.List. -Require Export Coq.ZArith.ZArith. +Require Export Stdlib.Lists.List. +Require Export Stdlib.ZArith.ZArith. Require Export compcert.lib.Coqlib. Require Export compcert.lib.Integers. Require Export compcert.lib.Floats. @@ -8,7 +8,7 @@ Require Export VST.msl.eq_dec. Require Export VST.msl.Coqlib2. Require Export VST.floyd.coqlib3. Require Export VST.zlist.sublist. -Require Export Lia. +From Stdlib Require Export Lia. Require Export VST.zlist.list_solver. Definition Vubyte (c: Byte.int) : val := diff --git a/floyd/globals_lemmas.v b/floyd/globals_lemmas.v index 0be6220db9..d2ef512527 100644 --- a/floyd/globals_lemmas.v +++ b/floyd/globals_lemmas.v @@ -442,7 +442,7 @@ Lemma id2pred_star_ZnthV_Tint {cs: compspecs} : Proof. intros. subst n mdata. replace (Zlength (map (inttype2init_data sz) data)) with (Zlength data) - by (repeat rewrite Zlength_correct; rewrite map_length; auto). + by (repeat rewrite Zlength_correct; rewrite length_map; auto). go_lowerx. match goal with |- ?F _ _ _ _ _ _ |-- _ => change F with @id2pred_star end. change (offset_strict_in_range (sizeof (Tint sz sign noattr) * Zlength data) v) in H1. @@ -579,7 +579,7 @@ Lemma id2pred_star_ZnthV_tint {cs: compspecs}: !! offset_strict_in_range (sizeof tint * n) v && `(id2pred_star Delta gz sh v mdata) |-- `(data_at sh (tarray tint n) (map Vint data) v). -Proof. intros; apply id2pred_star_ZnthV_Tint; auto; apply Coq.Init.Logic.I. +Proof. intros; apply id2pred_star_ZnthV_Tint; auto; apply Logic.I. Qed. Lemma offset_zero_globals_of_env: forall rho i, @@ -694,7 +694,7 @@ Lemma id2pred_star_ZnthV_tfloat {cs: compspecs}: Proof. intros. subst n mdata. replace (Zlength (map (floattype2init_data sz) data)) with (Zlength data) - by (repeat rewrite Zlength_correct; rewrite map_length; auto). + by (repeat rewrite Zlength_correct; rewrite length_map; auto). go_lowerx. match goal with |- ?F _ _ _ _ _ _ |-- _ => change F with @id2pred_star end. change (offset_strict_in_range (sizeof (Tfloat sz noattr) * Zlength data) v) in H1. @@ -785,7 +785,7 @@ destruct sz; apply derives_refl. apply align_compatible_rec_by_value with (ch:=ch); auto. apply Z.divide_add_r; auto. clear - H8. subst t. - destruct sz; inv H8; simpl; (apply Zmod_divide; [lia | reflexivity]). + destruct sz; inv H8; simpl; (apply Z.mod_divide; [lia | reflexivity]). unfold Ptrofs.max_unsigned. lia. } @@ -819,7 +819,7 @@ destruct sz; apply derives_refl. apply Z.divide_mul_l; auto. clear - t H4. subst t. - destruct sz; inv H4; simpl; (apply Zmod_divide; [lia | reflexivity]). + destruct sz; inv H4; simpl; (apply Z.mod_divide; [lia | reflexivity]). pose proof (Zlength_nonneg data); lia. Qed. @@ -1749,7 +1749,7 @@ Ltac process_one_globvar' := unify (is_array_type (gvar_info v)) true end; (*simple*) eapply process_globvar_array; - [reflexivity | reflexivity | reflexivity | reflexivity | reflexivity | apply Coq.Init.Logic.I + [reflexivity | reflexivity | reflexivity | reflexivity | reflexivity | apply Logic.I | compute; clear; congruence | repeat eapply map_instantiate; symmetry; apply map_nil | compute; split; clear; congruence ] diff --git a/floyd/jmeq_lemmas.v b/floyd/jmeq_lemmas.v index 775cc7c48b..bbf8985b8c 100644 --- a/floyd/jmeq_lemmas.v +++ b/floyd/jmeq_lemmas.v @@ -1,9 +1,9 @@ -Require Import Coq.Setoids.Setoid. +Require Import Stdlib.Setoids.Setoid. Require Import VST.msl.Extensionality. (****************************************** -Copied From Coq.Logic.JMeq. +Copied From Stdlib.Logic.JMeq. No longer involving JMeq_eq, which is potentially inconsistenty with homotopy type theory. @@ -102,7 +102,7 @@ Qed. (** [JMeq] is equivalent to [eq_dep Type (fun X => X)] *) -Require Import Coq.Logic.Eqdep. +Require Import Stdlib.Logic.Eqdep. Lemma JMeq_eq_dep_id : forall (A:Type) (B:Type) (x:A) (y:B), JMeq x y -> eq_dep Type (fun X:Type => X) A x B y. diff --git a/floyd/mapsto_memory_block.v b/floyd/mapsto_memory_block.v index d9522a25b6..34d11b9b46 100644 --- a/floyd/mapsto_memory_block.v +++ b/floyd/mapsto_memory_block.v @@ -44,7 +44,7 @@ Proof. destruct (access_mode t); try apply FF_left. destruct (type_is_volatile t); try apply FF_left. destruct v1; try apply FF_left. - apply prop_right; split; auto; apply Coq.Init.Logic.I. + apply prop_right; split; auto; apply Logic.I. + apply mapsto_tc_val'. Qed. @@ -248,10 +248,10 @@ Lemmas about specific types to limit their application and make them fail faster *) #[export] Hint Extern 1 (mapsto _ _ _ _ |-- mapsto _ _ _ _) => - (simple apply mapsto_mapsto_int32; apply Coq.Init.Logic.I) : cancel. + (simple apply mapsto_mapsto_int32; apply Logic.I) : cancel. #[export] Hint Extern 1 (mapsto _ _ _ _ |-- mapsto_ _ _ _) => - (simple apply mapsto_mapsto__int32; apply Coq.Init.Logic.I) : cancel. + (simple apply mapsto_mapsto__int32; apply Logic.I) : cancel. #[export] Hint Extern 1 (mapsto _ _ _ _ |-- mapsto_ _ _ _) => (apply mapsto_mapsto_) : cancel. diff --git a/floyd/proofauto.v b/floyd/proofauto.v index 7a8e9a418a..a34f76b7a5 100644 --- a/floyd/proofauto.v +++ b/floyd/proofauto.v @@ -58,7 +58,7 @@ Require VST.floyd.linking. "Require Import Require Import VST.floyd.Funspec_old_Notation." Global Close Scope funspec_scope.*) -Arguments semax {CS} {Espec} Delta Pre%assert cmd%C Post%assert. +Arguments semax {CS} {Espec} Delta Pre%_assert cmd%_C Post%_assert. Export ListNotations. Export Clight_Cop2. diff --git a/floyd/replace_refill_reptype_lemmas.v b/floyd/replace_refill_reptype_lemmas.v index 9ed55993f2..8b58a7471f 100644 --- a/floyd/replace_refill_reptype_lemmas.v +++ b/floyd/replace_refill_reptype_lemmas.v @@ -5,7 +5,7 @@ Require Import VST.floyd.type_induction. Require Import VST.floyd.aggregate_type. Require Import VST.floyd.reptype_lemmas. Require Import VST.floyd.proj_reptype_lemmas. -Require Import Coq.Classes.RelationClasses. +Require Import Stdlib.Classes.RelationClasses. Require Import VST.zlist.sublist. Require Import VST.floyd.stronger. diff --git a/floyd/seplog_tactics.v b/floyd/seplog_tactics.v index 5072189507..e316804a5f 100644 --- a/floyd/seplog_tactics.v +++ b/floyd/seplog_tactics.v @@ -59,7 +59,7 @@ Definition not_a_prop (P: mpred) := True. Ltac not_a_prop := match goal with | |- not_a_prop (prop _) => fail 1 - | |- _ => apply Coq.Init.Logic.I + | |- _ => apply Logic.I end. Lemma flip_prop: forall P Q, diff --git a/floyd/stronger.v b/floyd/stronger.v index ed6102a206..6d90d058c1 100644 --- a/floyd/stronger.v +++ b/floyd/stronger.v @@ -9,8 +9,8 @@ Require Import VST.floyd.data_at_rec_lemmas. Require Import VST.floyd.field_at. Require Import VST.floyd.entailer. Require Import VST.floyd.closed_lemmas. -Require Import Coq.Classes.RelationClasses. -Require Import Coq.Classes.Morphisms. +Require Import Stdlib.Classes.RelationClasses. +Require Import Stdlib.Classes.Morphisms. Require Import VST.zlist.sublist. Local Open Scope logic. diff --git a/hmacdrbg/HMAC_DRBG_nonadaptive.v b/hmacdrbg/HMAC_DRBG_nonadaptive.v index 097c2081dc..7c12fd23c6 100644 --- a/hmacdrbg/HMAC_DRBG_nonadaptive.v +++ b/hmacdrbg/HMAC_DRBG_nonadaptive.v @@ -3864,7 +3864,7 @@ Proof. { assert (len_eq : length (to_list v) = length (to_list key_input ++ zeroes)). f_equal; trivial. - rewrite app_length in *. + rewrite length_app in *. repeat rewrite to_list_length in *. unfold zeroes in *. @@ -3883,14 +3883,14 @@ Proof. destruct (in_split_l_if init _ in_fixed_len_list). eauto. unfold to_list in *. - apply inputs_len in H1; simpl in *; rewrite app_length in H1; + apply inputs_len in H1; simpl in *; rewrite length_app in H1; unfold zeroes in H1; rewrite length_replicate in H1; rewrite Nat.add_comm in H1; simpl in *. rewrite to_list_length in *. lia. (* match goal with *) (* | [ H1: In (to_list key_input ++ zeroes, _) init |- _ ] => *) - (* apply inputs_len in H1; simpl in *; rewrite app_length in H1; *) + (* apply inputs_len in H1; simpl in *; rewrite length_app in H1; *) (* unfold zeroes in H1; rewrite length_replicate in H1; *) (* rewrite Nat.add_comm in H1; simpl in *; discriminate *) (* end. *) diff --git a/hmacdrbg/HMAC_DRBG_pure_lemmas.v b/hmacdrbg/HMAC_DRBG_pure_lemmas.v index 2f67e739d3..a2a3b71ae5 100644 --- a/hmacdrbg/HMAC_DRBG_pure_lemmas.v +++ b/hmacdrbg/HMAC_DRBG_pure_lemmas.v @@ -162,7 +162,7 @@ Proof. (Z.of_nat n0 * 32 + 32 - Z.of_nat 32)) as result; destruct result. simpl. rewrite Zlength_correct. - rewrite app_length. + rewrite length_app. rewrite Nat2Z.inj_add. do 2 rewrite <- Zlength_correct. rewrite Hlength. diff --git a/hmacdrbg/entropy_lemmas.v b/hmacdrbg/entropy_lemmas.v index 12fd27b987..f5259bd093 100644 --- a/hmacdrbg/entropy_lemmas.v +++ b/hmacdrbg/entropy_lemmas.v @@ -140,7 +140,7 @@ Proof. remember (s0 0%nat) as s0_0. destruct s0_0; try solve [inversion H]. inv H. - rewrite app_length. + rewrite length_app. simpl. replace (length l + 1)%nat with (S (length l)) by lia. rewrite IHk' with (s':=s0) (s:=s); auto. Qed. diff --git a/mailbox/atomic_exchange.v b/mailbox/atomic_exchange.v index a0c42c5f62..f8fa223997 100644 --- a/mailbox/atomic_exchange.v +++ b/mailbox/atomic_exchange.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/mailbox/mailbox.v b/mailbox/mailbox.v index 0db696b06b..28ae281b8a 100644 --- a/mailbox/mailbox.v +++ b/mailbox/mailbox.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/mailbox/verif_atomic_exchange.v b/mailbox/verif_atomic_exchange.v index a6fcf44454..610037563d 100644 --- a/mailbox/verif_atomic_exchange.v +++ b/mailbox/verif_atomic_exchange.v @@ -6,7 +6,7 @@ Require Import VST.zlist.sublist. Require Import VST.concurrency.lock_specs. Require Import VST.atomics.verif_lock. Require Import mailbox.atomic_exchange. -Require Import Lia. +From Stdlib Require Import Lia. (* standard VST prelude *) #[export] Instance CompSpecs : compspecs. make_compspecs prog. Defined. diff --git a/mailbox/verif_lockfree_linsearch.v b/mailbox/verif_lockfree_linsearch.v index c828b940a1..cd0baff57a 100644 --- a/mailbox/verif_lockfree_linsearch.v +++ b/mailbox/verif_lockfree_linsearch.v @@ -285,7 +285,7 @@ Proof. subst; contradiction H; eauto. Qed. -Lemma make_map_length : forall h (Hnz : Forall (fun x => value_of_hist (fst x) <> vint 0) h) +Lemma make_length_map : forall h (Hnz : Forall (fun x => value_of_hist (fst x) <> vint 0) h) (Hint : Forall (fun x => Forall int_op (map snd (fst x))) h), Zlength (make_map h) = Zlength h. Proof. diff --git a/mailbox/verif_mailbox_bad_write.v b/mailbox/verif_mailbox_bad_write.v index fa8335af43..49139f8c73 100644 --- a/mailbox/verif_mailbox_bad_write.v +++ b/mailbox/verif_mailbox_bad_write.v @@ -89,7 +89,7 @@ Proof. entailer!. rewrite upd_Znth_eq with (d := Vundef); [|auto]. apply derives_refl'; erewrite map_ext_in; [reflexivity|]. - intros; rewrite In_upto, map_length, upto_length in *; simpl in *. + intros; rewrite In_upto, length_map, upto_length in *; simpl in *. erewrite Znth_map, Znth_upto; simpl; auto; try lia. erewrite sublist_split with (mid := i)(hi := i + 1), sublist_len_1 with (d := 0); auto; try lia. destruct (in_dec eq_dec a (sublist 0 i lasts ++ [Znth i lasts 0])); rewrite in_app in *. @@ -1070,7 +1070,7 @@ Proof. rewrite !Zlength_app, !Zlength_cons, !Zlength_nil; entailer!. rewrite !sepcon_assoc; apply sepcon_derives. * apply derives_refl'; f_equal. - erewrite upd_Znth_eq, !map_length, upto_length, !map_map; + erewrite upd_Znth_eq, !length_map, upto_length, !map_map; [|rewrite !Zlength_map, Zlength_upto; unfold N in *; auto]. apply map_ext_in; intros; rewrite In_upto in *. replace (Zlength t') with (Zlength h'). diff --git a/mailbox/verif_mailbox_specs.v b/mailbox/verif_mailbox_specs.v index 4ccd0d7f22..6e9944394f 100644 --- a/mailbox/verif_mailbox_specs.v +++ b/mailbox/verif_mailbox_specs.v @@ -6,7 +6,7 @@ Require Import VST.zlist.sublist. Require Export VST.concurrency.lock_specs. Require Export VST.atomics.verif_lock. Require Import mailbox.mailbox. -Require Import Lia. +From Stdlib Require Import Lia. Open Scope funspec_scope. (* standard VST prelude *) diff --git a/mailbox/verif_mailbox_write.v b/mailbox/verif_mailbox_write.v index 50a5a2ebbc..896d179c30 100644 --- a/mailbox/verif_mailbox_write.v +++ b/mailbox/verif_mailbox_write.v @@ -84,7 +84,7 @@ Proof. entailer!. rewrite upd_Znth_eq; [|auto]. apply derives_refl'; erewrite map_ext_in; [reflexivity|]. - intros; rewrite In_upto, map_length, upto_length in *; simpl in *. + intros; rewrite In_upto, length_map, upto_length in *; simpl in *. erewrite Znth_map, Znth_upto; simpl; auto; try lia. erewrite sublist_split with (mid := i)(hi := i + 1), sublist_len_1; auto; try lia. destruct (in_dec eq_dec a (sublist 0 i lasts ++ [Znth i lasts])); rewrite in_app in *. @@ -996,7 +996,7 @@ Proof. cancel. rewrite !sepcon_assoc; apply sepcon_derives. * apply derives_refl'; f_equal. - erewrite upd_Znth_eq, !map_length, upto_length, !map_map; + erewrite upd_Znth_eq, !length_map, upto_length, !map_map; [|rewrite !Zlength_map, Zlength_upto; unfold N in *; auto]. apply map_ext_in; intros; rewrite In_upto in *. replace (Zlength t') with (Zlength h'). diff --git a/mc_reify/verif_sha_bdo7.v b/mc_reify/verif_sha_bdo7.v index e0ddf92002..c15b2fb14d 100644 --- a/mc_reify/verif_sha_bdo7.v +++ b/mc_reify/verif_sha_bdo7.v @@ -250,7 +250,7 @@ assert (H1: firstn 1 (skipn (16 - S n) b) = W (nthi b) (16 - 16 + (Z.of_nat (16 - S n) - 16) mod 16) :: nil). { unfold firstn. destruct (skipn (16 - S n) b) eqn:?. - pose proof (skipn_length b (16 - S n)). + pose proof (length_skipn b (16 - S n)). rewrite Heql in H1. simpl length in H1. omega. diff --git a/msl/Axioms.v b/msl/Axioms.v index 880fe5150d..ab78380e06 100644 --- a/msl/Axioms.v +++ b/msl/Axioms.v @@ -4,7 +4,7 @@ the axioms used by MSL and by the CompCert project. *) -Require Coq.Logic.ClassicalFacts. +Require Stdlib.Logic.ClassicalFacts. (** * Extensionality axioms *) @@ -20,7 +20,7 @@ Lemma functional_extensionality {A B} (f g : A -> B) : (forall x, f x = g x) -> f = g. >> *) -Require Export Coq.Logic.FunctionalExtensionality. +Require Export Stdlib.Logic.FunctionalExtensionality. (** For compatibility with earlier developments, [extensionality] is an alias for [functional_extensionality]. *) diff --git a/msl/Extensionality.v b/msl/Extensionality.v index b8ca413ef9..d7205be1f5 100644 --- a/msl/Extensionality.v +++ b/msl/Extensionality.v @@ -2,7 +2,7 @@ Require Export VST.msl.Axioms. (* NO AXIOMS AFTER THIS POINT *) -Require Import Coq.Logic.EqdepFacts. +Require Import Stdlib.Logic.EqdepFacts. (* From EqdepTh we obtain inj_pair and inj_pairT2 without use of excluded middle: @@ -136,7 +136,7 @@ Ltac f_equal := | |- existT _ _ _ = existT _ _ _ => apply existT_ext end; try reflexivity; try congruence) - || Coq.Init.Prelude.f_equal. + || Corelib.Init.Prelude.f_equal. Lemma exist_ext' : forall A F (x y:@sig A F), proj1_sig x = proj1_sig y -> x = y. diff --git a/msl/age_to.v b/msl/age_to.v index a535fa8139..2c36e61191 100644 --- a/msl/age_to.v +++ b/msl/age_to.v @@ -8,7 +8,7 @@ Require Import VST.msl.predicates_hered. Require Import VST.msl.sepalg. Require Import VST.msl.age_sepalg. Require Import VST.msl.sepalg_generators. -Require Import Lia. +From Stdlib Require Import Lia. (* Apply [age1] n times (meaningful when [n <= level x] *) diff --git a/msl/ageable.v b/msl/ageable.v index 517be5c888..083e389b76 100644 --- a/msl/ageable.v +++ b/msl/ageable.v @@ -4,7 +4,7 @@ *) Require Import VST.msl.base. - Require Coq.funind.Recdef. + Require Stdlib.funind.Recdef. Local Open Scope nat_scope. @@ -190,7 +190,7 @@ End RtRft. Definition laterR {A} `{ageable A} : relation A := clos_trans A age. Definition necR {A} `{ageable A} : relation A := clos_refl_trans A age. -Require Coq.Wellfounded.Wellfounded. +Require Stdlib.Wellfounded.Wellfounded. Lemma laterR_wf {A} `{ageable A} : well_founded (transp _ laterR). Proof. diff --git a/msl/base.v b/msl/base.v index fd64d8dbc3..7495030a5c 100644 --- a/msl/base.v +++ b/msl/base.v @@ -7,10 +7,8 @@ throughtout the proof. It also defines some convenience tactics. *) Require Export VST.msl.Extensionality. -Require Export Coq.Lists.List. -Require Export Coq.Bool.Bool. -Require Export Coq.Relations.Relations. -Require Export Lia. +From Stdlib Require Export Lists.List Bool.Bool Relations.Relations. +From Stdlib Require Export Lia. (* Global Set Warnings "-deprecated-hint-rewrite-without-locality". Delete this line after we abandon Coq 8.13 *) diff --git a/msl/boolean_alg.v b/msl/boolean_alg.v index 9933772478..90fd3a6e7c 100644 --- a/msl/boolean_alg.v +++ b/msl/boolean_alg.v @@ -22,7 +22,7 @@ Require Import VST.msl.base. Require Import VST.msl.eq_dec. Require Import VST.msl.sepalg. -Require Import GenericMinMax. +From Stdlib Require Import GenericMinMax. Module Type BOOLEAN_ALGEBRA. Parameters (t:Type) (Ord : t -> t -> Prop) diff --git a/msl/ghost_seplog.v b/msl/ghost_seplog.v index b28abbf5b4..aa7fdcb389 100644 --- a/msl/ghost_seplog.v +++ b/msl/ghost_seplog.v @@ -2,7 +2,7 @@ Require Import VST.msl.Extensionality. Require Import VST.msl.seplog. Require Import VST.msl.sepalg. Require Import VST.msl.ghost. -Require Import Ensembles List. +From Stdlib Require Import Ensembles List. Local Open Scope logic. diff --git a/msl/iter_sepcon.v b/msl/iter_sepcon.v index 53bbb86af4..5c2100cee0 100644 --- a/msl/iter_sepcon.v +++ b/msl/iter_sepcon.v @@ -7,10 +7,10 @@ Require Import VST.msl.simple_CCC. Require Import VST.msl.seplog. Require Import VST.msl.log_normalize. Require Import VST.zlist.sublist. -Require Import Coq.Lists.List. -Require Import Coq.ZArith.ZArith. -Require Import Coq.Sorting.Permutation. -Require Export Coq.Classes.Morphisms. +Require Import Stdlib.Lists.List. +Require Import Stdlib.ZArith.ZArith. +Require Import Stdlib.Sorting.Permutation. +Require Export Stdlib.Classes.Morphisms. Lemma In_Permutation_cons: forall {A : Type} (l : list A) (x : A), In x l -> diff --git a/msl/knot.v b/msl/knot.v index e96448579f..854f68e300 100644 --- a/msl/knot.v +++ b/msl/knot.v @@ -5,7 +5,7 @@ Require Import VST.msl.base. Require Import VST.msl.ageable. -Require Import Coq.Logic.Eqdep_dec. +Require Import Stdlib.Logic.Eqdep_dec. Require Import VST.msl.functors. Import CovariantFunctor. diff --git a/msl/knot_full_variant.v b/msl/knot_full_variant.v index 5f9258d60d..e6ae6665ba 100644 --- a/msl/knot_full_variant.v +++ b/msl/knot_full_variant.v @@ -4,7 +4,7 @@ Require Import VST.msl.functors. Require Import VST.msl.predicates_hered. Import VST.msl.functors.MixVariantFunctor. Import VST.msl.functors.MixVariantFunctorLemmas. -Require Import Arith. +From Stdlib Require Import Arith. Module Type KNOT_INPUT__MIXVARIANT_HERED_T_OTH_REL. Parameter F : functor. diff --git a/msl/log_normalize.v b/msl/log_normalize.v index a9e0dc8d99..65773814c3 100644 --- a/msl/log_normalize.v +++ b/msl/log_normalize.v @@ -1,10 +1,7 @@ Require Import VST.msl.simple_CCC. Require Import VST.msl.seplog. -(* Require Import VST.msl.alg_seplog. *) Require Import VST.msl.Extensionality. -Require Import Coq.Setoids.Setoid. - -(* Set Warnings "-deprecated-hint-rewrite-without-locality". Delete this line after we abandon Coq 8.13 *) +Require Import Stdlib.Setoids.Setoid. Create HintDb norm discriminated. @@ -1735,10 +1732,10 @@ Qed. (****** End contractiveness *****) -Require Import Coq.ZArith.ZArith. +Require Import Stdlib.ZArith.ZArith. Require Import VST.zlist.sublist. -Require Import Coq.Lists.List. -Require Import Coq.micromega.Lia. +Require Import Stdlib.Lists.List. +From Stdlib Require Import Lia. Lemma sepcon_app {A} {NA: NatDed A}{SA: SepLog A}{CA: ClassicalSep A}: forall l1 l2, fold_right sepcon emp (l1 ++ l2) = diff --git a/msl/msl_classical.v b/msl/msl_classical.v index da5998bc5e..184bd7a53e 100644 --- a/msl/msl_classical.v +++ b/msl/msl_classical.v @@ -1,5 +1,5 @@ Require Export VST.msl.msl_standard. -Require Export Coq.Logic.Classical. +Require Export Stdlib.Logic.Classical. Tactic Notation "LEM" constr(P) := (destruct (classic (P))). diff --git a/msl/predicates_rec.v b/msl/predicates_rec.v index e1ac09594d..7798234405 100644 --- a/msl/predicates_rec.v +++ b/msl/predicates_rec.v @@ -8,8 +8,8 @@ Require Import VST.msl.ageable. Require Import VST.msl.predicates_hered. Require Import VST.msl.subtypes. -Require Import Coq.Wellfounded.Wellfounded. -Require Import Coq.funind.Recdef. +Require Import Stdlib.Wellfounded.Wellfounded. +Require Import Stdlib.funind.Recdef. Delimit Scope pred with pred. Local Open Scope pred. diff --git a/msl/predicates_sa.v b/msl/predicates_sa.v index a981a9859a..2715f9babb 100644 --- a/msl/predicates_sa.v +++ b/msl/predicates_sa.v @@ -1,8 +1,8 @@ Require Import VST.msl.base. Require Import VST.msl.sepalg. -Require Import Coq.funind.Recdef. -Require Coq.Wellfounded.Wellfounded. (* Can't Import this, because that brings the identifier B into +Require Import Stdlib.funind.Recdef. +Require Stdlib.Wellfounded.Wellfounded. (* Can't Import this, because that brings the identifier B into scope, which breaks things like `{ageable B} in this file. Stupid feature of Coq, that the B in `{ageable B} is not unambiguously a binding occurrence of B. *) diff --git a/msl/sepalg_list.v b/msl/sepalg_list.v index 414871d306..0cdcc48bf6 100644 --- a/msl/sepalg_list.v +++ b/msl/sepalg_list.v @@ -1,6 +1,6 @@ Require Import VST.msl.msl_standard. Require Import VST.msl.Coqlib2. -Require Import Coq.ZArith.ZArith. +Require Import Stdlib.ZArith.ZArith. Require Import VST.zlist.sublist. Set Implicit Arguments. diff --git a/msl/subtypes.v b/msl/subtypes.v index 114c7f3400..14c704f710 100644 --- a/msl/subtypes.v +++ b/msl/subtypes.v @@ -3,7 +3,7 @@ * *) -Require Import Arith. +From Stdlib Require Import Arith. Require Import VST.msl.base. Require Import VST.msl.ageable. Require Import VST.msl.predicates_hered. diff --git a/msl/tree_shares.v b/msl/tree_shares.v index 85326db6bb..5c9a249cec 100644 --- a/msl/tree_shares.v +++ b/msl/tree_shares.v @@ -9,8 +9,7 @@ Require Import VST.msl.eq_dec. Require Import VST.msl.sepalg. Require Import VST.msl.boolean_alg. -Require Import Recdef. -Require Import ZArith. +From Stdlib Require Import Recdef ZArith. (** This module implements a share model via binary trees with boolean-labeled leaves. diff --git a/progs/append.v b/progs/append.v index 1d51ae9b80..b4313c38e2 100644 --- a/progs/append.v +++ b/progs/append.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/bin_search.v b/progs/bin_search.v index 8e65929fe7..d26e1302d7 100644 --- a/progs/bin_search.v +++ b/progs/bin_search.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/bst.v b/progs/bst.v index d7fc056d76..6fa398e70d 100644 --- a/progs/bst.v +++ b/progs/bst.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/bst_oo.v b/progs/bst_oo.v index 8b29f7b5d0..9669151cdd 100644 --- a/progs/bst_oo.v +++ b/progs/bst_oo.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/cast_test.v b/progs/cast_test.v index 535db55ef8..c49d06da53 100644 --- a/progs/cast_test.v +++ b/progs/cast_test.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/conc_queue_specs.v b/progs/conc_queue_specs.v index 495ad255ce..93804a91b2 100644 --- a/progs/conc_queue_specs.v +++ b/progs/conc_queue_specs.v @@ -480,7 +480,7 @@ Proof. - split; [rewrite Zlength_correct; lia|]; transitivity MAX; try lia; unfold MAX; computable. - split; [rewrite Zlength_correct; lia|]; transitivity MAX; try lia; unfold MAX; computable. } assert (map fst vals1 = map fst vals2) as Heq. - { eapply complete_inj; [|rewrite !map_length; auto]. + { eapply complete_inj; [|rewrite !length_map; auto]. eapply rotate_inj; eauto; try lia. repeat rewrite length_complete; try rewrite Zlength_map; auto. rewrite Zlength_complete; try rewrite Zlength_map; lia. } diff --git a/progs/cond.v b/progs/cond.v index c744acc067..62a3cdc3dc 100644 --- a/progs/cond.v +++ b/progs/cond.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/dotprod.v b/progs/dotprod.v index fc2c343f02..f115c225dc 100644 --- a/progs/dotprod.v +++ b/progs/dotprod.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/dry_mem_lemmas.v b/progs/dry_mem_lemmas.v index 5400ca7c5d..29d969585a 100644 --- a/progs/dry_mem_lemmas.v +++ b/progs/dry_mem_lemmas.v @@ -749,7 +749,7 @@ Lemma encode_vals_length : forall lv, length (concat (map (encode_val Mint8unsigned) lv)) = length lv. Proof. induction lv; auto; simpl. - rewrite app_length, IHlv. + rewrite length_app, IHlv. unfold encode_val; simpl. destruct a; auto. Qed. diff --git a/progs/even.v b/progs/even.v index afa4ef7efe..67e7971892 100644 --- a/progs/even.v +++ b/progs/even.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/fib.v b/progs/fib.v index 765eb42862..07ce12d79b 100644 --- a/progs/fib.v +++ b/progs/fib.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/field_loadstore.v b/progs/field_loadstore.v index 8bb0e5eab0..48be274bd5 100644 --- a/progs/field_loadstore.v +++ b/progs/field_loadstore.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/float.v b/progs/float.v index 357f8e98f7..ffae421ca6 100644 --- a/progs/float.v +++ b/progs/float.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/floyd_tests.v b/progs/floyd_tests.v index c594234e7e..8966d7c36b 100644 --- a/progs/floyd_tests.v +++ b/progs/floyd_tests.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/funcptr.v b/progs/funcptr.v index 408feb5ba6..33bab26baf 100644 --- a/progs/funcptr.v +++ b/progs/funcptr.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/global.v b/progs/global.v index e9f42fba1c..a1d7a6b31a 100644 --- a/progs/global.v +++ b/progs/global.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/incr.v b/progs/incr.v index f2d3d8734c..b219caa093 100644 --- a/progs/incr.v +++ b/progs/incr.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/incr2.v b/progs/incr2.v index 20711ff386..e1f29e6b83 100644 --- a/progs/incr2.v +++ b/progs/incr2.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Local Open Scope Z_scope. diff --git a/progs/incrN.v b/progs/incrN.v index 745dcb3538..d723180571 100644 --- a/progs/incrN.v +++ b/progs/incrN.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/insertionsort.v b/progs/insertionsort.v index d6bd33947f..147a2750c1 100644 --- a/progs/insertionsort.v +++ b/progs/insertionsort.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/int_or_ptr.v b/progs/int_or_ptr.v index 4ea12ec813..099b4d87cf 100644 --- a/progs/int_or_ptr.v +++ b/progs/int_or_ptr.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/io.v b/progs/io.v index 04df555240..9f185e5b04 100644 --- a/progs/io.v +++ b/progs/io.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/io_mem.v b/progs/io_mem.v index c9ffa7feb1..046fdebcac 100644 --- a/progs/io_mem.v +++ b/progs/io_mem.