vericert.hls.HTLgen
#[local] Hint Resolve AssocMap.gempty : htlh.
#[local] Hint Resolve AssocMap.gso : htlh.
#[local] Hint Resolve AssocMap.gss : htlh.
#[local] Hint Resolve Ple_refl : htlh.
#[local] Hint Resolve Ple_succ : htlh.
Record state: Type := mkstate {
st_st : reg;
st_freshreg: reg;
st_freshstate: node;
st_scldecls: AssocMap.t (option io * scl_decl);
st_arrdecls: AssocMap.t (option io * arr_decl);
st_datapath: datapath;
st_controllogic: controllogic;
}.
Definition init_state (st : reg) : state :=
mkstate st
1%positive
1%positive
(AssocMap.empty (option io * scl_decl))
(AssocMap.empty (option io * arr_decl))
(AssocMap.empty stmnt)
(AssocMap.empty stmnt).
Module HTLState <: State.
Definition st := state.
Inductive st_incr: state -> state -> Prop :=
state_incr_intro:
forall (s1 s2: state),
st_st s1 = st_st s2 ->
Ple s1.(st_freshreg) s2.(st_freshreg) ->
Ple s1.(st_freshstate) s2.(st_freshstate) ->
(forall n,
s1.(st_datapath)!n = None \/ s2.(st_datapath)!n = s1.(st_datapath)!n) ->
(forall n,
s1.(st_controllogic)!n = None
\/ s2.(st_controllogic)!n = s1.(st_controllogic)!n) ->
st_incr s1 s2.
#[export] Hint Constructors st_incr : htlh.
Definition st_prop := st_incr.
#[export] Hint Unfold st_prop : htlh.
Lemma st_refl : forall s, st_prop s s.
Lemma st_trans :
forall s1 s2 s3, st_prop s1 s2 -> st_prop s2 s3 -> st_prop s1 s3.
End HTLState.
Module HTLMonad := Statemonad(HTLState).
Module HTLMonadExtra := Monad.MonadExtra(HTLMonad).
Definition state_goto (st : reg) (n : node) : stmnt :=
Vnonblock (Vvar st) (Vlit (posToValue n)).
Definition state_cond (st : reg) (c : expr) (n1 n2 : node) : stmnt :=
Vnonblock (Vvar st) (Vternary c (posToExpr n1) (posToExpr n2)).
Definition check_empty_node_datapath:
forall (s: state) (n: node), { s.(st_datapath)!n = None } + { True }.
Definition check_empty_node_controllogic:
forall (s: state) (n: node), { s.(st_controllogic)!n = None } + { True }.
Lemma add_instr_state_incr :
forall s n n' st,
(st_datapath s)!n = None ->
(st_controllogic s)!n = None ->
st_incr s
(mkstate
s.(st_st)
s.(st_freshreg)
(st_freshstate s)
s.(st_scldecls)
s.(st_arrdecls)
(AssocMap.set n st s.(st_datapath))
(AssocMap.set n (state_goto s.(st_st) n') s.(st_controllogic))).
Lemma declare_reg_state_incr :
forall i s r sz,
st_incr s
(mkstate
s.(st_st)
s.(st_freshreg)
s.(st_freshstate)
(AssocMap.set r (i, VScalar sz) s.(st_scldecls))
s.(st_arrdecls)
s.(st_datapath)
s.(st_controllogic)).
Definition declare_reg (i : option io) (r : reg) (sz : nat) : mon unit :=
fun s => OK tt (mkstate
s.(st_st)
s.(st_freshreg)
s.(st_freshstate)
(AssocMap.set r (i, VScalar sz) s.(st_scldecls))
s.(st_arrdecls)
s.(st_datapath)
s.(st_controllogic))
(declare_reg_state_incr i s r sz).
Definition add_instr (n : node) (n' : node) (st : stmnt) : mon unit :=
fun s =>
match check_empty_node_datapath s n, check_empty_node_controllogic s n with
| left STM, left TRANS =>
OK tt (mkstate
s.(st_st)
s.(st_freshreg)
(st_freshstate s)
s.(st_scldecls)
s.(st_arrdecls)
(AssocMap.set n st s.(st_datapath))
(AssocMap.set n (state_goto s.(st_st) n') s.(st_controllogic)))
(add_instr_state_incr s n n' st STM TRANS)
| _, _ => Error (Errors.msg "HTL.add_instr")
end.
