Changeset 1640 for src

Timestamp:

Jan 11, 2012, 5:41:45 PM (9 years ago)

Author:

tranquil

Message:

• finished fork of semantics.ma
• unification of Errors under the monad notations brings problems in type checking when res and IO are used together. Needs a lot of annotations, and may break the pre-fork material

Location:

src

Files:

• RTL/RTL_paolo.ma (modified) (7 diffs)
• RTLabs/RTLabsToRTL_paolo.ma (modified) (10 diffs)
• common/AST.ma (modified) (2 diffs)
• common/Errors.ma (modified) (7 diffs)
• common/IOMonad.ma (modified) (4 diffs)
• joint/Joint_paolo.ma (modified) (7 diffs)
• joint/TranslateUtils_paolo.ma (modified) (2 diffs)
• joint/semantics_paolo.ma (added)
• utilities/monad.ma (modified) (7 diffs)
• utilities/option.ma (modified) (2 diffs)
• utilities/proper.ma (modified) (1 diff)

src/RTL/RTL_paolo.ma

@@ -25 +25 @@
   | rtl_st_ext_tailcall_ptr: register → register → list rtl_argument → rtl_statement_extension.
 
-  
-inductive rtl_move : Type[0] ≝
-  | CARRY : bool → rtl_move
-  | REG : register → rtl_argument → rtl_move.
-  
-(* avoid expansion *)
-definition rtl_params : graph_params ≝ mk_graph_params
+definition rtl_params ≝ mk_graph_params (mk_unserialized_params
   (mk_inst_params
     (* acc_a_reg ≝ *) register
@@ -42 +36 @@
     (* dph_arg   ≝ *) rtl_argument
     (* snd_arg   ≝ *) rtl_argument
-    (* operator1 ≝ *) Op1
-    (* operator2 ≝ *) Op2
-    (* pair_move ≝ *) rtl_move
+    (* pair_move ≝ *) (register × rtl_argument)
     (* call_args ≝ *) (list rtl_argument)
     (* call_dest ≝ *) (list register)
@@ -53 +45 @@
       (* resultT ≝ *) (list register)
       (* paramsT ≝ *) (list register))
-      (* localsT ≝ *) (list register)).
+      (* localsT ≝ *) (list register))).
+
+interpretation "move" 'mov r a = (MOVE ? ? (mk_Prod ?? r a)).
 
 (* aid unification *)
@@ -59 +53 @@
 unification hint 0 ≔
 (*---------------*) ⊢
-acc_a_reg (g_inst_pars rtl_params) ≡ register.
+acc_a_reg (u_inst_pars (g_u_pars rtl_params)) ≡ register.
 unification hint 0 ≔
 (*---------------*) ⊢
-acc_b_reg (g_inst_pars rtl_params) ≡ register.
+acc_b_reg (u_inst_pars (g_u_pars rtl_params)) ≡ register.
 unification hint 0 ≔
 (*---------------*) ⊢
-acc_a_arg (g_inst_pars rtl_params) ≡ rtl_argument.
+acc_a_arg (u_inst_pars (g_u_pars rtl_params)) ≡ rtl_argument.
 unification hint 0 ≔
 (*---------------*) ⊢
-acc_b_arg (g_inst_pars rtl_params) ≡ rtl_argument.
+acc_b_arg (u_inst_pars (g_u_pars rtl_params)) ≡ rtl_argument.
 unification hint 0 ≔
 (*---------------*) ⊢
-dpl_reg (g_inst_pars rtl_params) ≡ register.
+dpl_reg (u_inst_pars (g_u_pars rtl_params)) ≡ register.
 unification hint 0 ≔
 (*---------------*) ⊢
-dph_reg (g_inst_pars rtl_params) ≡ register.
+dph_reg (u_inst_pars (g_u_pars rtl_params)) ≡ register.
 unification hint 0 ≔
 (*---------------*) ⊢
-dpl_arg (g_inst_pars rtl_params) ≡ rtl_argument.
+dpl_arg (u_inst_pars (g_u_pars rtl_params)) ≡ rtl_argument.
 unification hint 0 ≔
 (*---------------*) ⊢
-dph_arg (g_inst_pars rtl_params) ≡ rtl_argument.
+dph_arg (u_inst_pars (g_u_pars rtl_params)) ≡ rtl_argument.
 unification hint 0 ≔
 (*---------------*) ⊢
-snd_arg (g_inst_pars rtl_params) ≡ rtl_argument.
+snd_arg (u_inst_pars (g_u_pars rtl_params)) ≡ rtl_argument.
 unification hint 0 ≔
 (*---------------*) ⊢
-operator1 (g_inst_pars rtl_params) ≡ Op1.
+pair_move (u_inst_pars (g_u_pars rtl_params)) ≡ register × rtl_argument.
 unification hint 0 ≔
 (*---------------*) ⊢
-operator2 (g_inst_pars rtl_params) ≡ Op2.
+call_args (u_inst_pars (g_u_pars rtl_params)) ≡ list rtl_argument.
 unification hint 0 ≔
 (*---------------*) ⊢
-pair_move (g_inst_pars rtl_params) ≡ rtl_move.
-unification hint 0 ≔
-(*---------------*) ⊢
-call_args (g_inst_pars rtl_params) ≡ list rtl_argument.
-unification hint 0 ≔
-(*---------------*) ⊢
-call_dest (g_inst_pars rtl_params) ≡ list register.
+call_dest (u_inst_pars (g_u_pars rtl_params)) ≡ list register.
 
-check (λglobals,r.OP2 rtl_params globals Or r r r)
 
 definition rtl_instruction ≝ joint_instruction rtl_params.
-definition rtl_statement ≝ joint_statement rtl_params.
-
-
-definition reg_from_nat : ∀globals.register → ℕ → rtl_instruction globals ≝
-  λglobals,r,k.
-  MOVE rtl_params globals (REG r (imm_nat k)).
-
-definition reg_from_byte : ∀globals.register → Byte → rtl_instruction globals ≝
-  λglobals,r,k.
-  MOVE rtl_params globals (REG r (Imm k)).
-
-definition reg_from_reg : ∀globals.register → register → rtl_instruction globals ≝
-  λglobals,r,k.
-  MOVE … (REG r (Reg k)).
-
-definition set_carry : ∀globals.rtl_instruction globals ≝
-  λglobals.MOVE … (CARRY true).
-
-definition clear_carry : ∀globals.rtl_instruction globals ≝
-  λglobals.MOVE … (CARRY false).
-  
+(* Paolo: can't understand why coercions do not compose implicitly here *)
+definition rtl_statement ≝ joint_statement (rtl_params : params).
 
 definition rtl_internal_function ≝
@@ -136 +104 @@
   | rtlntc_st_ext_call_ptr: register → register → list register → list register → rtlntc_statement_extension.
 