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/io_mem_dry.v b/progs/io_mem_dry.v index c07294c4fd..5999e44094 100644 --- a/progs/io_mem_dry.v +++ b/progs/io_mem_dry.v @@ -20,7 +20,7 @@ Proof. intros. rewrite !Zlength_correct; f_equal. unfold bytes_to_memvals. - rewrite <- map_map, encode_vals_length, map_length; auto. + rewrite <- map_map, encode_vals_length, length_map; auto. Qed. Context {E : Type -> Type} {IO_E : @IO_event nat -< E}. diff --git a/progs/io_os_connection.v b/progs/io_os_connection.v index d0f12be9a6..8038159e5a 100644 --- a/progs/io_os_connection.v +++ b/progs/io_os_connection.v @@ -585,7 +585,7 @@ Section Invariants. intros * Heq. enough (n = nth (length pre) (seq start len) O); subst. { rewrite Heq, app_nth2, Nat.sub_diag, seq_nth; auto; cbn. - rewrite <- (seq_length len start), Heq, app_length; cbn; lia. + rewrite <- (seq_length len start), Heq, length_app; cbn; lia. } rewrite Heq, app_nth2, Nat.sub_diag; auto. Qed. @@ -597,7 +597,7 @@ Section Invariants. unfold enumerate; intros * Heq. apply (f_equal (map fst)) in Heq. rewrite combine_fst, map_app in Heq; cbn in Heq. - apply seq_nth_app in Heq; subst; cbn; auto using map_length. + apply seq_nth_app in Heq; subst; cbn; auto using length_map. rewrite <- Nat2Z.id, <- Zlength_length; rewrite <- Zlength_correct. - rewrite !Zlength_correct, seq_length; auto. - apply Zlength_nonneg. @@ -625,7 +625,7 @@ Section Invariants. destruct ev; cbn; f_equal; auto. } rewrite Henum in Heq. - apply enumerate_length in Heq; subst; auto using map_length. + apply enumerate_length in Heq; subst; auto using length_map. Qed. Corollary mkRecvEvents_ordered : forall cs logIdx strIdx c strIdx' c' pre mid post, @@ -636,7 +636,7 @@ Section Invariants. pose proof Heq as Heq'. rewrite app_comm_cons, app_assoc in Heq'. apply mkRecvEvents_strIdx in Heq; apply mkRecvEvents_strIdx in Heq'; subst. - rewrite app_length; cbn; lia. + rewrite length_app; cbn; lia. Qed. Lemma mkRecvEvents_cons : forall cs c logIdx, @@ -1443,10 +1443,10 @@ Section Invariants. apply common_prefix_correct in Heq; apply common_prefix_correct in Heq'. destruct Heq, Heq'; subst. unfold strip_common_prefix in *. - rewrite !app_length, leb_correct in * by lia. + rewrite !length_app, leb_correct in * by lia. rewrite <- app_assoc. rewrite common_prefix_app, skipn_app1, skipn_exact_length in *; - rewrite ?app_length; auto; cbn in *. + rewrite ?length_app; auto; cbn in *. rewrite trace_of_ostrace_app. rewrite Htr; destruct Htr' as [(? & ->) | ?]; subst; auto. Qed. @@ -1461,10 +1461,10 @@ Section Invariants. apply common_prefix_correct in Heq; apply common_prefix_correct in Heq'. destruct Heq, Heq'; subst. unfold strip_common_prefix in *. - rewrite !app_length, leb_correct in * by lia. + rewrite !length_app, leb_correct in * by lia. rewrite <- app_assoc. rewrite common_prefix_app, skipn_app1, skipn_exact_length in *; - rewrite ?app_length; auto; cbn in *. + rewrite ?length_app; auto; cbn in *. rewrite trace_of_ostrace_app. rewrite Htr'; destruct Htr as [(? & ->) | (? & ->)]; subst; auto; constructor. Qed. @@ -1487,10 +1487,10 @@ Section Invariants. apply common_prefix_correct in Heq; apply common_prefix_correct in Heq'. destruct Heq, Heq'; subst. unfold strip_common_prefix in *. - rewrite !app_length, leb_correct in * by lia. + rewrite !length_app, leb_correct in * by lia. rewrite <- app_assoc. rewrite common_prefix_app, skipn_app1, skipn_exact_length in *; - rewrite ?app_length; auto; cbn in *. + rewrite ?length_app; auto; cbn in *. rewrite trace_of_ostrace_app. pose proof (Z.mod_pos_bound c 256 ltac:(lia)). rewrite Htr; destruct Htr' as [(? & ->) | ?]; subst; auto. @@ -1506,10 +1506,10 @@ Section Invariants. apply common_prefix_correct in Heq; apply common_prefix_correct in Heq'. destruct Heq, Heq'; subst. unfold strip_common_prefix in *. - rewrite !app_length, leb_correct in * by lia. + rewrite !length_app, leb_correct in * by lia. rewrite <- app_assoc. rewrite common_prefix_app, skipn_app1, skipn_exact_length in *; - rewrite ?app_length; auto; cbn in *. + rewrite ?length_app; auto; cbn in *. rewrite trace_of_ostrace_app. pose proof (Z.mod_pos_bound c 256 ltac:(lia)). rewrite Htr'; destruct Htr as [(? & ->) | (? & ->)]; subst; auto. @@ -1522,11 +1522,11 @@ Section Invariants. unfold cons_intr_aux, nil_trace_case; intros * Hspec; destruct_spec Hspec. - prename (Coqlib.zeq _ _ = _) into Htmp; clear Htmp. destruct st; cbn in *; subst; cbn in *. - rewrite common_prefix_app, app_length, leb_correct by lia. + rewrite common_prefix_app, length_app, leb_correct by lia. rewrite skipn_app1, skipn_exact_length; cbn; auto using mkRecvEvents_not_visible. - prename (Coqlib.zeq _ _ = _) into Htmp; clear Htmp. destruct st; cbn in *; subst; cbn in *. - rewrite common_prefix_app, app_length, leb_correct by lia. + rewrite common_prefix_app, length_app, leb_correct by lia. rewrite skipn_app1, skipn_exact_length; cbn; auto using mkRecvEvents_not_visible. Qed. @@ -1566,9 +1566,9 @@ Section Invariants. destruct Heq; subst; red. rewrite <- Htr; unfold strip_common_prefix. rewrite common_prefix_app, <- app_assoc, common_prefix_app. - rewrite !app_length, !leb_correct by (cbn; lia). + rewrite !length_app, !leb_correct by (cbn; lia). rewrite skipn_app1, skipn_exact_length; auto. - rewrite (app_assoc io_log), <- app_length. + rewrite (app_assoc io_log), <- length_app. rewrite skipn_app1, skipn_exact_length; cbn; auto. - prename cons_intr_aux into Hspec'. eapply cons_intr_aux_trace_case in Hspec'. @@ -1583,9 +1583,9 @@ Section Invariants. destruct Heq; subst; red. rewrite <- Htr; unfold strip_common_prefix. rewrite common_prefix_app, <- app_assoc, common_prefix_app. - rewrite !app_length, !leb_correct by (cbn; lia). + rewrite !length_app, !leb_correct by (cbn; lia). rewrite skipn_app1, skipn_exact_length; auto. - rewrite (app_assoc io_log), <- app_length. + rewrite (app_assoc io_log), <- length_app. rewrite skipn_app1, skipn_exact_length; cbn; auto. Qed. @@ -1639,12 +1639,12 @@ Section Invariants. - prename (Coqlib.zeq _ _ = _) into Htmp; clear Htmp. destruct st; cbn in *; subst; red. unfold strip_common_prefix. - rewrite !app_length, leb_correct by lia. + rewrite !length_app, leb_correct by lia. rewrite common_prefix_app, skipn_app1, skipn_exact_length; auto. - prename (Coqlib.zeq _ _ = _) into Htmp; clear Htmp. destruct st; cbn in *; subst; red. unfold strip_common_prefix. - rewrite !app_length, leb_correct by lia. + rewrite !length_app, leb_correct by lia. rewrite common_prefix_app, skipn_app1, skipn_exact_length; auto. Qed. @@ -1658,7 +1658,7 @@ Section Invariants. prename (cons_buf _ = _) into Hcons. destruct st; cbn in *; unfold getc_trace_case. unfold strip_common_prefix. - rewrite common_prefix_app, app_length, leb_correct by lia. + rewrite common_prefix_app, length_app, leb_correct by lia. rewrite skipn_app1, skipn_exact_length; cbn; auto. Coqlib.inv Hvalid; cbn in *. rewrite vt_trace_console0 in Hcons. diff --git a/progs/libglob.v b/progs/libglob.v index 9168c04cf3..bebe1cc5f1 100644 --- a/progs/libglob.v +++ b/progs/libglob.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/load_demo.v b/progs/load_demo.v index 113708ba89..9e8f8fc4c0 100644 --- a/progs/load_demo.v +++ b/progs/load_demo.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/logical_compare.v b/progs/logical_compare.v index 6dac5df704..89c258ebcc 100644 --- a/progs/logical_compare.v +++ b/progs/logical_compare.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/loop_minus1.v b/progs/loop_minus1.v index c1fcb1e262..80f6048b74 100644 --- a/progs/loop_minus1.v +++ b/progs/loop_minus1.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/merge.v b/progs/merge.v index c48a91a615..c4626cd302 100644 --- a/progs/merge.v +++ b/progs/merge.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/message.v b/progs/message.v index bfa8652c0a..77f25a2165 100644 --- a/progs/message.v +++ b/progs/message.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/min.v b/progs/min.v index 3b6a6959ea..93973dff87 100644 --- a/progs/min.v +++ b/progs/min.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/min64.v b/progs/min64.v index 73cc08a3c7..19ccaa6a2f 100644 --- a/progs/min64.v +++ b/progs/min64.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/mmap_dry.v b/progs/mmap_dry.v index 16cec882ae..eaf94ffd92 100644 --- a/progs/mmap_dry.v +++ b/progs/mmap_dry.v @@ -20,7 +20,7 @@ Proof. intros. rewrite !Zlength_correct; f_equal. unfold bytes_to_memvals. - rewrite <- map_map, encode_vals_length, map_length; auto. + rewrite <- map_map, encode_vals_length, length_map; auto. Qed. Definition mmap_pre (m : mem) (len : Z) := 0 <= len <= Ptrofs.max_unsigned. diff --git a/progs/nest2.v b/progs/nest2.v index d5086297ec..7c11d8fc49 100644 --- a/progs/nest2.v +++ b/progs/nest2.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/nest3.v b/progs/nest3.v index 259aa0c368..1b23a6f3a2 100644 --- a/progs/nest3.v +++ b/progs/nest3.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/object.v b/progs/object.v index a1c58c9585..b9c6fbff3d 100644 --- a/progs/object.v +++ b/progs/object.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/objectSelf.v b/progs/objectSelf.v index cdb6e026bb..eb6f76c044 100644 --- a/progs/objectSelf.v +++ b/progs/objectSelf.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/objectSelfFancy.v b/progs/objectSelfFancy.v index 119debe4e1..7c8bf25579 100644 --- a/progs/objectSelfFancy.v +++ b/progs/objectSelfFancy.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/objectSelfFancyOverriding.v b/progs/objectSelfFancyOverriding.v index 13dc6cd2c6..47998c2f2f 100644 --- a/progs/objectSelfFancyOverriding.v +++ b/progs/objectSelfFancyOverriding.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/odd.v b/progs/odd.v index 1429576885..5ad0d71caf 100644 --- a/progs/odd.v +++ b/progs/odd.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/peel.v b/progs/peel.v index 8a5e6bcc3f..9e9295292b 100644 --- a/progs/peel.v +++ b/progs/peel.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/printf.v b/progs/printf.v index 39d0dc39dd..2dab6d6eeb 100644 --- a/progs/printf.v +++ b/progs/printf.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/ptr_compare.v b/progs/ptr_compare.v index 64a6f3120b..c82d413879 100644 --- a/progs/ptr_compare.v +++ b/progs/ptr_compare.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/queue.v b/progs/queue.v index c2e6b07cb0..513775d3a6 100644 --- a/progs/queue.v +++ b/progs/queue.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/queue2.v b/progs/queue2.v index 3951479981..3883ddabd4 100644 --- a/progs/queue2.v +++ b/progs/queue2.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/revarray.v b/progs/revarray.v index b41cb2f857..fb031256f8 100644 --- a/progs/revarray.v +++ b/progs/revarray.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/reverse.v b/progs/reverse.v index 97ef1b5e0e..aab4adaa7b 100644 --- a/progs/reverse.v +++ b/progs/reverse.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/reverse_client.v b/progs/reverse_client.v index bf2ef0e178..051bea3b4f 100644 --- a/progs/reverse_client.v +++ b/progs/reverse_client.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/rotate.v b/progs/rotate.v index c8c4a3f28d..374e60fb30 100644 --- a/progs/rotate.v +++ b/progs/rotate.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/stackframe_demo.v b/progs/stackframe_demo.v index 207bf577ce..af252cbc8d 100644 --- a/progs/stackframe_demo.v +++ b/progs/stackframe_demo.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/store_demo.v b/progs/store_demo.v index 4a8b56acbb..8cd02d0ca4 100644 --- a/progs/store_demo.v +++ b/progs/store_demo.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/string.v b/progs/string.v index e95dfaee40..5748063fd3 100644 --- a/progs/string.v +++ b/progs/string.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/strlib.v b/progs/strlib.v index 2301f44ccf..de3fd2a1f8 100644 --- a/progs/strlib.v +++ b/progs/strlib.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/structcopy.v b/progs/structcopy.v index 6db2b92d2a..4f8adff1ac 100644 --- a/progs/structcopy.v +++ b/progs/structcopy.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/sumarray.v b/progs/sumarray.v index 826a8f9aaa..0074ea14ae 100644 --- a/progs/sumarray.v +++ b/progs/sumarray.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/sumarray2.v b/progs/sumarray2.v index 206a322669..6270df4b70 100644 --- a/progs/sumarray2.v +++ b/progs/sumarray2.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/switch.v b/progs/switch.v index de184d453e..4a6f7a789b 100644 --- a/progs/switch.v +++ b/progs/switch.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/tree.v b/progs/tree.v index dbda269e98..66cf3cfbe3 100644 --- a/progs/tree.v +++ b/progs/tree.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/union.v b/progs/union.v index 9deb123669..939db6355c 100644 --- a/progs/union.v +++ b/progs/union.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs/verif_btree.v b/progs/verif_btree.v index 249d9fe77e..98c8a85a4b 100644 --- a/progs/verif_btree.v +++ b/progs/verif_btree.v @@ -303,8 +303,8 @@ Section BTree. length (replace i x l) = length l. Proof. intros; unfold replace. - rewrite app_length; simpl. - rewrite firstn_length, skipn_length. + rewrite length_app; simpl. + rewrite length_firstn, length_skipn. rewrite Min.min_l; lia. Qed. @@ -351,7 +351,7 @@ Section BTree. Proof. intros; unfold replace. assert (length (firstn i l) = i) as Hlen. - { rewrite firstn_length, Min.min_l; auto. } + { rewrite length_firstn, Min.min_l; auto. } rewrite nth_error_app2; rewrite Hlen; auto. rewrite minus_diag; auto. Qed. @@ -463,7 +463,7 @@ Section BTree. rewrite Hchildren; split; auto. apply Forall_insert. + apply Forall_replace'; auto; simpl. - repeat rewrite skipn_length. + repeat rewrite length_skipn. destruct Hover as (Hover & Hwf); rewrite Hover. rewrite NPeano.Nat.add_1_r, odd_div; simpl. split; try lia. @@ -473,13 +473,13 @@ Section BTree. rewrite (alt_Forall wf_btree_aux). apply Forall_skipn; auto. + unfold wf_btree_aux; fold wf_btree_aux. - rewrite firstn_length, Min.min_l; [|apply Nat.div_le_upper_bound; lia]. + rewrite length_firstn, Min.min_l; [|apply Nat.div_le_upper_bound; lia]. unfold wf_btree_over in Hover. destruct Hover as (Hover & Hwf); rewrite Hover. rewrite NPeano.Nat.add_1_r, odd_div; simpl. split; [lia|]. destruct Hwf as [|(Hlen & ?)]; [subst; rewrite firstn_nil; auto | right]. - rewrite firstn_length, Hlen, Hover, Min.min_l; [|lia]. + rewrite length_firstn, Hlen, Hover, Min.min_l; [|lia]. split; auto. rewrite (alt_Forall wf_btree_aux). apply Forall_firstn; auto. @@ -502,7 +502,7 @@ Section BTree. rewrite Hchildren; split; auto. apply Forall_insert. + apply Forall_replace'; auto; simpl. - repeat rewrite skipn_length. + repeat rewrite length_skipn. destruct Hover as (Hover & Hwf); rewrite Hover. rewrite NPeano.Nat.add_1_r, odd_div; simpl. split; try lia. @@ -512,13 +512,13 @@ Section BTree. rewrite (alt_Forall wf_btree_aux). apply Forall_skipn; auto. + unfold wf_btree_aux; fold wf_btree_aux. - rewrite firstn_length, Min.min_l; [|apply Nat.div_le_upper_bound; lia]. + rewrite length_firstn, Min.min_l; [|apply Nat.div_le_upper_bound; lia]. unfold wf_btree_over in Hover. destruct Hover as (Hover & Hwf); rewrite Hover. rewrite NPeano.Nat.add_1_r, odd_div; simpl. split; [lia|]. destruct Hwf as [|(Hlen & ?)]; [subst; rewrite firstn_nil; auto | right]. - rewrite firstn_length, Hlen, Hover, Min.min_l; [|lia]. + rewrite length_firstn, Hlen, Hover, Min.min_l; [|lia]. split; auto. rewrite (alt_Forall wf_btree_aux). apply Forall_firstn; auto. @@ -537,7 +537,7 @@ Section BTree. remove_at i (replace i x l) = remove_at i l. Proof. intros; unfold remove_at, replace. - assert (length (firstn i l) = i) as Hlen by (rewrite firstn_length, Min.min_l; auto). + assert (length (firstn i l) = i) as Hlen by (rewrite length_firstn, Min.min_l; auto). rewrite firstn_app1, firstn_firstn, skipn_app2; auto; rewrite Hlen; auto. rewrite <- minus_Sn_m, minus_diag; auto. Qed. @@ -795,11 +795,11 @@ Section BTree. destruct H as (Hover & Hwf'); rewrite Hover. rewrite (Nat.add_1_r (2 * d)), odd_div. unfold replace; simpl; constructor; [|constructor; auto]; simpl. - + rewrite firstn_length, Min.min_l; [split|]; try lia. + + rewrite length_firstn, Min.min_l; [split|]; try lia. destruct Hwf' as [|(? & ?)]; subst; auto; right. - rewrite firstn_length, Min.min_l; [split; auto | lia]. + rewrite length_firstn, Min.min_l; [split; auto | lia]. rewrite (alt_Forall wf_btree_aux); apply Forall_firstn; auto. - + repeat rewrite skipn_length; split; [lia|]. + + repeat rewrite length_skipn; split; [lia|]. destruct Hwf' as [|(? & ?)]; subst; auto; right. split; [lia|]. rewrite (alt_Forall wf_btree_aux); apply Forall_skipn; auto. diff --git a/progs/verif_cond_queue.v b/progs/verif_cond_queue.v index 1fdbc6a0f6..3e553c3c6a 100644 --- a/progs/verif_cond_queue.v +++ b/progs/verif_cond_queue.v @@ -200,7 +200,7 @@ Proof. { rewrite Z.add_simpl_r; split; auto; rewrite Zlength_correct; lia. } assert (Znth (Zlength reqs + 1 - 1) (complete MAX (reqs ++ [req])) Vundef = req) as Hnth. { rewrite Z.add_simpl_r, Znth_complete; - [|repeat rewrite Zlength_correct; rewrite app_length; simpl; Omega0]. + [|repeat rewrite Zlength_correct; rewrite length_app; simpl; Omega0]. rewrite app_Znth2, Zminus_diag; [auto | lia]. } forward. { entailer!. @@ -357,7 +357,7 @@ Proof. { simpl. Exists (reqs0 ++ [r]); cancel. unfold fold_right at 2; unfold fold_right at 1; cancel. - repeat rewrite Zlength_correct; rewrite app_length; simpl. + repeat rewrite Zlength_correct; rewrite length_app; simpl. rewrite Nat2Z.inj_add. repeat rewrite map_app; simpl; rewrite sepcon_app; simpl. unfold fold_right at 1; cancel; entailer'. @@ -411,7 +411,7 @@ Proof. - assert (reqs0 <> []) as Hreqs. { intro; subst; unfold Zlength in *; simpl in *; contradiction HRE; auto. } rewrite (app_removelast_last (Vint (Int.repr 0)) Hreqs) in *. - rewrite Zlength_correct, app_length; simpl. + rewrite Zlength_correct, length_app; simpl. rewrite Nat2Z.inj_add, <- Zlength_correct; simpl. rewrite Zlength_app, Zlength_cons, Zlength_nil in *; simpl in *. match goal with H : Forall isptr (_ ++ _) |- _ => diff --git a/progs/verif_queue_ex.v b/progs/verif_queue_ex.v index 2b0d5edae1..b78da209df 100644 --- a/progs/verif_queue_ex.v +++ b/progs/verif_queue_ex.v @@ -698,14 +698,14 @@ Proof. lqueue Tsh tint (is_int I32 Signed) q lock sh1 sh2 h'). { assert (length lshs1 = length (map (fun vals => map (fun x => let '(p, i) := x in QRem p (Vint i)) vals) (rev vals))). - { rewrite !map_length, rev_length; rewrite Zlength_correct in *; abstract lia. } + { rewrite !length_map, length_rev; rewrite Zlength_correct in *; abstract lia. } go_lowerx; eapply derives_trans; [|apply lqueue_shares_join; [eauto | rewrite Hlenl1; eauto]]. subst lsh'; cancel. rewrite combine_map_snd, map_map. rewrite <- sepcon_rev, <- map_rev, rev_combine, rev_involutive. erewrite map_ext; [apply derives_refl|]. destruct a; auto. - { rewrite rev_length, map_length, rev_length in *; auto. } } + { rewrite length_rev, length_map, rev_length in *; auto. } } Intros h'. repeat (destruct ptrs; [rewrite Zlength_nil in *; discriminate | rewrite Zlength_cons in *]). destruct ptrs; [|rewrite Zlength_cons, Zlength_correct in *; lia]. diff --git a/progs64/VSUpile/apile.v b/progs64/VSUpile/apile.v index a641414fa2..4d175c53d2 100644 --- a/progs64/VSUpile/apile.v +++ b/progs64/VSUpile/apile.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/VSUpile/fast/fastapile.v b/progs64/VSUpile/fast/fastapile.v index 5e6062991d..c50d8b4dd7 100644 --- a/progs64/VSUpile/fast/fastapile.v +++ b/progs64/VSUpile/fast/fastapile.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/VSUpile/fast/fastpile.v b/progs64/VSUpile/fast/fastpile.v index 33c0b48544..f38ee4548a 100644 --- a/progs64/VSUpile/fast/fastpile.v +++ b/progs64/VSUpile/fast/fastpile.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/VSUpile/main.v b/progs64/VSUpile/main.v index dc8b61edbf..74ba212069 100644 --- a/progs64/VSUpile/main.v +++ b/progs64/VSUpile/main.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/VSUpile/onepile.v b/progs64/VSUpile/onepile.v index aa7d3d8bc7..f4fed78e56 100644 --- a/progs64/VSUpile/onepile.v +++ b/progs64/VSUpile/onepile.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/VSUpile/pile.v b/progs64/VSUpile/pile.v index 1ba742e28a..93855e56c0 100644 --- a/progs64/VSUpile/pile.v +++ b/progs64/VSUpile/pile.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/VSUpile/stdlib.v b/progs64/VSUpile/stdlib.v index 50b22a9bab..b46644b0b5 100644 --- a/progs64/VSUpile/stdlib.v +++ b/progs64/VSUpile/stdlib.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/VSUpile/triang.v b/progs64/VSUpile/triang.v index fb1664d585..58e85ff0c1 100644 --- a/progs64/VSUpile/triang.v +++ b/progs64/VSUpile/triang.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/append.v b/progs64/append.v index b3d0556dea..9267b5c1bf 100644 --- a/progs64/append.v +++ b/progs64/append.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/bin_search.v b/progs64/bin_search.v index a97f63aeb2..874654e7d9 100644 --- a/progs64/bin_search.v +++ b/progs64/bin_search.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/bst.v b/progs64/bst.v index 35b24d59cf..e77e3601ff 100644 --- a/progs64/bst.v +++ b/progs64/bst.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/dry_mem_lemmas.v b/progs64/dry_mem_lemmas.v index 1e7219d928..64828e8ea2 100644 --- a/progs64/dry_mem_lemmas.v +++ b/progs64/dry_mem_lemmas.v @@ -749,7 +749,7 @@ Lemma encode_vals_length : forall lv, length (concat (map (encode_val Mint8unsigned) lv)) = length lv. Proof. induction lv; auto; simpl. - rewrite app_length, IHlv. + rewrite length_app, IHlv. unfold encode_val; simpl. destruct a; auto. Qed. diff --git a/progs64/field_loadstore.v b/progs64/field_loadstore.v index ce5cc315a1..957343e851 100644 --- a/progs64/field_loadstore.v +++ b/progs64/field_loadstore.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/float.v b/progs64/float.v index 681dc0068b..32ca45cbc6 100644 --- a/progs64/float.v +++ b/progs64/float.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/fptr_cmp.v b/progs64/fptr_cmp.v index c369925a4b..12bbdbe171 100644 --- a/progs64/fptr_cmp.v +++ b/progs64/fptr_cmp.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/global.v b/progs64/global.v index 46eb30193a..40c205423c 100644 --- a/progs64/global.v +++ b/progs64/global.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/incr.v b/progs64/incr.v index 0c72755d8f..daaa1d8913 100644 --- a/progs64/incr.v +++ b/progs64/incr.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/incrN.v b/progs64/incrN.v index 69e8ed45f6..c0029eaa76 100644 --- a/progs64/incrN.v +++ b/progs64/incrN.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/io.v b/progs64/io.v index 50f7621aad..278f4a397b 100644 --- a/progs64/io.v +++ b/progs64/io.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/io_combine.v b/progs64/io_combine.v index b6a3664486..60db9ff36a 100644 --- a/progs64/io_combine.v +++ b/progs64/io_combine.v @@ -11,7 +11,7 @@ Require Import VST.concurrency.conclib. Require Import VST.sepcomp.semantics. Require Import ITree.ITree. Require Import ITree.Interp.Traces. -Require Import Ensembles. +From Stdlib Require Import Ensembles. Require Import VST.progs64.io_specs. Require Import VST.progs64.io_dry. Require Import VST.progs64.io_os_specs. diff --git a/progs64/io_mem.v b/progs64/io_mem.v index a182b61945..2e7f933366 100644 --- a/progs64/io_mem.v +++ b/progs64/io_mem.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/io_mem_dry.v b/progs64/io_mem_dry.v index 74e53eaabc..8d842af99d 100644 --- a/progs64/io_mem_dry.v +++ b/progs64/io_mem_dry.v @@ -20,7 +20,7 @@ Proof. intros. rewrite !Zlength_correct; f_equal. unfold bytes_to_memvals. - rewrite <- map_map, encode_vals_length, map_length; auto. + rewrite <- map_map, encode_vals_length, length_map; auto. Qed. Context {E : Type -> Type} {IO_E : @IO_event nat -< E}. diff --git a/progs64/io_os_connection.v b/progs64/io_os_connection.v index 2c1570a8d8..54f5842208 100644 --- a/progs64/io_os_connection.v +++ b/progs64/io_os_connection.v @@ -1,6 +1,6 @@ -Require Import List. -Require Import ZArith. -Require Import Psatz. +From Stdlib Require Import List. +From Stdlib Require Import ZArith. +From Stdlib Require Import Psatz. Require Import ITree.ITree. Require Import ITree.Interp.Traces. Require Import compcert.lib.Maps. @@ -15,6 +15,7 @@ Require Import VST.progs64.io_os_specs. Require Import VST.zlist.sublist. Require Import VST.progs64.os_combine. Import ExtLib.Structures.Monad. +From Stdlib Require Import FinFun. Opaque eq_dec.eq_dec. @@ -565,8 +566,6 @@ Section Invariants. intros Hin; apply in_combine_l in Hin; easy. Qed. -Require Import FinFun. - Lemma mkRecvEvents_NoDup : forall logIdx cs, NoDup (mkRecvEvents logIdx cs). Proof. @@ -579,7 +578,7 @@ Require Import FinFun. Zlength (enumerate xs) = Zlength xs. Proof. unfold enumerate; intros. - rewrite Zlength_combine, !Zlength_correct, seq_length; lia. + rewrite Zlength_combine, !Zlength_correct, length_seq; lia. Qed. Lemma seq_nth_app : forall len start n pre post, @@ -589,7 +588,7 @@ Require Import FinFun. intros * Heq. enough (n = nth (length pre) (seq start len) O); subst. { rewrite Heq, app_nth2, Nat.sub_diag, seq_nth; auto; cbn. - rewrite <- (seq_length len start), Heq, app_length; cbn; lia. + rewrite <- (length_seq len start), Heq, length_app; cbn; lia. } rewrite Heq, app_nth2, Nat.sub_diag; auto. Qed. @@ -601,9 +600,9 @@ Require Import FinFun. unfold enumerate; intros * Heq. apply (f_equal (map fst)) in Heq. rewrite combine_fst, map_app in Heq; cbn in Heq. - apply seq_nth_app in Heq; subst; cbn; auto using map_length. + apply seq_nth_app in Heq; subst; cbn; auto using length_map. rewrite <- Nat2Z.id, <- Zlength_length; rewrite <- Zlength_correct. - - rewrite !Zlength_correct, seq_length; auto. + - rewrite !Zlength_correct, length_seq; auto. - apply Zlength_nonneg. Qed. @@ -629,7 +628,7 @@ Require Import FinFun. destruct ev; cbn; f_equal; auto. } rewrite Henum in Heq. - apply enumerate_length in Heq; subst; auto using map_length. + apply enumerate_length in Heq; subst; auto using length_map. Qed. Corollary mkRecvEvents_ordered : forall cs logIdx strIdx c strIdx' c' pre mid post, @@ -640,7 +639,7 @@ Require Import FinFun. pose proof Heq as Heq'. rewrite app_comm_cons, app_assoc in Heq'. apply mkRecvEvents_strIdx in Heq; apply mkRecvEvents_strIdx in Heq'; subst. - rewrite app_length; cbn; lia. + rewrite length_app; cbn; lia. Qed. Lemma mkRecvEvents_cons : forall cs c logIdx, @@ -1447,10 +1446,10 @@ Require Import FinFun. apply common_prefix_correct in Heq; apply common_prefix_correct in Heq'. destruct Heq, Heq'; subst. unfold strip_common_prefix in *. - rewrite !app_length, leb_correct in * by lia. + rewrite !length_app, leb_correct in * by lia. rewrite <- app_assoc. rewrite common_prefix_app, skipn_app1, skipn_exact_length in *; - rewrite ?app_length; auto; cbn in *. + rewrite ?length_app; auto; cbn in *. rewrite trace_of_ostrace_app. rewrite Htr; destruct Htr' as [(? & ->) | ?]; subst; auto. Qed. @@ -1465,10 +1464,10 @@ Require Import FinFun. apply common_prefix_correct in Heq; apply common_prefix_correct in Heq'. destruct Heq, Heq'; subst. unfold strip_common_prefix in *. - rewrite !app_length, leb_correct in * by lia. + rewrite !length_app, leb_correct in * by lia. rewrite <- app_assoc. rewrite common_prefix_app, skipn_app1, skipn_exact_length in *; - rewrite ?app_length; auto; cbn in *. + rewrite ?length_app; auto; cbn in *. rewrite trace_of_ostrace_app. rewrite Htr'; destruct Htr as [(? & ->) | (? & ->)]; subst; auto; constructor. Qed. @@ -1491,10 +1490,10 @@ Require Import FinFun. apply common_prefix_correct in Heq; apply common_prefix_correct in Heq'. destruct Heq, Heq'; subst. unfold strip_common_prefix in *. - rewrite !app_length, leb_correct in * by lia. + rewrite !length_app, leb_correct in * by lia. rewrite <- app_assoc. rewrite common_prefix_app, skipn_app1, skipn_exact_length in *; - rewrite ?app_length; auto; cbn in *. + rewrite ?length_app; auto; cbn in *. rewrite trace_of_ostrace_app. pose proof (Z.mod_pos_bound c 256 ltac:(lia)). rewrite Htr; destruct Htr' as [(? & ->) | ?]; subst; auto. @@ -1510,10 +1509,10 @@ Require Import FinFun. apply common_prefix_correct in Heq; apply common_prefix_correct in Heq'. destruct Heq, Heq'; subst. unfold strip_common_prefix in *. - rewrite !app_length, leb_correct in * by lia. + rewrite !length_app, leb_correct in * by lia. rewrite <- app_assoc. rewrite common_prefix_app, skipn_app1, skipn_exact_length in *; - rewrite ?app_length; auto; cbn in *. + rewrite ?length_app; auto; cbn in *. rewrite trace_of_ostrace_app. pose proof (Z.mod_pos_bound c 256 ltac:(lia)). rewrite Htr'; destruct Htr as [(? & ->) | (? & ->)]; subst; auto. @@ -1526,11 +1525,11 @@ Require Import FinFun. unfold cons_intr_aux, nil_trace_case; intros * Hspec; destruct_spec Hspec. - prename (Coqlib.zeq _ _ = _) into Htmp; clear Htmp. destruct st; cbn in *; subst; cbn in *. - rewrite common_prefix_app, app_length, leb_correct by lia. + rewrite common_prefix_app, length_app, leb_correct by lia. rewrite skipn_app1, skipn_exact_length; cbn; auto using mkRecvEvents_not_visible. - prename (Coqlib.zeq _ _ = _) into Htmp; clear Htmp. destruct st; cbn in *; subst; cbn in *. - rewrite common_prefix_app, app_length, leb_correct by lia. + rewrite common_prefix_app, length_app, leb_correct by lia. rewrite skipn_app1, skipn_exact_length; cbn; auto using mkRecvEvents_not_visible. Qed. @@ -1570,9 +1569,9 @@ Require Import FinFun. destruct Heq; subst; red. rewrite <- Htr; unfold strip_common_prefix. rewrite common_prefix_app, <- app_assoc, common_prefix_app. - rewrite !app_length, !leb_correct by (cbn; lia). + rewrite !length_app, !leb_correct by (cbn; lia). rewrite skipn_app1, skipn_exact_length; auto. - rewrite (app_assoc io_log), <- app_length. + rewrite (app_assoc io_log), <- length_app. rewrite skipn_app1, skipn_exact_length; cbn; auto. - prename cons_intr_aux into Hspec'. eapply cons_intr_aux_trace_case in Hspec'. @@ -1587,9 +1586,9 @@ Require Import FinFun. destruct Heq; subst; red. rewrite <- Htr; unfold strip_common_prefix. rewrite common_prefix_app, <- app_assoc, common_prefix_app. - rewrite !app_length, !leb_correct by (cbn; lia). + rewrite !length_app, !leb_correct by (cbn; lia). rewrite skipn_app1, skipn_exact_length; auto. - rewrite (app_assoc io_log), <- app_length. + rewrite (app_assoc io_log), <- length_app. rewrite skipn_app1, skipn_exact_length; cbn; auto. Qed. @@ -1643,12 +1642,12 @@ Require Import FinFun. - prename (Coqlib.zeq _ _ = _) into Htmp; clear Htmp. destruct st; cbn in *; subst; red. unfold strip_common_prefix. - rewrite !app_length, leb_correct by lia. + rewrite !length_app, leb_correct by lia. rewrite common_prefix_app, skipn_app1, skipn_exact_length; auto. - prename (Coqlib.zeq _ _ = _) into Htmp; clear Htmp. destruct st; cbn in *; subst; red. unfold strip_common_prefix. - rewrite !app_length, leb_correct by lia. + rewrite !length_app, leb_correct by lia. rewrite common_prefix_app, skipn_app1, skipn_exact_length; auto. Qed. @@ -1662,7 +1661,7 @@ Require Import FinFun. prename (cons_buf _ = _) into Hcons. destruct st; cbn in *; unfold getc_trace_case. unfold strip_common_prefix. - rewrite common_prefix_app, app_length, leb_correct by lia. + rewrite common_prefix_app, length_app, leb_correct by lia. rewrite skipn_app1, skipn_exact_length; cbn; auto. Coqlib.inv Hvalid; cbn in *. rewrite vt_trace_console0 in Hcons. diff --git a/progs64/io_os_specs.v b/progs64/io_os_specs.v index 92687cd253..d2d5e98251 100644 --- a/progs64/io_os_specs.v +++ b/progs64/io_os_specs.v @@ -5,8 +5,7 @@ Require Import compcert.common.AST. Require Import compcert.common.Memory. Require Import compcert.common.Values. Require Import Decimal. -Require Import List. -Require Import ZArith. +From Stdlib Require Import List ZArith. Open Scope Z. (** Utils *) diff --git a/progs64/logical_compare.v b/progs64/logical_compare.v index 19b1433de1..3db6d60e14 100644 --- a/progs64/logical_compare.v +++ b/progs64/logical_compare.