1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
|
(* PS NOTES FOR KATHY:
pls also change:
decode_to_istate
decode_to_instruction
to take an opcode as defined above, instead of a value
and change
*)
import Interp
open import Interp_ast
open import Pervasives
open import Num
open import Assert_extra
(* maybe isn't a member of type Ord - this should be in the Lem standard library*)
instance forall 'a. Ord 'a => (Ord (maybe 'a))
let compare = maybeCompare compare
let (<) r1 r2 = (maybeCompare compare r1 r2) = LT
let (<=) r1 r2 = (maybeCompare compare r1 r2) <> GT
let (>) r1 r2 = (maybeCompare compare r1 r2) = GT
let (>=) r1 r2 = (maybeCompare compare r1 r2) <> LT
end
type word8 = nat (* bounded at a byte, for when lem supports it*)
type end_flag =
| E_big_endian
| E_little_endian
type interpreter_state = Interp.stack (*Deem abstract*)
(* Will come from a .lem file generated by Sail, bound to a 'defs' identifier *)
type specification = Interp_ast.defs Interp.tannot (*Deem abstract*)
type interpreter_mode = Interp.interp_mode (*Deem abstract*)
type interp_mode = <| internal_mode: interpreter_mode; endian: end_flag |>
val make_mode : (*eager*) bool -> (*tracking*) bool -> end_flag -> interp_mode
val tracking_dependencies : interp_mode -> bool
(** basic values *)
type bit =
| Bitc_zero
| Bitc_one
type bit_lifted =
| Bitl_zero
| Bitl_one
| Bitl_undef
| Bitl_unknown
type direction =
| D_increasing
| D_decreasing
type register_value = <|
rv_bits: list bit_lifted (* MSB first, smallest index number *);
rv_dir: direction;
rv_start: nat ;
rv_start_internal: nat;
(*when dir is increasing, rv_start = rv_start_internal.
Otherwise, tells interpreter how to reconstruct a proper decreasing value*)
|>
type byte_lifted = Byte_lifted of list bit_lifted (* of length 8 *) (*MSB first everywhere*)
type instruction_field_value = list bit
type byte = Byte of list bit (* of length 8 *) (*MSB first everywhere*)
type address_lifted = Address_lifted of list byte_lifted (* of length 8 for 64bit machines*) * maybe integer
(* for both values of end_flag, MSBy first *)
type memory_byte = byte_lifted (* of length 8 *) (*MSB first everywhere*)
type memory_value = list memory_byte
(* the list is of length >=1 *)
(* for both big-endian (Power) and little-endian (ARM), the head of the
list is the byte stored at the lowest address *)
(* for big-endian Power the head of the list is the most-significant
byte, in both the interpreter and machineDef* code. *)
(* For little-endian ARM, the head of the list is the
least-significant byte in machineDef* code and the
most-significant byte in interpreter code, with the switch over
(a list-reverse) being done just inside the interpreter interface*)
(* In other words, in the machineDef* code the lowest-address byte is first,
and in the interpreter code the most-significant byte is first *)
(* not sure which of these is more handy yet *)
type address = Address of list byte (* of length 8 *) * integer
(* type address = Address of integer *)
type opcode = Opcode of list byte (* of length 4 *)
(** typeclass instantiations *)
let ~{ocaml} bitCompare (b1:bit) (b2:bit) =
match (b1,b2) with
| (Bitc_zero, Bitc_zero) -> EQ
| (Bitc_one, Bitc_one) -> EQ
| (Bitc_zero, _) -> LT
| (_,_) -> GT
end
let inline {ocaml} bitCompare = defaultCompare
let ~{ocaml} bitLess b1 b2 = bitCompare b1 b2 = LT
let ~{ocaml} bitLessEq b1 b2 = bitCompare b1 b2 <> GT
let ~{ocaml} bitGreater b1 b2 = bitCompare b1 b2 = GT
let ~{ocaml} bitGreaterEq b1 b2 = bitCompare b1 b2 <> LT
let inline {ocaml} bitLess = defaultLess
let inline {ocaml} bitLessEq = defaultLessEq
let inline {ocaml} bitGreater = defaultGreater
let inline {ocaml} bitGreaterEq = defaultGreaterEq
instance (Ord bit)
let compare = bitCompare
let (<) = bitLess
let (<=) = bitLessEq
let (>) = bitGreater
let (>=) = bitGreaterEq
end
let ~{ocaml} bit_liftedCompare (bl1:bit_lifted) (bl2:bit_lifted) =
match (bl1,bl2) with
| (Bitl_zero, Bitl_zero) -> EQ
| (Bitl_one, Bitl_one) -> EQ
| (Bitl_undef,Bitl_undef) -> EQ
| (Bitl_unknown,Bitl_unknown) -> EQ
| (Bitl_zero,_) -> LT
| (Bitl_one, _) -> LT
| (Bitl_undef, _) -> LT
| (_,_) -> GT
end
let inline {ocaml} bit_liftedCompare = defaultCompare
let ~{ocaml} bit_liftedLess b1 b2 = bit_liftedCompare b1 b2 = LT
let ~{ocaml} bit_liftedLessEq b1 b2 = bit_liftedCompare b1 b2 <> GT
let ~{ocaml} bit_liftedGreater b1 b2 = bit_liftedCompare b1 b2 = GT
let ~{ocaml} bit_liftedGreaterEq b1 b2 = bit_liftedCompare b1 b2 <> LT
let inline {ocaml} bit_liftedLess = defaultLess
let inline {ocaml} bit_liftedLessEq = defaultLessEq
let inline {ocaml} bit_liftedGreater = defaultGreater
let inline {ocaml} bit_liftedGreaterEq = defaultGreaterEq
instance (Ord bit_lifted)
let compare = bit_liftedCompare
let (<) = bit_liftedLess
let (<=) = bit_liftedLessEq
let (>) = bit_liftedGreater
let (>=) = bit_liftedGreaterEq
end
let ~{ocaml} byte_liftedCompare (Byte_lifted b1) (Byte_lifted b2) = compare b1 b2
let inline {ocaml} byte_liftedCompare = defaultCompare
let ~{ocaml} byte_liftedLess b1 b2 = byte_liftedCompare b1 b2 = LT
let ~{ocaml} byte_liftedLessEq b1 b2 = byte_liftedCompare b1 b2 <> GT
let ~{ocaml} byte_liftedGreater b1 b2 = byte_liftedCompare b1 b2 = GT
let ~{ocaml} byte_liftedGreaterEq b1 b2 = byte_liftedCompare b1 b2 <> LT
let inline {ocaml} byte_liftedLess = defaultLess
let inline {ocaml} byte_liftedLessEq = defaultLessEq
let inline {ocaml} byte_liftedGreater = defaultGreater
let inline {ocaml} byte_liftedGreaterEq = defaultGreaterEq
