Changeset 25


Ignore:
Timestamp:
Aug 27, 2010, 3:29:51 PM (8 years ago)
Author:
campbell
Message:

Simplify the IO monad a little.

Location:
C-semantics
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • C-semantics/CexecIO.ma

    r24 r25  
    614614(* Interactions are function calls that return a value and do not change
    615615   the rest of the Clight program's state. *)
    616 ndefinition io ≝ mk_interaction (ident × (list eventval)) eventval.
    617 
    618 ndefinition do_io : ident → list eventval → IO io eventval ≝
    619 λfn,args. Interact io eventval 〈fn,args〉 (λres. Value io eventval res).
    620 
    621 ndefinition ret: ∀T. T → (IO io T) ≝
    622 λT,x.(Value io T x).
     616ndefinition io_out ≝ (ident × (list eventval)).
     617
     618ndefinition do_io : ident → list eventval → IO eventval io_out eventval ≝
     619λfn,args. Interact ?? eventval 〈fn,args〉 (λres. Value ?? eventval res).
     620
     621ndefinition ret: ∀T. T → (IO eventval io_out T) ≝
     622λT,x.(Value ?? T x).
    623623
    624624(* Checking types of values given to / received from an external function call. *)
     
    659659(* execution *)
    660660
    661 nlet rec exec_step (ge:genv) (st:state) on st : (IO io (Σr:trace × state. step ge st (\fst r) (\snd r))) ≝
     661nlet rec exec_step (ge:genv) (st:state) on st : (IO eventval io_out (Σr:trace × state. step ge st (\fst r) (\snd r))) ≝
    662662match st with
    663663[ State f s k e m ⇒
     
    695695          match fn_return f with
    696696          [ Tvoid ⇒ Some ? (ret ? 〈E0, Returnstate Vundef k (free_list m (blocks_of_env e))〉)
    697           | _ ⇒ Some ? (Wrong ??)
     697          | _ ⇒ Some ? (Wrong ???)
    698698          ]
    699699      | Kcall _ _ _ _ ⇒
    700700          match fn_return f with
    701701          [ Tvoid ⇒ Some ? (ret ? 〈E0, Returnstate Vundef k (free_list m (blocks_of_env e))〉)
    702           | _ ⇒ Some ? (Wrong ??)
     702          | _ ⇒ Some ? (Wrong ???)
    703703          ]
    704704      | Kwhile a s' k' ⇒ Some ? (ret ? 〈E0, State f (Swhile a s') k' e m〉)
     
    713713      | Kfor3 a2 a3 s' k' ⇒ Some ? (ret ? 〈E0, State f (Sfor Sskip a2 a3 s') k' e m〉)
    714714      | Kswitch k' ⇒ Some ? (ret ? 〈E0, State f Sskip k' e m〉)
    715       | _ ⇒ Some ? (Wrong ??)
     715      | _ ⇒ Some ? (Wrong ???)
    716716      ]
    717717  | Scontinue ⇒
     
    728728      | Kfor2 a2 a3 s' k' ⇒ Some ? (ret ? 〈E0, State f a3 (Kfor3 a2 a3 s' k') e m〉)
    729729      | Kswitch k' ⇒ Some ? (ret ? 〈E0, State f Scontinue k' e m〉)
    730       | _ ⇒ Some ? (Wrong ??)
     730      | _ ⇒ Some ? (Wrong ???)
    731731      ]
    732732  | Sbreak ⇒
     
    737737      | Kfor2 a2 a3 s' k' ⇒ Some ? (ret ? 〈E0, State f Sskip k' e m〉)
    738738      | Kswitch k' ⇒ Some ? (ret ? 〈E0, State f Sskip k' e m〉)
    739       | _ ⇒ Some ? (Wrong ??)
     739      | _ ⇒ Some ? (Wrong ???)
    740740      ]
    741741  | Sifthenelse a s1 s2 ⇒ Some ? (
     
    761761    [ None ⇒ match fn_return f with
    762762      [ Tvoid ⇒ Some ? (ret ? 〈E0, Returnstate Vundef (call_cont k) (free_list m (blocks_of_env e))〉)
    763       | _ ⇒ Some ? (Wrong ??)
     763      | _ ⇒ Some ? (Wrong ???)
    764764      ]
    765765    | Some a ⇒ Some ? (
     
