Commit 5552a911 authored by Rodolphe Lepigre's avatar Rodolphe Lepigre
Browse files

Refactoring and renaming in [lang.v] (mostly).

- Put stuff in sections in [lang.v].
- Renamed [mk_layout] into [Layout] (for uniformity).
- Renamed [it_min] and [it_max] into [max_int] and [min_int].
- Some other renamings on [int_type]-related stuff.
- Changed [max_int] to be the last representable integer.
- Turned [in_it_range] into an instance of [ElemOf].
parent ea5c3527
Pipeline #36125 passed with stage
in 16 minutes and 44 seconds
......@@ -35,7 +35,7 @@ Section type.
- repeat liRStep; liShow.
- repeat liRStep; liShow.
Unshelve. all: prepare_sideconditions; try solve_goal.
rewrite /it_length/=. have ->: loc_size = 8%nat; solve_goal.
rewrite /bytes_per_int/=. have ->: bytes_per_addr = 8%nat; solve_goal.
Qed.
Lemma type_sl_unlock:
......
[[rc::parameters("x : nat")]]
[[rc::args("x @ int<u32>")]]
[[rc::requires("{2 * x < it_max u32}")]]
[[rc::requires("{2 * x ≤ max_int u32}")]]
[[rc::returns("{2 * x} @ int<u32>")]]
unsigned int times_two(unsigned int x){
return x << 1;
......
......@@ -372,11 +372,11 @@ let integer_constant_to_string loc i =
(Z.to_string i, None)
| IConstantMax(it) ->
let it : int_type = translate_int_type loc it in
Format.(fprintf str_formatter) "(it_max %a - 1)" Coq_pp.pp_int_type it;
Format.(fprintf str_formatter) "(max_int %a)" Coq_pp.pp_int_type it;
(Format.flush_str_formatter (), Some(it))
| IConstantMin(it) ->
let it : int_type = translate_int_type loc it in
Format.(fprintf str_formatter) "(it_min %a)" Coq_pp.pp_int_type it;
Format.(fprintf str_formatter) "(min_int %a)" Coq_pp.pp_int_type it;
(Format.flush_str_formatter (), Some(it))
(* Calls accumulated while translating expressions. *)
......
......@@ -315,7 +315,7 @@ let pp_code : import list -> Coq_ast.t pp = fun imports ff ast ->
if is_struct && !nb_bytes mod align <> 0 then
begin
let pad = align - !nb_bytes mod align in
pp "@;(None, mk_layout %i%%nat 0%%nat);" pad;
pp "@;(None, Layout %i%%nat 0%%nat);" pad;
nb_bytes := !nb_bytes + pad;
end;
let sc = if i = n - 1 then "" else ";" in
......@@ -332,7 +332,7 @@ let pp_code : import list -> Coq_ast.t pp = fun imports ff ast ->
List.fold_left fn 1 members
in
let r = !nb_bytes mod max_align in
if r <> 0 then pp ";@;(None, mk_layout %i%%nat 0%%nat)" (max_align - r)
if r <> 0 then pp ";@;(None, Layout %i%%nat 0%%nat)" (max_align - r)
end
in
......
This diff is collapsed.
......@@ -134,8 +134,8 @@ Lemma wp_cas_fail vl1 vl2 vd vo ve z1 z2 Φ l1 l2 it q E:
l2 `has_layout_loc` it_layout it
val_to_int vo it = Some z1
val_to_int ve it = Some z2
length vd = it_length it
(it_length it loc_size)%nat
length vd = bytes_per_int it
(bytes_per_int it bytes_per_addr)%nat
z1 z2
l1{q}vo - l2ve - (l1 {q} vo - l2vo - Φ (val_of_bool false)) -
WP CAS (IntOp it) (Val vl1) (Val vl2) (Val vd) @ E {{ Φ }}.
......@@ -164,8 +164,8 @@ Lemma wp_cas_suc vl1 vl2 vd vo ve z1 z2 Φ l1 l2 it E q:
l2 `has_layout_loc` it_layout it
val_to_int vo it = Some z1
val_to_int ve it = Some z2
length vd = it_length it
(it_length it loc_size)%nat
length vd = bytes_per_int it
(bytes_per_int it bytes_per_addr)%nat
z1 = z2
l1vo - l2{q}ve - (l1 vd - l2{q}ve - Φ (val_of_bool true)) -
WP CAS (IntOp it) (Val vl1) (Val vl2) (Val vd) @ E {{ Φ }}.