instance (Ord byte_lifted)
let compare = byte_liftedCompare
let (<) = byte_liftedLess
let (<=) = byte_liftedLessEq
let (>) = byte_liftedGreater
let (>=) = byte_liftedGreaterEq
end
let ~{ocaml} byteCompare (Byte b1) (Byte b2) = compare b1 b2
let inline {ocaml} byteCompare = defaultCompare
let ~{ocaml} byteLess b1 b2 = byteCompare b1 b2 = LT
let ~{ocaml} byteLessEq b1 b2 = byteCompare b1 b2 <> GT
let ~{ocaml} byteGreater b1 b2 = byteCompare b1 b2 = GT
let ~{ocaml} byteGreaterEq b1 b2 = byteCompare b1 b2 <> LT
let inline {ocaml} byteLess = defaultLess
let inline {ocaml} byteLessEq = defaultLessEq
let inline {ocaml} byteGreater = defaultGreater
let inline {ocaml} byteGreaterEq = defaultGreaterEq
instance (Ord byte)
let compare = byteCompare
let (<) = byteLess
let (<=) = byteLessEq
let (>) = byteGreater
let (>=) = byteGreaterEq
end
let ~{ocaml} addressCompare (Address b1 i1) (Address b2 i2) = compare (b1,i1) (b2,i2)
let inline {ocaml} addressCompare = defaultCompare
let ~{ocaml} addressLess b1 b2 = addressCompare b1 b2 = LT
let ~{ocaml} addressLessEq b1 b2 = addressCompare b1 b2 <> GT
let ~{ocaml} addressGreater b1 b2 = addressCompare b1 b2 = GT
let ~{ocaml} addressGreaterEq b1 b2 = addressCompare b1 b2 <> LT
let inline {ocaml} addressLess = defaultLess
let inline {ocaml} addressLessEq = defaultLessEq
let inline {ocaml} addressGreater = defaultGreater
let inline {ocaml} addressGreaterEq = defaultGreaterEq
instance (Ord address)
let compare = addressCompare
let (<) = addressLess
let (<=) = addressLessEq
let (>) = addressGreater
let (>=) = addressGreaterEq
end
let {coq} addressEqual a1 a2 = (addressCompare a1 a2) = EQ
let inline ~{coq} addressEqual = unsafe_structural_equality
let {coq} addressInequal a1 a2 = not (addressEqual a1 a2)
let inline ~{coq} addressInequal = unsafe_structural_inequality
instance (Eq address)
let (=) = addressEqual
let (<>) = addressInequal
end
let ~{ocaml} directionCompare d1 d2 =
match (d1, d2) with
| (D_decreasing, D_increasing) -> GT
| (D_increasing, D_decreasing) -> LT
| _ -> EQ
end
let inline {ocaml} directionCompare = defaultCompare
let ~{ocaml} directionLess b1 b2 = directionCompare b1 b2 = LT
let ~{ocaml} directionLessEq b1 b2 = directionCompare b1 b2 <> GT
let ~{ocaml} directionGreater b1 b2 = directionCompare b1 b2 = GT
let ~{ocaml} directionGreaterEq b1 b2 = directionCompare b1 b2 <> LT
let inline {ocaml} directionLess = defaultLess
let inline {ocaml} directionLessEq = defaultLessEq
let inline {ocaml} directionGreater = defaultGreater
let inline {ocaml} directionGreaterEq = defaultGreaterEq
instance (Ord direction)
let compare = directionCompare
let (<) = directionLess
let (<=) = directionLessEq
let (>) = directionGreater
let (>=) = directionGreaterEq
end
let ~{ocaml} register_valueCompare rv1 rv2 =
compare (rv1.rv_bits, rv1.rv_dir, rv1.rv_start, rv1.rv_start_internal)
(rv2.rv_bits, rv2.rv_dir, rv2.rv_start, rv2.rv_start_internal)
let inline {ocaml} register_valueCompare = defaultCompare
let ~{ocaml} register_valueLess b1 b2 = register_valueCompare b1 b2 = LT
let ~{ocaml} register_valueLessEq b1 b2 = register_valueCompare b1 b2 <> GT
let ~{ocaml} register_valueGreater b1 b2 = register_valueCompare b1 b2 = GT
let ~{ocaml} register_valueGreaterEq b1 b2 = register_valueCompare b1 b2 <> LT
let inline {ocaml} register_valueLess = defaultLess
let inline {ocaml} register_valueLessEq = defaultLessEq
let inline {ocaml} register_valueGreater = defaultGreater
let inline {ocaml} register_valueGreaterEq = defaultGreaterEq
instance (Ord register_value)
let compare = register_valueCompare
let (<) = register_valueLess
let (<=) = register_valueLessEq
let (>) = register_valueGreater
let (>=) = register_valueGreaterEq
end
let ~{ocaml} address_liftedCompare (Address_lifted b1 i1) (Address_lifted b2 i2) =
compare (b1,i1) (b2,i2)
let inline {ocaml} address_liftedCompare = defaultCompare
let ~{ocaml} address_liftedLess b1 b2 = address_liftedCompare b1 b2 = LT
let ~{ocaml} address_liftedLessEq b1 b2 = address_liftedCompare b1 b2 <> GT
let ~{ocaml} address_liftedGreater b1 b2 = address_liftedCompare b1 b2 = GT
let ~{ocaml} address_liftedGreaterEq b1 b2 = address_liftedCompare b1 b2 <> LT
let inline {ocaml} address_liftedLess = defaultLess
let inline {ocaml} address_liftedLessEq = defaultLessEq
let inline {ocaml} address_liftedGreater = defaultGreater
let inline {ocaml} address_liftedGreaterEq = defaultGreaterEq
instance (Ord address_lifted)
let compare = address_liftedCompare
let (<) = address_liftedLess
let (<=) = address_liftedLessEq
let (>) = address_liftedGreater
let (>=) = address_liftedGreaterEq
end
(* Registers *)
type slice = (nat * nat)
type reg_name =
| Reg of string * nat * nat * direction
(*Name of the register, accessing the entire register, the start and size of this register, and its direction *)
| Reg_slice of string * nat * direction * slice
(* Name of the register, accessing from the bit indexed by the first
to the bit indexed by the second integer of the slice, inclusive. For
machineDef* the first is a smaller number or equal to the second, adjusted
to reflect the correct span direction in the interpreter side. *)
| Reg_field of string * nat * direction * string * slice
(*Name of the register, start and direction, and name of the field of the register
accessed. The slice specifies where this field is in the register*)
| Reg_f_slice of string * nat * direction * string * slice * slice
(* The first four components are as in Reg_field; the final slice