-definition rtlntc_params : graph_params ≝ mk_graph_params
+definition rtlntc_params ≝ mk_graph_params (mk_unserialized_params
   (mk_inst_params
     (* acc_a_reg ≝ *) register
@@ -147 +115 @@
     (* dph_arg   ≝ *) rtl_argument
     (* snd_arg   ≝ *) rtl_argument
-    (* operator1 ≝ *) Op1
-    (* operator2 ≝ *) Op2
-    (* pair_move ≝ *) rtl_move
+    (* pair_move ≝ *) (register × rtl_argument)
     (* call_args ≝ *) (list rtl_argument)
     (* call_dest ≝ *) (list register)
@@ -158 +124 @@
       (* resultT ≝ *) (list register)
       (* paramsT ≝ *) (list register))
-      (* localsT ≝ *) (list register)).
+      (* localsT ≝ *) (list register))).
 
-definition rtlntc_statement ≝ joint_statement rtlntc_params.
+definition rtlntc_statement ≝ joint_statement (rtlntc_params : params).
 
 definition rtlntc_internal_function ≝

src/RTLabs/RTLabsToRTL_paolo.ma

@@ -8 +8 @@
 include alias "ASM/BitVector.ma".
 include alias "arithmetics/nat.ma".
-
-
-(* Paolo: to be moved elsewhere *)
-
-notation "r ← a1 .op. a2" with precedence 50 for
-  @{'op2 $op $r $a1 $a2}.
-notation "r ← . op . a" with precedence 50 for
-  @{'op1 $op $r $a}.
-notation "r ← a" with precedence 50 for
-  @{'mov $r $a}.
-notation "❮r, s❯ ← a1 . op . a2" with precedence 50 for
-  @{'opaccs $op $r $s $a1 $a2}.
-
-interpretation "op2" 'op2 op r a1 a2 = (OP2 ? ? op r a1 a2).
-interpretation "op1" 'op1 op r a = (OP1 ? ? op r a).
-interpretation "move" 'mov r a = (MOVE ? ? (REG r a)).
-interpretation "opaccs" 'opaccs op r s a1 a2 = (OPACCS ? ? op r s a1 a2).
 
 
@@ -141 +124 @@
     eqb m n = true → m = n.
     #m#n@eqb_elim // #_ #F destruct(F) qed. 
-    
+
 definition translate_op:
   ∀globals. Op2 →
@@ -161 +144 @@
   (* first, clear carry if op relies on it *)
   match op with
-  [ Addc ⇒ [clear_carry ?]
-  | Sub ⇒ [clear_carry ?]
+  [ Addc ⇒ [CLEAR_CARRY ??]
+  | Sub ⇒ [CLEAR_CARRY ??]
   | _ ⇒ [ ]
   ] @ 
@@ -228 +211 @@
       match split_into_bytes size const with
       [ mk_Sig bytes bytes_length_proof ⇒
-        map2 … (reg_from_byte globals)  destrs bytes ?
+        map2 … (λr.λb : Byte.r ← (b : rtl_argument)) destrs bytes ?
       ]
     | Ofloatconst float ⇒ λ_.⊥
@@ -374 +357 @@
     | cons srcr srcrs' ⇒
       let f : register → rtl_instruction globals ≝
-        λr. OP2 ?? Or destr (Reg destr) (Reg r) in
-      reg_from_reg … srcr destr ::
+        λr. destr ← destr .Or. r in
+      MOVE rtl_params globals 〈destr,srcr〉 ::
       map … f srcrs' @
       (* now destr is non-null iff srcrs was non-null *)
-      clear_carry … ::
+      CLEAR_CARRY ? ? ::
       (* many uses of 0, better not use immediates *)
       ν tmp in
@@ -420 +403 @@
   ]
 qed.
+
+include alias "arithmetics/nat.ma".
 
 let rec range_strong_internal (start : ℕ) (count : ℕ)
@@ -615 +600 @@
           acc in
         let epilogue : list (rtl_instruction globals) ≝
-          [ clear_carry … ;
+          [ CLEAR_CARRY … ;
             tmpr ← 0 .Sub. destr ;
             (* now carry bit is 1 iff destrs != 0 *)
@@ -782 +767 @@
   | cons srcr srcrs' ⇒
     ν tmpr in
-    let f ≝ λr. OP2 rtl_params globals Or tmpr (Reg tmpr) (Reg r) in 
-    reg_from_reg globals tmpr srcr ::
+    let f : register → rtl_instruction globals ≝
+      λr. tmpr ← tmpr .Or. r in 
+    MOVE rtl_params globals 〈tmpr,srcr〉 ::
     map … f srcrs' @
-    [ COND … tmpr lbl_true ]
+    [ COND ?? tmpr lbl_true ]
   ].
 
@@ -926 +912 @@
   let 〈lenv,runiverse〉 ≝ initialize_local_env runiverse
     (f_params def @ f_locals def) (f_result def) in
-  let params ≝ map_list_local_env lenv (map … \fst (f_params def)) in
+  let parameters ≝ map_list_local_env lenv (map … \fst (f_params def)) in
   let locals ≝ map_list_local_env lenv (map … \fst (f_locals def)) in
   let result ≝
@@ -939 +925 @@
   let runiverse' ≝ runiverse in
   let result' ≝ result in
-  let params' ≝ params in
+  let params' ≝ parameters in
   let locals' ≝ locals in
   let stack_size' ≝ f_stacksize def in
   let entry' ≝ f_entry def in
   let exit' ≝ f_exit def in
-  let graph' ≝ add LabelTag ? (empty_map LabelTag ?) entry' (GOTO rtl_params globals entry') in
-  let graph' ≝ add LabelTag ? graph' exit' (RETURN rtl_params globals) in
+  let graph' ≝ add LabelTag ? (empty_map LabelTag ?) entry'
+    (GOTO (rtl_params : params) globals entry') in
+  let graph' ≝ add LabelTag ? graph' exit'
+    (RETURN (rtl_params : params) globals) in
   let res ≝
     mk_joint_internal_function globals rtl_params luniverse' runiverse' result' params'

src/common/AST.ma

@@ -196 +196 @@
 
 lemma typesize_pos: ∀ty. typesize ty > 0.
-*; try *; try * /2/ qed.
+*; try *; try * /2 by le_n/ qed.
 
 lemma typ_eq: ∀t1,t2: typ. (t1=t2) + (t1≠t2).
@@ -343 +343 @@
 definition map_partial : ∀A,B,C:Type[0]. (B → res C) →
                          list (A × B) → res (list (A × C)) ≝
-λA,B,C,f. mmap ?? (λab. let 〈a,b〉 ≝ ab in do c ← f b; OK ? 〈a,c〉).
+λA,B,C,f. m_mmap ??? (λab. let 〈a,b〉 ≝ ab in do c ← f b; OK ? 〈a,c〉).
 
 lemma map_partial_preserves_first:

src/common/Errors.ma

@@ -19 +19 @@
 include "common/PreIdentifiers.ma".
 include "basics/russell.ma".
+include "utilities/monad.ma".
 