Lemma add_instr_skip_state_incr :
forall s n st,
(st_datapath s)!n = None ->
(st_controllogic s)!n = None ->
st_incr s
(mkstate
s.(st_st)
s.(st_freshreg)
(st_freshstate s)
s.(st_scldecls)
s.(st_arrdecls)
(AssocMap.set n st s.(st_datapath))
(AssocMap.set n Vskip s.(st_controllogic))).
Definition add_instr_skip (n : node) (st : stmnt) : mon unit :=
fun s =>
match check_empty_node_datapath s n, check_empty_node_controllogic s n with
| left STM, left TRANS =>
OK tt (mkstate
s.(st_st)
s.(st_freshreg)
(st_freshstate s)
s.(st_scldecls)
s.(st_arrdecls)
(AssocMap.set n st s.(st_datapath))
(AssocMap.set n Vskip s.(st_controllogic)))
(add_instr_skip_state_incr s n st STM TRANS)
| _, _ => Error (Errors.msg "HTL.add_instr")
end.
Lemma add_node_skip_state_incr :
forall s n st,
(st_datapath s)!n = None ->
(st_controllogic s)!n = None ->
st_incr s
(mkstate
s.(st_st)
s.(st_freshreg)
(st_freshstate s)
s.(st_scldecls)
s.(st_arrdecls)
(AssocMap.set n Vskip s.(st_datapath))
(AssocMap.set n st s.(st_controllogic))).
Definition add_node_skip (n : node) (st : stmnt) : mon unit :=
fun s =>
match check_empty_node_datapath s n, check_empty_node_controllogic s n with
| left STM, left TRANS =>
OK tt (mkstate
s.(st_st)
s.(st_freshreg)
(st_freshstate s)
s.(st_scldecls)
s.(st_arrdecls)
(AssocMap.set n Vskip s.(st_datapath))
(AssocMap.set n st s.(st_controllogic)))
(add_node_skip_state_incr s n st STM TRANS)
| _, _ => Error (Errors.msg "HTL.add_instr")
end.
Definition nonblock (dst : reg) (e : expr) := Vnonblock (Vvar dst) e.
Definition block (dst : reg) (e : expr) := Vblock (Vvar dst) e.
Definition bop (op : binop) (r1 r2 : reg) : expr :=
Vbinop op (Vvar r1) (Vvar r2).
Definition boplit (op : binop) (r : reg) (l : Integers.int) : expr :=
Vbinop op (Vvar r) (Vlit (intToValue l)).
Definition boplitz (op: binop) (r: reg) (l: Z) : expr :=
Vbinop op (Vvar r) (Vlit (ZToValue l)).
Definition translate_comparison (c : Integers.comparison) (args : list reg) : mon expr :=
match c, args with
| Integers.Ceq, r1::r2::nil => ret (bop Veq r1 r2)
| Integers.Cne, r1::r2::nil => ret (bop Vne r1 r2)
| Integers.Clt, r1::r2::nil => ret (bop Vlt r1 r2)
| Integers.Cgt, r1::r2::nil => ret (bop Vgt r1 r2)
| Integers.Cle, r1::r2::nil => ret (bop Vle r1 r2)
| Integers.Cge, r1::r2::nil => ret (bop Vge r1 r2)
| _, _ => error (Errors.msg "Htlgen: comparison instruction not implemented: other")
end.
Definition translate_comparison_imm (c : Integers.comparison) (args : list reg) (i: Integers.int)
: mon expr :=
match c, args with
| Integers.Ceq, r1::nil => ret (boplit Veq r1 i)
| Integers.Cne, r1::nil => ret (boplit Vne r1 i)
| Integers.Clt, r1::nil => ret (boplit Vlt r1 i)
| Integers.Cgt, r1::nil => ret (boplit Vgt r1 i)
| Integers.Cle, r1::nil => ret (boplit Vle r1 i)
| Integers.Cge, r1::nil => ret (boplit Vge r1 i)
| _, _ => error (Errors.msg "Htlgen: comparison_imm instruction not implemented: other")
end.
Definition translate_comparisonu (c : Integers.comparison) (args : list reg) : mon expr :=
match c, args with
| Integers.Clt, r1::r2::nil => ret (bop Vltu r1 r2)
| Integers.Cgt, r1::r2::nil => ret (bop Vgtu r1 r2)
| Integers.Cle, r1::r2::nil => ret (bop Vleu r1 r2)
| Integers.Cge, r1::r2::nil => ret (bop Vgeu r1 r2)
| _, _ => error (Errors.msg "Htlgen: comparison instruction not implemented: other")
end.