    771771      ! v ← exec_expr ge e m a;:
    772772      match v with [ Vint n ⇒ ret ? 〈E0, State f (seq_of_labeled_statement (select_switch n sl)) (Kswitch k) e m〉
    773                    | _ ⇒ Wrong ?? ])
     773                   | _ ⇒ Wrong ??? ])
    774774  | Slabel lbl s' ⇒ Some ? (ret ? 〈E0, State f s' k e m〉)
    775775  | Sgoto lbl ⇒
    776776      match find_label lbl (fn_body f) (call_cont k) with
    777777      [ Some sk' ⇒ match sk' with [ mk_pair s' k' ⇒ Some ? (ret ? 〈E0, State f s' k' e m〉) ]
    778       | None ⇒ Some ? (Wrong ??)
     778      | None ⇒ Some ? (Wrong ???)
    779779      ]
    780780  ]
     
    799799      match res with
    800800      [ Vundef ⇒ Some ? (ret ? 〈E0, (State f Sskip k' e m)〉)
    801       | _ ⇒ Some ? (Wrong ??)
     801      | _ ⇒ Some ? (Wrong ???)
    802802      ]
    803803    | Some r' ⇒
     
    809809      ]
    810810    ]
    811   | _ ⇒ Some ? (Wrong ??)
     811  | _ ⇒ Some ? (Wrong ???)
    812812  ]
    813813]. nwhd; //;
     
    883883nqed.
    884884
    885 nlet rec make_initial_state (p:program) : IO io (Σs:state. initial_state p s) ≝
     885nlet rec make_initial_state (p:program) : IO eventval io_out (Σs:state. initial_state p s) ≝
    886886  let ge ≝ globalenv Genv ?? p in
    887887  let m0 ≝ init_mem Genv ?? p in
     
    915915
    916916nlet rec exec_steps (n:nat) (ge:genv) (s:state) :
    917  IO io (Σts:trace×state. star (mk_transrel ?? step) ge s (\fst ts) (\snd ts)) ≝
     917 IO eventval io_out (Σts:trace×state. star (mk_transrel ?? step) ge s (\fst ts) (\snd ts)) ≝
    918918match is_final_state s with
    919919[ inl _ ⇒ Some ? (ret ? 〈E0, s〉)
  • C-semantics/IOMonad.ma