 (* * Error reporting and the error monad. *)
@@ -48 +49 @@
 (*Implicit Arguments Error [A].*)
 
-(* * To automate the propagation of errors, we use a monadic style
-  with the following [bind] operation. *)
-
-definition bind ≝ λA,B:Type[0]. λf: res A. λg: A → res B.
-  match f with
-  [ OK x ⇒ g x
-  | Error msg ⇒ Error ? msg
-  ].
-
-definition bind2 ≝ λA,B,C: Type[0]. λf: res (A × B). λg: A → B → res C.
-  match f with
-  [ OK v ⇒ g (fst … v) (snd … v)
-  | Error msg => Error ? msg
-  ].
-
-definition bind3 ≝ λA,B,C,D: Type[0]. λf: res (A × B × C). λg: A → B → C → res D.
-  match f with
-  [ OK v ⇒ g (fst … (fst … v)) (snd … (fst … v)) (snd … v)
-  | Error msg => Error ? msg
-  ].
-  
-(* Not sure what level to use *)
-notation > "vbox('do' ident v ← e; break e')" with precedence 40 for @{'bind ${e} (λ${ident v}.${e'})}.
-notation > "vbox('do' ident v : ty ← e; break e')" with precedence 40 for @{'bind ${e} (λ${ident v} : ${ty}.${e'})}.
-notation < "vbox('do' \nbsp ident v ← e; break e')" with precedence 40 for @{'bind ${e} (λ${ident v}.${e'})}.
-notation < "vbox('do' \nbsp ident v : ty ← e; break e')" with precedence 40 for @{'bind ${e} (λ${ident v} : ${ty}.${e'})}.
-interpretation "error monad bind" 'bind e f = (bind ?? e f).
-notation > "vbox('do' 〈ident v1, ident v2〉 ← e; break e')" with precedence 40 for @{'bind2 ${e} (λ${ident v1}.λ${ident v2}.${e'})}.
-notation > "vbox('do' 〈ident v1 : ty1, ident v2 : ty2〉 ← e; break e')" with precedence 40 for @{'bind2 ${e} (λ${ident v1} : ${ty1}.λ${ident v2} : ${ty2}.${e'})}.
-notation < "vbox('do' \nbsp 〈ident v1, ident v2〉 ← e; break e')" with precedence 40 for @{'bind2 ${e} (λ${ident v1}.λ${ident v2}.${e'})}.
-notation < "vbox('do' \nbsp 〈ident v1 : ty1, ident v2 : ty2〉 ← e; break e')" with precedence 40 for @{'bind2 ${e} (λ${ident v1} : ${ty1}.λ${ident v2} : ${ty2}.${e'})}.
-interpretation "error monad Prod bind" 'bind2 e f = (bind2 ??? e f).
-notation > "vbox('do' 〈ident v1, ident v2, ident v3〉 ← e; break e')" with precedence 40 for @{'bind3 ${e} (λ${ident v1}.λ${ident v2}.λ${ident v3}.${e'})}.
-notation > "vbox('do' 〈ident v1 : ty1, ident v2 : ty2, ident v3 : ty3〉 ← e; break e')" with precedence 40 for @{'bind3 ${e} (λ${ident v1} : ${ty1}.λ${ident v2} : ${ty2}.λ${ident v3} : ${ty3}.${e'})}.
-notation < "vbox('do' \nbsp 〈ident v1, ident v2, ident v3〉 ← e; break e')" with precedence 40 for @{'bind3 ${e} (λ${ident v1}.λ${ident v2}.λ${ident v3}.${e'})}.
-notation < "vbox('do' \nbsp 〈ident v1 : ty1, ident v2 : ty2, ident v3 : ty3〉 ← e; break e')" with precedence 40 for @{'bind3 ${e} (λ${ident v1} : ${ty1}.λ${ident v2} : ${ty2}.λ${ident v3} : ${ty3}.${e'})}.
-interpretation "error monad triple bind" 'bind3 e f = (bind3 ???? e f).
-(*interpretation "error monad ret" 'ret e = (ret ? e).
-notation "'ret' e" non associative with precedence 45 for @{'ret ${e}}.*)
-
-(* Dependent pair version. *)
+definition Res : Monad ≝ MakeMonad (mk_MonadDefinition
+  (* the monad *)
+  res
+  (* return *)
+  (λX.OK X)
+  (* bind *)
+  (λX,Y,m,f. match m with [ OK x ⇒ f x | Error msg ⇒ Error ? msg])
+  ???).
+//
+[(* bind_bind *)
+ #X#Y#Z*normalize //
+|(* bind_ret *)
+ #X*normalize //
+]
+qed.
+
+include "hints_declaration.ma".
+unification hint 0 ≔ X;
+M ≟ m_def Res
+(*---------------*) ⊢
+res X ≡ monad M X
+.
+
+(*(* Dependent pair version. *)
 notation > "vbox('do' « ident v , ident p » ← e; break e')" with precedence 40
   for @{ bind ?? ${e} (λ${fresh x}.match ${fresh x} with [ mk_Sig ${ident v} ${ident p} ⇒ ${e'} ]) }.
@@ -110 +94 @@
 
 notation > "vbox('do' «ident v1, ident v2, ident H» ← e; break e')" with precedence 40 for @{'sigbind2 ${e} (λ${ident v1}.λ${ident v2}.λ${ident H}.${e'})}.
-interpretation "error monad sig Prod bind" 'sigbind2 e f = (sigbind2 ???? e f).
-
-(*
-(** The [do] notation, inspired by Haskell's, keeps the code readable. *)
-
-Notation "'do' X <- A ; B" := (bind A (fun X => B))
- (at level 200, X ident, A at level 100, B at level 200)
- : error_monad_scope.
-
-Notation "'do' ( X , Y ) <- A ; B" := (bind2 A (fun X Y => B))
- (at level 200, X ident, Y ident, A at level 100, B at level 200)
- : error_monad_scope.
-*)
-lemma bind_inversion:
+interpretation "error monad sig Prod bind" 'sigbind2 e f = (sigbind2 ???? e f).*)
+
+lemma res_bind_inversion:
   ∀A,B: Type[0]. ∀f: res A. ∀g: A → res B. ∀y: B.
-  bind ?? f g = OK ? y →
-  ∃x. f = OK ? x ∧ g x = OK ? y.
-#A #B #f #g #y cases f; 
-[ #a #e %{a} whd in e:(??%?); /2/;
-| #m #H whd in H:(??%?); destruct (H);
+  (f »= g = return y) →
+  ∃x. (f = return x) ∧ (g x = return y).
+#A #B #f #g #y cases f normalize 
+[ #a #e %{a} /2 by conj/
+| #m #H destruct (H)
 ] qed.
 