Definition translate_comparison_immu (c : Integers.comparison) (args : list reg) (i: Integers.int)
: mon expr :=
match c, args with
| Integers.Clt, r1::nil => ret (boplit Vltu r1 i)
| Integers.Cgt, r1::nil => ret (boplit Vgtu r1 i)
| Integers.Cle, r1::nil => ret (boplit Vleu r1 i)
| Integers.Cge, r1::nil => ret (boplit Vgeu r1 i)
| _, _ => error (Errors.msg "Htlgen: comparison_imm instruction not implemented: other")
end.
Definition translate_condition (c : Op.condition) (args : list reg) : mon expr :=
match c, args with
| Op.Ccomp c, _ => translate_comparison c args
| Op.Ccompu c, _ => translate_comparisonu c args
| Op.Ccompimm c i, _ => translate_comparison_imm c args i
| Op.Ccompuimm c i, _ => translate_comparison_immu c args i
| Op.Cmaskzero n, _ => error (Errors.msg "Htlgen: condition instruction not implemented: Cmaskzero")
| Op.Cmasknotzero n, _ => error (Errors.msg "Htlgen: condition instruction not implemented: Cmasknotzero")
| _, _ => error (Errors.msg "Htlgen: condition instruction not implemented: other")
end.
Definition check_address_parameter_signed (p : Z) : bool :=
Z.leb Integers.Ptrofs.min_signed p
&& Z.leb p Integers.Ptrofs.max_signed.
Definition check_address_parameter_unsigned (p : Z) : bool :=
Z.leb p Integers.Ptrofs.max_unsigned.
Definition translate_eff_addressing (a: Op.addressing) (args: list reg) : mon expr :=
match a, args with
| Op.Aindexed off, r1::nil =>
if (check_address_parameter_signed off)
then ret (boplitz Vadd r1 off)
else error (Errors.msg "Veriloggen: translate_eff_addressing (Aindexed): address out of bounds")
| Op.Ascaled scale offset, r1::nil =>
if (check_address_parameter_signed scale) && (check_address_parameter_signed offset)
then ret (Vbinop Vadd (boplitz Vmul r1 scale) (Vlit (ZToValue offset)))
else error (Errors.msg "Veriloggen: translate_eff_addressing (Ascaled): address out of bounds")
| Op.Aindexed2 offset, r1::r2::nil =>
if (check_address_parameter_signed offset)
then ret (Vbinop Vadd (bop Vadd r1 r2) (Vlit (ZToValue offset)))
else error (Errors.msg "Veriloggen: translate_eff_addressing (Aindexed2): address out of bounds")
| Op.Aindexed2scaled scale offset, r1::r2::nil =>
if (check_address_parameter_signed scale) && (check_address_parameter_signed offset)
then ret (Vbinop Vadd (Vvar r1) (Vbinop Vadd (boplitz Vmul r2 scale) (Vlit (ZToValue offset))))
else error (Errors.msg "Veriloggen: translate_eff_addressing (Aindexed2scaled): address out of bounds")
| Op.Ainstack a, nil =>
let a := Integers.Ptrofs.unsigned a in
if (check_address_parameter_unsigned a)
then ret (Vlit (ZToValue a))
else error (Errors.msg "Veriloggen: translate_eff_addressing (Ainstack): address out of bounds")
| _, _ => error (Errors.msg "Veriloggen: translate_eff_addressing unsuported addressing")
end.
