Une MAJ de sécurité est nécessaire sur notre version actuelle. Elle sera effectuée lundi 02/08 entre 12h30 et 13h. L'interruption de service devrait durer quelques minutes (probablement moins de 5 minutes).

Commit 5c209376 authored by Asma Tafat-Bouzid's avatar Asma Tafat-Bouzid
Browse files

blocking semantic

parent 7e6433db
...@@ -314,11 +314,11 @@ lemma eval_msubst_term: ...@@ -314,11 +314,11 @@ lemma eval_msubst_term:
eval_term sigma pi (msubst_term e x v) = eval_term sigma pi (msubst_term e x v) =
eval_term (IdMap.set sigma x (get_stack v pi)) pi e eval_term (IdMap.set sigma x (get_stack v pi)) pi e
lemma eval_subst_term: (* lemma eval_subst_term: *)
forall sigma:env, pi:stack, e:term, x:ident, v:ident. (* forall sigma:env, pi:stack, e:term, x:ident, v:ident. *)
fresh_in_term v e -> (* fresh_in_term v e -> *)
eval_term sigma pi (subst_term e x v) = (* eval_term sigma pi (subst_term e x v) = *)
eval_term sigma (Cons (x, (get_stack v pi)) pi) e (* eval_term sigma (Cons (x, (get_stack v pi)) pi) e *)
lemma eval_term_change_free : lemma eval_term_change_free :
forall t:term, sigma:env, pi:stack, id:ident, v:value. forall t:term, sigma:env, pi:stack, id:ident, v:value.
...@@ -377,11 +377,17 @@ lemma eval_msubst: ...@@ -377,11 +377,17 @@ lemma eval_msubst:
(* (eval_fmla sigma pi (subst f x v) <-> *) (* (eval_fmla sigma pi (subst f x v) <-> *)
(* eval_fmla sigma (Cons(x, (get_stack v pi)) pi) f) *) (* eval_fmla sigma (Cons(x, (get_stack v pi)) pi) f) *)
(* lemma eval_swap: *) lemma eval_swap_term:
(* forall f:fmla, sigma:env, pi:stack, id1 id2:ident, v1 v2:value. *) forall t:term, sigma:env, pi:stack, id1 id2:ident, v1 v2:value.
(* id1 <> id2 -> *) id1 <> id2 ->
(* (eval_fmla sigma (Cons (id1,v1) (Cons (id2,v2) pi)) f <-> *) (eval_term sigma (Cons (id1,v1) (Cons (id2,v2) pi)) t =
(* eval_fmla sigma (Cons (id2,v2) (Cons (id1,v1) pi)) f) *) eval_term sigma (Cons (id2,v2) (Cons (id1,v1) pi)) t)
lemma eval_swap:
forall f:fmla, sigma:env, pi:stack, id1 id2:ident, v1 v2:value.
id1 <> id2 ->
(eval_fmla sigma (Cons (id1,v1) (Cons (id2,v2) pi)) f <->
eval_fmla sigma (Cons (id2,v2) (Cons (id1,v1) pi)) f)
(* lemma eval_same_var: *) (* lemma eval_same_var: *)
(* forall f:fmla, sigma:env, pi:stack, id:ident, v1 v2:value. *) (* forall f:fmla, sigma:env, pi:stack, id:ident, v1 v2:value. *)
...@@ -490,10 +496,9 @@ inductive one_step env stack stmt env stack stmt = ...@@ -490,10 +496,9 @@ inductive one_step env stack stmt env stack stmt =
many_steps sigma2 pi2 s2 sigma3 pi3 s3 n -> many_steps sigma2 pi2 s2 sigma3 pi3 s3 n ->
many_steps sigma1 pi1 s1 sigma3 pi3 s3 (n+1) many_steps sigma1 pi1 s1 sigma3 pi3 s3 (n+1)
(* Not neede *) lemma steps_non_neg:
(* lemma steps_non_neg: *) forall sigma1 sigma2:env, pi1 pi2:stack, s1 s2:stmt, n:int.
(* forall sigma1 sigma2:env, pi1 pi2:stack, s1 s2:stmt, n:int. *) many_steps sigma1 pi1 s1 sigma2 pi2 s2 n -> n >= 0
(* many_steps sigma1 pi1 s1 sigma2 pi2 s2 n -> n >= 0 *)
(* Used by Hoare_logic/seq_rule*) (* Used by Hoare_logic/seq_rule*)
lemma many_steps_seq: lemma many_steps_seq:
......
...@@ -374,11 +374,6 @@ Axiom eval_msubst_term : forall (e:term) (sigma:(map mident value)) (pi:(list ...@@ -374,11 +374,6 @@ Axiom eval_msubst_term : forall (e:term) (sigma:(map mident value)) (pi:(list
((eval_term sigma pi (msubst_term e x v)) = (eval_term (set sigma x ((eval_term sigma pi (msubst_term e x v)) = (eval_term (set sigma x
