From: Cosimo Oliboni Date: Wed, 15 Jul 2009 11:39:18 +0000 (+0000) Subject: freescale porting, work in progress X-Git-Tag: make_still_working~3682 X-Git-Url: http://matita.cs.unibo.it/gitweb/?a=commitdiff_plain;h=9f580d9bf8f6ba6950b252f587166e95bc8fb1a8;p=helm.git freescale porting, work in progress --- diff --git a/helm/software/matita/contribs/ng_assembly/depends b/helm/software/matita/contribs/ng_assembly/depends index f8b4a6570..61764662c 100644 --- a/helm/software/matita/contribs/ng_assembly/depends +++ b/helm/software/matita/contribs/ng_assembly/depends @@ -1,17 +1,22 @@ freescale/option.ma freescale/bool.ma freescale/exadecim.ma freescale/bool.ma freescale/nat.ma freescale/prod.ma +freescale/memory_struct.ma freescale/aux_bases.ma freescale/byte8.ma freescale/prod.ma freescale/bool.ma +freescale/status_lemmas.ma freescale/opcode_base_lemmas1.ma freescale/option_lemmas.ma freescale/prod_lemmas.ma freescale/status.ma freescale/word16_lemmas.ma freescale/prod_lemmas.ma freescale/bool_lemmas.ma freescale/prod.ma freescale/exadecim_lemmas.ma freescale/bool_lemmas.ma freescale/exadecim.ma +freescale/memory_bits.ma freescale/memory_trees.ma freescale/opcode.ma freescale/opcode_base.ma freescale/aux_bases_lemmas.ma freescale/aux_bases.ma freescale/bool_lemmas.ma +freescale/memory_abs.ma freescale/memory_bits.ma freescale/memory_func.ma freescale/memory_trees.ma freescale/bool_lemmas.ma freescale/bool.ma freescale/theory.ma freescale/table_RS08.ma freescale/opcode.ma freescale/word32_lemmas.ma freescale/word16_lemmas.ma freescale/word32.ma freescale/opcode_base.ma freescale/aux_bases.ma freescale/theory.ma freescale/word16.ma freescale/nat_lemmas.ma freescale/bool_lemmas.ma freescale/nat.ma +freescale/memory_trees.ma freescale/memory_struct.ma freescale/option.ma freescale/theory.ma freescale/word16.ma freescale/table_HC05_tests.ma freescale/table_HC05.ma -freescale/aux_bases.ma freescale/bool.ma freescale/nat.ma +freescale/aux_bases.ma freescale/byte8.ma freescale/nat.ma freescale/word16_lemmas.ma freescale/byte8_lemmas.ma freescale/word16.ma freescale/table_HCS08.ma freescale/opcode.ma freescale/table_HC08_tests.ma freescale/table_HC08.ma @@ -21,16 +26,22 @@ freescale/opcode_base_lemmas_opcode1.ma freescale/bool_lemmas.ma freescale/opcod freescale/opcode_base_lemmas_instrmode2.ma freescale/opcode_base_lemmas_instrmode1.ma freescale/table_HCS08_tests.ma freescale/table_HCS08.ma freescale/opcode_base_lemmas_opcode2.ma freescale/opcode_base_lemmas_opcode1.ma +freescale/status.ma freescale/memory_abs.ma freescale/opcode_base.ma freescale/prod.ma +freescale/option_lemmas.ma freescale/bool_lemmas.ma freescale/option.ma freescale/table_HC05.ma freescale/opcode.ma freescale/opcode_base_lemmas.ma freescale/bool_lemmas.ma freescale/opcode_base.ma -freescale/option_lemmas.ma freescale/bool_lemmas.ma freescale/option.ma freescale/word16.ma freescale/byte8.ma +freescale/model.ma freescale/status.ma +freescale/multivm.ma freescale/load_write.ma +freescale/bool.ma freescale/pts.ma freescale/nat.ma freescale/bool.ma freescale/pts.ma freescale/table_HC08.ma freescale/opcode.ma -freescale/bool.ma freescale/pts.ma freescale/theory.ma freescale/pts.ma freescale/byte8_lemmas.ma freescale/byte8.ma freescale/exadecim_lemmas.ma freescale/pts.ma +freescale/load_write.ma freescale/model.ma freescale/translation.ma freescale/opcode_base_lemmas1.ma freescale/opcode_base_lemmas_instrmode2.ma freescale/opcode_base_lemmas_opcode2.ma freescale/word16_lemmas.ma freescale/byte8.ma freescale/exadecim.ma +freescale/translation.ma freescale/option.ma freescale/table_HC05.ma freescale/table_HC08.ma freescale/table_HCS08.ma freescale/table_RS08.ma freescale/word32.ma freescale/word16.ma +freescale/memory_func.ma freescale/memory_struct.ma freescale/option.ma freescale/theory.ma freescale/word16.ma diff --git a/helm/software/matita/contribs/ng_assembly/freescale/aux_bases.ma b/helm/software/matita/contribs/ng_assembly/freescale/aux_bases.ma index 2e71ab1b7..262a52868 100755 --- a/helm/software/matita/contribs/ng_assembly/freescale/aux_bases.ma +++ b/helm/software/matita/contribs/ng_assembly/freescale/aux_bases.ma @@ -24,7 +24,7 @@ (* data ultima modifica 15/11/2007 *) (* ********************************************************************** *) -include "freescale/bool.ma". +include "freescale/byte8.ma". include "freescale/nat.ma". (* ****** *) @@ -363,6 +363,18 @@ ndefinition nat_of_bitrigesim ≝ | t10 ⇒ 16 | t11 ⇒ 17 | t12 ⇒ 18 | t13 ⇒ 19 | t14 ⇒ 20 | t15 ⇒ 21 | t16 ⇒ 22 | t17 ⇒ 23 | t18 ⇒ 24 | t19 ⇒ 25 | t1A ⇒ 26 | t1B ⇒ 27 | t1C ⇒ 28 | t1D ⇒ 29 | t1E ⇒ 30 | t1F ⇒ 31 ]. +ndefinition byte8_of_bitrigesim ≝ +λt:bitrigesim. + match t with + [ t00 ⇒ 〈x0,x0〉 | t01 ⇒ 〈x0,x1〉 | t02 ⇒ 〈x0,x2〉 | t03 ⇒ 〈x0,x3〉 + | t04 ⇒ 〈x0,x4〉 | t05 ⇒ 〈x0,x5〉 | t06 ⇒ 〈x0,x6〉 | t07 ⇒ 〈x0,x7〉 + | t08 ⇒ 〈x0,x8〉 | t09 ⇒ 〈x0,x9〉 | t0A ⇒ 〈x0,xA〉 | t0B ⇒ 〈x0,xB〉 + | t0C ⇒ 〈x0,xC〉 | t0D ⇒ 〈x0,xD〉 | t0E ⇒ 〈x0,xE〉 | t0F ⇒ 〈x0,xF〉 + | t10 ⇒ 〈x1,x0〉 | t11 ⇒ 〈x1,x1〉 | t12 ⇒ 〈x1,x2〉 | t13 ⇒ 〈x1,x3〉 + | t14 ⇒ 〈x1,x4〉 | t15 ⇒ 〈x1,x5〉 | t16 ⇒ 〈x1,x6〉 | t17 ⇒ 〈x1,x7〉 + | t18 ⇒ 〈x1,x8〉 | t19 ⇒ 〈x1,x9〉 | t1A ⇒ 〈x1,xA〉 | t1B ⇒ 〈x1,xB〉 + | t1C ⇒ 〈x1,xC〉 | t1D ⇒ 〈x1,xD〉 | t1E ⇒ 〈x1,xE〉 | t1F ⇒ 〈x1,xF〉 ]. + (* iteratore sui bitrigesimali *) ndefinition forall_bitrigesim ≝ λP. P t00 ⊗ P t01 ⊗ P t02 ⊗ P t03 ⊗ P t04 ⊗ P t05 ⊗ P t06 ⊗ P t07 ⊗ diff --git a/helm/software/matita/contribs/ng_assembly/freescale/load_write.ma b/helm/software/matita/contribs/ng_assembly/freescale/load_write.ma new file mode 100755 index 000000000..07d043b79 --- /dev/null +++ b/helm/software/matita/contribs/ng_assembly/freescale/load_write.ma @@ -0,0 +1,983 @@ +(**************************************************************************) +(* ___ *) +(* ||M|| *) +(* ||A|| A project by Andrea Asperti *) +(* ||T|| *) +(* ||I|| Developers: *) +(* ||T|| The HELM team. *) +(* ||A|| http://helm.cs.unibo.it *) +(* \ / *) +(* \ / This file is distributed under the terms of the *) +(* v GNU General Public License Version 2 *) +(* *) +(**************************************************************************) + +(* ********************************************************************** *) +(* Progetto FreeScale *) +(* *) +(* Sviluppato da: *) +(* Cosimo Oliboni, oliboni@cs.unibo.it *) +(* *) +(* Questo materiale fa parte della tesi: *) +(* "Formalizzazione Interattiva dei Microcontroller a 8bit FreeScale" *) +(* *) +(* data ultima modifica 15/11/2007 *) +(* ********************************************************************** *) + +include "freescale/model.ma". +include "freescale/translation.ma". + +(* errori possibili nel fetch *) +ninductive error_type : Type ≝ + ILL_OP: error_type +| ILL_FETCH_AD: error_type +| ILL_EX_AD: error_type. + +ndefinition error_type_ind : ΠP:error_type → Prop.P ILL_OP → P ILL_FETCH_AD → P ILL_EX_AD → Πe:error_type.P e ≝ +λP:error_type → Prop.λp:P ILL_OP.λp1:P ILL_FETCH_AD.λp2:P ILL_EX_AD.λe:error_type. + match e with [ ILL_OP ⇒ p | ILL_FETCH_AD ⇒ p1 | ILL_EX_AD ⇒ p2 ]. + +ndefinition error_type_rec : ΠP:error_type → Set.P ILL_OP → P ILL_FETCH_AD → P ILL_EX_AD → Πe:error_type.P e ≝ +λP:error_type → Set.λp:P ILL_OP.λp1:P ILL_FETCH_AD.λp2:P ILL_EX_AD.λe:error_type. + match e with [ ILL_OP ⇒ p | ILL_FETCH_AD ⇒ p1 | ILL_EX_AD ⇒ p2 ]. + +ndefinition error_type_rect : ΠP:error_type → Type.P ILL_OP → P ILL_FETCH_AD → P ILL_EX_AD → Πe:error_type.P e ≝ +λP:error_type → Type.λp:P ILL_OP.λp1:P ILL_FETCH_AD.λp2:P ILL_EX_AD.λe:error_type. + match e with [ ILL_OP ⇒ p | ILL_FETCH_AD ⇒ p1 | ILL_EX_AD ⇒ p2 ]. + +(* un tipo opzione ad hoc + - errore: interessa solo l'errore + - ok: interessa info e il nuovo pc +*) +ninductive fetch_result (A:Type) : Type ≝ + FetchERR : error_type → fetch_result A +| FetchOK : A → word16 → fetch_result A. + +ndefinition fetch_result_ind + : ΠA:Type.ΠP:fetch_result A → Prop.(Πn:error_type.P (FetchERR A n)) → + (Πa:A.Πn:word16.P (FetchOK A a n)) → Πf:fetch_result A.P f ≝ +λA:Type.λP:fetch_result A → Prop.λf:Πn:error_type.P (FetchERR A n). +λf1:Πa:A.Πn:word16.P (FetchOK A a n).λf2:fetch_result A. + match f2 with [ FetchERR n ⇒ f n | FetchOK a n ⇒ f1 a n ]. + +ndefinition fetch_result_rec + : ΠA:Type.ΠP:fetch_result A → Set.(Πn:error_type.P (FetchERR A n)) → + (Πa:A.Πn:word16.P (FetchOK A a n)) → Πf:fetch_result A.P f ≝ +λA:Type.λP:fetch_result A → Set.λf:Πn:error_type.P (FetchERR A n). +λf1:Πa:A.Πn:word16.P (FetchOK A a n).λf2:fetch_result A. + match f2 with [ FetchERR n ⇒ f n | FetchOK a n ⇒ f1 a n ]. + +ndefinition fetch_result_rect + : ΠA:Type.ΠP:fetch_result A → Type.(Πn:error_type.P (FetchERR A n)) → + (Πa:A.Πn:word16.P (FetchOK A a n)) → Πf:fetch_result A.P f ≝ +λA:Type.λP:fetch_result A → Type.λf:Πn:error_type.P (FetchERR A n). +λf1:Πa:A.Πn:word16.P (FetchOK A a n).λf2:fetch_result A. + match f2 with [ FetchERR n ⇒ f n | FetchOK a n ⇒ f1 a n ]. + +(* **************************** *) +(* FETCH E ACCESSO ALLA MEMORIA *) +(* **************************** *) + +(* ausialiaria per RS08 read *) +(* come anticipato in status, nell'RS08 ci sono 2 registri importanti + memory mapped, quindi bisona intercettare la lettura. + NB: fare molta attenzione alle note sulle combinazioni possibili perche' + il comportamento della memoria nell'RS08 e' strano e ci sono + precise condizioni che impediscono una semantica circolare dell'accesso + (divergenza=assenza di definizione) *) +ndefinition RS08_memory_filter_read_aux ≝ +λt:memory_impl.λs:any_status RS08 t.λaddr:word16. +λT:Type.λfREG:byte8 → option T.λfMEM:aux_mem_type t → aux_chk_type t → word16 → option T. +match s with + [ mk_any_status alu mem chk _ ⇒ match alu with + [ mk_alu_RS08 _ _ _ _ xm psm _ _ ⇒ +(* + possibili accessi al registro X + 1) addr=000F: diretto + 2) addr=000E (X =0F): indiretto + 3) addr=00CF (PS=00): paging + + [NB] altre combinazioni non funzionano perche' la MCU non e' un oggetto reattivo: + non si possono combinare due effetti contemporaneamente! + per esempio accesso addr=00CE (PS=00,X=0F) non puo' produrre 2 indirezioni +*) + match eq_w16 addr 〈〈x0,x0〉:〈x0,xF〉〉 ⊕ + (eq_w16 addr 〈〈x0,x0〉:〈x0,xE〉〉 ⊗ eq_b8 xm 〈x0,xF〉) ⊕ + (eq_w16 addr 〈〈x0,x0〉:〈xC,xF〉〉 ⊗ eq_b8 psm 〈x0,x0〉) with + [ true ⇒ fREG xm + | false ⇒ +(* + possibili accessi al registro PS + 1) addr=001F: diretto + 2) addr=000E (X =1F): indiretto + 3) addr=00DF (PS=00): paging +*) + match eq_w16 addr 〈〈x0,x0〉:〈x1,xF〉〉 ⊕ + (eq_w16 addr 〈〈x0,x0〉:〈x0,xE〉〉 ⊗ eq_b8 xm 〈x1,xF〉) ⊕ + (eq_w16 addr 〈〈x0,x0〉:〈xD,xF〉〉 ⊗ eq_b8 psm 〈x0,x0〉) with + [ true ⇒ fREG psm + | false ⇒ +(* + accesso a D[X]: se accede a [00C0-00FF] e' la RAM fisica, non il paging + altrimenti sarebbero 2 indirezioni +*) + match eq_w16 addr 〈〈x0,x0〉:〈x0,xE〉〉 with + [ true ⇒ fMEM mem chk 〈〈x0,x0〉:xm〉 + | false ⇒ +(* + accesso al paging: [00pp pppp ppxx xxxx] con p=PS x=addr +*) + match in_range addr 〈〈x0,x0〉:〈xC,x0〉〉 〈〈x0,x0〉:〈xF,xF〉〉 with + [ true ⇒ fMEM mem chk (or_w16 (fst ?? (shr_w16 (fst ?? (shr_w16 〈psm:〈x0,x0〉〉)))) + (and_w16 addr 〈〈x0,x0〉:〈x3,xF〉〉)) +(* + accesso normale +*) + | false ⇒ fMEM mem chk addr ]]]]]]. + +(* lettura RS08 di un byte *) +ndefinition RS08_memory_filter_read ≝ +λt:memory_impl.λs:any_status RS08 t.λaddr:word16. + RS08_memory_filter_read_aux t s addr byte8 + (λb.Some byte8 b) + (λm:aux_mem_type t.λc:aux_chk_type t.λa:word16.mem_read t m c a). + +(* lettura RS08 di un bit *) +ndefinition RS08_memory_filter_read_bit ≝ +λt:memory_impl.λs:any_status RS08 t.λaddr:word16.λsub:oct. + RS08_memory_filter_read_aux t s addr bool + (λb.Some bool (getn_array8T sub bool (bits_of_byte8 b))) + (λm:aux_mem_type t.λc:aux_chk_type t.λa:word16.mem_read_bit t m c a sub). + +(* in caso di RS08 si dirotta sul filtro, altrimenti si legge direttamente *) +ndefinition memory_filter_read ≝ +λm:mcu_type.λt:memory_impl.match m return λm:mcu_type.any_status m t → word16 → option byte8 with + [ HC05 ⇒ λs:any_status HC05 t.λaddr:word16. + mem_read t (get_mem_desc ? t s) (get_chk_desc ? t s) addr + | HC08 ⇒ λs:any_status HC08 t.λaddr:word16. + mem_read t (get_mem_desc ? t s) (get_chk_desc ? t s) addr + | HCS08 ⇒ λs:any_status HCS08 t.λaddr:word16. + mem_read t (get_mem_desc ? t s) (get_chk_desc ? t s) addr + | RS08 ⇒ λs:any_status RS08 t.λaddr:word16. + RS08_memory_filter_read t s addr + ]. + +ndefinition memory_filter_read_bit ≝ +λm:mcu_type.λt:memory_impl.match m return λm:mcu_type.any_status m t → word16 → oct → option bool with + [ HC05 ⇒ λs:any_status HC05 t.λaddr:word16.λsub:oct. + mem_read_bit t (get_mem_desc ? t s) (get_chk_desc ? t s) addr sub + | HC08 ⇒ λs:any_status HC08 t.λaddr:word16.λsub:oct. + mem_read_bit t (get_mem_desc ? t s) (get_chk_desc ? t s) addr sub + | HCS08 ⇒ λs:any_status HCS08 t.λaddr:word16.λsub:oct. + mem_read_bit t (get_mem_desc ? t s) (get_chk_desc ? t s) addr sub + | RS08 ⇒ λs:any_status RS08 t.λaddr:word16.λsub:oct. + RS08_memory_filter_read_bit t s addr sub + ]. + +(* ausialiaria per RS08 write *) +(* come anticipato in status, nell'RS08 ci sono 2 registri importanti + memory mapped, quindi bisona intercettare la scrittura. + NB: fare molta attenzione alle note sulle combinazioni possibili perche' + il comportamento della memoria nell'RS08 e' strano e ci sono + precise condizioni che impediscono una semantica circolare dell'accesso + (divergenza=assenza di definizione) *) +ndefinition RS08_memory_filter_write_aux ≝ +λt:memory_impl.λs:any_status RS08 t.λaddr:word16. +λfREG:byte8 → byte8.λfMEM:aux_mem_type t → aux_chk_type t → word16 → option (aux_mem_type t). +match s with + [ mk_any_status alu mem chk clk ⇒ match alu with + [ mk_alu_RS08 acclow pc pcm spc xm psm zfl cfl ⇒ +(* + possibili accessi al registro X + 1) addr=000F: diretto + 2) addr=000E (X =0F): indiretto + 3) addr=00CF (PS=00): paging + + [NB] altre combinazioni non funzionano perche' la MCU non e' un oggetto reattivo: + non si possono combinare due effetti contemporaneamente! + per esempio accesso addr=00CE (PS=00,X=0F) non puo' produrre 2 indirezioni +*) + match eq_w16 addr 〈〈x0,x0〉:〈x0,xF〉〉 ⊕ + (eq_w16 addr 〈〈x0,x0〉:〈x0,xE〉〉 ⊗ eq_b8 xm 〈x0,xF〉) ⊕ + (eq_w16 addr 〈〈x0,x0〉:〈xC,xF〉〉 ⊗ eq_b8 psm 〈x0,x0〉) with + [ true ⇒ Some ? (mk_any_status RS08 t (mk_alu_RS08 acclow pc pcm spc (fREG xm) psm zfl cfl) mem chk clk) + | false ⇒ +(* + possibili accessi al registro PS + 1) addr=001F: diretto + 2) addr=000E (X =1F): indiretto + 3) addr=00DF (PS=00): paging +*) + match eq_w16 addr 〈〈x0,x0〉:〈x1,xF〉〉 ⊕ + (eq_w16 addr 〈〈x0,x0〉:〈x0,xE〉〉 ⊗ eq_b8 xm 〈x1,xF〉) ⊕ + (eq_w16 addr 〈〈x0,x0〉:〈xD,xF〉〉 ⊗ eq_b8 psm 〈x0,x0〉) with + [ true ⇒ Some ? (mk_any_status RS08 t (mk_alu_RS08 acclow pc pcm spc xm (fREG psm) zfl cfl) mem chk clk) + | false ⇒ +(* + accesso a D[X]: se accede a [00C0-00FF] e' la RAM fisica, non il paging + altrimenti sarebbero 2 indirezioni +*) + match eq_w16 addr 〈〈x0,x0〉:〈x0,xE〉〉 with + [ true ⇒ opt_map ?? (fMEM mem chk 〈〈x0,x0〉:xm〉) + (λmem'.Some ? (mk_any_status RS08 t (mk_alu_RS08 acclow pc pcm spc xm psm zfl cfl) mem' chk clk)) + + | false ⇒ +(* + accesso al paging: [00pp pppp ppxx xxxx] con p=PS x=addr +*) + match in_range addr 〈〈x0,x0〉:〈xC,x0〉〉 〈〈x0,x0〉:〈xF,xF〉〉 with + [ true ⇒ opt_map ?? (fMEM mem chk (or_w16 (fst ?? (shr_w16 (fst ?? (shr_w16 〈psm:〈x0,x0〉〉)))) + (and_w16 addr 〈〈x0,x0〉:〈x3,xF〉〉))) + (λmem'.Some ? (mk_any_status RS08 t (mk_alu_RS08 acclow pc pcm spc xm psm zfl cfl) mem' chk clk)) +(* + accesso normale +*) + | false ⇒ opt_map ?? (fMEM mem chk addr) + (λmem'.Some ? (mk_any_status RS08 t (mk_alu_RS08 acclow pc pcm spc xm psm zfl cfl) mem' chk clk)) ]]]]]]. + +(* scrittura RS08 di un byte *) +ndefinition RS08_memory_filter_write ≝ +λt:memory_impl.λs:any_status RS08 t.λaddr:word16.λval:byte8. + RS08_memory_filter_write_aux t s addr + (λb.val) + (λm:aux_mem_type t.λc:aux_chk_type t.λa:word16.mem_update t m c a val). + +(* scrittura RS08 di un bit *) +ndefinition RS08_memory_filter_write_bit ≝ +λt:memory_impl.λs:any_status RS08 t.λaddr:word16.λsub:oct.λval:bool. + RS08_memory_filter_write_aux t s addr + (λb.byte8_of_bits (setn_array8T sub bool (bits_of_byte8 b) val)) + (λm:aux_mem_type t.λc:aux_chk_type t.λa:word16.mem_update_bit t m c a sub val). + +(* in caso di RS08 si dirotta sul filtro, altrimenti si scrive direttamente *) +ndefinition memory_filter_write ≝ +λm:mcu_type.λt:memory_impl.match m + return λm:mcu_type.any_status m t → word16 → byte8 → option (any_status m t) with + [ HC05 ⇒ λs:any_status HC05 t.λaddr:word16.λval:byte8. + opt_map ?? (mem_update t (get_mem_desc ? t s) (get_chk_desc ? t s) addr val) + (λmem.Some ? (set_mem_desc ? t s mem)) + | HC08 ⇒ λs:any_status HC08 t.λaddr:word16.λval:byte8. + opt_map ?? (mem_update t (get_mem_desc ? t s) (get_chk_desc ? t s) addr val) + (λmem.Some ? (set_mem_desc ? t s mem)) + | HCS08 ⇒ λs:any_status HCS08 t.λaddr:word16.λval:byte8. + opt_map ?? (mem_update t (get_mem_desc ? t s) (get_chk_desc ? t s) addr val) + (λmem.Some ? (set_mem_desc ? t s mem)) + | RS08 ⇒ λs:any_status RS08 t.λaddr:word16.λval:byte8. + RS08_memory_filter_write t s addr val + ]. + +ndefinition memory_filter_write_bit ≝ +λm:mcu_type.λt:memory_impl.match m + return λm:mcu_type.any_status m t → word16 → oct → bool → option (any_status m t) with + [ HC05 ⇒ λs:any_status HC05 t.λaddr:word16.λsub:oct.λval:bool. + opt_map ?? (mem_update_bit t (get_mem_desc ? t s) (get_chk_desc ? t s) addr sub val) + (λmem.Some ? (set_mem_desc ? t s mem)) + | HC08 ⇒ λs:any_status HC08 t.λaddr:word16.λsub:oct.λval:bool. + opt_map ?? (mem_update_bit t (get_mem_desc ? t s) (get_chk_desc ? t s) addr sub val) + (λmem.Some ? (set_mem_desc ? t s mem)) + | HCS08 ⇒ λs:any_status HCS08 t.λaddr:word16.λsub:oct.λval:bool. + opt_map ?? (mem_update_bit t (get_mem_desc ? t s) (get_chk_desc ? t s) addr sub val) + (λmem.Some ? (set_mem_desc ? t s mem)) + | RS08 ⇒ λs:any_status RS08 t.λaddr:word16.λsub:oct.λval:bool. + RS08_memory_filter_write_bit t s addr sub val + ]. + +(* + Da utilizzarsi solo per gli aggiornamenti di PC (per il fetch), + NON per il caricamento degli indiretti. + - il caricamento degli immediati spetta al fetcher + (incremento progressivo di PC ciclo per ciclo, e riempimento del prefetch + che a questo punto DEVE poter indirizzare qualsiasi locazione puntata da PC) + - il caricamento degli indiretti non spetta al fetcher +*) +ndefinition filtered_inc_w16 ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λw:word16. + get_pc_reg m t (set_pc_reg m t s (succ_w16 w)). + +nlet rec filtered_plus_w16 (m:mcu_type) (t:memory_impl) (s:any_status m t) (w:word16) (n:nat) on n ≝ + match n with + [ O ⇒ w + | S n' ⇒ filtered_plus_w16 m t s (filtered_inc_w16 m t s w) n' ]. + +(* + errore1: non esiste traduzione ILL_OP + errore2: non e' riuscito a leggere ILL_FETCH_AD + altrimenti OK=info+new_pc +*) +ndefinition fetch ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + let pc ≝ get_pc_reg m t s in + let pc_next1 ≝ filtered_inc_w16 m t s pc in + let pc_next2 ≝ filtered_inc_w16 m t s pc_next1 in + match memory_filter_read m t s pc with + [ None ⇒ FetchERR ? ILL_FETCH_AD + | Some bh ⇒ match full_info_of_word16 m (Byte bh) with + (* non ha trovato una traduzione con 1 byte *) + [ None ⇒ match m with + (* HC05 non esistono op a 2 byte *) + [ HC05 ⇒ FetchERR ? ILL_OP + | HC08 ⇒ match eq_b8 bh 〈x9,xE〉 with + (* HC08 se il primo byte e' 0x9E il secondo puo' avere senso *) + [ true ⇒ match memory_filter_read m t s pc_next1 with + [ None ⇒ FetchERR ? ILL_FETCH_AD | Some bl ⇒ match full_info_of_word16 m (Word (mk_word16 bh bl)) with + [ None ⇒ FetchERR ? ILL_OP | Some info ⇒ FetchOK ? info pc_next2 ]] + (* HC08 se il primo byte non e' 0x9E il secondo non puo' avere senso *) + | false ⇒ FetchERR ? ILL_OP + ] + | HCS08 ⇒ match eq_b8 bh 〈x9,xE〉 with + (* HCS08 se il primo byte e' 0x9E il secondo puo' avere senso *) + [ true ⇒ match memory_filter_read m t s pc_next1 with + [ None ⇒ FetchERR ? ILL_FETCH_AD | Some bl ⇒ match full_info_of_word16 m (Word (mk_word16 bh bl)) with + [ None ⇒ FetchERR ? ILL_OP | Some info ⇒ FetchOK ? info pc_next2 ]] + (* HCS08 se il primo byte non e' 0x9E il secondo non puo' avere senso *) + | false ⇒ FetchERR ? ILL_OP + ] + (* RS08 non esistono op a 2 byte *) + | RS08 ⇒ FetchERR ? ILL_OP + ] + (* ha trovato una traduzione con 1 byte *) + | Some info ⇒ FetchOK ? info pc_next1 ]]. + +(* ************************ *) +(* MODALITA' INDIRIZZAMENTO *) +(* ************************ *) + +(* mattoni base *) +(* - incrementano l'indirizzo normalmente *) +(* - incrementano PC attraverso il filtro *) + +(* lettura byte da addr *) +ndefinition loadb_from ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λaddr:word16.λcur_pc:word16.λfetched:nat. + opt_map ?? (memory_filter_read m t s addr) + (λb.Some ? (triple ??? s b (filtered_plus_w16 m t s cur_pc fetched))). + +(* lettura bit da addr *) +ndefinition loadbit_from ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λaddr:word16.λsub:oct.λcur_pc:word16.λfetched:nat. + opt_map ?? (memory_filter_read_bit m t s addr sub) + (λb.Some ? (triple ??? s b (filtered_plus_w16 m t s cur_pc fetched))). + +(* lettura word da addr *) +ndefinition loadw_from ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λaddr:word16.λcur_pc:word16.λfetched:nat. + opt_map ?? (memory_filter_read m t s addr) + (λbh.opt_map ?? (memory_filter_read m t s (succ_w16 addr)) + (λbl.Some ? (triple ??? s (mk_word16 bh bl) (filtered_plus_w16 m t s cur_pc fetched)))). + +(* scrittura byte su addr *) +ndefinition writeb_to ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λaddr:word16.λcur_pc:word16.λfetched:nat.λwriteb:byte8. + opt_map ?? (memory_filter_write m t s addr writeb) + (λtmps.Some ? (pair ?? tmps (filtered_plus_w16 m t s cur_pc fetched))). + +(* scrittura bit su addr *) +ndefinition writebit_to ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λaddr:word16.λsub:oct.λcur_pc:word16.λfetched:nat.λwriteb:bool. + opt_map ?? (memory_filter_write_bit m t s addr sub writeb) + (λtmps.Some ? (pair ?? tmps (filtered_plus_w16 m t s cur_pc fetched))). + +(* scrittura word su addr *) +ndefinition writew_to ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λaddr:word16.λcur_pc:word16.λfetched:nat.λwritew:word16. + opt_map ?? (memory_filter_write m t s addr (w16h writew)) + (λtmps1.opt_map ?? (memory_filter_write m t tmps1 (succ_w16 addr) (w16l writew)) + (λtmps2.Some ? (pair ?? tmps2 (filtered_plus_w16 m t tmps2 cur_pc fetched)))). + +(* ausiliari per definire i tipi e la lettura/scrittura *) + +(* ausiliaria per definire il tipo di aux_load *) +ndefinition aux_load_typing ≝ +λm:mcu_type.λt:memory_impl.λbyteflag:bool. + any_status m t → word16 → word16 → nat → + option (Prod3T (any_status m t) match byteflag with [ true ⇒ byte8 | false ⇒ word16 ] word16). + +(* per non dover ramificare i vari load in byte/word *) +ndefinition aux_load ≝ +λm:mcu_type.λt:memory_impl.λbyteflag:bool.match byteflag return aux_load_typing m t with + [ true ⇒ loadb_from m t | false ⇒ loadw_from m t ]. + +(* ausiliaria per definire il tipo di aux_write *) +ndefinition aux_write_typing ≝ +λm:mcu_type.λt:memory_impl.λbyteflag:bool. + any_status m t → word16 → word16 → nat → + match byteflag with [ true ⇒ byte8 | false ⇒ word16 ] → + option (ProdT (any_status m t) word16). + +(* per non dover ramificare i vari load in byte/word *) +ndefinition aux_write ≝ +λm:mcu_type.λt:memory_impl.λbyteflag:bool.match byteflag return aux_write_typing m t with + [ true ⇒ writeb_to m t | false ⇒ writew_to m t ]. + +(* modalita' vere e proprie *) + +(* lettura da [curpc]: IMM1 comportamento asimmetrico, quindi non si appoggia a loadb *) +ndefinition mode_IMM1_load ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. + opt_map ?? (memory_filter_read m t s cur_pc) + (λb.Some ? (triple ??? s b (filtered_inc_w16 m t s cur_pc))). + +(* lettura da [curpc]: IMM1 + estensione a word *) +ndefinition mode_IMM1EXT_load ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. + opt_map ?? (memory_filter_read m t s cur_pc) + (λb.Some ? (triple ??? s 〈〈x0,x0〉:b〉 (filtered_inc_w16 m t s cur_pc))). + +(* lettura da [curpc]: IMM2 comportamento asimmetrico, quindi non si appoggia a loadw *) +ndefinition mode_IMM2_load ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. + opt_map ?? (memory_filter_read m t s cur_pc) + (λbh.opt_map ?? (memory_filter_read m t s (filtered_inc_w16 m t s cur_pc)) + (λbl.Some ? (triple ??? s (mk_word16 bh bl) (filtered_plus_w16 m t s cur_pc 2)))). + +(* lettura da [byte [curpc]]: true=DIR1 loadb, false=DIR1 loadw *) +ndefinition mode_DIR1_load ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. + opt_map ?? (memory_filter_read m t s cur_pc) + (λaddr.(aux_load m t byteflag) s 〈〈x0,x0〉:addr〉 cur_pc 1). + +(* lettura da [byte [curpc]]: loadbit *) +ndefinition mode_DIR1n_load ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16.λsub:oct. + opt_map ?? (memory_filter_read m t s cur_pc) + (λaddr.loadbit_from m t s 〈〈x0,x0〉:addr〉 sub cur_pc 1). + +(* scrittura su [byte [curpc]]: true=DIR1 writeb, false=DIR1 writew *) +ndefinition mode_DIR1_write ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. +λwritebw:match byteflag with [ true ⇒ byte8 | false ⇒ word16 ]. + opt_map ?? (memory_filter_read m t s cur_pc) + (λaddr.(aux_write m t byteflag) s 〈〈x0,x0〉:addr〉 cur_pc 1 writebw). + +(* scrittura su [byte [curpc]]: writebit *) +ndefinition mode_DIR1n_write ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16.λsub:oct.λwriteb:bool. + opt_map ?? (memory_filter_read m t s cur_pc) + (λaddr.writebit_to m t s 〈〈x0,x0〉:addr〉 sub cur_pc 1 writeb). + +(* lettura da [word [curpc]]: true=DIR2 loadb, false=DIR2 loadw *) +ndefinition mode_DIR2_load ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. + opt_map ?? (memory_filter_read m t s cur_pc) + (λaddrh.opt_map ?? (memory_filter_read m t s (filtered_inc_w16 m t s cur_pc)) + (λaddrl.(aux_load m t byteflag) s 〈addrh:addrl〉 cur_pc 2)). + +(* scrittura su [word [curpc]]: true=DIR2 writeb, false=DIR2 writew *) +ndefinition mode_DIR2_write ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. +λwritebw:match byteflag with [ true ⇒ byte8 | false ⇒ word16 ]. + opt_map ?? (memory_filter_read m t s cur_pc) + (λaddrh.opt_map ?? (memory_filter_read m t s (filtered_inc_w16 m t s cur_pc)) + (λaddrl.(aux_write m t byteflag) s 〈addrh:addrl〉 cur_pc 2 writebw)). + +ndefinition get_IX ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m with + [ HC05 ⇒ opt_map ?? (get_indX_8_low_reg m t s) (λindx.Some ? 〈〈x0,x0〉:indx〉) + | HC08 ⇒ opt_map ?? (get_indX_16_reg m t s) (λindx.Some ? indx) + | HCS08 ⇒ opt_map ?? (get_indX_16_reg m t s) (λindx.Some ? indx) + | RS08 ⇒ None ? ]. + +(* lettura da [IX]: true=IX0 loadb, false=IX0 loadw *) +ndefinition mode_IX0_load ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. + opt_map ?? (get_IX m t s) + (λaddr.(aux_load m t byteflag) s addr cur_pc 0). + +(* scrittura su [IX]: true=IX0 writeb, false=IX0 writew *) +ndefinition mode_IX0_write ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. +λwritebw:match byteflag with [ true ⇒ byte8 | false ⇒ word16 ]. + opt_map ?? (get_IX m t s) + (λaddr.(aux_write m t byteflag) s addr cur_pc 0 writebw). + +(* lettura da [IX+byte [pc]]: true=IX1 loadb, false=IX1 loadw *) +ndefinition mode_IX1_load ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. + opt_map ?? (get_IX m t s) + (λaddr.opt_map ?? (memory_filter_read m t s cur_pc) + (λoffs.(aux_load m t byteflag) s (plus_w16_d_d addr 〈〈x0,x0〉:offs〉) cur_pc 1)). + +(* lettura da X+[byte curpc] *) +ndefinition mode_IX1ADD_load ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. + opt_map ?? (memory_filter_read m t s cur_pc) + (λb.opt_map ?? (get_IX m t s) + (λaddr.Some ? (triple ??? s (plus_w16_d_d addr 〈〈x0,x0〉:b〉) (filtered_inc_w16 m t s cur_pc)))). + +(* scrittura su [IX+byte [pc]]: true=IX1 writeb, false=IX1 writew *) +ndefinition mode_IX1_write ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. +λwritebw:match byteflag with [ true ⇒ byte8 | false ⇒ word16 ]. + opt_map ?? (get_IX m t s) + (λaddr.opt_map ?? (memory_filter_read m t s cur_pc) + (λoffs.(aux_write m t byteflag) s (plus_w16_d_d addr 〈〈x0,x0〉:offs〉) cur_pc 1 writebw)). + +(* lettura da [IX+word [pc]]: true=IX2 loadb, false=IX2 loadw *) +ndefinition mode_IX2_load ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. + opt_map ?? (get_IX m t s) + (λaddr.opt_map ?? (memory_filter_read m t s cur_pc) + (λoffsh.opt_map ?? (memory_filter_read m t s (filtered_inc_w16 m t s cur_pc)) + (λoffsl.(aux_load m t byteflag) s (plus_w16_d_d addr 〈offsh:offsl〉) cur_pc 2))). + +(* lettura da X+[word curpc] *) +ndefinition mode_IX2ADD_load ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. + opt_map ?? (memory_filter_read m t s cur_pc) + (λbh.opt_map ?? (memory_filter_read m t s (filtered_inc_w16 m t s cur_pc)) + (λbl.opt_map ?? (get_IX m t s) + (λaddr.Some ? (triple ??? s (plus_w16_d_d addr 〈bh:bl〉) (filtered_plus_w16 m t s cur_pc 2))))). + +(* scrittura su [IX+word [pc]]: true=IX2 writeb, false=IX2 writew *) +ndefinition mode_IX2_write ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. +λwritebw:match byteflag with [ true ⇒ byte8 | false ⇒ word16 ]. + opt_map ?? (get_IX m t s) + (λaddr.opt_map ?? (memory_filter_read m t s cur_pc) + (λoffsh.opt_map ?? (memory_filter_read m t s (filtered_inc_w16 m t s cur_pc)) + (λoffsl.(aux_write m t byteflag) s (plus_w16_d_d addr 〈offsh:offsl〉) cur_pc 2 writebw))). + +(* lettura da [SP+byte [pc]]: true=SP1 loadb, false=SP1 loadw *) +ndefinition mode_SP1_load ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. + opt_map ?? (get_sp_reg m t s) + (λaddr.opt_map ?? (memory_filter_read m t s cur_pc) + (λoffs.(aux_load m t byteflag) s (plus_w16_d_d addr 〈〈x0,x0〉:offs〉) cur_pc 1)). + +(* scrittura su [SP+byte [pc]]: true=SP1 writeb, false=SP1 writew *) +ndefinition mode_SP1_write ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. +λwritebw:match byteflag with [ true ⇒ byte8 | false ⇒ word16 ]. + opt_map ?? (get_sp_reg m t s) + (λaddr.opt_map ?? (memory_filter_read m t s cur_pc) + (λoffs.(aux_write m t byteflag) s (plus_w16_d_d addr 〈〈x0,x0〉:offs〉) cur_pc 1 writebw)). + +(* lettura da [SP+word [pc]]: true=SP2 loadb, false=SP2 loadw *) +ndefinition mode_SP2_load ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. + opt_map ?? (get_sp_reg m t s) + (λaddr.opt_map ?? (memory_filter_read m t s cur_pc) + (λoffsh.opt_map ?? (memory_filter_read m t s (filtered_inc_w16 m t s cur_pc)) + (λoffsl.(aux_load m t byteflag) s (plus_w16_d_d addr 〈offsh:offsl〉) cur_pc 2))). + +(* scrittura su [SP+word [pc]]: true=SP2 writeb, false=SP2 writew *) +ndefinition mode_SP2_write ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16. +λwritebw:match byteflag with [ true ⇒ byte8 | false ⇒ word16 ]. + opt_map ?? (get_sp_reg m t s) + (λaddr.opt_map ?? (memory_filter_read m t s cur_pc) + (λoffsh.opt_map ?? (memory_filter_read m t s (filtered_inc_w16 m t s cur_pc)) + (λoffsl.(aux_write m t byteflag) s (plus_w16_d_d addr 〈offsh:offsl〉) cur_pc 2 writebw))). + +(* ************************************** *) +(* raccordo di tutte le possibili letture *) +(* ************************************** *) + +(* H:X++ *) +ndefinition aux_inc_indX_16 ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + opt_map ?? (get_indX_16_reg m t s) + (λX_op.opt_map ?? (set_indX_16_reg m t s (succ_w16 X_op)) + (λs_tmp.Some ? s_tmp)). + +(* tutte le modalita' di lettura: false=loadb true=loadw *) +ndefinition multi_mode_load ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl. + match byteflag + return λbyteflag:bool.any_status m t → word16 → instr_mode → + option (Prod3T (any_status m t) match byteflag with [ true ⇒ byte8 | false ⇒ word16 ] word16) + with + (* lettura di un byte *) + [ true ⇒ λs:any_status m t.λcur_pc:word16.λi:instr_mode.match i with +(* NO: non ci sono indicazioni *) + [ MODE_INH ⇒ None ? +(* restituisce A *) + | MODE_INHA ⇒ Some ? (triple ??? s (get_acc_8_low_reg m t s) cur_pc) +(* restituisce X *) + | MODE_INHX ⇒ opt_map ?? (get_indX_8_low_reg m t s) + (λindx.Some ? (triple ??? s indx cur_pc)) +(* restituisce H *) + | MODE_INHH ⇒ opt_map ?? (get_indX_8_high_reg m t s) + (λindx.Some ? (triple ??? s indx cur_pc)) + +(* NO: solo lettura word *) + | MODE_INHX0ADD ⇒ None ? +(* NO: solo lettura word *) + | MODE_INHX1ADD ⇒ None ? +(* NO: solo lettura word *) + | MODE_INHX2ADD ⇒ None ? + +(* preleva 1 byte immediato *) + | MODE_IMM1 ⇒ mode_IMM1_load m t s cur_pc +(* NO: solo lettura word *) + | MODE_IMM1EXT ⇒ None ? +(* NO: solo lettura word *) + | MODE_IMM2 ⇒ None ? +(* preleva 1 byte da indirizzo diretto 1 byte *) + | MODE_DIR1 ⇒ mode_DIR1_load true m t s cur_pc +(* preleva 1 byte da indirizzo diretto 1 word *) + | MODE_DIR2 ⇒ mode_DIR2_load true m t s cur_pc +(* preleva 1 byte da H:X *) + | MODE_IX0 ⇒ mode_IX0_load true m t s cur_pc +(* preleva 1 byte da H:X+1 byte offset *) + | MODE_IX1 ⇒ mode_IX1_load true m t s cur_pc +(* preleva 1 byte da H:X+1 word offset *) + | MODE_IX2 ⇒ mode_IX2_load true m t s cur_pc +(* preleva 1 byte da SP+1 byte offset *) + | MODE_SP1 ⇒ mode_SP1_load true m t s cur_pc +(* preleva 1 byte da SP+1 word offset *) + | MODE_SP2 ⇒ mode_SP2_load true m t s cur_pc + +(* come DIR1, chiamare scrittura per passo2: scrittura su DIR1 *) + | MODE_DIR1_to_DIR1 ⇒ mode_DIR1_load true m t s cur_pc +(* come IMM1, chiamare scrittura per passo2: scrittura su DIR1 *) + | MODE_IMM1_to_DIR1 ⇒ mode_IMM1_load m t s cur_pc +(* come IX0, chiamare scrittura per passo2: scrittura su DIR1 e X++ *) + | MODE_IX0p_to_DIR1 ⇒ mode_IX0_load true m t s cur_pc +(* come DIR1, chiamare scrittura per passo2: scrittura su IX0 e X++ *) + | MODE_DIR1_to_IX0p ⇒ mode_DIR1_load true m t s cur_pc + +(* NO: solo lettura word/scrittura byte *) + | MODE_INHA_and_IMM1 ⇒ None ? +(* NO: solo lettura word/scrittura byte *) + | MODE_INHX_and_IMM1 ⇒ None ? +(* NO: solo lettura word *) + | MODE_IMM1_and_IMM1 ⇒ None ? +(* NO: solo lettura word/scrittura byte *) + | MODE_DIR1_and_IMM1 ⇒ None ? +(* NO: solo lettura word/scrittura byte *) + | MODE_IX0_and_IMM1 ⇒ None ? +(* NO: solo lettura word *) + | MODE_IX0p_and_IMM1 ⇒ None ? +(* NO: solo lettura word/scrittura byte *) + | MODE_IX1_and_IMM1 ⇒ None ? +(* NO: solo lettura word *) + | MODE_IX1p_and_IMM1 ⇒ None ? +(* NO: solo lettura word/scrittura byte *) + | MODE_SP1_and_IMM1 ⇒ None ? + +(* NO: solo scrittura byte *) + | MODE_DIRn _ ⇒ None ? +(* NO: solo lettura word *) + | MODE_DIRn_and_IMM1 _ ⇒ None ? +(* preleva 1 byte da 0000 0000 0000 xxxxb *) + | MODE_TNY e ⇒ opt_map ?? (memory_filter_read m t s 〈〈x0,x0〉:〈x0,e〉〉) + (λb.Some ? (triple ??? s b cur_pc)) +(* preleva 1 byte da 0000 0000 000x xxxxb *) + | MODE_SRT e ⇒ opt_map ?? (memory_filter_read m t s 〈〈x0,x0〉:(byte8_of_bitrigesim e)〉) + (λb.Some ? (triple ??? s b cur_pc)) + ] +(* lettura di una word *) + | false ⇒ λs:any_status m t.λcur_pc:word16.λi:instr_mode.match i with +(* NO: non ci sono indicazioni *) + [ MODE_INH ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_INHA ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_INHX ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_INHH ⇒ None ? + +(* preleva 1 word immediato *) + | MODE_INHX0ADD ⇒ opt_map ?? (get_IX m t s) + (λw.Some ? (triple ??? s w cur_pc)) +(* preleva 1 word immediato *) + | MODE_INHX1ADD ⇒ mode_IX1ADD_load m t s cur_pc +(* preleva 1 word immediato *) + | MODE_INHX2ADD ⇒ mode_IX2ADD_load m t s cur_pc + +(* NO: solo lettura byte *) + | MODE_IMM1 ⇒ None ? +(* preleva 1 word immediato *) + | MODE_IMM1EXT ⇒ mode_IMM1EXT_load m t s cur_pc +(* preleva 1 word immediato *) + | MODE_IMM2 ⇒ mode_IMM2_load m t s cur_pc +(* preleva 1 word da indirizzo diretto 1 byte *) + | MODE_DIR1 ⇒ mode_DIR1_load false m t s cur_pc +(* preleva 1 word da indirizzo diretto 1 word *) + | MODE_DIR2 ⇒ mode_DIR2_load false m t s cur_pc +(* preleva 1 word da H:X *) + | MODE_IX0 ⇒ mode_IX0_load false m t s cur_pc +(* preleva 1 word da H:X+1 byte offset *) + | MODE_IX1 ⇒ mode_IX1_load false m t s cur_pc +(* preleva 1 word da H:X+1 word offset *) + | MODE_IX2 ⇒ mode_IX2_load false m t s cur_pc +(* preleva 1 word da SP+1 byte offset *) + | MODE_SP1 ⇒ mode_SP1_load false m t s cur_pc +(* preleva 1 word da SP+1 word offset *) + | MODE_SP2 ⇒ mode_SP2_load false m t s cur_pc + +(* NO: solo lettura/scrittura byte *) + | MODE_DIR1_to_DIR1 ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_IMM1_to_DIR1 ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_IX0p_to_DIR1 ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_DIR1_to_IX0p ⇒ None ? + +(* preleva 2 byte, possibilita' modificare Io argomento *) + | MODE_INHA_and_IMM1 ⇒ opt_map ?? (mode_IMM1_load m t s cur_pc) + (λS_immb_and_PC.match S_immb_and_PC with + [ triple _ immb cur_pc' ⇒ + Some ? (triple ??? s 〈(get_acc_8_low_reg m t s):immb〉 cur_pc')]) +(* preleva 2 byte, possibilita' modificare Io argomento *) + | MODE_INHX_and_IMM1 ⇒ opt_map ?? (get_indX_8_low_reg m t s) + (λX_op.opt_map ?? (mode_IMM1_load m t s cur_pc) + (λS_immb_and_PC.match S_immb_and_PC with + [ triple _ immb cur_pc' ⇒ + Some ? (triple ??? s 〈X_op:immb〉 cur_pc')])) +(* preleva 2 byte, NO possibilita' modificare Io argomento *) + | MODE_IMM1_and_IMM1 ⇒ opt_map ?? (mode_IMM1_load m t s cur_pc) + (λS_immb1_and_PC.match S_immb1_and_PC with + [ triple _ immb1 cur_pc' ⇒ + opt_map ?? (mode_IMM1_load m t s cur_pc') + (λS_immb2_and_PC.match S_immb2_and_PC with + [ triple _ immb2 cur_pc'' ⇒ + Some ? (triple ??? s 〈immb1:immb2〉 cur_pc'')])]) +(* preleva 2 byte, possibilita' modificare Io argomento *) + | MODE_DIR1_and_IMM1 ⇒ opt_map ?? (mode_DIR1_load true m t s cur_pc) + (λS_dirb_and_PC.match S_dirb_and_PC with + [ triple _ dirb cur_pc' ⇒ + opt_map ?? (mode_IMM1_load m t s cur_pc') + (λS_immb_and_PC.match S_immb_and_PC with + [ triple _ immb cur_pc'' ⇒ + Some ? (triple ??? s 〈dirb:immb〉 cur_pc'')])]) +(* preleva 2 byte, possibilita' modificare Io argomento *) + | MODE_IX0_and_IMM1 ⇒ opt_map ?? (mode_IX0_load true m t s cur_pc) + (λS_ixb_and_PC.match S_ixb_and_PC with + [ triple _ ixb cur_pc' ⇒ + opt_map ?? (mode_IMM1_load m t s cur_pc') + (λS_immb_and_PC.match S_immb_and_PC with + [ triple _ immb cur_pc'' ⇒ + Some ? (triple ??? s 〈ixb:immb〉 cur_pc'')])]) +(* preleva 2 byte, H:X++, NO possibilita' modificare Io argomento *) + | MODE_IX0p_and_IMM1 ⇒ opt_map ?? (mode_IX0_load true m t s cur_pc) + (λS_ixb_and_PC.match S_ixb_and_PC with + [ triple _ ixb cur_pc' ⇒ + opt_map ?? (mode_IMM1_load m t s cur_pc') + (λS_immb_and_PC.match S_immb_and_PC with + [ triple _ immb cur_pc'' ⇒ + (* H:X++ *) + opt_map ?? (aux_inc_indX_16 m t s) + (λs'.Some ? (triple ??? s' 〈ixb:immb〉 cur_pc''))])]) +(* preleva 2 byte, possibilita' modificare Io argomento *) + | MODE_IX1_and_IMM1 ⇒ opt_map ?? (mode_IX1_load true m t s cur_pc) + (λS_ixb_and_PC.match S_ixb_and_PC with + [ triple _ ixb cur_pc' ⇒ + opt_map ?? (mode_IMM1_load m t s cur_pc') + (λS_immb_and_PC.match S_immb_and_PC with + [ triple _ immb cur_pc'' ⇒ + Some ? (triple ??? s 〈ixb:immb〉 cur_pc'')])]) +(* preleva 2 byte, H:X++, NO possibilita' modificare Io argomento *) + | MODE_IX1p_and_IMM1 ⇒ opt_map ?? (mode_IX1_load true m t s cur_pc) + (λS_ixb_and_PC.match S_ixb_and_PC with + [ triple _ ixb cur_pc' ⇒ + opt_map ?? (mode_IMM1_load m t s cur_pc') + (λS_immb_and_PC.match S_immb_and_PC with + [ triple _ immb cur_pc'' ⇒ + (* H:X++ *) + opt_map ?? (aux_inc_indX_16 m t s) + (λs'.Some ? (triple ??? s' 〈ixb:immb〉 cur_pc''))])]) +(* preleva 2 byte, possibilita' modificare Io argomento *) + | MODE_SP1_and_IMM1 ⇒ opt_map ?? (mode_SP1_load true m t s cur_pc) + (λS_spb_and_PC.match S_spb_and_PC with + [ triple _ spb cur_pc' ⇒ + opt_map ?? (mode_IMM1_load m t s cur_pc') + (λS_immb_and_PC.match S_immb_and_PC with + [ triple _ immb cur_pc'' ⇒ + Some ? (triple ??? s 〈spb:immb〉 cur_pc'')])]) + +(* NO: solo scrittura byte *) + | MODE_DIRn _ ⇒ None ? +(* preleva 2 byte, il primo e' filtrato per azzerare tutti i bit tranne n-simo *) + | MODE_DIRn_and_IMM1 msk ⇒ opt_map ?? (mode_DIR1n_load m t s cur_pc msk) + (λS_dirbn_and_PC.match S_dirbn_and_PC with + [ triple _ dirbn cur_pc' ⇒ + opt_map ?? (mode_IMM1_load m t s cur_pc') + (λS_immb_and_PC.match S_immb_and_PC with + [ triple _ immb cur_pc'' ⇒ + Some ? (triple ??? s 〈〈x0,match dirbn with [ true ⇒ x1 | false ⇒ x0 ]〉:immb〉 cur_pc'') ])]) +(* NO: solo lettura/scrittura byte *) + | MODE_TNY _ ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_SRT _ ⇒ None ? + ] + ]. + +(* **************************************** *) +(* raccordo di tutte le possibili scritture *) +(* **************************************** *) + +(* tutte le modalita' di scrittura: true=writeb, false=writew *) +ndefinition multi_mode_write ≝ +λbyteflag:bool.λm:mcu_type.λt:memory_impl.match byteflag + return λbyteflag:bool.any_status m t → word16 → instr_mode → + match byteflag with [ true ⇒ byte8 | false ⇒ word16 ] → + option (ProdT (any_status m t) word16) with + (* scrittura di un byte *) + [ true ⇒ λs:any_status m t.λcur_pc:word16.λi:instr_mode.λwriteb:byte8.match i with +(* NO: non ci sono indicazioni *) + [ MODE_INH ⇒ None ? +(* scrive A *) + | MODE_INHA ⇒ Some ? (pair ?? (set_acc_8_low_reg m t s writeb) cur_pc) +(* scrive X *) + | MODE_INHX ⇒ opt_map ?? (set_indX_8_low_reg m t s writeb) + (λtmps.Some ? (pair ?? tmps cur_pc)) +(* scrive H *) + | MODE_INHH ⇒ opt_map ?? (set_indX_8_high_reg m t s writeb) + (λtmps.Some ? (pair ?? tmps cur_pc)) + +(* NO: solo lettura word *) + | MODE_INHX0ADD ⇒ None ? +(* NO: solo lettura word *) + | MODE_INHX1ADD ⇒ None ? +(* NO: solo lettura word *) + | MODE_INHX2ADD ⇒ None ? + +(* NO: solo lettura byte *) + | MODE_IMM1 ⇒ None ? +(* NO: solo lettura word *) + | MODE_IMM1EXT ⇒ None ? +(* NO: solo lettura word *) + | MODE_IMM2 ⇒ None ? +(* scrive 1 byte su indirizzo diretto 1 byte *) + | MODE_DIR1 ⇒ mode_DIR1_write true m t s cur_pc writeb +(* scrive 1 byte su indirizzo diretto 1 word *) + | MODE_DIR2 ⇒ mode_DIR2_write true m t s cur_pc writeb +(* scrive 1 byte su H:X *) + | MODE_IX0 ⇒ mode_IX0_write true m t s cur_pc writeb +(* scrive 1 byte su H:X+1 byte offset *) + | MODE_IX1 ⇒ mode_IX1_write true m t s cur_pc writeb +(* scrive 1 byte su H:X+1 word offset *) + | MODE_IX2 ⇒ mode_IX2_write true m t s cur_pc writeb +(* scrive 1 byte su SP+1 byte offset *) + | MODE_SP1 ⇒ mode_SP1_write true m t s cur_pc writeb +(* scrive 1 byte su SP+1 word offset *) + | MODE_SP2 ⇒ mode_SP2_write true m t s cur_pc writeb + +(* passo2: scrittura su DIR1, passo1: lettura da DIR1 *) + | MODE_DIR1_to_DIR1 ⇒ mode_DIR1_write true m t s cur_pc writeb +(* passo2: scrittura su DIR1, passo1: lettura da IMM1 *) + | MODE_IMM1_to_DIR1 ⇒ mode_DIR1_write true m t s cur_pc writeb +(* passo2: scrittura su DIR1 e X++, passo1: lettura da IX0 *) + | MODE_IX0p_to_DIR1 ⇒ opt_map ?? (mode_DIR1_write true m t s cur_pc writeb) + (λS_and_PC.match S_and_PC with [ pair S_op PC_op ⇒ + (* H:X++ *) + opt_map ?? (aux_inc_indX_16 m t S_op) + (λS_op'.Some ? (pair ?? S_op' PC_op))]) +(* passo2: scrittura su IX0 e X++, passo1: lettura da DIR1 *) + | MODE_DIR1_to_IX0p ⇒ opt_map ?? (mode_IX0_write true m t s cur_pc writeb) + (λS_and_PC.match S_and_PC with [ pair S_op PC_op ⇒ + (* H:X++ *) + opt_map ?? (aux_inc_indX_16 m t S_op) + (λS_op'.Some ? (pair ?? S_op' PC_op))]) + +(* dopo aver prelevato 2 byte la possibilita' modificare Io argomento = INHA *) + | MODE_INHA_and_IMM1 ⇒ Some ? (pair ?? (set_acc_8_low_reg m t s writeb) cur_pc) +(* dopo aver prelevato 2 byte la possibilita' modificare Io argomento = INHX *) + | MODE_INHX_and_IMM1 ⇒ opt_map ?? (set_indX_8_low_reg m t s writeb) + (λtmps.Some ? (pair ?? tmps cur_pc)) +(* NO: solo lettura word *) + | MODE_IMM1_and_IMM1 ⇒ None ? +(* dopo aver prelevato 2 byte la possibilita' modificare Io argomento = DIR1 *) + | MODE_DIR1_and_IMM1 ⇒ mode_DIR1_write true m t s cur_pc writeb +(* dopo aver prelevato 2 byte la possibilita' modificare Io argomento = IX0 *) + | MODE_IX0_and_IMM1 ⇒ mode_IX0_write true m t s cur_pc writeb +(* NO: solo lettura word *) + | MODE_IX0p_and_IMM1 ⇒ None ? +(* dopo aver prelevato 2 byte la possibilita' modificare Io argomento = IX1 *) + | MODE_IX1_and_IMM1 ⇒ mode_IX1_write true m t s cur_pc writeb +(* NO: solo lettura word *) + | MODE_IX1p_and_IMM1 ⇒ None ? +(* dopo aver prelevato 2 byte la possibilita' modificare Io argomento = SP1 *) + | MODE_SP1_and_IMM1 ⇒ mode_SP1_write true m t s cur_pc writeb + +(* scrive 1 byte, ma la scrittura avviene solo per n-simo bit = leggi/modifica bit/scrivi *) + | MODE_DIRn msk ⇒ mode_DIR1n_write m t s cur_pc msk (getn_array8T msk bool (bits_of_byte8 writeb)) +(* NO: solo lettura word *) + | MODE_DIRn_and_IMM1 _ ⇒ None ? +(* scrive 1 byte su 0000 0000 0000 xxxxb *) + | MODE_TNY e ⇒ opt_map ?? (memory_filter_write m t s 〈〈x0,x0〉:〈x0,e〉〉 writeb) + (λtmps.Some ? (pair ?? tmps cur_pc)) +(* scrive 1 byte su 0000 0000 000x xxxxb *) + | MODE_SRT e ⇒ opt_map ?? (memory_filter_write m t s 〈〈x0,x0〉:(byte8_of_bitrigesim e)〉 writeb) + (λtmps.Some ? (pair ?? tmps cur_pc)) ] + (* scrittura di una word *) + | false ⇒ λs:any_status m t.λcur_pc:word16.λi:instr_mode.λwritew:word16.match i with +(* NO: non ci sono indicazioni *) + [ MODE_INH ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_INHA ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_INHX ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_INHH ⇒ None ? + +(* NO: solo lettura word *) + | MODE_INHX0ADD ⇒ None ? +(* NO: solo lettura word *) + | MODE_INHX1ADD ⇒ None ? +(* NO: solo lettura word *) + | MODE_INHX2ADD ⇒ None ? + +(* NO: solo lettura byte *) + | MODE_IMM1 ⇒ None ? +(* NO: solo lettura word *) + | MODE_IMM1EXT ⇒ None ? +(* NO: solo lettura word *) + | MODE_IMM2 ⇒ None ? +(* scrive 1 word su indirizzo diretto 1 byte *) + | MODE_DIR1 ⇒ mode_DIR1_write false m t s cur_pc writew +(* scrive 1 word su indirizzo diretto 1 word *) + | MODE_DIR2 ⇒ mode_DIR2_write false m t s cur_pc writew +(* scrive 1 word su H:X *) + | MODE_IX0 ⇒ mode_IX0_write false m t s cur_pc writew +(* scrive 1 word su H:X+1 byte offset *) + | MODE_IX1 ⇒ mode_IX1_write false m t s cur_pc writew +(* scrive 1 word su H:X+1 word offset *) + | MODE_IX2 ⇒ mode_IX2_write false m t s cur_pc writew +(* scrive 1 word su SP+1 byte offset *) + | MODE_SP1 ⇒ mode_SP1_write false m t s cur_pc writew +(* scrive 1 word su SP+1 word offset *) + | MODE_SP2 ⇒ mode_SP2_write false m t s cur_pc writew + +(* NO: solo lettura/scrittura byte *) + | MODE_DIR1_to_DIR1 ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_IMM1_to_DIR1 ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_IX0p_to_DIR1 ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_DIR1_to_IX0p ⇒ None ? + +(* NO: solo lettura word/scrittura byte *) + | MODE_INHA_and_IMM1 ⇒ None ? +(* NO: solo lettura word/scrittura byte *) + | MODE_INHX_and_IMM1 ⇒ None ? +(* NO: solo lettura word *) + | MODE_IMM1_and_IMM1 ⇒ None ? +(* NO: solo lettura word/scrittura byte *) + | MODE_DIR1_and_IMM1 ⇒ None ? +(* NO: solo lettura word/scrittura byte *) + | MODE_IX0_and_IMM1 ⇒ None ? +(* NO: solo lettura word *) + | MODE_IX0p_and_IMM1 ⇒ None ? +(* NO: solo lettura word/scrittura byte *) + | MODE_IX1_and_IMM1 ⇒ None ? +(* NO: solo lettura word *) + | MODE_IX1p_and_IMM1 ⇒ None ? +(* NO: solo lettura word/scrittura byte *) + | MODE_SP1_and_IMM1 ⇒ None ? + +(* NO: solo scrittura byte *) + | MODE_DIRn _ ⇒ None ? +(* NO: solo lettura word *) + | MODE_DIRn_and_IMM1 _ ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_TNY _ ⇒ None ? +(* NO: solo lettura/scrittura byte *) + | MODE_SRT _ ⇒ None ? + ] + ]. diff --git a/helm/software/matita/contribs/ng_assembly/freescale/memory_abs.ma b/helm/software/matita/contribs/ng_assembly/freescale/memory_abs.ma new file mode 100755 index 000000000..d1934684d --- /dev/null +++ b/helm/software/matita/contribs/ng_assembly/freescale/memory_abs.ma @@ -0,0 +1,247 @@ +(**************************************************************************) +(* ___ *) +(* ||M|| *) +(* ||A|| A project by Andrea Asperti *) +(* ||T|| *) +(* ||I|| Developers: *) +(* ||T|| The HELM team. *) +(* ||A|| http://helm.cs.unibo.it *) +(* \ / *) +(* \ / This file is distributed under the terms of the *) +(* v GNU General Public License Version 2 *) +(* *) +(**************************************************************************) + +(* ********************************************************************** *) +(* Progetto FreeScale *) +(* *) +(* Sviluppato da: *) +(* Cosimo Oliboni, oliboni@cs.unibo.it *) +(* *) +(* Questo materiale fa parte della tesi: *) +(* "Formalizzazione Interattiva dei Microcontroller a 8bit FreeScale" *) +(* *) +(* data ultima modifica 15/11/2007 *) +(* ********************************************************************** *) + +include "freescale/memory_func.ma". +include "freescale/memory_trees.ma". +include "freescale/memory_bits.ma". + +(* ********************************************* *) +(* ASTRAZIONE DALL'IMPLEMENTAZIONE DELLA MEMORIA *) +(* ********************************************* *) + +(* tipi di implementazione della memoria *) +ninductive memory_impl : Type ≝ + MEM_FUNC: memory_impl +| MEM_TREE: memory_impl +| MEM_BITS: memory_impl. + +ndefinition memory_impl_ind : ΠP:memory_impl → Prop.P MEM_FUNC → P MEM_TREE → P MEM_BITS → Πm:memory_impl.P m ≝ +λP:memory_impl → Prop.λp:P MEM_FUNC.λp1:P MEM_TREE.λp2:P MEM_BITS.λm:memory_impl. + match m with [ MEM_FUNC ⇒ p | MEM_TREE ⇒ p1 | MEM_BITS ⇒ p2 ]. + +ndefinition memory_impl_rec : ΠP:memory_impl → Set.P MEM_FUNC → P MEM_TREE → P MEM_BITS → Πm:memory_impl.P m ≝ +λP:memory_impl → Set.λp:P MEM_FUNC.λp1:P MEM_TREE.λp2:P MEM_BITS.λm:memory_impl. + match m with [ MEM_FUNC ⇒ p | MEM_TREE ⇒ p1 | MEM_BITS ⇒ p2 ]. + +ndefinition memory_impl_rect : ΠP:memory_impl → Type.P MEM_FUNC → P MEM_TREE → P MEM_BITS → Πm:memory_impl.P m ≝ +λP:memory_impl → Type.λp:P MEM_FUNC.λp1:P MEM_TREE.λp2:P MEM_BITS.λm:memory_impl. + match m with [ MEM_FUNC ⇒ p | MEM_TREE ⇒ p1 | MEM_BITS ⇒ p2 ]. + +(* ausiliario per il tipo della memoria *) +ndefinition aux_mem_type ≝ +λt:memory_impl.match t with + [ MEM_FUNC ⇒ word16 → byte8 + | MEM_TREE ⇒ Array16T (Array16T (Array16T (Array16T byte8))) + | MEM_BITS ⇒ Array16T (Array16T (Array16T (Array16T (Array8T bool)))) + ]. + +(* ausiliario per il tipo del checker *) +ndefinition aux_chk_type ≝ +λt:memory_impl.match t with + [ MEM_FUNC ⇒ word16 → memory_type + | MEM_TREE ⇒ Array16T (Array16T (Array16T (Array16T memory_type))) + | MEM_BITS ⇒ Array16T (Array16T (Array16T (Array16T (Array8T memory_type)))) + ]. + +(* unificazione di out_of_bound_memory *) +ndefinition out_of_bound_memory ≝ +λt:memory_impl. + match t + return λt.aux_chk_type t + with + [ MEM_FUNC ⇒ mf_out_of_bound_memory + | MEM_TREE ⇒ mt_out_of_bound_memory + | MEM_BITS ⇒ mb_out_of_bound_memory + ]. + +(* unificazione di zero_memory *) +ndefinition zero_memory ≝ +λt:memory_impl. + match t + return λt.aux_mem_type t + with + [ MEM_FUNC ⇒ mf_zero_memory + | MEM_TREE ⇒ mt_zero_memory + | MEM_BITS ⇒ mb_zero_memory + ]. + +(* unificazione della lettura senza chk: mem_read_abs mem addr *) +ndefinition mem_read_abs ≝ +λt:memory_impl. + match t + return λt.aux_mem_type t → word16 → byte8 + with + [ MEM_FUNC ⇒ λm:aux_mem_type MEM_FUNC. + λaddr:word16. + m addr + | MEM_TREE ⇒ λm:aux_mem_type MEM_TREE. + λaddr:word16. + mt_visit byte8 m addr + | MEM_BITS ⇒ λm:aux_mem_type MEM_BITS. + λaddr:word16. + byte8_of_bits (mt_visit (Array8T bool) m addr) + ]. + +(* unificazione del chk *) +ndefinition chk_get ≝ +λt:memory_impl.λc:aux_chk_type t.λaddr:word16. + match t + return λt.aux_chk_type t → word16 → Array8T memory_type + with + [ MEM_FUNC ⇒ mf_chk_get + | MEM_TREE ⇒ mt_chk_get + | MEM_BITS ⇒ mb_chk_get + ] c addr. + +(* unificazione della lettura con chk: mem_read mem chk addr *) +ndefinition mem_read ≝ +λt:memory_impl.λm:aux_mem_type t.λc:aux_chk_type t.λaddr:word16. + match t + return λt.aux_mem_type t → aux_chk_type t → word16 → option byte8 + with + [ MEM_FUNC ⇒ mf_mem_read + | MEM_TREE ⇒ mt_mem_read + | MEM_BITS ⇒ mb_mem_read + ] m c addr. + +(* unificazione della lettura di bit con chk: mem_read mem chk addr sub *) +ndefinition mem_read_bit ≝ +λt:memory_impl. + match t + return λt.aux_mem_type t → aux_chk_type t → word16 → oct → option bool + with + [ MEM_FUNC ⇒ λm:aux_mem_type MEM_FUNC. + λc:aux_chk_type MEM_FUNC. + λaddr:word16. + λo:oct. + opt_map ?? (mf_mem_read m c addr) + (λb.Some ? (getn_array8T o bool (bits_of_byte8 b))) + | MEM_TREE ⇒ λm:aux_mem_type MEM_TREE. + λc:aux_chk_type MEM_TREE. + λaddr:word16. + λo:oct. + opt_map ?? (mt_mem_read m c addr) + (λb.Some ? (getn_array8T o bool (bits_of_byte8 b))) + | MEM_BITS ⇒ λm:aux_mem_type MEM_BITS. + λc:aux_chk_type MEM_BITS. + λaddr:word16. + λo:oct. + mb_mem_read_bit m c addr o + ]. + +(* unificazione della scrittura con chk: mem_update mem chk addr val *) +ndefinition mem_update ≝ +λt:memory_impl.λm:aux_mem_type t.λc:aux_chk_type t.λaddr:word16.λv:byte8. + match t + return λt.aux_mem_type t → Array8T memory_type → word16 → byte8 → option (aux_mem_type t) + with + [ MEM_FUNC ⇒ mf_mem_update + | MEM_TREE ⇒ mt_mem_update + | MEM_BITS ⇒ mb_mem_update + ] m (chk_get t c addr) addr v. + +(* unificazione della scrittura di bit con chk: mem_update mem chk addr sub val *) +ndefinition mem_update_bit ≝ +λt:memory_impl. + match t + return λt.aux_mem_type t → aux_chk_type t → word16 → oct → bool → option (aux_mem_type t) + with + [ MEM_FUNC ⇒ λm:aux_mem_type MEM_FUNC. + λc:aux_chk_type MEM_FUNC. + λaddr:word16. + λo:oct. + λv:bool. + opt_map ?? (mf_mem_read m c addr) + (λb.mf_mem_update m (chk_get MEM_FUNC c addr) addr (byte8_of_bits (setn_array8T o bool (bits_of_byte8 b) v))) + | MEM_TREE ⇒ λm:aux_mem_type MEM_TREE. + λc:aux_chk_type MEM_TREE. + λaddr:word16. + λo:oct. + λv:bool. + opt_map ?? (mt_mem_read m c addr) + (λb.mt_mem_update m (chk_get MEM_TREE c addr) addr (byte8_of_bits (setn_array8T o bool (bits_of_byte8 b) v))) + | MEM_BITS ⇒ λm:aux_mem_type MEM_BITS. + λc:aux_chk_type MEM_BITS. + λaddr:word16. + λo:oct. + λv:bool. + mb_mem_update_bit m c addr o v + ]. + +(* unificazione del caricamento: load_from_source_at old_mem source addr *) +ndefinition load_from_source_at ≝ +λt:memory_impl.λm:aux_mem_type t.λl:list byte8.λaddr:word16. + match t + return λt.aux_mem_type t → list byte8 → word16 → aux_mem_type t + with + [ MEM_FUNC ⇒ mf_load_from_source_at + | MEM_TREE ⇒ mt_load_from_source_at + | MEM_BITS ⇒ mb_load_from_source_at + ] m l addr. + +(* unificazione dell'impostazione della memoria: chk_update_ranged chk inf sup v *) +ndefinition check_update_ranged ≝ +λt:memory_impl. + match t + return λt.aux_chk_type t → word16 → word16 → memory_type → aux_chk_type t + with + [ MEM_FUNC ⇒ λc:aux_chk_type MEM_FUNC. + λinf,sup:word16. + λv:memory_type. + mf_check_update_ranged c inf sup v + | MEM_TREE ⇒ λc:aux_chk_type MEM_TREE. + λinf,sup:word16. + λv:memory_type. + mt_update_ranged memory_type c inf sup v + | MEM_BITS ⇒ λc:aux_chk_type MEM_BITS. + λinf,sup:word16. + λv:memory_type. + mt_update_ranged (Array8T memory_type) c inf sup (array_8T memory_type v v v v v v v v) + ]. + +(* unificazione dell'impostazione dei bit: chk_update_bit chk addr sub v *) +(* NB: dove non esiste la granularita' del bit, lascio inalterato *) +ndefinition check_update_bit ≝ +λt:memory_impl. + match t + return λt.aux_chk_type t → word16 → oct → memory_type → aux_chk_type t + with + [ MEM_FUNC ⇒ λc:aux_chk_type MEM_FUNC. + λaddr:word16. + λo:oct. + λv:memory_type. + c + | MEM_TREE ⇒ λc:aux_chk_type MEM_TREE. + λaddr:word16. + λo:oct. + λv:memory_type. + c + | MEM_BITS ⇒ λc:aux_chk_type MEM_BITS. + λaddr:word16. + λo:oct. + λv:memory_type. + mb_chk_update_bit c addr o v + ]. diff --git a/helm/software/matita/contribs/ng_assembly/freescale/memory_bits.ma b/helm/software/matita/contribs/ng_assembly/freescale/memory_bits.ma new file mode 100755 index 000000000..2b0b73624 --- /dev/null +++ b/helm/software/matita/contribs/ng_assembly/freescale/memory_bits.ma @@ -0,0 +1,231 @@ +(**************************************************************************) +(* ___ *) +(* ||M|| *) +(* ||A|| A project by Andrea Asperti *) +(* ||T|| *) +(* ||I|| Developers: *) +(* ||T|| The HELM team. *) +(* ||A|| http://helm.cs.unibo.it *) +(* \ / *) +(* \ / This file is distributed under the terms of the *) +(* v GNU General Public License Version 2 *) +(* *) +(**************************************************************************) + +(* ********************************************************************** *) +(* Progetto FreeScale *) +(* *) +(* Sviluppato da: *) +(* Cosimo Oliboni, oliboni@cs.unibo.it *) +(* *) +(* Questo materiale fa parte della tesi: *) +(* "Formalizzazione Interattiva dei Microcontroller a 8bit FreeScale" *) +(* *) +(* data ultima modifica 15/11/2007 *) +(* ********************************************************************** *) + +include "freescale/memory_trees.ma". + +(* ********************* *) +(* MEMORIA E DESCRITTORE *) +(* ********************* *) + +(* tutta la memoria non installata *) +ndefinition mb_out_of_bound_memory ≝ +let base ≝ array_8T memory_type MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND + MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND in +let lev4 ≝ array_16T ? + base base base base base base base base + base base base base base base base base + in +let lev3 ≝ array_16T ? + lev4 lev4 lev4 lev4 lev4 lev4 lev4 lev4 + lev4 lev4 lev4 lev4 lev4 lev4 lev4 lev4 + in +let lev2 ≝ array_16T ? + lev3 lev3 lev3 lev3 lev3 lev3 lev3 lev3 + lev3 lev3 lev3 lev3 lev3 lev3 lev3 lev3 + in +let lev1 ≝ array_16T ? + lev2 lev2 lev2 lev2 lev2 lev2 lev2 lev2 + lev2 lev2 lev2 lev2 lev2 lev2 lev2 lev2 + in +lev1. + +(* tutta la memoria a 0 *) +ndefinition mb_zero_memory ≝ +let base ≝ array_8T bool false false false false false false false false in +let lev4 ≝ array_16T ? + base base base base base base base base + base base base base base base base base + in +let lev3 ≝ array_16T ? + lev4 lev4 lev4 lev4 lev4 lev4 lev4 lev4 + lev4 lev4 lev4 lev4 lev4 lev4 lev4 lev4 + in +let lev2 ≝ array_16T ? + lev3 lev3 lev3 lev3 lev3 lev3 lev3 lev3 + lev3 lev3 lev3 lev3 lev3 lev3 lev3 lev3 + in +let lev1 ≝ array_16T ? + lev2 lev2 lev2 lev2 lev2 lev2 lev2 lev2 + lev2 lev2 lev2 lev2 lev2 lev2 lev2 lev2 + in +lev1. + +(* scrivi bit controllando il tipo di memoria *) +ndefinition mb_mem_update_bit ≝ +λmem:Array16T (Array16T (Array16T (Array16T (Array8T bool)))). +λchk:Array16T (Array16T (Array16T (Array16T (Array8T memory_type)))). +λaddr:word16.λsub:oct.λv:bool. + match getn_array8T sub memory_type (mt_visit (Array8T memory_type) chk addr) with + (* ROM? ok, ma il valore viene perso *) + [ MEM_READ_ONLY ⇒ Some ? mem + (* RAM? ok *) + | MEM_READ_WRITE ⇒ Some ? (mt_update (Array8T bool) mem addr (setn_array8T sub bool (mt_visit (Array8T bool) mem addr) v)) + (* NON INSTALLATA? no *) + | MEM_OUT_OF_BOUND ⇒ None ? ]. + +(* scrivi tipo di bit *) +ndefinition mb_chk_update_bit ≝ +λchk:Array16T (Array16T (Array16T (Array16T (Array8T memory_type)))). +λaddr:word16.λsub:oct.λv:memory_type. + mt_update (Array8T memory_type) chk addr (setn_array8T sub memory_type (mt_visit (Array8T memory_type) chk addr) v). + +(* leggi bit controllando il tipo di memoria *) +ndefinition mb_mem_read_bit ≝ +λmem:Array16T (Array16T (Array16T (Array16T (Array8T bool)))). +λchk:Array16T (Array16T (Array16T (Array16T (Array8T memory_type)))). +λaddr:word16.λsub:oct. + match getn_array8T sub memory_type (mt_visit (Array8T memory_type) chk addr) with + (* ROM? ok, ma il valore viene perso *) + [ MEM_READ_ONLY ⇒ Some ? (getn_array8T sub bool (mt_visit (Array8T bool) mem addr)) + (* RAM? ok *) + | MEM_READ_WRITE ⇒ Some ? (getn_array8T sub bool (mt_visit (Array8T bool) mem addr)) + (* NON INSTALLATA? no *) + | MEM_OUT_OF_BOUND ⇒ None ? ]. + +ndefinition mb_chk_get ≝ +λchk:Array16T (Array16T (Array16T (Array16T (Array8T memory_type)))).λaddr:word16. +let c ≝ mt_visit (Array8T memory_type) chk addr in +array_8T ? (getn_array8T o7 ? c) (getn_array8T o6 ? c) + (getn_array8T o5 ? c) (getn_array8T o4 ? c) + (getn_array8T o3 ? c) (getn_array8T o2 ? c) + (getn_array8T o1 ? c) (getn_array8T o0 ? c). + +(* scrivi controllando il tipo di memoria *) +(* NB: devono esistere tutti i bit *) +ndefinition mb_mem_update ≝ +λmem:Array16T (Array16T (Array16T (Array16T (Array8T bool)))). +λchk:Array8T memory_type. +λaddr:word16.λv:byte8. +let old_value ≝ mt_visit (Array8T bool) mem addr in +let new_value ≝ bits_of_byte8 v in +let newbit0 ≝ match getn_array8T o0 memory_type chk with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o0 bool old_value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o0 bool new_value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit1 ≝ match getn_array8T o1 memory_type chk with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o1 bool old_value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o1 bool new_value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit2 ≝ match getn_array8T o2 memory_type chk with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o2 bool old_value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o2 bool new_value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit3 ≝ match getn_array8T o3 memory_type chk with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o3 bool old_value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o3 bool new_value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit4 ≝ match getn_array8T o4 memory_type chk with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o4 bool old_value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o4 bool new_value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit5 ≝ match getn_array8T o5 memory_type chk with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o5 bool old_value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o5 bool new_value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit6 ≝ match getn_array8T o6 memory_type chk with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o6 bool old_value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o6 bool new_value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit7 ≝ match getn_array8T o7 memory_type chk with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o7 bool old_value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o7 bool new_value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in + opt_map ?? newbit0 + (λnb0.opt_map ?? newbit1 + (λnb1.opt_map ?? newbit2 + (λnb2.opt_map ?? newbit3 + (λnb3.opt_map ?? newbit4 + (λnb4.opt_map ?? newbit5 + (λnb5.opt_map ?? newbit6 + (λnb6.opt_map ?? newbit7 + (λnb7.Some ? (mt_update (Array8T bool) mem addr (array_8T bool nb7 nb6 nb5 nb4 nb3 nb2 nb1 nb0)))))))))). + +(* leggi controllando il tipo di memoria *) +(* NB: devono esistere tutti i bit *) +ndefinition mb_mem_read ≝ +λmem:Array16T (Array16T (Array16T (Array16T (Array8T bool)))). +λchk:Array16T (Array16T (Array16T (Array16T (Array8T memory_type)))). +λaddr:word16. +let bit_types ≝ mt_visit (Array8T memory_type) chk addr in +let value ≝ mt_visit (Array8T bool) mem addr in +let newbit0 ≝ match getn_array8T o0 memory_type bit_types with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o0 bool value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o0 bool value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit1 ≝ match getn_array8T o1 memory_type bit_types with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o1 bool value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o1 bool value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit2 ≝ match getn_array8T o2 memory_type bit_types with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o2 bool value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o2 bool value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit3 ≝ match getn_array8T o3 memory_type bit_types with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o3 bool value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o3 bool value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit4 ≝ match getn_array8T o4 memory_type bit_types with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o4 bool value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o4 bool value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit5 ≝ match getn_array8T o5 memory_type bit_types with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o5 bool value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o5 bool value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit6 ≝ match getn_array8T o6 memory_type bit_types with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o6 bool value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o6 bool value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in +let newbit7 ≝ match getn_array8T o7 memory_type bit_types with + [ MEM_READ_ONLY ⇒ Some bool (getn_array8T o7 bool value) + | MEM_READ_WRITE ⇒ Some bool (getn_array8T o7 bool value) + | MEM_OUT_OF_BOUND ⇒ None bool ] in + opt_map ?? newbit0 + (λnb0.opt_map ?? newbit1 + (λnb1.opt_map ?? newbit2 + (λnb2.opt_map ?? newbit3 + (λnb3.opt_map ?? newbit4 + (λnb4.opt_map ?? newbit5 + (λnb5.opt_map ?? newbit6 + (λnb6.opt_map ?? newbit7 + (λnb7.Some ? (byte8_of_bits (array_8T bool nb7 nb6 nb5 nb4 nb3 nb2 nb1 nb0)))))))))). + +(* ************************** *) +(* CARICAMENTO PROGRAMMA/DATI *) +(* ************************** *) + +(* carica a paratire da addr, scartando source (pescando da old_mem) se si supera 0xFFFF... *) +nlet rec mb_load_from_source_at (old_mem:Array16T (Array16T (Array16T (Array16T (Array8T bool))))) + (source:list byte8) (addr:word16) on source ≝ +match source with + (* fine di source: carica da old_mem *) + [ nil ⇒ old_mem + | cons hd tl ⇒ match lt_w16 addr 〈〈xF,xF〉:〈xF,xF〉〉 with + (* non supera 0xFFFF, ricorsione *) + [ true ⇒ mb_load_from_source_at (mt_update ? old_mem addr (bits_of_byte8 hd)) tl (plus_w16_d_d addr 〈〈x0,x0〉:〈x0,x1〉〉) + (* supera 0xFFFF, niente ricorsione *) + | false ⇒ mt_update ? old_mem addr (bits_of_byte8 hd) + ]]. diff --git a/helm/software/matita/contribs/ng_assembly/freescale/memory_func.ma b/helm/software/matita/contribs/ng_assembly/freescale/memory_func.ma new file mode 100755 index 000000000..be27f5547 --- /dev/null +++ b/helm/software/matita/contribs/ng_assembly/freescale/memory_func.ma @@ -0,0 +1,95 @@ +(**************************************************************************) +(* ___ *) +(* ||M|| *) +(* ||A|| A project by Andrea Asperti *) +(* ||T|| *) +(* ||I|| Developers: *) +(* ||T|| The HELM team. *) +(* ||A|| http://helm.cs.unibo.it *) +(* \ / *) +(* \ / This file is distributed under the terms of the *) +(* v GNU General Public License Version 2 *) +(* *) +(**************************************************************************) + +(* ********************************************************************** *) +(* Progetto FreeScale *) +(* *) +(* Sviluppato da: *) +(* Cosimo Oliboni, oliboni@cs.unibo.it *) +(* *) +(* Questo materiale fa parte della tesi: *) +(* "Formalizzazione Interattiva dei Microcontroller a 8bit FreeScale" *) +(* *) +(* data ultima modifica 15/11/2007 *) +(* ********************************************************************** *) + +include "freescale/memory_struct.ma". +include "freescale/word16.ma". +include "freescale/option.ma". +include "freescale/theory.ma". + +(* ********************* *) +(* MEMORIA E DESCRITTORE *) +(* ********************* *) + +(* (mf_check_update_ranged chk inf sup mode) = setta tipo memoria *) +ndefinition mf_check_update_ranged ≝ +λf:word16 → memory_type.λi.λs.λv. + λx.match in_range x i s with + [ true ⇒ v + | false ⇒ f x ]. + +(* tutta la memoria non installata *) +ndefinition mf_out_of_bound_memory ≝ λ_:word16.MEM_OUT_OF_BOUND. + +ndefinition mf_chk_get ≝ +λc:word16 → memory_type.λa:word16. + match c a with + [ MEM_READ_ONLY ⇒ array_8T ? MEM_READ_ONLY MEM_READ_ONLY MEM_READ_ONLY MEM_READ_ONLY MEM_READ_ONLY MEM_READ_ONLY MEM_READ_ONLY MEM_READ_ONLY + | MEM_READ_WRITE ⇒ array_8T ? MEM_READ_WRITE MEM_READ_WRITE MEM_READ_WRITE MEM_READ_WRITE MEM_READ_WRITE MEM_READ_WRITE MEM_READ_WRITE MEM_READ_WRITE + | MEM_OUT_OF_BOUND ⇒ array_8T ? MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND + ]. + +(* (mf_mem_update mem checked addr val) = scrivi controllando il tipo di memoria *) +ndefinition mf_mem_update ≝ +λf:word16 → byte8.λc:Array8T memory_type.λa:word16.λv:byte8. + match getn_array8T o0 ? c with + (* ROM? ok, ma il valore viene perso *) + [ MEM_READ_ONLY ⇒ Some ? f + (* RAM? ok *) + | MEM_READ_WRITE ⇒ Some ? (λx.match eq_w16 x a with [ true ⇒ v | false ⇒ f x ]) + (* NON INSTALLATA? no *) + | MEM_OUT_OF_BOUND ⇒ None ? ]. + +(* tutta la memoria a 0 *) +ndefinition mf_zero_memory ≝ λ_:word16.〈x0,x0〉. + +(* (mf_mem_read mem check addr) = leggi controllando il tipo di memoria *) +ndefinition mf_mem_read ≝ +λf:word16 → byte8.λc:word16 → memory_type.λa. + match c a with + [ MEM_READ_ONLY ⇒ Some ? (f a) + | MEM_READ_WRITE ⇒ Some ? (f a) + | MEM_OUT_OF_BOUND ⇒ None ? ]. + +(* ************************** *) +(* CARICAMENTO PROGRAMMA/DATI *) +(* ************************** *) + +(* carica a paratire da addr, scartando source (pescando da old_mem) se si supera 0xFFFF... *) +nlet rec mf_load_from_source_at (old_mem:word16 → byte8) (source:list byte8) (addr:word16) on source ≝ +match source with + (* fine di source: carica da old_mem *) + [ nil ⇒ old_mem + | cons hd tl ⇒ λx:word16.match lt_w16 x addr with + (* e' prima di source: carica da old_mem *) + [ true ⇒ old_mem x + | false ⇒ match eq_w16 x addr with + (* la locazione corrisponde al punto corrente di source *) + [ true ⇒ hd + (* la locazione e' piu' avanti: ricorsione *) + | false ⇒ (mf_load_from_source_at old_mem tl (plus_w16_d_d addr 〈〈x0,x0〉:〈x0,x1〉〉)) x + ] + ] + ]. diff --git a/helm/software/matita/contribs/ng_assembly/freescale/memory_struct.ma b/helm/software/matita/contribs/ng_assembly/freescale/memory_struct.ma new file mode 100755 index 000000000..6bfec7846 --- /dev/null +++ b/helm/software/matita/contribs/ng_assembly/freescale/memory_struct.ma @@ -0,0 +1,682 @@ +(**************************************************************************) +(* ___ *) +(* ||M|| *) +(* ||A|| A project by Andrea Asperti *) +(* ||T|| *) +(* ||I|| Developers: *) +(* ||T|| The HELM team. *) +(* ||A|| http://helm.cs.unibo.it *) +(* \ / *) +(* \ / This file is distributed under the terms of the *) +(* v GNU General Public License Version 2 *) +(* *) +(**************************************************************************) + +(* ********************************************************************** *) +(* Progetto FreeScale *) +(* *) +(* Sviluppato da: *) +(* Cosimo Oliboni, oliboni@cs.unibo.it *) +(* *) +(* Questo materiale fa parte della tesi: *) +(* "Formalizzazione Interattiva dei Microcontroller a 8bit FreeScale" *) +(* *) +(* data ultima modifica 15/11/2007 *) +(* ********************************************************************** *) + +include "freescale/aux_bases.ma". +include "freescale/byte8.ma". + +(* **************************** *) +(* TIPI PER I MODULI DI MEMORIA *) +(* **************************** *) + +(* tipi di memoria:RAM/ROM/non installata *) +ninductive memory_type : Type ≝ + MEM_READ_ONLY: memory_type +| MEM_READ_WRITE: memory_type +| MEM_OUT_OF_BOUND: memory_type. + +ndefinition memory_type_ind : ΠP:memory_type → Prop.P MEM_READ_ONLY → P MEM_READ_WRITE → P MEM_OUT_OF_BOUND → Πm:memory_type.P m ≝ +λP:memory_type → Prop.λp:P MEM_READ_ONLY.λp1:P MEM_READ_WRITE.λp2:P MEM_OUT_OF_BOUND.λm:memory_type. + match m with [ MEM_READ_ONLY ⇒ p | MEM_READ_WRITE ⇒ p1 | MEM_OUT_OF_BOUND ⇒ p2 ]. + +ndefinition memory_type_rec : ΠP:memory_type → Set.P MEM_READ_ONLY → P MEM_READ_WRITE → P MEM_OUT_OF_BOUND → Πm:memory_type.P m ≝ +λP:memory_type → Set.λp:P MEM_READ_ONLY.λp1:P MEM_READ_WRITE.λp2:P MEM_OUT_OF_BOUND.λm:memory_type. + match m with [ MEM_READ_ONLY ⇒ p | MEM_READ_WRITE ⇒ p1 | MEM_OUT_OF_BOUND ⇒ p2 ]. + +ndefinition memory_type_rect : ΠP:memory_type → Type.P MEM_READ_ONLY → P MEM_READ_WRITE → P MEM_OUT_OF_BOUND → Πm:memory_type.P m ≝ +λP:memory_type → Type.λp:P MEM_READ_ONLY.λp1:P MEM_READ_WRITE.λp2:P MEM_OUT_OF_BOUND.λm:memory_type. + match m with [ MEM_READ_ONLY ⇒ p | MEM_READ_WRITE ⇒ p1 | MEM_OUT_OF_BOUND ⇒ p2 ]. + +(* **************** *) +(* TIPO ARRAY DA 16 *) +(* **************** *) + +(* definizione di un array omogeneo di dimensione 16 *) +ninductive Array16T (T:Type) : Type ≝ +array_16T : T → T → T → T → T → T → T → T → + T → T → T → T → T → T → T → T → + Array16T T. + +ndefinition Array16T_ind + : ΠT:Type.ΠP:Array16T T → Prop. + (Πt,t1,t2,t3,t4,t5,t6,t7,t8,t9,t10,t11,t12,t13,t14,t15.P (array_16T T t t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t13 t14 t15)) → Πa:Array16T T.P a ≝ +λT:Type.λP:Array16T T → Prop. +λf:Πt,t1,t2,t3,t4,t5,t6,t7,t8,t9,t10,t11,t12,t13,t14,t15.P (array_16T T t t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t13 t14 t15).λa:Array16T T. + match a with [ array_16T t t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t13 t14 t15 ⇒ f t t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t13 t14 t15 ]. + +ndefinition Array16T_rec + : ΠT:Type.ΠP:Array16T T → Set. + (Πt,t1,t2,t3,t4,t5,t6,t7,t8,t9,t10,t11,t12,t13,t14,t15.P (array_16T T t t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t13 t14 t15)) → Πa:Array16T T.P a ≝ +λT:Type.λP:Array16T T → Set. +λf:Πt,t1,t2,t3,t4,t5,t6,t7,t8,t9,t10,t11,t12,t13,t14,t15.P (array_16T T t t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t13 t14 t15).λa:Array16T T. + match a with [ array_16T t t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t13 t14 t15 ⇒ f t t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t13 t14 t15 ]. + +ndefinition Array16T_rect + : ΠT:Type.ΠP:Array16T T → Type. + (Πt,t1,t2,t3,t4,t5,t6,t7,t8,t9,t10,t11,t12,t13,t14,t15.P (array_16T T t t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t13 t14 t15)) → Πa:Array16T T.P a ≝ +λT:Type.λP:Array16T T → Type. +λf:Πt,t1,t2,t3,t4,t5,t6,t7,t8,t9,t10,t11,t12,t13,t14,t15.P (array_16T T t t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t13 t14 t15).λa:Array16T T. + match a with [ array_16T t t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t13 t14 t15 ⇒ f t t1 t2 t3 t4 t5 t6 t7 t8 t9 t10 t11 t12 t13 t14 t15 ]. + +(* abbiamo gia' gli esadecimali come tipo induttivo quindi: *) +(* posso definire un getter a matrice sull'array *) +ndefinition getn_array16T ≝ +λn:exadecim.λT:Type.λp:Array16T T. + match p with + [ array_16T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 ⇒ + match n with + [ x0 ⇒ e00 | x1 ⇒ e01 | x2 ⇒ e02 | x3 ⇒ e03 | x4 ⇒ e04 | x5 ⇒ e05 | x6 ⇒ e06 | x7 ⇒ e07 + | x8 ⇒ e08 | x9 ⇒ e09 | xA ⇒ e10 | xB ⇒ e11 | xC ⇒ e12 | xD ⇒ e13 | xE ⇒ e14 | xF ⇒ e15 + ]]. + +(* abbiamo gia' gli esadecimali come tipo induttivo quindi: *) +(* posso definire un setter a matrice sull'array *) +ndefinition setn_array16T ≝ +λn:exadecim.λT:Type.λp:Array16T T.λv:T. + match p with + [ array_16T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 ⇒ + match n with + [ x0 ⇒ array_16T T v e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x1 ⇒ array_16T T e00 v e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x2 ⇒ array_16T T e00 e01 v e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x3 ⇒ array_16T T e00 e01 e02 v e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x4 ⇒ array_16T T e00 e01 e02 e03 v e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x5 ⇒ array_16T T e00 e01 e02 e03 e04 v e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x6 ⇒ array_16T T e00 e01 e02 e03 e04 e05 v e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x7 ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 v e08 e09 e10 e11 e12 e13 e14 e15 + | x8 ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 v e09 e10 e11 e12 e13 e14 e15 + | x9 ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 v e10 e11 e12 e13 e14 e15 + | xA ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 v e11 e12 e13 e14 e15 + | xB ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 v e12 e13 e14 e15 + | xC ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 v e13 e14 e15 + | xD ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 v e14 e15 + | xE ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 v e15 + | xF ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 v + ]]. + +(* abbiamo gia' gli esadecimali come tipo induttivo quindi: *) +(* posso definire un setter multiplo [m,n] a matrice sull'array *) +ndefinition setmn_array16T ≝ +λm,n:exadecim.λT:Type.λp:Array16T T.λv:T. + match p with + [ array_16T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 ⇒ + match m with + [ x0 ⇒ match n with + [ x0 ⇒ array_16T T v e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x1 ⇒ array_16T T v v e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x2 ⇒ array_16T T v v v e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x3 ⇒ array_16T T v v v v e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x4 ⇒ array_16T T v v v v v e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x5 ⇒ array_16T T v v v v v v e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x6 ⇒ array_16T T v v v v v v v e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x7 ⇒ array_16T T v v v v v v v v e08 e09 e10 e11 e12 e13 e14 e15 + | x8 ⇒ array_16T T v v v v v v v v v e09 e10 e11 e12 e13 e14 e15 + | x9 ⇒ array_16T T v v v v v v v v v v e10 e11 e12 e13 e14 e15 + | xA ⇒ array_16T T v v v v v v v v v v v e11 e12 e13 e14 e15 + | xB ⇒ array_16T T v v v v v v v v v v v v e12 e13 e14 e15 + | xC ⇒ array_16T T v v v v v v v v v v v v v e13 e14 e15 + | xD ⇒ array_16T T v v v v v v v v v v v v v v e14 e15 + | xE ⇒ array_16T T v v v v v v v v v v v v v v v e15 + | xF ⇒ array_16T T v v v v v v v v v v v v v v v v ] + | x1 ⇒ match n with + [ x0 ⇒ p + | x1 ⇒ array_16T T e00 v e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x2 ⇒ array_16T T e00 v v e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x3 ⇒ array_16T T e00 v v v e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x4 ⇒ array_16T T e00 v v v v e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x5 ⇒ array_16T T e00 v v v v v e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x6 ⇒ array_16T T e00 v v v v v v e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x7 ⇒ array_16T T e00 v v v v v v v e08 e09 e10 e11 e12 e13 e14 e15 + | x8 ⇒ array_16T T e00 v v v v v v v v e09 e10 e11 e12 e13 e14 e15 + | x9 ⇒ array_16T T e00 v v v v v v v v v e10 e11 e12 e13 e14 e15 + | xA ⇒ array_16T T e00 v v v v v v v v v v e11 e12 e13 e14 e15 + | xB ⇒ array_16T T e00 v v v v v v v v v v v e12 e13 e14 e15 + | xC ⇒ array_16T T e00 v v v v v v v v v v v v e13 e14 e15 + | xD ⇒ array_16T T e00 v v v v v v v v v v v v v e14 e15 + | xE ⇒ array_16T T e00 v v v v v v v v v v v v v v e15 + | xF ⇒ array_16T T e00 v v v v v v v v v v v v v v v ] + | x2 ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p + | x2 ⇒ array_16T T e00 e01 v e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x3 ⇒ array_16T T e00 e01 v v e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x4 ⇒ array_16T T e00 e01 v v v e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x5 ⇒ array_16T T e00 e01 v v v v e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x6 ⇒ array_16T T e00 e01 v v v v v e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x7 ⇒ array_16T T e00 e01 v v v v v v e08 e09 e10 e11 e12 e13 e14 e15 + | x8 ⇒ array_16T T e00 e01 v v v v v v v e09 e10 e11 e12 e13 e14 e15 + | x9 ⇒ array_16T T e00 e01 v v v v v v v v e10 e11 e12 e13 e14 e15 + | xA ⇒ array_16T T e00 e01 v v v v v v v v v e11 e12 e13 e14 e15 + | xB ⇒ array_16T T e00 e01 v v v v v v v v v v e12 e13 e14 e15 + | xC ⇒ array_16T T e00 e01 v v v v v v v v v v v e13 e14 e15 + | xD ⇒ array_16T T e00 e01 v v v v v v v v v v v v e14 e15 + | xE ⇒ array_16T T e00 e01 v v v v v v v v v v v v v e15 + | xF ⇒ array_16T T e00 e01 v v v v v v v v v v v v v v ] + | x3 ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p | x2 ⇒ p + | x3 ⇒ array_16T T e00 e01 e02 v e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x4 ⇒ array_16T T e00 e01 e02 v v e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x5 ⇒ array_16T T e00 e01 e02 v v v e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x6 ⇒ array_16T T e00 e01 e02 v v v v e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x7 ⇒ array_16T T e00 e01 e02 v v v v v e08 e09 e10 e11 e12 e13 e14 e15 + | x8 ⇒ array_16T T e00 e01 e02 v v v v v v e09 e10 e11 e12 e13 e14 e15 + | x9 ⇒ array_16T T e00 e01 e02 v v v v v v v e10 e11 e12 e13 e14 e15 + | xA ⇒ array_16T T e00 e01 e02 v v v v v v v v e11 e12 e13 e14 e15 + | xB ⇒ array_16T T e00 e01 e02 v v v v v v v v v e12 e13 e14 e15 + | xC ⇒ array_16T T e00 e01 e02 v v v v v v v v v v e13 e14 e15 + | xD ⇒ array_16T T e00 e01 e02 v v v v v v v v v v v e14 e15 + | xE ⇒ array_16T T e00 e01 e02 v v v v v v v v v v v v e15 + | xF ⇒ array_16T T e00 e01 e02 v v v v v v v v v v v v v ] + | x4 ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p | x2 ⇒ p | x3 ⇒ p + | x4 ⇒ array_16T T e00 e01 e02 e03 v e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x5 ⇒ array_16T T e00 e01 e02 e03 v v e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x6 ⇒ array_16T T e00 e01 e02 e03 v v v e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x7 ⇒ array_16T T e00 e01 e02 e03 v v v v e08 e09 e10 e11 e12 e13 e14 e15 + | x8 ⇒ array_16T T e00 e01 e02 e03 v v v v v e09 e10 e11 e12 e13 e14 e15 + | x9 ⇒ array_16T T e00 e01 e02 e03 v v v v v v e10 e11 e12 e13 e14 e15 + | xA ⇒ array_16T T e00 e01 e02 e03 v v v v v v v e11 e12 e13 e14 e15 + | xB ⇒ array_16T T e00 e01 e02 e03 v v v v v v v v e12 e13 e14 e15 + | xC ⇒ array_16T T e00 e01 e02 e03 v v v v v v v v v e13 e14 e15 + | xD ⇒ array_16T T e00 e01 e02 e03 v v v v v v v v v v e14 e15 + | xE ⇒ array_16T T e00 e01 e02 e03 v v v v v v v v v v v e15 + | xF ⇒ array_16T T e00 e01 e02 e03 v v v v v v v v v v v v ] + | x5 ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p | x2 ⇒ p | x3 ⇒ p | x4 ⇒ p + | x5 ⇒ array_16T T e00 e01 e02 e03 e04 v e06 e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x6 ⇒ array_16T T e00 e01 e02 e03 e04 v v e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x7 ⇒ array_16T T e00 e01 e02 e03 e04 v v v e08 e09 e10 e11 e12 e13 e14 e15 + | x8 ⇒ array_16T T e00 e01 e02 e03 e04 v v v v e09 e10 e11 e12 e13 e14 e15 + | x9 ⇒ array_16T T e00 e01 e02 e03 e04 v v v v v e10 e11 e12 e13 e14 e15 + | xA ⇒ array_16T T e00 e01 e02 e03 e04 v v v v v v e11 e12 e13 e14 e15 + | xB ⇒ array_16T T e00 e01 e02 e03 e04 v v v v v v v e12 e13 e14 e15 + | xC ⇒ array_16T T e00 e01 e02 e03 e04 v v v v v v v v e13 e14 e15 + | xD ⇒ array_16T T e00 e01 e02 e03 e04 v v v v v v v v v e14 e15 + | xE ⇒ array_16T T e00 e01 e02 e03 e04 v v v v v v v v v v e15 + | xF ⇒ array_16T T e00 e01 e02 e03 e04 v v v v v v v v v v v ] + | x6 ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p | x2 ⇒ p | x3 ⇒ p | x4 ⇒ p | x5 ⇒ p + | x6 ⇒ array_16T T e00 e01 e02 e03 e04 e05 v e07 e08 e09 e10 e11 e12 e13 e14 e15 + | x7 ⇒ array_16T T e00 e01 e02 e03 e04 e05 v v e08 e09 e10 e11 e12 e13 e14 e15 + | x8 ⇒ array_16T T e00 e01 e02 e03 e04 e05 v v v e09 e10 e11 e12 e13 e14 e15 + | x9 ⇒ array_16T T e00 e01 e02 e03 e04 e05 v v v v e10 e11 e12 e13 e14 e15 + | xA ⇒ array_16T T e00 e01 e02 e03 e04 e05 v v v v v e11 e12 e13 e14 e15 + | xB ⇒ array_16T T e00 e01 e02 e03 e04 e05 v v v v v v e12 e13 e14 e15 + | xC ⇒ array_16T T e00 e01 e02 e03 e04 e05 v v v v v v v e13 e14 e15 + | xD ⇒ array_16T T e00 e01 e02 e03 e04 e05 v v v v v v v v e14 e15 + | xE ⇒ array_16T T e00 e01 e02 e03 e04 e05 v v v v v v v v v e15 + | xF ⇒ array_16T T e00 e01 e02 e03 e04 e05 v v v v v v v v v v ] + | x7 ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p | x2 ⇒ p | x3 ⇒ p | x4 ⇒ p | x5 ⇒ p | x6 ⇒ p + | x7 ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 v e08 e09 e10 e11 e12 e13 e14 e15 + | x8 ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 v v e09 e10 e11 e12 e13 e14 e15 + | x9 ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 v v v e10 e11 e12 e13 e14 e15 + | xA ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 v v v v e11 e12 e13 e14 e15 + | xB ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 v v v v v e12 e13 e14 e15 + | xC ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 v v v v v v e13 e14 e15 + | xD ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 v v v v v v v e14 e15 + | xE ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 v v v v v v v v e15 + | xF ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 v v v v v v v v v ] + | x8 ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p | x2 ⇒ p | x3 ⇒ p | x4 ⇒ p | x5 ⇒ p | x6 ⇒ p | x7 ⇒ p + | x8 ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 v e09 e10 e11 e12 e13 e14 e15 + | x9 ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 v v e10 e11 e12 e13 e14 e15 + | xA ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 v v v e11 e12 e13 e14 e15 + | xB ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 v v v v e12 e13 e14 e15 + | xC ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 v v v v v e13 e14 e15 + | xD ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 v v v v v v e14 e15 + | xE ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 v v v v v v v e15 + | xF ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 v v v v v v v v ] + | x9 ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p | x2 ⇒ p | x3 ⇒ p | x4 ⇒ p | x5 ⇒ p | x6 ⇒ p | x7 ⇒ p + | x8 ⇒ p + | x9 ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 v e10 e11 e12 e13 e14 e15 + | xA ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 v v e11 e12 e13 e14 e15 + | xB ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 v v v e12 e13 e14 e15 + | xC ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 v v v v e13 e14 e15 + | xD ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 v v v v v e14 e15 + | xE ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 v v v v v v e15 + | xF ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 v v v v v v v ] + | xA ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p | x2 ⇒ p | x3 ⇒ p | x4 ⇒ p | x5 ⇒ p | x6 ⇒ p | x7 ⇒ p + | x8 ⇒ p | x9 ⇒ p + | xA ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 v e11 e12 e13 e14 e15 + | xB ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 v v e12 e13 e14 e15 + | xC ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 v v v e13 e14 e15 + | xD ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 v v v v e14 e15 + | xE ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 v v v v v e15 + | xF ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 v v v v v v ] + | xB ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p | x2 ⇒ p | x3 ⇒ p | x4 ⇒ p | x5 ⇒ p | x6 ⇒ p | x7 ⇒ p + | x8 ⇒ p | x9 ⇒ p | xA ⇒ p + | xB ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 v e12 e13 e14 e15 + | xC ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 v v e13 e14 e15 + | xD ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 v v v e14 e15 + | xE ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 v v v v e15 + | xF ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 v v v v v ] + | xC ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p | x2 ⇒ p | x3 ⇒ p | x4 ⇒ p | x5 ⇒ p | x6 ⇒ p | x7 ⇒ p + | x8 ⇒ p | x9 ⇒ p | xA ⇒ p | xB ⇒ p + | xC ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 v e13 e14 e15 + | xD ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 v v e14 e15 + | xE ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 v v v e15 + | xF ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 v v v v ] + | xD ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p | x2 ⇒ p | x3 ⇒ p | x4 ⇒ p | x5 ⇒ p | x6 ⇒ p | x7 ⇒ p + | x8 ⇒ p | x9 ⇒ p | xA ⇒ p | xB ⇒ p | xC ⇒ p + | xD ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 v e14 e15 + | xE ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 v v e15 + | xF ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 v v v ] + | xE ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p | x2 ⇒ p | x3 ⇒ p | x4 ⇒ p | x5 ⇒ p | x6 ⇒ p | x7 ⇒ p + | x8 ⇒ p | x9 ⇒ p | xA ⇒ p | xB ⇒ p | xC ⇒ p | xD ⇒ p + | xE ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 v e15 + | xF ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 v v ] + | xF ⇒ match n with + [ x0 ⇒ p | x1 ⇒ p | x2 ⇒ p | x3 ⇒ p | x4 ⇒ p | x5 ⇒ p | x6 ⇒ p | x7 ⇒ p + | x8 ⇒ p | x9 ⇒ p | xA ⇒ p | xB ⇒ p | xC ⇒ p | xD ⇒ p | xE ⇒ p + | xF ⇒ array_16T T e00 e01 e02 e03 e04 e05 e06 e07 e08 e09 e10 e11 e12 e13 e14 v ] + ]]. + +(* abbiamo gia' gli esadecimali come tipo induttivo quindi: *) +(* posso definire un setter composto [m+1,n-1] a matrice sull'array *) +(* NB: obbiettivo evitare l'overflow *) +ndefinition setmn_array16T_succ_pred ≝ +λm,n:exadecim.λT:Type.λp:Array16T T.λv:T. + match lt_ex m xF with + [ true ⇒ match gt_ex n x0 with + [ true ⇒ setmn_array16T (succ_ex m) (pred_ex n) T p v + | false ⇒ p + ] + | false ⇒ p + ]. + +(* abbiamo gia' gli esadecimali come tipo induttivo quindi: *) +(* posso definire un setter composto [m+1,F] a matrice sull'array *) +(* NB: obbiettivo evitare l'overflow *) +ndefinition setmn_array16T_succ ≝ +λm:exadecim.λT:Type.λp:Array16T T.λv:T. + match lt_ex m xF with + [ true ⇒ setmn_array16T (succ_ex m) xF T p v + | false ⇒ p + ]. + +(* abbiamo gia' gli esadecimali come tipo induttivo quindi: *) +(* posso definire un setter composto [0,n-1] a matrice sull'array *) +(* NB: obbiettivo evitare l'overflow *) +ndefinition setmn_array16T_pred ≝ +λn:exadecim.λT:Type.λp:Array16T T.λv:T. + match gt_ex n x0 with + [ true ⇒ setmn_array16T x0 (pred_ex n) T p v + | false ⇒ p + ]. + +(* ************************** *) +(* TIPO BYTE COME INSIEME BIT *) +(* ************************** *) + +(* definizione di un byte come 8 bit *) +ninductive Array8T (T:Type) : Type ≝ +array_8T : T → T → T → T → T → T → T → T → + Array8T T. + +ndefinition Array8T_ind + : ΠT:Type.ΠP:Array8T T → Prop. + (Πt,t1,t2,t3,t4,t5,t6,t7.P (array_8T T t t1 t2 t3 t4 t5 t6 t7)) → Πa:Array8T T.P a ≝ +λT:Type.λP:Array8T T → Prop. +λf:Πt,t1,t2,t3,t4,t5,t6,t7.P (array_8T T t t1 t2 t3 t4 t5 t6 t7).λa:Array8T T. + match a with [ array_8T t t1 t2 t3 t4 t5 t6 t7 ⇒ f t t1 t2 t3 t4 t5 t6 t7 ]. + +ndefinition Array8T_rec + : ΠT:Type.ΠP:Array8T T → Set. + (Πt,t1,t2,t3,t4,t5,t6,t7.P (array_8T T t t1 t2 t3 t4 t5 t6 t7)) → Πa:Array8T T.P a ≝ +λT:Type.λP:Array8T T → Set. +λf:Πt,t1,t2,t3,t4,t5,t6,t7.P (array_8T T t t1 t2 t3 t4 t5 t6 t7).λa:Array8T T. + match a with [ array_8T t t1 t2 t3 t4 t5 t6 t7 ⇒ f t t1 t2 t3 t4 t5 t6 t7 ]. + +ndefinition Array8T_rect + : ΠT:Type.ΠP:Array8T T → Type. + (Πt,t1,t2,t3,t4,t5,t6,t7.P (array_8T T t t1 t2 t3 t4 t5 t6 t7)) → Πa:Array8T T.P a ≝ +λT:Type.λP:Array8T T → Type. +λf:Πt,t1,t2,t3,t4,t5,t6,t7.P (array_8T T t t1 t2 t3 t4 t5 t6 t7).λa:Array8T T. + match a with [ array_8T t t1 t2 t3 t4 t5 t6 t7 ⇒ f t t1 t2 t3 t4 t5 t6 t7 ]. + +(* abbiamo gia' gli ottali come tipo induttivo quindi: *) +(* posso definire un getter a matrice sull'array *) +ndefinition getn_array8T ≝ +λn:oct.λT:Type.λp:Array8T T. + match p with + [ array_8T e07 e06 e05 e04 e03 e02 e01 e00 ⇒ + match n with + [ o0 ⇒ e00 | o1 ⇒ e01 | o2 ⇒ e02 | o3 ⇒ e03 | o4 ⇒ e04 | o5 ⇒ e05 | o6 ⇒ e06 | o7 ⇒ e07 ]]. + +(* abbiamo gia' gli ottali come tipo induttivo quindi: *) +(* posso definire un setter a matrice sull'array *) +ndefinition setn_array8T ≝ +λn:oct.λT:Type.λp:Array8T T.λv:T. + match p with + [ array_8T e07 e06 e05 e04 e03 e02 e01 e00 ⇒ + match n with + [ o0 ⇒ array_8T T e07 e06 e05 e04 e03 e02 e01 v + | o1 ⇒ array_8T T e07 e06 e05 e04 e03 e02 v e00 + | o2 ⇒ array_8T T e07 e06 e05 e04 e03 v e01 e00 + | o3 ⇒ array_8T T e07 e06 e05 e04 v e02 e01 e00 + | o4 ⇒ array_8T T e07 e06 e05 v e03 e02 e01 e00 + | o5 ⇒ array_8T T e07 e06 v e04 e03 e02 e01 e00 + | o6 ⇒ array_8T T e07 v e05 e04 e03 e02 e01 e00 + | o7 ⇒ array_8T T v e06 e05 e04 e03 e02 e01 e00 + ]]. + +(* lettura byte *) +ndefinition byte8_of_bits ≝ +λp:Array8T bool. + match p with + [ array_8T e07 e06 e05 e04 e03 e02 e01 e00 ⇒ + mk_byte8 + (or_ex (match e07 with [ true ⇒ x8 | false ⇒ x0 ]) + (or_ex (match e06 with [ true ⇒ x4 | false ⇒ x0 ]) + (or_ex (match e05 with [ true ⇒ x2 | false ⇒ x0 ]) + (match e04 with [ true ⇒ x1 | false ⇒ x0 ])))) + (or_ex (match e03 with [ true ⇒ x8 | false ⇒ x0 ]) + (or_ex (match e02 with [ true ⇒ x4 | false ⇒ x0 ]) + (or_ex (match e01 with [ true ⇒ x2 | false ⇒ x0 ]) + (match e00 with [ true ⇒ x1 | false ⇒ x0 ])))) ]. + +(* scrittura byte *) +ndefinition bits_of_byte8 ≝ +λp:byte8. + match b8h p with + [ x0 ⇒ match b8l p with + [ x0 ⇒ array_8T bool false false false false false false false false + | x1 ⇒ array_8T bool false false false false false false false true + | x2 ⇒ array_8T bool false false false false false false true false + | x3 ⇒ array_8T bool false false false false false false true true + | x4 ⇒ array_8T bool false false false false false true false false + | x5 ⇒ array_8T bool false false false false false true false true + | x6 ⇒ array_8T bool false false false false false true true false + | x7 ⇒ array_8T bool false false false false false true true true + | x8 ⇒ array_8T bool false false false false true false false false + | x9 ⇒ array_8T bool false false false false true false false true + | xA ⇒ array_8T bool false false false false true false true false + | xB ⇒ array_8T bool false false false false true false true true + | xC ⇒ array_8T bool false false false false true true false false + | xD ⇒ array_8T bool false false false false true true false true + | xE ⇒ array_8T bool false false false false true true true false + | xF ⇒ array_8T bool false false false false true true true true ] + | x1 ⇒ match b8l p with + [ x0 ⇒ array_8T bool false false false true false false false false + | x1 ⇒ array_8T bool false false false true false false false true + | x2 ⇒ array_8T bool false false false true false false true false + | x3 ⇒ array_8T bool false false false true false false true true + | x4 ⇒ array_8T bool false false false true false true false false + | x5 ⇒ array_8T bool false false false true false true false true + | x6 ⇒ array_8T bool false false false true false true true false + | x7 ⇒ array_8T bool false false false true false true true true + | x8 ⇒ array_8T bool false false false true true false false false + | x9 ⇒ array_8T bool false false false true true false false true + | xA ⇒ array_8T bool false false false true true false true false + | xB ⇒ array_8T bool false false false true true false true true + | xC ⇒ array_8T bool false false false true true true false false + | xD ⇒ array_8T bool false false false true true true false true + | xE ⇒ array_8T bool false false false true true true true false + | xF ⇒ array_8T bool false false false true true true true true ] + | x2 ⇒ match b8l p with + [ x0 ⇒ array_8T bool false false true false false false false false + | x1 ⇒ array_8T bool false false true false false false false true + | x2 ⇒ array_8T bool false false true false false false true false + | x3 ⇒ array_8T bool false false true false false false true true + | x4 ⇒ array_8T bool false false true false false true false false + | x5 ⇒ array_8T bool false false true false false true false true + | x6 ⇒ array_8T bool false false true false false true true false + | x7 ⇒ array_8T bool false false true false false true true true + | x8 ⇒ array_8T bool false false true false true false false false + | x9 ⇒ array_8T bool false false true false true false false true + | xA ⇒ array_8T bool false false true false true false true false + | xB ⇒ array_8T bool false false true false true false true true + | xC ⇒ array_8T bool false false true false true true false false + | xD ⇒ array_8T bool false false true false true true false true + | xE ⇒ array_8T bool false false true false true true true false + | xF ⇒ array_8T bool false false true false true true true true ] + | x3 ⇒ match b8l p with + [ x0 ⇒ array_8T bool false false true true false false false false + | x1 ⇒ array_8T bool false false true true false false false true + | x2 ⇒ array_8T bool false false true true false false true false + | x3 ⇒ array_8T bool false false true true false false true true + | x4 ⇒ array_8T bool false false true true false true false false + | x5 ⇒ array_8T bool false false true true false true false true + | x6 ⇒ array_8T bool false false true true false true true false + | x7 ⇒ array_8T bool false false true true false true true true + | x8 ⇒ array_8T bool false false true true true false false false + | x9 ⇒ array_8T bool false false true true true false false true + | xA ⇒ array_8T bool false false true true true false true false + | xB ⇒ array_8T bool false false true true true false true true + | xC ⇒ array_8T bool false false true true true true false false + | xD ⇒ array_8T bool false false true true true true false true + | xE ⇒ array_8T bool false false true true true true true false + | xF ⇒ array_8T bool false false true true true true true true ] + | x4 ⇒ match b8l p with + [ x0 ⇒ array_8T bool false true false false false false false false + | x1 ⇒ array_8T bool false true false false false false false true + | x2 ⇒ array_8T bool false true false false false false true false + | x3 ⇒ array_8T bool false true false false false false true true + | x4 ⇒ array_8T bool false true false false false true false false + | x5 ⇒ array_8T bool false true false false false true false true + | x6 ⇒ array_8T bool false true false false false true true false + | x7 ⇒ array_8T bool false true false false false true true true + | x8 ⇒ array_8T bool false true false false true false false false + | x9 ⇒ array_8T bool false true false false true false false true + | xA ⇒ array_8T bool false true false false true false true false + | xB ⇒ array_8T bool false true false false true false true true + | xC ⇒ array_8T bool false true false false true true false false + | xD ⇒ array_8T bool false true false false true true false true + | xE ⇒ array_8T bool false true false false true true true false + | xF ⇒ array_8T bool false true false false true true true true ] + | x5 ⇒ match b8l p with + [ x0 ⇒ array_8T bool false true false true false false false false + | x1 ⇒ array_8T bool false true false true false false false true + | x2 ⇒ array_8T bool false true false true false false true false + | x3 ⇒ array_8T bool false true false true false false true true + | x4 ⇒ array_8T bool false true false true false true false false + | x5 ⇒ array_8T bool false true false true false true false true + | x6 ⇒ array_8T bool false true false true false true true false + | x7 ⇒ array_8T bool false true false true false true true true + | x8 ⇒ array_8T bool false true false true true false false false + | x9 ⇒ array_8T bool false true false true true false false true + | xA ⇒ array_8T bool false true false true true false true false + | xB ⇒ array_8T bool false true false true true false true true + | xC ⇒ array_8T bool false true false true true true false false + | xD ⇒ array_8T bool false true false true true true false true + | xE ⇒ array_8T bool false true false true true true true false + | xF ⇒ array_8T bool false true false true true true true true ] + | x6 ⇒ match b8l p with + [ x0 ⇒ array_8T bool false true true false false false false false + | x1 ⇒ array_8T bool false true true false false false false true + | x2 ⇒ array_8T bool false true true false false false true false + | x3 ⇒ array_8T bool false true true false false false true true + | x4 ⇒ array_8T bool false true true false false true false false + | x5 ⇒ array_8T bool false true true false false true false true + | x6 ⇒ array_8T bool false true true false false true true false + | x7 ⇒ array_8T bool false true true false false true true true + | x8 ⇒ array_8T bool false true true false true false false false + | x9 ⇒ array_8T bool false true true false true false false true + | xA ⇒ array_8T bool false true true false true false true false + | xB ⇒ array_8T bool false true true false true false true true + | xC ⇒ array_8T bool false true true false true true false false + | xD ⇒ array_8T bool false true true false true true false true + | xE ⇒ array_8T bool false true true false true true true false + | xF ⇒ array_8T bool false true true false true true true true ] + | x7 ⇒ match b8l p with + [ x0 ⇒ array_8T bool false true true true false false false false + | x1 ⇒ array_8T bool false true true true false false false true + | x2 ⇒ array_8T bool false true true true false false true false + | x3 ⇒ array_8T bool false true true true false false true true + | x4 ⇒ array_8T bool false true true true false true false false + | x5 ⇒ array_8T bool false true true true false true false true + | x6 ⇒ array_8T bool false true true true false true true false + | x7 ⇒ array_8T bool false true true true false true true true + | x8 ⇒ array_8T bool false true true true true false false false + | x9 ⇒ array_8T bool false true true true true false false true + | xA ⇒ array_8T bool false true true true true false true false + | xB ⇒ array_8T bool false true true true true false true true + | xC ⇒ array_8T bool false true true true true true false false + | xD ⇒ array_8T bool false true true true true true false true + | xE ⇒ array_8T bool false true true true true true true false + | xF ⇒ array_8T bool false true true true true true true true ] + | x8 ⇒ match b8l p with + [ x0 ⇒ array_8T bool true false false false false false false false + | x1 ⇒ array_8T bool true false false false false false false true + | x2 ⇒ array_8T bool true false false false false false true false + | x3 ⇒ array_8T bool true false false false false false true true + | x4 ⇒ array_8T bool true false false false false true false false + | x5 ⇒ array_8T bool true false false false false true false true + | x6 ⇒ array_8T bool true false false false false true true false + | x7 ⇒ array_8T bool true false false false false true true true + | x8 ⇒ array_8T bool true false false false true false false false + | x9 ⇒ array_8T bool true false false false true false false true + | xA ⇒ array_8T bool true false false false true false true false + | xB ⇒ array_8T bool true false false false true false true true + | xC ⇒ array_8T bool true false false false true true false false + | xD ⇒ array_8T bool true false false false true true false true + | xE ⇒ array_8T bool true false false false true true true false + | xF ⇒ array_8T bool true false false false true true true true ] + | x9 ⇒ match b8l p with + [ x0 ⇒ array_8T bool true false false true false false false false + | x1 ⇒ array_8T bool true false false true false false false true + | x2 ⇒ array_8T bool true false false true false false true false + | x3 ⇒ array_8T bool true false false true false false true true + | x4 ⇒ array_8T bool true false false true false true false false + | x5 ⇒ array_8T bool true false false true false true false true + | x6 ⇒ array_8T bool true false false true false true true false + | x7 ⇒ array_8T bool true false false true false true true true + | x8 ⇒ array_8T bool true false false true true false false false + | x9 ⇒ array_8T bool true false false true true false false true + | xA ⇒ array_8T bool true false false true true false true false + | xB ⇒ array_8T bool true false false true true false true true + | xC ⇒ array_8T bool true false false true true true false false + | xD ⇒ array_8T bool true false false true true true false true + | xE ⇒ array_8T bool true false false true true true true false + | xF ⇒ array_8T bool true false false true true true true true ] + | xA ⇒ match b8l p with + [ x0 ⇒ array_8T bool true false true false false false false false + | x1 ⇒ array_8T bool true false true false false false false true + | x2 ⇒ array_8T bool true false true false false false true false + | x3 ⇒ array_8T bool true false true false false false true true + | x4 ⇒ array_8T bool true false true false false true false false + | x5 ⇒ array_8T bool true false true false false true false true + | x6 ⇒ array_8T bool true false true false false true true false + | x7 ⇒ array_8T bool true false true false false true true true + | x8 ⇒ array_8T bool true false true false true false false false + | x9 ⇒ array_8T bool true false true false true false false true + | xA ⇒ array_8T bool true false true false true false true false + | xB ⇒ array_8T bool true false true false true false true true + | xC ⇒ array_8T bool true false true false true true false false + | xD ⇒ array_8T bool true false true false true true false true + | xE ⇒ array_8T bool true false true false true true true false + | xF ⇒ array_8T bool true false true false true true true true ] + | xB ⇒ match b8l p with + [ x0 ⇒ array_8T bool true false true true false false false false + | x1 ⇒ array_8T bool true false true true false false false true + | x2 ⇒ array_8T bool true false true true false false true false + | x3 ⇒ array_8T bool true false true true false false true true + | x4 ⇒ array_8T bool true false true true false true false false + | x5 ⇒ array_8T bool true false true true false true false true + | x6 ⇒ array_8T bool true false true true false true true false + | x7 ⇒ array_8T bool true false true true false true true true + | x8 ⇒ array_8T bool true false true true true false false false + | x9 ⇒ array_8T bool true false true true true false false true + | xA ⇒ array_8T bool true false true true true false true false + | xB ⇒ array_8T bool true false true true true false true true + | xC ⇒ array_8T bool true false true true true true false false + | xD ⇒ array_8T bool true false true true true true false true + | xE ⇒ array_8T bool true false true true true true true false + | xF ⇒ array_8T bool true false true true true true true true ] + | xC ⇒ match b8l p with + [ x0 ⇒ array_8T bool true true false false false false false false + | x1 ⇒ array_8T bool true true false false false false false true + | x2 ⇒ array_8T bool true true false false false false true false + | x3 ⇒ array_8T bool true true false false false false true true + | x4 ⇒ array_8T bool true true false false false true false false + | x5 ⇒ array_8T bool true true false false false true false true + | x6 ⇒ array_8T bool true true false false false true true false + | x7 ⇒ array_8T bool true true false false false true true true + | x8 ⇒ array_8T bool true true false false true false false false + | x9 ⇒ array_8T bool true true false false true false false true + | xA ⇒ array_8T bool true true false false true false true false + | xB ⇒ array_8T bool true true false false true false true true + | xC ⇒ array_8T bool true true false false true true false false + | xD ⇒ array_8T bool true true false false true true false true + | xE ⇒ array_8T bool true true false false true true true false + | xF ⇒ array_8T bool true true false false true true true true ] + | xD ⇒ match b8l p with + [ x0 ⇒ array_8T bool true true false true false false false false + | x1 ⇒ array_8T bool true true false true false false false true + | x2 ⇒ array_8T bool true true false true false false true false + | x3 ⇒ array_8T bool true true false true false false true true + | x4 ⇒ array_8T bool true true false true false true false false + | x5 ⇒ array_8T bool true true false true false true false true + | x6 ⇒ array_8T bool true true false true false true true false + | x7 ⇒ array_8T bool true true false true false true true true + | x8 ⇒ array_8T bool true true false true true false false false + | x9 ⇒ array_8T bool true true false true true false false true + | xA ⇒ array_8T bool true true false true true false true false + | xB ⇒ array_8T bool true true false true true false true true + | xC ⇒ array_8T bool true true false true true true false false + | xD ⇒ array_8T bool true true false true true true false true + | xE ⇒ array_8T bool true true false true true true true false + | xF ⇒ array_8T bool true true false true true true true true ] + | xE ⇒ match b8l p with + [ x0 ⇒ array_8T bool true true true false false false false false + | x1 ⇒ array_8T bool true true true false false false false true + | x2 ⇒ array_8T bool true true true false false false true false + | x3 ⇒ array_8T bool true true true false false false true true + | x4 ⇒ array_8T bool true true true false false true false false + | x5 ⇒ array_8T bool true true true false false true false true + | x6 ⇒ array_8T bool true true true false false true true false + | x7 ⇒ array_8T bool true true true false false true true true + | x8 ⇒ array_8T bool true true true false true false false false + | x9 ⇒ array_8T bool true true true false true false false true + | xA ⇒ array_8T bool true true true false true false true false + | xB ⇒ array_8T bool true true true false true false true true + | xC ⇒ array_8T bool true true true false true true false false + | xD ⇒ array_8T bool true true true false true true false true + | xE ⇒ array_8T bool true true true false true true true false + | xF ⇒ array_8T bool true true true false true true true true ] + | xF ⇒ match b8l p with + [ x0 ⇒ array_8T bool true true true true false false false false + | x1 ⇒ array_8T bool true true true true false false false true + | x2 ⇒ array_8T bool true true true true false false true false + | x3 ⇒ array_8T bool true true true true false false true true + | x4 ⇒ array_8T bool true true true true false true false false + | x5 ⇒ array_8T bool true true true true false true false true + | x6 ⇒ array_8T bool true true true true false true true false + | x7 ⇒ array_8T bool true true true true false true true true + | x8 ⇒ array_8T bool true true true true true false false false + | x9 ⇒ array_8T bool true true true true true false false true + | xA ⇒ array_8T bool true true true true true false true false + | xB ⇒ array_8T bool true true true true true false true true + | xC ⇒ array_8T bool true true true true true true false false + | xD ⇒ array_8T bool true true true true true true false true + | xE ⇒ array_8T bool true true true true true true true false + | xF ⇒ array_8T bool true true true true true true true true ] + ]. diff --git a/helm/software/matita/contribs/ng_assembly/freescale/memory_trees.ma b/helm/software/matita/contribs/ng_assembly/freescale/memory_trees.ma new file mode 100755 index 000000000..0715b6f33 --- /dev/null +++ b/helm/software/matita/contribs/ng_assembly/freescale/memory_trees.ma @@ -0,0 +1,235 @@ +(**************************************************************************) +(* ___ *) +(* ||M|| *) +(* ||A|| A project by Andrea Asperti *) +(* ||T|| *) +(* ||I|| Developers: *) +(* ||T|| The HELM team. *) +(* ||A|| http://helm.cs.unibo.it *) +(* \ / *) +(* \ / This file is distributed under the terms of the *) +(* v GNU General Public License Version 2 *) +(* *) +(**************************************************************************) + +(* ********************************************************************** *) +(* Progetto FreeScale *) +(* *) +(* Sviluppato da: *) +(* Cosimo Oliboni, oliboni@cs.unibo.it *) +(* *) +(* Questo materiale fa parte della tesi: *) +(* "Formalizzazione Interattiva dei Microcontroller a 8bit FreeScale" *) +(* *) +(* data ultima modifica 15/11/2007 *) +(* ********************************************************************** *) + +include "freescale/memory_struct.ma". +include "freescale/word16.ma". +include "freescale/option.ma". +include "freescale/theory.ma". + +(* ********************* *) +(* MEMORIA E DESCRITTORE *) +(* ********************* *) + +(* tutta la memoria non installata *) +ndefinition mt_out_of_bound_memory ≝ +let lev4 ≝ array_16T ? + MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND + MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND + MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND + MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND + in +let lev3 ≝ array_16T ? + lev4 lev4 lev4 lev4 lev4 lev4 lev4 lev4 + lev4 lev4 lev4 lev4 lev4 lev4 lev4 lev4 + in +let lev2 ≝ array_16T ? + lev3 lev3 lev3 lev3 lev3 lev3 lev3 lev3 + lev3 lev3 lev3 lev3 lev3 lev3 lev3 lev3 + in +let lev1 ≝ array_16T ? + lev2 lev2 lev2 lev2 lev2 lev2 lev2 lev2 + lev2 lev2 lev2 lev2 lev2 lev2 lev2 lev2 + in +lev1. + +(* tutta la memoria a 0 *) +ndefinition mt_zero_memory ≝ +let lev4 ≝ array_16T ? + (mk_byte8 x0 x0) (mk_byte8 x0 x0) (mk_byte8 x0 x0) (mk_byte8 x0 x0) + (mk_byte8 x0 x0) (mk_byte8 x0 x0) (mk_byte8 x0 x0) (mk_byte8 x0 x0) + (mk_byte8 x0 x0) (mk_byte8 x0 x0) (mk_byte8 x0 x0) (mk_byte8 x0 x0) + (mk_byte8 x0 x0) (mk_byte8 x0 x0) (mk_byte8 x0 x0) (mk_byte8 x0 x0) + in +let lev3 ≝ array_16T ? + lev4 lev4 lev4 lev4 lev4 lev4 lev4 lev4 + lev4 lev4 lev4 lev4 lev4 lev4 lev4 lev4 + in +let lev2 ≝ array_16T ? + lev3 lev3 lev3 lev3 lev3 lev3 lev3 lev3 + lev3 lev3 lev3 lev3 lev3 lev3 lev3 lev3 + in +let lev1 ≝ array_16T ? + lev2 lev2 lev2 lev2 lev2 lev2 lev2 lev2 + lev2 lev2 lev2 lev2 lev2 lev2 lev2 lev2 + in +lev1. + +(* visita di un albero da 64KB di elementi: ln16(65536)=4 passaggi *) +ndefinition mt_visit ≝ +λT:Type.λdata:Array16T (Array16T (Array16T (Array16T T))).λaddr:word16. + match addr with + [ mk_word16 wh wl ⇒ + getn_array16T (b8l wl) ? + (getn_array16T (b8h wl) ? + (getn_array16T (b8l wh) ? + (getn_array16T (b8h wh) ? data))) ]. + +(* scrittura di un elemento in un albero da 64KB *) +ndefinition mt_update ≝ +λT:Type.λdata:Array16T (Array16T (Array16T (Array16T T))).λaddr:word16.λv:T. + match addr with + [ mk_word16 wh wl ⇒ + let lev2 ≝ getn_array16T (b8h wh) ? data in + let lev3 ≝ getn_array16T (b8l wh) ? lev2 in + let lev4 ≝ getn_array16T (b8h wl) ? lev3 in + setn_array16T (b8h wh) ? data + (setn_array16T (b8l wh) ? lev2 + (setn_array16T (b8h wl) ? lev3 + (setn_array16T (b8l wl) T lev4 v))) ]. + +(* scrittura di un range in un albero da 64KB *) +ndefinition mt_update_ranged ≝ +λT:Type.λdata:Array16T (Array16T (Array16T (Array16T T))).λi,s:word16.λv:T. + (* ok i≤s *) + match le_w16 i s with + [ true ⇒ + match i with + [ mk_word16 ih il ⇒ + match s with + [ mk_word16 sh sl ⇒ + let aux_4 ≝ Array16T T in + let aux_3 ≝ Array16T (Array16T T) in + let aux_2 ≝ Array16T (Array16T (Array16T T)) in + + let ilev2 ≝ getn_array16T (b8h ih) aux_2 data in + let ilev3 ≝ getn_array16T (b8l ih) aux_3 ilev2 in + let ilev4 ≝ getn_array16T (b8h il) aux_4 ilev3 in + + let slev2 ≝ getn_array16T (b8h sh) aux_2 data in + let slev3 ≝ getn_array16T (b8l sh) aux_3 slev2 in + let slev4 ≝ getn_array16T (b8h sl) aux_4 slev3 in + + let vlev4 ≝ array_16T T v v v v v v v v v v v v v v v v in + let vlev3 ≝ array_16T aux_4 vlev4 vlev4 vlev4 vlev4 vlev4 vlev4 vlev4 vlev4 + vlev4 vlev4 vlev4 vlev4 vlev4 vlev4 vlev4 vlev4 in + let vlev2 ≝ array_16T aux_3 vlev3 vlev3 vlev3 vlev3 vlev3 vlev3 vlev3 vlev3 + vlev3 vlev3 vlev3 vlev3 vlev3 vlev3 vlev3 vlev3 in + + match eq_ex (b8h ih) (b8h sh) with + [ true ⇒ match eq_ex (b8l ih) (b8l sh) with + [ true ⇒ match eq_ex (b8h il) (b8h sl) with + (* caso 0x...(X) a 0x...(Y) *) + [ true ⇒ setn_array16T (b8h ih) aux_2 data + (setn_array16T (b8l ih) aux_3 ilev2 + (setn_array16T (b8h il) aux_4 ilev3 + (* cambio a partire da livello 4 *) + (setmn_array16T (b8l il) (b8l sl) T ilev4 v))) (* ...X,...Y *) + (* caso 0x..(X1)(X2) a 0x..(Y1)(Y2) *) + | false ⇒ setn_array16T (b8h ih) aux_2 data + (setn_array16T (b8l ih) aux_3 ilev2 + (* cambio a partire da livello 3 *) + (setn_array16T (b8h sl) aux_4 (* ..(Y1)0,..(Y1)(Y2) *) + (setmn_array16T_succ_pred (b8h il) (b8h sl) aux_4 (* ..(X1+1).,..(Y1-1). *) + (setn_array16T (b8h il) aux_4 ilev3 + (setmn_array16T (b8l il) xF T ilev4 v)) (* ..(X1)(X2),..(X1)F *) + vlev4) + (setmn_array16T x0 (b8l sl) T slev4 v))) ] + (* caso 0x.(X1)(X2)(X3) a 0x..(Y1)(Y2)(Y3) *) + | false ⇒ setn_array16T (b8h ih) aux_2 data + (* cambio a partire da livello 2 *) + (setn_array16T (b8l sh) aux_3 + (setmn_array16T_succ_pred (b8l ih) (b8l sh) aux_3 (* .(X1+1)..,.(Y1-1).. *) + (setn_array16T (b8l ih) aux_3 ilev2 + (setmn_array16T_succ (b8h il) aux_4 (* .(X1)(X2+1).,.(X1)F. *) + (setn_array16T (b8h il) aux_4 ilev3 + (setmn_array16T (b8l il) xF T ilev4 v)) (* .(X1)(X2)(X3),.(X1)(X2)F *) + vlev4)) + vlev3) + (setmn_array16T_pred (b8h sl) aux_4 (* .(Y1)0.,.(Y1)(Y2-1). *) + (setn_array16T (b8h sl) aux_4 slev3 + (setmn_array16T x0 (b8l sl) T slev4 v)) (* .(Y1)(Y2)0,.(Y1)(Y2)(Y3) *) + vlev4)) + ] + (* caso 0x(X1)(X2)(X3)(X4) a 0x(Y1)(Y2)(Y3)(Y4) *) + | false ⇒ setn_array16T (b8h sh) aux_2 + (setmn_array16T_succ_pred (b8h ih) (b8h sh) aux_2 (* (X+1)...,(Y-1)... *) + (setn_array16T (b8h ih) aux_2 data + (setmn_array16T_succ (b8l ih) aux_3 (* (X1)(X2+1)..,(X1)F.. *) + (setn_array16T (b8l ih) aux_3 ilev2 + (setmn_array16T_succ (b8h il) aux_4 (* (X1)(X2)(X3+1).,(X1)(X2)F. *) + (setn_array16T (b8h il) aux_4 ilev3 + (setmn_array16T (b8l il) xF T ilev4 v)) (* (X1)(X2)(X3)(X4),(X1)(X2)(X3)F *) + vlev4)) + vlev3)) + vlev2) + (setmn_array16T_pred (b8l sh) aux_3 (* (Y1)0..,(Y1)(Y2-1).. *) + (setn_array16T (b8l sh) aux_3 slev2 + (setmn_array16T_pred (b8h sl) aux_4 (* (Y1)(Y2)0.,(Y1)(Y2)(Y3-1). *) + (setn_array16T (b8h sl) aux_4 slev3 + (setmn_array16T x0 (b8l sl) T slev4 v)) (* (Y1)(Y2)(Y3)0,(Y1)(Y2)(Y3)(Y4) *) + vlev4)) + vlev3) ]]] + (* no i>s *) + | false ⇒ data + ]. + +ndefinition mt_chk_get ≝ +λchk:Array16T (Array16T (Array16T (Array16T memory_type))).λaddr:word16. + match mt_visit ? chk addr with + [ MEM_READ_ONLY ⇒ array_8T ? MEM_READ_ONLY MEM_READ_ONLY MEM_READ_ONLY MEM_READ_ONLY MEM_READ_ONLY MEM_READ_ONLY MEM_READ_ONLY MEM_READ_ONLY + | MEM_READ_WRITE ⇒ array_8T ? MEM_READ_WRITE MEM_READ_WRITE MEM_READ_WRITE MEM_READ_WRITE MEM_READ_WRITE MEM_READ_WRITE MEM_READ_WRITE MEM_READ_WRITE + | MEM_OUT_OF_BOUND ⇒ array_8T ? MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND MEM_OUT_OF_BOUND + ]. + +(* scrivi controllando il tipo di memoria *) +ndefinition mt_mem_update ≝ +λmem:Array16T (Array16T (Array16T (Array16T byte8))). +λchk:Array8T memory_type. +λaddr:word16.λv:byte8. + match getn_array8T o0 ? chk with + (* ROM? ok, ma il valore viene perso *) + [ MEM_READ_ONLY ⇒ Some ? mem + (* RAM? ok *) + | MEM_READ_WRITE ⇒ Some ? (mt_update ? mem addr v) + (* NON INSTALLATA? no *) + | MEM_OUT_OF_BOUND ⇒ None ? ]. + +(* leggi controllando il tipo di memoria *) +ndefinition mt_mem_read ≝ +λmem:Array16T (Array16T (Array16T (Array16T byte8))). +λchk:Array16T (Array16T (Array16T (Array16T memory_type))). +λaddr:word16. + match mt_visit ? chk addr with + [ MEM_READ_ONLY ⇒ Some ? (mt_visit ? mem addr) + | MEM_READ_WRITE ⇒ Some ? (mt_visit ? mem addr) + | MEM_OUT_OF_BOUND ⇒ None ? ]. + +(* ************************** *) +(* CARICAMENTO PROGRAMMA/DATI *) +(* ************************** *) + +(* carica a paratire da addr, scartando source (pescando da old_mem) se si supera 0xFFFF... *) +nlet rec mt_load_from_source_at (old_mem:Array16T (Array16T (Array16T (Array16T byte8)))) + (source:list byte8) (addr:word16) on source ≝ +match source with + (* fine di source: carica da old_mem *) + [ nil ⇒ old_mem + | cons hd tl ⇒ match lt_w16 addr 〈〈xF,xF〉:〈xF,xF〉〉 with + (* non supera 0xFFFF, ricorsione *) + [ true ⇒ mt_load_from_source_at (mt_update ? old_mem addr hd) tl (plus_w16_d_d addr 〈〈x0,x0〉:〈x0,x1〉〉) + (* supera 0xFFFF, niente ricorsione *) + | false ⇒ mt_update ? old_mem addr hd + ]]. diff --git a/helm/software/matita/contribs/ng_assembly/freescale/model.ma b/helm/software/matita/contribs/ng_assembly/freescale/model.ma new file mode 100755 index 000000000..95c26f5e0 --- /dev/null +++ b/helm/software/matita/contribs/ng_assembly/freescale/model.ma @@ -0,0 +1,424 @@ +(**************************************************************************) +(* ___ *) +(* ||M|| *) +(* ||A|| A project by Andrea Asperti *) +(* ||T|| *) +(* ||I|| Developers: *) +(* ||T|| The HELM team. *) +(* ||A|| http://helm.cs.unibo.it *) +(* \ / *) +(* \ / This file is distributed under the terms of the *) +(* v GNU General Public License Version 2 *) +(* *) +(**************************************************************************) + +(* ********************************************************************** *) +(* Progetto FreeScale *) +(* *) +(* Sviluppato da: *) +(* Cosimo Oliboni, oliboni@cs.unibo.it *) +(* *) +(* Questo materiale fa parte della tesi: *) +(* "Formalizzazione Interattiva dei Microcontroller a 8bit FreeScale" *) +(* *) +(* data ultima modifica 15/11/2007 *) +(* ********************************************************************** *) + +include "freescale/status.ma". + +(* *********************************** *) +(* IMPOSTAZIONI SPECIFICHE DEI MODELLI *) +(* *********************************** *) + +(* modelli di HC05 *) +ninductive HC05_mcu_model : Type ≝ + MC68HC05J5A: HC05_mcu_model + (*..*). + +ndefinition HC05_mcu_model_ind : ΠP:HC05_mcu_model → Prop.P MC68HC05J5A → Πh:HC05_mcu_model.P h ≝ +λP:HC05_mcu_model → Prop.λp:P MC68HC05J5A.λh:HC05_mcu_model. + match h with [ MC68HC05J5A ⇒ p ]. + +ndefinition HC05_mcu_model_rec : ΠP:HC05_mcu_model → Set.P MC68HC05J5A → Πh:HC05_mcu_model.P h ≝ +λP:HC05_mcu_model → Set.λp:P MC68HC05J5A.λh:HC05_mcu_model. + match h with [ MC68HC05J5A ⇒ p ]. + +ndefinition HC05_mcu_model_rect : ΠP:HC05_mcu_model → Type.P MC68HC05J5A → Πh:HC05_mcu_model.P h ≝ +λP:HC05_mcu_model → Type.λp:P MC68HC05J5A.λh:HC05_mcu_model. + match h with [ MC68HC05J5A ⇒ p ]. + +(* modelli di HC08 *) +ninductive HC08_mcu_model : Type ≝ + MC68HC08AB16A: HC08_mcu_model + (*..*). + +ndefinition HC08_mcu_model_ind : ΠP:HC08_mcu_model → Prop.P MC68HC08AB16A → Πh:HC08_mcu_model.P h ≝ +λP:HC08_mcu_model → Prop.λp:P MC68HC08AB16A.λh:HC08_mcu_model. + match h with [ MC68HC08AB16A ⇒ p ]. + +ndefinition HC08_mcu_model_rec : ΠP:HC08_mcu_model → Set.P MC68HC08AB16A → Πh:HC08_mcu_model.P h ≝ +λP:HC08_mcu_model → Set.λp:P MC68HC08AB16A.λh:HC08_mcu_model. + match h with [ MC68HC08AB16A ⇒ p ]. + +ndefinition HC08_mcu_model_rect : ΠP:HC08_mcu_model → Type.P MC68HC08AB16A → Πh:HC08_mcu_model.P h ≝ +λP:HC08_mcu_model → Type.λp:P MC68HC08AB16A.λh:HC08_mcu_model. + match h with [ MC68HC08AB16A ⇒ p ]. + +(* modelli di HCS08 *) +ninductive HCS08_mcu_model : Type ≝ + MC9S08AW60 : HCS08_mcu_model + (*..*). + +ndefinition HCS08_mcu_model_ind : ΠP:HCS08_mcu_model → Prop.P MC9S08AW60 → Πh:HCS08_mcu_model.P h ≝ +λP:HCS08_mcu_model → Prop.λp:P MC9S08AW60.λh:HCS08_mcu_model. + match h with [ MC9S08AW60 ⇒ p ]. + +ndefinition HCS08_mcu_model_rec : ΠP:HCS08_mcu_model → Set.P MC9S08AW60 → Πh:HCS08_mcu_model.P h ≝ +λP:HCS08_mcu_model → Set.λp:P MC9S08AW60.λh:HCS08_mcu_model. + match h with [ MC9S08AW60 ⇒ p ]. + +ndefinition HCS08_mcu_model_rect : ΠP:HCS08_mcu_model → Type.P MC9S08AW60 → Πh:HCS08_mcu_model.P h ≝ +λP:HCS08_mcu_model → Type.λp:P MC9S08AW60.λh:HCS08_mcu_model. + match h with [ MC9S08AW60 ⇒ p ]. + +(* modelli di RS08 *) +ninductive RS08_mcu_model : Type ≝ + MC9RS08KA1 : RS08_mcu_model +| MC9RS08KA2 : RS08_mcu_model. + +ndefinition RS08_mcu_model_ind : ΠP:RS08_mcu_model → Prop.P MC9RS08KA1 → P MC9RS08KA2 → Πr:RS08_mcu_model.P r ≝ +λP:RS08_mcu_model → Prop.λp:P MC9RS08KA1.λp1:P MC9RS08KA2.λr:RS08_mcu_model. + match r with [ MC9RS08KA1 ⇒ p | MC9RS08KA2 ⇒ p1 ]. + +ndefinition RS08_mcu_model_rec : ΠP:RS08_mcu_model → Set.P MC9RS08KA1 → P MC9RS08KA2 → Πr:RS08_mcu_model.P r ≝ +λP:RS08_mcu_model → Set.λp:P MC9RS08KA1.λp1:P MC9RS08KA2.λr:RS08_mcu_model. + match r with [ MC9RS08KA1 ⇒ p | MC9RS08KA2 ⇒ p1 ]. + +ndefinition RS08_mcu_model_rect : ΠP:RS08_mcu_model → Type.P MC9RS08KA1 → P MC9RS08KA2 → Πr:RS08_mcu_model.P r ≝ +λP:RS08_mcu_model → Type.λp:P MC9RS08KA1.λp1:P MC9RS08KA2.λr:RS08_mcu_model. + match r with [ MC9RS08KA1 ⇒ p | MC9RS08KA2 ⇒ p1 ]. + +(* raggruppamento dei modelli *) +ninductive any_mcu_model : Type ≝ + FamilyHC05 : HC05_mcu_model → any_mcu_model +| FamilyHC08 : HC08_mcu_model → any_mcu_model +| FamilyHCS08 : HCS08_mcu_model → any_mcu_model +| FamilyRS08 : RS08_mcu_model → any_mcu_model. + +ndefinition any_mcu_model_ind + : ΠP:any_mcu_model → Prop.(Πn:HC05_mcu_model.P (FamilyHC05 n)) → (Πn:HC08_mcu_model.P (FamilyHC08 n)) → + (Πn:HCS08_mcu_model.P (FamilyHCS08 n)) → (Πn:RS08_mcu_model.P (FamilyRS08 n))→Πa:any_mcu_model.P a ≝ +λP:any_mcu_model → Prop.λf:Πn:HC05_mcu_model.P (FamilyHC05 n).λf1:Πn:HC08_mcu_model.P (FamilyHC08 n). +λf2:Πn:HCS08_mcu_model.P (FamilyHCS08 n).λf3:Πn:RS08_mcu_model.P (FamilyRS08 n).λa:any_mcu_model. + match a with [ FamilyHC05 n ⇒ f n | FamilyHC08 n ⇒ f1 n + | FamilyHCS08 n ⇒ f2 n | FamilyRS08 n ⇒ f3 n ]. + +ndefinition any_mcu_model_rec + : ΠP:any_mcu_model → Set.(Πn:HC05_mcu_model.P (FamilyHC05 n)) → (Πn:HC08_mcu_model.P (FamilyHC08 n)) → + (Πn:HCS08_mcu_model.P (FamilyHCS08 n)) → (Πn:RS08_mcu_model.P (FamilyRS08 n))→Πa:any_mcu_model.P a ≝ +λP:any_mcu_model → Set.λf:Πn:HC05_mcu_model.P (FamilyHC05 n).λf1:Πn:HC08_mcu_model.P (FamilyHC08 n). +λf2:Πn:HCS08_mcu_model.P (FamilyHCS08 n).λf3:Πn:RS08_mcu_model.P (FamilyRS08 n).λa:any_mcu_model. + match a with [ FamilyHC05 n ⇒ f n | FamilyHC08 n ⇒ f1 n + | FamilyHCS08 n ⇒ f2 n | FamilyRS08 n ⇒ f3 n ]. + +ndefinition any_mcu_model_rect + : ΠP:any_mcu_model → Type.(Πn:HC05_mcu_model.P (FamilyHC05 n)) → (Πn:HC08_mcu_model.P (FamilyHC08 n)) → + (Πn:HCS08_mcu_model.P (FamilyHCS08 n)) → (Πn:RS08_mcu_model.P (FamilyRS08 n))→Πa:any_mcu_model.P a ≝ +λP:any_mcu_model → Type.λf:Πn:HC05_mcu_model.P (FamilyHC05 n).λf1:Πn:HC08_mcu_model.P (FamilyHC08 n). +λf2:Πn:HCS08_mcu_model.P (FamilyHCS08 n).λf3:Πn:RS08_mcu_model.P (FamilyRS08 n).λa:any_mcu_model. + match a with [ FamilyHC05 n ⇒ f n | FamilyHC08 n ⇒ f1 n + | FamilyHCS08 n ⇒ f2 n | FamilyRS08 n ⇒ f3 n ]. + +(* +condizioni errore interne alla MCU +(Il programma viene caricato dal produttore in ROM o impostato in EEPROM) +HC05: +illegal address during opcode fetch +HC08: +illegal address duting opcode fetch (ILAD mascherabile) + +illegal opcode (ILOP mascherabile) + +(Il programma viene programmato nella FLASH) +HCS08: +illegal address during opcode fetch (ILAD mascherabile) + +illegal opcode (ILOP mascherabile) + +security = accesso a RAM e zone FLASH dichiarate sicure da zone sicure + da' 0 in lettura e ignore in scrittura, [FLASH]SEC00:SEC01 (1,0) + corrisponde a OFF, altre ON, disattivabile solo da modalita' sicura se + opzione [FLASH]KEYEN e' 1 passando chiave a 8byte da modalita' sicura. + Altrimenti disattivabile solo con FLASH mass erase. Obbiettivo + e' impedire duplicazione di software di controllo, dato che esiste + modalita' debugging. A restart viene ricaricata da FLASH impostazione + sicurezza! +RS08: +illegal address durting opcode fetch (ILAD) mascherabile + +illegal opcode (ILOP mascherabile) + +security = solo la FLASH e' considerata sicura. Stesso meccanismo di HCS08 + ma governato solo da [FLASH]SECD (0) OFF.Una volta attivato l'unica + disattivazione e' la cancellazione della FLASH. +*) + +(* memoria degli HC05 *) +ndefinition memory_type_of_FamilyHC05 ≝ +λm:HC05_mcu_model.match m with + [ MC68HC05J5A ⇒ + [ + (* astraggo molto *) + (* 0x0000-0x001F,0x0FF0: sarebbe memory mapped IO *) + + triple ??? 〈〈x0,x0〉:〈x8,x0〉〉 〈〈x0,x0〉:〈xF,xF〉〉 MEM_READ_WRITE (* 128B RAM+STACK *) + ; triple ??? 〈〈x0,x3〉:〈x0,x0〉〉 〈〈x0,xC〉:〈xF,xF〉〉 MEM_READ_ONLY (* 2560B USER ROM *) + ; triple ??? 〈〈x0,xE〉:〈x0,x0〉〉 〈〈x0,xF〉:〈xF,xF〉〉 MEM_READ_ONLY (* 512B INTERNAL ROM *) + ] + (*..*) + ]. + +(* memoria degli HC08 *) +ndefinition memory_type_of_FamilyHC08 ≝ +λm:HC08_mcu_model.match m with + [ MC68HC08AB16A ⇒ + [ + (* astraggo molto *) + (* 0x0000-0x004F,0xFE00-0xFE01,0xFE03, + 0xFE0C-0xFE11,0xFE1A-0xFE1D,0xFE1F: sarebbe memory mapped IO *) + (* 0x0500-0x057F,0xFE02,0xFE04-0xFE07, + 0xFE09-0xFE0B,0xFE12-0xFE19,0xFE1E,0xFFC0-0xFFCF : sarebbe reserved *) + + triple ??? 〈〈x0,x0〉:〈x5,x0〉〉 〈〈x0,x2〉:〈x4,xF〉〉 MEM_READ_WRITE (* 512B RAM *) + ; triple ??? 〈〈x0,x8〉:〈x0,x0〉〉 〈〈x0,x9〉:〈xF,xF〉〉 MEM_READ_ONLY (* 512B EEPROM *) + ; triple ??? 〈〈xB,xE〉:〈x0,x0〉〉 〈〈xF,xD〉:〈xF,xF〉〉 MEM_READ_ONLY (* 16384B ROM *) + ; triple ??? 〈〈xF,xE〉:〈x2,x0〉〉 〈〈xF,xF〉:〈x5,x2〉〉 MEM_READ_ONLY (* 307B ROM *) + ; triple ??? 〈〈xF,xF〉:〈xD,x0〉〉 〈〈xF,xF〉:〈xF,xF〉〉 MEM_READ_ONLY (* 48B ROM *) ] + (*..*) + ]. + +(* memoria degli HCS08 *) +ndefinition memory_type_of_FamilyHCS08 ≝ +λm:HCS08_mcu_model.match m with + [ MC9S08AW60 ⇒ + [ + (* astraggo molto *) + (* 0x0000-0x006F,0x1800-0x185F: sarebbe memory mapped IO *) + + triple ??? 〈〈x0,x0〉:〈x7,x0〉〉 〈〈x0,x8〉:〈x6,xF〉〉 MEM_READ_WRITE (* 2048B RAM *) + ; triple ??? 〈〈x0,x8〉:〈x7,x0〉〉 〈〈x1,x7〉:〈xF,xF〉〉 MEM_READ_ONLY (* 3984B FLASH *) + ; triple ??? 〈〈x1,x8〉:〈x6,x0〉〉 〈〈xF,xF〉:〈xF,xF〉〉 MEM_READ_ONLY (* 59296B FLASH *) ] + ]. + +(* memoria dei RS08 *) +ndefinition memory_type_of_FamilyRS08 ≝ +λm:RS08_mcu_model.match m with + [ MC9RS08KA1 ⇒ + [ + triple ??? 〈〈x0,x0〉:〈x0,x0〉〉 〈〈x0,x0〉:〈x0,xE〉〉 MEM_READ_WRITE (* 15B RAM *) + (* [000F] e' il registro X *) + (* 0x0010-0x001E sarebbe memory mapped IO, proviamo per completezza con RAM *) + ; triple ??? 〈〈x0,x0〉:〈x1,x0〉〉 〈〈x0,x0〉:〈x1,xE〉〉 MEM_READ_WRITE (* 15B MEMORY MAPPED IO *) + (* [001F] e' il registro PAGESEL *) + ; triple ??? 〈〈x0,x0〉:〈x2,x0〉〉 〈〈x0,x0〉:〈x4,xF〉〉 MEM_READ_WRITE (* 48B RAM *) + (* [00C0-00FF] mappato da PAGESEL su [00pp pppp ppxx xxxx] *) + ; triple ??? 〈〈x0,x0〉:〈xC,x0〉〉 〈〈x0,x0〉:〈xF,xF〉〉 MEM_READ_WRITE (* 64B RAM PAGING *) + (* 0x0200-0x023F sarebbe memory mapped IO, proviamo per completezza con RAM *) + ; triple ??? 〈〈x0,x2〉:〈x0,x0〉〉 〈〈x0,x2〉:〈x3,xF〉〉 MEM_READ_WRITE (* 64B MEMORY MAPPED IO *) + ; triple ??? 〈〈x3,xC〉:〈x0,x0〉〉 〈〈x3,xF〉:〈xF,xF〉〉 MEM_READ_ONLY (* 1024B FLASH *) ] + | MC9RS08KA2 ⇒ + [ + triple ??? 〈〈x0,x0〉:〈x0,x0〉〉 〈〈x0,x0〉:〈x0,xE〉〉 MEM_READ_WRITE (* 15B RAM *) + (* [000F] e' il registro X *) + (* 0x0010-0x001E sarebbe memory mapped IO, proviamo per completezza con RAM *) + ; triple ??? 〈〈x0,x0〉:〈x1,x0〉〉 〈〈x0,x0〉:〈x1,xE〉〉 MEM_READ_WRITE (* 15B MEMORY MAPPED IO *) + (* [001F] e' il registro PAGESEL *) + ; triple ??? 〈〈x0,x0〉:〈x2,x0〉〉 〈〈x0,x0〉:〈x4,xF〉〉 MEM_READ_WRITE (* 48B RAM *) + (* [00C0-00FF] mappato da PAGESEL su [00pp pppp ppxx xxxx] *) + ; triple ??? 〈〈x0,x0〉:〈xC,x0〉〉 〈〈x0,x0〉:〈xF,xF〉〉 MEM_READ_WRITE (* 64B RAM PAGING *) + (* 0x0200-0x023F sarebbe memory mapped IO, proviamo per completezza con RAM *) + ; triple ??? 〈〈x0,x2〉:〈x0,x0〉〉 〈〈x0,x2〉:〈x3,xF〉〉 MEM_READ_WRITE (* 64B MEMORY MAPPED IO *) + ; triple ??? 〈〈x3,x8〉:〈x0,x0〉〉 〈〈x3,xF〉:〈xF,xF〉〉 MEM_READ_ONLY (* 2048B FLASH *) ] + ]. + +(* ∀modello.descrizione della memoria installata *) +ndefinition memory_type_of_mcu_version ≝ +λmcu:any_mcu_model.match mcu with + [ FamilyHC05 m ⇒ memory_type_of_FamilyHC05 m + | FamilyHC08 m ⇒ memory_type_of_FamilyHC08 m + | FamilyHCS08 m ⇒ memory_type_of_FamilyHCS08 m + | FamilyRS08 m ⇒ memory_type_of_FamilyRS08 m + ]. + +(* dato un modello costruisce un descrittore a partire dalla lista precedente *) +nlet rec build_memory_type_of_mcu_version_aux t param (result:aux_chk_type t) on param ≝ + match param with + [ nil ⇒ result + | cons hd tl ⇒ + build_memory_type_of_mcu_version_aux t tl + (check_update_ranged t result (fst3T ??? hd) (snd3T ??? hd) (thd3T ??? hd)) ]. + +ndefinition build_memory_type_of_mcu_version ≝ +λmcu:any_mcu_model.λt:memory_impl. + build_memory_type_of_mcu_version_aux t (memory_type_of_mcu_version mcu) (out_of_bound_memory t). + +(* sarebbe programma da caricare/zero_memory, ora test *) +ndefinition memory_of_mcu_version ≝ +λmcu:any_mcu_model.λt:memory_impl.match mcu with + [ FamilyHC05 m ⇒ match m with + [ MC68HC05J5A ⇒ zero_memory t + (*..*) + ] + | FamilyHC08 m ⇒ match m with + [ MC68HC08AB16A ⇒ zero_memory t + (*..*) + ] + (* tralascio l'enumerazione dei casi, per ora e' tutto 0 *) + | FamilyHCS08 _ ⇒ zero_memory t + | FamilyRS08 _ ⇒ zero_memory t + ]. + +(* + parametrizzati i non deterministici rispetto a tutti i valori casuali + che verranno dati dall'esterno di tipo byte8 (ndby1-2) e bool (ndbo1-5). + l'ACCENSIONE e' totalmente equivalente ad un reset causato da calo di tensione + (reset V-low), la memoria ed il check puo' essere passata, per esempio da + - (memory_of_mcu_version MC68HC05J5A) + - (build_memory_type_of_mcu_version MC68HC05J5A) +*) +ndefinition start_of_mcu_version_HC05 ≝ +λmcu:HC05_mcu_model.λt:memory_impl. +λmem:aux_mem_type t.λchk:aux_chk_type t. +λndby1,ndby2:byte8.λirqfl,ndbo1,ndbo2,ndbo3,ndbo4,ndbo5:bool. + let build ≝ λspm,spf,pcm:word16. + let fetched_pc ≝ mk_word16 (mem_read_abs t mem (and_w16 〈〈xF,xF〉:〈xF,xE〉〉 pcm)) + (mem_read_abs t mem (and_w16 〈〈xF,xF〉:〈xF,xF〉〉 pcm)) in + mk_any_status HC05 t + (mk_alu_HC05 + (* acc_low: ? *) ndby1 (* indx_low: ? *) ndby2 + (* sp: reset *) (or_w16 (and_w16 〈〈x0,x0〉:〈xF,xF〉〉 spm) spf) spm spf + (* pc: reset+fetch *) (and_w16 fetched_pc pcm) pcm + (* H: ? *) ndbo1 (* I: reset *) true (* N: ? *) ndbo2 + (* Z: ? *) ndbo3 (* C: ? *) ndbo4 (* IRQ: ? *) irqfl) + (* mem *) mem + (* chk *) chk + (* clk: reset *) (None ?) in + match mcu with + [ MC68HC05J5A ⇒ build 〈〈x0,x0〉:〈x3,xF〉〉 〈〈x0,x0〉:〈xC,x0〉〉 〈〈x0,xF〉:〈xF,xF〉〉 + (*..