 Oct 10, 2011, 7:22:13 PM (10 years ago)
src/common/Values.ma
definition Vfalse: val ≝ Vzero I32.

(* Values split into bytes. Ideally we'd use some kind of sizeof for the
predicates here, but we don't (currently) have a single sizeof for Vundef.
We only split in stages of the compiler where all Vint values are byte sized.
*)

definition ptr_may_be_single : region → bool ≝
λr.match r with [ Data ⇒ true | IData ⇒ true | _ ⇒ false ].

definition may_be_single : val → Prop ≝
λv. match v with
[ Vundef ⇒ True
| Vint _ _ ⇒ True
| Vfloat _ ⇒ False
| Vnull r ⇒ ptr_may_be_single r = true
| Vptr r _ _ _ ⇒ ptr_may_be_single r = true
].

definition may_be_split : val → Prop ≝
λv.match v with
[ Vint _ _ ⇒ False
| Vnull r ⇒ ptr_may_be_single r = false
| Vptr r _ _ _ ⇒ ptr_may_be_single r = false
| _ ⇒ True
].

inductive split_val : Type[0] ≝
 Single : ∀v:val. may_be_single v → split_val
| High : ∀v:val. may_be_split v → split_val
| Low : ∀v:val. may_be_split v → split_val.

notation > "vbox('do' _ ← e; break e')" with precedence 40 for @{'bind ${e} (λ_.${e'})}.
(*
let rec assert_nat_eq (m,n:nat) : res (m = n) ≝
match m return λx.res (x = n) with
[ O ⇒ match n return λx. res (O = x) with [ O ⇒ OK ? (refl ??) | _ ⇒ Error ? ]
| S m' ⇒ match n return λx.res (S m' = x) with [ O ⇒ Error ? | S n' ⇒
do E ← assert_nat_eq m' n';
match E return λx.λ_. res (S m' = S x) with [ refl ⇒ OK ? (refl ??) ] ]
].

definition res_eq_nat : ∀m,n:nat. ∀P:nat → Type[0]. P m → res (P n) ≝
λm,n,P,p.
do E ← assert_nat_eq m n;
match E return λx.λ_. res (P x) with [ refl ⇒ OK ? p ].

definition break : ∀n:nat. val → res (Vector split_val n) ≝
λn,v. match v return λv'. (may_be_single v' → ?) → (may_be_split v' → ?) → ? with
[ Vundef ⇒ λs.λt. res_eq_nat 1 n ? (s I)
| Vint i ⇒ λs.λt. res_eq_nat 1 n ? (s I)
| Vfloat f ⇒ λs.λt. res_eq_nat 2 n ? (t I)
| Vnull r ⇒
match ptr_may_be_single r return λx. (x = true → ?) → (x = false → ?) → ? with
[ true ⇒ λs.λt. res_eq_nat 1 n ? (s (refl ??))
| false ⇒ λs.λt. ?
]
| Vptr r b p o ⇒
match ptr_may_be_single r return λx. (x = true → ?) → (x = false → ?) → ? with
[ true ⇒ λs.λt. res_eq_nat 1 n ? (s (refl ??))
| false ⇒ λs.λt. ?
]
] (λp. [[ Single v p ]]) (λp. [[ Low v p; High v p ]]).
@(res_eq_nat 2 n ? (t (refl ??))) qed. (* XXX: I have no idea why this fails if you do it directly. *)

definition val_eq : val → val → bool ≝
λx,y.
match x with
[ Vundef ⇒ match y with [ Vundef ⇒ true | _ ⇒ false ]
| Vint i ⇒ match y with [ Vint j ⇒ eq i j | _ ⇒ false ]
| Vfloat f ⇒ match y with [ Vfloat f' ⇒ match eq_dec f f' with [ inl _ ⇒ true | _ ⇒ false ] | _ ⇒ false ]
| Vnull r ⇒ match y with [ Vnull r' ⇒ eq_region r r' | _ ⇒ false ]
| Vptr r b p o ⇒ match y with [ Vptr r' b' p' o' ⇒ eq_region r r' ∧ eq_block b b' ∧ eq_offset o o' | _ ⇒ false ]
].

definition merge : ∀n:nat. Vector split_val n → res val ≝
λn,s. match s with
[ VEmpty ⇒ Error ?
| VCons _ h1 t1 ⇒
match t1 with
[ VEmpty ⇒ match h1 with [ Single v _ ⇒ OK ? v | _ ⇒ Error ? ]
| VCons _ h2 t2 ⇒
match t2 with
[ VEmpty ⇒ match h1 with [ Low v _ ⇒ match h2 with [ High v' _ ⇒ if val_eq v v' then OK ? v else Error ? | _ ⇒ Error ? ] | _ ⇒ Error ? ]
| VCons _ _ _ ⇒ Error ?
]
]
].

*)
(** The module [Val] defines a number of arithmetic and logical operations
