| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
The function is in fact just a call to the
function`is_callee_save_register` from `Conventions1.v`.
|
|
|
|
|
|
|
| |
The function String.uppercase was deprecated and the replacement
function String.upercase_ascii was only available from OCaml 4.03.0.
Since the minimal OCaml version is now 4.05.0 we can use the function
String.upercase_ascii.
|
|
|
|
|
| |
Replace the pattern `try Some (Hashtbl.find ...) with Not_found -> None`
by a call to the function Hashtbl.find_opt.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A typical example is `(void) __builtin_sel(a, b, c)`.
It is safe to generate zero code for these uses of builtins
because builtins whose semantics are known to the compiler
are pure. Other builtins with side effects (e.g. `__builtin_trap`)
are not known and will remain in the compiled code.
It is useful to generate zero code for these uses of builtins
because some of them (e.g. `__builtin_sel`) must be transformed
into proper CminorSel expressions during instruction selection.
Otherwise, they propagate all the way to ExpandAsm, causing
a "not implemented" error there.
|
|
|
|
| |
In particular __builtin_sel.
|
|
|
|
|
|
|
| |
Based on testing with beta-1 release.
The deprecation warning about the "omega" tactic is ignored while we
decide when to switch to "lia" instead.
|
|
|
|
|
|
|
| |
As detected by the new warning in Coq 8.12.
The use of Fixpoint here is not warranted and either an oversight or a
leftover from an earlier version.
|
|
|
|
| |
Follow-up to commit 070babef.
|
|
|
|
|
|
|
|
| |
This is useful for statements such as `(void) expr;` where we would
prefer not to explicitly compute intermediate values of type `void`
and store them in Clight temporary variables.
See issue #361 for a real-world occurrence of this phenomenon.
|
|
|
|
| |
Updated configure script to also allow coq version 8.11.2
|
|
|
|
| |
__builtin_ais_annot is not supported for macOS nor for Cygwin.
|
|
|
|
|
|
|
|
|
|
|
|
| |
The printing of EF_annot and EF_annot_val was missing the extra "kind"
parameter introduced in commit 6a010b4.
Also: the automatic translation of annotations into Coq assertions
was confusing and prevented other uses of __builtin_annot statements
in conjunction with clightgen. I believe it was never used.
This commit removes this translation.
Closes: #360
|
|
|
|
| |
Closes: #358
|
|
|
|
|
|
|
|
| |
In the original code, collisions could occur: an identifier could
be numbered with a number that happens to be equal to its canonical
encoding. This was harmless but confusing.
Closes: #358
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#353)
Within CompCert, identifiers (names of C functions, variables, types,
etc) are represented by unique positive numbers, sometimes called
"atoms".
In the original implementation, atoms 1, 2, ..., N are assigned
to identifiers as they are encountered. The resulting number
are small and are efficient when used as keys in data structures
such as PTrees. However, the mapping from C source-level identifiers
to atoms differs between compilation units. This is not a problem
for CompCert but complicates CompCert-based verification tools
that need to combine several compilation units.
This commit introduces an alternate implementation of atoms, suggested
by Andrew Appel. The choice between implementations is governed by
the Boolean reference `Camlcoq.use_canonical_atoms`.
In the alternate implementation, identifiers are converted to bit
sequences via a Huffman encoding, then the bits are represented as
positive numbers. The same identifier is always represented by the
same number. However, the numbers are usually bigger than in the
original implementation, making PTree operations slower: lookups and
updates take time linear in the length of the identifier, instead of
logarithmic time in the number of identifiers encountered.
The CompCert compiler (the `ccomp` executable) still uses the original
implementation, but the `clightgen` tool used in conjunction with the
VST program logic can use either implementations:
- The alternate "canonical atoms" implementation is used by default,
and also if the `-canonical-idents` option is given.
- The original implementation is used if the `-short-idents` option is
given.
Closes: #222
Closes: #311
|
|
|
|
|
|
| |
The Commandline module is reusable in other projects, and its license
(GPL) allows such reuse, so its natural place is in lib/ rather
than in driver/
|
|
|
|
| |
Closes: #351
|
|
|
|
|
|
| |
The corresponding files in all other ports are dual-licensed
(GPL + non-commercial), there is no reason it should be different for
aarch64.
|
|
|
|
|
| |
So as not to depend on an implicit import from module Program.
(See PR #352.)
|
|
|
|
|
|
| |
On some versions of Coq, "nil" is of type "Rlist"...
This reverts commit f070949a7559675af3e551e16e5cae95af5d4285.
|
|
|
|
|
| |
The rest of the code base uses `nil`, so let's be consistent.
Also, this avoids depending on `Import ListNotations`.
|
| |
|
|
|
|
|
| |
import ListNotations wherever it is necessary so that we do not rely on it being exported by Program. (See #352.)