Translate an instruction to a statement. FIX mulhs mulhu
Definition translate_instr (op : Op.operation) (args : list reg) : mon expr :=
match op, args with
| Op.Omove, r::nil => ret (Vvar r)
| Op.Ointconst n, _ => ret (Vlit (intToValue n))
| Op.Oneg, r::nil => ret (Vunop Vneg (Vvar r))
| Op.Osub, r1::r2::nil => ret (bop Vsub r1 r2)
| Op.Omul, r1::r2::nil => ret (bop Vmul r1 r2)
| Op.Omulimm n, r::nil => ret (boplit Vmul r n)
| Op.Omulhs, r1::r2::nil => error (Errors.msg "Htlgen: Instruction not implemented: mulhs")
| Op.Omulhu, r1::r2::nil => error (Errors.msg "Htlgen: Instruction not implemented: mulhu")
| Op.Odiv, r1::r2::nil => ret (bop Vdiv r1 r2)
| Op.Odivu, r1::r2::nil => ret (bop Vdivu r1 r2)
| Op.Omod, r1::r2::nil => ret (bop Vmod r1 r2)
| Op.Omodu, r1::r2::nil => ret (bop Vmodu r1 r2)
| Op.Oand, r1::r2::nil => ret (bop Vand r1 r2)
| Op.Oandimm n, r::nil => ret (boplit Vand r n)
| Op.Oor, r1::r2::nil => ret (bop Vor r1 r2)
| Op.Oorimm n, r::nil => ret (boplit Vor r n)
| Op.Oxor, r1::r2::nil => ret (bop Vxor r1 r2)
| Op.Oxorimm n, r::nil => ret (boplit Vxor r n)
| Op.Onot, r::nil => ret (Vunop Vnot (Vvar r))
| Op.Oshl, r1::r2::nil => ret (bop Vshl r1 r2)
| Op.Oshlimm n, r::nil => ret (boplit Vshl r n)
| Op.Oshr, r1::r2::nil => ret (bop Vshr r1 r2)
| Op.Oshrimm n, r::nil => ret (boplit Vshr r n)
| Op.Oshrximm n, r::nil =>
ret (Vternary (Vbinop Vlt (Vvar r) (Vlit (ZToValue 0)))
(Vunop Vneg (Vbinop Vshru (Vunop Vneg (Vvar r)) (Vlit n)))
(Vbinop Vshru (Vvar r) (Vlit n)))
| Op.Oshru, r1::r2::nil => ret (bop Vshru r1 r2)
| Op.Oshruimm n, r::nil => ret (boplit Vshru r n)
| Op.Ororimm n, r::nil => error (Errors.msg "Htlgen: Instruction not implemented: Ororimm")
| Op.Oshldimm n, r::nil => ret (Vbinop Vor (boplit Vshl r n) (boplit Vshr r (Integers.Int.sub (Integers.Int.repr 32) n)))
| Op.Ocmp c, _ => translate_condition c args
| Op.Osel c AST.Tint, r1::r2::rl =>
do tc <- translate_condition c rl;
ret (Vternary tc (Vvar r1) (Vvar r2))
| Op.Olea a, _ => translate_eff_addressing a args
| _, _ => error (Errors.msg "Htlgen: Instruction not implemented: other")
end.
Lemma add_branch_instr_state_incr:
forall s e n n1 n2,
(st_datapath s) ! n = None ->
(st_controllogic s) ! n = None ->
st_incr s (mkstate
s.(st_st)
(st_freshreg s)
(st_freshstate s)
s.(st_scldecls)
s.(st_arrdecls)
(AssocMap.set n Vskip (st_datapath s))
(AssocMap.set n (state_cond s.(st_st) e n1 n2) (st_controllogic s))).
Definition add_branch_instr (e: expr) (n n1 n2: node) : mon unit :=
fun s =>
match check_empty_node_datapath s n, check_empty_node_controllogic s n with
| left NSTM, left NTRANS =>
OK tt (mkstate
s.(st_st)
(st_freshreg s)
(st_freshstate s)
s.(st_scldecls)
s.(st_arrdecls)
(AssocMap.set n Vskip (st_datapath s))
(AssocMap.set n (state_cond s.(st_st) e n1 n2) (st_controllogic s)))
(add_branch_instr_state_incr s e n n1 n2 NSTM NTRANS)
| _, _ => Error (Errors.msg "Htlgen: add_branch_instr")
end.
Definition translate_arr_access (mem : AST.memory_chunk) (addr : Op.addressing)
(args : list reg) (stack : reg) : mon expr :=
match mem, addr, args with
| Mint32, Op.Aindexed off, r1::nil =>
if (check_address_parameter_signed off)
then ret (Vvari stack (Vbinop Vdivu (boplitz Vadd r1 off) (Vlit (ZToValue 4))))
else error (Errors.msg "HTLgen: translate_arr_access address out of bounds")
| Mint32, Op.Aindexed2scaled scale offset, r1::r2::nil =>
if (check_address_parameter_signed scale) && (check_address_parameter_signed offset)
then ret (Vvari stack
(Vbinop Vdivu
(Vbinop Vadd (boplitz Vadd r1 offset) (boplitz Vmul r2 scale))
(Vlit (ZToValue 4))))
else error (Errors.msg "HTLgen: translate_arr_access address out of bounds")
| Mint32, Op.Ainstack a, nil =>
let a := Integers.Ptrofs.unsigned a in
if (check_address_parameter_unsigned a)
then ret (Vvari stack (Vlit (ZToValue (a / 4))))
else error (Errors.msg "HTLgen: eff_addressing out of bounds stack offset")
| _, _, _ => error (Errors.msg "HTLgen: translate_arr_access unsuported addressing")
end.