 lemma bind2_inversion:
   ∀A,B,C: Type[0]. ∀f: res (A×B). ∀g: A → B → res C. ∀z: C.
-  bind2 ??? f g = OK ? z →
-  ∃x. ∃y. f = OK ? 〈x, y〉 ∧ g x y = OK ? z.
-#A #B #C #f #g #z cases f;
-[ #ab cases ab; #a #b #e %{a} %{b} whd in e:(??%?); /2/;
-| #m #H whd in H:(??%?); destruct
+  m_bind2 ???? f g = return z →
+  ∃x. ∃y. f = return 〈x, y〉 ∧ g x y = return z.
+#A #B #C #f #g #z cases f normalize
+[ * #a #b normalize #e %{a} %{b} /2 by conj/
+| #m #H destruct (H)
 ] qed. 
 
 (*
-Open Local Scope error_monad_scope.
-
-(** This is the familiar monadic map iterator. *)
-*)
-
-let rec mmap (A, B: Type[0]) (f: A → res B) (l: list A) on l : res (list B) ≝
-  match l with
-  [ nil ⇒ OK ? []
-  | cons hd tl ⇒ do hd' ← f hd; do tl' ← mmap ?? f tl; OK ? (hd'::tl')
-  ].
-
-(* And mmap coupled with proofs. *)
-
-let rec mmap_sigma (A,B:Type[0]) (P:B → Prop) (f:A → res (Σx:B.P x)) (l:list A) on l : res (Σl':list B.All B P l') ≝
-match l with
-[ nil ⇒ OK ? «nil B, ?»
-| cons h t ⇒ 
-    do h' ← f h;
-    do t' ← mmap_sigma A B P f t;
-    OK ? «cons B h' t', ?»
-].
-whd // %
-[ @(pi2 … h')
-| cases t' #l' #p @p
-] qed.
+Open Local Scope error_monad_scope.*)
 
 (*
@@ -189 +138 @@
     [ nil ⇒ x
     | cons hd tl ⇒
-       do x ← x ;
+       ! x ← x ;
        mfold_left_i_aux A B f (f i x hd) (S i) tl
     ].
@@ -213 +162 @@
     [ nil ⇒ Error ? (msg WrongLength)
     | cons hd' tl' ⇒
-       do accu ← accu;
+       ! accu ← accu;
        mfold_left2 … f (f accu hd hd') tl tl'
     ]
@@ -301 +250 @@
   ] (refl ? f).
 
-notation > "vbox('do' ident v 'as' ident E ← e; break e')" with precedence 40 for @{ bind_eq ?? ${e} (λ${ident v}.λ${ident E}.${e'})}.
+notation > "vbox('!' ident v 'as' ident E ← e; break e')" with precedence 40 for @{ bind_eq ?? ${e} (λ${ident v}.λ${ident E}.${e'})}.
 
 definition bind2_eq ≝ λA,B,C:Type[0]. λf: res (A×B). λg: ∀a:A.∀b:B. f = OK ? 〈a,b〉 → res C.
@@ -309 +258 @@
   ] (refl ? f).
 
-notation > "vbox('do' 〈ident v1, ident v2〉 'as' ident E ← e; break e')" with precedence 40 for @{ bind2_eq ??? ${e} (λ${ident v1}.λ${ident v2}.λ${ident E}.${e'})}.
+notation > "vbox('!' 〈ident v1, ident v2〉 'as' ident E ← e; break e')" with precedence 40 for @{ bind2_eq ??? ${e} (λ${ident v1}.λ${ident v2}.λ${ident E}.${e'})}.
 
 definition res_to_opt : ∀A:Type[0]. res A → option A ≝

src/common/IOMonad.ma

@@ -8 +8 @@
 | Value : T → IO output input T
 | Wrong : errmsg → IO output input T.
+
+include "utilities/proper.ma".
+(* a weak form of extensionality *)
+axiom interact_proper :
+  ∀O,I,T,o.∀f,g : I o → IO O I T.(∀i. f i = g i) → Interact … o f = Interact … o g.
 
 let rec bindIO (O:Type[0]) (I:O → Type[0]) (T,T':Type[0]) (v:IO O I T) (f:T → IO O I T') on v : IO O I T' ≝
@@ -16 +21 @@
 ].
 
-let rec bindIO2 (O:Type[0]) (I:O → Type[0]) (T1,T2,T':Type[0]) (v:IO O I (T1×T2)) (f:T1 → T2 → IO O I T') on v : IO O I T' ≝
-match v with
-[ Interact out k ⇒ (Interact ??? out (λres. bindIO2 ?? T1 T2 T' (k res) f))
-| Value v' ⇒ let 〈v1,v2〉 ≝ v' in f v1 v2
-| Wrong m ⇒ Wrong ?? T' m
-].
+include "utilities/monad.ma".
+
+definition IOMonad ≝ λO,I.
+  MakeMonad (mk_MonadDefinition
+  (* the monad *)
+  (IO O I)
+  (* return *)
+  (λX.Value … X)
+  (* bind *)
+  (bindIO O I)
+  ???). / by /
+[(* bind_bind *)
+ #X#Y#Z#m#f#g elim m normalize [2,3://]
+ (* Interact *)
+  #o#f #Hi @interact_proper //
+|(* bind_ret *)
+ #X#m elim m normalize // #o#f#Hi @interact_proper //
+]
+qed.
+
+definition bindIO2 ≝ λO,I. m_bind2 (IOMonad O I).
+
+include "hints_declaration.ma".
+
+unification hint 0 ≔ O, I, T;
+  N ≟ IOMonad O I, M ≟ m_def N
+(*******************************************) ⊢
+  IO O I T ≡ monad M T
+.
+
 
 definition err_to_io : ∀O,I,T. res T → IO O I T ≝
 λO,I,T,v. match v with [ OK v' ⇒ Value O I T v' | Error m ⇒ Wrong O I T m ].
+
 coercion err_to_io : ∀O,I,A.∀c:res A.IO O I A ≝ err_to_io on _c:res ? to IO ???.
+
 definition err_to_io_sig : ∀O,I,T.∀P:T → Prop. res (Sig T P) → IO O I (Sig T P) ≝
 λO,I,T,P,v. match v with [ OK v' ⇒ Value O I (Sig T P) v' | Error m ⇒ Wrong O I (Sig T P) m ].
 (*coercion err_to_io_sig : ∀O,I,A.∀P:A → Prop.∀c:res (Sig A P).IO O I (Sig A P) ≝ err_to_io_sig on _c:res (Sig ??) to IO ?? (Sig ??).*)
 
-
-(* If the original definitions are vague enough, do I need to do this? *)
-notation > "! ident v ← e; e'" with precedence 40 for @{'bindIO ${e} (λ${ident v}.${e'})}.
-notation > "! ident v : ty ← e; e'" with precedence 40 for @{'bindIO ${e} (λ${ident v} : ${ty}.${e'})}.
-notation < "vbox(! \nbsp ident v ← e; break e')" with precedence 40 for @{'bindIO ${e} (λ${ident v}.${e'})}.
-notation < "vbox(! \nbsp ident v : ty ← e; break e')" with precedence 40 for @{'bindIO ${e} (λ${ident v} : ${ty}.${e'})}.
-notation > "! 〈ident v1, ident v2〉 ← e; e'" with precedence 40 for @{'bindIO2 ${e} (λ${ident v1}.λ${ident v2}.${e'})}.
-notation > "! 〈ident v1 : ty1, ident v2 : ty2〉 ← e; e'" with precedence 40 for @{'bindIO2 ${e} (λ${ident v1} : ${ty1}.λ${ident v2} : ${ty2}.${e'})}.
-notation < "vbox(! \nbsp 〈ident v1, ident v2〉 ← e; break e')" with precedence 40 for @{'bindIO2 ${e} (λ${ident v1}.λ${ident v2}.${e'})}.
-notation < "vbox(! \nbsp 〈ident v1 : ty1, ident v2 : ty2〉 ← e; break e')" with precedence 40 for @{'bindIO2 ${e} (λ${ident v1} : ${ty1}.λ${ident v2} : ${ty2}.${e'})}.
-interpretation "IO monad bind" 'bindIO e f = (bindIO ???? e f).
-interpretation "IO monad Prod bind" 'bindIO2 e f = (bindIO2 ????? e f).
-(**)
 let rec P_io O I (A:Type[0]) (P:A → Prop) (v:IO O I A) on v : Prop ≝
 match v return λ_.Prop with
@@ -176 +194 @@
 
 (* Is there a way to prove this without extensionality? *)
-
+(*
 lemma bind_assoc_r: ∀O,I,A,B,C,e,f,g.
   ∀ext:(∀T1,T2:Type[0].∀f,f':T1 → T2.(∀x.f x = f' x) → f = f').
@@ -186 +204 @@
 | #m @refl
 ] qed.
+*)
+definition bind_assoc_r ≝ λO,I.m_bind_bind (IOMonad O I).
 
 (*

src/joint/Joint_paolo.ma

@@ -6 +6 @@
 
 (* Here is the structure of parameter records (downward edges are coercions,
-   the ¦ edge is the only explicitly defined coercion):
-
-       _____graph_params___
-      /           ¦        \
-     /         params       \
-    /         /      \      |
-   / stmt_params      local_params
-   \    |                  |
+   the ↓ edges are the only explicitly defined coercions). lin_params and
+   graph_params are simple wrappers of unserialized_params, and the coercions
+   from them to params instantiate the missing bits with values for linarized
+   programs and graph programs respectively. 
+
+        lin_params      graph_params
+          |       \_____ /____   |
+          |             /     \  |
+          \_______     /      ↓  ↓
+                  \   _\____ params
+                   \_/  \      |
+                    / \  \     ↓
+              _____/   unserialized_params
+             /      _______/   | 
+            /      /           | 
+     stmt_params  /   local_params
+        |      __/             |
     inst_params       funct_params
 
@@ -34 +43 @@
  ; dph_arg: Type[0]   (* high address registers *)
  ; snd_arg : Type[0]  (* second argument of binary op *)
- ; operator1 : Type[0] (* = Op1 in all but RTLabs *)
- ; operator2 : Type[0] (* = Op2 in all but RTLabs *)
  ; pair_move: Type[0] (* argument of move instructions *)
  ; call_args: Type[0] (* arguments of function calls *)
@@ -51 +58 @@
   | ADDRESS: ∀i: ident. (member i (eq_identifier ?) globals) → dpl_reg p → dph_reg p → joint_instruction p globals
   | OPACCS: OpAccs → acc_a_reg p → acc_b_reg p → acc_a_arg p → acc_b_arg p → joint_instruction p globals
-  | OP1: operator1 p → acc_a_reg p → acc_a_reg p → joint_instruction p globals
-  | OP2: operator2 p → acc_a_reg p → acc_a_arg p → snd_arg p → joint_instruction p globals
-  (* int, clear and set carry can be done with generic move *)
-(*| INT: generic_reg p → Byte → joint_instruction p globals
+  | OP1: Op1 → acc_a_reg p → acc_a_reg p → joint_instruction p globals
+  | OP2: Op2 → acc_a_reg p → acc_a_arg p → snd_arg p → joint_instruction p globals
+  (* int done with generic move *)
+(*| INT: generic_reg p → Byte → joint_instruction p globals *)
   | CLEAR_CARRY: joint_instruction p globals
-  | SET_CARRY: joint_instruction p globals *)
+  | SET_CARRY: joint_instruction p globals
   | LOAD: acc_a_reg p → dpl_arg p → dph_arg p → joint_instruction p globals
   | STORE: dpl_arg p → dph_arg p → acc_a_arg p → joint_instruction p globals
@@ -62 +69 @@
   | COND: acc_a_reg p → label → joint_instruction p globals
   | extension: extend_statements p → joint_instruction p globals.
+
+(* Paolo: to be moved elsewhere *)
+
+notation "r ← a1 .op. a2" with precedence 50 for
+  @{'op2 $op $r $a1 $a2}.
+notation "r ← . op . a" with precedence 50 for
+  @{'op1 $op $r $a}.
+notation "r ← a" with precedence 50 for
+  @{'mov $r $a}. (* to be set in individual languages *)
+notation "❮r, s❯ ← a1 . op . a2" with precedence 50 for
+  @{'opaccs $op $r $s $a1 $a2}.
+
+interpretation "op2" 'op2 op r a1 a2 = (OP2 ? ? op r a1 a2).
+interpretation "op1" 'op1 op r a = (OP1 ? ? op r a).
+interpretation "opaccs" 'opaccs op r s a1 a2 = (OPACCS ? ? op r s a1 a2).
+
+
 
 definition inst_forall_labels : ∀p : inst_params.∀globals.
@@ -70 +94 @@
   | _ ⇒ True
  ].
-
-record stmt_params : Type[1] ≝
-  { inst_pars :> inst_params
-  ; succ : Type[0]
-  ; succ_choice : (succ = label) + (succ = unit)
-  }.
-
-inductive joint_statement (p: stmt_params) (globals: list ident): Type[0] ≝
-  | sequential: joint_instruction p globals → succ p → joint_statement p globals
-  | GOTO: label → joint_statement p globals
-  | RETURN: joint_statement p globals.
-
-(* for all labels in statement. Uses succ_choice to consider the successor of
-   a statement when such successors are labels *)
-definition stmt_forall_labels : ∀p : stmt_params.∀globals.
-    (label → Prop) → joint_statement p globals → Prop.
-*#i_pr#succ#succ_choice#globals#P*
-[#instr cases succ_choice #eq >eq #next
-  [@(inst_forall_labels … P instr ∧ P next)
-  |@(inst_forall_labels … P instr)
-  ]
-|@P
-|@True
-]qed.
 
 record funct_params : Type[1] ≝
@@ -105 +105 @@
  }.
 