    r24 r25  
    55(* IO monad *)
    66
    7 nrecord interaction : Type[1]
    8 { output : Type
    9 ; input : Type
    10 }.
     7ninductive IO (input,output:Type) (T:Type) : Type
     8| Interact : output → (input → IO input output T) → IO input output T
     9| Value : T → IO input output T
     10| Wrong : IO input output T.
    1111
    12 ninductive IO (IT:interaction) (T:Type) : Type ≝
    13 | Interact : output IT → (input IT → IO IT T) → IO IT T
    14 | Value : T → IO IT T
    15 | Wrong : IO IT T.
    16 
    17 nlet rec bindIO (IT:interaction) (T,T':Type) (v:IO IT T) (f:T → IO IT T') on v : IO IT T' ≝
     12nlet rec bindIO (I,O,T,T':Type) (v:IO I O T) (f:T → IO I O T') on v : IO I O T' ≝
    1813match v with
    19 [ Interact out k ⇒ (Interact ?? out (λres. bindIO IT T T' (k res) f))
     14[ Interact out k ⇒ (Interact ??? out (λres. bindIO I O T T' (k res) f))
    2015| Value v' ⇒ (f v')
    21 | Wrong ⇒ Wrong IT T'
     16| Wrong ⇒ Wrong I O T'
    2217].
    2318
    24 nlet rec bindIO2 (IT:interaction) (T1,T2,T':Type) (v:IO IT (T1×T2)) (f:T1 → T2 → IO IT T') on v : IO IT T' ≝
     19nlet rec bindIO2 (I,O,T1,T2,T':Type) (v:IO I O (T1×T2)) (f:T1 → T2 → IO I O T') on v : IO I O T' ≝
    2520match v with
    26 [ Interact out k ⇒ (Interact ?? out (λres. bindIO2 ? T1 T2 T' (k res) f))
     21[ Interact out k ⇒ (Interact ??? out (λres. bindIO2 ?? T1 T2 T' (k res) f))
    2722| Value v' ⇒ match v' with [ mk_pair v1 v2 ⇒ f v1 v2 ]
    28 | Wrong ⇒ Wrong ? T'
     23| Wrong ⇒ Wrong ?? T'
    2924].
    3025
    31 ndefinition err_to_io : ∀IT,T. res T → IO IT T ≝
    32 λIT,T,v. match v with [ OK v' ⇒ Value IT T v' | Error ⇒ Wrong IT T ].
    33 (*ncoercion err_to_io : ∀IT,A.∀c:res A.IO IT A ≝ err_to_io on _c:res ? to IO ??.*)
    34 ndefinition err_to_io_sig : ∀IT,T.∀P:T → Prop. res (sigma T P) → IO IT (sigma T P) ≝
    35 λIT,T,P,v. match v with [ OK v' ⇒ Value IT (sigma T P) v' | Error ⇒ Wrong IT (sigma T P) ].
    36 ncoercion err_to_io_sig : ∀IT,A.∀P:A → Prop.∀c:res (sigma A P).IO IT (sigma A P) ≝ err_to_io_sig on _c:res (sigma ??) to IO ? (sigma ??).
     26ndefinition err_to_io : ∀I,O,T. res T → IO I O T ≝
     27λI,O,T,v. match v with [ OK v' ⇒ Value I O T v' | Error ⇒ Wrong I O T ].
     28(*ncoercion err_to_io : ∀I,O,A.∀c:res A.IO I O A ≝ err_to_io on _c:res ? to IO ???.*)
     29ndefinition err_to_io_sig : ∀I,O,T.∀P:T → Prop. res (sigma T P) → IO I O (sigma T P) ≝
     30λI,O,T,P,v. match v with [ OK v' ⇒ Value I O (sigma T P) v' | Error ⇒ Wrong I O (sigma T P) ].
     31ncoercion err_to_io_sig : ∀I,O,A.∀P:A → Prop.∀c:res (sigma A P).IO I O (sigma A P) ≝ err_to_io_sig on _c:res (sigma ??) to IO ?? (sigma ??).
    3732
    3833
     