specifies a part of the field, indexed w.r.t. the register as a whole *)
let ~{ocaml} reg_nameCompare r1 r2 =
match (r1,r2) with
| (Reg s1 ns1 nz1 l1, Reg s2 ns2 nz2 l2) ->
compare (s1,ns1,nz1,l1) (s2,ns2,nz2,l2)
| (Reg_slice s1 ns1 d1 sl1, Reg_slice s2 ns2 d2 sl2) ->
compare(s1,ns1,d1,sl1) (s2,ns2,d2,sl2)
| (Reg_field s1 ns1 d1 f1 sl1, Reg_field s2 ns2 d2 f2 sl2) ->
compare ((s1,ns1,d2),f1,sl1) ((s2,ns2,d2),f2,sl2)
| (Reg_f_slice s1 ns1 d1 f1 sl1 sl1', Reg_f_slice s2 ns2 d2 f2 sl2 sl2') ->
compare ((s1,ns1,d1),(f1,sl1,sl1')) ((s2,ns2,d2),(f2,sl2,sl2'))
| (Reg _ _ _ _, _) -> LT
| (Reg_slice _ _ _ _, _) -> LT
| (Reg_field _ _ _ _ _, _) -> LT
| (_, _) -> GT
end
let inline {ocaml} reg_nameCompare = defaultCompare
let ~{ocaml} reg_nameLess b1 b2 = reg_nameCompare b1 b2 = LT
let ~{ocaml} reg_nameLessEq b1 b2 = reg_nameCompare b1 b2 <> GT
let ~{ocaml} reg_nameGreater b1 b2 = reg_nameCompare b1 b2 = GT
let ~{ocaml} reg_nameGreaterEq b1 b2 = reg_nameCompare b1 b2 <> LT
let inline {ocaml} reg_nameLess = defaultLess
let inline {ocaml} reg_nameLessEq = defaultLessEq
let inline {ocaml} reg_nameGreater = defaultGreater
let inline {ocaml} reg_nameGreaterEq = defaultGreaterEq
instance (Ord reg_name)
let compare = reg_nameCompare
let (<) = reg_nameLess
let (<=) = reg_nameLessEq
let (>) = reg_nameGreater
let (>=) = reg_nameGreaterEq
end
let {coq} reg_nameEqual a1 a2 = (reg_nameCompare a1 a2) = EQ
let inline ~{coq} reg_nameEqual = unsafe_structural_equality
let {coq} reg_nameInequal a1 a2 = not (reg_nameEqual a1 a2)
let inline ~{coq} reg_nameInequal = unsafe_structural_inequality
instance (Eq reg_name)
let (=) = reg_nameEqual
let (<>) = reg_nameInequal
end
instance (SetType reg_name)
let setElemCompare = reg_nameCompare
end
let direction_of_reg_name r = match r with
| Reg _ _ _ d -> d
| Reg_slice _ _ d _ -> d
| Reg_field _ _ d _ _ -> d
| Reg_f_slice _ _ d _ _ _ -> d
end
let start_of_reg_name r = match r with
| Reg _ start _ _ -> start
| Reg_slice _ start _ _ -> start
| Reg_field _ start _ _ _ -> start
| Reg_f_slice _ start _ _ _ _ -> start
end
(* Data structures for building up instructions *)
type read_kind =
(* common reads *)
Read_plain
(* Power reads *)
| Read_reserve
(* AArch64 reads *)
| Read_acquire | Read_exclusive | Read_exclusive_acquire | Read_stream
type write_kind =
(* common writes *)
Write_plain
(* Power writes *)
| Write_conditional
(* AArch64 writes *)
| Write_release | Write_exclusive | Write_exclusive_release
type barrier_kind =
(* Power barriers *)
Sync | LwSync | Eieio | Isync
(* AArch64 barriers *)
| DMB | DMB_ST | DMB_LD | DSB | DSB_ST | DSB_LD | ISB
(*Map between external functions as preceived from a Sail spec and the actual implementation of the function *)
type external_functions = list (string * (Interp.value -> Interp.value))
(*Maps between the memory functions as preceived from a Sail spec and the values needed for actions in the memory model*)
type barriers = list (string * barrier_kind)
type memory_parameter_transformer = interp_mode -> Interp.value -> (memory_value * nat * maybe (list reg_name))
type memory_read = MR of read_kind * memory_parameter_transformer
type memory_reads = list (string * memory_read)
type memory_write_ea = MEA of write_kind * memory_parameter_transformer
type memory_write_eas = list (string * memory_write_ea)
type memory_write = MW of write_kind * memory_parameter_transformer * (maybe (instruction_state -> bool -> instruction_state))
and memory_writes = list (string * memory_write)
and memory_write_val = MV of maybe (instruction_state -> bool -> instruction_state)
and memory_write_vals = list (string * memory_write_val)
(* Definition information needed to run an instruction *)
and context =
Context of Interp.top_level * direction *
memory_reads * memory_writes * memory_write_eas * memory_write_vals * barriers * external_functions
(* An instruction in flight *)
and instruction_state = IState of interpreter_state * context
type outcome =
(* Request to read memory, value is location to read followed by registers that location depended on when mode.track_values,
integer is size to read, followed by registers that were used in computing that size *)
| Read_mem of read_kind * address_lifted * nat * maybe (list reg_name) * (memory_value -> instruction_state)
(* Request to write memory, first value and dependent registers is location, second is the value to write *)
| Write_mem of write_kind * address_lifted * nat * maybe (list reg_name) * memory_value * maybe (list reg_name) * (bool -> instruction_state)
(* Tell the system a write is imminent, at address lifted tanted by register list, of size nat *)
| Write_ea of write_kind * address_lifted * nat * maybe (list reg_name) * instruction_state
(* Request to write memory at last signaled address. Memory value should be 8* the size given in ea signal *)
| Write_memv of memory_value * maybe (list reg_name) * (bool -> instruction_state)
(* Request a memory barrier *)
| Barrier of barrier_kind * instruction_state
(* Tell the system to dynamically recalculate dependency footprint *)
| Footprint of instruction_state
(* Request to read register, will track dependency when mode.track_values *)
| Read_reg of reg_name * (register_value -> instruction_state)
(* Request to write register *)
| Write_reg of reg_name * register_value * instruction_state
(* List of instruciton states to be run in parrallel, any order permitted *)
| Nondet_choice of list instruction_state * instruction_state