+record unserialized_params : Type[1] ≝
+ { u_inst_pars :> inst_params
+ ; u_local_pars :> local_params
+ }.
+
+record stmt_params : Type[1] ≝
+  { unserialized_pars :> unserialized_params
+  ; succ : Type[0]
+  ; succ_forall_labels : (label → Prop) → succ → Prop
+  }. 
+
+inductive joint_statement (p: stmt_params) (globals: list ident): Type[0] ≝
+  | sequential: joint_instruction p globals → succ p → joint_statement p globals
+  | GOTO: label → joint_statement p globals
+  | RETURN: joint_statement p globals.
+
 record params : Type[1] ≝
  { stmt_pars :> stmt_params
- ; local_pars :> local_params
  ; codeT: list ident → Type[0]
  ; lookup: ∀globals.codeT globals → label → option (joint_statement stmt_pars globals)
  }.
 
+
+(* for all labels in statement. Uses succ_choice to consider the successor of
+   a statement when such successors are labels *)
+definition stmt_forall_labels : ∀p : stmt_params.∀globals.
+    (label → Prop) → joint_statement p globals → Prop ≝
+  λp,g,P,stmt. match stmt with
+  [ sequential inst next ⇒ inst_forall_labels p g P inst ∧ succ_forall_labels p P next
+  | GOTO l ⇒ P l
+  | RETURN ⇒ True
+  ].
+
+record lin_params : Type[1] ≝
+  { l_u_pars :> unserialized_params }.
+
+include "utilities/option.ma".
+
+definition lin_params_to_params ≝
+  λlp : lin_params. mk_params
+    (mk_stmt_params lp unit (λ_.λ_.True))
+    (* codeT ≝ *)(λglobals.list ((option label) × (joint_statement ? globals)))
+    (* lookup ≝ *)(λglobals,code,lbl.find ??
+        (λl_stmt. let 〈lbl_opt, stmt〉 ≝ l_stmt in
+          ! lbl' ← lbl_opt ;
+          if eq_identifier … lbl lbl' then return stmt else None ?) code).
+
+coercion lp_to_p : ∀lp : lin_params.params ≝ lin_params_to_params
+  on _lp : lin_params to params.
+
 record graph_params : Type[1] ≝
- { g_inst_pars :> inst_params
- ; g_local_pars :> local_params
- }.
+  { g_u_pars :> unserialized_params }.
+
+include alias "common/Graphs.ma". (* To pick the right lookup *)
+
+(* One common instantiation of params via Graphs of joint_statements
+   (all languages but LIN) *)
+definition graph_params_to_params ≝
+  λgp : graph_params. mk_params
+    (mk_stmt_params gp label (λP.P))
+    (* codeT ≝ *)(λglobals.graph (joint_statement ? globals))
+    (* lookup ≝ *)(λglobals.lookup …).
+    
+coercion gp_to_p : ∀gp:graph_params.params ≝ λgp.graph_params_to_params gp
+on _gp : graph_params to params.
+   
 
 definition labels_present : ∀p : params.∀globals.
@@ -130 +185 @@
     forall_stmts … (labels_present … code) code.
 
-include alias "common/Graphs.ma". (* To pick the right lookup *)
-
-
-(* One common instantiation of params via Graphs of joint_statements
-   (all languages but LIN) *)
-definition params_of_graph_params: graph_params → params ≝
- λgp.
-  let stmt_pars ≝ mk_stmt_params gp label (inl … (refl …)) in
-  mk_params
-   stmt_pars
-   gp
-   (* codeT ≝ *)(λglobals.graph (joint_statement stmt_pars globals))
-   (λglobals.lookup …).
-   
-coercion graph_params_to_params :
-  ∀gp : graph_params.params ≝
-    λgp.params_of_graph_params gp
-    on _gp : graph_params to params.
-
 (* CSC: special case where localsT is a list of registers (RTL and ERTL) *)
-definition rtl_ertl_params ≝ λinst_pars,funct_pars.
-  params_of_graph_params (mk_graph_params inst_pars (mk_local_params funct_pars (list register))).
+definition rtl_ertl_params : ?→?→params ≝ λinst_pars,funct_pars.
+  (mk_graph_params (mk_unserialized_params inst_pars (mk_local_params funct_pars (list register)))).
 
 record joint_internal_function (globals: list ident) (p:params) : Type[0] ≝

src/joint/TranslateUtils_paolo.ma

@@ -104 +104 @@
   joint_internal_function globals dst_g_pars ≝ 
   λsrc_g_pars,dst_g_pars,globals,registerT,fresh_reg,trans,empty,def.
-  let f : label → joint_statement src_g_pars globals →
+  let f : label → joint_statement (src_g_pars : params) globals →
     joint_internal_function globals dst_g_pars → joint_internal_function globals dst_g_pars ≝ 
     λlbl,stmt,def.
@@ -128 +128 @@
   joint_internal_function … dst_g_pars ≝ 
   λsrc_g_pars,dst_g_pars,globals,trans,empty,def.
-  let f : label → joint_statement src_g_pars globals →
+  let f : label → joint_statement (src_g_pars : params) globals →
     joint_internal_function … dst_g_pars → joint_internal_function … dst_g_pars ≝ 
     λlbl,stmt,def.