    4035notation "! ident v ← e;: e'" right associative with precedence 40 for @{'bindIO ${e} (λ${ident v}.${e'})}.
    4136notation "! 〈ident v1, ident v2〉 ← e;: e'" right associative with precedence 40 for @{'bindIO2 ${e} (λ${ident v1}.λ${ident v2}.${e'})}.
    42 interpretation "IO monad bind" 'bindIO e f = (bindIO ??? e f).
    43 interpretation "IO monad pair bind" 'bindIO2 e f = (bindIO2 ???? e f).
     37interpretation "IO monad bind" 'bindIO e f = (bindIO ???? e f).
     38interpretation "IO monad pair bind" 'bindIO2 e f = (bindIO2 ????? e f).
    4439(**)
    45 nlet rec P_io (IT:interaction) (A:Type) (P:A → Prop) (v:IO IT A) on v : Prop ≝
     40nlet rec P_io (I,O,A:Type) (P:A → Prop) (v:IO I O A) on v : Prop ≝
    4641match v return λ_.Prop with
    4742[ Wrong ⇒ True
    4843| Value z ⇒ P z
    49 | Interact out k ⇒ ∀v'.P_io IT A P (k v')
     44| Interact out k ⇒ ∀v'.P_io I O A P (k v')
    5045].
    5146
    52 nlet rec P_io' (IT:interaction) (A:Type) (P:A → Prop) (v:IO IT A) on v : Prop ≝
     47nlet rec P_io' (I,O,A:Type) (P:A → Prop) (v:IO I O A) on v : Prop ≝
    5348match v return λ_.Prop with
    5449[ Wrong ⇒ False
    5550| Value z ⇒ P z
    56 | Interact out k ⇒ ∀v'.P_io IT A P (k v')
     51| Interact out k ⇒ ∀v'.P_io' I O A P (k v')
    5752].
    5853
    59 ndefinition P_to_P_option_io : ∀IT,A.∀P:A → Prop.option (IO IT A) → Prop ≝
    60   λIT,A,P,a.match a with
     54ndefinition P_to_P_option_io : ∀I,O,A.∀P:A → Prop.option (IO I O A) → Prop ≝
     55  λI,O,A,P,a.match a with
    6156   [ None ⇒ False
    62    | Some y ⇒ P_io IT A P y
     57   | Some y ⇒ P_io I O A P y
    6358   ].
    6459
    65 nlet rec io_inject_0 (IT:interaction) (A:Type) (P:A → Prop) (a:IO IT A) (p:P_io IT A P a) on a : IO IT (sigma A P) ≝
     60nlet rec io_inject_0 (I,O,A:Type) (P:A → Prop) (a:IO I O A) (p:P_io I O A P a) on a : IO I O (sigma A P) ≝
    6661(match a return λa'.a=a' → ? with
    67  [ Wrong ⇒ λ_. Wrong IT ?
    68  | Value c ⇒ λe2. Value ?? (sig_intro A P c ?)
    69  | Interact out k ⇒ λe2. Interact ?? out (λv. io_inject_0 IT A P (k v) ?)
     62 [ Wrong ⇒ λ_. Wrong I O ?
     63 | Value c ⇒ λe2. Value ??? (sig_intro A P c ?)
     64 | Interact out k ⇒ λe2. Interact ??? out (λv. io_inject_0 I O A P (k v) ?)
    7065 ]) (refl ? a).
    71  (* XXX: odd, can't do both cases at once. *)
    72 ##[ nrewrite > e2 in p; nwhd in ⊢ (% → ?); //;
    73 ##| nrewrite > e2 in p; nwhd in ⊢ (% → ?); //;
    74 ##] nqed.
     66nrewrite > e2 in p; nwhd in ⊢ (% → ?); //;
     67nqed.
    7568
    76 ndefinition io_inject : ∀IT,A.∀P:A → Prop.∀a:option (IO IT A).∀p:P_to_P_option_io IT A P a.IO IT (sigma A P) ≝
    77   λIT,A.λP:A → Prop.λa:option (IO IT A).λp:P_to_P_option_io IT A P a.
    78   (match a return λa'.a=a' → IO IT (sigma A P) with
     69ndefinition io_inject : ∀I,O,A.∀P:A → Prop.∀a:option (IO I O A).∀p:P_to_P_option_io I O A P a.IO I O (sigma A P) ≝
     70  λI,O,A.λP:A → Prop.λa:option (IO I O A).λp:P_to_P_option_io I O A P a.
     71  (match a return λa'.a=a' → IO I O (sigma A P) with
    7972   [ None ⇒ λe1.?
    80    | Some b ⇒ λe1. io_inject_0 IT A P b ?
     73   | Some b ⇒ λe1. io_inject_0 I O A P b ?
    8174   ]) (refl ? a).
    8275##[ nrewrite > e1 in p; nnormalize; *;
     