......@@ -235,7 +235,7 @@ Proof.
iIntros (Hvl [i Hi]) "HΦ".
rewrite /GetMember/GetMemberLoc/offset_of Hi /=.
have [|? Hs]:= (val_of_int_is_some size_t (offset_of_idx sl.(sl_members) i)). {
split; first by rewrite /it_min/=; lia.
split; first by rewrite /min_int/=; lia.
by apply offset_of_bound.
}
rewrite Hs /=. move: Hs => /val_to_of_int Hs.
......@@ -294,7 +294,7 @@ Proof. by iApply (wps_concat_bind_ind []). Qed.
Lemma wp_struct_init E Φ sl fs:
foldr (λ '(n, ly) f, (λ vl,
WP default (Val (replicate (ly_size ly) Poison)) (n' n; (list_to_map fs : gmap _ _) !! n')
WP default (Val (replicate (ly_size ly) MPoison)) (n' n; (list_to_map fs : gmap _ _) !! n')
@ E {{ v, f (vl ++ [v]) }}))
(λ vl, Φ (mjoin vl)) sl.(sl_members) [] -
WP StructInit sl fs @ E {{ Φ }}.
......
......@@ -7,7 +7,7 @@ Coercion Var : var_name >-> expr.
Definition string_to_varname (s : string) : var_name := s.
Coercion string_to_varname : string >-> var_name.
Coercion it_layout : int_type >-> layout.
Notation "☠" := Poison : val_scope.
Notation "☠" := MPoison : val_scope.
Notation "!{ ly , o } e" := (Deref o ly e%E) (at level 9, format "!{ ly , o } e") : expr_scope.
Notation "!{ ly } e" := (Deref Na1Ord ly e%E) (at level 9, format "!{ ly } e") : expr_scope.
(* − is a unicode minus, not the normal minus to prevent parsing conflicts *)
......@@ -111,7 +111,7 @@ Lemma annot_stmt_S_r {A} n (a : A) s:
Proof. by rewrite /AnnotStmt Nat_iter_S_r. Qed.
(*** Layouts and structs *)
Definition LPtr : layout := {| ly_size := loc_size; ly_align_log := loc_size_log |}.
Definition LPtr : layout := {| ly_size := bytes_per_addr; ly_align_log := bytes_per_addr_log |}.
Definition LVoid : layout := {| ly_size := 0; ly_align_log := 0 |}.
Definition NULL : val := i2v 0 size_t.
......@@ -149,13 +149,13 @@ Fixpoint check_fields_aligned (s : field_list) (pos : nat) : bool :=
Record struct_layout := {
sl_members : field_list;
sl_nodup : NoDup (field_names sl_members);
sl_size : sum_list (ly_size <$> sl_members.*2) < it_max size_t;
sl_size : sum_list (ly_size <$> sl_members.*2) max_int size_t;
sl_fields_aligned : check_fields_aligned sl_members 0 = true;
}.
Definition StructInit (ly : struct_layout) (fs : list (string * expr)) : expr :=
let fs : gmap string expr := list_to_map fs in
let fn idly := default (Val (replicate (ly_size idly.2) Poison)) (x idly.1; fs !! x) in
let fn idly := default (Val (replicate (ly_size idly.2) MPoison)) (x idly.1; fs !! x) in
Concat (fn <$> sl_members ly).
Typeclasses Opaque StructInit.
Arguments StructInit : simpl never.
......@@ -236,9 +236,9 @@ Proof.
Qed.
Lemma offset_of_bound i sl:
offset_of_idx sl.(sl_members) i < it_max size_t.
offset_of_idx sl.(sl_members) i max_int size_t.
Proof.
eapply Z.le_lt_trans; last by apply (sl_size sl).
etrans; last by apply (sl_size sl).
by apply Nat2Z.inj_le, sum_list_with_take.
Qed.
......@@ -263,7 +263,7 @@ Proof.
Qed.
Definition GetMember (e : expr) (s : struct_layout) (m : var_name) : expr :=
(e +{PtrOp, IntOp size_t} Val (default [Poison] (val_of_int (Z.of_nat (offset_of s.(sl_members) m)) size_t)))%E.
(e +{PtrOp, IntOp size_t} Val (default [MPoison] (val_of_int (Z.of_nat (offset_of s.(sl_members) m)) size_t)))%E.
Notation "e 'at{' s } m" := (GetMember e%E s m) (at level 10, format "e 'at{' s } m") : expr_scope.