src/utilities/monad.ma

@@ -3 +3 @@
 include "utilities/setoids.ma".
 include "utilities/proper.ma".
-
+ 
 record MonadDefinition : Type[1] ≝ {
   monad : Type[0] → Type[0] ;
@@ -37 +37 @@
   with precedence 48 for @{'m_bind ${e} (λ_. ${e'})}.
 notation > "! ident v ← e; e'"
-  with precedence 48 for @{'m_bind ${e} (λ${ident v}. ${e'})}.
+  with precedence 48 for @{'m_bind' (λ${ident v}. ${e'}) ${e}}.
 notation > "! ident v : ty ← e; e'"
   with precedence 48 for @{'m_bind ${e} (λ${ident v} : ${ty}. ${e'})}.
 notation < "vbox(! \nbsp ident v ← e ; break e')"
   with precedence 48 for @{'m_bind ${e} (λ${ident v}.${e'})}.
+notation > "! ident v ← e : ty ; e'"
+  with precedence 48 for @{'m_bind (${e} : ${ty}) (λ${ident v}.${e'})}.
 notation < "vbox(! \nbsp ident v : ty ← e ; break e')"
   with precedence 48 for @{'m_bind ${e} (λ${ident v} : ${ty}. ${e'})}.
+notation > "! ident v : ty ← e : ty' ; e'"
+  with precedence 48 for @{'m_bind (${e} : ${ty'}) (λ${ident v} : ${ty}. ${e'})}.
 notation > "! 〈ident v1, ident v2〉 ← e ; e'"
   with precedence 48 for @{'m_bind2 ${e} (λ${ident v1}. λ${ident v2}. ${e'})}.
@@ -52 +56 @@
 notation < "vbox(! \nbsp 〈ident v1 : ty1, ident v2 : ty2〉 ← e ; break e')"
   with precedence 48 for @{'m_bind2 ${e} (λ${ident v1} : ${ty1}. λ${ident v2} : ${ty2}. ${e'})}.
+notation > "! 〈ident v1, ident v2, ident v3〉 ← e ; e'"
+  with precedence 48 for @{'m_bind3 ${e} (λ${ident v1}. λ${ident v2}. λ${ident v3}. ${e'})}.
+notation > "! 〈ident v1 : ty1, ident v2 : ty2, ident v3 : ty3〉 ← e ; e'"
+  with precedence 48 for @{'m_bind3 ${e} (λ${ident v1} : ${ty1}. λ${ident v2} : ${ty2}. λ${ident v3} : ${ty3}. ${e'})}.
+notation < "vbox(! \nbsp 〈ident v1, ident v2, ident v3〉 ← e ; break e')"
+  with precedence 48 for @{'m_bind3 ${e} (λ${ident v1}. λ${ident v2}. λ${ident v3}. ${e'})}.
+notation < "vbox(! \nbsp 〈ident v1 : ty1, ident v2 : ty2, ident v3 : ty3〉 ← e ; break e')"
+  with precedence 48 for @{'m_bind3 ${e} (λ${ident v1} : ${ty1}. λ${ident v2} : ${ty2}. λ${ident v3} : ${ty3}. ${e'})}.
+
+ 
+(* "do" alternative notation for backward compatibility *)
+notation > "'do' ident v ← e; e'"
+  with precedence 48 for @{'m_bind ${e} (λ${ident v}. ${e'})}.
+notation > "'do' ident v : ty ← e; e'"
+  with precedence 48 for @{'m_bind ${e} (λ${ident v} : ${ty}. ${e'})}.
+notation > "'do' 〈ident v1, ident v2〉 ← e ; e'"
+  with precedence 48 for @{'m_bind2 ${e} (λ${ident v1}. λ${ident v2}. ${e'})}.
+notation > "'do' 〈ident v1 : ty1, ident v2 : ty2〉 ← e ; e'"
+  with precedence 48 for @{'m_bind2 ${e} (λ${ident v1} : ${ty1}. λ${ident v2} : ${ty2}. ${e'})}.
+notation > "'do' 〈ident v1, ident v2, ident v3〉 ← e ; e'"
+  with precedence 48 for @{'m_bind3 ${e} (λ${ident v1}. λ${ident v2}. λ${ident v3}. ${e'})}.
+notation > "'do' 〈ident v1 : ty1, ident v2 : ty2, ident v3 : ty3〉 ← e ; e'"
+  with precedence 48 for @{'m_bind3 ${e} (λ${ident v1} : ${ty1}. λ${ident v2} : ${ty2}. λ${ident v3} : ${ty3}. ${e'})}.
   
-notation > "'return' t" with precedence 30 for @{'m_return $t}.
-notation < "'return' \nbsp t" with precedence 30 for @{'m_return $t}.
-
-(*
-notation > "!!_ e; e'"
-  with precedence 40 for @{'sm_bind ${e} (λ_.${e'})}.
-notation > "!! ident v ← e; e'"
-  with precedence 40 for @{'sm_bind ${e} (λ${ident v}.${e'})}.
-notation > "!! ident v : ty ← e; e'"
-  with precedence 40 for @{'sm_bind ${e} (λ${ident v} : ${ty}.${e'})}.
-notation < "vbox(!!  ident v ← e; break e')"
-  with precedence 40 for @{'sm_bind ${e} (λ${ident v}.${e'})}.
-notation < "vbox(!!  ident v : ty ← e; break e')"
-  with precedence 40 for @{'sm_bind ${e} (λ${ident v} : ${ty}.${e'})}.
-notation > "!! 〈ident v1, ident v2〉 ← e; e'"
-  with precedence 40 for @{'sm_bind ${e} (λ${ident v1}.λ${ident v2}.${e'})}.
-notation > "!! 〈ident v1 : ty1, ident v2 : ty2〉 ← e; e'"
-  with precedence 40 for @{'sm_bind ${e} (λ${ident v1} : ${ty1}.λ${ident v2} : ${ty2}.${e'})}.
-notation < "vbox(!! \nbsp 〈ident v1, ident v2〉 ← e; break e')"
-  with precedence 40 for @{'sm_bind ${e} (λ${ident v1}.λ${ident v2}.${e'})}.
-notation < "vbox(!! \nbsp 〈ident v1 : ty1, ident v2 : ty2〉 ← e; break e')"
-  with precedence 40 for @{'sm_bind ${e} (λ${ident v1} : ${ty1}.λ${ident v2} : ${ty2}.${e'})}.
-
-notation "m !»= f" with precedence 40
-  for @{'sm_bind $m $f) }.
-
-notation "'sreturn' t" with precedence 30 for @{'sm_return $t}.
-
-interpretation "setoid monad bind" 'sm_bind m f = (sm_bind ? ? ? m f).
-interpretation "setoid monad return" 'sm_return x = (sm_return ? ? x).
-*)
+(* dependent pair versions *)
+notation > "! «ident v1, ident v2» ← e ; e'"
+  with precedence 48 for
+  @{'m_bind ${e} (λ${fresh p_sig}.
+    match ${fresh p_sig} with [mk_Sig ${ident v1} ${ident v2} ⇒ ${e'}])}.
+
+notation > "! «ident v1, ident v2, ident H» ← e ; e'"
+  with precedence 48 for
+  @{'m_bind ${e} (λ${fresh p_sig}.
+    match ${fresh p_sig} with [mk_Sig ${fresh p} ${ident H} ⇒
+      match ${fresh p} with [mk_Prod ${ident v1} ${ident v2} ⇒ ${e'}]])}. 
+
+notation > "'do' «ident v1, ident v2» ← e ; e'"
+  with precedence 48 for
+  @{'m_bind ${e} (λ${fresh p_sig}.
+    match ${fresh p_sig} with [mk_Sig ${ident v1} ${ident v2} ⇒ ${e'}])}.
+
+notation > "'do' «ident v1, ident v2, ident H» ← e ; e'"
+  with precedence 48 for
+  @{'m_bind ${e} (λ${fresh p_sig}.
+    match ${fresh p_sig} with [mk_Sig ${fresh p} ${ident H} ⇒
+      match ${fresh p} with [mk_Prod ${ident v1} ${ident v2} ⇒ ${e'}]])}. 
+
+notation > "'return' t" with precedence 46 for @{'m_return $t}.
+notation < "'return' \nbsp t" with precedence 46 for @{'m_return $t}.
 