This is a backport from upstream: https://gitlab.inria.fr/fpottier/menhir/-/commit/53f94fa42c80ab1728383e9d2b19006180b14a78
|
|
|
|
|
|
|
|
| |
The file contains various parameters about the target processor and ABI,
useful for VST and possibly other users of CompCert as a Coq library.
It is in "var=val" syntax so that it can be included directly from
a Makefile or a shell script.
|
|
|
|
| |
compile.pl is a build artefact.
|
|
|
|
| |
Don't use sed, just echo the contents of the file.
|
|
|
|
|
|
|
| |
The list of reserved_registers is never reset between the compilation of
multiple files. Instead of storing them in IRC they are moved in the
CPragmas file and reset in the a new reset function for Cpragmas whic is
called per file.
|
|
|
|
| |
Update configure script.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
The "stof" and "utof" runtime functions contain a round-to-odd step
that avoids double rounding. However, this step was incorrectly coded
on PowerPC (stof and utof), PowerPC64 (utof), and ARM (stof), making
round-to-odd ineffective and causing double rounding.
Closes: #343
|
|
|
|
|
| |
This is a special value that causes double rounding with the naive
conversion schema int64 -> float64 -> float32.
|
|
|
|
|
|
|
|
| |
Introduce an error message for section attributes with non string
arguments,and another for multiple, ambiguous section attributes.
This is more consistent with the handling of other
attributes, like packed, than the old behavior of silently
ignoring them.
|
|
|
| |
In case of redefinition of a typedef name with a different type.
|
|
|
|
|
|
|
|
| |
Double FP arguments passed on stack were incorrectly aligned:
they must be 8-aligned but were 4-aligned only.
This was due to the use of `Location.typealign`, which is the minimal
hardware-supported alignment for a given type, namely 1 word for type Tfloat.
To get the correct alignments, `Location.typesize` must be used instead.
|
|
|
|
|
| |
The proof script for Events.excall_free_ok was incomplete
if Archi.ptr64 is unknown (as in the RISC-V case).
|
|
|
|
|
|
|
|
| |
According to ISO C, `free(NULL)` is correct and does nothing.
This commit updates accordingly the formal semantics of the `free`
external function and the reference interpreter.
Closes: #334
|
|
|
|
|
|
|
|
| |
Currently we require the memory to be unchanged on readonly locations.
This is too strong. For example, current permissions could decrease
from readonly to none.
This commit weakens the ec_readonly condition to the strict minimum
needed to show the correctness of value analysis for const globals.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The EABI and the SVR4 ABI state that single-precision FP arguments passed
on stack are passed as a 64-bit word, extended to double-precision.
This commit implements this behavior by using a stack slot of type Tany64.
Not only this ensures that the slot is of size and alignment 8 bytes,
but it also ensures that it is accessed by stfd and lfd instructions,
using single-extended-to-double format.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until now the types Tany32 and Tany64 were not used prior to register
allocation, so IRC.class_of_type did not need to be defined for
those types.
However, there are possible uses of stack slots of type Tany32 and Tany64
to specify calling conventions. For this purpose, we need to define
class_of_type for Tany32 and Tany64. We follow the informal convention
that Tany32 goes in integer registers and Tany64 goes into integer
registers if 64-bit wide, or FP registers otherwise.
|
|
|
|
|
|
|
|
|
| |
GCC does passes single arguments as singles on the stack but diab
and the eabi say single arguments should be passed as double on
the stack.
This commit changes the alignment of single arguments to 4 for
gcc based backends.
|
|
|
|
|
|
|
|
|
|
|
|
| |
We were implementing the ABI described in the RISC-V Instruction Set
Manual, version 2.1. However, this ABI was superseded by the RISC-V
ELF psABI specification.
This commit changes the calling conventions to better match the ELF psABI
specification. This should greatly improve interoperability with code
compiled by other RISC-V compilers.
One incompatibility remains: when all 8 FP argument registers have been used, further FP arguments should be passed in integer argument registers if available, while this PR passes them on stack.
|
|
|
|
| |
See ISO C2011 standard, section 6.4.4.4 para 11.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "size_arguments" function and its properties can be systematically
derived from the "loc_arguments" function and its properties.
Before, the RISC-V port used this derivation, and all other ports
used hand-written "size_arguments" functions and proofs.
This commit moves the definition of "size_arguments" to the
platform-independent file backend/Conventions.v, using the systematic
derivation, and removes the platform-specific definitions.
This reduces code and proof size, and makes it easier to change the
calling conventions.
|
|
|
|
|
|
|
| |
According to AAPCS64 (the AArch64 ABI specification), the
top bits of the register containing the function result have
unspecified value, so we need to sign- or zero-extend the function result
before using it, as in the x86 port.
|