(no commit message)

[helm.git] / helm / software / matita / contribs / ng_assembly / freescale / word16.ma

(**************************************************************************)
(*       ___                                                              *)
(*      ||M||                                                             *)
(*      ||A||       A project by Andrea Asperti                           *)
(*      ||T||                                                             *)
(*      ||I||       Developers:                                           *)
(*      ||T||         The HELM team.                                      *)
(*      ||A||         http://helm.cs.unibo.it                             *)
(*      \   /                                                             *)
(*       \ /        This file is distributed under the terms of the       *)
(*        v         GNU General Public License Version 2                  *)
(*                                                                        *)
(**************************************************************************)

(* ********************************************************************** *)
(*                           Progetto FreeScale                           *)
(*                                                                        *)
(* Sviluppato da:                                                         *)
(*   Cosimo Oliboni, oliboni@cs.unibo.it                                  *)
(*                                                                        *)
(* Questo materiale fa parte della tesi:                                  *)
(*   "Formalizzazione Interattiva dei Microcontroller a 8bit FreeScale"   *)
(*                                                                        *)
(*                    data ultima modifica 15/11/2007                     *)
(* ********************************************************************** *)

include "freescale/byte8.ma".

(* **** *)
(* WORD *)
(* **** *)

nrecord word16 : Type ≝
 {
 w16h: byte8;
 w16l: byte8
 }.

ndefinition word16_ind : ΠP:word16 → Prop.(Πb:byte8.Πb1:byte8.P (mk_word16 b b1)) → Πw:word16.P w ≝
λP:word16 → Prop.λf:Πb:byte8.Πb1:byte8.P (mk_word16 b b1).λw:word16.
 match w with [ mk_word16 (b:byte8) (b1:byte8) ⇒ f b b1 ].

ndefinition word16_rec : ΠP:word16 → Set.(Πb:byte8.Πb1:byte8.P (mk_word16 b b1)) → Πw:word16.P w ≝
λP:word16 → Set.λf:Πb:byte8.Πb1:byte8.P (mk_word16 b b1).λw:word16.
 match w with [ mk_word16 (b:byte8) (b1:byte8) ⇒ f b b1 ].

ndefinition word16_rect : ΠP:word16 → Type.(Πb:byte8.Πb1:byte8.P (mk_word16 b b1)) → Πw:word16.P w ≝
λP:word16 → Type.λf:Πb:byte8.Πb1:byte8.P (mk_word16 b b1).λw:word16.
 match w with [ mk_word16 (b:byte8) (b1:byte8) ⇒ f b b1 ].

ndefinition w16h ≝ λw:word16.match w with [ mk_word16 x _ ⇒ x ].
ndefinition w16l ≝ λw:word16.match w with [ mk_word16 _ x ⇒ x ].

(* \langle \rangle *)
notation "〈x:y〉" non associative with precedence 80
 for @{ 'mk_word16 $x $y }.
interpretation "mk_word16" 'mk_word16 x y = (mk_word16 x y).

(* operatore = *)
ndefinition eq_w16 ≝ λw1,w2.(eq_b8 (w16h w1) (w16h w2)) ⊗ (eq_b8 (w16l w1) (w16l w2)).

(* operatore < *)
ndefinition lt_w16 ≝
λw1,w2:word16.match lt_b8 (w16h w1) (w16h w2) with
 [ true ⇒ true
 | false ⇒ match gt_b8 (w16h w1) (w16h w2) with
  [ true ⇒ false
  | false ⇒ lt_b8 (w16l w1) (w16l w2) ]].

(* operatore ≤ *)
ndefinition le_w16 ≝ λw1,w2:word16.(eq_w16 w1 w2) ⊕ (lt_w16 w1 w2).

(* operatore > *)
ndefinition gt_w16 ≝ λw1,w2:word16.⊖ (le_w16 w1 w2).

(* operatore ≥ *)
ndefinition ge_w16 ≝ λw1,w2:word16.⊖ (lt_w16 w1 w2).

(* operatore and *)
ndefinition and_w16 ≝
λw1,w2:word16.mk_word16 (and_b8 (w16h w1) (w16h w2)) (and_b8 (w16l w1) (w16l w2)).

(* operatore or *)
ndefinition or_w16 ≝
λw1,w2:word16.mk_word16 (or_b8 (w16h w1) (w16h w2)) (or_b8 (w16l w1) (w16l w2)).

(* operatore xor *)
ndefinition xor_w16 ≝
λw1,w2:word16.mk_word16 (xor_b8 (w16h w1) (w16h w2)) (xor_b8 (w16l w1) (w16l w2)).

(* operatore rotazione destra con carry *)
ndefinition rcr_w16 ≝
λw:word16.λc:bool.match rcr_b8 (w16h w) c with
 [ pair wh' c' ⇒ match rcr_b8 (w16l w) c' with
  [ pair wl' c'' ⇒ pair ?? (mk_word16 wh' wl') c'' ]]. 

(* operatore shift destro *)
ndefinition shr_w16 ≝
λw:word16.match rcr_b8 (w16h w) false with
 [ pair wh' c' ⇒ match rcr_b8 (w16l w) c' with
  [ pair wl' c'' ⇒ pair ?? (mk_word16 wh' wl') c'' ]].

(* operatore rotazione destra *)
ndefinition ror_w16 ≝
λw:word16.match rcr_b8 (w16h w) false with
 [ pair wh' c' ⇒ match rcr_b8 (w16l w) c' with
  [ pair wl' c'' ⇒ match c'' with
   [ true ⇒ mk_word16 (or_b8 (mk_byte8 x8 x0) wh') wl'
   | false ⇒ mk_word16 wh' wl' ]]].

(* operatore rotazione destra n-volte *)
nlet rec ror_w16_n (w:word16) (n:nat) on n ≝
 match n with
  [ O ⇒ w
  | S n' ⇒ ror_w16_n (ror_w16 w) n' ].

(* operatore rotazione sinistra con carry *)
ndefinition rcl_w16 ≝
λw:word16.λc:bool.match rcl_b8 (w16l w) c with
 [ pair wl' c' ⇒ match rcl_b8 (w16h w) c' with
  [ pair wh' c'' ⇒ pair ?? (mk_word16 wh' wl') c'' ]]. 

(* operatore shift sinistro *)
ndefinition shl_w16 ≝
λw:word16.match rcl_b8 (w16l w) false with
 [ pair wl' c' ⇒ match rcl_b8 (w16h w) c' with
  [ pair wh' c'' ⇒ pair ?? (mk_word16 wh' wl') c'' ]].

(* operatore rotazione sinistra *)
ndefinition rol_w16 ≝
λw:word16.match rcl_b8 (w16l w) false with
 [ pair wl' c' ⇒ match rcl_b8 (w16h w) c' with
  [ pair wh' c'' ⇒ match c'' with
   [ true ⇒ mk_word16 wh' (or_b8 (mk_byte8 x0 x1) wl')
   | false ⇒ mk_word16 wh' wl' ]]].

(* operatore rotazione sinistra n-volte *)
nlet rec rol_w16_n (w:word16) (n:nat) on n ≝
 match n with
  [ O ⇒ w
  | S n' ⇒ rol_w16_n (rol_w16 w) n' ].

(* operatore not/complemento a 1 *)
ndefinition not_w16 ≝
λw:word16.mk_word16 (not_b8 (w16h w)) (not_b8 (w16l w)).

(* operatore somma con data+carry → data+carry *)
ndefinition plus_w16_dc_dc ≝
λw1,w2:word16.λc:bool.
 match plus_b8_dc_dc (w16l w1) (w16l w2) c with
  [ pair l c ⇒ match plus_b8_dc_dc (w16h w1) (w16h w2) c with
   [ pair h c' ⇒ pair ?? 〈h:l〉 c' ]].

(* operatore somma con data+carry → data *)
ndefinition plus_w16_dc_d ≝
λw1,w2:word16.λc:bool.
 match plus_b8_dc_dc (w16l w1) (w16l w2) c with
  [ pair l c ⇒ 〈plus_b8_dc_d (w16h w1) (w16h w2) c:l〉 ].

(* operatore somma con data+carry → c *)
ndefinition plus_w16_dc_c ≝
λw1,w2:word16.λc:bool.
 plus_b8_dc_c (w16h w1) (w16h w2) (plus_b8_dc_c (w16l w1) (w16l w2) c).

(* operatore somma con data → data+carry *)
ndefinition plus_w16_d_dc ≝
λw1,w2:word16.
 match plus_b8_d_dc (w16l w1) (w16l w2) with
  [ pair l c ⇒ match plus_b8_dc_dc (w16h w1) (w16h w2) c with
   [ pair h c' ⇒ pair ?? 〈h:l〉 c' ]].

(* operatore somma con data → data *)
ndefinition plus_w16_d_d ≝
λw1,w2:word16.
 match plus_b8_d_dc (w16l w1) (w16l w2) with
  [ pair l c ⇒ 〈plus_b8_dc_d (w16h w1) (w16h w2) c:l〉 ].

(* operatore somma con data → c *)
ndefinition plus_w16_d_c ≝
λw1,w2:word16.
 plus_b8_dc_c (w16h w1) (w16h w2) (plus_b8_d_c (w16l w1) (w16l w2)).

(* operatore Most Significant Bit *)
ndefinition MSB_w16 ≝ λw:word16.eq_ex x8 (and_ex x8 (b8h (w16h w))).

(* word → naturali *)
ndefinition nat_of_word16 ≝ λw:word16. 256 * (nat_of_byte8 (w16h w)) + (nat_of_byte8 (w16l w)).

(* operatore predecessore *)
ndefinition pred_w16 ≝
λw:word16.match eq_b8 (w16l w) (mk_byte8 x0 x0) with
 [ true ⇒ mk_word16 (pred_b8 (w16h w)) (pred_b8 (w16l w))
 | false ⇒ mk_word16 (w16h w) (pred_b8 (w16l w)) ].

(* operatore successore *)
ndefinition succ_w16 ≝
λw:word16.match eq_b8 (w16l w) (mk_byte8 xF xF) with
 [ true ⇒ mk_word16 (succ_b8 (w16h w)) (succ_b8 (w16l w))
 | false ⇒ mk_word16 (w16h w) (succ_b8 (w16l w)) ].

(* operatore neg/complemento a 2 *)
ndefinition compl_w16 ≝
λw:word16.match MSB_w16 w with
 [ true ⇒ succ_w16 (not_w16 w)
 | false ⇒ not_w16 (pred_w16 w) ].

(* 
   operatore moltiplicazione senza segno: b*b=[0x0000,0xFE01]
   ... in pratica (〈a,b〉*〈c,d〉) = (a*c)<<8+(a*d)<<4+(b*c)<<4+(b*d)
*)
ndefinition mul_b8 ≝
λb1,b2:byte8.match b1 with
[ mk_byte8 b1h b1l ⇒ match b2 with
[ mk_byte8 b2h b2l ⇒ match mul_ex b1l b2l with
[ mk_byte8 t1_h t1_l ⇒ match mul_ex b1h b2l with
[ mk_byte8 t2_h t2_l ⇒ match mul_ex b2h b1l with
[ mk_byte8 t3_h t3_l ⇒ match mul_ex b1h b2h with
[ mk_byte8 t4_h t4_l ⇒
 plus_w16_d_d
  (plus_w16_d_d
   (plus_w16_d_d 〈〈x0,t3_h〉:〈t3_l,x0〉〉 〈〈x0,t2_h〉:〈t2_l,x0〉〉) 〈〈t4_h,t4_l〉:〈x0,x0〉〉)〈〈x0,x0〉:〈t1_h,t1_l〉〉
]]]]]].

(* divisione senza segno (secondo la logica delle ALU): (quoziente resto) overflow *)
nlet rec div_b8_aux (divd:word16) (divs:word16) (molt:byte8) (q:byte8) (c:nat) on c ≝
 let w' ≝ plus_w16_d_d divd (compl_w16 divs) in
  match c with
  [ O ⇒ match le_w16 divs divd with
   [ true ⇒ triple ??? (or_b8 molt q) (w16l w') (⊖ (eq_b8 (w16h w') 〈x0,x0〉))
   | false ⇒ triple ??? q (w16l divd) (⊖ (eq_b8 (w16h divd) 〈x0,x0〉)) ]
  | S c' ⇒ match le_w16 divs divd with
   [ true ⇒ div_b8_aux w' (ror_w16 divs) (ror_b8 molt) (or_b8 molt q) c'
   | false ⇒ div_b8_aux divd (ror_w16 divs) (ror_b8 molt) q c' ]].

ndefinition div_b8 ≝
λw:word16.λb:byte8.match eq_b8 b 〈x0,x0〉 with
(* 
   la combinazione n/0 e' illegale, segnala solo overflow senza dare risultato
*)
 [ true ⇒ triple ??? 〈xF,xF〉 (w16l w) true
 | false ⇒ match eq_w16 w 〈〈x0,x0〉:〈x0,x0〉〉 with
(* 0 diviso qualsiasi cosa diverso da 0 da' q=0 r=0 o=false *)
  [ true ⇒ triple ??? 〈x0,x0〉 〈x0,x0〉 false
(* 1) e' una divisione sensata che produrra' overflow/risultato *)
(* 2) parametri: dividendo, divisore, moltiplicatore, quoziente, contatore *)
(* 3) ad ogni ciclo il divisore e il moltiplicatore vengono scalati di 1 a dx *)
(* 4) il moltiplicatore e' la quantita' aggiunta al quoziente se il divisore *)
(*    puo' essere sottratto al dividendo *) 
  | false ⇒ div_b8_aux w (rol_w16_n 〈〈x0,x0〉:b〉 7) 〈x8,x0〉 〈x0,x0〉 7 ]].

(* operatore x in [inf,sup] *)
ndefinition in_range ≝
λx,inf,sup:word16.(le_w16 inf sup) ⊗ (ge_w16 x inf) ⊗ (le_w16 x sup).

(* iteratore sulle word *)
ndefinition forall_word16 ≝
 λP.
  forall_byte8 (λbh.
  forall_byte8 (λbl.
   P (mk_word16 bh bl ))).