(* Escape the current instruction, for traps, some sys calls, interrupts, etc. Can optionally provide a handler
The non-optional instruction_state is what we would be doing if we're not escaping. This is for exhaustive interp*)
| Escape of maybe instruction_state * instruction_state
(* Stop for incremental stepping, function can be used to display function call data *)
| Internal of maybe string * maybe (unit -> string) * instruction_state
(* Analysis can lead to non_deterministic evaluation, represented with this outcome *)
(*Note: this should not be externally visible *)
| Analysis_non_det of list instruction_state * instruction_state
| Done
| Error of string
type event =
| E_read_mem of read_kind * address_lifted * nat * maybe (list reg_name)
| E_write_mem of write_kind * address_lifted * nat * maybe (list reg_name) * memory_value * maybe (list reg_name)
| E_write_ea of write_kind * address_lifted * nat * maybe (list reg_name)
| E_write_memv of memory_value * maybe (list reg_name)
| E_barrier of barrier_kind
| E_footprint
| E_read_reg of reg_name
| E_write_reg of reg_name * register_value
| E_escape
| E_error of string
(* more explicit type classes to work around the occurrences of big_int in reg_name ::no longer necessary?*)
let ~{ocaml} read_kindCompare rk1 rk2 =
match (rk1, rk2) with
| (Read_plain, Read_plain) -> EQ
| (Read_plain, Read_reserve) -> LT
| (Read_plain, Read_acquire) -> LT
| (Read_plain, Read_exclusive) -> LT
| (Read_plain, Read_exclusive_acquire) -> LT
| (Read_plain, Read_stream) -> LT
| (Read_reserve, Read_plain) -> GT
| (Read_reserve, Read_reserve) -> EQ
| (Read_reserve, Read_acquire) -> LT
| (Read_reserve, Read_exclusive) -> LT
| (Read_reserve, Read_exclusive_acquire) -> LT
| (Read_reserve, Read_stream) -> LT
| (Read_acquire, Read_plain) -> GT
| (Read_acquire, Read_reserve) -> GT
| (Read_acquire, Read_acquire) -> EQ
| (Read_acquire, Read_exclusive) -> LT
| (Read_acquire, Read_exclusive_acquire) -> LT
| (Read_acquire, Read_stream) -> LT
| (Read_exclusive, Read_plain) -> GT
| (Read_exclusive, Read_reserve) -> GT
| (Read_exclusive, Read_acquire) -> GT
| (Read_exclusive, Read_exclusive) -> EQ
| (Read_exclusive, Read_exclusive_acquire) -> LT
| (Read_exclusive, Read_stream) -> LT
| (Read_exclusive_acquire, Read_plain) -> GT
| (Read_exclusive_acquire, Read_reserve) -> GT
| (Read_exclusive_acquire, Read_acquire) -> GT
| (Read_exclusive_acquire, Read_exclusive) -> GT
| (Read_exclusive_acquire, Read_exclusive_acquire) -> EQ
| (Read_exclusive_acquire, Read_stream) -> GT
| (Read_stream, Read_plain) -> GT
| (Read_stream, Read_reserve) -> GT
| (Read_stream, Read_acquire) -> GT
| (Read_stream, Read_exclusive) -> GT
| (Read_stream, Read_exclusive_acquire) -> GT
| (Read_stream, Read_stream) -> EQ
end
let inline {ocaml} read_kindCompare = defaultCompare
let ~{ocaml} read_kindLess b1 b2 = read_kindCompare b1 b2 = LT
let ~{ocaml} read_kindLessEq b1 b2 = read_kindCompare b1 b2 <> GT
let ~{ocaml} read_kindGreater b1 b2 = read_kindCompare b1 b2 = GT
let ~{ocaml} read_kindGreaterEq b1 b2 = read_kindCompare b1 b2 <> LT
let inline {ocaml} read_kindLess = defaultLess
let inline {ocaml} read_kindLessEq = defaultLessEq
let inline {ocaml} read_kindGreater = defaultGreater
let inline {ocaml} read_kindGreaterEq = defaultGreaterEq
instance (Ord read_kind)
let compare = read_kindCompare
let (<) = read_kindLess
let (<=) = read_kindLessEq
let (>) = read_kindGreater
let (>=) = read_kindGreaterEq
end
let ~{ocaml} write_kindCompare wk1 wk2 =
match (wk1, wk2) with
| (Write_plain, Write_plain) -> EQ
| (Write_plain, Write_conditional) -> LT
| (Write_plain, Write_release) -> LT
| (Write_plain, Write_exclusive) -> LT
| (Write_plain, Write_exclusive_release) -> LT
| (Write_conditional, Write_plain) -> GT
| (Write_conditional, Write_conditional) -> EQ
| (Write_conditional, Write_release) -> LT
| (Write_conditional, Write_exclusive) -> LT
| (Write_conditional, Write_exclusive_release) -> LT
| (Write_release, Write_plain) -> GT
| (Write_release, Write_conditional) -> GT
| (Write_release, Write_release) -> EQ
| (Write_release, Write_exclusive) -> LT
| (Write_release, Write_exclusive_release) -> LT
| (Write_exclusive, Write_plain) -> GT
| (Write_exclusive, Write_conditional) -> GT
| (Write_exclusive, Write_release) -> GT
| (Write_exclusive, Write_exclusive) -> EQ
| (Write_exclusive, Write_exclusive_release) -> LT
| (Write_exclusive_release, Write_plain) -> GT
| (Write_exclusive_release, Write_conditional) -> GT
| (Write_exclusive_release, Write_release) -> GT
| (Write_exclusive_release, Write_exclusive) -> GT
| (Write_exclusive_release, Write_exclusive_release) -> EQ
end
let inline {ocaml} write_kindCompare = defaultCompare
let ~{ocaml} write_kindLess b1 b2 = write_kindCompare b1 b2 = LT
let ~{ocaml} write_kindLessEq b1 b2 = write_kindCompare b1 b2 <> GT
let ~{ocaml} write_kindGreater b1 b2 = write_kindCompare b1 b2 = GT
let ~{ocaml} write_kindGreaterEq b1 b2 = write_kindCompare b1 b2 <> LT
let inline {ocaml} write_kindLess = defaultLess
let inline {ocaml} write_kindLessEq = defaultLessEq
let inline {ocaml} write_kindGreater = defaultGreater
let inline {ocaml} write_kindGreaterEq = defaultGreaterEq
instance (Ord write_kind)
let compare = write_kindCompare
let (<) = write_kindLess
let (<=) = write_kindLessEq
let (>) = write_kindGreater
let (>=) = write_kindGreaterEq
end
let ~{ocaml} barrier_kindCompare bk1 bk2 =
match (bk1, bk2) with
| (Sync, Sync) -> EQ
| (Sync, LwSync) -> LT
| (Sync, Eieio) -> LT