Typeclasses Opaque GetMember.
Arguments GetMember : simpl never.
......@@ -277,7 +277,7 @@ Arguments GetMemberLoc : simpl never.
Record union_layout := {
ul_members : list (var_name * layout);
ul_nodup : NoDup ul_members.*1;
ul_size : max_list (ly_size <$> ul_members.*2) < it_max size_t;
ul_size : max_list (ly_size <$> ul_members.*2) max_int size_t;
}.
Definition ul_layout (ul : union_layout) : layout := {|
......
......@@ -116,7 +116,7 @@ Section programs.
Lemma type_cas_atomic_bool (l : loc) β it PT PF lexp Pexp vnew Pnew T:
( bexp bnew, subsume Pexp (lexp ◁ₗ bexp @ boolean it) (
subsume Pnew (vnew ◁ᵥ bnew @ boolean it) ( it_length it loc_size%nat (
subsume Pnew (vnew ◁ᵥ bnew @ boolean it) ( bytes_per_int it bytes_per_addr%nat (
((if bexp then PT else PF) - (if bnew then PT else PF) (
l ◁ₗ{β} atomic_bool it PT PF - lexp ◁ₗ bexp @ boolean it -
T (val_of_bool true) (t2mt (true @ boolean bool_it))))
......
......@@ -158,10 +158,14 @@ Ltac enrich_context :=
(* move => n m ??. enrich_context. *)
(* Abort. *)
Lemma unfold_int_elem_of_it (z : Z) (it : int_type) :
z it = (min_int it z z max_int it).
Proof. done. Qed.
(** * [solve_goal] without cleaning of the context *)
Ltac unprepared_solve_goal :=
unfold ly_size, ly_align_log, it_in_range, it_max, it_min, it_half_modulus, it_modulus in *; simpl in *;
try rewrite -> unfold_int_elem_of_it in *;
unfold ly_size, ly_align_log, max_int, min_int, int_half_modulus, int_modulus in *; simpl in *;
normalize_and_simpl_goal;
rewrite /ly_size/ly_align_log //=; enrich_context;
repeat case_bool_decide => //; repeat case_decide => //; repeat case_match => //;
......
......@@ -82,7 +82,7 @@ Section programs.
(*** int *)
Lemma type_val_int n it T:
(it_in_range it n T (t2mt (n @ (int it)))) - typed_value (i2v n it) T.
(n it T (t2mt (n @ (int it)))) - typed_value (i2v n it) T.
Proof. iDestruct 1 as ([v Hv]%val_of_int_is_some) "HT". iExists _. iFrame. by rewrite /i2v Hv. Qed.
Global Instance type_val_int_inst n it : TypedValue (i2v n it) :=
λ T, i2p (type_val_int n it T).
......@@ -100,7 +100,7 @@ Section programs.
| GeOp => Some (bool_decide (n1 >= n2))
| _ => None
end = Some b
(it_in_range it n1 - it_in_range it n2 - T (i2v (Z_of_bool b) i32) (t2mt (b @ boolean i32))) -
(n1 it - n2 it - T (i2v (Z_of_bool b) i32) (t2mt (b @ boolean i32))) -
typed_bin_op v1 (v1 ◁ᵥ n1 @ int it) v2 (v2 ◁ᵥ n2 @ int it) op (IntOp it) (IntOp it) T.
Proof.
iIntros (Hop) "HT". iIntros (Hv1 Hv2 Φ) "HΦ".
......@@ -142,7 +142,7 @@ Section programs.
| ShrOp => Some (n1 n2)
| _ => None
end = Some n
(it_in_range it n1 - it_in_range it n2 - it_in_range it n T (i2v n it) (t2mt (n @ int it))) -
(n1 it - n2 it - n it T (i2v n it) (t2mt (n @ int it))) -
typed_bin_op v1 (v1 ◁ᵥ n1 @ int it) v2 (v2 ◁ᵥ n2 @ int it) op (IntOp it) (IntOp it) T.
Proof.
iIntros (Hop) "HT". iIntros (Hv1 Hv2 Φ) "HΦ".
......@@ -158,7 +158,7 @@ Section programs.
| ModOp => Some (n1 `rem` n2)
| _ => None
end = Some n
(it_in_range it n1 - it_in_range it n2 - n2 0 it_in_range it n T (i2v n it) (t2mt (n @ int it))) -
(n1 it - n2 it - n2 0 n it T (i2v n it) (t2mt (n @ int it))) -
typed_bin_op v1 (v1 ◁ᵥ n1 @ int it) v2 (v2 ◁ᵥ n2 @ int it) op (IntOp it) (IntOp it) T.