    8477##] nqed.
    8578
    86 nlet rec io_eject (IT:interaction) (A:Type) (P: A → Prop) (a:IO IT (sigma A P)) on a : IO IT A ≝
     79nlet rec io_eject (I,O,A:Type) (P: A → Prop) (a:IO I O (sigma A P)) on a : IO I O A ≝
    8780match a with
    88 [ Wrong ⇒ Wrong ??
    89 | Value b ⇒ match b with [ sig_intro w p ⇒ Value ?? w]
    90 | Interact out k ⇒ Interact ?? out (λv. io_eject ? A P (k v))
     81[ Wrong ⇒ Wrong ???
     82| Value b ⇒ match b with [ sig_intro w p ⇒ Value ??? w]
     83| Interact out k ⇒ Interact ??? out (λv. io_eject ?? A P (k v))
    9184].
    9285
    9386ncoercion io_inject :
    94   ∀IT,A.∀P:A → Prop.∀a.∀p:P_to_P_option_io IT ? P a.IO IT (sigma A P) ≝ io_inject
    95   on a:option (IO ??) to IO ? (sigma ? ?).
    96 ncoercion io_eject : ∀IT,A.∀P:A → Prop.∀c:IO IT (sigma A P).IO IT A ≝ io_eject
    97   on _c:IO ? (sigma ? ?) to IO ??.
     87  ∀I,O,A.∀P:A → Prop.∀a.∀p:P_to_P_option_io I O ? P a.IO I O (sigma A P) ≝ io_inject
     88  on a:option (IO ???) to IO ?? (sigma ? ?).
     89ncoercion io_eject : ∀I,O,A.∀P:A → Prop.∀c:IO I O (sigma A P).IO I O A ≝ io_eject
     90  on _c:IO ?? (sigma ? ?) to IO ???.
    9891
    99 ndefinition opt_to_io : ∀IT,T.option T → IO IT T ≝
    100 λIT,T,v. match v with [ None ⇒ Wrong IT T | Some v' ⇒ Value IT T v' ].
    101 ncoercion opt_to_io : ∀IT,T.∀v:option T. IO IT T ≝ opt_to_io on _v:option ? to IO ??.
     92ndefinition opt_to_io : ∀I,O,T.option T → IO I O T ≝
     93λI,O,T,v. match v with [ None ⇒ Wrong I O T | Some v' ⇒ Value I O T v' ].
     94ncoercion opt_to_io : ∀I,O,T.∀v:option T. IO I O T ≝ opt_to_io on _v:option ? to IO ???.
    10295
    103 nlemma sig_bindIO_OK: ∀IT,A,B. ∀P:A → Prop. ∀P':B → Prop. ∀e:IO IT (sigma A P). ∀f:sigma A P → IO IT B.
    104   (∀v:A. ∀p:P v. P_io IT ? P' (f (sig_intro A P v p))) →
    105   P_io IT ? P' (bindIO IT (sigma A P) B e f).
    106 #IT A B P P' e f; nelim e;
     96nlemma sig_bindIO_OK: ∀I,O,A,B. ∀P:A → Prop. ∀P':B → Prop. ∀e:IO I O (sigma A P). ∀f:sigma A P → IO I O B.
     97  (∀v:A. ∀p:P v. P_io I O ? P' (f (sig_intro A P v p))) →
     98  P_io I O ? P' (bindIO I O (sigma A P) B e f).
     99#I O A B P P' e f; nelim e;
    107100##[ #out k IH; #IH'; nwhd; #res; napply IH; //;
    108101##| #v0; nelim v0; #v Hv IH; nwhd; napply IH;
     
    110103##] nqed.
    111104
    112 nlemma sig_bindIO2_OK: ∀IT,A,B,C. ∀P:(A×B) → Prop. ∀P':C → Prop. ∀e:IO IT (sigma (A×B) P). ∀f: A → B → IO IT C.
    113   (∀vA:A.∀vB:B. ∀p:P 〈vA,vB〉. P_io IT ? P' (f vA vB)) →
    114   P_io IT ? P' (bindIO2 IT A B C e f).
    115 #IT A B C P P' e f; nelim e;
     105nlemma sig_bindIO2_OK: ∀I,O,A,B,C. ∀P:(A×B) → Prop. ∀P':C → Prop. ∀e:IO I O (sigma (A×B) P). ∀f: A → B → IO I O C.
     106  (∀vA:A.∀vB:B. ∀p:P 〈vA,vB〉. P_io I O ? P' (f vA vB)) →
     107  P_io I O ? P' (bindIO2 I O A B C e f).
     108#I O A B C P P' e f; nelim e;
    116109##[ #out k IH; #IH'; nwhd; #res; napply IH; napply IH';
    117110##| #v0; nelim v0; #v; nelim v; #vA vB Hv IH; napply IH; //;
     