| (Sync, Isync) -> LT
| (Sync, DMB) -> LT
| (Sync, DMB_ST) -> LT
| (Sync, DMB_LD) -> LT
| (Sync, DSB) -> LT
| (Sync, DSB_ST) -> LT
| (Sync, DSB_LD) -> LT
| (Sync, ISB) -> LT
| (LwSync, Sync) -> GT
| (LwSync, LwSync) -> EQ
| (LwSync, Eieio) -> LT
| (LwSync, Isync) -> LT
| (LwSync, DMB) -> LT
| (LwSync, DMB_ST) -> LT
| (LwSync, DMB_LD) -> LT
| (LwSync, DSB) -> LT
| (LwSync, DSB_ST) -> LT
| (LwSync, DSB_LD) -> LT
| (LwSync, ISB) -> LT
| (Eieio, Sync) -> GT
| (Eieio, LwSync) -> GT
| (Eieio, Eieio) -> EQ
| (Eieio, Isync) -> LT
| (Eieio, DMB) -> LT
| (Eieio, DMB_ST) -> LT
| (Eieio, DMB_LD) -> LT
| (Eieio, DSB) -> LT
| (Eieio, DSB_ST) -> LT
| (Eieio, DSB_LD) -> LT
| (Eieio, ISB) -> LT
| (Isync, Sync) -> GT
| (Isync, LwSync) -> GT
| (Isync, Eieio) -> GT
| (Isync, Isync) -> EQ
| (Isync, DMB) -> LT
| (Isync, DMB_ST) -> LT
| (Isync, DMB_LD) -> LT
| (Isync, DSB) -> LT
| (Isync, DSB_ST) -> LT
| (Isync, DSB_LD) -> LT
| (Isync, ISB) -> LT
| (DMB, Sync) -> GT
| (DMB, LwSync) -> GT
| (DMB, Eieio) -> GT
| (DMB, ISync) -> GT
| (DMB, DMB) -> EQ
| (DMB, DMB_ST) -> LT
| (DMB, DMB_LD) -> LT
| (DMB, DSB) -> LT
| (DMB, DSB_ST) -> LT
| (DMB, DSB_LD) -> LT
| (DMB, ISB) -> LT
| (DMB_ST, Sync) -> GT
| (DMB_ST, LwSync) -> GT
| (DMB_ST, Eieio) -> GT
| (DMB_ST, ISync) -> GT
| (DMB_ST, DMB) -> GT
| (DMB_ST, DMB_ST) -> EQ
| (DMB_ST, DMB_LD) -> LT
| (DMB_ST, DSB) -> LT
| (DMB_ST, DSB_ST) -> LT
| (DMB_ST, DSB_LD) -> LT
| (DMB_ST, ISB) -> LT
| (DMB_LD, Sync) -> GT
| (DMB_LD, LwSync) -> GT
| (DMB_LD, Eieio) -> GT
| (DMB_LD, ISync) -> GT
| (DMB_LD, DMB) -> GT
| (DMB_LD, DMB_ST) -> GT
| (DMB_LD, DMB_LD) -> EQ
| (DMB_LD, DSB) -> LT
| (DMB_LD, DSB_ST) -> LT
| (DMB_LD, DSB_LD) -> LT
| (DMB_LD, ISB) -> LT
| (DSB, Sync) -> GT
| (DSB, LwSync) -> GT
| (DSB, Eieio) -> GT
| (DSB, ISync) -> GT
| (DSB, DMB) -> GT
| (DSB, DMB_ST) -> GT
| (DSB, DMB_LD) -> GT
| (DSB, DSB) -> EQ
| (DSB, DSB_ST) -> LT
| (DSB, DSB_LD) -> LT
| (DSB, ISB) -> LT
| (DSB_ST, Sync) -> GT
| (DSB_ST, LwSync) -> GT
| (DSB_ST, Eieio) -> GT
| (DSB_ST, ISync) -> GT
| (DSB_ST, DMB) -> GT
| (DSB_ST, DMB_ST) -> GT
| (DSB_ST, DMB_LD) -> GT
| (DSB_ST, DSB) -> GT
| (DSB_ST, DSB_ST) -> EQ
| (DSB_ST, DSB_LD) -> LT
| (DSB_ST, ISB) -> LT
| (DSB_LD, Sync) -> GT
| (DSB_LD, LwSync) -> GT
| (DSB_LD, Eieio) -> GT
| (DSB_LD, ISync) -> GT
| (DSB_LD, DMB) -> GT
| (DSB_LD, DMB_ST) -> GT
| (DSB_LD, DMB_LD) -> GT
| (DSB_LD, DSB) -> GT
| (DSB_LD, DSB_ST) -> GT
| (DSB_LD, DSB_LD) -> EQ
| (DSB_LD, ISB) -> LT
| (ISB, Sync) -> GT
| (ISB, LwSync) -> GT
| (ISB, Eieio) -> GT
| (ISB, ISync) -> GT
| (ISB, DMB) -> GT
| (ISB, DMB_ST) -> GT
| (ISB, DMB_LD) -> GT
| (ISB, DSB) -> GT
| (ISB, DSB_ST) -> GT
| (ISB, DSB_LD) -> GT
| (ISB, ISB) -> EQ
end
let inline {ocaml} barrier_kindCompare = defaultCompare
let ~{ocaml} barrier_kindLess b1 b2 = barrier_kindCompare b1 b2 = LT
let ~{ocaml} barrier_kindLessEq b1 b2 = barrier_kindCompare b1 b2 <> GT
let ~{ocaml} barrier_kindGreater b1 b2 = barrier_kindCompare b1 b2 = GT
let ~{ocaml} barrier_kindGreaterEq b1 b2 = barrier_kindCompare b1 b2 <> LT
let inline {ocaml} barrier_kindLess = defaultLess
let inline {ocaml} barrier_kindLessEq = defaultLessEq
let inline {ocaml} barrier_kindGreater = defaultGreater
let inline {ocaml} barrier_kindGreaterEq = defaultGreaterEq
instance (Ord barrier_kind)
let compare = barrier_kindCompare
let (<) = barrier_kindLess
let (<=) = barrier_kindLessEq
let (>) = barrier_kindGreater
let (>=) = barrier_kindGreaterEq
end
let ~{ocaml} eventCompare e1 e2 =
match (e1,e2) with
| (E_read_mem rk1 v1 i1 tr1, E_read_mem rk2 v2 i2 tr2) ->
compare (rk1, (v1,i1,tr1)) (rk2,(v2, i2, tr2))
| (E_write_mem wk1 v1 i1 tr1 v1' tr1', E_write_mem wk2 v2 i2 tr2 v2' tr2') ->
compare ((wk1,v1,i1),(tr1,v1',tr1')) ((wk2,v2,i2),(tr2,v2',tr2'))
| (E_write_ea wk1 a1 i1 tr1, E_write_ea wk2 a2 i2 tr2) ->
compare (wk1, (a1, i1, tr1)) (wk2, (a2, i2, tr2))
| (E_write_memv mv1 tr1, E_write_memv mv2 tr2) -> compare (mv1,tr1) (mv2,tr2)
| (E_barrier bk1, E_barrier bk2) -> compare bk1 bk2
| (E_read_reg r1, E_read_reg r2) -> compare r1 r2
| (E_write_reg r1 v1, E_write_reg r2 v2) -> compare (r1,v1) (r2,v2)
| (E_error s1, E_error s2) -> compare s1 s2
| (E_escape,E_escape) -> EQ
| (E_read_mem _ _ _ _, _) -> LT
| (E_write_mem _ _ _ _ _ _, _) -> LT
| (E_write_ea _ _ _ _, _) -> LT
| (E_write_memv _ _, _) -> LT
| (E_barrier _, _) -> LT
| (E_read_reg _, _) -> LT
| (E_write_reg _ _, _) -> LT
| _ -> GT
end
let inline {ocaml} eventCompare = defaultCompare
let ~{ocaml} eventLess b1 b2 = eventCompare b1 b2 = LT
let ~{ocaml} eventLessEq b1 b2 = eventCompare b1 b2 <> GT
let ~{ocaml} eventGreater b1 b2 = eventCompare b1 b2 = GT
let ~{ocaml} eventGreaterEq b1 b2 = eventCompare b1 b2 <> LT
let inline {ocaml} eventLess = defaultLess
let inline {ocaml} eventLessEq = defaultLessEq
let inline {ocaml} eventGreater = defaultGreater
let inline {ocaml} eventGreaterEq = defaultGreaterEq
instance (Ord event)
let compare = eventCompare
let (<) = eventLess
let (<=) = eventLessEq
let (>) = eventGreater
let (>=) = eventGreaterEq
end
instance (SetType event)
let setElemCompare = compare
end
(* Functions to build up the initial state for interpretation *)
val build_context : specification -> memory_reads -> memory_writes -> memory_write_eas -> memory_write_vals -> barriers -> external_functions -> context
val initial_instruction_state : context -> string -> list register_value -> instruction_state
(* string is a function name, list of value are the parameters to that function *)