Fixpoint enumerate (i : nat) (ns : list node) {struct ns} : list (nat * node) :=
match ns with
| n :: ns' => (i, n) :: enumerate (i+1) ns'
| nil => nil
end.
Definition tbl_to_case_expr (st : reg) (ns : list node) : list (expr * stmnt) :=
List.map (fun a => match a with
(i, n) => (Vlit (natToValue i), Vnonblock (Vvar st) (Vlit (posToValue n)))
end)
(enumerate 0 ns).
Definition transf_instr (fin rtrn stack: reg) (ni: node * instruction) : mon unit :=
match ni with
(n, i) =>
match i with
| Inop n' =>
if Z.leb (Z.pos n') Integers.Int.max_unsigned then
add_instr n n' Vskip
else error (Errors.msg "State is larger than 2^32.")
| Iop op args dst n' =>
if Z.leb (Z.pos n') Integers.Int.max_unsigned then
do instr <- translate_instr op args;
do _ <- declare_reg None dst 32;
add_instr n n' (nonblock dst instr)
else error (Errors.msg "State is larger than 2^32.")
| Iload mem addr args dst n' =>
if Z.leb (Z.pos n') Integers.Int.max_unsigned then
do src <- translate_arr_access mem addr args stack;
do _ <- declare_reg None dst 32;
add_instr n n' (nonblock dst src)
else error (Errors.msg "State is larger than 2^32.")
| Istore mem addr args src n' =>
if Z.leb (Z.pos n') Integers.Int.max_unsigned then
do dst <- translate_arr_access mem addr args stack;
add_instr n n' (Vnonblock dst (Vvar src))
else error (Errors.msg "State is larger than 2^32.")
| Icall _ _ _ _ _ => error (Errors.msg "Calls are not implemented.")
| Itailcall _ _ _ => error (Errors.msg "Tailcalls are not implemented.")
| Ibuiltin _ _ _ _ => error (Errors.msg "Builtin functions not implemented.")
| Icond cond args n1 n2 =>
if Z.leb (Z.pos n1) Integers.Int.max_unsigned && Z.leb (Z.pos n2) Integers.Int.max_unsigned then
do e <- translate_condition cond args;
add_branch_instr e n n1 n2
else error (Errors.msg "State is larger than 2^32.")
| Ijumptable r tbl =>
error (Errors.msg "Ijumptable: Case statement not supported.")
| Ireturn r =>
match r with
| Some r' =>
add_instr_skip n (Vseq (block fin (Vlit (ZToValue 1%Z))) (block rtrn (Vvar r')))
| None =>
add_instr_skip n (Vseq (block fin (Vlit (ZToValue 1%Z))) (block rtrn (Vlit (ZToValue 0%Z))))
end
end
end.
Lemma create_reg_state_incr:
forall s sz i,
st_incr s (mkstate
s.(st_st)
(Pos.succ (st_freshreg s))
(st_freshstate s)
(AssocMap.set s.(st_freshreg) (i, VScalar sz) s.(st_scldecls))
s.(st_arrdecls)
(st_datapath s)
(st_controllogic s)).
Definition create_reg (i : option io) (sz : nat) : mon reg :=
fun s => let r := s.(st_freshreg) in
OK r (mkstate
s.(st_st)
(Pos.succ r)
(st_freshstate s)
(AssocMap.set s.(st_freshreg) (i, VScalar sz) s.(st_scldecls))
(st_arrdecls s)
(st_datapath s)
(st_controllogic s))
(create_reg_state_incr s sz i).
Lemma create_arr_state_incr:
forall s sz ln i,
st_incr s (mkstate
s.(st_st)
(Pos.succ (st_freshreg s))
(st_freshstate s)
s.(st_scldecls)
(AssocMap.set s.(st_freshreg) (i, VArray sz ln) s.(st_arrdecls))
(st_datapath s)
(st_controllogic s)).
Definition create_arr (i : option io) (sz : nat) (ln : nat) : mon (reg * nat) :=
fun s => let r := s.(st_freshreg) in
OK (r, ln) (mkstate
s.(st_st)
(Pos.succ r)
(st_freshstate s)
s.(st_scldecls)
(AssocMap.set s.(st_freshreg) (i, VArray sz ln) s.(st_arrdecls))
(st_datapath s)
(st_controllogic s))
(create_arr_state_incr s sz ln i).