Proof.
iIntros (Hop) "HT". iIntros (Hv1 Hv2 Φ) "HΦ".
......@@ -234,7 +234,7 @@ Section programs.
λ B m ss def fn ls fr Q, i2p (type_switch_int n it m ss def Q fn ls fr v).
Lemma type_neg_int n it v T:
(it_in_range it n - it.(it_signed) n it_min it T (i2v (-n) it) (t2mt ((-n) @ int it))) -
(n it - it.(it_signed) n min_int it T (i2v (-n) it) (t2mt ((-n) @ int it))) -
typed_un_op v (v ◁ᵥ n @ int it)%I (NegOp) (IntOp it) T.
Proof.
iIntros "HT". iIntros (Hv Φ) "HΦ".
......@@ -242,7 +242,7 @@ Section programs.
iDestruct ("HT" with "[//]") as (Hs Hn) "HT".
have ? : val_of_int (- n) it = Some (i2v (- n) it). {
have [|? Hv'] := val_of_int_is_some it (- n); last by rewrite /i2v Hv'.
unfold it_in_range, it_max, it_min in *.
unfold elem_of, int_elem_of_it, max_int, min_int in *.
destruct it as [?[]] => //; simpl in *; lia.
}
iApply wp_neg_int => //. by iApply ("HΦ" with "[] HT").
......@@ -252,7 +252,7 @@ Section programs.
λ T, i2p (type_neg_int n it v T).
Lemma type_cast_int n it1 it2 v T:
(it_in_range it1 n - it_in_range it2 n T (i2v n it2) (t2mt (n @ int it2))) -
(n it1 - n it2 T (i2v n it2) (t2mt (n @ int it2))) -
typed_un_op v (v ◁ᵥ n @ int it1)%I (CastOp (IntOp it2)) (IntOp it1) T.
Proof.
iIntros "HT". iIntros (Hv Φ) "HΦ".
......@@ -371,8 +371,8 @@ Section tests.
Context `{!typeG Σ}.
Example type_eq n1 n3 T:
it_in_range size_t n1
it_in_range size_t n3
n1 size_t
n3 size_t
typed_val_expr ((i2v n1 size_t +{IntOp size_t, IntOp size_t} i2v 0 size_t) = {IntOp size_t, IntOp size_t} i2v n3 size_t ) T.
Proof.
move => Hn1 Hn2.
......@@ -381,7 +381,7 @@ Section tests.
iApply type_val. iApply type_val_int. iSplit => //.
iApply type_val. iApply type_val_int. iSplit => //.
iApply type_arithop_int_int => //. iIntros (??). iSplit. {
iPureIntro. unfold it_in_range, it_min, it_max in *; lia.
iPureIntro. unfold elem_of, int_elem_of_it, min_int, max_int in *; lia.
}
iApply type_val. iApply type_val_int. iSplit => //.
iApply type_relop_int_int => //.
......
......@@ -101,14 +101,15 @@ Section padded.
iDestruct (ty_deref with "Hr") as (v2) "[Hr Hv2]".
iDestruct (ty_size_eq with "Hv2") as %Hlen2.
iDestruct ("HT" with "Hv1") as (<-) "$".
iExists (v1 ++ v2). rewrite /= heap_mapsto_app /has_layout_val app_length Hlen1 Hlen2. iFrame.
iPureIntro. split => //. rewrite /= /ly_offset{2}/ly_size. lia.
iExists (v1 ++ v2).
rewrite /= heap_mapsto_app /has_layout_val app_length Hlen1 Hlen2.
iFrame. iPureIntro.
split => //. rewrite /= /ly_offset {2}/ly_size. lia.
Qed.
Global Instance subsume_padded_uninit_inst l ly lyty ty `{!Movable ty}:
SubsumePlace l Own (padded ty lyty ly) (uninit ly) :=
λ T, i2p (subsume_padded_uninit l ly lyty ty T).
Lemma subsume_uninit_padded l β ly lyty T:
lyty ly T -
subsume (l ◁ₗ{β} uninit ly) (l ◁ₗ{β} padded (uninit lyty) lyty ly) T.