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/message.v b/progs64/message.v index 734f5a3c8b..cf5e6eb146 100644 --- a/progs64/message.v +++ b/progs64/message.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/min.v b/progs64/min.v index b2b3a75b73..f5494aea1c 100644 --- a/progs64/min.v +++ b/progs64/min.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/min64.v b/progs64/min64.v index 0eb4e3dc3a..b7c484e1e5 100644 --- a/progs64/min64.v +++ b/progs64/min64.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/nest2.v b/progs64/nest2.v index 677cbf96c1..3ed62ffdb9 100644 --- a/progs64/nest2.v +++ b/progs64/nest2.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/nest3.v b/progs64/nest3.v index 3a6d341b69..c74e061942 100644 --- a/progs64/nest3.v +++ b/progs64/nest3.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/object.v b/progs64/object.v index 0b64e1e566..de4bca0974 100644 --- a/progs64/object.v +++ b/progs64/object.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/os_combine.v b/progs64/os_combine.v index 631f81b75e..2732fd6273 100644 --- a/progs64/os_combine.v +++ b/progs64/os_combine.v @@ -21,7 +21,7 @@ Notation "' p <- t1 ;; t2" := (ITree.bind t1 (fun x_ => match x_ with p => t2 end)) (at level 100, t1 at next level, p pattern, right associativity) : itree_scope. Require Import ITree.Interp.Traces. -Require Import Ensembles. +From Stdlib Require Import Ensembles. Section ext_trace. diff --git a/progs64/printf.v b/progs64/printf.v index acfda1c5bf..72f6a354b9 100644 --- a/progs64/printf.v +++ b/progs64/printf.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/ptr_cmp.v b/progs64/ptr_cmp.v index 36e13a4f90..10c5f026ae 100644 --- a/progs64/ptr_cmp.v +++ b/progs64/ptr_cmp.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Local Open Scope Z_scope. Local Open Scope string_scope. diff --git a/progs64/revarray.v b/progs64/revarray.v index ef46ea2fae..d3b47e0294 100644 --- a/progs64/revarray.v +++ b/progs64/revarray.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/reverse.v b/progs64/reverse.v index cc11a30a14..ffdf080399 100644 --- a/progs64/reverse.v +++ b/progs64/reverse.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/shift.v b/progs64/shift.v index 12eeff091b..4f485a1919 100644 --- a/progs64/shift.v +++ b/progs64/shift.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Local Open Scope Z_scope. diff --git a/progs64/strlib.v b/progs64/strlib.v index faa0bd3d35..7eda04162a 100644 --- a/progs64/strlib.v +++ b/progs64/strlib.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/sumarray.v b/progs64/sumarray.v index 6ecd64bc8b..b5446b0101 100644 --- a/progs64/sumarray.v +++ b/progs64/sumarray.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/switch.v b/progs64/switch.v index 68ae6c2958..27f414b74b 100644 --- a/progs64/switch.v +++ b/progs64/switch.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/union.v b/progs64/union.v index 9afb6f1b58..5d7fca5e45 100644 --- a/progs64/union.v +++ b/progs64/union.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/progs64/verif_min.v b/progs64/verif_min.v index 65a0970ddb..4a4fba6c18 100644 --- a/progs64/verif_min.v +++ b/progs64/verif_min.v @@ -13,8 +13,8 @@ Require Import VST.progs64.min. #[export] Instance CompSpecs : compspecs. make_compspecs prog. Defined. Definition Vprog : varspecs. mk_varspecs prog. Defined. -Require Import ZArith. -Require Import List. +From Stdlib Require Import ZArith. +From Stdlib Require Import List. Import ListNotations. Open Scope Z. diff --git a/progs64/verif_min64.v b/progs64/verif_min64.v index 042abb535b..6f675e975b 100644 --- a/progs64/verif_min64.v +++ b/progs64/verif_min64.v @@ -10,8 +10,8 @@ Require Import VST.progs64.min64. #[export] Instance CompSpecs : compspecs. make_compspecs prog. Defined. Definition Vprog : varspecs. mk_varspecs prog. Defined. -Require Import ZArith. -Require Import List. +From Stdlib Require Import ZArith. +From Stdlib Require Import List. Import ListNotations. Open Scope Z. diff --git a/progs64/verif_switch.v b/progs64/verif_switch.v index f3fbaf4f3f..0df4407dba 100644 --- a/progs64/verif_switch.v +++ b/progs64/verif_switch.v @@ -1,6 +1,6 @@ (* Do not edit this file, it was generated automatically *) Require Import VST.floyd.proofauto. -Require Import Recdef. +From Stdlib Require Import Recdef. #[export] Existing Instance NullExtension.Espec. Require Import VST.progs64.switch. Require Export VST.floyd.Funspec_old_Notation. diff --git a/progs64/verif_union.v b/progs64/verif_union.v index cf371d09df..2d8500f012 100644 --- a/progs64/verif_union.v +++ b/progs64/verif_union.v @@ -146,7 +146,7 @@ rewrite andb_true_iff in H. destruct H as [H H0]. apply Z.leb_le in H0. unfold SpecFloat.canonical_mantissa in H. -apply Zeq_bool_eq in H. +apply Z.eqb_eq in H. unfold FLT.FLT_exp in H. rewrite Digits.Zpos_digits2_pos in H. pose proof (Z.max_lub_l (Digits.Zdigits Zaux.radix2 (Z.pos m) + e - prec) @@ -220,7 +220,7 @@ destruct e0 as [H' ?H]. assert (-149 <= e). { clear - H'. unfold SpecFloat.canonical_mantissa in H'. -apply Zeq_bool_eq in H'. +apply Z.eqb_eq in H'. unfold FLT.FLT_exp in H'. rewrite Digits.Zpos_digits2_pos in H'. pose proof (Z.max_lub_r (Digits.Zdigits Zaux.radix2 (Z.pos m) + e - 24) diff --git a/sepcomp/Address.v b/sepcomp/Address.v index e8ab935f1a..1293ce3e35 100644 --- a/sepcomp/Address.v +++ b/sepcomp/Address.v @@ -3,7 +3,7 @@ Require Import compcert.lib.Integers. Require Import compcert.lib.Floats. Require Import compcert.common.Values. Require Import compcert.common.Memory. -Require Import Coq.micromega.Lia. +From Stdlib Require Import micromega.Lia. Require Import VST.msl.eq_dec. Definition address : Type := (block * Z)%type. diff --git a/sepcomp/event_semantics.v b/sepcomp/event_semantics.v index c95e5d6dec..1f4c41cb2d 100644 --- a/sepcomp/event_semantics.v +++ b/sepcomp/event_semantics.v @@ -6,14 +6,14 @@ Require Import compcert.common.Memory. Require Import compcert.common.Events. Require Import compcert.common.AST. Require Import compcert.common.Globalenvs. -Require Import Lia. +From Stdlib Require Import Lia. Require Import VST.msl.Extensionality. Require Import VST.sepcomp.mem_lemmas. Require Import VST.sepcomp.semantics. Require Import VST.sepcomp.semantics_lemmas. -Require Import Coq.micromega.Lia. +From Stdlib Require Import Lia. (** * Semantics annotated with Owens-style trace*) Inductive mem_event := @@ -205,7 +205,7 @@ Proof. eapply ev_perm. eapply ev_step_elim; eassumption. Qed. Arguments EvSem G C. *) -Require Import List. +From Stdlib Require Import List. Import ListNotations. Definition in_free_list (b : block) ofs xs := diff --git a/sepcomp/extspec.v b/sepcomp/extspec.v index 1eaec1cd28..72f8a97eb8 100644 --- a/sepcomp/extspec.v +++ b/sepcomp/extspec.v @@ -1,4 +1,4 @@ -Require Import Coq.Lists.ListSet. +Require Import Stdlib.Lists.ListSet. Require Import compcert.common.AST. Require Import compcert.common.Values. Require Import compcert.common.Memory. diff --git a/sepcomp/mem_lemmas.v b/sepcomp/mem_lemmas.v index 1d01826591..5189b03a3f 100644 --- a/sepcomp/mem_lemmas.v +++ b/sepcomp/mem_lemmas.v @@ -8,7 +8,7 @@ Require Import compcert.common.Values. Require Import compcert.common.Memory. Require Import compcert.common.Events. Require Import compcert.common.Globalenvs. -Require Import Coq.micromega.Lia. +From Stdlib Require Import Lia. Require Import VST.msl.Extensionality. diff --git a/sepcomp/step_lemmas.v b/sepcomp/step_lemmas.v index f3da503551..bd1c63bf32 100644 --- a/sepcomp/step_lemmas.v +++ b/sepcomp/step_lemmas.v @@ -7,7 +7,7 @@ Require Import compcert.common.Values. Require Import VST.sepcomp.extspec. Require Import VST.sepcomp.semantics. Require Import VST.sepcomp.semantics_lemmas. -Require Import Lia. +From Stdlib Require Import Lia. Definition has_opttyp (v : option val) (t : option typ) := match v, t with diff --git a/sepcomp/submit_shmem/effect_properties.v b/sepcomp/submit_shmem/effect_properties.v index 01602c0371..50b303981a 100644 --- a/sepcomp/submit_shmem/effect_properties.v +++ b/sepcomp/submit_shmem/effect_properties.v @@ -1262,7 +1262,7 @@ destruct (eq_block r b); subst. intuition. assert (M= nil). destruct M; trivial. assert (@length (block * Z) nil = length (rev (p :: M))). rewrite Heqrm; trivial. - rewrite rev_length in H3. simpl in H3. inv H3. + rewrite length_rev in H3. simpl in H3. inv H3. subst. simpl in *. clear H Heqrm H0 H1. specialize (Mem.loadbytes_store_same _ _ _ _ _ _ ST). intros LD. apply loadbytes_D in LD. destruct LD. @@ -1389,7 +1389,7 @@ destruct (eq_block r b); subst. intuition. assert (M= nil). destruct M; trivial. assert (@length (block * Z) nil = length (rev (p :: M))). rewrite Heqrm; trivial. - rewrite rev_length in H3. simpl in H3. inv H3. + rewrite length_rev in H3. simpl in H3. inv H3. subst. simpl in *. clear H Heqrm H0 H1. specialize (Mem.loadbytes_storebytes_same _ _ _ _ _ ST). intros LD. apply loadbytes_D in LD. destruct LD. diff --git a/sha/ByteBitRelations.v b/sha/ByteBitRelations.v index fcc65a3d9e..fa77fc8626 100644 --- a/sha/ByteBitRelations.v +++ b/sha/ByteBitRelations.v @@ -296,9 +296,9 @@ Proof. intros n len. rewrite -> H0. rewrite -> bitsToBytes_app. - rewrite -> app_length. + rewrite -> length_app. rewrite -> H0 in len. - rewrite -> app_length in len. + rewrite -> length_app in len. rewrite -> H in len. destruct n as [ | n']. diff --git a/sha/HMAC256_equivalence.v b/sha/HMAC256_equivalence.v index f80ca90a07..5c1dd446c0 100644 --- a/sha/HMAC256_equivalence.v +++ b/sha/HMAC256_equivalence.v @@ -69,7 +69,7 @@ Definition ipad_v: Bvector b := of_list_length _ ipad_length. *) Lemma fpad_length (v:Bvector c): length (fpad (Vector.to_list v)) = p. Proof. unfold fpad, fpad_inner. rewrite bytesToBits_len. - repeat rewrite app_length. rewrite repeat_length, length_intlist_to_bytelist. + repeat rewrite length_app. rewrite repeat_length, length_intlist_to_bytelist. rewrite (Nat.mul_comm 4), Nat.add_comm, Zlength_correct. rewrite bitsToBytes_len_gen with (n:=32%nat). reflexivity. @@ -118,7 +118,7 @@ Proof. remember ( Compare_dec.leb (length (b :: ssm)) 511) as d. destruct d. exfalso. rewrite Heql in pf. apply Forall_inv in pf. clear Heql. - rewrite firstn_length in pf. + rewrite length_firstn in pf. symmetry in Heqd. apply leb_complete in Heqd. eapply Nat.min_l_iff in pf. lia. rewrite splitAndPad_aux_consD. @@ -319,7 +319,7 @@ SearchAbout sha_splitandpad_inc. split; lia. (* key length *) - { rewrite map_length, bitsToBytes_len_gen with (n:=64%nat). + { rewrite length_map, bitsToBytes_len_gen with (n:=64%nat). reflexivity. rewrite LK; reflexivity. } diff --git a/sha/HMAC256_spec_list.v b/sha/HMAC256_spec_list.v index 569f428aa6..0ef44f1ca7 100644 --- a/sha/HMAC256_spec_list.v +++ b/sha/HMAC256_spec_list.v @@ -29,7 +29,7 @@ Function toBlocks (l : Blist) {measure length l} : list Blist := Proof. intros. subst. remember ((b :: l0)%list) as l. clear Heql. apply leb_complete_conv in teq0. - rewrite skipn_length; lia. + rewrite length_skipn; lia. Qed. Lemma toBlocks_injective: forall l1 l2 (BLKS: toBlocks l1 = toBlocks l2) @@ -50,7 +50,7 @@ Proof. destruct l1; try discriminate. destruct l2; try discriminate. inversion F1; clear F1. rewrite H0 in Heql. assert (L1: (511 < length (front ++ back))%nat). - rewrite app_length, H. lia. + rewrite length_app, H. lia. rewrite leb_correct_conv in Heql; trivial. rewrite firstn_exact in Heql; trivial. rewrite skipn_exact in Heql; trivial. @@ -58,7 +58,7 @@ Proof. inversion F2; clear F2. rewrite H4 in BLKS. assert (L2: (511 < length (front0 ++ back0))%nat). - rewrite app_length, H3. lia. + rewrite length_app, H3. lia. rewrite leb_correct_conv in BLKS; trivial. rewrite firstn_exact in BLKS; trivial. rewrite skipn_exact in BLKS; trivial. @@ -80,7 +80,7 @@ Proof. intros. induction l. simpl; intros. constructor. simpl; intros. rewrite toBlocks_equation in Heql. destruct b. discriminate. inversion H; clear H. - rewrite H1, app_length, H0 in Heql. + rewrite H1, length_app, H0 in Heql. rewrite leb_correct_conv in Heql. 2: lia. rewrite firstn_exact in Heql; trivial. rewrite skipn_exact in Heql; trivial. inversion Heql; clear Heql. @@ -104,8 +104,8 @@ Proof. rewrite -> toBlocks_equation. destruct full. assert (@length bool nil = length (front ++ back)). rewrite <- H0; reflexivity. - rewrite app_length, H in H1. remember (length back). clear - H1. rewrite Nat.add_comm in H1. simpl in H1. lia. - rewrite H0, app_length, H, leb_correct_conv. 2: lia. + rewrite length_app, H in H1. remember (length back). clear - H1. rewrite Nat.add_comm in H1. simpl in H1. lia. + rewrite H0, length_app, H, leb_correct_conv. 2: lia. rewrite -> firstn_exact; trivial. rewrite -> skipn_exact; trivial. (*rewrite -> length_not_emp.*) @@ -156,7 +156,7 @@ Proof. apply len_l. apply in_cons. apply H. - - rewrite -> app_length. + - rewrite -> length_app. assert (length l = 512%nat). apply len_l. unfold In. auto. rewrite -> H. specialize (len_min ls). @@ -179,7 +179,7 @@ Proof. rewrite -> length_not_emp. apply fold_ind. * apply len_ls. - * rewrite -> app_length. + * rewrite -> length_app. rewrite len_l. specialize (len_min ls). lia. @@ -228,13 +228,13 @@ Qed.*) Lemma toBlocks_app_split l1 l2: length l1 = 512%nat -> toBlocks (l1 ++ l2) = toBlocks l1 ++ toBlocks l2. Proof. intros. - rewrite toBlocks_equation. rewrite app_length. + rewrite toBlocks_equation. rewrite length_app. rewrite firstn_exact; trivial. rewrite skipn_exact; trivial. remember (l1 ++ l2). destruct l. { assert (@length bool nil = length (l1 ++ l2)). rewrite <- Heql; trivial. - rewrite app_length, H in H0. rewrite Nat.add_comm in H0. simpl in H0. lia. } + rewrite length_app, H in H0. rewrite Nat.add_comm in H0. simpl in H0. lia. } { rewrite leb_correct_conv. 2: rewrite H, Nat.add_comm; lia. remember (toBlocks l2). rewrite toBlocks_equation. diff --git a/sha/HMAC256_spec_pad.v b/sha/HMAC256_spec_pad.v index 9244df5361..1e22a82fce 100644 --- a/sha/HMAC256_spec_pad.v +++ b/sha/HMAC256_spec_pad.v @@ -194,11 +194,11 @@ Proof. - apply xor_equiv_byte; trivial. - assumption. } { apply BLxor_length; erewrite bytes_bits_length; try eassumption. - rewrite map_length, padded_key_len. reflexivity. + rewrite length_map, padded_key_len. reflexivity. unfold HP.HMAC_SHA256.sixtyfour. rewrite -> repeat_length. reflexivity. } { apply BLxor_length; erewrite bytes_bits_length; try eassumption. - rewrite map_length, padded_key_len. reflexivity. + rewrite length_map, padded_key_len. reflexivity. unfold HP.HMAC_SHA256.sixtyfour. rewrite -> repeat_length. reflexivity. } Qed. diff --git a/sha/HMAC_common_defs.v b/sha/HMAC_common_defs.v index f9886863a2..ddf5319aba 100644 --- a/sha/HMAC_common_defs.v +++ b/sha/HMAC_common_defs.v @@ -15,7 +15,7 @@ Definition concat {A : Type} (l : list (list A)) : list A := Lemma concat_length {A}: forall L (l:list A), In l L -> (length (concat L) >= length l)%nat. Proof. unfold concat. induction L; simpl; intros. contradiction. - rewrite app_length. + rewrite length_app. destruct H; subst. unfold id. lia. specialize (IHL _ H). lia. Qed. @@ -62,8 +62,8 @@ Proof. subst. reflexivity. - destruct l1; destruct l2; inversion len1; inversion len2. simpl. - rewrite -> map_length. - rewrite -> combine_length. + rewrite -> length_map. + rewrite -> length_combine. rewrite H0. rewrite H1. simpl. f_equal. apply min_l. @@ -109,13 +109,13 @@ Function hash_blocks_bits (b:nat) (B:(0 Blist Proof. intros. destruct (lt_dec (length msg) b). rewrite skipn_short. simpl; lia. rewrite <- teq; lia. - rewrite skipn_length; rewrite <- teq; lia. + rewrite length_skipn; rewrite <- teq; lia. Defined. Lemma add_blocksize_length l n: 0<=n -> BinInt.Z.add n (Zcomplements.Zlength l) = Zcomplements.Zlength ((repeat true (Z.to_nat n)) ++ l). Proof. intros. do 2 rewrite Zlength_correct. - rewrite app_length, repeat_length, Nat2Z.inj_add, Z2Nat.id; trivial. + rewrite length_app, repeat_length, Nat2Z.inj_add, Z2Nat.id; trivial. Qed. Lemma hash_blocks_bits_len c b (B:(0 H0 in inputs_eq. rewrite -> H2 in inputs_eq. apply (front_equiv DB32 back0 back front0 front H1 H inputs_eq). } - + rewrite -> H0. rewrite -> app_length. rewrite -> H. lia. - + rewrite -> H2. rewrite -> app_length. rewrite -> H1. lia. + + rewrite -> H0. rewrite -> length_app. rewrite -> H. lia. + + rewrite -> H2. rewrite -> length_app. rewrite -> H1. lia. Qed. Lemma equiv_pad shaiv shasplitandpad c p (B: (0< b c p)%nat) (DB32: (I.d*32 =b c p)%nat) diff --git a/sha/SHA256.v b/sha/SHA256.v index 6244288243..e4657c5a75 100644 --- a/sha/SHA256.v +++ b/sha/SHA256.v @@ -138,9 +138,9 @@ Function hash_blocks (r: registers) (msg: list int) {measure length msg} : regis end. Proof. intros. destruct (lt_dec (length msg) 16). - rewrite skipn_length_short. simpl; lia. subst; simpl in *; lia. + rewrite length_skipn_short. simpl; lia. subst; simpl in *; lia. rewrite <- teq; auto. - rewrite skipn_length. simpl; lia. + rewrite length_skipn. simpl; lia. Qed. Definition SHA_256 (str : list byte) : list byte := diff --git a/sha/ShaInstantiation.v b/sha/ShaInstantiation.v index ea34e12af7..1c547639f2 100644 --- a/sha/ShaInstantiation.v +++ b/sha/ShaInstantiation.v @@ -42,7 +42,7 @@ Definition fpad_inner (msg : list byte) : list byte := Lemma fpad_inner_length l (L:length l = p): (length (fpad_inner (bitsToBytes l)) * 8)%nat = p. Proof. - unfold fpad_inner. repeat rewrite app_length. + unfold fpad_inner. repeat rewrite length_app. rewrite repeat_length, length_intlist_to_bytelist. rewrite (Nat.mul_comm 4), Nat.add_comm, Zlength_correct. rewrite bitsToBytes_len_gen with (n:=32%nat). @@ -94,7 +94,7 @@ Lemma pad_inc_length: forall l, exists k, (0 < k /\ length (pad_inc l) = k*64)%n Proof. unfold pad_inc. induction l. simpl. exists (1%nat). lia. - destruct IHl as [k [K HK]]. repeat rewrite app_length in *. rewrite repeat_length in *. + destruct IHl as [k [K HK]]. repeat rewrite length_app in *. rewrite repeat_length in *. rewrite length_intlist_to_bytelist in *. remember (BinInt.Z.to_nat (BinInt.Z.modulo @@ -275,7 +275,7 @@ Proof. symmetry in H. = length ((l2 ++ Byte.repr 128 :: nil) ++ repeat Byte.zero (Z.to_nat (- (BlockSize + Zlength l2 + 9) mod 64)))). rewrite H0; trivial. - clear H0. repeat rewrite app_length in H. + clear H0. repeat rewrite length_app in H. repeat rewrite repeat_length in H. clear - K n H. rewrite (pad_injective_aux l1 l2 k K n) in H. lia. @@ -344,7 +344,7 @@ destruct d. = length ((l2 ++ Byte.repr 128 :: nil) ++ repeat Byte.zero (Z.to_nat (- (BlockSize + Zlength l2 + 9) mod 64)))). rewrite H0; trivial. - clear H0. repeat rewrite app_length in H1. + clear H0. repeat rewrite length_app in H1. repeat rewrite repeat_length in H1. rewrite (pad_injective_aux l2 l1 (k1-k2)) in H1. lia. @@ -446,7 +446,7 @@ Lemma pad_inc_length: forall l, exists k, (0 < k /\ length (pad_inc l) = k*64)%n Proof. unfold pad_inc. induction l. simpl. exists (1%nat). lia. - destruct IHl as [k [K HK]]. repeat rewrite app_length in *. rewrite repeat_length in *. + destruct IHl as [k [K HK]]. repeat rewrite length_app in *. rewrite repeat_length in *. rewrite pure_lemmas.length_intlist_to_Zlist in *. remember (BinInt.Z.to_nat (BinInt.Z.modulo @@ -608,7 +608,7 @@ Proof. symmetry in H. = length ((l2 ++ 128 :: nil) ++ repeat 0 (Z.to_nat (- (BlockSize + Zlength l2 + 9) mod 64)))). rewrite H0; trivial. - clear H0. repeat rewrite app_length in H. + clear H0. repeat rewrite length_app in H. repeat rewrite repeat_length in H. clear - K n H. rewrite (pad_injective_aux l1 l2 k K n) in H. lia. @@ -677,7 +677,7 @@ destruct d. = length ((l2 ++ 128 :: nil) ++ repeat 0 (Z.to_nat (- (BlockSize + Zlength l2 + 9) mod 64)))). rewrite H0; trivial. - clear H0. repeat rewrite app_length in H1. + clear H0. repeat rewrite length_app in H1. repeat rewrite repeat_length in H1. rewrite (pad_injective_aux l2 l1 (k1-k2)) in H1. lia. diff --git a/sha/functional_prog.v b/sha/functional_prog.v index 1bfd3cbb29..4b1eb6402b 100644 --- a/sha/functional_prog.v +++ b/sha/functional_prog.v @@ -271,7 +271,7 @@ rewrite <- (IHi _ _ H1). reflexivity. rewrite H1. clear H1. -pose proof (firstn_length i b). +pose proof (length_firstn i b). rewrite min_l in H1. 2:{ clear - H0; revert b H0; induction i; destruct b; simpl; intros; inv H0; try lia. @@ -557,7 +557,7 @@ pose proof (roundup_ge (Zlength msg + 9) 64). spec H; [ lia | ]. assert (Zlength msg >= 0) by (rewrite Zlength_correct; lia). exists (Z.to_nat (roundup (Zlength msg+9) 64 / 4 - 2)). -repeat rewrite app_length. +repeat rewrite length_app. rewrite repeat_length. simpl length. symmetry. @@ -633,7 +633,7 @@ rewrite Z2Nat.id by lia. change (Z.of_nat 4) with 4. rewrite Z.mul_comm in H2. assert (length (skipn (Z.to_nat (Zlength msg / 4) * 4) msg) < 4)%nat. -rewrite skipn_length. +rewrite length_skipn. apply Nat2Z.inj_lt. rewrite Nat2Z.inj_sub. rewrite <- Zlength_correct. rewrite Nat2Z.inj_mul. change (Z.of_nat 4) with 4. @@ -661,7 +661,7 @@ assert (- (Zlength msg + 9) mod 64 = (3 - Zlength ccc) + 4* ((Zlength msg+8)/64 * 16 + 15 - (Zlength msg + 8) / 4)). { assert (LL: length ccc = length (skipn (Z.to_nat (Zlength msg / 4) * 4) msg)) by congruence. -rewrite skipn_length in LL. +rewrite length_skipn in LL. assert (LL': Zlength msg = Zlength ccc + (Zlength msg/4)*4). rewrite Zlength_correct at 1. rewrite Zlength_correct at 1. @@ -706,7 +706,7 @@ replace (Zlength msg / 4 * 4) with (Zlength msg - Zlength ccc). 2:{ rewrite Heqccc. rewrite (Zlength_correct (skipn _ _)). -rewrite skipn_length by lia. +rewrite length_skipn by lia. rewrite Nat2Z.inj_sub by lia. rewrite <- Zlength_correct. rewrite Nat2Z.inj_mul. change (Z.of_nat 4) with 4. @@ -790,9 +790,9 @@ lia. } rewrite skipn_app1 by lia. rewrite firstn_app1 - by (rewrite skipn_length by lia; lia). + by (rewrite length_skipn by lia; lia). assert (length (firstn 4 (skipn (Q - 4) msg)) = 4)%nat. -rewrite firstn_length. rewrite skipn_length by lia. +rewrite length_firstn. rewrite length_skipn by lia. apply min_l. lia. destruct (firstn 4 (skipn (Q - 4) msg)) as [ | z0 [| z1 [| z2 [|z3 [|]]]]];inv H3. @@ -886,7 +886,7 @@ extensionality d. rewrite <- (nth_firstn_low _ _ 16). rewrite (generate_word_lemma1 b n H). auto. -rewrite rev_length, length_generate_word, rev_length, H. +rewrite length_rev, length_generate_word, rev_length, H. lia. Qed. @@ -917,7 +917,7 @@ Lemma nth_rev_generate_word: Proof. intros. unfold nthB. -rewrite <- rev_length in H. +rewrite <- length_rev in H. forget (rev b) as b'. clear b. assert (length (generate_word b' 48) = 64)%nat @@ -1076,7 +1076,7 @@ unfold process_block. unfold hash_block. f_equal. rewrite <- (firstn_same _ 64 (rev (generate_word _ _))) - by (rewrite rev_length, length_generate_word, rev_length; lia). + by (rewrite length_rev, length_generate_word, rev_length; lia). change 64%nat with (48+16)%nat. change 63%Z with (Z.of_nat (48+16)-1). assert (48 <= 48)%nat by lia. @@ -1110,7 +1110,7 @@ rewrite (rnd_64_S _ _ _ 2:{ unfold nthi; rewrite Nat2Z.id. rewrite (@coqlib4.nth_error_nth _ _ Int.zero n). -2: rewrite rev_length, length_generate_word, rev_length, H0; +2: rewrite length_rev, length_generate_word, rev_length, H0; change c48 with 48%nat; lia. f_equal. rewrite generate_word_small by lia. @@ -1134,7 +1134,7 @@ rewrite (rnd_64_S _ _ _ 2:{ unfold nthi; rewrite Nat2Z.id. apply (@coqlib4.nth_error_nth _ _ Int.zero (n+16)). -rewrite rev_length, length_generate_word, rev_length, H0; +rewrite length_rev, length_generate_word, rev_length, H0; change c48 with 48%nat; lia. } rewrite Round_equation. @@ -1176,7 +1176,7 @@ destruct blocks; inv H. rewrite process_msg_equation, hash_blocks_equation. reflexivity. assert (length (firstn 16 blocks) = 16)%nat - by (rewrite firstn_length, H; simpl; lia). + by (rewrite length_firstn, H; simpl; lia). rewrite hash_blocks_equation. destruct blocks; [ inv H | ]. forget (i::blocks) as bb. @@ -1185,7 +1185,7 @@ rewrite <- (firstn_skipn 16 blocks) at 1. rewrite process_msg_eq2 by auto. rewrite process_block_hash_block; auto. apply IHn0. -rewrite skipn_length; lia. +rewrite length_skipn; lia. apply length_hash_block; auto. Qed. diff --git a/sha/hkdf.v b/sha/hkdf.v index 31658c0622..639c8cf0c9 100644 --- a/sha/hkdf.v +++ b/sha/hkdf.