(*Type representint the constructor parameters in instruction, other is a type not representable externally*)
type instr_parm_typ =
| Bit (*A single bit, represented as a one element Bitvector as a value*)
| Bvector of maybe nat (* A bitvector type, with length when statically known *)
| Range of maybe nat (*Internally represented as a number, externally as a bitvector of length nat *)
| Enum of string * nat (*Internally represented as either a number or constructor, externally as a bitvector*)
| Other (*An unrepresentable type, will be represented as Unknown in instruciton form *)
let {coq} instr_parm_typEqual ip1 ip2 = match (ip1,ip2) with
| (Bit,Bit) -> true
| (Bvector i1,Bvector i2) -> i1 = i2
| (Range i1,Range i2) -> i1 = i2
| (Enum s1 i1,Enum s2 i2) -> s1 = s2 && i1 = i2
| (Other,Other) -> true
| _ -> false
end
let inline ~{coq} instr_parm_typEqual = unsafe_structural_equality
let {coq} instr_parm_typInequal ip1 ip2 = not (instr_parm_typEqual ip1 ip2)
let inline ~{coq} instr_parm_typInequal = unsafe_structural_inequality
instance (Eq instr_parm_typ)
let (=) = instr_parm_typEqual
let (<>) ip1 ip2 = not (instr_parm_typEqual ip1 ip2)
end
let instr_parm_typShow ip = match ip with
| Bit -> "Bit"
| Bvector i -> "Bvector " ^ show i
| Range i -> "Range " ^ show i
| Enum s i -> "Enum " ^ s ^ " " ^ show i
| Other -> "Other"
end
instance (Show instr_parm_typ)
let show = instr_parm_typShow
end
(*A representation of the AST node for each instruction in the spec, with concrete values from this call,
and the potential static effects from the funcl clause for this instruction
Follows the form of the instruction in instruction_extractor, but populates the parameters with actual values
*)
type instruction = (string * list (string * instr_parm_typ * instruction_field_value) * list base_effect)
let {coq} instructionEqual i1 i2 = match (i1,i2) with
| ((i1,parms1,effects1),(i2,parms2,effects2)) -> i1=i2 && parms1 = parms2 && effects1 = effects2
end
let inline ~{coq} instructionEqual = unsafe_structural_equality
let {coq} instructionInequal i1 i2 = not (instructionEqual i1 i2)
let inline ~{coq} instructionInequal = unsafe_structural_inequality
type v_kind = Bitv | Bytev
type decode_error =
| Unsupported_instruction_error of instruction
| Not_an_instruction_error of opcode
| Internal_error of string
type instruction_or_decode_error =
| IDE_instr of instruction
| IDE_decode_error of decode_error
(** propose to remove the following type and use the above instead *)
type i_state_or_error =
| Instr of instruction * instruction_state
| Decode_error of decode_error
(** PS:I agree. propose to remove this: Function to decode an instruction and build the state to run it*)
val decode_to_istate : context -> opcode -> i_state_or_error
(** propose to add this, and then use instruction_to_istate on the result: Function to decode an instruction and build the state to run it*)
(** PS made a placeholder in interp_inter_imp.lem, but it just uses decode_to_istate and throws away the istate; surely it's easy to just do what's necessary to get the instruction. This sort-of works, but it crashes on ioid 10 after 167 steps - maybe instruction_to_istate (which I wasn't using directly before) isn't quite right? *)
val decode_to_instruction : context -> opcode -> instruction_or_decode_error
(*Function to generate the state to run from an instruction form; is always an Instr*)
val instruction_to_istate : context -> instruction -> instruction_state (*i_state_or_error*)
(* Slice a register value into a smaller vector, starting at first number (wrt the indices of the register value, not raw positions in its list of bits) and going to second (inclusive) according to order. *)
val slice_reg_value : register_value -> nat -> nat -> register_value
(* Big step of the interpreter, to the next request for an external action *)
(* When interp_mode has eager_eval false, interpreter is (close to) small step *)
val interp : interp_mode -> instruction_state -> outcome
(* Run the interpreter without external interaction, feeding in Unknown on all reads except for those register values provided *)
val interp_exhaustive : maybe (list (reg_name * register_value)) -> instruction_state -> list event
(* As above, but will request register reads: outcome will only be rreg, done, or error *)
val rr_interp_exhaustive : interp_mode -> instruction_state -> list event -> (outcome * (list event))
(** operations and coercions on basic values *)
val word8_to_bitls : word8 -> list bit_lifted
val bitls_to_word8 : list bit_lifted -> word8
val integer_of_word8_list : list word8 -> integer
val word8_list_of_integer : integer -> integer -> list word8
val concretizable_bitl : bit_lifted -> bool
val concretizable_bytl : byte_lifted -> bool
val concretizable_bytls : list byte_lifted -> bool
let concretizable_bitl = function
| Bitl_zero -> true
| Bitl_one -> true
| Bitl_undef -> false
| Bitl_unknown -> false
end
let concretizable_bytl (Byte_lifted bs) = List.all concretizable_bitl bs
let concretizable_bytls = List.all concretizable_bytl
(* constructing values *)
val build_register_value : list bit_lifted -> direction -> nat -> nat -> register_value
let build_register_value bs dir width start_index =
<| rv_bits = bs;
rv_dir = dir; (* D_increasing for Power, D_decreasing for ARM *)
rv_start_internal = start_index;
rv_start = if dir = D_increasing
then start_index
else (start_index+1) - width; (* Smaller index, as in Power, for external interaction *)
|>
