compcert - CompCert fork with minor modifications for Vericert.

	Commit message (Collapse)	Author	Age	Files	Lines
*	Turn 64-bit integer division and modulus by constants into multiply-high	Xavier Leroy	2016-10-04	1	-1/+14
\| \| \| \| \| \|	This trick was already implemented for 32-bit integer division and modulus. Here we extend it to the 64-bit case. For 32-bit target processors, the runtime library must implement 64-bit multiply-high (signed and unsigned). Tentative implementations are provided for IA32 and PowerPC, but need testing.
*	Improve code generation for 64-bit signed integer division	Xavier Leroy	2016-10-02	1	-1/+17
\| \| \| \| \| \|	Implement the 'shift right extended' trick, both in the generic implementation (backend/SplitLong) and in the IA32 port. Note that now SelectDiv depends on SelectLong, and that some work was moved from SelectLong to SelectDiv.
*	Support for 64-bit architectures: generic support	Xavier Leroy	2016-10-01	1	-114/+617
\| \| \| \| \| \| \| \| \| \| \|	- Introduce Archi.ptr64 parameter. - Define module Ptrofs of integers as wide as a pointer (64 if Archi.ptr64, 32 otherwise). - Use Ptrofs.int as the offset type for Vptr values and anywhere pointer offsets are manipulated. - Modify Val operations that handle pointers (e.g. Val.add, Val.sub, Val.cmpu) so that in 64-bit pointer mode it is the "long" operation (e.g. Val.addl, Val.subl, Val.cmplu) that handles pointers. - Update the memory model accordingly. - Modify C operations that handle pointers (e.g. addition, subtraction, comparisons) accordingly. - Make it possible to turn off the splitting of 64-bit integers into pairs of 32-bit integers. - Update the compiler front-end and back-end accordingly.
*	Port to Coq 8.5pl2	Xavier Leroy	2016-07-08	1	-1/+1
\| \| \| \| \|	Manual merging of branch jhjourdan:coq8.5. No other change un functionality.
*	Stricter control of permissions in memory injections and extensions	Xavier Leroy	2016-06-22	1	-0/+3
\| \| \| \|	As suggested by Lennart Beringer, this commits strengthens memory injections and extensions so as to guarantee that the permissions of existing memory locations are not increased by the injection/extension. The only increase of permissions permitted is empty locations in the source memory state of the injection/extension being mapped to nonempty locations.
*	Improved handling of "rotate left" and "rotate right" operators	Xavier Leroy	2016-06-22	1	-18/+36
\| \| \| \| \| \| \| \|	- Values: "rol" and "ror" are defined even if their second argument is not in the [0,31] range (for consistency with "rolm" and because the semantics is definitely well defined in this case). - NeedDomain: more precise analysis of "rol" and "rolm", could benefit the PowerPC port.
*	ValueAnalysis: use ZTrees instead of ZMaps for abstracting contents of ↵	Xavier Leroy	2016-05-07	1	-111/+61
\| \| \| \| \| \| \| \|	memory blocks Trees are slightly more efficient than Maps, and avoid maintaining the invariant on the default value. lib/Maps: add a generic construction of a (partial) Tree module from an indexed type; use it to define ZTrees (trees indexed by Z integers).
*	Update the back-end proofs to the new linking framework.	Xavier Leroy	2016-03-06	1	-16/+8
\|
*	Updated PR by removing whitespaces. Bug 17450.	Bernhard Schommer	2015-10-20	1	-389/+389
\|
*	ValueDomain: add some documentation comments.	Xavier Leroy	2015-07-19	1	-20/+32
\|
*	Value analysis: keep track of pointer values that leak through small ↵	Xavier Leroy	2015-07-19	1	-153/+171
\| \| \| \| \| \|	integers with Uns or Sgn abstract values. This is a follow-up to commit 2932b53. It adds provenance tracking to the Uns and Sgn abstract values.
*	Value analysis: keep track of pointer values that leak through arithmetic ↵	Xavier Leroy	2015-07-19	1	-152/+160
\| \| \| \| \| \|	operations with undefined behaviors. Consider (x ^ 1) ^ 1 where x is a intptr_t containing a pointer value. "x ^ 1" evaluates to Vundef in the CompCert semantics, hence the value analysis, in strict mode, gives abstract result Ifptr Pbot (= any number but not a pointer). In relaxed mode, we now give abstract result Ifptr (poffset p) where p is the abstraction of the pointer, thus keeping track of the actual leak of the pointer value.
*	ValueDomain.aptr_of_aval: be more conservative with pointers synthesized ↵	Xavier Leroy	2015-07-18	1	-5/+13
\| \| \| \| \| \|	from numbers. For example: ((int ) 0x10000) = 0. This write used to be treated as not interfering with any load. With this change, in relaxed value analysis mode, it is treated as interfering with any load except those from the current stack frame.
*	Missing cases in ValueDomain.vnormalize, causing overapproximation.	Xavier Leroy	2015-07-18	1	-2/+2
\|
*	Missing case in ValueDomain.pincl, causing incompleteness.	Xavier Leroy	2015-07-18	1	-0/+9
\|
*	Introduce tolerance for casts of pointer values to/from 64-bit integers.	Xavier Leroy	2015-07-15	1	-3/+12
\|
*	Long-overdue renaming: val_inject -> Val.inject, etc, for consistency with ↵	Xavier Leroy	2015-04-30	1	-3/+3
\| \| \| \|	Val.lessdef, etc.
*	Revised semantics of comparisons between a pointer and 0.	Xavier Leroy	2015-03-15	1	-2/+4
\| \| \| \| \| \| \| \| \| \| \|	It used to be that a pointer value (Vptr) always compare unequal to the null pointer (Vint Int.zero). However, this may not be true in the final machine code when pointer addition overflows and wraps around to the bit pattern 0. This patch checks the validity of the pointer being compared with 0, and makes the comparison undefined if the pointer is out of bounds. Note: only the IA32 back-end was updated, ARM and PowerPC need updating.
*	- Support "switch" statements over 64-bit integers	xleroy	2014-08-17	1	-4/+177
\| \| \| \| \| \| \| \| \| \| \| \| \|	(in CompCert C to Cminor, included) - Translation of "switch" to decision trees or jumptables made generic over the sizes of integers and moved to the Cminor->CminorSel pass instead of CminorSel->RTL as before. - CminorSel: add "exitexpr" to support the above. - ValueDomain: more precise analysis of comparisons against an integer literal. E.g. "x >=u 0" is always true. git-svn-id: https://yquem.inria.fr/compcert/svn/compcert/trunk@2565 fca1b0fc-160b-0410-b1d3-a4f43f01ea2e
*	Merge of "newspilling" branch:	xleroy	2014-07-23	1	-84/+233
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	- Support single-precision floats as first-class values - Introduce chunks Many32, Many64 and types Tany32, Tany64 to support saving and restoring registers without knowing the exact types (int/single/float) of their contents, just their sizes. - Memory model: generalize the opaque encoding of pointers to apply to any value, not just pointers, if chunks Many32/Many64 are selected. - More properties of FP arithmetic proved. git-svn-id: https://yquem.inria.fr/compcert/svn/compcert/trunk@2537 fca1b0fc-160b-0410-b1d3-a4f43f01ea2e
*	Refactoring: move symbol_offset into Genv.	xleroy	2014-05-24	1	-7/+4
\| \| \| \|	git-svn-id: https://yquem.inria.fr/compcert/svn/compcert/trunk@2503 fca1b0fc-160b-0410-b1d3-a4f43f01ea2e
*	Constprop: use "not" for "xorimm(-1)"; optimize == 1 and != 0 comparisons ↵	xleroy	2014-04-09	1	-0/+14
\| \| \| \| \| \| \| \| \| \|	over booleans. Select*: more systematic constant propagation; don't CP shifts by amounts outside of [0..31]. Driver: timer for whole compilation. git-svn-id: https://yquem.inria.fr/compcert/svn/compcert/trunk@2452 fca1b0fc-160b-0410-b1d3-a4f43f01ea2e
*	Add option -Os to optimize for code size rather than for execution speed.	xleroy	2014-02-19	1	-16/+13
\| \| \| \| \| \| \| \|	Refactored compilation flags that affect the Coq part (module Compopts). Added support for C99 for loops with declarations. git-svn-id: https://yquem.inria.fr/compcert/svn/compcert/trunk@2410 fca1b0fc-160b-0410-b1d3-a4f43f01ea2e
*	- Back to origins: suppress Mfloat64al32 chunk and align Mfloat64 to 4.	xleroy	2014-01-12	1	-5/+2
\| \| \| \| \| \| \|	- Revised printing of intermediate RTL code. git-svn-id: https://yquem.inria.fr/compcert/svn/compcert/trunk@2403 fca1b0fc-160b-0410-b1d3-a4f43f01ea2e
*	Updated ARM backend wrt new static analyses and optimizations.	xleroy	2014-01-02	1	-0/+12
\| \| \| \| \| \| \| \|	NeedOp, Deadcode: must have distinct needs per argument of an operator. This change remains to be propagated to IA32 and PPC. git-svn-id: https://yquem.inria.fr/compcert/svn/compcert/trunk@2399 fca1b0fc-160b-0410-b1d3-a4f43f01ea2e
*	Ctypes.sizeof ty = 0 for empty types ty (zero-sized array, empty struct/union).	xleroy	2013-12-30	1	-6/+4
\| \| \| \| \| \| \|	__builtin_memcpy_aligned now supports the case sz = 0. git-svn-id: https://yquem.inria.fr/compcert/svn/compcert/trunk@2392 fca1b0fc-160b-0410-b1d3-a4f43f01ea2e
*	Merge of branch value-analysis.	xleroy	2013-12-20	1	-0/+3692
	git-svn-id: https://yquem.inria.fr/compcert/svn/compcert/trunk@2381 fca1b0fc-160b-0410-b1d3-a4f43f01ea2e