Definition stack_correct (sz : Z) : bool :=
(0 <=? sz) && (sz <? Integers.Ptrofs.modulus) && (Z.modulo sz 4 =? 0).
Definition max_pc_map (m : Maps.PTree.t stmnt) :=
PTree.fold (fun m pc i => Pos.max m pc) m 1%positive.
Lemma max_pc_map_sound:
forall m pc i, m!pc = Some i -> Ple pc (max_pc_map m).
Lemma max_pc_wf :
forall m, Z.pos (max_pc_map m) <= Integers.Int.max_unsigned ->
map_well_formed m.
Definition transf_module (f: function) : mon HTL.module.
Defined.
Definition max_state (f: function) : state :=
let st := Pos.succ (max_reg_function f) in
mkstate st
(Pos.succ st)
(Pos.succ (RTL.max_pc_function f))
(AssocMap.set st (None, VScalar 32) (st_scldecls (init_state st)))
(st_arrdecls (init_state st))
(st_datapath (init_state st))
(st_controllogic (init_state st)).
Definition transl_module (f : function) : Errors.res HTL.module :=
run_mon (max_state f) (transf_module f).
Definition transl_fundef := transf_partial_fundef transl_module.
Definition main_is_internal (p : RTL.program) : bool :=
let ge := Globalenvs.Genv.globalenv p in
match Globalenvs.Genv.find_symbol ge p.(AST.prog_main) with
| Some b =>
match Globalenvs.Genv.find_funct_ptr ge b with
| Some (AST.Internal _) => true
| _ => false
end
| _ => false
end.
Definition transl_program (p : RTL.program) : Errors.res HTL.program :=
if main_is_internal p
then transform_partial_program transl_fundef p
else Errors.Error (Errors.msg "Main function is not Internal.").
match op, args with
| Op.Omove, r::nil => ret (Vvar r)
| Op.Ointconst n, _ => ret (Vlit (intToValue n))
| Op.Oneg, r::nil => ret (Vunop Vneg (Vvar r))
| Op.Osub, r1::r2::nil => ret (bop Vsub r1 r2)
| Op.Omul, r1::r2::nil => ret (bop Vmul r1 r2)
| Op.Omulimm n, r::nil => ret (boplit Vmul r n)
| Op.Omulhs, r1::r2::nil => error (Errors.msg "Htlgen: Instruction not implemented: mulhs")
| Op.Omulhu, r1::r2::nil => error (Errors.msg "Htlgen: Instruction not implemented: mulhu")
| Op.Odiv, r1::r2::nil => ret (bop Vdiv r1 r2)
| Op.Odivu, r1::r2::nil => ret (bop Vdivu r1 r2)
| Op.Omod, r1::r2::nil => ret (bop Vmod r1 r2)
| Op.Omodu, r1::r2::nil => ret (bop Vmodu r1 r2)
| Op.Oand, r1::r2::nil => ret (bop Vand r1 r2)
| Op.Oandimm n, r::nil => ret (boplit Vand r n)
| Op.Oor, r1::r2::nil => ret (bop Vor r1 r2)
| Op.Oorimm n, r::nil => ret (boplit Vor r n)
| Op.Oxor, r1::r2::nil => ret (bop Vxor r1 r2)
| Op.Oxorimm n, r::nil => ret (boplit Vxor r n)
| Op.Onot, r::nil => ret (Vunop Vnot (Vvar r))
| Op.Oshl, r1::r2::nil => ret (bop Vshl r1 r2)
| Op.Oshlimm n, r::nil => ret (boplit Vshl r n)
| Op.Oshr, r1::r2::nil => ret (bop Vshr r1 r2)
| Op.Oshrimm n, r::nil => ret (boplit Vshr r n)
| Op.Oshrximm n, r::nil =>
ret (Vternary (Vbinop Vlt (Vvar r) (Vlit (ZToValue 0)))
(Vunop Vneg (Vbinop Vshru (Vunop Vneg (Vvar r)) (Vlit n)))
(Vbinop Vshru (Vvar r) (Vlit n)))
| Op.Oshru, r1::r2::nil => ret (bop Vshru r1 r2)
| Op.Oshruimm n, r::nil => ret (boplit Vshru r n)
| Op.Ororimm n, r::nil => error (Errors.msg "Htlgen: Instruction not implemented: Ororimm")
| Op.Oshldimm n, r::nil => ret (Vbinop Vor (boplit Vshl r n) (boplit Vshr r (Integers.Int.sub (Integers.Int.repr 32) n)))
| Op.Ocmp c, _ => translate_condition c args
| Op.Osel c AST.Tint, r1::r2::rl =>
do tc <- translate_condition c rl;
ret (Vternary tc (Vvar r1) (Vvar r2))
| Op.Olea a, _ => translate_eff_addressing a args
| _, _ => error (Errors.msg "Htlgen: Instruction not implemented: other")
end.