val register_value : bit_lifted -> direction -> nat -> nat -> register_value
let register_value b dir width start_index =
build_register_value (List.replicate width b) dir width start_index
val register_value_zeros : direction -> nat -> nat -> register_value
let register_value_zeros dir width start_index =
register_value Bitl_zero dir width start_index
val register_value_ones : direction -> nat -> nat -> register_value
let register_value_ones dir width start_index =
register_value Bitl_one dir width start_index
val byte_lifted_unknown : byte_lifted
let byte_lifted_unknown = Byte_lifted (List.replicate 8 Bitl_unknown)
val memory_value_unknown : nat (*the number of bytes*) -> memory_value
let memory_value_unknown (width:nat) : memory_value =
List.replicate width byte_lifted_unknown
(* lengths *)
val memory_value_length : memory_value -> nat
let memory_value_length (mv:memory_value) = List.length mv
(* aux fns *)
val maybe_all : forall 'a. list (maybe 'a) -> maybe (list 'a)
let rec maybe_all' xs acc =
match xs with
| [] -> Just (List.reverse acc)
| Nothing :: _ -> Nothing
| (Just y)::xs' -> maybe_all' xs' (y::acc)
end
let maybe_all xs = maybe_all' xs []
(** coercions *)
(* bits and bytes *)
let bit_to_bool = function (* TODO: rename bool_of_bit *)
| Bitc_zero -> false
| Bitc_one -> true
end
val bit_lifted_of_bit : bit -> bit_lifted
let bit_lifted_of_bit b =
match b with
| Bitc_zero -> Bitl_zero
| Bitc_one -> Bitl_one
end
val bit_of_bit_lifted : bit_lifted -> maybe bit
let bit_of_bit_lifted bl =
match bl with
| Bitl_zero -> Just Bitc_zero
| Bitl_one -> Just Bitc_one
| Bitl_undef -> Nothing
| Bitl_unknown -> Nothing
end
val byte_lifted_of_byte : byte -> byte_lifted
let byte_lifted_of_byte (Byte bs) : byte_lifted = Byte_lifted (List.map bit_lifted_of_bit bs)
val byte_of_byte_lifted : byte_lifted -> maybe byte
let byte_of_byte_lifted bl =
match bl with
| Byte_lifted bls ->
match maybe_all (List.map bit_of_bit_lifted bls) with
| Nothing -> Nothing
| Just bs -> Just (Byte bs)
end
end
val bytes_of_bits : list bit -> list byte (*assumes (length bits) mod 8 = 0*)
let rec bytes_of_bits bits = match bits with
| [] -> []
| b0::b1::b2::b3::b4::b5::b6::b7::bits ->
(Byte [b0;b1;b2;b3;b4;b5;b6;b7])::(bytes_of_bits bits)
end
val byte_lifteds_of_bit_lifteds : list bit_lifted -> list byte_lifted (*assumes (length bits) mod 8 = 0*)
let rec byte_lifteds_of_bit_lifteds bits = match bits with
| [] -> []
| b0::b1::b2::b3::b4::b5::b6::b7::bits ->
(Byte_lifted [b0;b1;b2;b3;b4;b5;b6;b7])::(byte_lifteds_of_bit_lifteds bits)
end
val byte_of_memory_byte : memory_byte -> maybe byte
let byte_of_memory_byte = byte_of_byte_lifted
val memory_byte_of_byte : byte -> memory_byte
let memory_byte_of_byte = byte_lifted_of_byte
(* to and from nat *)
(* this natFromBoolList could move to the Lem word.lem library *)
val natFromBoolList : list bool -> nat
let rec natFromBoolListAux (acc : nat) (bl : list bool) =
match bl with
| [] -> acc
| (true :: bl') -> natFromBoolListAux ((acc * 2) + 1) bl'
| (false :: bl') -> natFromBoolListAux (acc * 2) bl'
end
let natFromBoolList bl =
natFromBoolListAux 0 (List.reverse bl)
val nat_of_bit_list : list bit -> nat
let nat_of_bit_list b =
natFromBoolList (List.reverse (List.map bit_to_bool b))
(* natFromBoolList takes a list with LSB first, for consistency with rest of Lem word library, so we reverse it. twice. *)
(* to and from integer *)
val integer_of_bit_list : list bit -> integer
let integer_of_bit_list b =
integerFromBoolList (false,(List.reverse (List.map bit_to_bool b)))
(* integerFromBoolList takes a list with LSB first, so we reverse it *)
val bit_list_of_integer : nat -> integer -> list bit
let bit_list_of_integer len b =
List.map (fun b -> if b then Bitc_one else Bitc_zero)
(reverse (boolListFrombitSeq len (bitSeqFromInteger Nothing b)))
val integer_of_byte_list : list byte -> integer
let integer_of_byte_list bytes = integer_of_bit_list (List.concatMap (fun (Byte bs) -> bs) bytes)
val byte_list_of_integer : nat -> integer -> list byte
let byte_list_of_integer (len:nat) (a:integer):list byte =
let bits = bit_list_of_integer (len * 8) a in bytes_of_bits bits
val integer_of_address : address -> integer
let integer_of_address (a:address):integer =
match a with
| Address bs i -> i
end
val address_of_integer : integer -> address
let address_of_integer (i:integer):address =
Address (byte_list_of_integer 8 i) i
(* to and from signed-integer *)
val signed_integer_of_bit_list : list bit -> integer
let signed_integer_of_bit_list b =
match b with
| [] -> failwith "empty bit list"
| Bitc_zero :: b' ->
integerFromBoolList (false,(List.reverse (List.map bit_to_bool b)))
| Bitc_one :: b' ->
let b'_val = integerFromBoolList (false,(List.reverse (List.map bit_to_bool b'))) in
(* integerFromBoolList takes a list with LSB first, so we reverse it *)
let msb_val = integerPow 2 ((List.length b) - 1) in
b'_val - msb_val
end
(* regarding a list of int as a list of bytes in memory, MSB lowest-address first, convert to an integer *)
val integer_address_of_int_list : list int -> integer
let rec integerFromIntListAux (acc: integer) (is: list int) =
match is with
| [] -> acc
| (i :: is') -> integerFromIntListAux ((acc * 256) + integerFromInt i) is'
end
let integer_address_of_int_list (is: list int) =
integerFromIntListAux 0 is
val address_of_byte_list : list byte -> address
let address_of_byte_list bs =
if List.length bs <> 8 then failwith "address_of_byte_list given list not of length 8" else