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/sha/hmac.v b/sha/hmac.v index bfb96c4c90..6fa18e359e 100644 --- a/sha/hmac.v +++ b/sha/hmac.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/sha/hmac_common_lemmas.v b/sha/hmac_common_lemmas.v index 4305e5c2ac..2dc4a733f6 100644 --- a/sha/hmac_common_lemmas.v +++ b/sha/hmac_common_lemmas.v @@ -30,8 +30,8 @@ Qed. Lemma Zlength_mkArgZ k pad: Zlength (HMAC_SHA256.mkArg k pad) = Z.of_nat (min (length k) 64). Proof. intros. repeat rewrite Zlength_correct. unfold HMAC_SHA256.mkArg, HMAC_SHA256.sixtyfour. - repeat rewrite map_length. - rewrite combine_length, repeat_length. trivial. + repeat rewrite length_map. + rewrite length_combine, repeat_length. trivial. Qed. Lemma nth_zeropad_left {d d'}: forall l i (I: 0<= i < Zlength l), @@ -78,7 +78,7 @@ Qed. Lemma zeroPad_BlockSize: forall k, (length k <= SHA256.BlockSize)%nat -> length (HMAC_SHA256.zeroPad k) = SHA256.BlockSize%nat. -Proof. unfold HMAC_SHA256.zeroPad. intros. rewrite app_length, (*length_Nlist*) repeat_length. lia. +Proof. unfold HMAC_SHA256.zeroPad. intros. rewrite length_app, (*length_Nlist*) repeat_length. lia. Qed. Lemma length_SHA256': forall l, diff --git a/sha/hmac_pure_lemmas.v b/sha/hmac_pure_lemmas.v index 9b06b7c0e5..4d32e2c9a0 100644 --- a/sha/hmac_pure_lemmas.v +++ b/sha/hmac_pure_lemmas.v @@ -61,9 +61,9 @@ Proof. induction l1; simpl; intros. { destruct m1; simpl in *. split; trivial. assert (length l2 = length (a :: m1 ++ m2)). rewrite <- H; trivial. - rewrite H1 in H0; clear H H1. simpl in H0. rewrite app_length in H0. lia. } + rewrite H1 in H0; clear H H1. simpl in H0. rewrite length_app in H0. lia. } { assert (length (a :: l1 ++ l2) = length (m1 ++ m2)). rewrite <- H; trivial. - simpl in H1. do 2 rewrite app_length in H1. rewrite H0 in H1. + simpl in H1. do 2 rewrite length_app in H1. rewrite H0 in H1. destruct m1; simpl in *. lia. inversion H; clear H. subst a0. destruct (IHl1 _ _ _ H4 H0). subst. split; trivial. } @@ -120,7 +120,7 @@ Proof. apply IHk; auto. lia. Qed. -Lemma skipn_length: +Lemma length_skipn: forall {A} n (al: list A), (length al >= n)%nat -> (length (skipn n al) = length al - n)%nat. diff --git a/sha/pure_lemmas.v b/sha/pure_lemmas.v index b85b9f2c7c..0650250f30 100644 --- a/sha/pure_lemmas.v +++ b/sha/pure_lemmas.v @@ -251,7 +251,7 @@ rewrite <- Heql in *; clear i l Heql. rewrite firstn_same by lia. replace (skipn LBLOCK c) with (@nil int). rewrite hash_blocks_equation'; reflexivity. -pose proof (skipn_length c LBLOCK). +pose proof (length_skipn c LBLOCK). rewrite H1 in H0. destruct (skipn LBLOCK c); try reflexivity; inv H0. replace (S n * LBLOCK)%nat with (n * LBLOCK + LBLOCK)%nat in H0 by @@ -275,9 +275,9 @@ Psatz.nia. apply skipn_app1. Psatz.nia. apply length_hash_block; auto. (* fixme *) change 16%nat with LBLOCK. -rewrite firstn_length. apply min_l. +rewrite length_firstn. apply min_l. Psatz.nia. -rewrite skipn_length. +rewrite length_skipn. lia. Qed. @@ -304,8 +304,8 @@ rewrite hash_blocks_equation'; auto. forget (i::blocks) as bb. apply IHn0; auto. apply length_hash_block; auto. (* fixme *) change 16%nat with LBLOCK. -rewrite firstn_length. nia. -rewrite skipn_length. nia. +rewrite length_firstn. nia. +rewrite length_skipn. nia. Qed. Theorem Zmod_mod_mult : diff --git a/sha/sha.v b/sha/sha.v index 377f811dad..96fd6365c1 100644 --- a/sha/sha.v +++ b/sha/sha.v @@ -1,4 +1,4 @@ -From Coq Require Import String List ZArith. +From Stdlib Require Import String List ZArith. From compcert Require Import Coqlib Integers Floats AST Ctypes Cop Clight Clightdefs. Import Clightdefs.ClightNotations. Local Open Scope Z_scope. diff --git a/sha/sha_lemmas.v b/sha/sha_lemmas.v index 3831f93c15..dd2ce9eb01 100644 --- a/sha/sha_lemmas.v +++ b/sha/sha_lemmas.v @@ -216,7 +216,7 @@ Ltac Omega1 := Omega (helper1 || helper2). Ltac Omega1 := rep_lia. Ltac MyOmega := - rewrite ?repeat_length, ?skipn_length, ?map_length, + rewrite ?repeat_length, ?length_skipn, ?length_map, ?Zlength_map, ?Zlength_nil; pose proof CBLOCK_eq; (* pose proof CBLOCKz_eq;*) diff --git a/sha/sha_padding_lemmas.v b/sha/sha_padding_lemmas.v index c60afd957f..c01ab3c331 100644 --- a/sha/sha_padding_lemmas.v +++ b/sha/sha_padding_lemmas.v @@ -37,7 +37,7 @@ Lemma fstpad_len : Proof. intros msg. simpl. - rewrite -> app_length. + rewrite -> length_app. simpl. rewrite -> repeat_length. reflexivity. @@ -73,7 +73,7 @@ Proof. intros msg. unfold pad. rewrite -> Zlength_correct. - repeat rewrite -> app_length. + repeat rewrite -> length_app. simpl. assert (succ: forall (n : nat), S n = (n + 1)%nat). intros. induction n. reflexivity. lia. @@ -162,7 +162,7 @@ Proof. pose proof pad_len_64_nat msg as pad_len_64_nat. unfold pad in *. - repeat rewrite -> app_length in *. + repeat rewrite -> length_app in *. destruct pad_len_64_nat. assert (sym: (64 * x)%nat = (x * 64)%nat) by lia. rewrite -> sym in *. clear sym. diff --git a/sha/verif_hmac_init.v b/sha/verif_hmac_init.v index f99a06488d..39675c4696 100644 --- a/sha/verif_hmac_init.v +++ b/sha/verif_hmac_init.v @@ -180,11 +180,11 @@ forward_if (EX shaStates:_ , remember (map Vubyte (HMAC_SHA256.mkArg (HMAC_SHA256.mkKey key) Opad)) as OPADcont. assert (ZLI: Zlength (HMAC_SHA256.mkArg (HMAC_SHA256.mkKey key) Ipad) = 64). rewrite Zlength_mkArgZ. - repeat rewrite map_length. rewrite mkKey_length. + repeat rewrite length_map. rewrite mkKey_length. unfold SHA256.BlockSize; simpl. trivial. assert (ZLO: Zlength (HMAC_SHA256.mkArg (HMAC_SHA256.mkKey key) Opad) = 64). rewrite Zlength_mkArgZ. - repeat rewrite map_length. rewrite mkKey_length. + repeat rewrite length_map. rewrite mkKey_length. unfold SHA256.BlockSize; simpl. trivial. unfold data_at_, tarray. Time assert_PROP (isptr pad) as Ppad by entailer!. (*1*) diff --git a/sha/verif_hmac_init_part2.v b/sha/verif_hmac_init_part2.v index ec1b985850..a22eac39de 100644 --- a/sha/verif_hmac_init_part2.v +++ b/sha/verif_hmac_init_part2.v @@ -291,7 +291,7 @@ Proof. intros. abbreviate_semax. = Vubyte qb). (* (Int.zero_ext 8 q)).*) { unfold Znth. destruct (Z_lt_dec i 0). lia. rewrite nth_indep with (d':=Vubyte Byte.zero). - 2:{ repeat rewrite map_length. rewrite mkKey_length. unfold SHA256.BlockSize; simpl. apply (Z2Nat.inj_lt _ 64); lia. } + 2:{ repeat rewrite length_map. rewrite mkKey_length. unfold SHA256.BlockSize; simpl. apply (Z2Nat.inj_lt _ 64); lia. } repeat rewrite map_nth. rewrite Qb. trivial. } @@ -437,7 +437,7 @@ freeze FR1 := - (data_at _ _ _ (Vptr ckb _)) (data_block _ _ _). = Vubyte qb). (* (Int.zero_ext 8 q)).*) { unfold Znth. destruct (Z_lt_dec i 0). lia. rewrite nth_indep with (d':=Vubyte Byte.zero). - 2:{ repeat rewrite map_length. rewrite mkKey_length. unfold SHA256.BlockSize; simpl. apply (Z2Nat.inj_lt _ 64); lia. } + 2:{ repeat rewrite length_map. rewrite mkKey_length. unfold SHA256.BlockSize; simpl. apply (Z2Nat.inj_lt _ 64); lia. } repeat rewrite map_nth. rewrite Qb. trivial. } freeze FR2 := - (data_at _ _ _ (Vptr ckb _)). diff --git a/sha/verif_sha_bdo7.v b/sha/verif_sha_bdo7.v index 3bee00c095..390769c699 100644 --- a/sha/verif_sha_bdo7.v +++ b/sha/verif_sha_bdo7.v @@ -37,7 +37,7 @@ assert (H1: firstn 1 (skipn (16 - S n) b) = W (nthi b) (16 - 16 + (Z.of_nat (16 - S n) - 16) mod 16) :: nil). { unfold firstn. destruct (skipn (16 - S n) b) eqn:?. - pose proof (skipn_length b (16 - S n)). + pose proof (length_skipn b (16 - S n)). rewrite Heql in H1. simpl length in H1. lia. diff --git a/tweetnacl20140427/split_array_lemmas.v b/tweetnacl20140427/split_array_lemmas.v index de69524733..689aeb5dab 100644 --- a/tweetnacl20140427/split_array_lemmas.v +++ b/tweetnacl20140427/split_array_lemmas.v @@ -427,17 +427,17 @@ Lemma split3_data_at_Tarray_at_tuchar: Proof. fold reptype in *. assert (Arith1: Zlength (firstn (lo + n) data) = Z.of_nat (lo + n)). - repeat rewrite Zlength_correct. rewrite firstn_length, min_l; trivial. + repeat rewrite Zlength_correct. rewrite length_firstn, min_l; trivial. rewrite split_offset_array_at with (n := (lo + n)%nat); trivial. (* by lia.*) rewrite split_offset_array_at with (n := lo) (contents := firstn (lo + n) data); trivial. (* by - (rewrite firstn_length; rewrite Min.min_l by lia; lia).*) + (rewrite length_firstn; rewrite Min.min_l by lia; lia).*) assert (!!offset_in_range (sizeof t * Zlength data) d |-- !! offset_in_range (sizeof t * Zlength (firstn (lo + n) data)) d)%logic. remember (sizeof t) as ST; normalize; subst ST. apply offset_in_range_mid with (lo := 0%Z) (hi := Zlength data); try assumption. rewrite !Zlength_correct. - rewrite firstn_length; rewrite Min.min_l by lia. split; try lia. + rewrite length_firstn; rewrite Min.min_l by lia. split; try lia. apply inj_le, N. rewrite Zmult_0_r. unfold offset_in_range; destruct d; auto. @@ -471,17 +471,17 @@ Lemma split3_offset_array_at Proof. fold reptype in *. assert (Arith1: Zlength (firstn (lo + n) data) = Z.of_nat (lo + n)). - repeat rewrite Zlength_correct. rewrite firstn_length, min_l; trivial. + repeat rewrite Zlength_correct. rewrite length_firstn, min_l; trivial. rewrite split_offset_array_at with (n := (lo + n)%nat); trivial. (* by lia.*) rewrite split_offset_array_at with (n := lo) (contents := firstn (lo + n) data); trivial. (* by - (rewrite firstn_length; rewrite Min.min_l by lia; lia).*) + (rewrite length_firstn; rewrite Min.min_l by lia; lia).*) assert (!!offset_in_range (sizeof t * Zlength data) d |-- !! offset_in_range (sizeof t * Zlength (firstn (lo + n) data)) d)%logic. remember (sizeof t) as ST; normalize; subst ST. apply offset_in_range_mid with (lo := 0%Z) (hi := Zlength data); try assumption. rewrite !Zlength_correct. - rewrite firstn_length; rewrite Min.min_l by lia. split; try lia. + rewrite length_firstn; rewrite Min.min_l by lia. split; try lia. apply inj_le, N. rewrite Zmult_0_r. unfold offset_in_range; destruct d; auto. @@ -528,9 +528,9 @@ intros. subst. rewrite (split_offset_Tarray_at (length data1) sh t (Zlength (data1++data2)) (data1 ++ data2) d H); repeat rewrite Zlength_correct. rewrite firstn_exact, skipn_exact; trivial. -rewrite app_length, Nat2Z.inj_add, Z.add_simpl_l; trivial. -rewrite app_length, Nat2Z.inj_add. lia. -rewrite app_length, Nat2Z.inj_add. lia. +rewrite length_app, Nat2Z.inj_add, Z.add_simpl_l; trivial. +rewrite length_app, Nat2Z.inj_add. lia. +rewrite length_app, Nat2Z.inj_add. lia. Qed. Lemma append_split3_Tarray_at @@ -548,13 +548,13 @@ Lemma append_split3_Tarray_at Proof. subst. erewrite (split3_offset_Tarray_at t A (length data1) (length data2)). - 2: repeat rewrite app_length; lia. + 2: repeat rewrite length_app; lia. rewrite firstn_exact; trivial. rewrite skipn_exact; trivial. rewrite firstn_exact; trivial. - rewrite app_assoc, skipn_app2. 2: rewrite app_length; lia. + rewrite app_assoc, skipn_app2. 2: rewrite length_app; lia. assert (Arith1: (length data1 + length data2 - (length data1 + length data2) = 0)%nat) by lia. - f_equal. repeat rewrite Zlength_correct. repeat rewrite app_length. + f_equal. repeat rewrite Zlength_correct. repeat rewrite length_app. rewrite Arith1; clear Arith1. simpl. f_equal. repeat rewrite Nat2Z.inj_add. rewrite Z.mul_add_distr_l. assert (Arith: Z.of_nat (length data1) + Z.of_nat (length data2) + diff --git a/tweetnacl20140427/tweetNaclBase.v b/tweetnacl20140427/tweetNaclBase.v index 56925092f6..734eec731b 100644 --- a/tweetnacl20140427/tweetNaclBase.v +++ b/tweetnacl20140427/tweetNaclBase.v @@ -18,11 +18,11 @@ Lemma isptrD v: isptr v -> exists b ofs, v = Vptr b ofs. Proof. intros. destruct v; try contradiction. exists b, i; trivial. Qed. Lemma firstn_Zlength {A} (l:list A) n: (n <= length l)%nat -> Zlength (firstn n l) = Z.of_nat n. -Proof. intros. rewrite Zlength_correct, firstn_length, Nat.min_l; trivial. Qed. +Proof. intros. rewrite Zlength_correct, length_firstn, Nat.min_l; trivial. Qed. Lemma skipn_Zlength {A} (l:list A) n: (n <= length l)%nat -> Zlength (skipn n l) = Zlength l - (Z.of_nat n). Proof. intros. - rewrite Zlength_correct, skipn_length. + rewrite Zlength_correct, length_skipn. rewrite Zlength_correct, Nat2Z.inj_sub; trivial. Qed. diff --git a/tweetnacl20140427/verif_crypto_stream_salsa20_xor.v b/tweetnacl20140427/verif_crypto_stream_salsa20_xor.v index a87a258a78..87b6b3fdab 100644 --- a/tweetnacl20140427/verif_crypto_stream_salsa20_xor.v +++ b/tweetnacl20140427/verif_crypto_stream_salsa20_xor.v @@ -170,7 +170,7 @@ Intros snuff. rename H into Snuff. destruct (QuadChunks2ValList_bytes (map littleendian_invert snuff)) as [sr_bytes [SRBL SNR]]. assert (SRL: Zlength sr_bytes = 64). { - rewrite map_length, (Snuffle20_length _ _ Snuff) in SRBL. + rewrite length_map, (Snuffle20_length _ _ Snuff) in SRBL. rewrite Zlength_correct, SRBL. reflexivity. apply prepare_data_length. } @@ -322,7 +322,7 @@ forward_if (IfPost v_z v_x bInit (N0, N1, N2, N3) K mCont (Int64.unsigned bInit) Intros snuff. rename H into Snuff. destruct (QuadChunks2ValList_bytes (map littleendian_invert snuff)) as [sr_bytes [SRBL SNR]]. assert (Zlength sr_bytes = 64). - rewrite map_length, (Snuffle20_length _ _ Snuff) in SRBL. + rewrite length_map, (Snuffle20_length _ _ Snuff) in SRBL. rewrite Zlength_correct, SRBL. reflexivity. apply prepare_data_length. rename H into SRL. diff --git a/tweetnacl20140427/verif_salsa_base.v b/tweetnacl20140427/verif_salsa_base.v index 8f211e64d2..34950fcf9b 100644 --- a/tweetnacl20140427/verif_salsa_base.v +++ b/tweetnacl20140427/verif_salsa_base.v @@ -185,7 +185,7 @@ Definition littleendian_of_SixteenByte (x:SixteenByte): QuadWord := rewrite Zlength_correct, QuadWR_length. trivial. Qed. Lemma SixteenWR_length s: length (SixteenWordRep s) = 16%nat. destruct s as [[[? ?] ?] ?]. simpl. - repeat rewrite app_length. repeat rewrite QuadWR_length. reflexivity. Qed. + repeat rewrite length_app. repeat rewrite QuadWR_length. reflexivity. Qed. Lemma SixteenWR_zlength s: Zlength (SixteenWordRep s) = 16. rewrite Zlength_correct, SixteenWR_length. trivial. Qed. @@ -265,7 +265,7 @@ Qed. Proof. destruct s as [[[q0 q1] q2] q3]. reflexivity. Qed. Lemma SixteenWordRepI_length s: length (SixteenWordRepI s) = 16%nat. Proof. destruct s as [[[q0 q1] q2] q3]. simpl. - repeat rewrite app_length. repeat rewrite QuadWordRepI_length. reflexivity. + repeat rewrite length_app. repeat rewrite QuadWordRepI_length. reflexivity. Qed. Lemma QuadByte2ValList_bytes q: exists bytes, length bytes = 4%nat /\ @@ -282,7 +282,7 @@ Proof. destruct N as [[[q0 q1] q2] q3]. rewrite SixteenByte2ValList_char. destruct (QuadByte2ValList_bytes q2) as [bytes2 [L2 Q2]]; rewrite Q2. destruct (QuadByte2ValList_bytes q3) as [bytes3 [L3 Q3]]; rewrite Q3. exists (bytes0 ++ bytes1 ++ bytes2 ++ bytes3). - repeat rewrite map_app. repeat rewrite app_length. rewrite L0, L1, L2, L3. + repeat rewrite map_app. repeat rewrite length_app. rewrite L0, L1, L2, L3. split; trivial. Qed. @@ -302,7 +302,7 @@ Proof. destruct N as [[[q0 q1] q2] q3]. rewrite SixteenByte2ValList_char. destruct (QuadByte2ValList_ints q2) as [ints2 [L2 Q2]]; rewrite Q2. destruct (QuadByte2ValList_ints q3) as [ints3 [L3 Q3]]; rewrite Q3. exists (ints0 ++ ints1 ++ ints2 ++ ints3). - repeat rewrite map_app. repeat rewrite app_length. rewrite L0, L1, L2, L3. + repeat rewrite map_app. repeat rewrite length_app. rewrite L0, L1, L2, L3. split; trivial. Qed. @@ -314,7 +314,7 @@ Lemma QuadChunks2ValList_bytes: forall l, destruct IHl as [? [X1 X2]]; rewrite X2; clear X2. destruct (QuadByte2ValList_bytes a) as [? [Y1 Y2]]; rewrite Y2; clear Y2. repeat rewrite <- map_app. exists (x0 ++ x); split; trivial. - rewrite app_length, X1, Y1. lia. + rewrite length_app, X1, Y1. lia. Qed. Fixpoint upd_upto (x: SixteenByte * SixteenByte * (SixteenByte * SixteenByte)) i (l:list val):list val := diff --git a/util/make_version b/util/make_version index ecdc56c6ae..1578c7a917 100755 --- a/util/make_version +++ b/util/make_version @@ -7,7 +7,7 @@ else DATE=date fi set -e -printf >$F 'Require Import ZArith Coq.Strings.String. Open Scope string.\n' +printf >$F 'From Stdlib Require Import ZArith Strings.String. Open Scope string.\n' printf >>$F 'Definition git_rev := "' if command -v git >/dev/null && [ "$(git rev-parse --is-inside-work-tree 2>/dev/null)" = "true" ]; then git log -n 1 --pretty=format:"%H" >>$F || true diff --git a/veric/Clight_base.v b/veric/Clight_base.v index d82393d734..7f91e40af9 100644 --- a/veric/Clight_base.v +++ b/veric/Clight_base.v @@ -5,6 +5,6 @@ Require Export compcert.cfrontend.Ctypes. Require Export compcert.cfrontend.Cop. Require Export compcert.cfrontend.Clight. -Require Export EqNat. (* do we need this? *) +From Stdlib Require Export EqNat. (* do we need this? *) Require Export VST.veric.Memory. diff --git a/veric/Clight_evsem.v b/veric/Clight_evsem.v index 6b947f3bb8..7a260ac3b2 100644 --- a/veric/Clight_evsem.v +++ b/veric/Clight_evsem.v @@ -7,7 +7,7 @@ Require Import VST.veric.compcert_rmaps. Require Import VST.veric.juicy_mem. Require Import VST.veric.res_predicates. -Require Import List. Import ListNotations. +From Stdlib Require Import List. Import ListNotations. Import compcert.lib.Maps. Import Ctypes. diff --git a/veric/Clight_initial_world.v b/veric/Clight_initial_world.v index cefa8e2937..7a5c8e6997 100644 --- a/veric/Clight_initial_world.v +++ b/veric/Clight_initial_world.v @@ -139,13 +139,13 @@ change (AST.prog_defs prog) with (prog_defs prog) in Hm. forget (prog_defs prog) as dl. rewrite <- (rev_involutive dl) in H1,Hm. rewrite nth_error_rev in H1. -2 : { rewrite rev_length. clear - RANGE. +2 : { rewrite length_rev. clear - RANGE. destruct RANGE. apply inj_lt_iff. rewrite Z2Nat.id by lia. lia. } rename H1 into H5. replace (length (rev dl) - Z.to_nat (Z.pos b - 1) - 1)%nat with (length (rev dl) - Z.to_nat (Z.pos b))%nat in H5. -2 : { rewrite rev_length. +2 : { rewrite length_rev. clear - RANGE. replace (Z.to_nat (Z.pos b-1)) with (Z.to_nat (Z.pos b) - 1)%nat. assert (Z.to_nat (Z.pos b) <= length dl)%nat. @@ -162,7 +162,7 @@ assert (0 < Z.to_nat (Z.pos b) <= length dl)%nat. { clear - RANGE. lia. } clear RANGE; rename H0 into RANGE. rewrite Z2Nat.inj_pos in *. -rewrite <- rev_length in RANGE. +rewrite <- length_rev in RANGE. forget (rev dl) as dl'; clear dl; rename dl' into dl. destruct RANGE. rewrite alloc_globals_rev_eq in Hm. @@ -320,13 +320,13 @@ forget (prog_defs prog) as dl. rewrite <- (rev_involutive dl) in H1,Hm. rewrite nth_error_rev in H1. 2 : { - rewrite rev_length. clear - RANGE. + rewrite length_rev. clear - RANGE. destruct RANGE. apply inj_lt_iff. rewrite Z2Nat.id by lia. lia. } rename H1 into H5. replace (length (rev dl) - Z.to_nat (Z.pos b - 1) - 1)%nat with (length (rev dl) - Z.to_nat (Z.pos b))%nat in H5. -2 : { rewrite rev_length. +2 : { rewrite length_rev. clear - RANGE. replace (Z.to_nat (Z.pos b-1)) with (Z.to_nat (Z.pos b) - 1)%nat. assert (Z.to_nat (Z.pos b) <= length dl)%nat. @@ -343,7 +343,7 @@ assert (0 < Z.to_nat (Z.pos b) <= length dl)%nat. { clear - RANGE. lia. } clear RANGE; rename H0 into RANGE. rewrite Z2Nat.inj_pos in *. -rewrite <- rev_length in RANGE. +rewrite <- length_rev in RANGE. forget (rev dl) as dl'; clear dl; rename dl' into dl. destruct RANGE. rewrite alloc_globals_rev_eq in Hm. diff --git a/veric/Cop2.v b/veric/Cop2.v index 8d7ac58d52..b6b3ff88e5 100644 --- a/veric/Cop2.v +++ b/veric/Cop2.v @@ -76,7 +76,7 @@ Fixpoint eqb_type (a b: type) {struct a} : bool := | Tfloat sa aa, Tfloat sb ab => andb (eqb_floatsize sa sb) (eqb_attr aa ab) | Tpointer ta aa, Tpointer tb ab => andb (eqb_type ta tb) (eqb_attr aa ab) | Tarray ta sa aa, Tarray tb sb ab => andb (eqb_type ta tb) - (andb (Zeq_bool sa sb) (eqb_attr aa ab)) + (andb (Z.eqb sa sb) (eqb_attr aa ab)) | Tfunction sa ta ca, Tfunction sb tb cb => andb (andb (eqb_list eqb_type sa sb) (eqb_type ta tb)) (eqb_calling_convention ca cb) | Tstruct ia aa, Tstruct ib ab => andb (eqb_ident ia ib) (eqb_attr aa ab) @@ -176,7 +176,7 @@ destruct a,b; simpl; split; auto; try discriminate; | H: eqb_attr _ _ = true |- _ => apply eqb_attr_spec in H | H: eqb_floatsize _ _ = true |- _ => apply eqb_floatsize_spec in H | H: eqb_calling_convention _ _ = true |- _ => apply eqb_calling_convention_prop in H - | H: Zeq_bool _ _ = true |- _ => apply Zeq_bool_eq in H + | H: Z.eqb _ _ = true |- _ => apply Z.eqb_eq in H | H: eqb_ident _ _ = true |- _ => apply eqb_ident_spec in H | H: eqb_type _ _ = true |- _ => apply REC in H | H: Tint _ _ _ = _ |- _ => inv H diff --git a/veric/Memory.v b/veric/Memory.v index bc42c0fd64..104c4e2789 100644 --- a/veric/Memory.v +++ b/veric/Memory.v @@ -1,9 +1,6 @@ -Require Import Coq.Arith.EqNat. -Require Import Coq.Relations.Relations. -Require Import Lia. -(* -Require Import compcert.export.Clightdefs. -Require Import compcert.cfrontend.Ctypes. (*NEW*)*) +Require Import Stdlib.Arith.EqNat. +Require Import Stdlib.Relations.Relations. +From Stdlib Require Import Lia. Require Import compcert.lib.Axioms. Require Import compcert.lib.Coqlib. Require Import compcert.lib.Integers. diff --git a/veric/SeparationLogic.v b/veric/SeparationLogic.v index 88b7b882cc..a9bd19ea02 100644 --- a/veric/SeparationLogic.v +++ b/veric/SeparationLogic.v @@ -649,12 +649,12 @@ Definition globvars2pred (gv: globals) (vl: list (ident * globvar type)): mpred Definition initializer_aligned (z: Z) (d: init_data) : bool := match d with - | Init_int16 n => Zeq_bool (z mod 2) 0 - | Init_int32 n => Zeq_bool (z mod 4) 0 - | Init_int64 n => Zeq_bool (z mod 8) 0 - | Init_float32 n => Zeq_bool (z mod 4) 0 - | Init_float64 n => Zeq_bool (z mod 8) 0 - | Init_addrof symb ofs => Zeq_bool (z mod (size_chunk Mptr)) 0 + | Init_int16 n => Z.eqb (z mod 2) 0 + | Init_int32 n => Z.eqb (z mod 4) 0 + | Init_int64 n => Z.eqb (z mod 8) 0 + | Init_float32 n => Z.eqb (z mod 4) 0 + | Init_float64 n => Z.eqb (z mod 8) 0 + | Init_addrof symb ofs => Z.eqb (z mod (size_chunk Mptr)) 0 | _ => true end. @@ -993,7 +993,7 @@ Definition prog_vars (p: program) := prog_vars' (prog_defs p). Definition all_initializers_aligned (prog: program) := forallb (fun idv => andb (initializers_aligned 0 (gvar_init (snd idv))) - (Zlt_bool (init_data_list_size (gvar_init (snd idv))) Ptrofs.modulus)) + (Z.ltb (init_data_list_size (gvar_init (snd idv))) Ptrofs.modulus)) (prog_vars prog) = true. Definition loop1_ret_assert (Inv: environ->mpred) (R: ret_assert) : ret_assert := @@ -1922,7 +1922,7 @@ Axiom semax_adapt: forall {cs Espec} Delta c (P P': assert) (Q Q' : ret_assert) End PRACTICAL_CLIGHT_SEPARATION_HOARE_LOGIC. -Require Import Coq.Classes.Morphisms. +Require Import Stdlib.Classes.Morphisms. #[export] Instance prop_Proper: Proper (iff ==> (@eq mpred)) (prop). diff --git a/veric/align_mem.v b/veric/align_mem.v index 8ffc9398fd..b8f45337be 100644 --- a/veric/align_mem.v +++ b/veric/align_mem.v @@ -1,6 +1,6 @@ -Require Import Coq.Sorting.Permutation. -Require Import Coq.Sorting.Sorting. -Require Import Coq.Structures.Orders. +Require Import Stdlib.Sorting.Permutation. +Require Import Stdlib.Sorting.Sorting. +Require Import Stdlib.Structures.Orders. Require Import VST.veric.base. Require Import compcert.cfrontend.Ctypes. Require Import VST.veric.type_induction. diff --git a/veric/base.v b/veric/base.v index a50069efc1..a8265a03cd 100644 --- a/veric/base.v +++ b/veric/base.v @@ -1,5 +1,4 @@ -Require Export Coq.Arith.EqNat. -Require Export Coq.Relations.Relations. +From Stdlib Require Export Arith.EqNat Relations.Relations. Require Export compcert.lib.Axioms. Require Export compcert.lib.Coqlib. diff --git a/veric/composite_compute.v b/veric/composite_compute.v index 115de6b53a..847883873a 100644 --- a/veric/composite_compute.v +++ b/veric/composite_compute.v @@ -1,6 +1,6 @@ -Require Import Coq.Sorting.Permutation. -Require Import Coq.Sorting.Sorting. -Require Import Coq.Structures.Orders. +Require Import Stdlib.Sorting.Permutation. +Require Import Stdlib.Sorting.Sorting. +Require Import Stdlib.Structures.Orders. Require Import VST.veric.base. Import compcert.lib.Maps. diff --git a/veric/coqlib4.v b/veric/coqlib4.v index be6dbec9dc..78619a9917 100644 --- a/veric/coqlib4.v +++ b/veric/coqlib4.v @@ -1,13 +1,11 @@ -Require Import Coq.Arith.EqNat. -Require Import Coq.Relations.Relations. -Require Import Coq.Sorting.Permutation. +From Stdlib Require Import Arith.EqNat Relations.Relations Sorting.Permutation. Require Import compcert.lib.Coqlib. Require Import compcert.lib.Integers. Require Import VST.msl.Coqlib2. Require Export VST.msl.eq_dec. -Require Export Lia. +From Stdlib Require Export Lia. (* Global Set Warnings "-deprecated-hint-rewrite-without-locality". Delete this line after we abandon Coq 8.13 *) @@ -253,12 +251,12 @@ Proof. - inversion N; auto. Qed. -Require Import Coq.Sets.Ensembles. +Require Import Stdlib.Sets.Ensembles. Definition Ensemble_join {A} (X Y Z: Ensemble A): Prop := (forall a, Z a <-> X a \/ Y a) /\ (forall a, X a -> Y a -> False). -Require Coq.Logic.ConstructiveEpsilon. +Require Stdlib.Logic.ConstructiveEpsilon. Lemma decidable_countable_ex_sig {A} (f : nat -> A) (Hf : forall a, exists n, a = f n) diff --git a/veric/expr_lemmas.v b/veric/expr_lemmas.v index 910aa172b0..23c2cb2d2d 100644 --- a/veric/expr_lemmas.v +++ b/veric/expr_lemmas.v @@ -1098,7 +1098,7 @@ Proof. - destruct f; auto. - destruct (get_var_type Delta i); auto. simpl in *. destruct t0; auto. - destruct (eqb_type t t0 && (Zeq_bool z z0 && eqb_attr a a0)); auto. + destruct (eqb_type t t0 && (Z.eqb z z0 && eqb_attr a a0)); auto. - destruct (get_var_type Delta i); auto. simpl in *. destruct t0; auto. destruct ((eqb_list eqb_type l l0 && eqb_type t t0 && eqb_calling_convention c c0)); auto. diff --git a/veric/expr_lemmas3.v b/veric/expr_lemmas3.v index 4e42ee48fe..0d83d48d4f 100644 --- a/veric/expr_lemmas3.v +++ b/veric/expr_lemmas3.v @@ -1,4 +1,4 @@ -Require Import Coq.Reals.Rdefinitions. +Require Import Stdlib.Reals.Rdefinitions. Require Import VST.msl.msl_standard. Require Import VST.veric.Clight_base. Require Import VST.veric.compcert_rmaps. @@ -30,10 +30,10 @@ Definition empty_tenv := PTree.empty val. Definition empty_environ cenv : environ := mkEnviron (filter_genv (empty_genv cenv)) (Map.empty _) (Map.empty _). -Lemma Zle_bool_rev: forall x y, Zle_bool x y = Zge_bool y x. +Lemma Zle_bool_rev: forall x y, Z.leb x y = Z.geb y x. Proof. intros. pose proof (Zle_cases x y). pose proof (Zge_cases y x). -destruct (Zle_bool x y); destruct (Zge_bool y x); auto; +destruct (Z.leb x y); destruct (Z.geb y x); auto; exfalso; lia. Qed. diff --git a/veric/initial_world.v b/veric/initial_world.v index 8a64b19d55..abdaf846a8 100644 --- a/veric/initial_world.v +++ b/veric/initial_world.v @@ -701,13 +701,13 @@ Proof. induction vl; simpl; intros. apply nth_error_nil. destruct (eq_dec n (length vl)). subst. - pattern (length vl) at 1; rewrite <- rev_length. + pattern (length vl) at 1; rewrite <- length_rev. rewrite <- (Nat.add_0_r (length (rev vl))). rewrite nth_error_app. case_eq (length vl); intros. simpl. auto. replace (S n - n - 1)%nat with O by lia. simpl; auto. - rewrite nth_error_app1 by (rewrite rev_length; lia). + rewrite nth_error_app1 by (rewrite length_rev; lia). rewrite IHvl by