......@@ -175,7 +176,7 @@ Section padded.
iIntros "(% & % & % & HT)" (Hint) "Hp". iIntros (Φ) "HΦ".
iDestruct (split_padded (Z.to_nat n) with "Hp") as "[H1 H2]"; [lia..|].
iApply wp_ptr_offset. by apply val_to_of_loc. by apply val_to_of_int.
{ have := val_of_int_in_range _ _ _ Hint. unfold it_in_range, it_min; simpl. lia. }
{ have := val_of_int_in_range _ _ _ Hint. unfold elem_of, int_elem_of_it, min_int; simpl. lia. }
iModIntro. rewrite offset_loc_sz1//.
iApply ("HΦ" with "[H2]"). 2: iApply ("HT" with "H1 []"). rewrite Z2Nat.id; [|lia]. by iFrame.
by iPureIntro.
......
......@@ -85,7 +85,7 @@ Section uninit.
iIntros "(%&%&HT)" (Hint) "Hp". iIntros (Φ) "HΦ".
iDestruct (split_uninit (Z.to_nat n) with "Hp") as "[H1 H2]"; [lia..|].
iApply wp_ptr_offset. by apply val_to_of_loc. by apply val_to_of_int.
{ have := val_of_int_in_range _ _ _ Hint. unfold it_in_range, it_min; simpl. lia. }
{ have := val_of_int_in_range _ _ _ Hint. unfold elem_of, int_elem_of_it, min_int; simpl. lia. }
iModIntro. rewrite offset_loc_sz1//.
iApply ("HΦ" with "[H2]"). 2: iApply ("HT" with "H1 []"). rewrite Z2Nat.id; [|lia]. by iFrame.
by iPureIntro.
......
......@@ -57,8 +57,8 @@ Section adequate.
].
Definition initial_heap : gmap Z (list mbyte) :=
<[block_allocator_data := replicate (Z.to_nat 10000) Poison ]> $
<[block_allocator_state := replicate (struct_alloc_state).(ly_size) Poison ]> $
<[block_allocator_data := replicate (Z.to_nat 10000) MPoison ]> $
<[block_allocator_state := replicate (struct_alloc_state).(ly_size) MPoison ]> $
<[block_initialized := LATCH_INIT ]> $
.
......
......@@ -5,25 +5,25 @@
[[rc::parameters("size : nat")]]
[[rc::args("size @ int<size_t>")]]
[[rc::requires("{size + 16 < it_max size_t}", "{(8 | size)}",
[[rc::requires("{size + 16 ≤ max_int size_t}", "{(8 | size)}",
"[alloc_initialized]")]]
[[rc::returns("&own<uninit<{mk_layout size 3}>>")]]
[[rc::returns("&own<uninit<{Layout size 3}>>")]]
void *alloc(size_t size);
[[rc::parameters("size : nat")]]
[[rc::requires("[alloc_initialized]", "{(8 | size)}")]]
[[rc::args("size @ int<size_t>", "&own<uninit<{mk_layout size 3}>>")]]
[[rc::args("size @ int<size_t>", "&own<uninit<{Layout size 3}>>")]]
void free(size_t size, void *ptr);
[[rc::parameters("size : nat", "n : nat")]]
[[rc::args("size @ int<size_t>", "n @ int<size_t>")]]
[[rc::requires("{size * n + 16 < it_max size_t}", "{(8 | size)}", "[alloc_initialized]")]]
[[rc::returns("&own<array<{mk_layout size 3}, {replicate n (uninit (mk_layout size 3))}>>")]]
[[rc::requires("{size * n + 16 ≤ max_int size_t}", "{(8 | size)}", "[alloc_initialized]")]]
[[rc::returns("&own<array<{Layout size 3}, {replicate n (uninit (Layout size 3))}>>")]]
void *alloc_array(size_t size, size_t n);
[[rc::parameters("size : nat", "n : nat")]]
[[rc::requires("[alloc_initialized]")]]
[[rc::requires("{size * n < it_max size_t}", "{(8 | size)}")]]
[[rc::args("size @ int<size_t>", "n @ int<size_t>", "&own<array<{mk_layout size 3}, {replicate n (uninit (mk_layout size 3))}>>")]]
[[rc::requires("{size * n ≤ max_int size_t}", "{(8 | size)}")]]
[[rc::args("size @ int<size_t>", "n @ int<size_t>", "&own<array<{Layout size 3}, {replicate n (uninit (Layout size 3))}>>")]]
void free_array(size_t size, size_t n, void *ptr);
#define ALLOC(sz) alloc(sz)
......