    119112##] nqed.
    120113
    121 nlemma opt_bindIO_OK: ∀IT,A,B. ∀P:B → Prop. ∀e:option A. ∀f: A → IO IT B.
    122   (∀v:A. e = Some A v → P_io IT ? P (f v)) →
    123   P_io IT ? P (bindIO IT A B e f).
    124 #IT A B P e; nelim e; //; #v f H; napply H; //;
     114nlemma opt_bindIO_OK: ∀I,O,A,B. ∀P:B → Prop. ∀e:option A. ∀f: A → IO I O B.
     115  (∀v:A. e = Some A v → P_io I O ? P (f v)) →
     116  P_io I O ? P (bindIO I O A B e f).
     117#I O A B P e; nelim e; //; #v f H; napply H; //;
    125118nqed.
    126119
    127 nlemma bindIO_OK: ∀IT,A,B. ∀P:B → Prop. ∀e:IO IT A. ∀f: A → IO IT B.
    128   (∀v:A. P_io IT ? P (f v)) →
    129   P_io IT ? P (bindIO IT A B e f).
    130 #IT A B P e; nelim e;
     120nlemma bindIO_OK: ∀I,O,A,B. ∀P:B → Prop. ∀e:IO I O A. ∀f: A → IO I O B.
     121  (∀v:A. P_io I O ? P (f v)) →
     122  P_io I O ? P (bindIO I O A B e f).
     123#I O A B P e; nelim e;
    131124##[ #out k IH; #f H; nwhd; #res; napply IH; //;
    132125##| #v f H; napply H;
     
    143136*)
    144137
    145 nlemma extract_subset_pair_io: ∀IT,A,B,C,P. ∀e:{e:A×B | P e}. ∀Q:A→B→IO IT C. ∀R:C→Prop.
    146   (∀a,b. eject ?? e = 〈a,b〉 → P 〈a,b〉 → P_io IT ? R (Q a b)) →
    147   P_io IT ? R (match eject ?? e with [ mk_pair a b ⇒ Q a b ]).
    148 #IT A B C P e Q R; ncases e; #e'; ncases e'; nnormalize;
     138nlemma extract_subset_pair_io: ∀I,O,A,B,C,P. ∀e:{e:A×B | P e}. ∀Q:A→B→IO I O C. ∀R:C→Prop.
     139  (∀a,b. eject ?? e = 〈a,b〉 → P 〈a,b〉 → P_io I O ? R (Q a b)) →
     140  P_io I O ? R (match eject ?? e with [ mk_pair a b ⇒ Q a b ]).
     141#I O A B C P e Q R; ncases e; #e'; ncases e'; nnormalize;
    149142##[ *;
    150143##| #e''; ncases e''; #a b Pab H; nnormalize; /2/;
  • C-semantics/SmallstepExec.ma

    r24 r25  
    88{ genv  : Type
    99; state : Type
    10 ; io : interaction
     10; input : Type
     11; output : Type
    1112; initial : state → Prop
    1213; final : state → int → Prop
    13 ; step : genv → state → IO io (trace×state)
     14; step : genv → state → IO input output (trace×state)
    1415}.
    1516
    1617nlet rec repeat (n:nat) (exec:execstep) (g:genv exec) (s:state exec)
    17  : IO (io exec) (trace × (state exec)) ≝
     18 : IO (input exec) (output exec) (trace × (state exec)) ≝
    1819match n with
    19 [ O ⇒ Value ?? 〈E0, s〉
     20[ O ⇒ Value ??? 〈E0, s〉
    2021| S n' ⇒ ! 〈t1,s1〉 ← step exec g s;:
    2122         repeat n' exec g s1
     
    3839{ sems :> related_semantics
    3940; sim : ∀st1,st2,t,st1'.
    40         P_io' (io (sem1 sems)) (trace × (state (sem1 sems))) (λr. r = 〈t,st1'〉) (step (sem1 sems) (ge1 sems) st1) →
     41        P_io' ?? (trace × (state (sem1 sems))) (λr. r = 〈t,st1'〉) (step (sem1 sems) (ge1 sems) st1) →
    4142        match_states sems st1 st2 →
    42         ∃st2':(state (sem2 sems)).(∃n:nat.P_io' (io (sem2 sems)) (trace × (state (sem2 sems))) (λr. r = 〈t,st2'〉) (repeat n (sem2 sems) (ge2 sems) st2)) ∧
     43        ∃st2':(state (sem2 sems)).(∃n:nat.P_io' ?? (trace × (state (sem2 sems))) (λr. r = 〈t,st2'〉) (repeat n (sem2 sems) (ge2 sems) st2)) ∧
    4344          match_states sems st1' st2'
    4445}.
  • C-semantics/test/transform1.ma

    r24 r25  
    4444
    4545ndefinition Csem ≝ λp:program.mk_execstep
     46  ?
    4647  ?
    4748  ?
Note: See TracChangeset for help on using the changeset viewer.