Address bs (integer_of_byte_list bs)
(* operations on addresses *)
val add_address_nat : address -> nat -> address
let add_address_nat (a:address) (i:nat) : address =
address_of_integer ((integer_of_address a) + (integerFromNat i))
val clear_low_order_bits_of_address : address -> address
let clear_low_order_bits_of_address a =
match a with
| Address [b0;b1;b2;b3;b4;b5;b6;b7] i ->
match b7 with
| Byte [bt0;bt1;bt2;bt3;bt4;bt5;bt6;bt7] ->
let b7' = Byte [bt0;bt1;bt2;bt3;bt4;bt5;Bitc_zero;Bitc_zero] in
let bytes = [b0;b1;b2;b3;b4;b5;b6;b7'] in
Address bytes (integer_of_byte_list bytes)
end
end
val byte_list_of_memory_value : end_flag -> memory_value -> maybe (list byte)
let byte_list_of_memory_value endian mv =
let mv = if endian = E_big_endian then mv else List.reverse mv in
maybe_all (List.map byte_of_memory_byte mv)
val integer_of_memory_value : end_flag -> memory_value -> maybe integer
let integer_of_memory_value endian (mv:memory_value):maybe integer =
match byte_list_of_memory_value endian mv with
| Just bs -> Just (integer_of_byte_list bs)
| Nothing -> Nothing
end
val memory_value_of_integer : end_flag -> nat -> integer -> memory_value
let memory_value_of_integer endian (len:nat) (i:integer):memory_value =
let mv = List.map (byte_lifted_of_byte) (byte_list_of_integer len i) in
if endian = E_big_endian then mv else List.reverse mv
val integer_of_register_value : register_value -> maybe integer
let integer_of_register_value (rv:register_value):maybe integer =
match maybe_all (List.map bit_of_bit_lifted rv.rv_bits) with
| Nothing -> Nothing
| Just bs -> Just (integer_of_bit_list bs)
end
val register_value_of_integer : nat -> nat -> direction -> integer -> register_value
let register_value_of_integer (len:nat) (start:nat) (dir:direction) (i:integer):register_value =
let bs = bit_list_of_integer len i in
build_register_value (List.map bit_lifted_of_bit bs) dir len start
(* *)
val opcode_of_bytes : byte -> byte -> byte -> byte -> opcode
let opcode_of_bytes b0 b1 b2 b3 : opcode = Opcode [b0;b1;b2;b3]
val register_value_of_address : address -> direction -> register_value
let register_value_of_address (Address bytes _) dir : register_value =
let bits = List.concatMap (fun (Byte bs) -> List.map bit_lifted_of_bit bs) bytes in
<| rv_bits = bits;
rv_dir = dir;
rv_start = 0;
rv_start_internal = if dir = D_increasing then 0 else (List.length bits) - 1
|>
val address_lifted_of_register_value : register_value -> maybe address_lifted
(* returning Nothing iff the register value is not 64 bits wide, but
allowing Bitl_undef and Bitl_unknown *)
let address_lifted_of_register_value (rv:register_value) : maybe address_lifted =
if List.length rv.rv_bits <> 64 then Nothing
else
Just (Address_lifted (byte_lifteds_of_bit_lifteds rv.rv_bits)
(if List.all concretizable_bitl rv.rv_bits
then let (Just(bits)) = (maybe_all (List.map bit_of_bit_lifted rv.rv_bits)) in
Just (integer_of_bit_list bits)
else Nothing))
val address_of_address_lifted : address_lifted -> maybe address
(* returning Nothing iff the address contains any Bitl_undef or Bitl_unknown *)
let address_of_address_lifted (al:address_lifted): maybe address =
match al with
| Address_lifted bls (Just i)->
match maybe_all ((List.map byte_of_byte_lifted) bls) with
| Nothing -> Nothing
| Just bs -> Just (Address bs i)
end
| _ -> Nothing
end
val address_of_register_value : register_value -> maybe address
(* returning Nothing iff the register value is not 64 bits wide, or contains Bitl_undef or Bitl_unknown *)
let address_of_register_value (rv:register_value) : maybe address =
match address_lifted_of_register_value rv with
| Nothing -> Nothing
| Just al ->
match address_of_address_lifted al with
| Nothing -> Nothing
| Just a -> Just a
end
end
let address_of_memory_value (endian: end_flag) (mv:memory_value) : maybe address =
match byte_list_of_memory_value endian mv with
| Nothing -> Nothing
| Just bs ->
if List.length bs <> 8 then Nothing else
Just (address_of_byte_list bs)
end
val byte_of_int : int -> byte
let byte_of_int (i:int) : byte =
Byte (bit_list_of_integer 8 (integerFromInt i))
val memory_byte_of_int : int -> memory_byte
let memory_byte_of_int (i:int) : memory_byte =
memory_byte_of_byte (byte_of_int i)
(*
val int_of_memory_byte : int -> maybe memory_byte
let int_of_memory_byte (mb:memory_byte) : int =
failwith "TODO"
*)
val memory_value_of_address_lifted : end_flag -> address_lifted -> memory_value
let memory_value_of_address_lifted endian (al:address_lifted) =
match al with
| Address_lifted bs _ -> if endian = E_big_endian then bs else List.reverse bs
end
val byte_list_of_address : address -> list byte
let byte_list_of_address (a:address) : list byte =
match a with
| Address bs _ -> bs
end
val byte_list_of_opcode : opcode -> list byte
let byte_list_of_opcode (opc:opcode) : list byte =
match opc with
| Opcode bs -> bs
end
(** ****************************************** *)
(** show type class instantiations *)
(** ****************************************** *)
let stringFromAddress (Address bs i) =
let i' = integer_of_byte_list bs in
if i=i' then
show i (*TODO: should be made to match the src/pp.ml pp_address*)
else
"stringFromAddress bytes and integer mismatch"
instance (Show address)
let show = stringFromAddress
end
let stringFromByte_lifted bl =
match byte_of_byte_lifted bl with
| Nothing -> "u?"
| Just (Byte bits) ->
let i = integer_of_bit_list bits in
show i
end
instance (Show byte_lifted)
let show = stringFromByte_lifted
end
|