lia. clear IHvl. destruct n; destruct (length vl). congruence. simpl. replace (n-0)%nat with n by lia; auto. @@ -786,9 +786,9 @@ Proof. intros. subst. rewrite map_rev; rewrite nth_error_rev. replace (length (map fst vl) - Z.to_nat (Zpos b - 1) - 1)%nat with (length vl - Pos.to_nat b)%nat ; [intuition | ]. - rewrite map_length. + rewrite length_map. transitivity (length vl - (Z.to_nat (Z.pos b-1)+1))%nat; try lia. - rewrite map_length. + rewrite length_map. rewrite Zlength_correct in H1. forget (Z.pos b-1) as i; forget (length vl) as n; clear - H1. apply inj_lt_rev. rewrite Z_to_nat_max; auto. @@ -807,9 +807,9 @@ Proof. intros. subst. by (rewrite <- e; replace (1 + (Z.pos b - 1)) with (Z.pos b) by lia; apply Pos2Z.id). clear e b. - rewrite <- Zlength_rev. rewrite <- rev_length. + rewrite <- Zlength_rev. rewrite <- length_rev. replace (length (rev vl)) with (length (rev vl) + 0)%nat by lia. - rewrite map_app. rewrite <- map_length with (f:=@fst ident (globdef (fundef F) type)). + rewrite map_app. rewrite <- length_map with (f:=@fst ident (globdef (fundef F) type)). rewrite nth_error_app. apply iff_trans with (i=id); [ | simpl; split; intro; subst; auto; inv H; auto]. rewrite In_rev in H2. rewrite <- map_rev in H2. @@ -852,7 +852,7 @@ Proof. intros. subst. f_equal. clear - H H2. forget (Z.to_nat (Z.pos b-1)) as j. replace (length vl) with (length (map fst (rev vl))) - by (rewrite map_length; rewrite rev_length; auto). + by (rewrite length_map; rewrite length_rev; auto). forget (map fst (rev vl)) as al. revert al H2 H; clear; induction j; destruct al; simpl; intros; auto. inv H; intuition. exfalso; clear - H; induction j; inv H; auto. @@ -862,21 +862,21 @@ Proof. intros. subst. destruct IHvl. split; intro. - apply H in H1. rewrite nth_error_app1; auto. - clear - n Hb. rewrite map_length. rewrite rev_length. rewrite Zlength_correct in Hb,n. + clear - n Hb. rewrite length_map. rewrite length_rev. rewrite Zlength_correct in Hb,n. assert (Z.pos b-1>=0) by lia. pose proof (Z2Nat.id _ (Z.ge_le _ _ H)). forget (Z.to_nat(Z.pos b-1)) as j. rewrite <- H0 in *. destruct Hb. clear - H2 n. lia. - assert (Z.to_nat (Z.pos b-1) < length (map (@fst _ _) (rev vl)))%nat. { clear - Hb n H1. - rewrite Zlength_correct in n. rewrite map_length; rewrite rev_length. + rewrite Zlength_correct in n. rewrite length_map; rewrite length_rev. assert (Z.to_nat (Z.pos b-1) <> length vl). { contradict n. rewrite <- n. rewrite Z2Nat.id; auto. lia. } forget (Z.to_nat (Z.pos b-1)) as j. clear - H1 H. assert (S (length vl) = length (map fst (rev vl) ++ map fst ((i, g) :: nil))). - { simpl. rewrite app_length; rewrite map_length; rewrite rev_length; simpl; lia. } + { simpl. rewrite length_app; rewrite length_map; rewrite length_rev; simpl; lia. } assert (j < S (length vl))%nat; [ | lia]. rewrite H0. forget (map fst (rev vl) ++ map fst ((i, g) :: nil)) as al. clear - H1. revert al H1; induction j; destruct al; simpl in *; intros; inv H1; auto; try lia. @@ -928,7 +928,7 @@ assert (RANGE: 0 <= Z.pos b - 1 < Zlength (rev (prog_defs prog))). { } split. rewrite Zlength_correct in RANGE. - rewrite rev_length in RANGE. lia. + rewrite length_rev in RANGE. lia. rewrite <- list_norepet_rev in H. unfold prog_defs_names in H. change (AST.prog_defs prog) with (prog_defs prog) in H. @@ -943,7 +943,7 @@ assert (RANGE: 0 <= Z.pos b - 1 < Zlength (rev (prog_defs prog))). { destruct p; simpl in H1. inv H1. exists g. rewrite <- H0. f_equal. - rewrite rev_length. rewrite map_length. + rewrite length_rev. rewrite length_map. clear - RANGE. rewrite Zlength_rev in RANGE. rewrite Zlength_correct in RANGE. rewrite <- (Z2Nat.id (Z.pos b)) in * by lia. @@ -953,9 +953,9 @@ assert (RANGE: 0 <= Z.pos b - 1 < Zlength (rev (prog_defs prog))). { rewrite Nat2Z.id. lia. inv H1. - rewrite rev_length. rewrite map_length. + rewrite length_rev. rewrite length_map. clear - RANGE. rewrite Zlength_correct in RANGE. - rewrite rev_length in RANGE. + rewrite length_rev in RANGE. forget (length (prog_defs prog)) as N. assert (Z_of_nat N > 0) by lia. destruct N; inv H. diff --git a/veric/initialize.v b/veric/initialize.v index 558d724b45..f71d5e31ca 100644 --- a/veric/initialize.v +++ b/veric/initialize.v @@ -275,12 +275,12 @@ Definition load_store_init_data1 (ge: Genv.t fundef type) (m: mem) (b: block) (p Definition initializer_aligned (z: Z) (d: init_data) : bool := match d with - | Init_int16 n => Zeq_bool (z mod 2) 0 - | Init_int32 n => Zeq_bool (z mod 4) 0 - | Init_int64 n => Zeq_bool (z mod 8) 0 - | Init_float32 n => Zeq_bool (z mod 4) 0 - | Init_float64 n => Zeq_bool (z mod 8) 0 - | Init_addrof symb ofs => Zeq_bool (z mod (size_chunk Mptr)) 0 + | Init_int16 n => Z.eqb (z mod 2) 0 + | Init_int32 n => Z.eqb (z mod 4) 0 + | Init_int64 n => Z.eqb (z mod 8) 0 + | Init_float32 n => Z.eqb (z mod 4) 0 + | Init_float64 n => Z.eqb (z mod 8) 0 + | Init_addrof symb ofs => Z.eqb (z mod (size_chunk Mptr)) 0 | _ => true end. @@ -295,7 +295,7 @@ Proof. induction dl; simpl; intros. lia. pose proof (init_data_size_pos a); lia. Qed. -Require Import FunInd. +From Stdlib Require Import FunInd. Remark store_zeros_load_outside: forall m b p n m', @@ -717,7 +717,7 @@ Proof. clear H; repeat split; auto end. * (* Int8 *) - apply Zone_divide. + apply Z.divide_1_l. * (* Int8 *) intro loc; specialize (H2 loc). simpl in H2. hnf. if_tac; auto. @@ -739,7 +739,8 @@ Proof. destruct loc; destruct H; subst b0. apply nth_getN; simpl; lia. * (* Int16 *) - simpl in AL. apply Zmod_divide. intro Hx; inv Hx. apply Zeq_bool_eq; auto. + simpl in AL. + apply Z.mod_divide. intro Hx; inv Hx. apply Z.eqb_eq; auto. * (* Int16 *) intro loc; specialize (H2 loc). simpl in H2. simpl size_chunk. hnf; if_tac; auto. @@ -761,7 +762,7 @@ Proof. destruct loc; destruct H; subst b0. apply nth_getN; simpl; lia. * (* Int32 *) - simpl in AL. apply Zmod_divide. intro Hx; inv Hx. apply Zeq_bool_eq; auto. + simpl in AL. apply Z.mod_divide. intro Hx; inv Hx. apply Z.eqb_eq; auto. * (* Int32 *) intro loc; specialize (H2 loc). simpl in H2. simpl size_chunk. hnf; if_tac; auto. @@ -783,7 +784,7 @@ Proof. destruct loc; destruct H; subst b0. apply nth_getN; simpl; lia. * (* Int64 *) - simpl in AL. apply Zmod_divide. intro Hx; inv Hx. apply Zeq_bool_eq; auto. + simpl in AL. apply Z.mod_divide. intro Hx; inv Hx. apply Z.eqb_eq; auto. * (* Int64 *) intro loc; specialize (H2 loc). simpl in H2. simpl size_chunk. hnf; if_tac; auto. @@ -805,7 +806,7 @@ Proof. destruct loc; destruct H; subst b0. apply nth_getN; simpl; lia. * (* Float32 *) - simpl in AL. apply Zmod_divide. intro Hx; inv Hx. apply Zeq_bool_eq; auto. + simpl in AL. apply Z.mod_divide. intro Hx; inv Hx. apply Z.eqb_eq; auto. * (* Float32 *) intro loc; specialize (H2 loc). simpl in H2. simpl size_chunk. hnf; if_tac; auto. @@ -828,8 +829,8 @@ Proof. apply nth_getN; simpl; lia. * (* Float64 *) clear - AL. - simpl in AL. apply Zmod_divide. intro Hx; inv Hx. apply Zeq_bool_eq; auto. - rewrite <- Zeq_is_eq_bool in *. + simpl in AL. apply Z.mod_divide. intro Hx; inv Hx. apply Z.eqb_eq; auto. + rewrite Z.eqb_eq in *. apply Zmod_divides; [ lia | ]. apply Zmod_divides in AL; [ | lia]. destruct AL as [c ?]. exists (2 * c)%Z. rewrite Z.mul_assoc. apply H. @@ -902,7 +903,7 @@ if_tac; auto. repeat split; auto. clear - H. cbv iota. congruence. - simpl in AL. apply Zmod_divide. intro Hx; inv Hx. apply Zeq_bool_eq; auto. + simpl in AL. apply Z.mod_divide. intro Hx; inv Hx. apply Z.eqb_eq; auto. intro loc; specialize (H2 loc). hnf. simpl init_data_size in H2. replace (if Archi.ptr64 then 8 else 4) with (size_chunk Mptr) in H2 by (unfold Mptr; destruct Archi.ptr64; reflexivity). @@ -932,7 +933,7 @@ if_tac; auto. rewrite Ptrofs.unsigned_repr by (change Ptrofs.max_unsigned with (Ptrofs.modulus-1); lia). split. simpl in AL|-*. - apply Zmod_divide. intro Hx; inv Hx. apply Zeq_bool_eq; auto. + apply Z.mod_divide. intro Hx; inv Hx. apply Z.eqb_eq; auto. hnf. intro loc; specialize (H2 loc). hnf. simpl init_data_size in H2. replace (if Archi.ptr64 then 8 else 4) with (size_chunk Mptr) in H2 @@ -1156,7 +1157,7 @@ Qed. Definition all_initializers_aligned (prog: program) := forallb (fun idv => andb (initializers_aligned 0 (gvar_init (snd idv))) - (Zlt_bool (init_data_list_size (gvar_init (snd idv))) Ptrofs.modulus)) + (Z.ltb (init_data_list_size (gvar_init (snd idv))) Ptrofs.modulus)) (prog_vars prog) = true. Lemma forallb_rev: forall {A} f (vl: list A), forallb f (rev vl) = forallb f vl. diff --git a/veric/invariants.v b/veric/invariants.v index 314eeb5dea..d88cf7c388 100644 --- a/veric/invariants.v +++ b/veric/invariants.v @@ -231,7 +231,7 @@ Qed. Lemma singleton_length : forall {A} n (a : A), length (list_singleton n a) = S n. Proof. intros; unfold list_singleton. - erewrite app_length, repeat_length; simpl; lia. + erewrite length_app, repeat_length; simpl; lia. Qed. Lemma list_join_singleton : forall {P : Ghost} n a c l @@ -239,7 +239,7 @@ Lemma list_join_singleton : forall {P : Ghost} n a c l list_join (list_singleton n a) l (replace_nth n l (Some c)). Proof. induction l using rev_ind; simpl; intros; try lia. - rewrite app_length in Hn; simpl in Hn. + rewrite length_app in Hn; simpl in Hn. destruct (eq_dec n (length l)). - subst. erewrite app_nth2, Nat.sub_diag in Hjoin by lia; simpl in Hjoin. @@ -410,13 +410,13 @@ Proof. change [] with (core b); apply core_unit. + assert (a <> []) by (intro; subst; discriminate). erewrite (app_removelast_last None) in H, Heqn by auto. - erewrite app_length in Heqn; simpl in Heqn. + erewrite length_app in Heqn; simpl in Heqn. erewrite Nat.add_1_r in Heqn; inv Heqn. specialize (IHn _ eq_refl). destruct (IHn b c) as (c' & ? & ?); auto. { destruct H as [Hlen H]. split. - { rewrite app_length in Hlen; simpl in *; lia. } + { rewrite length_app in Hlen; simpl in *; lia. } intros ?? Hnth. specialize (H n a0). rewrite app_nth in H. @@ -432,7 +432,7 @@ Proof. apply join_comm in H2; auto. -- split. { destruct H. - erewrite app_length in *; simpl in *; lia. } + erewrite length_app in *; simpl in *; lia. } intros ?? Hnth. rewrite app_nth in Hnth. if_tac in Hnth; [apply H3; auto|]. @@ -870,13 +870,13 @@ Proof. exists (x ++ [Some (Some tt)]); split; simpl; auto. erewrite !map_app, own.map_repeat; simpl. pose proof (list_join_length _ _ _ H1) as Hlen. - rewrite map_length in Hlen. + rewrite length_map in Hlen. apply join_comm in H1. pose proof (list_join_length _ _ _ H1) as Hlen'. apply (join_comm(Perm_alg := list_Perm)), (list_join_over c). - { erewrite app_length, map_length, repeat_length, Nat.add_comm, Nat.sub_add; auto. } + { erewrite length_app, length_map, repeat_length, Nat.add_comm, Nat.sub_add; auto. } apply (join_comm(Perm_alg := list_Perm)), (list_join_filler(P := token_PCM)); - [|rewrite map_length; auto]. + [|rewrite length_map; auto]. apply join_comm in H1; auto. } rewrite exp_sepcon1; apply exp_left; intro. rewrite !sepcon_andp_prop1; apply prop_andp_left; intros [i ?]; subst. @@ -895,12 +895,12 @@ Proof. | Some _ => Some (Znth j ((lg ++ repeat O i) ++ [g])) | None => None end) (upto (length ((l ++ repeat emp i) ++ [P']))))). - { rewrite <- !app_assoc, app_length, upto_app, map_app. + { rewrite <- !app_assoc, length_app, upto_app, map_app. split. - { erewrite app_length, !map_length; lia. } + { erewrite length_app, !length_map; lia. } intros ?? Hn. - erewrite app_nth, map_length. - if_tac; [|erewrite nth_overflow in Hn by (rewrite map_length; lia); discriminate]. + erewrite app_nth, length_map. + if_tac; [|erewrite nth_overflow in Hn by (rewrite length_map; lia); discriminate]. erewrite nth_map' with (d' := 0) in * by auto. erewrite upto_length in *. assert (Z.of_nat n < Zlength l). @@ -911,7 +911,7 @@ Proof. rewrite !sepcon_assoc. view_shift (ghost_snap_forget(ORD := list_order _) (list_singleton (length lg + i) g)). { apply list_incl_singleton. - erewrite app_length, upto_app, map_app, app_nth2; erewrite map_length, upto_length, app_length, + erewrite length_app, upto_app, map_app, app_nth2; erewrite length_map, upto_length, length_app, repeat_length; try lia. replace (_ - _)%nat with O by lia; simpl. rewrite Nat2Z.inj_add, Z.add_0_r. @@ -921,8 +921,8 @@ Proof. apply exp_right with ((l ++ repeat emp i) ++ [P']). rewrite exp_sepcon1; apply exp_right with ((lg ++ repeat O i) ++ [g]). rewrite exp_sepcon1; apply exp_right with ((lb ++ repeat None i) ++ [Some true]). - erewrite !(app_length (_ ++ _)); simpl. - erewrite prop_true_andp by (erewrite !app_length, !repeat_length; lia). + erewrite !(length_app (_ ++ _)); simpl. + erewrite prop_true_andp by (erewrite !length_app, !repeat_length; lia). erewrite upto_app, iter_sepcon_app; simpl. erewrite Z.add_0_r, <- Zlength_correct, !app_Znth2; erewrite !Zlength_app, !coqlib4.Zlength_repeat; try lia. erewrite Hlg, Hlb, Zminus_diag, !Znth_0_cons. @@ -935,11 +935,11 @@ Proof. repeat destruct (lt_dec _ _); auto; try discriminate. destruct (x - _)%nat; [|destruct n0]; inv X. - destruct (lt_dec x (length lb)). - rewrite !app_nth, app_length. + rewrite !app_nth, length_app. destruct (lt_dec _ _); [|lia]. destruct (lt_dec _ _); [auto | lia]. { rewrite nth_overflow in X by lia; discriminate. } } - erewrite app_length, upto_app, iter_sepcon_app. + erewrite length_app, upto_app, iter_sepcon_app. rewrite sepcon_assoc; apply sepcon_derives. - eapply derives_trans with (_ * emp)%pred; [rewrite sepcon_emp; apply derives_refl|]. apply sepcon_derives. @@ -990,7 +990,7 @@ Proof. exists (map (fun o => match o with Some true => Some (Some tt) | _ => None end) ((lb ++ repeat None (i - length lb)) ++ [Some true])). pose proof (list_join_length _ _ _ H1) as Hlen. - rewrite map_length in Hlen. + rewrite length_map in Hlen. split. { exists (i - length lg)%nat; rewrite H, H0; split; auto. rewrite Nat.add_comm, Nat.sub_add; auto; lia. } @@ -999,13 +999,13 @@ Proof. apply join_comm in H1. rewrite app_assoc; apply (join_comm(Perm_alg := list_Perm)), (list_join_over c). { apply list_join_length in H1. - rewrite app_length, map_length, repeat_length, Nat.add_comm, Nat.sub_add; auto; lia. } + rewrite length_app, length_map, repeat_length, Nat.add_comm, Nat.sub_add; auto; lia. } replace (i - length lb)%nat with ((length x - length lb) + (i - length x))%nat by lia. rewrite repeat_app, app_assoc; apply (list_join_over c). { apply list_join_length in H1. - rewrite app_length, map_length, repeat_length; lia. } + rewrite length_app, length_map, repeat_length; lia. } apply (join_comm(Perm_alg := list_Perm)), (list_join_filler(P := token_PCM)); - [|rewrite map_length; auto]. + [|rewrite length_map; auto]. apply join_comm in H1; auto. } rewrite exp_sepcon1; apply exp_left; intro. rewrite !sepcon_andp_prop1; apply prop_andp_left; intros [i []]; subst. @@ -1023,12 +1023,12 @@ Proof. | Some _ => Some (Znth j ((lg ++ repeat O i) ++ [g])) | None => None end) (upto (length ((l ++ repeat emp i) ++ [P]))))). - { rewrite <- !app_assoc, app_length, upto_app, map_app. + { rewrite <- !app_assoc, length_app, upto_app, map_app. split. - { erewrite app_length, !map_length; lia. } + { erewrite length_app, !length_map; lia. } intros ?? Hn. - erewrite app_nth, map_length. - if_tac; [|erewrite nth_overflow in Hn by (rewrite map_length; lia); discriminate]. + erewrite app_nth, length_map. + if_tac; [|erewrite nth_overflow in Hn by (rewrite length_map; lia); discriminate]. erewrite nth_map' with (d' := 0) in * by auto. erewrite upto_length in *. assert (Z.of_nat n < Zlength l). @@ -1039,7 +1039,7 @@ Proof. rewrite !sepcon_assoc. view_shift (ghost_snap_forget(ORD := list_order _) (list_singleton (length lg + i) g)). { apply list_incl_singleton. - erewrite app_length, upto_app, map_app, app_nth2; erewrite map_length, upto_length, app_length, + erewrite length_app, upto_app, map_app, app_nth2; erewrite length_map, upto_length, app_length, repeat_length; try lia. replace (_ - _)%nat with O by lia; simpl. rewrite Nat2Z.inj_add, Z.add_0_r. @@ -1049,8 +1049,8 @@ Proof. apply exp_right with ((l ++ repeat emp i) ++ [P]). rewrite exp_sepcon1; apply exp_right with ((lg ++ repeat O i) ++ [g]). rewrite exp_sepcon1; apply exp_right with ((lb ++ repeat None i) ++ [Some true]). - erewrite !(app_length (_ ++ _)); simpl. - erewrite prop_true_andp by (erewrite !app_length, !repeat_length; lia). + erewrite !(length_app (_ ++ _)); simpl. + erewrite prop_true_andp by (erewrite !length_app, !repeat_length; lia). erewrite upto_app, iter_sepcon_app; simpl. erewrite Z.add_0_r, <- Zlength_correct, !app_Znth2; erewrite !Zlength_app, !coqlib4.Zlength_repeat; try lia. erewrite Hlg, Hlb, Zminus_diag, !Znth_0_cons. @@ -1063,11 +1063,11 @@ Proof. repeat destruct (lt_dec _ _); auto; try discriminate. destruct (x - _)%nat; [|destruct n0]; inv X. - destruct (lt_dec x (length lb)). - rewrite !app_nth, app_length. + rewrite !app_nth, length_app. destruct (lt_dec _ _); [|lia]. destruct (lt_dec _ _); [auto | lia]. { rewrite nth_overflow in X by lia; discriminate. } } - erewrite app_length, upto_app, iter_sepcon_app. + erewrite length_app, upto_app, iter_sepcon_app. rewrite sepcon_assoc; apply sepcon_derives. - eapply derives_trans with (_ * emp)%pred; [rewrite sepcon_emp; apply derives_refl|]. apply sepcon_derives. @@ -1128,7 +1128,7 @@ Proof. apply prop_derives; intros Hincl. apply list_incl_singleton in Hincl. destruct (lt_dec i (length lg)); - [|rewrite nth_overflow in Hincl by (rewrite map_length, upto_length; lia); discriminate]. + [|rewrite nth_overflow in Hincl by (rewrite length_map, upto_length; lia); discriminate]. rewrite nth_map' with (d' := 0) in Hincl by (rewrite upto_length; lia). rewrite nth_upto in Hincl by lia. destruct (Znth (Z.of_nat i) lb); inversion Hincl; eauto. } @@ -1215,7 +1215,7 @@ Proof. apply prop_derives; intros Hincl. apply list_incl_singleton in Hincl. destruct (lt_dec i (length lg)); - [|rewrite nth_overflow in Hincl by (rewrite map_length, upto_length; lia); discriminate]. + [|rewrite nth_overflow in Hincl by (rewrite length_map, upto_length; lia); discriminate]. rewrite nth_map' with (d' := 0) in Hincl by (rewrite upto_length; lia). rewrite nth_upto in Hincl by lia. destruct (Znth (Z.of_nat i) lb); inversion Hincl; eauto. } @@ -1279,7 +1279,7 @@ Proof. { unfold ghost_list. erewrite <- ghost_op; [apply derives_refl|]. rewrite map_replace_nth. apply (list_join_singleton(P := token_PCM)). - { rewrite map_length; lia. } + { rewrite length_map; lia. } rewrite nth_map' with (d' := None) by lia. rewrite Hi'; constructor. } Qed. diff --git a/veric/local.v b/veric/local.v index 168f21eb5a..4286be4579 100644 --- a/veric/local.v +++ b/veric/local.v @@ -1,6 +1,6 @@ Require Import VST.veric.base. Require Import VST.msl.msl_standard. -Require Import Coq.Relations.Relations. +Require Import Stdlib.Relations.Relations. Definition deterministic_rel {T} (R: relation T) := forall s s' s'', R s s' /\ R s s'' -> s'=s''. diff --git a/veric/own.v b/veric/own.v index 2aebae2cca..68235e63a7 100644 --- a/veric/own.v +++ b/veric/own.v @@ -678,18 +678,18 @@ Lemma list_set_set : forall {A} n l (a b : A), (n <= length l)%nat -> Proof. intros; unfold list_set. rewrite (proj2 (Nat.sub_0_le _ _) H). - rewrite !app_length, !skipn_app, firstn_app, firstn_length, min_l, Nat.sub_diag, app_nil_r, repeat_length by auto. + rewrite !length_app, !skipn_app, firstn_app, length_firstn, min_l, Nat.sub_diag, app_nil_r, repeat_length by auto. rewrite firstn_firstn, min_l by auto; f_equal. - unfold length; setoid_rewrite skipn_length; f_equal. + unfold length; setoid_rewrite length_skipn; f_equal. - f_equal. lia. - - rewrite skipn_all2, skipn_nil, Nat.sub_0_r; [|rewrite firstn_length; lia]. + - rewrite skipn_all2, skipn_nil, Nat.sub_0_r; [|rewrite length_firstn; lia]. rewrite (Nat.add_sub 1); auto. Qed. Lemma nth_list_set : forall {A} n l (a : A) d, nth n (list_set l n a) d = Some a. Proof. intros; unfold list_set. - rewrite 2app_nth2; rewrite ?repeat_length, ?firstn_length; try lia. + rewrite 2app_nth2; rewrite ?repeat_length, ?length_firstn; try lia. match goal with |- nth ?n _ _ = _ => replace n with O by lia end; auto. Qed. @@ -708,7 +708,7 @@ Proof. unfold list_set; rewrite !map_app, map_firstn, map_repeat. unfold map at 2; setoid_rewrite map_skipn. rewrite ghost_fmap_singleton; simpl Datatypes.option_map. - erewrite <- map_length. + erewrite <- length_map. rewrite level_core. inv J. + inj_pair_tac. @@ -728,7 +728,7 @@ Proof. constructor. rewrite H; eauto. Unshelve. * inv H0; auto. - * rewrite map_length. + * rewrite length_map. destruct (le_dec (length x) g); [|lia]. rewrite nth_overflow in H1 by auto; discriminate. * apply join_comm, join_valid in H2; auto. diff --git a/veric/semax_call.v b/veric/semax_call.v index 5905e6b471..7026c56276 100644 --- a/veric/semax_call.v +++ b/veric/semax_call.v @@ -1,4 +1,4 @@ -Require Import Coq.Logic.FunctionalExtensionality. +Require Import Stdlib.Logic.FunctionalExtensionality. Require Import VST.veric.juicy_base. Require Import VST.msl.normalize. Require Import VST.veric.juicy_mem VST.veric.juicy_mem_lemmas VST.veric.juicy_mem_ops. @@ -2790,7 +2790,7 @@ Proof. destruct (build_call_temp_env f args) as [te' H21]; auto. { clear - H16' Hargs. simpl in H16'. unfold type_of_function in H16'. inv H16'. rewrite <- Hargs. - unfold type_of_params. rewrite map_length. auto. } + unfold type_of_params. rewrite length_map. auto. } pose proof (age_twin' _ _ _ H20' H13) as [jm''' [_ H20x]]. apply @jsafeN_step with (c' := State f (f.(fn_body)) ctl ve' te') (m' := jm'''); auto. diff --git a/veric/semax_ext.v b/veric/semax_ext.v index a098ddeeef..e3e9a870a7 100644 --- a/veric/semax_ext.v +++ b/veric/semax_ext.v @@ -277,7 +277,7 @@ Fixpoint add_funspecs_rec (ext_link: Strings.String.string -> ident) (Z : Type) | cons (i,f) fs' => funspec2jspec Z (add_funspecs_rec ext_link Z Espec fs') ext_link (i,f) end. -Require Import Coq.Logic.JMeq. +Require Import Stdlib.Logic.JMeq. Lemma add_funspecs_pre (ext_link: Strings.String.string -> ident) {Z fs id sig cc A P Q NEP NEQ} diff --git a/veric/semax_ext_oracle.v b/veric/semax_ext_oracle.v index e445f9ad43..6112ab1b94 100644 --- a/veric/semax_ext_oracle.v +++ b/veric/semax_ext_oracle.v @@ -201,7 +201,7 @@ Fixpoint add_funspecsOracle_rec (ext_link: string -> ident) Z (Espec : juicy_ext | cons (i,f) fs' => funspecOracle2jspec Z (add_funspecsOracle_rec ext_link Z Espec fs') ext_link (i,f) end. -Require Import Coq.Logic.JMeq. +Require Import Stdlib.Logic.JMeq. Lemma add_funspecs_pre (ext_link: Strings.String.string -> ident) {Z fs id sig cc A P Q x args m} Espec tys ge_s phi0 phi1 z : diff --git a/veric/semax_prog.v b/veric/semax_prog.v index e1fa150597..874d708d61 100644 --- a/veric/semax_prog.v +++ b/veric/semax_prog.v @@ -21,9 +21,9 @@ Require Import VST.veric.semax_conseq. Require Import VST.veric.Clight_initial_world. Require Import VST.veric.initialize. Require Import VST.veric.coqlib4. -Require Import Coq.Logic.JMeq. +Require Import Stdlib.Logic.JMeq. -Require Import Coq.Logic.JMeq. +Require Import Stdlib.Logic.JMeq. Require Import VST.veric.ghost_PCM. Import compcert.lib.Maps. @@ -1857,7 +1857,7 @@ as [te' H21]; auto. destruct f; simpl in *. assert (Datatypes.length (map snd fn_params) = Datatypes.length params). assert (params = map snd fn_params) by apply H10. subst; trivial. - rewrite !map_length in H. rewrite H. + rewrite !length_map in H. rewrite H. clear - arg_p. apply tc_vals_length; trivial. } diff --git a/veric/superprecise.v b/veric/superprecise.v index 839fe564f8..cb80909637 100644 --- a/veric/superprecise.v +++ b/veric/superprecise.v @@ -1,4 +1,4 @@ -Require Import Reals. +From Stdlib Require Import Reals. Require Export VST.veric.base. Require Import VST.veric.compcert_rmaps. Require Import VST.veric.res_predicates. @@ -48,7 +48,7 @@ Proof. intros. rewrite <- (rev_involutive i). rewrite <- (rev_involutive j). f_equal. assert (length (rev i) = length (rev j)). - repeat rewrite rev_length; auto. + repeat rewrite length_rev; auto. eapply int_of_bytes_uniq; eauto. apply int_of_bytes_uniq. Qed. @@ -191,7 +191,7 @@ rewrite <- (Bits.bits_of_binary_float_of_bits 52 11 (refl_equal _) (refl_equal _ f_equal; apply H. Qed. -Require Import ZArith. +From Stdlib Require Import ZArith. Import Binary Zaux Generic_fmt. (* This lemma could be edited slightly to work again, but it's in support of diff --git a/veric/val_lemmas.v b/veric/val_lemmas.v index aa57b5c0bb..ebf53a2e57 100644 --- a/veric/val_lemmas.v +++ b/veric/val_lemmas.v @@ -1,6 +1,4 @@ -Require Import Coq.Arith.EqNat. -Require Import Coq.Relations.Relations. -Require Import Lia. +From Stdlib Require Import Arith.EqNat Relations.Relations Lia. Require Import compcert.lib.Coqlib. Require Import compcert.lib.Integers. diff --git a/veristar/clause_universe.v b/veristar/clause_universe.v index 4f97a4301b..26e40381f5 100644 --- a/veristar/clause_universe.v +++ b/veristar/clause_universe.v @@ -513,7 +513,7 @@ intros. unfold In. destruct x as [l' ?]