 interpretation "setoid monad bind" 'm_bind m f = (sm_bind ? ? ? m f).
+interpretation "setoid monad bind'" 'm_bind' f m = (sm_bind ? ? ? m f).
 interpretation "setoid monad return" 'm_return x = (sm_return ? ? x).
 interpretation "monad bind" 'm_bind m f = (m_bind ? ? ? m f).
+interpretation "monad bind'" 'm_bind' f m = (m_bind ? ? ? m f).
 interpretation "monad return" 'm_return x = (m_return ? ? x).
+
+include "basics/lists/list.ma".
 
 (* add structure and properties as needed *)
@@ -97 +122 @@
     monad m_def X → monad m_def Y → monad m_def Z;
   m_bind2 : ∀X,Y,Z.monad m_def (X×Y) → (X → Y → monad m_def Z) → monad m_def Z;
-  m_join : ∀X.monad m_def (monad m_def X) → monad m_def X
-}.
+  m_bind3 : ∀X,Y,Z,W.monad m_def (X×Y×Z) → (X → Y → Z → monad m_def W) → monad m_def W;
+  m_join : ∀X.monad m_def (monad m_def X) → monad m_def X;
+  m_mmap : ∀X,Y.(X → monad m_def Y) → list X → monad m_def (list Y);
+  m_mmap_sigma : ∀X,Y,P.(X → monad m_def (Σy : Y.P y)) → list X → monad m_def (Σl : list Y.All ? P l)
+}.
+
+interpretation "monad bind2" 'm_bind2 m f = (m_bind2 ? ? ? ? m f).
+interpretation "monad bind3" 'm_bind3 m f = (m_bind3 ? ? ? ? ? m f).
+
+(* notation breaks completely here.... *)
+definition mmap_sigma_helper : ∀M.∀X,Y,P.?→?→?→monad M (Σl : list Y.All ? P l) ≝
+  λM.λX,Y:Type[0].λP.λf : X → monad M (Σy : Y.P y).
+  λel.λmacc : monad M (Σl : list Y.All ? P l).
+    m_bind M ?? (f el) (λp.
+    match p with [mk_Sig r r_prf ⇒
+    m_bind M ?? macc (λq.
+    match q with [mk_Sig acc acc_prf ⇒
+    return (mk_Sig … (r :: acc) ?)])]).
+whd %{r_prf acc_prf} qed.
 
 definition MakeMonad : MonadDefinition → Monad ≝ λM.
@@ -116 +158 @@
     let 〈x, y〉 ≝ p in
     f x y)
+  (λX,Y,Z,W,m,f.
+    ! p ← m ;
+    let 〈x, y, z〉 ≝ p in
+    f x y z)
   (* join *)
-  (λX,m.! x ← m ; x).
+  (λX,m.! x ← m ; x)
+  (λX,Y,f,l.foldr … (λel,macc.! r ← f el; !acc ← macc; return (r :: acc)) (return [ ]) l)
+  (λX,Y,P,f,l.foldr … (mmap_sigma_helper M … f) (return (mk_Sig … [ ] ?)) l).
+  % qed.
+
+
 (* add structure and properties as needed *)
 record SetoidMonad : Type[1] ≝ {
@@ -145 +196 @@
     f x y).
 
-interpretation "monad bind2" 'm_bind2 m f = (sm_map2 ? ? ? ? m f).
-
+interpretation "setoid monad bind2" 'm_bind2 m f = (sm_bind2 ? ? ? ? m f).
 
 record MonadTransformer : Type[1] ≝ {
@@ -155 +205 @@
     m_lift … (! x ← m ; f x) = ! x ← m_lift … m ; m_lift … (f x)
 }.
-
-
-

src/utilities/option.ma

@@ -1 +1 @@
 include "utilities/monad.ma".
 include "basics/types.ma".
+
 definition Option ≝ MakeMonad (mk_MonadDefinition
   (* the monad *)
@@ -9 +10 @@
   (λX,Y,m,f. match m with [ Some x ⇒ f x | None ⇒ None ?])
   ???).
-//
-[(* bind_bind *)
- #X#Y#Z*normalize //
-|(* bind_ret *)
- #X*normalize //
-]
-qed.
+// #X[#Y#Z]*normalize//qed.
 
 include "hints_declaration.ma".
 unification hint 0 ≔ X;
-M ≟ Option
+M ≟ m_def Option
 (*---------------*) ⊢
-option X ≡ monad (m_def M) X
+option X ≡ monad M X
 .
+
+definition opt_safe : ∀X.∀m : option X. m ≠ None X → X ≝
+λX,m,prf.match m return λx.m = x → X with
+  [ Some t ⇒ λ_.t
+  | None ⇒ λeq_m.?
+  ] (refl …). elim (absurd … eq_m prf) qed.
+
+(* playground for notation problems *)
+
+inductive option_bis (X : Type[0]) : Type[0] ≝
+| Some' : X → option_bis X
+| None' : option_bis X.
+
+definition option_to_option' ≝ λX.λm : option X. match m with [ Some x ⇒ Some' ? x | None ⇒ None' ?].
+
+coercion o_to_o' : ∀X.∀m : option X. option_bis X ≝ option_to_option'
+  on _m : option ? to option_bis ?.
+  
+
+definition Option_bis ≝ MakeMonad (mk_MonadDefinition
+  option_bis
+  (λX.Some' X)
+  (λX,Y,m,f.match m with [Some' x ⇒ f x | None' ⇒ None' ?])
+  ???). //
+#X[#Y#Z] * normalize // qed.
+
+unification hint 0 ≔ X ;
+M ≟ m_def Option_bis
+(*---------------*) ⊢
+option_bis X ≡ monad M X
+.
+
+(* does not typecheck
+check (λX.λm : option_bis X.λn : option X.! x ← n ; m)
+*)

src/utilities/proper.ma

@@ -19 +19 @@
   @{'proper_contra $r $s}.
 
-interpretation "is proper" 'is_proper f p = (p f f).
-notation "f ⊨ p" with precedence 50 for @{'is_proper $f $p}.
+(* avoid notation from kikcing in in outputm to avoid things like X ⊨ Prod *)
+notation > "f ⊨ p " with precedence 50 for @{$p $f $f}.