......@@ -4,7 +4,7 @@
typedef struct [[rc::refined_by("sizes : {list nat}")]]
[[rc::ptr_type("alloc_entry_t : {maybe2 cons sizes} @ optionalO<λ (size, l) : {(nat * _)}. &own<...>>")]]
[[rc::size("{mk_layout size 3}")]]
[[rc::size("{Layout size 3}")]]
[[rc::constraints("{(8 | size)}")]] alloc_entry {
[[rc::field("size @ int<size_t>")]]
size_t size;
......
......@@ -99,7 +99,7 @@ Section code.
Program Definition struct_list_node := {|
sl_members := [
(Some "val", it_layout i32);
(None, mk_layout 4%nat 0%nat);
(None, Layout 4%nat 0%nat);
(Some "next", LPtr)
];
|}.
......
......@@ -99,7 +99,7 @@ Section code.
Program Definition struct_list_node := {|
sl_members := [
(Some "val", it_layout i32);
(None, mk_layout 4%nat 0%nat);
(None, Layout 4%nat 0%nat);
(Some "next", LPtr)
];
|}.
......
......@@ -19,7 +19,7 @@ Section spec.
(* Specifications for function [add1]. *)
Definition type_of_add1 :=
fn( n : Z; (n @ (int (i32))); n + 1 < it_max i32)
fn( n : Z; (n @ (int (i32))); n + 1 max_int i32)
() : (), ((n + 1) @ (int (i32))); True.
(* Specifications for function [min]. *)
......@@ -29,7 +29,7 @@ Section spec.
(* Specifications for function [looping_add]. *)
Definition type_of_looping_add :=
fn( (va, vb) : Z * Z; (va @ (int (i32))), (vb @ (int (i32))); va + vb < it_max i32 0 <= va)
fn( (va, vb) : Z * Z; (va @ (int (i32))), (vb @ (int (i32))); va + vb max_int i32 0 <= va)
() : (), ((va + vb) @ (int (i32))); True.
(* Specifications for function [init_int]. *)
......
......@@ -73,22 +73,22 @@ Section spec.
(* Specifications for function [alloc]. *)
Definition type_of_alloc :=
fn( size : nat; (size @ (int (size_t))); size + 16 < it_max size_t (8 | size) (alloc_initialized))
() : (), (&own (uninit (mk_layout size 3))); True.
fn( size : nat; (size @ (int (size_t))); size + 16 max_int size_t (8 | size) (alloc_initialized))
() : (), (&own (uninit (Layout size 3))); True.
(* Specifications for function [free]. *)
Definition type_of_free :=
fn( size : nat; (size @ (int (size_t))), (&own (uninit (mk_layout size 3))); (alloc_initialized) (8 | size))
fn( size : nat; (size @ (int (size_t))), (&own (uninit (Layout size 3))); (alloc_initialized) (8 | size))
() : (), (void); True.
(* Specifications for function [alloc_array]. *)
Definition type_of_alloc_array :=
fn( (size, n) : nat * nat; (size @ (int (size_t))), (n @ (int (size_t))); size * n + 16 < it_max size_t (8 | size) (alloc_initialized))
() : (), (&own (array (mk_layout size 3) (replicate n (uninit (mk_layout size 3))))); True.
fn( (size, n) : nat * nat; (size @ (int (size_t))), (n @ (int (size_t))); size * n + 16 max_int size_t (8 | size) (alloc_initialized))
() : (), (&own (array (Layout size 3) (replicate n (uninit (Layout size 3))))); True.
(* Specifications for function [free_array]. *)
Definition type_of_free_array :=
fn( (size, n) : nat * nat; (size @ (int (size_t))), (n @ (int (size_t))), (&own (array (mk_layout size 3) (replicate n (uninit (mk_layout size 3))))); size * n < it_max size_t (8 | size) (alloc_initialized))
fn( (size, n) : nat * nat; (size @ (int (size_t))), (n @ (int (size_t))), (&own (array (Layout size 3) (replicate n (uninit (Layout size 3))))); size * n max_int size_t (8 | size) (alloc_initialized))
() : (), (void); True.
(* Specifications for function [test]. *)
......
......@@ -255,7 +255,7 @@ Section code.
Program Definition struct_alloc_state := {|
sl_members := [
(Some "lock", layout_of struct_spinlock);
(None, mk_layout 7%nat 0%nat);
(None, Layout 7%nat 0%nat);
(Some "data", LPtr)
];
|}.
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment