[3] | 1 | (* *********************************************************************) |
---|
| 2 | (* *) |
---|
| 3 | (* The Compcert verified compiler *) |
---|
| 4 | (* *) |
---|
| 5 | (* Xavier Leroy, INRIA Paris-Rocquencourt *) |
---|
| 6 | (* *) |
---|
| 7 | (* Copyright Institut National de Recherche en Informatique et en *) |
---|
| 8 | (* Automatique. All rights reserved. This file is distributed *) |
---|
| 9 | (* under the terms of the GNU General Public License as published by *) |
---|
| 10 | (* the Free Software Foundation, either version 2 of the License, or *) |
---|
| 11 | (* (at your option) any later version. This file is also distributed *) |
---|
| 12 | (* under the terms of the INRIA Non-Commercial License Agreement. *) |
---|
| 13 | (* *) |
---|
| 14 | (* *********************************************************************) |
---|
| 15 | |
---|
| 16 | (* * Axiomatization of floating-point numbers. *) |
---|
| 17 | |
---|
| 18 | (* * In contrast with what we do with machine integers, we do not bother |
---|
| 19 | to formalize precisely IEEE floating-point arithmetic. Instead, we |
---|
| 20 | simply axiomatize a type [float] for IEEE double-precision floats |
---|
| 21 | and the associated operations. *) |
---|
| 22 | |
---|
[700] | 23 | include "utilities/Coqlib.ma". |
---|
| 24 | include "common/Integers.ma". |
---|
[3] | 25 | |
---|
[487] | 26 | axiom float: Type[0]. |
---|
[3] | 27 | |
---|
| 28 | (*Module Float.*) |
---|
| 29 | |
---|
[487] | 30 | axiom Fzero: float. |
---|
| 31 | axiom Fone: float. |
---|
[3] | 32 | |
---|
[487] | 33 | axiom Fneg: float → float. |
---|
| 34 | axiom Fabs: float → float. |
---|
| 35 | axiom singleoffloat: float → float. |
---|
[961] | 36 | axiom intoffloat: ∀n. float → BitVector n. |
---|
| 37 | axiom intuoffloat: ∀n. float → BitVector n. |
---|
| 38 | axiom floatofint: ∀n. BitVector n → float. |
---|
| 39 | axiom floatofintu: ∀n. BitVector n → float. |
---|
[3] | 40 | |
---|
[487] | 41 | axiom Fadd: float → float → float. |
---|
| 42 | axiom Fsub: float → float → float. |
---|
| 43 | axiom Fmul: float → float → float. |
---|
| 44 | axiom Fdiv: float → float → float. |
---|
[3] | 45 | |
---|
[487] | 46 | axiom Fcmp: comparison → float → float → bool. |
---|
[3] | 47 | |
---|
[487] | 48 | axiom eq_dec: ∀f1,f2: float. (f1 = f2) + (f1 ≠ f2). |
---|
[3] | 49 | |
---|
| 50 | (* * Below are the only properties of floating-point arithmetic that we |
---|
| 51 | rely on in the compiler proof. *) |
---|
| 52 | |
---|
[487] | 53 | axiom addf_commut: ∀f1,f2. Fadd f1 f2 = Fadd f2 f1. |
---|
[3] | 54 | |
---|
[487] | 55 | axiom subf_addf_opp: ∀f1,f2. Fsub f1 f2 = Fadd f1 (Fneg f2). |
---|
[3] | 56 | |
---|
[487] | 57 | axiom singleoffloat_idem: |
---|
[3] | 58 | ∀f. singleoffloat (singleoffloat f) = singleoffloat f. |
---|
| 59 | |
---|
[487] | 60 | axiom Fcmp_ne_eq: |
---|
[3] | 61 | ∀ f1,f2. Fcmp Cne f1 f2 = ¬(Fcmp Ceq f1 f2). |
---|
[487] | 62 | axiom Fcmp_le_lt_eq: |
---|
[3] | 63 | ∀ f1,f2. Fcmp Cle f1 f2 = (Fcmp Clt f1 f2 ∨ Fcmp Ceq f1 f2). |
---|
[487] | 64 | axiom Fcmp_ge_gt_eq: |
---|
[3] | 65 | ∀f1,f2. Fcmp Cge f1 f2 = (Fcmp Cgt f1 f2 ∨ Fcmp Ceq f1 f2). |
---|
| 66 | |
---|
[487] | 67 | axiom Feq_zero_true: Fcmp Ceq Fzero Fzero = true. |
---|
| 68 | axiom Feq_zero_false: ∀f. f ≠ Fzero → Fcmp Ceq f Fzero = false. |
---|
[3] | 69 | |
---|
| 70 | (*End Float.*) |
---|