. simpl in *. - replace (length (proj1_sig x')) with (length l') by (rewrite <- H2; apply map_length). + replace (length (proj1_sig x')) with (length l') by (rewrite <- H2; apply length_map). clear - n0 H1 H0. rename l' into l. revert F n n0 H0 H1; induction l; simpl; intros. diff --git a/veristar/redblack.v b/veristar/redblack.v index 66c3b75e53..f727844ef7 100644 --- a/veristar/redblack.v +++ b/veristar/redblack.v @@ -4050,7 +4050,7 @@ Proof. unfold cardinal. intros; rewrite fold_spec. rewrite <- List.fold_left_rev_right. - rewrite <- List.rev_length. + rewrite <- List.length_rev. unfold elt. remember (@rev K.t (elements s)) as l; clear. clear; induction l; simpl; auto. diff --git a/zlist/Zlength_solver.v b/zlist/Zlength_solver.v index 20aff89499..9749adef4d 100644 --- a/zlist/Zlength_solver.v +++ b/zlist/Zlength_solver.v @@ -1,7 +1,7 @@ (* Definitions and lemmas used in list solver *) -Require Import ZArith Znumtheory. -Require Import Coq.Lists.List. -Require Import Lia. +From Stdlib Require Import ZArith Znumtheory. +Require Import Stdlib.Lists.List. +From Stdlib Require Import Lia. Import ListNotations. Require Import VST.zlist.sublist. Import SublistInternalLib. diff --git a/zlist/list_solver.v b/zlist/list_solver.v index 612d8a5dd5..20bbcb7dc5 100644 --- a/zlist/list_solver.v +++ b/zlist/list_solver.v @@ -1,10 +1,7 @@ -Require Import RelationClasses. -Require Import ZArith Znumtheory. -Require Import Coq.Lists.List. -Require Import Lia. +From Stdlib Require Import RelationClasses ZArith Znumtheory Lists.List Lia. Import ListNotations. -Require Import Coq.Logic.FunctionalExtensionality. -Require Import Coq.Logic.PropExtensionality. +Require Import Stdlib.Logic.FunctionalExtensionality. +Require Import Stdlib.Logic.PropExtensionality. Require Export VST.zlist.sublist. Import SublistInternalLib. Require Export VST.zlist.Zlength_solver. @@ -1025,7 +1022,7 @@ Proof. intros. rewrite Forall_Znth. reflexivity. Qed. -Require Import Coq.Sorting.Sorted. +Require Import Stdlib.Sorting.Sorted. Section Sorted. Variable A : Type. diff --git a/zlist/sublist.v b/zlist/sublist.v index 505f650774..62c3d3dc8c 100644 --- a/zlist/sublist.v +++ b/zlist/sublist.v @@ -1,10 +1,6 @@ -Require Import ZArith Znumtheory. -Require Import Coq.Lists.List. -Require Import Lia. +From Stdlib Require Import ZArith Znumtheory Lists.List Lia. Import ListNotations. -(* Global Set Warnings "-deprecated-hint-rewrite-without-locality". Delete this line after we abandon Coq 8.13 *) - Module SublistInternalLib. (* Things copied from VST, to avoid dependencies *) Ltac inv H := inversion H; clear H; subst. @@ -209,7 +205,7 @@ Proof. reflexivity. Qed. -Lemma skipn_length: forall {A} (contents: list A) n, +Lemma length_skipn: forall {A} (contents: list A) n, length (skipn n contents) = (length contents - n)%nat. Proof. intros. @@ -236,7 +232,7 @@ Proof. - simpl. apply IHcontents. lia. Qed. -Lemma skipn_length_short: +Lemma length_skipn_short: forall {A} n (al: list A), (length al <= n)%nat -> (length (skipn n al) = 0)%nat. @@ -250,7 +246,7 @@ Lemma skipn_short: forall {A} n (al: list A), (n >= length al)%nat -> skipn n al = nil. Proof. intros. -pose proof (skipn_length_short n al). +pose proof (length_skipn_short n al). assert (length al <= n)%nat by auto. specialize (H0 H1). destruct (skipn n al); inv H0; auto. @@ -337,13 +333,13 @@ Proof. induction n; intros. simpl. rewrite Nat.sub_0_r. rewrite firstn_exact_length. auto. destruct (rev vl) eqn:?. -pose proof (rev_length vl). rewrite Heql in H. +pose proof (length_rev vl). rewrite Heql in H. destruct vl; inv H. reflexivity. simpl. assert (vl = rev l ++ rev [a]). rewrite <- rev_app_distr. simpl app. rewrite <- Heql; rewrite rev_involutive; auto. rewrite H. -rewrite app_length. +rewrite length_app. simpl length. rewrite <- (rev_involutive l) at 1. rewrite IHn. @@ -386,14 +382,14 @@ Lemma rev_skipn: Proof. induction n; intros. simpl. rewrite Nat.sub_0_r. -rewrite <- rev_length. +rewrite <- length_rev. rewrite firstn_exact_length. auto. destruct vl. simpl. auto. simpl. rewrite IHn. -rewrite firstn_app1 by (rewrite rev_length; lia). +rewrite firstn_app1 by (rewrite length_rev; lia). auto. Qed. @@ -409,7 +405,7 @@ assert (n = (length vl - lo) - (length vl - (lo+n)))%nat by lia. rewrite H0 at 2. rewrite <- skipn_firstn. rewrite rev_skipn. -rewrite firstn_length. rewrite min_l by lia. +rewrite length_firstn. rewrite min_l by lia. f_equal. auto. Qed. @@ -672,7 +668,7 @@ Lemma Zlength_firstn: forall {A} n (v: list A), Zlength (firstn (Z.to_nat n) v) = Z.min (Z.max 0 n) (Zlength v). Proof. intros. rewrite !Zlength_correct. -rewrite firstn_length. +rewrite length_firstn. (* solve by SMT *) rewrite Zmin_spec, Zmax_spec. if_tac; [rewrite min_l | rewrite min_r]. @@ -694,7 +690,7 @@ Proof. intros. (* solve by SMT *) rewrite !Zlength_correct. -rewrite skipn_length. rewrite !Zmax_spec. +rewrite length_skipn. rewrite !Zmax_spec. if_tac. if_tac in H. lia. @@ -1243,7 +1239,7 @@ Lemma sublist_nil': forall (A : Type) (lo lo': Z) (al : list A), lo=lo' -> subli Proof. intros. subst. apply sublist_nil. Qed. Lemma sublist_skip {A} (l:list A) i : 0<=i -> sublist i (Zlength l) l = skipn (Z.to_nat i) l. -Proof. intros; unfold_sublist_old. apply firstn_same. rewrite skipn_length. +Proof. intros; unfold_sublist_old. apply firstn_same. rewrite length_skipn. rewrite Z2Nat.inj_sub, Zlength_correct, Nat2Z.id. lia. trivial. Qed. @@ -1255,7 +1251,7 @@ Lemma sublist_app1: 0 <= k <= i -> i <= Zlength al -> sublist k i (al ++ bl) = sublist k i al. Proof. intros. unfold_sublist_old. rewrite skipn_app1. rewrite firstn_app1. trivial. - rewrite skipn_length, Z2Nat.inj_sub. apply Nat2Z.inj_le. + rewrite length_skipn, Z2Nat.inj_sub. apply Nat2Z.inj_le. repeat rewrite Nat2Z.inj_sub. rewrite Z2Nat.id, <- Zlength_correct. lia. lia. rewrite <- ZtoNat_Zlength. apply Z2Nat.inj_le; lia. apply Z2Nat.inj_le; lia. lia. rewrite <- ZtoNat_Zlength. apply Z2Nat.inj_le; lia. @@ -1848,7 +1844,7 @@ Qed. Lemma Zlength_combine : forall {A B} (l : list A) (l' : list B), Zlength (combine l l') = Z.min (Zlength l) (Zlength l'). Proof. - intros; rewrite !Zlength_correct, combine_length, Nat2Z.inj_min; auto. + intros; rewrite !Zlength_correct, length_combine, Nat2Z.inj_min; auto. Qed. Lemma upd_Znth_cons : forall {A} i a l (x : A), i > 0 -> @@ -1922,14 +1918,14 @@ Qed. Lemma length_concat : forall {A} (l : list (list A)), length (concat l) = fold_right plus O (map (@length A) l). Proof. induction l; auto; simpl. - rewrite app_length, IHl; auto. + rewrite length_app, IHl; auto. Qed. Lemma length_concat_min : forall {A}{d: Inhabitant A} (l : list (list A)) i (Hi : 0 <= i < Zlength l), (length (Znth i l) <= length (concat l))%nat. Proof. induction l; simpl; intros; [rewrite Zlength_nil in *; lia|]. - rewrite app_length; destruct (Z.eq_dec i 0). + rewrite length_app; destruct (Z.eq_dec i 0). - subst; rewrite Znth_0_cons; lia. - rewrite Znth_pos_cons by lia. rewrite Zlength_cons in *; etransitivity; [apply IHl|]; lia. @@ -1940,10 +1936,10 @@ Lemma length_concat_upd : forall {A} {d: Inhabitant A} l i (l' : list A) (Hi : 0 Proof. induction l; intros; [rewrite Zlength_nil in *; lia|]. destruct (Z.eq_dec i 0). - - subst; rewrite upd_Znth0, Znth_0_cons. simpl. rewrite !app_length. lia. + - subst; rewrite upd_Znth0, Znth_0_cons. simpl. rewrite !length_app. lia. - rewrite upd_Znth_cons, Znth_pos_cons by lia; simpl. rewrite Zlength_cons in *. - rewrite !app_length, IHl by lia. + rewrite !length_app, IHl by lia. cut (length (Znth (i - 1) l) <= length (concat l))%nat. lia. apply length_concat_min. lia. Qed. @@ -2341,7 +2337,7 @@ Qed. Lemma upto_length : forall n, length (upto n) = n. Proof. induction n; auto; simpl. - rewrite map_length, IHn; auto. + rewrite length_map, IHn; auto. Qed. Corollary Zlength_upto : forall n, Zlength (upto n) = Z.of_nat n. @@ -2631,7 +2627,7 @@ Lemma rev_combine : forall {A B} (l1 : list A) (l2 : list B), length l1 = length rev (combine l1 l2) = combine (rev l1) (rev l2). Proof. induction l1; destruct l2; try discriminate; auto; simpl; intros. - inv H; rewrite combine_app; [|rewrite !rev_length; auto]. + inv H; rewrite combine_app; [|rewrite !length_rev; auto]. rewrite IHl1; auto. Qed. @@ -2919,7 +2915,7 @@ Lemma rotate_inj : forall {A} (l1 l2 : list A) n m, rotate l1 n m = rotate l2 n Proof. unfold rotate; intros. destruct (app_eq_len_eq H) as (Hskip & Hfirst). - { unfold sublist; repeat rewrite skipn_length, firstn_length. + { unfold sublist; repeat rewrite length_skipn, length_firstn. repeat rewrite Zlength_correct; rewrite H0; lia. } erewrite <- sublist_same with (al := l1), <- sublist_rejoin with (mid := m - n); auto; try lia. rewrite Hfirst, Hskip, sublist_rejoin, sublist_same; auto; try lia. @@ -3082,7 +3078,7 @@ Lemma list_Znth_eq : forall {A}{d: Inhabitant A} (l : list A), l = map (fun j => Znth j l) (upto (length l)). Proof. induction l; simpl; intros; auto. - rewrite Znth_0_cons, IHl, map_map, map_length, upto_length. + rewrite Znth_0_cons, IHl, map_map, length_map, upto_length. f_equal; apply map_ext_in; intros. rewrite Znth_pos_cons, <- IHl. unfold Z.succ; rewrite Z.add_simpl_r; auto. From f8f22071e6b5ff5bd6e915e636f6c44f3e70c841 Mon Sep 17 00:00:00 2001 From: Andrew Appel Date: Tue, 1 Jul 2025 14:18:21 -0400 Subject: [PATCH 02/11] Update CI --- .github/workflows/coq-action.yml | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/.github/workflows/coq-action.yml b/.github/workflows/coq-action.yml index 8e0729dde5..7d9a025b7a 100644 --- a/.github/workflows/coq-action.yml +++ b/.github/workflows/coq-action.yml @@ -21,8 +21,7 @@ jobs: # except for the "make_target" field and make_target related excludes coq_version: # See https://github.com/coq-community/docker-coq/wiki for supported images - - '8.19' - - '8.20' + - '9.1' - 'dev' bit_size: - 32 @@ -30,9 +29,7 @@ jobs: make_target: - vst exclude: - - coq_version: 8.19 - bit_size: 32 - - coq_version: dev + - coq_version: 9.1 bit_size: 32 steps: - uses: actions/checkout@v4 @@ -88,8 +85,7 @@ jobs: fail-fast: false matrix: coq_version: - - '8.19' - - '8.20' + - '9.1' - 'dev' make_target: - assumptions.txt @@ -102,7 +98,7 @@ jobs: - 32 - 64 exclude: - - coq_version: 8.19 + - coq_version: 9.1 bit_size: 32 - coq_version: dev bit_size: 32 From 346a0629ed083c1896f5a1e0b32cce7c6efc3d4c Mon Sep 17 00:00:00 2001 From: Andrew Appel Date: Tue, 1 Jul 2025 15:09:01 -0400 Subject: [PATCH 03/11] Use user-contrib [opam] for InteractionTrees, paco, ext-lib; adjust CI; update bundled CompCert --- .github/workflows/coq-action.yml | 9 -- Makefile | 34 +++-- compcert/Makefile.config | 4 +- compcert/cfrontend/Clight.v | 2 +- compcert/cfrontend/Cstrategy.v | 21 +-- compcert/common/AST.v | 21 ++- compcert/common/Behaviors.v | 8 +- compcert/common/Builtins.v | 31 +++- compcert/common/Builtins0.v | 23 ++- compcert/common/Determinism.v | 9 +- compcert/common/Errors.v | 6 +- compcert/common/Events.v | 79 +++++++--- compcert/common/Globalenvs.v | 3 +- compcert/common/Linking.v | 16 ++ compcert/common/Memdata.v | 8 +- compcert/common/Memory.v | 13 +- compcert/common/Memtype.v | 8 +- compcert/common/Separation.v | 2 +- compcert/common/Smallstep.v | 8 +- compcert/common/Subtyping.v | 3 +- compcert/common/Switch.v | 7 +- compcert/common/Unityping.v | 3 +- compcert/common/Values.v | 12 +- compcert/flocq/Calc/Bracket.v | 2 +- compcert/flocq/Core/Digits.v | 14 +- compcert/flocq/Core/FLT.v | 17 +++ compcert/flocq/Core/FLX.v | 10 ++ compcert/flocq/IEEE754/BinarySingleNaN.v | 177 ++++++++++++++--------- compcert/lib/Axioms.v | 3 +- compcert/lib/Coqlib.v | 19 ++- compcert/lib/Decidableplus.v | 2 +- compcert/lib/FSetAVLplus.v | 4 +- compcert/lib/Floats.v | 3 +- compcert/lib/Heaps.v | 6 +- compcert/lib/IEEE754_extra.v | 8 +- compcert/lib/Integers.v | 91 +++++++++--- compcert/lib/Intv.v | 4 +- compcert/lib/Iteration.v | 3 +- compcert/lib/Lattice.v | 5 +- compcert/lib/Maps.v | 2 +- compcert/lib/Ordered.v | 6 +- compcert/lib/Parmov.v | 10 +- compcert/lib/Postorder.v | 8 +- compcert/lib/UnionFind.v | 2 +- compcert/lib/Wfsimpl.v | 3 +- compcert/lib/Zbits.v | 89 +++++++++++- compcert/x86/Builtins1.v | 8 +- compcert/x86_32/Archi.v | 2 +- compcert/x86_64/Archi.v | 2 +- sepcomp/semantics_lemmas.v | 2 +- veric/change_compspecs.v | 6 +- veric/invariants.v | 2 +- 52 files changed, 551 insertions(+), 289 deletions(-) diff --git a/.github/workflows/coq-action.yml b/.github/workflows/coq-action.yml index 7d9a025b7a..2ca1e95988 100644 --- a/.github/workflows/coq-action.yml +++ b/.github/workflows/coq-action.yml @@ -21,16 +21,12 @@ jobs: # except for the "make_target" field and make_target related excludes coq_version: # See https://github.com/coq-community/docker-coq/wiki for supported images - - '9.1' - 'dev' bit_size: - 32 - 64 make_target: - vst - exclude: - - coq_version: 9.1 - bit_size: 32 steps: - uses: actions/checkout@v4 with: @@ -85,7 +81,6 @@ jobs: fail-fast: false matrix: coq_version: - - '9.1' - 'dev' make_target: - assumptions.txt @@ -98,10 +93,6 @@ jobs: - 32 - 64 exclude: - - coq_version: 9.1 - bit_size: 32 - - coq_version: dev - bit_size: 32 - bit_size: 64 make_target: test3 - bit_size: 32 diff --git a/Makefile b/Makefile index 3292545800..92807f6c3c 100644 --- a/Makefile +++ b/Makefile @@ -303,9 +303,10 @@ CGFLAGS = -DCOMPCERT -short-idents # ##### Interaction Trees Flags ##### -ifneq ($(wildcard InteractionTrees/theories),) -EXTFLAGS:=$(EXTFLAGS) -Q InteractionTrees/theories ITree -endif +# the following commented out, because we get from opam instead of submodules +# ifneq ($(wildcard InteractionTrees/theories),) +# EXTFLAGS:=$(EXTFLAGS) -Q InteractionTrees/theories ITree +# endif # ##### FCF (Foundational Cryptography Framework) Flags ##### @@ -315,9 +316,10 @@ endif# # ##### PaCo (Parameterized Coinduction) Flags ##### -ifneq ($(wildcard paco/src),) -EXTFLAGS:=$(EXTFLAGS) -Q paco/src Paco -endif +# the following commented out, because we get from opam instead of submodules +# ifneq ($(wildcard paco/src),) +# EXTFLAGS:=$(EXTFLAGS) -Q paco/src Paco +# endif # ##### SSReflect Flags ##### @@ -327,7 +329,10 @@ endif # ##### Flag summary ##### -COQFLAGS=$(foreach d, $(VSTDIRS), $(if $(wildcard $(d)), -Q $(d) VST.$(d))) $(foreach d, $(OTHERDIRS), $(if $(wildcard $(d)), -Q $(d) $(d))) $(EXTFLAGS) $(SHIM) # -Q ../stdpp/theories stdpp -Q ../iris/iris iris -Q ../InteractionTrees/theories ITree -Q ../paco/src Paco -Q ../coq-ext-lib/theories ExtLib -Q ../fcf/src/fcf FCF +COQFLAGS=$(foreach d, $(VSTDIRS), $(if $(wildcard $(d)), -Q $(d) VST.$(d))) $(foreach d, $(OTHERDIRS), $(if $(wildcard $(d)), -Q $(d) $(d))) $(EXTFLAGS) $(SHIM) # -Q ../stdpp/theories stdpp -Q ../iris/iris iris -Q ../fcf/src/fcf FCF + +# old version with InteractionTrees, paco, coq-ext-lib; we now obtain these from opam environment instead of submodules +# COQFLAGS=$(foreach d, $(VSTDIRS), $(if $(wildcard $(d)), -Q $(d) VST.$(d))) $(foreach d, $(OTHERDIRS), $(if $(wildcard $(d)), -Q $(d) $(d))) $(EXTFLAGS) $(SHIM) # -Q ../stdpp/theories stdpp -Q ../iris/iris iris -Q ../InteractionTrees/theories ITree -Q ../paco/src Paco -Q ../coq-ext-lib/theories ExtLib -Q ../fcf/src/fcf FCF DEPFLAGS:=$(COQFLAGS) @@ -923,15 +928,16 @@ endif # ifneq ($(wildcard coq-ext-lib/theories),) # $(COQDEP) -Q coq-ext-lib/theories ExtLib coq-ext-lib/theories >>.depend # endif -ifneq ($(wildcard InteractionTrees/theories),) -# $(COQDEP) -Q coq-ext-lib/theories ExtLib -Q paco/src Paco -Q InteractionTrees/theories ITree InteractionTrees/theories >>.depend - $(COQDEP) -Q paco/src Paco -Q InteractionTrees/theories ITree InteractionTrees/theories >>.depend -endif + +# the following commented out, because we get from opam instead of submodules +# ifneq ($(wildcard InteractionTrees/theories),) +# $(COQDEP) -Q paco/src Paco -Q InteractionTrees/theories ITree InteractionTrees/theories >>.depend +# endif +# ifneq ($(wildcard paco/src),) +# $(COQDEP) -Q paco/src Paco paco/src/*.v >>.depend +# endif ifneq ($(wildcard fcf/src/FCF),) $(COQDEP) -Q fcf/src/FCF FCF fcf/src/FCF/*.v >>.depend -endif -ifneq ($(wildcard paco/src),) - $(COQDEP) -Q paco/src Paco paco/src/*.v >>.depend endif wc .depend diff --git a/compcert/Makefile.config b/compcert/Makefile.config index c178db80bc..dbec5d4d3a 100644 --- a/compcert/Makefile.config +++ b/compcert/Makefile.config @@ -6,7 +6,7 @@ SHAREDIR=$(PREFIX)/share COQDEVDIR=$(PREFIX)/lib/compcert/coq OCAML_NATIVE_COMP=true OCAML_OPT_COMP=true -MENHIR_DIR=/Users/appel/.opam/coq8.19/lib/menhirLib +MENHIR_DIR=/Users/appel/.opam/CP.2024.10.1~8.20~2025.01/lib/menhirLib COMPFLAGS=-bin-annot ABI=apple ARCH=aarch64 @@ -31,4 +31,4 @@ MODEL=default SYSTEM=macos RESPONSEFILE=gnu LIBRARY_FLOCQ=external -LIBRARY_MENHIRLIB=local +LIBRARY_MENHIRLIB=external diff --git a/compcert/cfrontend/Clight.v b/compcert/cfrontend/Clight.v index de711045c2..69c3904c96 100644 --- a/compcert/cfrontend/Clight.v +++ b/compcert/cfrontend/Clight.v @@ -361,7 +361,7 @@ Variable e: env. Variable le: temp_env. Variable m: mem. -(** [eval_expr ge e m a v] defines the evaluation of expression [a] +(** [eval_expr ge e le m a v] defines the evaluation of expression [a] in r-value position. [v] is the value of the expression. [e] is the current environment and [m] is the current memory state. *) diff --git a/compcert/cfrontend/Cstrategy.v b/compcert/cfrontend/Cstrategy.v index 578615db0c..2b95fec18b 100644 --- a/compcert/cfrontend/Cstrategy.v +++ b/compcert/cfrontend/Cstrategy.v @@ -16,23 +16,10 @@ (** A deterministic evaluation strategy for C. *) -Require Import Axioms. -Require Import Classical. -Require Import Coqlib. -Require Import Errors. -Require Import Maps. -Require Import Integers. -Require Import Floats. -Require Import Values. -Require Import AST. -Require Import Memory. -Require Import Events. -Require Import Globalenvs. -Require Import Smallstep. -Require Import Ctypes. -Require Import Cop. -Require Import Csyntax. -Require Import Csem. +From Coq Require Import Classical. +Require Import Axioms Coqlib Errors Maps. +Require Import Integers Floats Values AST Memory Events Globalenvs Smallstep. +Require Import Ctypes Cop Csyntax Csem. Section STRATEGY. diff --git a/compcert/common/AST.v b/compcert/common/AST.v index 0b1c5f4544..007d44afdb 100644 --- a/compcert/common/AST.v +++ b/compcert/common/AST.v @@ -17,7 +17,7 @@ (** This file defines a number of data types and operations used in the abstract syntax trees of many of the intermediate languages. *) -Require Import String. +From Coq Require Import String. Require Import Coqlib Maps Errors Integers Floats. Require Archi. @@ -715,6 +715,25 @@ Inductive builtin_res (A: Type) : Type := | BR_none | BR_splitlong (hi lo: builtin_res A). +Definition eq_builtin_arg (A: Type) (eq: forall x y: A, {x=y} + {x<>y}) : + forall x y : builtin_arg A, {x=y} + {x<>y}. +Proof. + generalize Int.eq_dec Int64.eq_dec Ptrofs.eq_dec Float.eq_dec Float32.eq_dec + chunk_eq ident_eq; intros. + decide equality. +Defined. + +Definition eq_builtin_res (A: Type) (eq: forall x y: A, {x=y} + {x<>y}) : + forall x y : builtin_res A, {x=y} + {x<>y}. +Proof. + decide equality. +Defined. + +Arguments eq_builtin_arg {A}. +Arguments eq_builtin_res {A}. + +Global Opaque eq_builtin_arg eq_builtin_res. + Fixpoint globals_of_builtin_arg (A: Type) (a: builtin_arg A) : list ident := match a with | BA_loadglobal chunk id ofs => id :: nil diff --git a/compcert/common/Behaviors.v b/compcert/common/Behaviors.v index 1f7f62263b..822b08832f 100644 --- a/compcert/common/Behaviors.v +++ b/compcert/common/Behaviors.v @@ -16,13 +16,9 @@ (** Whole-program behaviors *) -Require Import Classical. -Require Import ClassicalEpsilon. +From Coq Require Import Classical ClassicalEpsilon. Require Import Coqlib. -Require Import Events. -Require Import Globalenvs. -Require Import Integers. -Require Import Smallstep. +Require Import Events Globalenvs Integers Smallstep. Set Implicit Arguments. Set Asymmetric Patterns. diff --git a/compcert/common/Builtins.v b/compcert/common/Builtins.v index facff72697..0d50385f8f 100644 --- a/compcert/common/Builtins.v +++ b/compcert/common/Builtins.v @@ -16,7 +16,8 @@ (** Known built-in functions *) -Require Import String Coqlib. +From Coq Require Import String. +Require Import Coqlib. Require Import AST Integers Floats Values. Require Export Builtins0 Builtins1. @@ -24,6 +25,12 @@ Inductive builtin_function : Type := | BI_standard (b: standard_builtin) | BI_platform (b: platform_builtin). +Definition eq_builtin_function: forall (x y: builtin_function), {x=y} + {x<>y}. +Proof. + generalize eq_standard_builtin eq_platform_builtin; decide equality. +Defined. +Global Opaque eq_builtin_function. + Definition builtin_function_sig (b: builtin_function) : signature := match b with | BI_standard b => standard_builtin_sig b @@ -36,6 +43,28 @@ Definition builtin_function_sem (b: builtin_function) : builtin_sem (sig_res (bu | BI_platform b => platform_builtin_sem b end. +Lemma builtin_function_sem_inject: forall b vargs vres f vargs', + builtin_function_sem b vargs = Some vres -> + Val.inject_list f vargs vargs' -> + exists vres', builtin_function_sem b vargs' = Some vres' /\ Val.inject f vres vres'. +Proof. + intros. exploit (bs_inject _ (builtin_function_sem b)); eauto. + unfold val_opt_inject; rewrite H; intro J. + destruct (builtin_function_sem b vargs') as [vres'|]; try contradiction. + exists vres'; auto. +Qed. + +Lemma builtin_function_sem_lessdef: forall b vargs vres vargs', + builtin_function_sem b vargs = Some vres -> + Val.lessdef_list vargs vargs' -> + exists vres', builtin_function_sem b vargs' = Some vres' /\ Val.lessdef vres vres'. +Proof. + intros. apply val_inject_list_lessdef in H0. + exploit builtin_function_sem_inject; eauto. + intros (vres' & A & B). apply val_inject_lessdef in B. + exists vres'; auto. +Qed. + Definition lookup_builtin_function (name: string) (sg: signature) : option builtin_function := match lookup_builtin standard_builtin_sig name sg standard_builtin_table with | Some b => Some (BI_standard b) diff --git a/compcert/common/Builtins0.v b/compcert/common/Builtins0.v index d99ad1f398..e1fc201573 100644 --- a/compcert/common/Builtins0.v +++ b/compcert/common/Builtins0.v @@ -16,7 +16,8 @@ (** Associating semantics to built-in functions *) -Require Import String Coqlib. +From Coq Require Import String. +Require Import Coqlib. Require Import AST Integers Floats Values Memdata. Local Open Scope asttyp_scope. @@ -383,6 +384,11 @@ Inductive standard_builtin : Type := | BI_i64_stof | BI_i64_utof. +Definition eq_standard_builtin: forall (x y: standard_builtin), {x=y} + {x<>y}. +Proof. + generalize typ_eq; decide equality. +Defined. + Local Open Scope string_scope. Definition standard_builtin_table : list (string * standard_builtin) := @@ -440,7 +446,7 @@ Definition standard_builtin_sig (b: standard_builtin) : signature := | BI_i64_bswap => [Xlong ---> Xlong] | BI_i16_bswap => - [Xint ---> Xint] + [Xint16unsigned ---> Xint16unsigned] | BI_unreachable => mksignature nil Xvoid cc_default | BI_i64_shl | BI_i64_shr | BI_i64_sar => @@ -469,7 +475,7 @@ Program Definition standard_builtin_sem (b: standard_builtin) : builtin_sem (sig | BI_subl => mkbuiltin_v2t Xlong Val.subl _ _ | BI_mull => mkbuiltin_v2t Xlong Val.mull' _ _ | BI_i16_bswap => - mkbuiltin_n1t Tint Xint + mkbuiltin_n1t Tint Xint16unsigned (fun n => Int.repr (decode_int (List.rev (encode_int 2%nat (Int.unsigned n))))) | BI_i32_bswap => mkbuiltin_n1t Tint Xint @@ -522,6 +528,17 @@ Qed. Next Obligation. inv H; simpl; auto. inv H0; auto. Qed. +Next Obligation. + set (bl := rev (encode_int 2 (Int.unsigned n))). + set (x := decode_int bl). + assert (length bl = 2%nat). + { unfold bl. rewrite List.rev_length. apply encode_int_length. } + assert (0 <= x < two_p 16). + { generalize (int_of_bytes_range (rev_if_be bl)). rewrite rev_if_be_length, H. auto. } + assert (two_p 16 < Int.max_unsigned) by (compute; auto). + apply Int.eqm_samerepr. rewrite Int.unsigned_repr by lia. rewrite Zbits.Zzero_ext_mod by lia. + apply Int.eqm_refl2. rewrite Z.mod_small; auto. +Qed. Next Obligation. red. destruct v1; simpl; auto. destruct v2; auto. destruct orb; exact I. Qed. diff --git a/compcert/common/Determinism.v b/compcert/common/Determinism.v index c8c907824e..45fe8bf7fc 100644 --- a/compcert/common/Determinism.v +++ b/compcert/common/Determinism.v @@ -17,14 +17,9 @@ (** Characterization and properties of deterministic external worlds and deterministic semantics *) -Require Import String. +From Coq Require Import String. Require Import Coqlib. -Require Import AST. -Require Import Integers. -Require Import Events. -Require Import Globalenvs. -Require Import Smallstep. -Require Import Behaviors. +Require Import AST Integers Events Globalenvs Smallstep Behaviors. (** * Deterministic worlds *) diff --git a/compcert/common/Errors.v b/compcert/common/Errors.v index f050328627..a3e21b4db5 100644 --- a/compcert/common/Errors.v +++ b/compcert/common/Errors.v @@ -16,7 +16,7 @@ (** Error reporting and the error monad. *) -Require Import String. +From Coq Require Import String. Require Import Coqlib. Close Scope string_scope. @@ -70,11 +70,11 @@ Definition bind2 (A B C: Type) (f: res (A * B)) (g: A -> B -> res C) : res C := Declare Scope error_monad_scope. Notation "'do' X <- A ; B" := (bind A (fun X => B)) - (at level 200, X ident, A at level 100, B at level 200) + (at level 200, X name, A at level 100, B at level 200) : error_monad_scope. Notation "'do' ( X , Y ) <- A ; B" := (bind2 A (fun X Y => B)) - (at level 200, X ident, Y ident, A at level 100, B at level 200) + (at level 200, X name, Y name, A at level 100, B at level 200) : error_monad_scope. Remark bind_inversion: diff --git a/compcert/common/Events.v b/compcert/common/Events.v index 994781fa41..798ba568c6 100644 --- a/compcert/common/Events.v +++ b/compcert/common/Events.v @@ -16,16 +16,10 @@ (** Observable events, execution traces, and semantics of external calls. *) -Require Import String. +From Coq Require Import String. Require Import Coqlib. Require Intv. -Require Import AST. -Require Import Integers. -Require Import Floats. -Require Import Values. -Require Import Memory. -Require Import Globalenvs. -Require Import Builtins. +Require Import AST Integers Floats Values Memory Globalenvs Builtins. Local Open Scope asttyp_scope. (** Backwards compatibility for Hint Rewrite locality attributes. *) @@ -1428,6 +1422,24 @@ Inductive known_builtin_sem (bf: builtin_function) (ge: Senv.t): builtin_function_sem bf vargs = Some vres -> known_builtin_sem bf ge vargs m E0 vres m. +Remark known_builtin_sem_inject: forall bf ge vargs m1 t vres m2 f ge' vargs' m', + known_builtin_sem bf ge vargs m1 t vres m2 -> + Val.inject_list f vargs vargs' -> + exists vres', known_builtin_sem bf ge' vargs' m' t vres' m' /\ Val.inject f vres vres'. +Proof. + intros. inv H. exploit builtin_function_sem_inject; eauto. intros (vres' & A & B). + exists vres'; auto using known_builtin_sem. +Qed. + +Remark known_builtin_sem_lessdef: forall bf ge vargs m1 t vres m2 ge' vargs' m', + known_builtin_sem bf ge vargs m1 t vres m2 -> + Val.lessdef_list vargs vargs' -> + exists vres', known_builtin_sem bf ge' vargs' m' t vres' m' /\ Val.lessdef vres vres'. +Proof. + intros. inv H. exploit builtin_function_sem_lessdef; eauto. intros (vres' & A & B). + exists vres'; auto using known_builtin_sem. +Qed. + Lemma known_builtin_ok: forall bf, extcall_properties (known_builtin_sem bf) (builtin_function_sig bf). Proof. @@ -1446,20 +1458,13 @@ Proof. (* readonly *) - inv H; auto. (* mem extends *) -- inv H. fold bsem in H2. apply val_inject_list_lessdef in H1. - specialize (bs_inject _ bsem _ _ _ H1). - unfold val_opt_inject; rewrite H2; intros. - destruct (bsem vargs') as [vres'|] eqn:?; try contradiction. - exists vres', m1'; intuition auto using Mem.extends_refl, Mem.unchanged_on_refl. - constructor; auto. - apply val_inject_lessdef; auto. -(* mem injects *) -- inv H0. fold bsem in H3. - specialize (bs_inject _ bsem _ _ _ H2). - unfold val_opt_inject; rewrite H3; intros. - destruct (bsem vargs') as [vres'|] eqn:?; try contradiction. - exists f, vres', m1'; intuition auto using Mem.extends_refl, Mem.unchanged_on_refl. - constructor; auto. +- assert (m2 = m1) by (inv H; auto). subst m2. + exploit known_builtin_sem_lessdef; eauto. intros (vres' & A & B). + exists vres', m1'; intuition eauto using Mem.unchanged_on_refl. +(* mem inject *) +- assert (m2 = m1) by (inv H0; auto). subst m2. + exploit known_builtin_sem_inject; eauto. intros (vres' & A & B). + exists f, vres', m1'; intuition eauto using Mem.unchanged_on_refl. red; intros; congruence. (* trace length *) - inv H; simpl; lia. @@ -1703,6 +1708,36 @@ End EVAL_BUILTIN_ARG. Global Hint Constructors eval_builtin_arg: barg. +Fixpoint builtin_arg_depends_on_memory {A: Type} (ba: builtin_arg A) : bool := + match ba with + | BA_loadstack _ _ | BA_loadglobal _ _ _ => true + | BA_splitlong a1 a2 | BA_addptr a1 a2 => + builtin_arg_depends_on_memory a1 || builtin_arg_depends_on_memory a2 + | _ => false + end. + +Lemma builtin_arg_depends_on_memory_correct: + forall (A: Type) m' ge e sp m (ba: builtin_arg A) v, + eval_builtin_arg ge e sp m ba v -> + builtin_arg_depends_on_memory ba = false -> + eval_builtin_arg ge e sp m' ba v. +Proof. + induction 1; simpl; intros; InvBooleans; discriminate || eauto using eval_builtin_arg. +Qed. + +Definition builtin_args_depends_on_memory {A: Type} (bal: list (builtin_arg A)) : bool := + List.existsb builtin_arg_depends_on_memory bal. + +Lemma builtin_args_depends_on_memory_correct: + forall (A: Type) m' ge e sp m (bal: list (builtin_arg A)) vl, + eval_builtin_args ge e sp m bal vl -> + builtin_args_depends_on_memory bal = false -> + eval_builtin_args ge e sp m' bal vl. +Proof. + unfold eval_builtin_args; induction 1; simpl; intros; + InvBooleans; constructor; eauto using builtin_arg_depends_on_memory_correct. +Qed. + (** Invariance by change of global environment. *) Section EVAL_BUILTIN_ARG_PRESERVED. diff --git a/compcert/common/Globalenvs.v b/compcert/common/Globalenvs.v index 92ee8498b2..7356ca31f2 100644 --- a/compcert/common/Globalenvs.v +++ b/compcert/common/Globalenvs.v @@ -34,8 +34,7 @@ place during program linking and program loading in a real operating system. *) -Require Import Recdef. -Require Import Zwf. +From Coq Require Import Recdef Zwf. Require Import Axioms Coqlib Errors Maps AST Linking. Require Import Integers Floats Values Memory. diff --git a/compcert/common/Linking.v b/compcert/common/Linking.v index 54d1628e63..23498758df 100644 --- a/compcert/common/Linking.v +++ b/compcert/common/Linking.v @@ -714,6 +714,22 @@ Proof. - intros; subst. exists v; auto. Qed. +Global Instance TransfPartialContextualLink2 + {A B C D V: Type} {LV: Linker V} + (tr_fun: C -> D -> A -> res B) + (ctx1_for: program (fundef A) V -> C) + (ctx2_for: program (fundef A) V -> D): + TransfLink (fun (p1: program (fundef A) V) (p2: program (fundef B) V) => + match_program + (fun cu f tf => AST.transf_partial_fundef (tr_fun (ctx1_for cu) (ctx2_for cu)) f = OK tf) + eq p1 p2). +Proof. + red. intros. destruct (link_linkorder _ _ _ H) as [LO1 LO2]. + eapply link_match_program; eauto. +- intros. eapply link_transf_partial_fundef; eauto. +- intros; subst. exists v; auto. +Qed. + Global Instance TransfPartialLink {A B V: Type} {LV: Linker V} (tr_fun: A -> res B): diff --git a/compcert/common/Memdata.v b/compcert/common/Memdata.v index cf43589c7a..be8783d742 100644 --- a/compcert/common/Memdata.v +++ b/compcert/common/Memdata.v @@ -17,13 +17,9 @@ (** In-memory representation of values. *) -Require Import Coqlib. -Require Import Zbits. +Require Import Coqlib Zbits Integers Floats. Require Archi. -Require Import AST. -Require Import Integers. -Require Import Floats. -Require Import Values. +Require Import AST Values. (** * Properties of memory chunks *) diff --git a/compcert/common/Memory.v b/compcert/common/Memory.v index 786bc8597c..7b36ec5a21 100644 --- a/compcert/common/Memory.v +++ b/compcert/common/Memory.v @@ -27,18 +27,11 @@ - [free]: invalidate a memory block. *) -Require Import Zwf. -Require Import Axioms. -Require Import Coqlib. +From Coq Require Import Zwf. Require Intv. -Require Import Maps. Require Archi. -Require Import AST. -Require Import Integers. -Require Import Floats. -Require Import Values. -Require Export Memdata. -Require Export Memtype. +Require Import Axioms Coqlib Maps Integers Floats AST Values. +Require Export Memdata Memtype. (* To avoid useless definitions of inductors in extracted code. *) Local Unset Elimination Schemes. diff --git a/compcert/common/Memtype.v b/compcert/common/Memtype.v index 7bf19347ab..188aa04ee0 100644 --- a/compcert/common/Memtype.v +++ b/compcert/common/Memtype.v @@ -24,12 +24,8 @@ - [free]: invalidate a memory block. *) -Require Import Coqlib. -Require Import AST. -Require Import Integers. -Require Import Floats. -Require Import Values. -Require Import Memdata. +Require Import Coqlib Integers Floats. +Require Import AST Values Memdata. (** Memory states are accessed by addresses [b, ofs]: pairs of a block identifier [b] and a byte offset [ofs] within that block. diff --git a/compcert/common/Separation.v b/compcert/common/Separation.v index 2ba6e77bb3..6658e37cba 100644 --- a/compcert/common/Separation.v +++ b/compcert/common/Separation.v @@ -30,7 +30,7 @@ frame rule; instead, a weak form of the frame rule is provided by the lemmas that help us reason about the logical assertions. *) -Require Import Setoid Program.Basics. +From Coq Require Import Setoid Program.Basics. Require Import Coqlib Decidableplus. Require Import AST Integers Values Memory Events Globalenvs. diff --git a/compcert/common/Smallstep.v b/compcert/common/Smallstep.v index c7efcc903a..24e1b8eb05 100644 --- a/compcert/common/Smallstep.v +++ b/compcert/common/Smallstep.v @@ -20,12 +20,8 @@ the one-step transition relations that are used to specify operational semantics in small-step style. *) -Require Import Relations. -Require Import Wellfounded. -Require Import Coqlib. -Require Import Events. -Require Import Globalenvs. -Require Import Integers. +From Coq Require Import Relations Wellfounded. +Require Import Coqlib Events Globalenvs Integers. Set Implicit Arguments. diff --git a/compcert/common/Subtyping.v b/compcert/common/Subtyping.v index 8e5d9361e2..83571be555 100644 --- a/compcert/common/Subtyping.v +++ b/compcert/common/Subtyping.v @@ -16,7 +16,8 @@ (* A solver for subtyping constraints. *) -Require Import Recdef Coqlib Maps Errors. +From Coq Require Import Recdef. +Require Import Coqlib Maps Errors. Local Open Scope nat_scope. Local Open Scope error_monad_scope. diff --git a/compcert/common/Switch.v b/compcert/common/Switch.v index 23f9dd3e2b..05d86ec58a 100644 --- a/compcert/common/Switch.v +++ b/compcert/common/Switch.v @@ -17,11 +17,8 @@ (** Multi-way branches (``switch'' statements) and their compilation to comparison trees. *) -Require Import EqNat. -Require Import Coqlib. -Require Import Maps. -Require Import Integers. -Require Import Values. +From Coq Require Import EqNat. +Require Import Coqlib Maps Integers Values. (** A multi-way branch is composed of a list of (key, action) pairs, plus a default action. *) diff --git a/compcert/common/Unityping.v b/compcert/common/Unityping.v index 1089b3599c..1d46cc6408 100644 --- a/compcert/common/Unityping.v +++ b/compcert/common/Unityping.v @@ -16,7 +16,8 @@ (* A solver for unification constraints. *) -Require Import Recdef Coqlib Maps Errors. +From Coq Require Import Recdef. +Require Import Coqlib Maps Errors. Local Open Scope nat_scope. Local Open Scope error_monad_scope. diff --git a/compcert/common/Values.v b/compcert/common/Values.v index 954405ee68..59d851305d 100644 --- a/compcert/common/Values.v +++ b/compcert/common/Values.v @@ -17,10 +17,7 @@ (** This module defines the type of values that is used in the dynamic semantics of all our intermediate languages. *) -Require Import Coqlib. -Require Import AST. -Require Import Integers. -Require Import Floats. +Require Import Coqlib AST Integers Floats. Definition block : Type := positive. Definition eq_block := peq. @@ -860,6 +857,13 @@ Definition rolml (v: val) (amount: int) (mask: int64): val := | _ => Vundef end. +Theorem rolml_zero: + forall x m, + rolml x Int.zero m = andl x (Vlong m). +Proof. + intros; destruct x; simpl; auto. decEq. apply Int64.rolm_zero. +Qed. + Definition zero_ext_l (nbits: Z) (v: val) : val := match v with | Vlong n => Vlong(Int64.zero_ext nbits n) diff --git a/compcert/flocq/Calc/Bracket.v b/compcert/flocq/Calc/Bracket.v index fe5a895d0b..4fcc5b2e60 100644 --- a/compcert/flocq/Calc/Bracket.v +++ b/compcert/flocq/Calc/Bracket.v @@ -651,7 +651,7 @@ now apply Zpower_gt_1. now apply Z_mod_lt. rewrite <- 2!Rmult_plus_distr_r, <- 2!plus_IZR. rewrite Zmult_comm, Zplus_assoc. -(try now rewrite <- Z_div_mod_eq_full); now rewrite <- Z_div_mod_eq. (* remove the try and the second part when requiring Coq >= 8.14 *) +now rewrite <- Z_div_mod_eq_full. Qed. Theorem inbetween_float_new_location_single : diff --git a/compcert/flocq/Core/Digits.v b/compcert/flocq/Core/Digits.v index f412aa199f..917787db30 100644 --- a/compcert/flocq/Core/Digits.v +++ b/compcert/flocq/Core/Digits.v @@ -1119,11 +1119,15 @@ Theorem Zdigits_succ_le : forall x, (0 <= x)%Z -> (Zdigits (x + 1) <= Zdigits x + 1)%Z. Proof. - destruct x as [| p | p]; [intros _; now simpl | intros _ | lia]. - transitivity (Zdigits (Z.pos p * beta ^ 1)); - [apply Zdigits_le; [lia |] | rewrite Zdigits_mult_Zpower; lia]. - apply Ztac.Zlt_le_add_1. rewrite <-Z.mul_1_r at 1. apply Zmult_lt_compat_l; [lia |]. - rewrite Z.pow_1_r. apply radix_gt_1. + intros [|p|p]; try easy. + intros _. + rewrite <- Zdigits_mult_Zpower by easy. + apply Zdigits_le. easy. + apply Z.le_trans with (Z.pos p * 2)%Z. + lia. + apply Zmult_le_compat_l. 2: easy. + rewrite Z.pow_1_r. + apply (Zlt_le_succ 1), radix_gt_1. Qed. End Fcore_digits. diff --git a/compcert/flocq/Core/FLT.v b/compcert/flocq/Core/FLT.v index 7d0c2268ef..82e65fbd6a 100644 --- a/compcert/flocq/Core/FLT.v +++ b/compcert/flocq/Core/FLT.v @@ -416,6 +416,23 @@ fold (Req_bool (-x) (bpow (mag beta (-x) - 1))); case Req_bool. rewrite ulp_FLT_exact_shift; [ring|lra| |]; rewrite mag_opp; lia. Qed. +Lemma pred_FLT_exact_shift : + forall x e, + (x <> 0)%R -> + (emin + prec + 1 <= mag beta x)%Z -> + (emin + prec - mag beta x + 1 <= e)%Z -> + (pred beta FLT_exp (x * bpow e) = pred beta FLT_exp x * bpow e)%R. +Proof. +intros x e Nzx Hmx He. +unfold pred. +rewrite Ropp_mult_distr_l. +rewrite succ_FLT_exact_shift. +apply Ropp_mult_distr_l. +lra. +now rewrite mag_opp. +now rewrite mag_opp. +Qed. + Theorem ulp_FLT_pred_pos : forall x, generic_format beta FLT_exp x -> diff --git a/compcert/flocq/Core/FLX.v b/compcert/flocq/Core/FLX.v index cb23982bb2..82e321649e 100644 --- a/compcert/flocq/Core/FLX.v +++ b/compcert/flocq/Core/FLX.v @@ -341,6 +341,16 @@ fold (Req_bool (-x) (bpow (mag beta (-x) - 1))); case Req_bool. rewrite ulp_FLX_exact_shift; ring. Qed. +Lemma pred_FLX_exact_shift : + forall x e, + (pred beta FLX_exp (x * bpow e) = pred beta FLX_exp x * bpow e)%R. +Proof. +intros x e. +unfold pred. +rewrite Ropp_mult_distr_l, succ_FLX_exact_shift. +apply Ropp_mult_distr_l. +Qed. + (** FLX is a nice format: it has a monotone exponent... *) Global Instance FLX_exp_monotone : Monotone_exp FLX_exp. Proof. diff --git a/compcert/flocq/IEEE754/BinarySingleNaN.v b/compcert/flocq/IEEE754/BinarySingleNaN.v index 32af023078..2c3e8b3513 100644 --- a/compcert/flocq/IEEE754/BinarySingleNaN.v +++ b/compcert/flocq/IEEE754/BinarySingleNaN.v @@ -70,6 +70,18 @@ Definition SF2B x := | S754_nan => fun _ => B754_nan end. +Definition SF2B' x := + match x with + | S754_zero s => B754_zero s + | S754_infinity s => B754_infinity s + | S754_nan => B754_nan + | S754_finite s m e => + match bounded m e as b return bounded m e = b -> _ with + | true => B754_finite s m e + | false => fun H => B754_nan + end eq_refl + end. + Definition B2SF x := match x with | B754_finite s m e _ => S754_finite s m e @@ -234,6 +246,19 @@ intros Hx. apply f_equal, eqbool_irrelevance. Qed. +Theorem SF2B'_B2SF : + forall x, + SF2B' (B2SF x) = x. +Proof. +intros [s|s| |s m e H] ; try easy. +apply B2SF_inj. +simpl. +generalize (eq_refl (bounded m e)). +pattern (bounded m e) at 2 3. +apply eq_sym in H. +now elim H. +Qed. + Definition is_finite_strict f := match f with | B754_finite _ _ _ _ => true @@ -886,6 +911,27 @@ destruct mrs as (m, r, s). now destruct m as [|[m|m|]|m] ; try (now elim Hm) ; destruct r as [|] ; destruct s as [|]. Qed. +Lemma shr_nat : + forall mrs e n, (0 <= n)%Z -> + shr mrs e n = (iter_nat shr_1 (Z.to_nat n) mrs, (e + n)%Z). +Proof. +intros mrs e n Hn. +destruct n as [|n|n] ; simpl. +now rewrite Zplus_0_r. +now rewrite iter_pos_nat. +easy. +Qed. + +Lemma le_shr1_le : + forall mrs, (0 <= shr_m mrs)%Z -> + (0 <= shr_m (shr_1 mrs))%Z /\ + (2 * shr_m (shr_1 mrs) <= shr_m mrs < 2 * (shr_m (shr_1 mrs) + 1))%Z. +Proof. + intros [[|p|p] r s] ; try easy. + intros _. + destruct p as [p|p|] ; simpl ; lia. +Qed. + Theorem inbetween_shr : forall x m e l n, (0 <= m)%Z -> @@ -893,70 +939,62 @@ Theorem inbetween_shr : let '(mrs, e') := shr (shr_record_of_loc m l) e n in inbetween_float radix2 (shr_m mrs) e' x (loc_of_shr_record mrs). Proof. -intros x m e l n Hm Hl. -destruct n as [|n|n]. -now destruct l as [|[| |]]. -2: now destruct l as [|[| |]]. -unfold shr. -rewrite iter_pos_nat. -rewrite Zpos_eq_Z_of_nat_o_nat_of_P. -induction (nat_of_P n). -simpl. -rewrite Zplus_0_r. -now destruct l as [|[| |]]. -rewrite iter_nat_S. -rewrite inj_S. -unfold Z.succ. -rewrite Zplus_assoc. -revert IHn0. -apply inbetween_shr_1. -clear -Hm. -induction n0. -now destruct l as [|[| |]]. -rewrite iter_nat_S. -revert IHn0. -generalize (iter_nat shr_1 n0 (shr_record_of_loc m l)). -clear. -intros (m, r, s) Hm. -now destruct m as [|[m|m|]|m] ; try (now elim Hm) ; destruct r as [|] ; destruct s as [|]. -Qed. - -Lemma le_shr1_le : - forall mrs, (0 <= shr_m mrs)%Z -> - (0 <= 2 * shr_m (shr_1 mrs) <= shr_m mrs)%Z /\ - (shr_m mrs < 2 * (shr_m (shr_1 mrs) + 1))%Z. -Proof. - destruct mrs as [m r s]. simpl. - destruct m as [| p | p]; [simpl; lia | intros _ | intros; easy]. - destruct p; simpl; [| | lia]. - - rewrite Pos2Z.inj_xO, Pos2Z.inj_xI. lia. - - rewrite Pos2Z.inj_xO. lia. + intros x m e l n Hm Hl. + destruct (Zle_or_lt 0 n). + 2: { + destruct n as [|n|n] ; try easy. + simpl. + now rewrite shr_m_shr_record_of_loc, loc_of_shr_record_of_loc. } + rewrite shr_nat by easy. + rewrite <- (Z2Nat.id n) at 2 by easy. + clear H. + induction (Z.to_nat n) as [|n' IHn]. + { rewrite Zplus_0_r. + simpl. + now rewrite shr_m_shr_record_of_loc, loc_of_shr_record_of_loc. } + rewrite iter_nat_S, inj_S. + unfold Z.succ. + rewrite Zplus_assoc. + revert IHn. + apply inbetween_shr_1. + clear -Hm. + induction n'. + simpl. + now rewrite shr_m_shr_record_of_loc. + rewrite iter_nat_S. + now apply le_shr1_le. Qed. Lemma le_shr_le : forall mrs e n, (0 <= shr_m mrs)%Z -> (0 <= n)%Z -> - (0 <= 2 ^ n * shr_m (fst (shr mrs e n)) <= shr_m mrs)%Z /\ - (shr_m mrs < 2 ^ n * (shr_m (fst (shr mrs e n)) + 1))%Z. -Proof. - intros mrs e n Hmrs. - destruct n as [| n | n ]; - [intros _; simpl; now destruct (shr_m mrs); simpl; lia | intro Hn | lia]. - unfold shr. - rewrite iter_pos_nat. rewrite <-!(positive_nat_Z n). simpl fst. - induction (nat_of_P n) as [| n' IHn']; [simpl; destruct (shr_m mrs); simpl; lia |]. - rewrite !Nat2Z.inj_succ. rewrite Z.pow_succ_r; [| apply Zle_0_nat]. - - rewrite iter_nat_S. rewrite (Z.mul_comm 2%Z _), <-Z.mul_assoc. - destruct IHn' as [[IHn'1 IHn'2] IHn'3]. apply Z.mul_nonneg_cancel_l in IHn'1; [| lia]. - repeat split; - [| transitivity (2 ^ Z.of_nat n' * shr_m (iter_nat shr_1 n' mrs))%Z; [| auto] |]. - - apply Z.mul_nonneg_nonneg; [lia |]. now apply le_shr1_le. - - apply Z.mul_le_mono_nonneg_l; [lia |]. now apply le_shr1_le. - - apply Z.lt_le_trans with - (2 ^ Z.of_nat n' * (shr_m (iter_nat shr_1 n' mrs) + 1))%Z; [assumption |]. - rewrite <-Z.mul_assoc. apply Z.mul_le_mono_nonneg_l; [lia |]. - apply Ztac.Zlt_le_add_1. now apply le_shr1_le. + (0 <= shr_m (fst (shr mrs e n)))%Z /\ + (2 ^ n * shr_m (fst (shr mrs e n)) <= shr_m mrs < 2 ^ n * (shr_m (fst (shr mrs e n)) + 1))%Z. +Proof. + intros mrs e n Hmrs Hn. + rewrite shr_nat by easy. + simpl. + rewrite <- (Z2Nat.id n) at 2 4 by easy. + induction (Z.to_nat n) as [|n' IHn]. + { simpl Z.pow. rewrite 2!Zmult_1_l. + simpl. lia. } + clear n Hn. + rewrite Nat2Z.inj_succ, Z.pow_succ_r by apply Zle_0_nat. + rewrite iter_nat_S. + revert IHn. + generalize (iter_nat shr_1 n' mrs). + intros mrs' [H [IH1 IH2]]. + destruct (le_shr1_le _ H) as [H' [K1 K2]]. + apply (conj H'). + rewrite (Zmult_comm 2), <- 2!Zmult_assoc. + split. + - apply Z.le_trans with (2 := IH1). + apply Zmult_le_compat_l with (1 := K1). + apply (Zpower_ge_0 radix2). + - apply Z.lt_le_trans with (1 := IH2). + apply Zmult_le_compat_l. + lia. + apply (Zpower_ge_0 radix2). Qed. Lemma shr_limit : @@ -979,12 +1017,12 @@ Proof. destruct mrs as [m r s]. simpl in Hmrs00, Hmrs01, Hmrs1. rewrite Hmrs00. simpl. now rewrite Hmrs01. + intros mrs Hmrs0 Hmrs1. simpl iter_nat. - destruct (le_shr1_le mrs) as [[Hmrs'0 Hmrs'1] Hmrs'2]; [destruct Hmrs0; lia |]. + destruct (le_shr1_le mrs) as [Hmrs'0 [Hmrs'1 Hmrs'2]]; [destruct Hmrs0; lia |]. set (mrs' := shr_1 mrs). apply IHn''. * case (0 two_p (y - x) = two_p y / two_p x. +Proof. + intros. replace y with (y - x + x) by lia. + rewrite two_p_is_exp by lia. + rewrite Z_div_mult_full. + replace (y - x + x) with y by lia. reflexivity. + exploit (two_p_gt_ZERO x); lia. +Qed. + (** Properties of [Zmin] and [Zmax] *) Lemma Zmin_spec: @@ -1328,7 +1333,7 @@ End DECIDABLE_PREDICATE. (** * Well-founded orderings *) -Require Import Relations. +From Coq Require Import Relations. (** A non-dependent version of lexicographic ordering. *) diff --git a/compcert/lib/Decidableplus.v b/compcert/lib/Decidableplus.v index 224c9640fe..222e6b6d3f 100644 --- a/compcert/lib/Decidableplus.v +++ b/compcert/lib/Decidableplus.v @@ -20,7 +20,7 @@ of Coq 8.5 with more instances of decidable properties, including universal and existential quantification over finite types. *) -Require Export DecidableClass. +From Coq Require Export DecidableClass. Require Import Coqlib. Ltac decide_goal := eapply Decidable_sound; reflexivity. diff --git a/compcert/lib/FSetAVLplus.v b/compcert/lib/FSetAVLplus.v index 936814c185..c632052797 100644 --- a/compcert/lib/FSetAVLplus.v +++ b/compcert/lib/FSetAVLplus.v @@ -18,8 +18,8 @@ with extra interval-based operations, more efficient than standard operations. *) -Require Import FSetInterface. -Require FSetAVL. +From Coq Require Import FSetInterface. +From Coq Require FSetAVL. Require Import Coqlib. Module Make(X: OrderedType). diff --git a/compcert/lib/Floats.v b/compcert/lib/Floats.v index ff2584871b..476074217e 100644 --- a/compcert/lib/Floats.v +++ b/compcert/lib/Floats.v @@ -17,11 +17,10 @@ (** Formalization of floating-point numbers, using the Flocq library. *) -Require Import Reals. +From Coq Require Import Reals Program. Require Import Coqlib Zbits Integers. From Flocq Require Import BinarySingleNaN Binary Bits Core. Require Import IEEE754_extra. -Require Import Program. Require Archi. Import ListNotations. diff --git a/compcert/lib/Heaps.v b/compcert/lib/Heaps.v index def9da9742..ffe90ef7a6 100644 --- a/compcert/lib/Heaps.v +++ b/compcert/lib/Heaps.v @@ -22,10 +22,8 @@ (If an element is already in a heap, inserting it again does nothing.) *) -Require Import FunInd. -Require Import Coqlib. -Require Import FSets. -Require Import Ordered. +From Coq Require Import FunInd FSets. +Require Import Coqlib Ordered. (* To avoid useless definitions of inductors in extracted code. *) Local Unset Elimination Schemes. diff --git a/compcert/lib/IEEE754_extra.v b/compcert/lib/IEEE754_extra.v index f7c2487b93..a2e64ab708 100644 --- a/compcert/lib/IEEE754_extra.v +++ b/compcert/lib/IEEE754_extra.v @@ -18,14 +18,10 @@ (** Additional operations and proofs about IEEE-754 binary floating-point numbers, on top of the Flocq library. *) -Require Import Reals. -Require Import SpecFloat. +From Coq Require Import Reals SpecFloat ZArith Psatz Bool Eqdep_dec. +From Coq Require Znumtheory. From Flocq Require Import Core Digits Operations Round Bracket Sterbenz BinarySingleNaN Binary Round_odd. -Require Import ZArith. -Require Import Psatz. -Require Import Bool. -Require Import Eqdep_dec. Local Open Scope Z_scope. diff --git a/compcert/lib/Integers.v b/compcert/lib/Integers.v index a29d35be2d..38b65c6475 100644 --- a/compcert/lib/Integers.v +++ b/compcert/lib/Integers.v @@ -16,7 +16,7 @@ (** Formalizations of machine integers modulo $2^N$ #2N#. *) -Require Import Eqdep_dec Zquot Zwf. +From Coq Require Import Eqdep_dec Zquot Zwf. Require Import Coqlib Zbits. Require Archi. @@ -2518,6 +2518,44 @@ Proof. unfold lt in H. rewrite signed_zero in H. destruct (zlt (signed y) 0). congruence. auto. Qed. +(** ** Properties of [mulhu] (upper bits of unsigned multiplication) *) + +Lemma mulhu_zero: + forall x, mulhu x zero = zero. +Proof. + intros. unfold mulhu. rewrite unsigned_zero. rewrite Z.mul_0_r. + reflexivity. +Qed. + +Lemma mulhu_one: + forall x, mulhu x one = zero. +Proof. + intros. unfold mulhu. rewrite unsigned_one. rewrite Z.mul_1_r. + rewrite Zdiv_small. reflexivity. apply unsigned_range. +Qed. + +Lemma mulhu_commut: + forall x y, mulhu x y = mulhu y x. +Proof. + intros. unfold mulhu. rewrite Z.mul_comm. reflexivity. +Qed. + +(** ** Properties of [mulhs] (upper bits of signed multiplication) *) + +Lemma mulhs_zero: + forall x, mulhs x zero = zero. +Proof. + intros. unfold mulhs. rewrite signed_zero. rewrite Z.mul_0_r. + reflexivity. +Qed. + +Lemma mulhs_commut: + forall x y, mulhs x y = mulhs y x. +Proof. + intros. unfold mulhs. rewrite Z.mul_comm. reflexivity. +Qed. + + (** ** Properties of integer zero extension and sign extension. *) Lemma bits_zero_ext: @@ -3571,6 +3609,8 @@ Definition shr' (x: int) (y: Int.int): int := repr (Z.shiftr (signed x) (Int.unsigned y)). Definition rol' (x: int) (y: Int.int): int := rol x (repr (Int.unsigned y)). +Definition ror' (x: int) (y: Int.int) :int := + ror x (repr (Int.unsigned y)). Definition shrx' (x: int) (y: Int.int): int := divs x (shl' one y). Definition shr_carry' (x: int) (y: Int.int): int := @@ -3615,6 +3655,35 @@ Proof. lia. Qed. +Remark int_unsigned_range: + forall x, 0 <= Int.unsigned x <= max_unsigned. +Proof. + intros. + unfold max_unsigned. unfold modulus. + generalize (Int.unsigned_range x). + unfold Int.modulus in *. + change (wordsize) with 64%nat in *. + change (Int.wordsize) with 32%nat in *. + unfold two_power_nat. simpl. + lia. +Qed. + +Remark int_unsigned_repr: + forall x, unsigned (repr (Int.unsigned x)) = Int.unsigned x. +Proof. + intros. rewrite unsigned_repr. auto. + apply int_unsigned_range. +Qed. + +Lemma bits_rol': + forall x y i, + 0 <= i < zwordsize -> + testbit (rol' x y) i = testbit x ((i - Int.unsigned y) mod zwordsize). +Proof. + intros. unfold rol'. rewrite bits_rol; auto. rewrite int_unsigned_repr. + auto. +Qed. + Lemma shl'_mul_two_p: forall x y, shl' x y = mul x (repr (two_p (Int.unsigned y))). @@ -4618,26 +4687,6 @@ Qed. (** Utility proofs for mixed 32bit and 64bit arithmetic *) -Remark int_unsigned_range: - forall x, 0 <= Int.unsigned x <= max_unsigned. -Proof. - intros. - unfold max_unsigned. unfold modulus. - generalize (Int.unsigned_range x). - unfold Int.modulus in *. - change (wordsize) with 64%nat in *. - change (Int.wordsize) with 32%nat in *. - unfold two_power_nat. simpl. - lia. -Qed. - -Remark int_unsigned_repr: - forall x, unsigned (repr (Int.unsigned x)) = Int.unsigned x. -Proof. - intros. rewrite unsigned_repr. auto. - apply int_unsigned_range. -Qed. - Lemma int_sub_ltu: forall x y, Int.ltu x y= true -> diff --git a/compcert/lib/Intv.v b/compcert/lib/Intv.v index d5d024aa69..9be0759fd4 100644 --- a/compcert/lib/Intv.v +++ b/compcert/lib/Intv.v @@ -16,10 +16,8 @@ (** Definitions and theorems about semi-open integer intervals *) +From Coq Require Import Zwf Program.Wf Recdef. Require Import Coqlib. -Require Import Zwf. -Require Coq.Program.Wf. -Require Import Recdef. Definition interv : Type := (Z * Z)%type. diff --git a/compcert/lib/Iteration.v b/compcert/lib/Iteration.v index 5067206948..7b5236bc8f 100644 --- a/compcert/lib/Iteration.v +++ b/compcert/lib/Iteration.v @@ -202,8 +202,7 @@ End PrimIter. [None] means that iteration does not terminate. [Some b] means that iteration terminates with the result [b]. *) -Require Import Classical. -Require Import ClassicalDescription. +From Coq Require Import Classical ClassicalDescription. Module GenIter. diff --git a/compcert/lib/Lattice.v b/compcert/lib/Lattice.v index aea331a0cf..6431ad9915 100644 --- a/compcert/lib/Lattice.v +++ b/compcert/lib/Lattice.v @@ -17,9 +17,8 @@ (** Constructions of semi-lattices. *) -Require Import Coqlib. -Require Import Maps. -Require Import FSets. +From Coq Require Import FSets. +Require Import Coqlib Maps. (* To avoid useless definitions of inductors in extracted code. *) Local Unset Elimination Schemes. diff --git a/compcert/lib/Maps.v b/compcert/lib/Maps.v index 066d80521a..b85b653b52 100644 --- a/compcert/lib/Maps.v +++ b/compcert/lib/Maps.v @@ -1554,7 +1554,7 @@ Module ZTree := ITree(ZIndexed). (** * Additional properties over trees *) -Require Import Equivalence EquivDec. +From Coq Require Import Equivalence EquivDec. Module Tree_Properties(T: TREE). diff --git a/compcert/lib/Ordered.v b/compcert/lib/Ordered.v index d02892cee7..c22c47097f 100644 --- a/compcert/lib/Ordered.v +++ b/compcert/lib/Ordered.v @@ -17,10 +17,8 @@ (** Constructions of ordered types, for use with the [FSet] functors for finite sets and the [FMap] functors for finite maps. *) -Require Import FSets. -Require Import Coqlib. -Require Import Maps. -Require Import Integers. +From Coq Require Import FSets. +Require Import Coqlib Maps Integers. Create HintDb ordered_type. diff --git a/compcert/lib/Parmov.v b/compcert/lib/Parmov.v index 269d3a594e..6db299f625 100644 --- a/compcert/lib/Parmov.v +++ b/compcert/lib/Parmov.v @@ -2,8 +2,8 @@ (* *) (* The Compcert verified compiler *) (* *) -(* Laurence Rideau, INRIA Sophia-Antipolis-M\u00e9diterran\u00e9e *) -(* Bernard Paul Serpette, INRIA Sophia-Antipolis-M\u00e9diterran\u00e9e *) +(* Laurence Rideau, INRIA Sophia-Antipolis-Méditerranée *) +(* Bernard Paul Serpette, INRIA Sophia-Antipolis-Méditerranée *) (* Xavier Leroy, INRIA Paris-Rocquencourt *) (* *) (* Copyright Institut National de Recherche en Informatique et en *) @@ -53,10 +53,8 @@ ## *) -Require Import Relations. -Require Import Axioms. -Require Import Coqlib. -Require Import Recdef. +From Coq Require Import Relations Recdef. +Require Import Axioms Coqlib. Section PARMOV. diff --git a/compcert/lib/Postorder.v b/compcert/lib/Postorder.v index 0be7d0b455..5a8a6a6953 100644 --- a/compcert/lib/Postorder.v +++ b/compcert/lib/Postorder.v @@ -16,12 +16,8 @@ (** Postorder numbering of a directed graph. *) -Require Import Wellfounded. -Require Import Permutation. -Require Import Mergesort. -Require Import Coqlib. -Require Import Maps. -Require Import Iteration. +From Coq Require Import Wellfounded Permutation Mergesort. +Require Import Coqlib Maps Iteration. (** The graph is presented as a finite map from nodes (of type [positive]) to the lists of their successors. *) diff --git a/compcert/lib/UnionFind.v b/compcert/lib/UnionFind.v index 1bc2f657f9..abd73729d7 100644 --- a/compcert/lib/UnionFind.v +++ b/compcert/lib/UnionFind.v @@ -16,7 +16,7 @@ (** A persistent union-find data structure. *) -Require Coq.Program.Wf. +From Coq Require Program.Wf. Require Import Coqlib. Open Scope nat_scope. diff --git a/compcert/lib/Wfsimpl.v b/compcert/lib/Wfsimpl.v index 6e52cd3613..75d4ba8009 100644 --- a/compcert/lib/Wfsimpl.v +++ b/compcert/lib/Wfsimpl.v @@ -18,9 +18,8 @@ interface to the [Wf] module of Coq's standard library, where the functions to be defined have non-dependent types, and function extensionality is assumed. *) +From Coq Require Import Wf_nat. Require Import Axioms. -Require Import Init.Wf. -Require Import Wf_nat. Set Implicit Arguments. diff --git a/compcert/lib/Zbits.v b/compcert/lib/Zbits.v index a69a1f8651..6470912c79 100644 --- a/compcert/lib/Zbits.v +++ b/compcert/lib/Zbits.v @@ -17,7 +17,7 @@ (** Additional operations and proofs about binary integers, on top of the ZArith standard library. *) -Require Import Psatz Zquot. +From Coq Require Import Psatz Zquot. Require Import Coqlib. (** ** Modulo arithmetic *) @@ -1098,3 +1098,90 @@ Proof. + rewrite zlt_false by lia; auto. - rewrite ! Z.shiftl_spec_low by lia. simpl. apply andb_true_r. Qed. + +(** ** Power-of-two intervals *) + +Lemma Zbits_unsigned_range: forall n z, + 0 <= n -> 0 <= z < two_p n -> + forall m, m >= n -> Z.testbit z m = false. +Proof. + intros. replace z with (z mod two_p n) by auto using Zmod_small. + rewrite Ztestbit_mod_two_p by lia. rewrite zlt_false by lia. auto. +Qed. + +Lemma Zbits_signed_range: forall n z, + 0 <= n -> - two_p n <= z < two_p n -> + forall m1 m2, m1 >= n -> m2 >= n -> Z.testbit z m1 = Z.testbit z m2. +Proof. + intros. destruct (zlt z 0). +- set (x := -z - 1). + assert (0 <= x < two_p n) by lia. + replace z with (-x - 1) by lia. + rewrite ! Z_one_complement by lia. + rewrite ! (Zbits_unsigned_range n) by lia. + auto. +- rewrite ! (Zbits_unsigned_range n) by lia. + auto. +Qed. + +Lemma Zmult_unsigned_range: forall n x m y, + 0 <= n -> 0 <= x < two_p n -> 0 <= m -> 0 <= y < two_p m -> + 0 <= x * y < two_p (n + m). +Proof. + intros. rewrite two_p_is_exp by auto. split. +- change 0 with (0 * 0). apply Z.mul_le_mono_nonneg; lia. +- apply Z.mul_lt_mono_nonneg; lia. +Qed. + +Lemma Zmult_signed_range: forall n x m y, + 0 <= n -> - two_p n <= x < two_p n -> 0 <= m -> - two_p m <= y < two_p m -> + - two_p (n + m + 1) <= x * y < two_p (n + m + 1). +Proof. + intros. + set (pn := two_p n) in *; set (pm := two_p m) in *. + assert (- (pn * pm) <= x * y <= pn * pm). + { apply Z.abs_le. rewrite Z.abs_mul. + apply Z.mul_le_mono_nonneg; auto using Z.abs_nonneg; apply Z.abs_le; lia. } + assert (pn * pm < two_p (n + m + 1)). + { unfold pn, pm; rewrite <- two_p_is_exp by lia. + apply two_p_monotone_strict. lia. } + lia. +Qed. + +Lemma Zdiv_unsigned_range: forall n x y, + 0 <= n -> 0 <= x < two_p n -> 0 < y -> + 0 <= x / y < two_p (Z.max 0 (n - Z.log2 y)). +Proof. + intros. set (m := Z.log2 y). + assert (two_p m <= y). + { rewrite two_p_correct. apply Z.log2_spec; auto. } + assert (0 <= m) by (apply Z.log2_nonneg). + rewrite Zmax_spec. destruct zlt. + - simpl. rewrite Zdiv_small. lia. + assert (two_p n <= two_p m) by (apply two_p_monotone; lia). + lia. + - split. + apply Z.div_pos; lia. + apply Z.div_lt_upper_bound; auto. + apply Z.lt_le_trans with (two_p m * two_p (n - m)). + rewrite <- two_p_is_exp by lia. replace (m + (n - m)) with n by lia. lia. + apply Z.mul_le_mono_nonneg_r; auto. + assert (two_p (n - m) > 0) by (apply two_p_gt_ZERO; lia). lia. +Qed. + +Lemma Zdiv_signed_range: forall n x y, + 0 <= n -> - two_p n <= x < two_p n -> y <> 0 -> + let q := Z.max 0 (n + 1 - Z.log2 (Z.abs y)) in + - two_p q <= Z.quot x y < two_p q. +Proof. + intros. + assert (Z.abs x / Z.abs y < two_p q). + { apply Zdiv_unsigned_range; auto. lia. + assert (two_p n < two_p (n + 1)) by (apply two_p_monotone_strict; lia). + lia. + lia. } + assert (Z.abs (Z.quot x y) < two_p q). + { rewrite <- Z.quot_abs by lia. + rewrite Z.quot_div_nonneg by lia. lia. } + lia. +Qed. diff --git a/compcert/x86/Builtins1.v b/compcert/x86/Builtins1.v index f3ae694bc2..aeb3deb5ec 100644 --- a/compcert/x86/Builtins1.v +++ b/compcert/x86/Builtins1.v @@ -16,8 +16,8 @@ (** Platform-specific built-in functions *) -Require Import String Coqlib. -Require Import AST Integers Floats Values. +From Coq Require Import String. +Require Import Coqlib AST Integers Floats Values. Require Import Builtins0. Local Open Scope asttyp_scope. @@ -53,3 +53,7 @@ Definition platform_builtin_sem (b: platform_builtin) : builtin_sem (sig_res (pl end) end. +Definition eq_platform_builtin: forall (x y: platform_builtin), {x=y} + {x<>y}. +Proof. + decide equality. +Defined. diff --git a/compcert/x86_32/Archi.v b/compcert/x86_32/Archi.v index 775bdd4419..14c97e2b4a 100644 --- a/compcert/x86_32/Archi.v +++ b/compcert/x86_32/Archi.v @@ -17,8 +17,8 @@ (** Architecture-dependent parameters for x86 in 32-bit mode *) +From Coq Require Import List ZArith. From Flocq Require Import Binary Bits. -Require Import ZArith List. Definition ptr64 := false. diff --git a/compcert/x86_64/Archi.v b/compcert/x86_64/Archi.v index 9df30c8855..50cb16918c 100644 --- a/compcert/x86_64/Archi.v +++ b/compcert/x86_64/Archi.v @@ -17,8 +17,8 @@ (** Architecture-dependent parameters for x86 in 64-bit mode *) +From Coq Require Import List ZArith. From Flocq Require Import Binary Bits. -Require Import ZArith List. Definition ptr64 := true. diff --git a/sepcomp/semantics_lemmas.v b/sepcomp/semantics_lemmas.v index b523436726..be3fda2386 100644 --- a/sepcomp/semantics_lemmas.v +++ b/sepcomp/semantics_lemmas.v @@ -9,7 +9,7 @@ Require Import compcert.common.Events. Require Import compcert.common.AST. Require Import compcert.common.Globalenvs. Require Import VST.msl.Extensionality. -Require Import Coq.micromega.Lia. +From Stdlib Require Import Lia. Require Import VST.sepcomp.mem_lemmas. Require Import VST.sepcomp.semantics. diff --git a/veric/change_compspecs.v b/veric/change_compspecs.v index 91ca1b557b..b8e0adda04 100644 --- a/veric/change_compspecs.v +++ b/veric/change_compspecs.v @@ -1,6 +1,6 @@ -Require Import Coq.Sorting.Permutation. -Require Import Coq.Sorting.Sorting. -Require Import Coq.Structures.Orders. +Require Import Stdlib.Sorting.Permutation. +Require Import Stdlib.Sorting.Sorting. +Require Import Stdlib.Structures.Orders. Require Import VST.veric.Clight_base. Require Import VST.veric.Clight_lemmas. Require Import VST.veric.type_induction. diff --git a/veric/invariants.v b/veric/invariants.v index d88cf7c388..559023741b 100644 --- a/veric/invariants.v +++ b/veric/invariants.v @@ -1039,7 +1039,7 @@ Proof. rewrite !sepcon_assoc. view_shift (ghost_snap_forget(ORD := list_order _) (list_singleton (length lg + i) g)). { apply list_incl_singleton. - erewrite length_app, upto_app, map_app, app_nth2; erewrite length_map, upto_length, app_length, + erewrite length_app, upto_app, map_app, app_nth2; erewrite length_map, upto_length, length_app, repeat_length; try lia. replace (_ - _)%nat with O by lia; simpl. rewrite Nat2Z.inj_add, Z.add_0_r. From d27242a3b42b19f194f20670fc0b1bdce584810b Mon Sep 17 00:00:00 2001 From: Andrew Appel Date: Wed, 2 Jul 2025 10:06:17 -0400 Subject: [PATCH 04/11] Put InteractionTree back as submodule --- .github/workflows/coq-action.yml | 3 +++ Makefile | 18 +++++++++--------- progs/io_combine.v | 2 +- progs/io_os_connection.v | 19 +++++++++++-------- 4 files changed, 24 insertions(+), 18 deletions(-) diff --git a/.github/workflows/coq-action.yml b/.github/workflows/coq-action.yml index 2ca1e95988..7f42195383 100644 --- a/.github/workflows/coq-action.yml +++ b/.github/workflows/coq-action.yml @@ -27,6 +27,9 @@ jobs: - 64 make_target: - vst + exclude: + - coq_version: dev + bit_size: 32 steps: - uses: actions/checkout@v4 with: diff --git a/Makefile b/Makefile index 92807f6c3c..d95e77512d 100644 --- a/Makefile +++ b/Makefile @@ -303,10 +303,10 @@ CGFLAGS = -DCOMPCERT -short-idents # ##### Interaction Trees Flags ##### -# the following commented out, because we get from opam instead of submodules -# ifneq ($(wildcard InteractionTrees/theories),) -# EXTFLAGS:=$(EXTFLAGS) -Q InteractionTrees/theories ITree -# endif +# as of 1 July 2025, coq-itree package seems not compatible with rocq 9.2+alpha, so still using submodule +ifneq ($(wildcard InteractionTrees/theories),) +EXTFLAGS:=$(EXTFLAGS) -Q InteractionTrees/theories ITree +endif # ##### FCF (Foundational Cryptography Framework) Flags ##### @@ -329,9 +329,9 @@ endif # ##### Flag summary ##### -COQFLAGS=$(foreach d, $(VSTDIRS), $(if $(wildcard $(d)), -Q $(d) VST.$(d))) $(foreach d, $(OTHERDIRS), $(if $(wildcard $(d)), -Q $(d) $(d))) $(EXTFLAGS) $(SHIM) # -Q ../stdpp/theories stdpp -Q ../iris/iris iris -Q ../fcf/src/fcf FCF +COQFLAGS=$(foreach d, $(VSTDIRS), $(if $(wildcard $(d)), -Q $(d) VST.$(d))) $(foreach d, $(OTHERDIRS), $(if $(wildcard $(d)), -Q $(d) $(d))) $(EXTFLAGS) $(SHIM) # -Q ../stdpp/theories stdpp -Q ../iris/iris iris -Q ../InteractionTrees/theories ITree -Q ../fcf/src/fcf FCF -# old version with InteractionTrees, paco, coq-ext-lib; we now obtain these from opam environment instead of submodules +# old version with paco, coq-ext-lib; we now obtain these from opam environment instead of submodules # COQFLAGS=$(foreach d, $(VSTDIRS), $(if $(wildcard $(d)), -Q $(d) VST.$(d))) $(foreach d, $(OTHERDIRS), $(if $(wildcard $(d)), -Q $(d) $(d))) $(EXTFLAGS) $(SHIM) # -Q ../stdpp/theories stdpp -Q ../iris/iris iris -Q ../InteractionTrees/theories ITree -Q ../paco/src Paco -Q ../coq-ext-lib/theories ExtLib -Q ../fcf/src/fcf FCF @@ -929,10 +929,10 @@ endif # $(COQDEP) -Q coq-ext-lib/theories ExtLib coq-ext-lib/theories >>.depend # endif +ifneq ($(wildcard InteractionTrees/theories),) + $(COQDEP) -Q InteractionTrees/theories ITree InteractionTrees/theories >>.depend +endif # the following commented out, because we get from opam instead of submodules -# ifneq ($(wildcard InteractionTrees/theories),) -# $(COQDEP) -Q paco/src Paco -Q InteractionTrees/theories ITree InteractionTrees/theories >>.depend -# endif # ifneq ($(wildcard paco/src),) # $(COQDEP) -Q paco/src Paco paco/src/*.v >>.depend # endif diff --git a/progs/io_combine.v b/progs/io_combine.v index f8eadf1a08..1b5f4fba25 100644 --- a/progs/io_combine.v +++ b/progs/io_combine.v @@ -11,7 +11,7 @@ Require Import VST.concurrency.conclib. Require Import VST.sepcomp.semantics. Require Import ITree.ITree. Require Import ITree.Interp.Traces. -Require Import Ensembles. +From Stdlib Require Import Ensembles. Require Import VST.progs.io_specs. Require Import VST.progs.io_dry. Require Import VST.progs.io_os_specs. diff --git a/progs/io_os_connection.v b/progs/io_os_connection.v index 8038159e5a..278d10f508 100644 --- a/progs/io_os_connection.v +++ b/progs/io_os_connection.v @@ -1,6 +1,6 @@ -Require Import List. -Require Import ZArith. -Require Import Psatz. +From Stdlib Require Import List. +From Stdlib Require Import ZArith. +From Stdlib Require Import Psatz. Require Import ITree.ITree. Require Import ITree.Interp.Traces. Require Import compcert.lib.Maps. @@ -15,6 +15,9 @@ Require Import VST.progs.io_os_specs. Require Import VST.zlist.sublist. Require Import VST.progs.os_combine. Import ExtLib.Structures.Monad. +From Stdlib Require Import FinFun. + +Opaque eq_dec.eq_dec. Local Ltac inj := repeat match goal with @@ -567,7 +570,7 @@ Section Invariants. NoDup (mkRecvEvents logIdx cs). Proof. unfold mkRecvEvents, enumerate; intros. - apply FinFun.Injective_map_NoDup; auto using combine_NoDup, seq_NoDup. + apply Injective_map_NoDup; auto using combine_NoDup, seq_NoDup. red; intros (? & ?) (? & ?); intros; inj; auto. Qed. @@ -575,7 +578,7 @@ Section Invariants. Zlength (enumerate xs) = Zlength xs. Proof. unfold enumerate; intros. - rewrite Zlength_combine, !Zlength_correct, seq_length; lia. + rewrite Zlength_combine, !Zlength_correct, length_seq; lia. Qed. Lemma seq_nth_app : forall len start n pre post, @@ -585,7 +588,7 @@ Section Invariants. intros * Heq. enough (n = nth (length pre) (seq start len) O); subst. { rewrite Heq, app_nth2, Nat.sub_diag, seq_nth; auto; cbn. - rewrite <- (seq_length len start), Heq, length_app; cbn; lia. + rewrite <- (length_seq len start), Heq, length_app; cbn; lia. } rewrite Heq, app_nth2, Nat.sub_diag; auto. Qed. @@ -599,7 +602,7 @@ Section Invariants. rewrite combine_fst, map_app in Heq; cbn in Heq. apply seq_nth_app in Heq; subst; cbn; auto using length_map. rewrite <- Nat2Z.id, <- Zlength_length; rewrite <- Zlength_correct. - - rewrite !Zlength_correct, seq_length; auto. + - rewrite !Zlength_correct, length_seq; auto. - apply Zlength_nonneg. Qed. @@ -1913,7 +1916,7 @@ Import functional_base. split; auto; cbn in *. rewrite Int.signed_repr by (cbn; lia). destruct (Coqlib.zeq z1 (-1)); subst; auto. - if_tac; try easy. + destruct (eq_dec.eq_dec _ _); try easy. rewrite Zle_imp_le_bool by lia. destruct Hput as (? & [(? & ?) | (? & ?)]); subst; auto; try lia. rewrite Zmod_small; auto; functional_base.rep_lia. From 7343fb36297b8f685083da716ab436624ad606bf Mon Sep 17 00:00:00 2001 From: Andrew Appel Date: Wed, 2 Jul 2025 10:17:35 -0400 Subject: [PATCH 05/11] Tweak CI --- .github/workflows/coq-action.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/coq-action.yml b/.github/workflows/coq-action.yml index 7f42195383..2ca1e95988 100644 --- a/.github/workflows/coq-action.yml +++ b/.github/workflows/coq-action.yml @@ -27,9 +27,6 @@ jobs: - 64 make_target: - vst - exclude: - - coq_version: dev - bit_size: 32 steps: - uses: actions/checkout@v4 with: From 69370fe8c3a85e530af4da5cd35b37b68103f36a Mon Sep 17 00:00:00 2001 From: Andrew Appel Date: Wed, 2 Jul 2025 11:23:59 -0400 Subject: [PATCH 06/11] Tweak CI --- .github/workflows/coq-action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/coq-action.yml b/.github/workflows/coq-action.yml index 2ca1e95988..7142b060c7 100644 --- a/.github/workflows/coq-action.yml +++ b/.github/workflows/coq-action.yml @@ -46,6 +46,7 @@ jobs: opam install -y ${{ matrix.coq_version == 'dev' && 'coq-flocq' || matrix.bit_size == 32 && 'coq-compcert-32.3.13.1' || 'coq-compcert.3.13.1' }} # Required by test2 opam install -y coq-ext-lib + opam install -y coq-paco endGroup # See https://github.com/coq-community/docker-coq-action/tree/v1#permissions before_script: | From b3cbfd46ca1446079eb700b1b537d66cdd87bc8b Mon Sep 17 00:00:00 2001 From: Andrew Appel Date: Wed, 2 Jul 2025 11:24:44 -0400 Subject: [PATCH 07/11] Tweak CI --- .github/workflows/coq-action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coq-action.yml b/.github/workflows/coq-action.yml index 7142b060c7..eb6961f278 100644 --- a/.github/workflows/coq-action.yml +++ b/.github/workflows/coq-action.yml @@ -46,7 +46,7 @@ jobs: opam install -y ${{ matrix.coq_version == 'dev' && 'coq-flocq' || matrix.bit_size == 32 && 'coq-compcert-32.3.13.1' || 'coq-compcert.3.13.1' }} # Required by test2 opam install -y coq-ext-lib - opam install -y coq-paco + opam install -y coq-paco endGroup # See https://github.com/coq-community/docker-coq-action/tree/v1#permissions before_script: | From 19a5726b86e6400d6f1aea97e68b57227b271bbd Mon Sep 17 00:00:00 2001 From: Andrew Appel Date: Thu, 13 Nov 2025 15:17:58 -0500 Subject: [PATCH 08/11] closes #836 closes #839 closes #840 --- Makefile | 2 +- coq-vst.opam | 23 +++++++++++++-------- floyd/VSU.v | 1 + floyd/align_compatible_dec.v | 3 ++- floyd/forward.v | 40 +++++++++++++++++++++++++++++++++--- 5 files changed, 55 insertions(+), 14 deletions(-) diff --git a/Makefile b/Makefile index d95e77512d..47542bdbfc 100644 --- a/Makefile +++ b/Makefile @@ -21,7 +21,7 @@ COQLIB=$(shell $(COQC) -where | tr -d '\r' | tr '\\' '/') # Check Coq version -COQVERSION= 8.19.1 or-else 8.19.2 or-else 8.20.0 or-else 8.20.1 or-else 9.2+alpha +COQVERSION= 8.19.1 or-else 8.19.2 or-else 8.20.0 or-else 8.20.1 or-else 9.0.0 orelse 9.1.0 or-else 9.2+alpha COQV=$(shell $(COQC) -v) ifneq ($(IGNORECOQVERSION),true) diff --git a/coq-vst.opam b/coq-vst.opam index e16b2d7534..61cb4f9a4d 100644 --- a/coq-vst.opam +++ b/coq-vst.opam @@ -1,5 +1,4 @@ opam-version: "2.0" -version: "dev" synopsis: "Verified Software Toolchain" description: "The software toolchain includes static analyzers to check assertions about your program; optimizing compilers to translate your program to machine language; operating systems and libraries to supply context for your program. The Verified Software Toolchain project assures with machine-checked proofs that the assertions claimed at the top of the toolchain really hold in the machine-language program, running in the operating-system context." authors: [ @@ -21,7 +20,7 @@ maintainer: "VST team" homepage: "http://vst.cs.princeton.edu/" dev-repo: "git+https://github.com/PrincetonUniversity/VST.git" bug-reports: "https://github.com/PrincetonUniversity/VST/issues" -license: "https://raw.githubusercontent.com/PrincetonUniversity/VST/master/LICENSE" +license: "BSD-2-Clause" build: [ [make "-j%{jobs}%" "vst" "IGNORECOQVERSION=true" "ZLIST=platform" "BITSIZE=64"] @@ -33,11 +32,17 @@ run-test: [ [make "-j%{jobs}%" "test" "IGNORECOQVERSION=true" "ZLIST=platform" "BITSIZE=64"] ] depends: [ - "coq" {>= "8.14" & < "8.17~"} - "coq-compcert" {>= "3.11"} - "coq-vst-zlist" {>= "2.11"} - "coq-flocq" {>= "4.1.0"} + "ocaml" + "coq" {>= "8.19" & < "9.1~"} + "coq-core" { >= "9.0" } + "coq-stdlib" { >= "9.0" } + "coq-compcert" {>= "3.15" & < "3.17~"} + "coq-vst-zlist" {= "2.13"} + "coq-flocq" {>= "4.2.0" & < "5~"} +] +tags: [ + "category:Computer Science/Semantics and Compilation/Semantics" + "keyword:C" + "logpath:VST" + "date:2025-11-13" ] -url { - src: "git+https://github.com/PrincetonUniversity/VST.git#master" -} diff --git a/floyd/VSU.v b/floyd/VSU.v index 16477a676d..06a35afe15 100644 --- a/floyd/VSU.v +++ b/floyd/VSU.v @@ -693,6 +693,7 @@ Present only in" V ":" r " end. Ltac solve_SF_internal P := + (tryif (let a := constr:(@P) in idtac) then idtac else fail "Lemma" P "does not exist"); apply SF_internal_sound; eapply _SF_internal; [ reflexivity | repeat apply Forall_cons; try apply Forall_nil; try computable; reflexivity diff --git a/floyd/align_compatible_dec.v b/floyd/align_compatible_dec.v index 120e32d3a0..c15cab94ef 100644 --- a/floyd/align_compatible_dec.v +++ b/floyd/align_compatible_dec.v @@ -22,6 +22,7 @@ Context {cs: compspecs}. Definition dec_type := sigT (fun P: Z -> Prop => forall z: Z, {P z} + {~ P z}). +(* Lemma Zdivide_dec : forall a b : Z, {(a | b)} + {~ (a | b)}. Proof. intros. @@ -35,11 +36,11 @@ apply Z.divide_0_l in H0. contradiction. simpl in H. destruct (Z.eqb_spec (b mod a) 0). left. -Search (_ mod _ = 0) (_ | _). apply Z.mod_divide; auto. right; intro. apply Z.mod_divide in H0; auto. Qed. +*) Definition dec_by_value (ch: memory_chunk): dec_type := existT (fun P: Z -> Prop => forall z: Z, {P z} + {~ P z}) diff --git a/floyd/forward.v b/floyd/forward.v index b861072e42..dcf5937b5d 100644 --- a/floyd/forward.v +++ b/floyd/forward.v @@ -4370,6 +4370,14 @@ Fixpoint computeQ (ids:list ident) (vals:list val) : option (list localdef) := | _, _ => None end. +Ltac apply_computeQ := +try reflexivity; +match goal with |- computeQ (map fst ?A) ?B = _ => + let al := constr:(Zlength A) in let al := eval compute in al in + let bl := constr:(Zlength B) in let bl := eval compute in bl in + fail 1 "Your PARAM list has" bl "values but the function takes" al "parameters" +end. + Lemma compute_close_precondition_entails1: forall ids P gv vals Q R, compute_list_norepet ids = true -> @@ -4484,7 +4492,6 @@ Ltac start_function1 := let DependedTypeList := fresh "DependedTypeList" in unfold NDmk_funspec; match goal with |- semax_body _ _ _ (pair _ (mk_funspec _ _ _ ?Pre _ _ _)) => - split3; [check_parameter_types' | check_return_type | ]; match Pre with | (fun _ => convertPre _ _ (fun i => _)) => intros Espec DependedTypeList i @@ -4495,7 +4502,14 @@ Ltac start_function1 := end; try match goal with |- semax _ (fun rho => ?A rho * ?B rho) _ _ => change (fun rho => ?A rho * ?B rho) with (A * B) - end; + end; +lazymatch goal with |- semax _ _ _ (frame_ret_assert (function_body_ret_assert ?t ?X) _) => + lazymatch X with context [temp ret_temp _] => + tryif unify t Tvoid then fail "Your void-returning function should have an empty RETURN() in its funspec" + else idtac + | _ => idtac + end +end; simpl functors.MixVariantFunctor._functor in *; simpl rmaps.dependent_type_functor_rec; clear DependedTypeList; @@ -4522,8 +4536,28 @@ Ltac start_function1 := Ltac expand_main_pre := expand_main_pre_old. +(* The following destructs any let-definitions immediately after PRE or POST *) +Ltac destruct_it B := + match B with + | ?C _ => destruct_it C + | let '(x,y) := ?A in _ => destruct A as [x y] + | match ?A with _ => _ end => + match type of A with + | @sigT _ (fun x => _) => destruct A as [x A] + end + end. + +Ltac destruct_PRE_POST_lets := (* see issue #839 *) +repeat lazymatch goal with +| |- semax _ (sepcon (close_precondition _ ?B) _) _ _ => destruct_it B +| |- semax _ _ _ (frame_ret_assert (function_body_ret_assert _ ?B) _) => destruct_it B +end; +repeat change (fst (?A,?B)) with A in *; +repeat change (snd (?A,?B)) with B in *. + Ltac start_function2 := - first [ erewrite compute_close_precondition_eq; [ | reflexivity | reflexivity] + destruct_PRE_POST_lets; + first [ erewrite compute_close_precondition_eq; [ | reflexivity | apply_computeQ ] | rewrite close_precondition_main ]. Ltac start_function3 := From e0aa69166c54b91bc7617a99338edabded69dd0a Mon Sep 17 00:00:00 2001 From: Andrew Appel Date: Thu, 13 Nov 2025 15:44:01 -0500 Subject: [PATCH 09/11] Bring 32-bit tests up to date --- InteractionTrees | 2 +- Makefile.bundled | 2 +- coq-ext-lib | 2 +- fcf | 2 +- paco | 2 +- progs/VSUpile/verif_stdlib.v | 6 ++++-- sepcomp/mem_wd.v | 40 ++++++++++++++++++------------------ 7 files changed, 29 insertions(+), 27 deletions(-) diff --git a/InteractionTrees b/InteractionTrees index cf1443c88a..e7fed212b1 160000 --- a/InteractionTrees +++ b/InteractionTrees @@ -1 +1 @@ -Subproject commit cf1443c88aca8691d93ce84fc633145752e7944e +Subproject commit e7fed212b1061b358428b57e11ee489184e241a2 diff --git a/Makefile.bundled b/Makefile.bundled index cc9bb784ce..d77871ebd1 100644 --- a/Makefile.bundled +++ b/Makefile.bundled @@ -134,7 +134,7 @@ ifdef CLIGHTGEN VERSION1= $(lastword $(shell $(CLIGHTGEN) --version)) VERSION2= $(subst version=,,$(shell grep version $(COMPCERT_SRC_DIR)/VERSION)) ifneq ($(VERSION1),$(VERSION2)) -$(warning clightgen version $(VERSION1) does not match VST/compcert/VERSION $(VERSION2)) +$(warning $(CLIGHTGEN) version $(VERSION1) does not match VST/compcert/VERSION $(VERSION2)) endif endif diff --git a/coq-ext-lib b/coq-ext-lib index b27e806daf..4811a83db9 160000 --- a/coq-ext-lib +++ b/coq-ext-lib @@ -1 +1 @@ -Subproject commit b27e806daf39a8f1cfc7ced09c1af44d390af4a6 +Subproject commit 4811a83db9ccd81f4dcbf77eeff0484dfb21a48b diff --git a/fcf b/fcf index 866d37a03e..d0f5432b90 160000 --- a/fcf +++ b/fcf @@ -1 +1 @@ -Subproject commit 866d37a03eee51dd9c541ffa9449094af2b09309 +Subproject commit d0f5432b902f452dcb2c85dc1981243dd4963977 diff --git a/paco b/paco index d0561bf7f0..5c5693f46c 160000 --- a/paco +++ b/paco @@ -1 +1 @@ -Subproject commit d0561bf7f0a96cac486ba3bd8ca0b72ce01fb9cf +Subproject commit 5c5693f46c8957f36a2349a0d906e911366136de diff --git a/progs/VSUpile/verif_stdlib.v b/progs/VSUpile/verif_stdlib.v index 018bbd6292..352523f1bb 100644 --- a/progs/VSUpile/verif_stdlib.v +++ b/progs/VSUpile/verif_stdlib.v @@ -4,15 +4,17 @@ Require Import VST.floyd.library. (*for body_lemma_of_funspec *) Require Import stdlib. Require Import spec_stdlib. +(* Require VST.veric.version. From Coq Require Import String. Lemma version_test: False. - assert (VST.veric.version.compcert_version = "3.15"%string /\ - stdlib.Info.version = "3.15"%string) + assert (VST.veric.version.compcert_version = "3.16"%string /\ + stdlib.Info.version = "3.16"%string) by (compute; auto; match goal with |- ?G => fail 100 "Version mismatch; cannot prove" G end). assert (VST.veric.version.bitsize = stdlib.Info.bitsize) by (try reflexivity; match goal with |- ?G => fail 100 "Bitsize mismatch; cannot prove" G end). Abort. +*) #[export] Instance CompSpecs : compspecs. make_compspecs prog. Defined. diff --git a/sepcomp/mem_wd.v b/sepcomp/mem_wd.v index 360464930c..c1d6b2ab05 100644 --- a/sepcomp/mem_wd.v +++ b/sepcomp/mem_wd.v @@ -287,13 +287,13 @@ Lemma mem_wd_store_init_data: forall {F V} (ge: Genv.t F V) a (b:block) (z:Z) valid_genv ge m1 -> mem_wd m1 -> mem_wd m2. Proof. intros F V ge a. destruct a; simpl; intros; - try apply (mem_wd_store _ _ _ _ _ _ H0 SID); simpl; trivial. + try apply (mem_wd_store _ _ _ _ _ _ H SID); simpl; trivial. inv SID; trivial. remember (Genv.find_symbol ge i) as d. destruct d; inv SID. - eapply (mem_wd_store _ _ _ _ _ _ H0 H2). + eapply (mem_wd_store _ _ _ _ _ _ H H1). apply eq_sym in Heqd. - destruct H. + destruct X. apply v. unfold isGlobalBlock. rewrite orb_true_iff. @@ -307,21 +307,21 @@ Lemma valid_genv_store_init_data: (SID: Genv.store_init_data ge m1 b z a = Some m2), valid_genv ge m1 -> valid_genv ge m2. Proof. intros F V ge a. - destruct a; simpl; intros; inv H; constructor; + destruct a; simpl; intros; inv X; constructor; try (intros b0 X; eapply Mem.store_valid_block_1 with (b':=b0); eauto; - apply H0; auto); + apply H; auto); try (intros b0 ? X; eapply Mem.store_valid_block_1 with (b':=b0); eauto; - eapply H1; eauto); + eapply H0; eauto); try (inv SID; auto). intros. remember (Genv.find_symbol ge i) as d. destruct d; inv H2. eapply Mem.store_valid_block_1; eauto. apply eq_sym in Heqd. - eapply H0; eauto. + eapply H; eauto. revert H2. destruct (Genv.find_symbol ge i); intros; try congruence. eapply Mem.store_valid_block_1; eauto. - eapply H1; eauto. + eapply H0; eauto. Qed. Lemma mem_wd_store_init_datalist: forall {F V} (ge: Genv.t F V) l (b:block) @@ -332,9 +332,9 @@ Proof. intros F V ge l. inv SID. trivial. remember (Genv.store_init_data ge m1 b z a) as d. destruct d; inv SID; apply eq_sym in Heqd. - apply (IHl _ _ _ _ H2); clear IHl H2. - eapply valid_genv_store_init_data. apply Heqd. apply H. - eapply mem_wd_store_init_data. apply Heqd. apply H. apply H0. + apply (IHl _ _ _ _ H1); clear IHl H1. + eapply valid_genv_store_init_data. apply Heqd. apply X. + eapply mem_wd_store_init_data. apply Heqd. apply X. apply H. Qed. Lemma valid_genv_store_init_datalist: forall {F V} (ge: Genv.t F V) l (b:block) @@ -345,15 +345,15 @@ Proof. intros F V ge l. inv SID. trivial. remember (Genv.store_init_data ge m1 b z a) as d. destruct d; inv SID; apply eq_sym in Heqd. - apply (IHl _ _ _ _ H1); clear IHl H1. - eapply valid_genv_store_init_data. apply Heqd. apply H. + apply (IHl _ _ _ _ H0); clear IHl H0. + eapply valid_genv_store_init_data. apply Heqd. apply X. Qed. Lemma mem_wd_alloc_global: forall {F V} (ge: Genv.t F V) a m0 m1 (GA: Genv.alloc_global ge m0 a = Some m1), mem_wd m0 -> valid_genv ge m0 -> mem_wd m1. Proof. intros F V ge a. -destruct a; simpl. intros. +destruct a; simpl. intros. rename X into H0. destruct g. remember (Mem.alloc m0 0 1) as mm. destruct mm. apply eq_sym in Heqmm. @@ -385,7 +385,7 @@ Lemma valid_genv_alloc_global: forall {F V} (ge: Genv.t F V) a m0 m1 (GA: Genv.alloc_global ge m0 a = Some m1), valid_genv ge m0 -> valid_genv ge m1. Proof. intros F V ge a. -destruct a; simpl. intros. +destruct a; simpl. intros. rename X into H. destruct g. remember (Mem.alloc m0 0 1) as d. destruct d. apply eq_sym in Heqd. @@ -414,8 +414,8 @@ induction l; intros; simpl in *. inv GA. assumption. remember (Genv.alloc_global ge m0 a) as d. destruct d; inv GA. apply eq_sym in Heqd. - eapply (IHl _ _ H1). clear H1. - apply (valid_genv_alloc_global _ _ _ _ Heqd H). + eapply (IHl _ _ H0). clear H0. + apply (valid_genv_alloc_global _ _ _ _ Heqd X). Qed. Lemma mem_wd_alloc_globals: @@ -427,9 +427,9 @@ induction l; intros; simpl in *. inv GA. assumption. remember (Genv.alloc_global ge m0 a) as d. destruct d; inv GA. apply eq_sym in Heqd. -eapply (IHl _ _ H2). - apply (mem_wd_alloc_global ge _ _ _ Heqd H H0). - apply (valid_genv_alloc_global _ _ _ _ Heqd H0). +eapply (IHl _ _ H1). + apply (mem_wd_alloc_global ge _ _ _ Heqd H X). + apply (valid_genv_alloc_global _ _ _ _ Heqd X). Qed. (*POPL-compcomp used the following lemma to prove mem_wd_load: From c2ecbea553525445257f0839c8fef711d5c02e6f Mon Sep 17 00:00:00 2001 From: Andrew Appel Date: Fri, 14 Nov 2025 09:24:01 -0500 Subject: [PATCH 10/11] Brought FCF submodule up to date --- fcf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fcf b/fcf index d0f5432b90..2550fa27e4 160000 --- a/fcf +++ b/fcf @@ -1 +1 @@ -Subproject commit d0f5432b902f452dcb2c85dc1981243dd4963977 +Subproject commit 2550fa27e491c03655cddc7830a5baeb15520104 From e74a5698586bec30efc54b470ad51c8e938dc58f Mon Sep 17 00:00:00 2001 From: Andrew Appel Date: Fri, 14 Nov 2025 11:31:45 -0500 Subject: [PATCH 11/11] Improved a makefile dependency --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 47542bdbfc..7f2252927d 100644 --- a/Makefile +++ b/Makefile @@ -834,7 +834,7 @@ VST.config: # Note: doc files are installed into the coq destination folder. # This is not ideal but otherwise it gets tricky to handle variants -install: VST.config +install: VST.config vst install -d "$(INSTALLDIR)" for d in $(sort $(dir $(INSTALL_FILES) $(EXTRA_INSTALL_FILES))); do install -d "$(INSTALLDIR)/$$d"; done for f in $(INSTALL_FILES); do install -m 0644 $$f "$(INSTALLDIR)/$$(dirname $$f)"; done