Lemma add_branch_instr_state_incr:
forall s e n n1 n2,
(st_datapath s) ! n = None ->
(st_controllogic s) ! n = None ->
st_incr s (mkstate
s.(st_st)
(st_freshreg s)
(st_freshstate s)
s.(st_scldecls)
s.(st_arrdecls)
(AssocMap.set n Vskip (st_datapath s))
(AssocMap.set n (state_cond s.(st_st) e n1 n2) (st_controllogic s))).
Definition add_branch_instr (e: expr) (n n1 n2: node) : mon unit :=
fun s =>
match check_empty_node_datapath s n, check_empty_node_controllogic s n with
| left NSTM, left NTRANS =>
OK tt (mkstate
s.(st_st)
(st_freshreg s)
(st_freshstate s)
s.(st_scldecls)
s.(st_arrdecls)
(AssocMap.set n Vskip (st_datapath s))
(AssocMap.set n (state_cond s.(st_st) e n1 n2) (st_controllogic s)))
(add_branch_instr_state_incr s e n n1 n2 NSTM NTRANS)
| _, _ => Error (Errors.msg "Htlgen: add_branch_instr")
end.
Definition translate_arr_access (mem : AST.memory_chunk) (addr : Op.addressing)
(args : list reg) (stack : reg) : mon expr :=
match mem, addr, args with
| Mint32, Op.Aindexed off, r1::nil =>
if (check_address_parameter_signed off)
then ret (Vvari stack (Vbinop Vdivu (boplitz Vadd r1 off) (Vlit (ZToValue 4))))
else error (Errors.msg "HTLgen: translate_arr_access address out of bounds")
| Mint32, Op.Aindexed2scaled scale offset, r1::r2::nil =>
if (check_address_parameter_signed scale) && (check_address_parameter_signed offset)
then ret (Vvari stack
(Vbinop Vdivu
(Vbinop Vadd (boplitz Vadd r1 offset) (boplitz Vmul r2 scale))
(Vlit (ZToValue 4))))
else error (Errors.msg "HTLgen: translate_arr_access address out of bounds")
| Mint32, Op.Ainstack a, nil =>
let a := Integers.Ptrofs.unsigned a in
if (check_address_parameter_unsigned a)
then ret (Vvari stack (Vlit (ZToValue (a / 4))))
else error (Errors.msg "HTLgen: eff_addressing out of bounds stack offset")
| _, _, _ => error (Errors.msg "HTLgen: translate_arr_access unsuported addressing")
end.
Fixpoint enumerate (i : nat) (ns : list node) {struct ns} : list (nat * node) :=
match ns with
| n :: ns' => (i, n) :: enumerate (i+1) ns'
| nil => nil
end.
Definition tbl_to_case_expr (st : reg) (ns : list node) : list (expr * stmnt) :=
List.map (fun a => match a with
(i, n) => (Vlit (natToValue i), Vnonblock (Vvar st) (Vlit (posToValue n)))
end)
(enumerate 0 ns).
Definition transf_instr (fin rtrn stack: reg) (ni: node * instruction) : mon unit :=
match ni with
(n, i) =>
match i with
| Inop n' =>
if Z.leb (Z.pos n') Integers.Int.max_unsigned then
add_instr n n' Vskip
else error (Errors.msg "State is larger than 2^32.")
| Iop op args dst n' =>
if Z.leb (Z.pos n') Integers.Int.max_unsigned then
do instr <- translate_instr op args;
do _ <- declare_reg None dst 32;
add_instr n n' (nonblock dst instr)
else error (Errors.msg "State is larger than 2^32.")
| Iload mem addr args dst n' =>
if Z.leb (Z.pos n') Integers.Int.max_unsigned then
do src <- translate_arr_access mem addr args stack;
do _ <- declare_reg None dst 32;
add_instr n n' (nonblock dst src)
else error (Errors.msg "State is larger than 2^32.")
| Istore mem addr args src n' =>
if Z.leb (Z.pos n') Integers.Int.max_unsigned then
do dst <- translate_arr_access mem addr args stack;
add_instr n n' (Vnonblock dst (Vvar src))
else error (Errors.msg "State is larger than 2^32.")