(get_stack v pi)) pi e)). (get_stack v pi)) pi e)).
Axiom eval_subst_term : forall (sigma:(map mident value)) (pi:(list (ident*
value)%type)) (e:term) (x:ident) (v:ident), (fresh_in_term v e) ->
((eval_term sigma pi (subst_term e x v)) = (eval_term sigma (Cons (x,
(get_stack v pi)) pi) e)).
Axiom eval_term_change_free : forall (t:term) (sigma:(map mident value)) Axiom eval_term_change_free : forall (t:term) (sigma:(map mident value))
(pi:(list (ident* value)%type)) (id:ident) (v:value), (fresh_in_term id (pi:(list (ident* value)%type)) (id:ident) (v:value), (fresh_in_term id
t) -> ((eval_term sigma (Cons (id, v) pi) t) = (eval_term sigma pi t)). t) -> ((eval_term sigma (Cons (id, v) pi) t) = (eval_term sigma pi t)).
...@@ -420,30 +415,16 @@ Fixpoint msubst(f:fmla) (x:mident) (v:ident) {struct f}: fmla := ...@@ -420,30 +415,16 @@ Fixpoint msubst(f:fmla) (x:mident) (v:ident) {struct f}: fmla :=
Axiom subst_fresh : forall (f:fmla) (x:ident) (v:ident), (fresh_in_fmla x Axiom subst_fresh : forall (f:fmla) (x:ident) (v:ident), (fresh_in_fmla x
f) -> ((subst f x v) = f). f) -> ((subst f x v) = f).
Axiom let_subst : forall (t:term) (f:fmla) (x:ident) (id':ident) (id:mident),
((msubst (Flet x t f) id id') = (Flet x (msubst_term t id id') (msubst f id
id'))).
Axiom eval_msubst : forall (f:fmla) (sigma:(map mident value)) (pi:(list Axiom eval_msubst : forall (f:fmla) (sigma:(map mident value)) (pi:(list
(ident* value)%type)) (x:mident) (v:ident), (fresh_in_fmla v f) -> (ident* value)%type)) (x:mident) (v:ident), (fresh_in_fmla v f) ->
((eval_fmla sigma pi (msubst f x v)) <-> (eval_fmla (set sigma x ((eval_fmla sigma pi (msubst f x v)) <-> (eval_fmla (set sigma x
(get_stack v pi)) pi f)). (get_stack v pi)) pi f)).
Axiom eval_subst : forall (f:fmla) (sigma:(map mident value)) (pi:(list
(ident* value)%type)) (x:ident) (v:ident), (fresh_in_fmla v f) ->
((eval_fmla sigma pi (subst f x v)) <-> (eval_fmla sigma (Cons (x,
(get_stack v pi)) pi) f)).
Axiom eval_swap : forall (f:fmla) (sigma:(map mident value)) (pi:(list Axiom eval_swap : forall (f:fmla) (sigma:(map mident value)) (pi:(list
(ident* value)%type)) (id1:ident) (id2:ident) (v1:value) (v2:value), (ident* value)%type)) (id1:ident) (id2:ident) (v1:value) (v2:value),
(~ (id1 = id2)) -> ((eval_fmla sigma (Cons (id1, v1) (Cons (id2, v2) pi)) (~ (id1 = id2)) -> ((eval_fmla sigma (Cons (id1, v1) (Cons (id2, v2) pi))
f) <-> (eval_fmla sigma (Cons (id2, v2) (Cons (id1, v1) pi)) f)). f) <-> (eval_fmla sigma (Cons (id2, v2) (Cons (id1, v1) pi)) f)).
Axiom eval_same_var : forall (f:fmla) (sigma:(map mident value)) (pi:(list
(ident* value)%type)) (id:ident) (v1:value) (v2:value), (eval_fmla sigma
(Cons (id, v1) (Cons (id, v2) pi)) f) <-> (eval_fmla sigma (Cons (id, v1)
pi) f).
Require Import Why3. Require Import Why3.
Ltac ae := why3 "alt-ergo" timelimit 3. Ltac ae := why3 "alt-ergo" timelimit 3.
......
...@@ -425,9 +425,8 @@ simpl. ...@@ -425,9 +425,8 @@ simpl.
rewrite H1. rewrite H1.
rewrite H2; auto. rewrite H2; auto.
apply fresh_in_binop with (t:=t) (t':=t') (op := op). apply fresh_in_binop with (t:=t) (t':=t') (op := op).
apply fresh_in_binop with (t:=t) (t':=t') (op := op); apply fresh_in_binop with (t:=t) (t':=t') (op := op).
admit. admit.
Qed. Qed.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment