From d3abe2547c8921d2b324da67370822b7fb89b6c0 Mon Sep 17 00:00:00 2001 From: Yann Herklotz Date: Mon, 26 Sep 2022 13:13:51 +0100 Subject: Add global monad notation using Instances This was mostly inspired by the std++ library. --- src/hls/GiblePargen.v | 8 +-- src/hls/GiblePargenproof.v | 158 +++++++++++++++++++++------------------------ src/hls/HTLgen.v | 2 +- src/hls/HTLgenspec.v | 11 ++-- src/hls/Predicate.v | 2 +- 5 files changed, 88 insertions(+), 93 deletions(-) (limited to 'src/hls') diff --git a/src/hls/GiblePargen.v b/src/hls/GiblePargen.v index 0ca7ead..af09ee6 100644 --- a/src/hls/GiblePargen.v +++ b/src/hls/GiblePargen.v @@ -241,10 +241,10 @@ Definition is_initial_pred (f: forest) (p: positive) := | _ => None end. -Definition update (fop : option (pred_op * forest)) (i : instr): option (pred_op * forest) := - do (pred, f) <- fop; +Definition update (fop : pred_op * forest) (i : instr): option (pred_op * forest) := + let (pred, f) := fop in match i with - | RBnop => fop + | RBnop => Some fop | RBop p op rl r => do pruned <- prune_predicated @@ -298,7 +298,7 @@ Get a sequence from the basic block. |*) Definition abstract_sequence (b : list instr) : option forest := - Option.map snd (fold_left update b (Some (Ptrue, empty))). + Option.map snd (mfold_left update b (Some (Ptrue, empty))). (*| Check equivalence of control flow instructions. As none of the basic blocks diff --git a/src/hls/GiblePargenproof.v b/src/hls/GiblePargenproof.v index eae309b..bcc3fd0 100644 --- a/src/hls/GiblePargenproof.v +++ b/src/hls/GiblePargenproof.v @@ -32,6 +32,10 @@ Require Import vericert.hls.Gible. Require Import vericert.hls.GiblePargen. Require Import vericert.hls.Predicate. Require Import vericert.hls.Abstr. +Require Import vericert.common.Monad. + +Module OptionExtra := MonadExtra(Option). +Import OptionExtra. #[local] Open Scope positive. #[local] Open Scope forest. @@ -1160,18 +1164,20 @@ Proof. induction 2; try rewrite H; eauto with barg. Qed. forall f i' i'' a sp p i p' f', sem (mk_ctx i sp ge) f (i', None) -> step_instr ge sp (Iexec i') a (Iexec i'') -> - update (Some (p, f)) a = Some (p', f') -> + update (p, f) a = Some (p', f') -> sem (mk_ctx i sp ge) f' (i'', None). Proof. Admitted. - (* Lemma sem_update_instr_term : *) - (* forall f i' i'' a sp i cf p p' p'' f', *) - (* sem (mk_ctx i sp ge) f (i', None) -> *) - (* step_instr ge sp (Iexec i') (RBexit p cf) (Iterm i'' cf) -> *) - (* update (Some (p', f)) a = Some (p'', f') -> *) - (* sem (mk_ctx i sp ge) f' (i'', Some cf) *) - (* /\ eval_apred (mk_ctx i sp ge) p'' false. *) - (* Proof. Admitted. *) + + Lemma sem_update_instr_term : + forall f i' i'' a sp i cf p p' p'' f', + sem (mk_ctx i sp ge) f (i', None) -> + step_instr ge sp (Iexec i') (RBexit p cf) (Iterm i'' cf) -> + update (p', f) a = Some (p'', f') -> + sem (mk_ctx i sp ge) f' (i'', Some cf) + /\ eval_predf (is_ps i) p'' = false. + Proof. + Admitted. (* Lemma step_instr_lessdef : *) (* forall sp a i i' ti, *) @@ -1180,12 +1186,12 @@ Proof. induction 2; try rewrite H; eauto with barg. Qed. (* exists ti', step_instr ge sp (Iexec ti) a (Iexec ti') /\ state_lessdef i' ti'. *) (* Proof. Admitted. *) - (* Lemma step_instr_lessdef_term : *) - (* forall sp a i i' ti cf, *) - (* step_instr ge sp (Iexec i) a (Iterm i' cf) -> *) - (* state_lessdef i ti -> *) - (* exists ti', step_instr ge sp (Iexec ti) a (Iterm ti' cf) /\ state_lessdef i' ti'. *) - (* Proof. Admitted. *) + Lemma step_instr_lessdef_term : + forall sp a i i' ti cf, + step_instr ge sp (Iexec i) a (Iterm i' cf) -> + state_lessdef i ti -> + exists ti', step_instr ge sp (Iexec ti) a (Iterm ti' cf) /\ state_lessdef i' ti'. + Proof. Admitted. (* Lemma app_predicated_semregset : forall A ctx o f res r y, @@ -1320,75 +1326,62 @@ Proof. induction 2; try rewrite H; eauto with barg. Qed. (* (* now apply falsy_update. *) *) (* (* Qed. *) Admitted. *) - (* Lemma state_lessdef_sem : *) - (* forall i sp f i' ti cf, *) - (* sem (mk_ctx i sp ge) f (i', cf) -> *) - (* state_lessdef i ti -> *) - (* exists ti', sem (mk_ctx ti sp ge) f (ti', cf) /\ state_lessdef i' ti'. *) - (* Proof. Admitted. *) - - (* Lemma update_Some : *) - (* forall x n y, *) - (* fold_left update x n = Some y -> *) - (* exists n', n = Some n'. *) - (* Proof. *) - (* induction x; crush. *) - (* econstructor; eauto. *) - (* exploit IHx; eauto; simplify. *) - (* unfold update, Option.bind2, Option.bind in H1. *) - (* repeat (destruct_match; try discriminate); econstructor; eauto. *) - (* Qed. *) + Lemma state_lessdef_sem : + forall i sp f i' ti cf, + sem (mk_ctx i sp ge) f (i', cf) -> + state_lessdef i ti -> + exists ti', sem (mk_ctx ti sp ge) f (ti', cf) /\ state_lessdef i' ti'. + Proof. Admitted. (* #[local] Opaque update. *) - (* Lemma abstr_fold_correct : *) - (* forall sp x i i' i'' cf f p f', *) - (* SeqBB.step ge sp (Iexec i') x (Iterm i'' cf) -> *) - (* sem (mk_ctx i sp ge) (snd f) (i', None) -> *) - (* fold_left update x (Some f) = Some (p, f') -> *) - (* forall ti, *) - (* state_lessdef i ti -> *) - (* exists ti', sem (mk_ctx ti sp ge) f' (ti', Some cf) *) - (* /\ state_lessdef i'' ti'. *) - (* Proof. *) - (* induction x; simplify; inv H. *) - (* - destruct f. exploit update_Some; eauto; intros. simplify. *) - (* rewrite H3 in H1. destruct x0. *) - (* exploit IHx; eauto. eapply sem_update_instr; eauto. *) - (* - destruct f. *) - (* exploit state_lessdef_sem; eauto; intros. simplify. *) - (* exploit step_instr_lessdef_term; eauto; intros. simplify. *) - (* inv H6. exploit update_Some; eauto; simplify. destruct x2. *) - (* exploit sem_update_instr_term; eauto; simplify. *) - (* eexists; split. *) - (* eapply abstr_fold_falsy; eauto. *) - (* rewrite H6 in H1. eauto. auto. *) - (* Qed. *) - - (* Lemma sem_regset_empty : *) - (* forall A ctx, @sem_regset A ctx empty (ctx_rs ctx). *) - (* Proof. *) - (* intros; constructor; intros. *) - (* constructor; auto. constructor. *) - (* constructor. *) - (* Qed. *) + Lemma abstr_fold_correct : + forall sp x i i' i'' cf f p f', + SeqBB.step ge sp (Iexec i') x (Iterm i'' cf) -> + sem (mk_ctx i sp ge) (snd f) (i', None) -> + mfold_left update x (Some f) = Some (p, f') -> + forall ti, + state_lessdef i ti -> + exists ti', sem (mk_ctx ti sp ge) f' (ti', Some cf) + /\ state_lessdef i'' ti'. + Proof. + induction x; simplify; inv H. + - destruct f. (* exploit update_Some; eauto; intros. simplify. *) + (* rewrite H3 in H1. destruct x0. *) + (* exploit IHx; eauto. eapply sem_update_instr; eauto. *) + (* - destruct f. *) + (* exploit state_lessdef_sem; eauto; intros. simplify. *) + (* exploit step_instr_lessdef_term; eauto; intros. simplify. *) + (* inv H6. exploit update_Some; eauto; simplify. destruct x2. *) + (* exploit sem_update_instr_term; eauto; simplify. *) + (* eexists; split. *) + (* eapply abstr_fold_falsy; eauto. *) + (* rewrite H6 in H1. eauto. auto. *) + (* Qed. *) Admitted. + + Lemma sem_regset_empty : + forall A ctx, @sem_regset A ctx empty (ctx_rs ctx). + Proof using. + intros; constructor; intros. + constructor; auto. constructor. + constructor. + Qed. - (* Lemma sem_predset_empty : *) - (* forall A ctx, @sem_predset A ctx empty (ctx_ps ctx). *) - (* Proof. *) - (* intros; constructor; intros. *) - (* constructor; auto. constructor. *) - (* constructor. *) - (* Qed. *) + Lemma sem_predset_empty : + forall A ctx, @sem_predset A ctx empty (ctx_ps ctx). + Proof using. + intros; constructor; intros. + constructor; auto. constructor. + Qed. - (* Lemma sem_empty : *) - (* forall A ctx, @sem A ctx empty (ctx_is ctx, None). *) - (* Proof. *) - (* intros. destruct ctx. destruct ctx_is. *) - (* constructor; try solve [constructor; constructor; crush]. *) - (* eapply sem_regset_empty. *) - (* eapply sem_predset_empty. *) - (* Qed. *) + Lemma sem_empty : + forall A ctx, @sem A ctx empty (ctx_is ctx, None). + Proof using. + intros. destruct ctx. destruct ctx_is. + constructor; try solve [constructor; constructor; crush]. + eapply sem_regset_empty. + eapply sem_predset_empty. + Qed. Lemma abstr_sequence_correct : forall sp x i i'' cf x', @@ -1402,10 +1395,9 @@ Proof. induction 2; try rewrite H; eauto with barg. Qed. unfold abstract_sequence. intros. unfold Option.map in H0. destruct_match; try easy. destruct p; simplify. - (* eapply abstr_fold_correct; eauto. *) - (* simplify. eapply sem_empty. *) - (* Qed. *) - Admitted. + eapply abstr_fold_correct; eauto. + simplify. eapply sem_empty. + Qed. Lemma abstr_check_correct : forall sp i i' a b cf ti, diff --git a/src/hls/HTLgen.v b/src/hls/HTLgen.v index bff68a2..6e632b8 100644 --- a/src/hls/HTLgen.v +++ b/src/hls/HTLgen.v @@ -385,7 +385,7 @@ Definition translate_instr (op : Op.operation) (args : list reg) : mon expr := | Op.Ocmp c, _ => translate_condition c args | Op.Osel c AST.Tint, r1::r2::rl => do tc <- translate_condition c rl; - ret (Vternary tc (Vvar r1) (Vvar r2)) + mret (Vternary tc (Vvar r1) (Vvar r2)) | Op.Olea a, _ => translate_eff_addressing a args | _, _ => error (Errors.msg "Htlgen: Instruction not implemented: other") end. diff --git a/src/hls/HTLgenspec.v b/src/hls/HTLgenspec.v index 165fa91..0259be9 100644 --- a/src/hls/HTLgenspec.v +++ b/src/hls/HTLgenspec.v @@ -39,7 +39,7 @@ Require Import vericert.hls.FunctionalUnits. Remark bind_inversion: forall (A B: Type) (f: mon A) (g: A -> mon B) (y: B) (s1 s3: st) (i: st_incr s1 s3), - bind f g s1 = OK y s3 i -> + bind g f s1 = OK y s3 i -> exists x, exists s2, exists i1, exists i2, f s1 = OK x s2 i1 /\ g x s2 = OK y s3 i2. Proof. @@ -53,7 +53,7 @@ Qed. Remark bind2_inversion: forall (A B C: Type) (f: mon (A*B)) (g: A -> B -> mon C) (z: C) (s1 s3: st) (i: st_incr s1 s3), - bind2 f g s1 = OK z s3 i -> + bind2 g f s1 = OK z s3 i -> exists x, exists y, exists s2, exists i1, exists i2, f s1 = OK (x, y) s2 i1 /\ g x y s2 = OK z s3 i2. Proof. @@ -71,9 +71,11 @@ Ltac monadInv1 H := discriminate | (ret _ _ = OK _ _ _) => inversion H; clear H; try subst + | (mret _ _ = OK _ _ _) => + inversion H; clear H; try subst | (error _ _ = OK _ _ _) => discriminate - | (bind ?F ?G ?S = OK ?X ?S' ?I) => + | (bind ?G ?F ?S = OK ?X ?S' ?I) => let x := fresh "x" in ( let s := fresh "s" in ( let i1 := fresh "INCR" in ( @@ -83,7 +85,7 @@ Ltac monadInv1 H := destruct (bind_inversion _ _ F G X S S' I H) as [x [s [i1 [i2 [EQ1 EQ2]]]]]; clear H; try (monadInv1 EQ2))))))) - | (bind2 ?F ?G ?S = OK ?X ?S' ?I) => + | (bind2 ?G ?F ?S = OK ?X ?S' ?I) => let x1 := fresh "x" in ( let x2 := fresh "x" in ( let s := fresh "s" in ( @@ -99,6 +101,7 @@ Ltac monadInv1 H := Ltac monadInv H := match type of H with | (ret _ _ = OK _ _ _) => monadInv1 H + | (mret _ _ = OK _ _ _) => monadInv1 H | (error _ _ = OK _ _ _) => monadInv1 H | (bind ?F ?G ?S = OK ?X ?S' ?I) => monadInv1 H | (bind2 ?F ?G ?S = OK ?X ?S' ?I) => monadInv1 H diff --git a/src/hls/Predicate.v b/src/hls/Predicate.v index 8dbd0f6..6067719 100644 --- a/src/hls/Predicate.v +++ b/src/hls/Predicate.v @@ -178,7 +178,7 @@ Proof. crush. Qed. { equiv := sat_equiv; }. #[global] - Instance PandProper : Proper (equiv ==> equiv ==> equiv) Pand. + Instance PandProper : Proper (SetoidClass.equiv ==> SetoidClass.equiv ==> SetoidClass.equiv) Pand. Proof. unfold Proper. simplify. unfold "==>". intros. -- cgit