| Icall _ _ _ _ _ => error (Errors.msg "Calls are not implemented.")
| Itailcall _ _ _ => error (Errors.msg "Tailcalls are not implemented.")
| Ibuiltin _ _ _ _ => error (Errors.msg "Builtin functions not implemented.")
| Icond cond args n1 n2 =>
if Z.leb (Z.pos n1) Integers.Int.max_unsigned && Z.leb (Z.pos n2) Integers.Int.max_unsigned then
do e <- translate_condition cond args;
add_branch_instr e n n1 n2
else error (Errors.msg "State is larger than 2^32.")
| Ijumptable r tbl =>
error (Errors.msg "Ijumptable: Case statement not supported.")
| Ireturn r =>
match r with
| Some r' =>
add_instr_skip n (Vseq (block fin (Vlit (ZToValue 1%Z))) (block rtrn (Vvar r')))
| None =>
add_instr_skip n (Vseq (block fin (Vlit (ZToValue 1%Z))) (block rtrn (Vlit (ZToValue 0%Z))))
end
end
end.
Lemma create_reg_state_incr:
forall s sz i,
st_incr s (mkstate
s.(st_st)
(Pos.succ (st_freshreg s))
(st_freshstate s)
(AssocMap.set s.(st_freshreg) (i, VScalar sz) s.(st_scldecls))
s.(st_arrdecls)
(st_datapath s)
(st_controllogic s)).
Definition create_reg (i : option io) (sz : nat) : mon reg :=
fun s => let r := s.(st_freshreg) in
OK r (mkstate
s.(st_st)
(Pos.succ r)
(st_freshstate s)
(AssocMap.set s.(st_freshreg) (i, VScalar sz) s.(st_scldecls))
(st_arrdecls s)
(st_datapath s)
(st_controllogic s))
(create_reg_state_incr s sz i).
Lemma create_arr_state_incr:
forall s sz ln i,
st_incr s (mkstate
s.(st_st)
(Pos.succ (st_freshreg s))
(st_freshstate s)
s.(st_scldecls)
(AssocMap.set s.(st_freshreg) (i, VArray sz ln) s.(st_arrdecls))
(st_datapath s)
(st_controllogic s)).
Definition create_arr (i : option io) (sz : nat) (ln : nat) : mon (reg * nat) :=
fun s => let r := s.(st_freshreg) in
OK (r, ln) (mkstate
s.(st_st)
(Pos.succ r)
(st_freshstate s)
s.(st_scldecls)
(AssocMap.set s.(st_freshreg) (i, VArray sz ln) s.(st_arrdecls))
(st_datapath s)
(st_controllogic s))
(create_arr_state_incr s sz ln i).
Definition stack_correct (sz : Z) : bool :=
(0 <=? sz) && (sz <? Integers.Ptrofs.modulus) && (Z.modulo sz 4 =? 0).
Definition max_pc_map (m : Maps.PTree.t stmnt) :=
PTree.fold (fun m pc i => Pos.max m pc) m 1%positive.
Lemma max_pc_map_sound:
forall m pc i, m!pc = Some i -> Ple pc (max_pc_map m).
Lemma max_pc_wf :
forall m, Z.pos (max_pc_map m) <= Integers.Int.max_unsigned ->
map_well_formed m.
Definition transf_module (f: function) : mon HTL.module.
Defined.
Definition max_state (f: function) : state :=
let st := Pos.succ (max_reg_function f) in
mkstate st
(Pos.succ st)
(Pos.succ (RTL.max_pc_function f))
(AssocMap.set st (None, VScalar 32) (st_scldecls (init_state st)))
(st_arrdecls (init_state st))
(st_datapath (init_state st))
(st_controllogic (init_state st)).
Definition transl_module (f : function) : Errors.res HTL.module :=
run_mon (max_state f) (transf_module f).
Definition transl_fundef := transf_partial_fundef transl_module.
Definition main_is_internal (p : RTL.program) : bool :=
let ge := Globalenvs.Genv.globalenv p in
match Globalenvs.Genv.find_symbol ge p.(AST.prog_main) with
| Some b =>
match Globalenvs.Genv.find_funct_ptr ge b with
| Some (AST.Internal _) => true
| _ => false
end
| _ => false
end.
Definition transl_program (p : RTL.program) : Errors.res HTL.program :=
if main_is_internal p
then transform_partial_program transl_fundef p
else Errors.Error (Errors.msg "Main function is not Internal.").