*) + ]. + +ndefinition start_of_mcu_version_HC08 ≝ +λmcu:HC08_mcu_model.λt:memory_impl. +λmem:aux_mem_type t.λchk:aux_chk_type t. +λndby1,ndby2:byte8.λirqfl,ndbo1,ndbo2,ndbo3,ndbo4,ndbo5:bool. + let fetched_pc ≝ mk_word16 (mem_read_abs t mem 〈〈xF,xF〉:〈xF,xE〉〉) + (mem_read_abs t mem 〈〈xF,xF〉:〈xF,xF〉〉) in + mk_any_status HC08 t + (mk_alu_HC08 + (* acc_low: ? *) ndby1 (* indw_low: ? *) ndby2 (* indx_high: reset *) 〈x0,x0〉 + (* sp: reset *) 〈〈x0,x0〉:〈xF,xF〉〉 (* pc: reset+fetch *) fetched_pc + (* V: ? *) ndbo1 (* H: ? *) ndbo2 (* I: reset *) true + (* N: ? *) ndbo3 (* Z: ? *) ndbo4 (* C: ? *) ndbo5 (* IRQ: ? *) irqfl) + (* mem *) mem + (* chk *) chk + (* clk: reset *) (None ?). + +ndefinition start_of_mcu_version_HCS08 ≝ +λmcu:HCS08_mcu_model.λt:memory_impl. +λmem:aux_mem_type t.λchk:aux_chk_type t. +λndby1,ndby2:byte8.λirqfl,ndbo1,ndbo2,ndbo3,ndbo4,ndbo5:bool. + let fetched_pc ≝ mk_word16 (mem_read_abs t mem 〈〈xF,xF〉:〈xF,xE〉〉) + (mem_read_abs t mem 〈〈xF,xF〉:〈xF,xF〉〉) in + mk_any_status HCS08 t + (mk_alu_HC08 + (* acc_low: ? *) ndby1 (* indw_low: ? *) ndby2 (* indx_high: reset *) 〈x0,x0〉 + (* sp: reset *) 〈〈x0,x0〉:〈xF,xF〉〉 (* pc: reset+fetch *) fetched_pc + (* V: ? *) ndbo1 (* H: ? *) ndbo2 (* I: reset *) true + (* N: ? *) ndbo3 (* Z: ? *) ndbo4 (* C: ? *) ndbo5 (* IRQ: ? *) irqfl) + (* mem *) mem + (* chk *) chk + (* clk: reset *) (None ?). + +ndefinition start_of_mcu_version_RS08 ≝ +λmcu:RS08_mcu_model.λt:memory_impl. +λmem:aux_mem_type t.λchk:aux_chk_type t. +λndby1,ndby2:byte8.λirqfl,ndbo1,ndbo2,ndbo3,ndbo4,ndbo5:bool. + let build ≝ λpcm. + mk_any_status RS08 t + (mk_alu_RS08 + (* acc_low: reset *) 〈x0,x0〉 + (* pc: reset *) (and_w16 〈〈xF,xF〉:〈xF,xD〉〉 pcm) pcm + (* spc: reset *) (and_w16 〈〈xF,xF〉:〈xF,xD〉〉 pcm) + (* xm: reset *) 〈x0,x0〉 (* psm: *) 〈x8,x0〉 + (* Z: reset *) false (* C: reset *) false) + (* mem *) mem + (* chk *) chk + (* clk: reset *) (None ?) in + (* tralascio l'enumerazione dei casi, tanto i valori sono uguali *) + build 〈〈x3,xF〉:〈xF,xF〉〉. + +(* + cio' che non viene resettato mantiene il valore precedente: nella documentazione + viene riportato come "unaffected"/"indeterminate"/"unpredictable" + il soft RESET e' diverso da un calo di tensione e la ram non variera' +*) +ndefinition reset_of_mcu ≝ +λm:mcu_type.λt:memory_impl. +let pc_reset_h ≝ 〈〈xF,xF〉:〈xF,xE〉〉 in +let pc_reset_l ≝ 〈〈xF,xF〉:〈xF,xF〉〉 in +let pc_RS08_reset ≝ 〈〈xF,xF〉:〈xF,xD〉〉 in +let sp_reset ≝ 〈〈x0,x0〉:〈xF,xF〉〉 in + match m return λm:mcu_type.(any_status m t) → (any_status m t) with +(* HC05: parzialmente non deterministico *) + [ HC05 ⇒ λs:any_status HC05 t.match s with + [ mk_any_status alu mem chk clk ⇒ match alu with + [ mk_alu_HC05 acclow indxlow _ spm spf _ pcm hfl _ nfl zfl cfl irqfl ⇒ + let fetched_pc ≝ mk_word16 (mem_read_abs t mem (and_w16 pc_reset_h pcm)) + (mem_read_abs t mem (and_w16 pc_reset_l pcm)) in + mk_any_status HC05 t + (mk_alu_HC05 + (* acc_low: inv. *) acclow (* indx_low: inv. *) indxlow + (* sp: reset *) (or_w16 (and_w16 sp_reset spm) spf) spm spf + (* pc: reset+fetch *) (and_w16 fetched_pc pcm) pcm + (* H: inv. *) hfl (* I: reset *) true (* N: inv. *) nfl + (* Z: inv. *) zfl (* C: inv. *) cfl (* IRQ: inv *) irqfl) + (* mem: inv. *) mem + (* chk: inv. *) chk + (* clk: reset *) (None ?) ]] +(* HC08: parzialmente non deterministico *) + | HC08 ⇒ λs:any_status HC08 t.match s with + [ mk_any_status alu mem chk clk ⇒ match alu with + [ mk_alu_HC08 acclow indxlow _ _ _ vfl hfl _ nfl zfl cfl irqfl ⇒ + let fetched_pc ≝ mk_word16 (mem_read_abs t mem pc_reset_h) + (mem_read_abs t mem pc_reset_l) in + mk_any_status HC08 t + (mk_alu_HC08 + (* acc_low: inv. *) acclow (* indx_low: inv. *) indxlow (* indx_high: reset *) 〈x0,x0〉 + (* sp: reset *) sp_reset (* pc: reset+fetch *) fetched_pc + (* V: inv. *) vfl (* H: inv. *) hfl (* I: reset *) true + (* N: inv. *) nfl (* Z: inv. *) zfl (* C: inv. *) cfl (* IRQ: inv *) irqfl) + (* mem: inv. *) mem + (* chk: inv. *) chk + (* clk: reset *) (None ?) ]] +(* HCS08: parzialmente non deterministico *) + | HCS08 ⇒ λs:any_status HCS08 t.match s with + [ mk_any_status alu mem chk clk ⇒ match alu with + [ mk_alu_HC08 acclow indxlow _ _ _ vfl hfl _ nfl zfl cfl irqfl ⇒ + let fetched_pc ≝ mk_word16 (mem_read_abs t mem pc_reset_h) + (mem_read_abs t mem pc_reset_l) in + mk_any_status HCS08 t + (mk_alu_HC08 + (* acc_low: inv. *) acclow (* indx_low: inv. *) indxlow (* indx_high: reset *) 〈x0,x0〉 + (* sp: reset *) sp_reset (* pc: reset+fetch *) fetched_pc + (* V: inv. *) vfl (* H: inv. *) hfl (* I: reset *) true + (* N: inv. *) nfl (* Z: inv. *) zfl (* C: inv. *) cfl (* IRQ: inv *) irqfl) + (* mem: inv. *) mem + (* chk: inv. *) chk + (* clk: reset *) (None ?) ]] +(* RS08: deterministico *) + | RS08 ⇒ λs:any_status RS08 t.match s with + [ mk_any_status alu mem chk clk ⇒ match alu with + [ mk_alu_RS08 _ _ pcm _ _ _ _ _ ⇒ + mk_any_status RS08 t + (mk_alu_RS08 + (* acc_low: reset *) 〈x0,x0〉 + (* pc: reset *) (and_w16 pc_RS08_reset pcm) pcm + (* spc: reset *) (and_w16 pc_RS08_reset pcm) + (* xm: reset *) 〈x0,x0〉 (* psm: reset *) 〈x8,x0〉 + (* Z: reset *) false (* C: reset *) false) + (* mem: inv. *) mem + (* chk: inv. *) chk + (* clk: reset *) (None ?) ]] + ]. diff --git a/helm/software/matita/contribs/ng_assembly/freescale/multivm.ma b/helm/software/matita/contribs/ng_assembly/freescale/multivm.ma new file mode 100755 index 000000000..4e8b97830 --- /dev/null +++ b/helm/software/matita/contribs/ng_assembly/freescale/multivm.ma @@ -0,0 +1,1378 @@ +(**************************************************************************) +(* ___ *) +(* ||M|| *) +(* ||A|| A project by Andrea Asperti *) +(* ||T|| *) +(* ||I|| Developers: *) +(* ||T|| The HELM team. *) +(* ||A|| http://helm.cs.unibo.it *) +(* \ / *) +(* \ / This file is distributed under the terms of the *) +(* v GNU General Public License Version 2 *) +(* *) +(**************************************************************************) + +(* ********************************************************************** *) +(* Progetto FreeScale *) +(* *) +(* Sviluppato da: *) +(* Cosimo Oliboni, oliboni@cs.unibo.it *) +(* *) +(* Questo materiale fa parte della tesi: *) +(* "Formalizzazione Interattiva dei Microcontroller a 8bit FreeScale" *) +(* *) +(* data ultima modifica 15/11/2007 *) +(* ********************************************************************** *) + +include "freescale/load_write.ma". +include "freescale/nat_lemmas.ma". + +(* ************************************************ *) +(* LOGICHE AUSILIARE CHE ACCOMUNANO PIU' OPERAZIONI *) +(* ************************************************ *) + +(* NB: dentro il codice i commenti cercano di spiegare la logica + secondo quanto riportato dalle specifiche delle mcu *) + +(* NB: notare che tranne nei casi in cui PC viene modificato esplicitamente + il suo avanzamento viene delegato totalmente agli strati inferiori + I) avanzamento dovuto al decode degli op (fetch) + II) avanzamento dovuto al caricamento degli argomenti (multi_mode_load/write) + la modifica effettiva avviene poi centralizzata in tick *) + +(* A = [true] fAMC(A,M,C), [false] A *) +(* cioe' in caso di false l'operazione viene eseguita ma modifica solo i flag *) +(* fAMC e' la logica da applicare: somma con/senza carry *) +ndefinition execute_ADC_ADD_aux ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16.λsetflag:bool. +λfAMC:byte8 → byte8 → bool → ProdT byte8 bool. + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + let A_op ≝ get_acc_8_low_reg m t s_tmp1 in + match fAMC A_op M_op (get_c_flag m t s_tmp1) with + [ pair R_op carry ⇒ + let A7 ≝ MSB_b8 A_op in let M7 ≝ MSB_b8 M_op in let R7 ≝ MSB_b8 R_op in + let A3 ≝ MSB_ex (b8l A_op) in let M3 ≝ MSB_ex (b8l M_op) in let R3 ≝ MSB_ex (b8l R_op) in + (* A = [true] fAMC(A,M,C), [false] A *) + let s_tmp2 ≝ match setflag with [ true ⇒ set_acc_8_low_reg m t s_tmp1 R_op | false ⇒ s_tmp1 ] in + (* Z = nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp3 ≝ set_z_flag m t s_tmp2 (eq_b8 R_op 〈x0,x0〉) in + (* C = A7&M7 | M7&nR7 | nR7&A7 *) + let s_tmp4 ≝ set_c_flag m t s_tmp3 ((A7⊗M7) ⊕ (M7⊗(⊖R7)) ⊕ ((⊖R7)⊗A7)) in + (* N = R7 *) + let s_tmp5 ≝ setweak_n_flag m t s_tmp4 R7 in + (* H = A3&M3 | M3&nR3 | nR3&A3 *) + let s_tmp6 ≝ setweak_h_flag m t s_tmp5 ((A3⊗M3) ⊕ (M3⊗(⊖R3)) ⊕ ((⊖R3)⊗A3)) in + (* V = A7&M7&nR7 | nA7&nM7&R7 *) + let s_tmp7 ≝ setweak_v_flag m t s_tmp6 ((A7⊗M7⊗(⊖R7)) ⊕ ((⊖A7)⊗(⊖M7)⊗R7)) in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp7 new_pc) ]]). + +(* A = [true] fAM(A,M), [false] A *) +(* cioe' in caso di false l'operazione viene eseguita ma modifica solo i flag *) +(* fAM e' la logica da applicare: and/xor/or *) +ndefinition execute_AND_BIT_EOR_ORA_aux ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16.λsetflag:bool. +λfAM:byte8 → byte8 → byte8. + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + let R_op ≝ fAM (get_acc_8_low_reg m t s_tmp1) M_op in + (* A = [true] fAM(A,M), [false] A *) + let s_tmp2 ≝ match setflag with [ true ⇒ set_acc_8_low_reg m t s_tmp1 R_op | false ⇒ s_tmp1 ] in + (* Z = nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp3 ≝ set_z_flag m t s_tmp2 (eq_b8 R_op 〈x0,x0〉) in + (* N = R7 *) + let s_tmp4 ≝ setweak_n_flag m t s_tmp3 (MSB_b8 R_op) in + (* V = 0 *) + let s_tmp5 ≝ setweak_v_flag m t s_tmp4 false in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp5 new_pc) ]). + +(* M = fMC(M,C) *) +(* fMC e' la logica da applicare: rc_/ro_/sh_ *) +ndefinition execute_ASL_ASR_LSR_ROL_ROR_aux ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. +λfMC:byte8 → bool → ProdT byte8 bool. + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op _ ⇒ + match fMC M_op (get_c_flag m t s_tmp1) with [ pair R_op carry ⇒ + (* M = fMC(M,C) *) + opt_map ?? (multi_mode_write true m t s_tmp1 cur_pc i R_op) + (λS_PC.match S_PC with + [ pair s_tmp2 new_pc ⇒ + (* C = carry *) + let s_tmp3 ≝ set_c_flag m t s_tmp2 carry in + (* Z = nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp4 ≝ set_z_flag m t s_tmp3 (eq_b8 R_op 〈x0,x0〉) in + (* N = R7 *) + let s_tmp5 ≝ setweak_n_flag m t s_tmp4 (MSB_b8 R_op) in + (* V = R7 ⊙ carry *) + let s_tmp6 ≝ setweak_v_flag m t s_tmp5 ((MSB_b8 R_op) ⊙ carry) in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp6 new_pc) ])]]). + +(* estensione del segno byte → word *) +ndefinition byte_extension ≝ +λb:byte8.〈match MSB_b8 b with [ true ⇒ 〈xF,xF〉 | false ⇒ 〈x0,x0〉 ]:b〉. + +(* branch con byte+estensione segno *) +ndefinition branched_pc ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λcur_pc:word16.λb:byte8. + get_pc_reg m t (set_pc_reg m t s (plus_w16_d_d cur_pc (byte_extension b))). + +(* if COND=1 branch *) +(* tutti i branch calcoleranno la condizione e la passeranno qui *) +ndefinition execute_any_BRANCH ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16.λfCOND:bool. + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + (* if true, branch *) + match fCOND with + (* newpc = nextpc + rel *) + [ true ⇒ Some ? (pair ?? s_tmp1 (branched_pc m t s_tmp1 new_pc M_op)) + (* newpc = nextpc *) + | false ⇒ Some ? (pair ?? s_tmp1 new_pc) ]]). + +(* Mn = filtered optval *) +(* il chiamante passa 0x00 per azzerare, 0xFF per impostare il bit di M *) +ndefinition execute_BCLRn_BSETn_aux ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16.λoptval:byte8. + (* Mn = filtered optval *) + opt_map ?? (multi_mode_write true m t s cur_pc i optval) + (λS_PC.match S_PC with + (* newpc = nextpc *) + [ pair s_tmp1 new_pc ⇒ Some ? (pair ?? s_tmp1 new_pc) ]). + +(* if COND(Mn) branch *) +(* il chiamante passa la logica da testare (0x00,¬0x00) e poi si salta *) +ndefinition execute_BRCLRn_BRSETn_aux ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16.λfCOND:byte8 → bool. + opt_map ?? (multi_mode_load false m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ match M_op with + [ mk_word16 MH_op ML_op ⇒ + (* if COND(Mn) branch *) + match fCOND MH_op with + (* newpc = nextpc + rel *) + [ true ⇒ Some ? (pair ?? s_tmp1 (branched_pc m t s_tmp1 new_pc ML_op)) + (* newpc = nextpc *) + | false ⇒ Some ? (pair ?? s_tmp1 new_pc) ]]]). + +(* M = fM(M) *) +(* fM e' la logica da applicare: not/neg/++/-- *) +ndefinition execute_COM_DEC_INC_NEG_aux ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. +λfM:byte8 → byte8.λfV:bool → bool → bool.λfC:bool → byte8 → bool. + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op _ ⇒ + let R_op ≝ fM M_op in + (* M = fM(M) *) + opt_map ?? (multi_mode_write true m t s_tmp1 cur_pc i R_op) + (λS_PC.match S_PC with + [ pair s_tmp2 new_pc ⇒ + (* C = fCR (C,R) *) + let s_tmp3 ≝ set_c_flag m t s_tmp2 (fC (get_c_flag m t s_tmp2) R_op) in + (* Z = nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp4 ≝ set_z_flag m t s_tmp3 (eq_b8 R_op 〈x0,x0〉) in + (* N = R7 *) + let s_tmp5 ≝ setweak_n_flag m t s_tmp4 (MSB_b8 R_op) in + (* V = fV (M7,R7) *) + let s_tmp6 ≝ setweak_v_flag m t s_tmp5 (fV (MSB_b8 M_op) (MSB_b8 R_op)) in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp6 new_pc) ])]). + +(* A = [true] fAMC(A,M,C), [false] A *) +(* cioe' in caso di false l'operazione viene eseguita ma modifica solo i flag *) +(* fAMC e' la logica da applicare: sottrazione con/senza carry *) +ndefinition execute_SBC_SUB_aux ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16.λsetflag:bool. +λfAMC:byte8 → byte8 → bool → ProdT byte8 bool. + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + let A_op ≝ get_acc_8_low_reg m t s_tmp1 in + match fAMC A_op M_op (get_c_flag m t s_tmp1) with + [ pair R_op carry ⇒ + let A7 ≝ MSB_b8 A_op in let M7 ≝ MSB_b8 M_op in let R7 ≝ MSB_b8 R_op in + (* A = [true] fAMC(A,M,C), [false] A *) + let s_tmp2 ≝ match setflag with [ true ⇒ set_acc_8_low_reg m t s_tmp1 R_op | false ⇒ s_tmp1 ] in + (* Z = nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp3 ≝ set_z_flag m t s_tmp2 (eq_b8 R_op 〈x0,x0〉) in + (* C = nA7&M7 | M7&R7 | R7&nA7 *) + let s_tmp4 ≝ set_c_flag m t s_tmp3 (((⊖A7)⊗M7) ⊕ (M7⊗R7) ⊕ (R7⊗(⊖A7))) in + (* N = R7 *) + let s_tmp5 ≝ setweak_n_flag m t s_tmp4 R7 in + (* V = A7&nM7&nR7 | nA7&M7&R7 *) + let s_tmp6 ≝ setweak_v_flag m t s_tmp5 ((A7⊗(⊖M7)⊗(⊖R7)) ⊕ ((⊖A7)⊗M7⊗R7)) in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp6 new_pc) ]]). + +(* il classico push *) +ndefinition aux_push ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λval:byte8. + opt_map ?? (get_sp_reg m t s) + (* [SP] = val *) + (λSP_op.opt_map ?? (memory_filter_write m t s SP_op val) + (* SP -- *) + (λs_tmp1.opt_map ?? (set_sp_reg m t s_tmp1 (pred_w16 SP_op)) + (λs_tmp2.Some ? s_tmp2))). + +(* il classico pop *) +(* NB: l'incremento di SP deve essere filtrato dalla ALU, quindi get(set(SP)) *) +ndefinition aux_pop ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + opt_map ?? (get_sp_reg m t s) + (* SP ++ *) + (λSP_op.opt_map ?? (set_sp_reg m t s (succ_w16 SP_op)) + (λs_tmp1.opt_map ?? (get_sp_reg m t s_tmp1) + (* val = [SP] *) + (λSP_op'.opt_map ?? (memory_filter_read m t s_tmp1 SP_op') + (λval.Some ? (pair ?? s_tmp1 val))))). + +(* CCR corrisponde a V11HINZC e cmq 1 se un flag non esiste *) +(* i flag mantengono posizione costante nelle varie ALU, e se non sono + implementati corrispondono a 1 *) +ndefinition aux_get_CCR ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. +let V_comp ≝ match get_v_flag m t s with + [ None ⇒ 〈x8,x0〉 | Some V_val ⇒ match V_val with [ true ⇒ 〈x8,x0〉 | false ⇒ 〈x0,x0〉 ]] in +let H_comp ≝ match get_h_flag m t s with + [ None ⇒ 〈x1,x0〉 | Some H_val ⇒ match H_val with [ true ⇒ 〈x1,x0〉 | false ⇒ 〈x0,x0〉 ]] in +let I_comp ≝ match get_i_flag m t s with + [ None ⇒ 〈x0,x8〉 | Some I_val ⇒ match I_val with [ true ⇒ 〈x0,x8〉 | false ⇒ 〈x0,x0〉 ]] in +let N_comp ≝ match get_n_flag m t s with + [ None ⇒ 〈x0,x4〉 | Some N_val ⇒ match N_val with [ true ⇒ 〈x0,x4〉 | false ⇒ 〈x0,x0〉 ]] in +let Z_comp ≝ match get_z_flag m t s with + [ true ⇒ 〈x0,x2〉 | false ⇒ 〈x0,x0〉 ] in +let C_comp ≝ match get_c_flag m t s with + [ true ⇒ 〈x0,x1〉 | false ⇒ 〈x0,x0〉 ] in +or_b8 〈x6,x0〉 (or_b8 V_comp (or_b8 H_comp (or_b8 I_comp (or_b8 N_comp (or_b8 Z_comp C_comp))))). + +(* CCR corrisponde a V11HINZC *) +(* i flag mantengono posizione costante nelle varie ALU, e se non sono + implementati si puo' usare tranquillamente setweak *) +ndefinition aux_set_CCR ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λCCR:byte8. + let s_tmp1 ≝ set_c_flag m t s (eq_b8 〈x0,x1〉 (and_b8 〈x0,x1〉 CCR)) in + let s_tmp2 ≝ set_z_flag m t s_tmp1 (eq_b8 〈x0,x2〉 (and_b8 〈x0,x2〉 CCR)) in + let s_tmp3 ≝ setweak_n_flag m t s_tmp2 (eq_b8 〈x0,x4〉 (and_b8 〈x0,x4〉 CCR)) in + let s_tmp4 ≝ setweak_i_flag m t s_tmp3 (eq_b8 〈x0,x8〉 (and_b8 〈x0,x8〉 CCR)) in + let s_tmp5 ≝ setweak_h_flag m t s_tmp4 (eq_b8 〈x1,x0〉 (and_b8 〈x1,x0〉 CCR)) in + let s_tmp6 ≝ setweak_v_flag m t s_tmp5 (eq_b8 〈x8,x0〉 (and_b8 〈x8,x0〉 CCR)) in + s_tmp6. + +(* **************** *) +(* LOGICA DELLA ALU *) +(* **************** *) + +(* A = A + M + C *) +ndefinition execute_ADC ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_ADC_ADD_aux m t s i cur_pc true (λA_op.λM_op.λC_op.plus_b8_dc_dc A_op M_op C_op). + +(* A = A + M *) +ndefinition execute_ADD ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_ADC_ADD_aux m t s i cur_pc true (λA_op.λM_op.λC_op.plus_b8_dc_dc A_op M_op false). + +(* SP += extended M *) +ndefinition execute_AIS ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + opt_map ?? (get_sp_reg m t s_tmp1) + (* SP += extended M *) + (λSP_op.opt_map ?? (set_sp_reg m t s_tmp1 (plus_w16_d_d SP_op (byte_extension M_op))) + (λs_tmp2.Some ? (pair ?? s_tmp2 new_pc))) ]). + +(* H:X += extended M *) +ndefinition execute_AIX ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + opt_map ?? (get_indX_16_reg m t s_tmp1) + (* H:X += extended M *) + (λHX_op.opt_map ?? (set_indX_16_reg m t s_tmp1 (plus_w16_d_d HX_op (byte_extension M_op))) + (λs_tmp2.Some ? (pair ?? s_tmp2 new_pc))) ]). + +(* A = A & M *) +ndefinition execute_AND ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_AND_BIT_EOR_ORA_aux m t s i cur_pc true and_b8. + +(* M = C' <- rcl M <- 0 *) +ndefinition execute_ASL ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_ASL_ASR_LSR_ROL_ROR_aux m t s i cur_pc (λM_op.λC_op.rcl_b8 M_op false). + +(* M = M7 -> rcr M -> C' *) +ndefinition execute_ASR ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_ASL_ASR_LSR_ROL_ROR_aux m t s i cur_pc (λM_op.λC_op.rcr_b8 M_op (MSB_b8 M_op)). + +(* if C=0, branch *) +ndefinition execute_BCC ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_any_BRANCH m t s i cur_pc (⊖(get_c_flag m t s)). + +(* Mn = 0 *) +ndefinition execute_BCLRn ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_BCLRn_BSETn_aux m t s i cur_pc 〈x0,x0〉. + +(* if C=1, branch *) +ndefinition execute_BCS ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_any_BRANCH m t s i cur_pc (get_c_flag m t s). + +(* if Z=1, branch *) +ndefinition execute_BEQ ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_any_BRANCH m t s i cur_pc (get_z_flag m t s). + +(* if N⊙V=0, branch *) +ndefinition execute_BGE ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_n_flag m t s) + (λN_op.opt_map ?? (get_v_flag m t s) + (λV_op.execute_any_BRANCH m t s i cur_pc (⊖(N_op ⊙ V_op)))). + +(* BGND mode *) +ndefinition execute_BGND ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + Some ? (pair ?? s cur_pc). + +(* if Z|N⊙V=0, branch *) +ndefinition execute_BGT ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_n_flag m t s) + (λN_op.opt_map ?? (get_v_flag m t s) + (λV_op.execute_any_BRANCH m t s i cur_pc (⊖((get_z_flag m t s) ⊕ (N_op ⊙ V_op))))). + +(* if H=0, branch *) +ndefinition execute_BHCC ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_h_flag m t s) + (λH_op.execute_any_BRANCH m t s i cur_pc (⊖H_op)). + +(* if H=1, branch *) +ndefinition execute_BHCS ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_h_flag m t s) + (λH_op.execute_any_BRANCH m t s i cur_pc H_op). + +(* if C|Z=0, branch *) +ndefinition execute_BHI ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_any_BRANCH m t s i cur_pc (⊖((get_c_flag m t s) ⊕ (get_z_flag m t s))). + +(* if nIRQ=1, branch NB: irqflag e' un negato del pin *) +ndefinition execute_BIH ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_irq_flag m t s) + (λIRQ_op.execute_any_BRANCH m t s i cur_pc (⊖IRQ_op)). + +(* if nIRQ=0, branch NB: irqflag e' un negato del pin *) +ndefinition execute_BIL ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_irq_flag m t s) + (λIRQ_op.execute_any_BRANCH m t s i cur_pc IRQ_op). + +(* flags = A & M *) +ndefinition execute_BIT ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_AND_BIT_EOR_ORA_aux m t s i cur_pc false and_b8. + +(* if Z|N⊙V=1, branch *) +ndefinition execute_BLE ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_n_flag m t s) + (λN_op.opt_map ?? (get_v_flag m t s) + (λV_op.execute_any_BRANCH m t s i cur_pc ((get_z_flag m t s) ⊕ (N_op ⊙ V_op)))). + +(* if C|Z=1, branch *) +ndefinition execute_BLS ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_any_BRANCH m t s i cur_pc ((get_c_flag m t s) ⊕ (get_z_flag m t s)). + +(* if N⊙V=1, branch *) +ndefinition execute_BLT ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_n_flag m t s) + (λN_op.opt_map ?? (get_v_flag m t s) + (λV_op.execute_any_BRANCH m t s i cur_pc (N_op ⊙ V_op))). + +(* if I=0, branch *) +ndefinition execute_BMC ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_i_flag m t s) + (λI_op.execute_any_BRANCH m t s i cur_pc (⊖I_op)). + +(* if N=1, branch *) +ndefinition execute_BMI ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_n_flag m t s) + (λN_op.execute_any_BRANCH m t s i cur_pc N_op). + +(* if I=1, branch *) +ndefinition execute_BMS ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_i_flag m t s) + (λI_op.execute_any_BRANCH m t s i cur_pc I_op). + +(* if Z=0, branch *) +ndefinition execute_BNE ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_any_BRANCH m t s i cur_pc (⊖(get_z_flag m t s)). + +(* if N=0, branch *) +ndefinition execute_BPL ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_n_flag m t s) + (λN_op.execute_any_BRANCH m t s i cur_pc (⊖N_op)). + +(* branch always *) +ndefinition execute_BRA ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_any_BRANCH m t s i cur_pc true. + +(* if Mn=0 branch *) +ndefinition execute_BRCLRn ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_BRCLRn_BRSETn_aux m t s i cur_pc + (λMn_op.eq_b8 Mn_op 〈x0,x0〉). + +(* branch never... come se fosse un nop da 2 byte *) +ndefinition execute_BRN ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_any_BRANCH m t s i cur_pc false. + +(* if Mn=1 branch *) +ndefinition execute_BRSETn ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_BRCLRn_BRSETn_aux m t s i cur_pc + (λMn_op.⊖(eq_b8 Mn_op 〈x0,x0〉)). + +(* Mn = 1 *) +ndefinition execute_BSETn ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_BCLRn_BSETn_aux m t s i cur_pc 〈xF,xF〉. + +(* branch to subroutine *) +(* HC05/HC08/HCS08 si appoggiano allo stack, RS08 a SPC *) +ndefinition execute_BSR ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t .λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ let aux ≝ + (* push (new_pc low) *) + opt_map ?? (aux_push m t s_tmp1 (w16l new_pc)) + (* push (new_pc high) *) + (λs_tmp2.opt_map ?? (aux_push m t s_tmp2 (w16h new_pc)) + (* new_pc = new_pc + rel *) + (λs_tmp3.Some ? (pair ?? s_tmp3 (branched_pc m t s_tmp3 new_pc M_op)))) + in match m with + [ HC05 ⇒ aux | HC08 ⇒ aux | HCS08 ⇒ aux + | RS08 ⇒ + (* SPC = new_pc *) + opt_map ?? (set_spc_reg m t s_tmp1 new_pc) + (* new_pc = new_pc + rel *) + (λs_tmp2.Some ? (pair ?? s_tmp2 (branched_pc m t s_tmp2 new_pc M_op))) + ]]). + +(* if A=M, branch *) +ndefinition execute_CBEQA ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load false m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + match M_op with + [ mk_word16 MH_op ML_op ⇒ + (* if A=M, branch *) + match eq_b8 (get_acc_8_low_reg m t s_tmp1) MH_op with + (* new_pc = new_pc + rel *) + [ true ⇒ Some ? (pair ?? s_tmp1 (branched_pc m t s_tmp1 new_pc ML_op)) + (* new_pc = new_pc *) + | false ⇒ Some ? (pair ?? s_tmp1 new_pc) + ]]]). + +(* if X=M, branch *) +ndefinition execute_CBEQX ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load false m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + match M_op with + [ mk_word16 MH_op ML_op ⇒ + opt_map ?? (get_indX_8_low_reg m t s_tmp1) + (* if X=M, branch *) + (λX_op.match eq_b8 X_op MH_op with + (* new_pc = new_pc + rel *) + [ true ⇒ Some ? (pair ?? s_tmp1 (branched_pc m t s_tmp1 new_pc ML_op)) + (* new_pc = new_pc *) + | false ⇒ Some ? (pair ?? s_tmp1 new_pc) + ])]]). + +(* C = 0 *) +ndefinition execute_CLC ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + Some ? (pair ?? (set_c_flag m t s false) cur_pc). + +(* I = 0 *) +ndefinition execute_CLI ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (set_i_flag m t s false) + (λs_tmp.Some ? (pair ?? s_tmp cur_pc)). + +(* M = 0 *) +ndefinition execute_CLR ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + (* M = 0 *) + opt_map ?? (multi_mode_write true m t s cur_pc i 〈x0,x0〉) + (λS_PC.match S_PC with + [ pair s_tmp1 new_pc ⇒ + (* Z = 1 *) + let s_tmp2 ≝ set_z_flag m t s_tmp1 true in + (* N = 0 *) + let s_tmp3 ≝ setweak_n_flag m t s_tmp2 false in + (* V = 0 *) + let s_tmp4 ≝ setweak_v_flag m t s_tmp3 false in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp4 new_pc) ]). + +(* flags = A - M *) +ndefinition execute_CMP ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_SBC_SUB_aux m t s i cur_pc false (λA_op.λM_op.λC_op.plus_b8_dc_dc A_op (compl_b8 M_op) false). + +(* M = not M *) +ndefinition execute_COM ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_COM_DEC_INC_NEG_aux m t s i cur_pc not_b8 + (* fV = 0 *) + (λM7.λR7.false) + (* fC = 1 *) + (λC_op.λR_op.true). + +(* flags = H:X - M *) +ndefinition execute_CPHX ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load false m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + opt_map ?? (get_indX_16_reg m t s_tmp1) + (λX_op. + match plus_w16_dc_dc X_op (compl_w16 M_op) false with + [ pair R_op carry ⇒ + let X15 ≝ MSB_w16 X_op in let M15 ≝ MSB_w16 M_op in let R15 ≝ MSB_w16 R_op in + (* Z = nR15&nR14&nR13&nR12&nR11&nR10&nR9&nR8&nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp2 ≝ set_z_flag m t s_tmp1 (eq_w16 R_op 〈〈x0,x0〉:〈x0,x0〉〉) in + (* C = nX15&M15 | M15&R15 | R15&nX15 *) + let s_tmp3 ≝ set_c_flag m t s_tmp2 (((⊖X15)⊗M15) ⊕ (M15⊗R15) ⊕ (R15⊗(⊖X15))) in + (* N = R15 *) + let s_tmp4 ≝ setweak_n_flag m t s_tmp3 R15 in + (* V = X15&nM15&nR15 | nX15&M15&R15 *) + let s_tmp5 ≝ setweak_v_flag m t s_tmp4 ((X15⊗(⊖M15)⊗(⊖R15)) ⊕ ((⊖X15)⊗M15⊗R15)) in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp5 new_pc) ] ) ]). + +(* flags = X - M *) +ndefinition execute_CPX ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + opt_map ?? (get_indX_8_low_reg m t s_tmp1) + (λX_op. + match plus_b8_dc_dc X_op (compl_b8 M_op) false with + [ pair R_op carry ⇒ + let X7 ≝ MSB_b8 X_op in let M7 ≝ MSB_b8 M_op in let R7 ≝ MSB_b8 R_op in + (* Z = nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp2 ≝ set_z_flag m t s_tmp1 (eq_b8 R_op 〈x0,x0〉) in + (* C = nX7&M7 | M7&R7 | R7&nX7 *) + let s_tmp3 ≝ set_c_flag m t s_tmp2 (((⊖X7)⊗M7) ⊕ (M7⊗R7) ⊕ (R7⊗(⊖X7))) in + (* N = R7 *) + let s_tmp4 ≝ setweak_n_flag m t s_tmp3 R7 in + (* V = X7&nM7&nR7 | nX7&M7&R7 *) + let s_tmp5 ≝ setweak_v_flag m t s_tmp4 ((X7⊗(⊖M7)⊗(⊖R7)) ⊕ ((⊖X7)⊗M7⊗R7)) in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp5 new_pc) ] ) ]). + +(* decimal adjiust A *) +(* per i dettagli vedere daa_b8 (modulo byte8) *) +ndefinition execute_DAA ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_h_flag m t s) + (λH. + let M_op ≝ get_acc_8_low_reg m t s in + match daa_b8 H (get_c_flag m t s) M_op with + [ pair R_op carry ⇒ + (* A = R *) + let s_tmp1 ≝ set_acc_8_low_reg m t s R_op in + (* Z = nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp2 ≝ set_z_flag m t s_tmp1 (eq_b8 R_op 〈x0,x0〉) in + (* C = carry *) + let s_tmp3 ≝ set_c_flag m t s_tmp2 carry in + (* N = R7 *) + let s_tmp4 ≝ setweak_n_flag m t s_tmp3 (MSB_b8 R_op) in + (* V = M7 ⊙ R7 *) + let s_tmp5 ≝ setweak_v_flag m t s_tmp4 ((MSB_b8 M_op) ⊙ (MSB_b8 R_op)) in + (* newpc = curpc *) + Some ? (pair ?? s_tmp5 cur_pc) ]). + +(* if (--M)≠0, branch *) +ndefinition execute_DBNZ ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load false m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + match M_op with + [ mk_word16 MH_op ML_op ⇒ + (* --M *) + let MH_op' ≝ pred_b8 MH_op in + opt_map ?? (multi_mode_write true m t s_tmp1 cur_pc i MH_op') + (λS_PC.match S_PC with + [ pair s_tmp2 _ ⇒ + (* if (--M)≠0, branch *) + match eq_b8 MH_op' 〈x0,x0〉 with + (* new_pc = new_pc *) + [ true ⇒ Some ? (pair ?? s_tmp2 new_pc) + (* new_pc = new_pc + rel *) + | false ⇒ Some ? (pair ?? s_tmp2 (branched_pc m t s_tmp2 new_pc ML_op)) ]])]]). + +(* M = M - 1 *) +ndefinition execute_DEC ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_COM_DEC_INC_NEG_aux m t s i cur_pc pred_b8 + (* fV = M7&nR7 *) + (λM7.λR7.M7⊗(⊖R7)) + (* fC = C *) + (λC_op.λR_op.C_op). + +(* A = H:A/X, H = H:AmodX se non c'e' overflow, altrimenti invariati *) +(* per i dettagli vedere div_b8 (modulo word16) *) +ndefinition execute_DIV ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_indX_8_high_reg m t s) + (λH_op.opt_map ?? (get_indX_8_low_reg m t s) + (λX_op.match div_b8 〈H_op:(get_acc_8_low_reg m t s)〉 X_op with + [ triple quoz rest overflow ⇒ + (* C = overflow *) + let s_tmp1 ≝ set_c_flag m t s overflow in + (* A = A o H:A/X *) + let s_tmp2 ≝ match overflow with + [ true ⇒ s_tmp1 + | false ⇒ set_acc_8_low_reg m t s_tmp1 quoz ] in + (* Z = nA7&nA6&nA5&nA4&nA3&nA2&nA1&nA0 *) + (* NB: che A sia cambiato o no, lo testa *) + let s_tmp3 ≝ set_z_flag m t s_tmp2 (eq_b8 (get_acc_8_low_reg m t s_tmp2) 〈x0,x0〉) in + (* H = H o H:AmodX *) + opt_map ?? (match overflow with + [ true ⇒ Some ? s_tmp3 + | false ⇒ set_indX_8_high_reg m t s_tmp3 rest]) + (λs_tmp4.Some ? (pair ?? s_tmp4 cur_pc)) ])). + +(* A = A ⊙ M *) +ndefinition execute_EOR ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_AND_BIT_EOR_ORA_aux m t s i cur_pc true xor_b8. + +(* M = M + 1 *) +ndefinition execute_INC ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_COM_DEC_INC_NEG_aux m t s i cur_pc succ_b8 + (* fV = nM7&R7 *) + (λM7.λR7.(⊖M7)⊗R7) + (* fC = C *) + (λC_op.λR_op.C_op). + +(* jmp, il nuovo indirizzo e' una WORD *) +ndefinition execute_JMP ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load false m t s cur_pc i) + (λS_M_PC. + (* newpc = M_op *) + Some ? (pair ?? (fst3T ??? S_M_PC) (snd3T ??? S_M_PC))). + +(* jump to subroutine *) +(* HC05/HC08/HCS08 si appoggiano allo stack, RS08 a SPC *) +ndefinition execute_JSR ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load false m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ let aux ≝ + (* push (new_pc low) *) + opt_map ?? (aux_push m t s_tmp1 (w16l new_pc)) + (* push (new_pc high) *) + (λs_tmp2.opt_map ?? (aux_push m t s_tmp2 (w16h new_pc)) + (* newpc = M_op *) + (λs_tmp3.Some ? (pair ?? s_tmp3 M_op))) + in match m with + [ HC05 ⇒ aux | HC08 ⇒ aux | HCS08 ⇒ aux + | RS08 ⇒ + (* SPC = new_pc *) + opt_map ?? (set_spc_reg m t s_tmp1 new_pc) + (* newpc = M_op *) + (λs_tmp2.Some ? (pair ?? s_tmp2 M_op)) + ]]). + +(* A = M *) +ndefinition execute_LDA ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + (* A = M *) + let s_tmp2 ≝ set_acc_8_low_reg m t s_tmp1 M_op in + (* Z = nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp3 ≝ set_z_flag m t s_tmp2 (eq_b8 M_op 〈x0,x0〉) in + (* N = R7 *) + let s_tmp4 ≝ setweak_n_flag m t s_tmp3 (MSB_b8 M_op) in + (* V = 0 *) + let s_tmp5 ≝ setweak_v_flag m t s_tmp4 false in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp5 new_pc) ]). + +(* H:X = M *) +ndefinition execute_LDHX ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load false m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + opt_map ?? (set_indX_16_reg m t s_tmp1 M_op) + (λs_tmp2. + (* Z = nR15&nR14&nR13nR12&nR11&nR10&nR9&nR8nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp3 ≝ set_z_flag m t s_tmp2 (eq_w16 M_op 〈〈x0,x0〉:〈x0,x0〉〉) in + (* N = R15 *) + let s_tmp4 ≝ setweak_n_flag m t s_tmp3 (MSB_w16 M_op) in + (* V = 0 *) + let s_tmp5 ≝ setweak_v_flag m t s_tmp4 false in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp5 new_pc)) ]). + +(* X = M *) +ndefinition execute_LDX ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + opt_map ?? (set_indX_8_low_reg m t s_tmp1 M_op) + (λs_tmp2. + (* Z = nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp3 ≝ set_z_flag m t s_tmp2 (eq_b8 M_op 〈x0,x0〉) in + (* N = R7 *) + let s_tmp4 ≝ setweak_n_flag m t s_tmp3 (MSB_b8 M_op) in + (* V = 0 *) + let s_tmp5 ≝ setweak_v_flag m t s_tmp4 false in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp5 new_pc)) ]). + +(* M = 0 -> rcr M -> C' *) +ndefinition execute_LSR ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_ASL_ASR_LSR_ROL_ROR_aux m t s i cur_pc (λM_op.λC_op.rcr_b8 M_op false). + +(* M2 = M1 *) +ndefinition execute_MOV ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + (* R_op = M1 *) + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_R_PC.match S_R_PC with + [ triple s_tmp1 R_op tmp_pc ⇒ + (* M2 = R_op *) + opt_map ?? (multi_mode_write true m t s_tmp1 tmp_pc i R_op) + (λS_PC.match S_PC with + [ pair s_tmp2 new_pc ⇒ + (* Z = nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp3 ≝ set_z_flag m t s_tmp2 (eq_b8 R_op 〈x0,x0〉) in + (* N = R7 *) + let s_tmp4 ≝ setweak_n_flag m t s_tmp3 (MSB_b8 R_op) in + (* V = 0 *) + let s_tmp5 ≝ setweak_v_flag m t s_tmp4 false in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp5 new_pc)])]). + +(* X:A = X * A *) +ndefinition execute_MUL ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_indX_8_low_reg m t s) + (λX_op.let R_op ≝ mul_b8 X_op (get_acc_8_low_reg m t s) in + opt_map ?? (set_indX_8_low_reg m t s (w16h R_op)) + (λs_tmp.Some ? (pair ?? (set_acc_8_low_reg m t s_tmp (w16l R_op)) cur_pc))). + +(* M = compl M *) +ndefinition execute_NEG ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_COM_DEC_INC_NEG_aux m t s i cur_pc compl_b8 + (* fV = M7&R7 *) + (λM7.λR7.M7⊗R7) + (* fC = R7|R6|R5|R4|R3|R2|R1|R0 *) + (λC_op.λR_op.⊖(eq_b8 R_op 〈x0,x0〉)). + +(* nulla *) +ndefinition execute_NOP ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + Some ? (pair ?? s cur_pc). + +(* A = (mk_byte8 (b8l A) (b8h A)) *) +(* cioe' swap del nibble alto/nibble basso di A *) +ndefinition execute_NSA ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + match get_acc_8_low_reg m t s with [ mk_byte8 ah al ⇒ + (* A = (mk_byte8 (b8l A) (b8h A)) *) + Some ? (pair ?? (set_acc_8_low_reg m t s 〈al,ah〉) cur_pc) ]. + +(* A = A | M *) +ndefinition execute_ORA ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_AND_BIT_EOR_ORA_aux m t s i cur_pc true or_b8. + +(* push A *) +ndefinition execute_PSHA ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (aux_push m t s (get_acc_8_low_reg m t s)) + (λs_tmp1.Some ? (pair ?? s_tmp1 cur_pc)). + +(* push H *) +ndefinition execute_PSHH ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_indX_8_high_reg m t s) + (λH_op.opt_map ?? (aux_push m t s H_op) + (λs_tmp1.Some ? (pair ?? s_tmp1 cur_pc))). + +(* push X *) +ndefinition execute_PSHX ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_indX_8_low_reg m t s) + (λH_op.opt_map ?? (aux_push m t s H_op) + (λs_tmp1.Some ? (pair ?? s_tmp1 cur_pc))). + +(* pop A *) +ndefinition execute_PULA ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (aux_pop m t s) + (λS_and_A.match S_and_A with [ pair s_tmp1 A_op ⇒ + Some ? (pair ?? (set_acc_8_low_reg m t s_tmp1 A_op) cur_pc) ]). + +(* pop H *) +ndefinition execute_PULH ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (aux_pop m t s) + (λS_and_H.match S_and_H with [ pair s_tmp1 H_op ⇒ + opt_map ?? (set_indX_8_high_reg m t s_tmp1 H_op) + (λs_tmp2.Some ? (pair ?? s_tmp2 cur_pc))]). + +(* pop X *) +ndefinition execute_PULX ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (aux_pop m t s) + (λS_and_X.match S_and_X with [ pair s_tmp1 X_op ⇒ + opt_map ?? (set_indX_8_low_reg m t s_tmp1 X_op) + (λs_tmp2.Some ? (pair ?? s_tmp2 cur_pc))]). + +(* M = C' <- rcl M <- C *) +ndefinition execute_ROL ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_ASL_ASR_LSR_ROL_ROR_aux m t s i cur_pc (λM_op.λC_op.rcl_b8 M_op C_op). + +(* M = C -> rcr M -> C' *) +ndefinition execute_ROR ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_ASL_ASR_LSR_ROL_ROR_aux m t s i cur_pc (λM_op.λC_op.rcr_b8 M_op C_op). + +(* SP = 0xuuFF *) +(* lascia inalterato il byte superiore di SP *) +ndefinition execute_RSP ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_sp_reg m t s) + (λSP_op.match SP_op with [ mk_word16 sph spl ⇒ + opt_map ?? (set_sp_reg m t s 〈sph:〈xF,xF〉〉) + (λs_tmp.Some ? (pair ?? s_tmp cur_pc))]). + +(* return from interrupt *) +ndefinition execute_RTI ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + (* pop (CCR) *) + opt_map ?? (aux_pop m t s) + (λS_and_CCR.match S_and_CCR with [ pair s_tmp1 CCR_op ⇒ + let s_tmp2 ≝ aux_set_CCR m t s_tmp1 CCR_op in + (* pop (A) *) + opt_map ?? (aux_pop m t s_tmp2) + (λS_and_A.match S_and_A with [ pair s_tmp3 A_op ⇒ + let s_tmp4 ≝ set_acc_8_low_reg m t s_tmp3 A_op in + (* pop (X) *) + opt_map ?? (aux_pop m t s_tmp4) + (λS_and_X.match S_and_X with [ pair s_tmp5 X_op ⇒ + opt_map ?? (set_indX_8_low_reg m t s_tmp5 X_op) + (* pop (PC high) *) + (λs_tmp6.opt_map ?? (aux_pop m t s_tmp6) + (λS_and_PCH.match S_and_PCH with [ pair s_tmp7 PCH_op ⇒ + (* pop (PC low) *) + opt_map ?? (aux_pop m t s_tmp7) + (λS_and_PCL.match S_and_PCL with [ pair s_tmp8 PCL_op ⇒ + Some ? (pair ?? s_tmp8 〈PCH_op:PCL_op〉)])]))])])]). + +(* return from subroutine *) +(* HC05/HC08/HCS08 si appoggia allo stack, RS08 si appoggia a SPC *) +ndefinition execute_RTS ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + let aux ≝ + (* pop (PC high) *) + opt_map ?? (aux_pop m t s) + (λS_and_PCH.match S_and_PCH with [ pair s_tmp1 PCH_op ⇒ + (* pop (PC low) *) + opt_map ?? (aux_pop m t s_tmp1) + (λS_and_PCL.match S_and_PCL with [ pair s_tmp2 PCL_op ⇒ + Some ? (pair ?? s_tmp2 〈PCH_op:PCL_op〉)])]) + in match m with + [ HC05 ⇒ aux | HC08 ⇒ aux | HCS08 ⇒ aux + | RS08 ⇒ + (* new_pc = SPC *) + opt_map ?? (get_spc_reg m t s) + (λSPC_op.Some ? (pair ?? s SPC_op)) + ]. + +(* A = A - M - C *) +ndefinition execute_SBC ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_SBC_SUB_aux m t s i cur_pc true + (λA_op.λM_op.λC_op.match plus_b8_dc_dc A_op (compl_b8 M_op) false with + [ pair resb resc ⇒ match C_op with + [ true ⇒ plus_b8_dc_dc resb 〈xF,xF〉 false + | false ⇒ pair ?? resb resc ]]). + +(* C = 1 *) +ndefinition execute_SEC ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + Some ? (pair ?? (set_c_flag m t s true) cur_pc). + +(* I = 1 *) +ndefinition execute_SEI ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (set_i_flag m t s true) + (λs_tmp.Some ? (pair ?? s_tmp cur_pc)). + +(* swap SPCh,A *) +(* senso: nell'RS08 SPC non e' accessibile direttamente e come si possono + fare subroutine annidate se RA (return address) e' salvato sempre in SPC? + occore accedere a SPC e salvarne il contenuto *) +ndefinition execute_SHA ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_spc_reg m t s) + (λSPC_op.opt_map ?? (set_spc_reg m t s 〈(get_acc_8_low_reg m t s):(w16l SPC_op)〉) + (λs_tmp1.Some ? (pair ?? (set_acc_8_low_reg m t s_tmp1 (w16h SPC_op)) cur_pc))). + +(* swap SPCl,A *) +(* senso: nell'RS08 SPC non e' accessibile direttamente e come si possono + fare subroutine annidate se RA (return address) e' salvato sempre in SPC? + occore accedere a SPC e salvarne il contenuto *) +ndefinition execute_SLA ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_spc_reg m t s) + (λSPC_op.opt_map ?? (set_spc_reg m t s 〈(w16h SPC_op):(get_acc_8_low_reg m t s)〉) + (λs_tmp1.Some ? (pair ?? (set_acc_8_low_reg m t s_tmp1 (w16l SPC_op)) cur_pc))). + +(* M = A *) +ndefinition execute_STA ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + (* M = A *) + let A_op ≝ (get_acc_8_low_reg m t s) in + opt_map ?? (multi_mode_write true m t s cur_pc i A_op) + (λS_op_and_PC.match S_op_and_PC with + [ pair s_tmp1 new_pc ⇒ + (* Z = nA7&nA6&nA5&nA4&nA3&nA2&nA1&nA0 *) + let s_tmp2 ≝ set_z_flag m t s_tmp1 (eq_b8 A_op 〈x0,x0〉) in + (* N = A7 *) + let s_tmp3 ≝ setweak_n_flag m t s_tmp2 (MSB_b8 A_op) in + (* V = 0 *) + let s_tmp4 ≝ setweak_v_flag m t s_tmp3 false in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp4 new_pc) ]). + +(* M = H:X *) +ndefinition execute_STHX ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + (* M = H:X *) + opt_map ?? (get_indX_16_reg m t s) + (λX_op.opt_map ?? (multi_mode_write false m t s cur_pc i X_op) + (λS_op_and_PC.match S_op_and_PC with + [ pair s_tmp1 new_pc ⇒ + (* Z = nR15&nR14&nR13nR12&nR11&nR10&nR9&nR8nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp2 ≝ set_z_flag m t s_tmp1 (eq_w16 X_op 〈〈x0,x0〉:〈x0,x0〉〉) in + (* N = R15 *) + let s_tmp3 ≝ setweak_n_flag m t s_tmp2 (MSB_w16 X_op) in + (* V = 0 *) + let s_tmp4 ≝ setweak_v_flag m t s_tmp3 false in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp4 new_pc) ])). + +(* I = 0 *) +ndefinition execute_STOP ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + Some ? (pair ?? (setweak_i_flag m t s false) cur_pc). + +(* M = X *) +ndefinition execute_STX ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + (* M = X *) + opt_map ?? (get_indX_8_low_reg m t s) + (λX_op.opt_map ?? (multi_mode_write true m t s cur_pc i X_op) + (λS_op_and_PC.match S_op_and_PC with + [ pair s_tmp1 new_pc ⇒ + (* Z = nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp2 ≝ set_z_flag m t s_tmp1 (eq_b8 X_op 〈x0,x0〉) in + (* N = R7 *) + let s_tmp3 ≝ setweak_n_flag m t s_tmp2 (MSB_b8 X_op) in + (* V = 0 *) + let s_tmp4 ≝ setweak_v_flag m t s_tmp3 false in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp4 new_pc) ])). + +(* A = A - M *) +ndefinition execute_SUB ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + execute_SBC_SUB_aux m t s i cur_pc true (λA_op.λM_op.λC_op.plus_b8_dc_dc A_op (compl_b8 M_op) false). + +(* software interrupt *) +ndefinition execute_SWI ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + (* indirizzo da cui caricare il nuovo pc *) + let vector ≝ get_pc_reg m t (set_pc_reg m t s 〈〈xF,xF〉:〈xF,xC〉〉) in + (* push (cur_pc low) *) + opt_map ?? (aux_push m t s (w16l cur_pc)) + (* push (cur_pc high *) + (λs_tmp1.opt_map ?? (aux_push m t s_tmp1 (w16h cur_pc)) + (λs_tmp2.opt_map ?? (get_indX_8_low_reg m t s_tmp2) + (* push (X) *) + (λX_op.opt_map ?? (aux_push m t s_tmp2 X_op) + (* push (A) *) + (λs_tmp3.opt_map ?? (aux_push m t s_tmp3 (get_acc_8_low_reg m t s_tmp3)) + (* push (CCR) *) + (λs_tmp4.opt_map ?? (aux_push m t s_tmp4 (aux_get_CCR m t s_tmp4)) + (* I = 1 *) + (λs_tmp5.opt_map ?? (set_i_flag m t s_tmp5 true) + (* load from vector high *) + (λs_tmp6.opt_map ?? (memory_filter_read m t s_tmp6 vector) + (* load from vector low *) + (λaddrh.opt_map ?? (memory_filter_read m t s_tmp6 (succ_w16 vector)) + (* newpc = [vector] *) + (λaddrl.Some ? (pair ?? s_tmp6 〈addrh:addrl〉)))))))))). + +(* flags = A *) +ndefinition execute_TAP ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + Some ? (pair ?? (aux_set_CCR m t s (get_acc_8_low_reg m t s)) cur_pc). + +(* X = A *) +ndefinition execute_TAX ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (set_indX_8_low_reg m t s (get_acc_8_low_reg m t s)) + (λs_tmp.Some ? (pair ?? s_tmp cur_pc)). + +(* A = flags *) +ndefinition execute_TPA ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + Some ? (pair ?? (set_acc_8_low_reg m t s (aux_get_CCR m t s)) cur_pc). + +(* flags = M - 0 *) +(* implementata senza richiamare la sottrazione, la modifica dei flag + e' immediata *) +ndefinition execute_TST ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (multi_mode_load true m t s cur_pc i) + (λS_M_PC.match S_M_PC with + [ triple s_tmp1 M_op new_pc ⇒ + (* Z = nR7&nR6&nR5&nR4&nR3&nR2&nR1&nR0 *) + let s_tmp2 ≝ set_z_flag m t s_tmp1 (eq_b8 M_op 〈x0,x0〉) in + (* N = R7 *) + let s_tmp3 ≝ setweak_n_flag m t s_tmp2 (MSB_b8 M_op) in + (* V = 0 *) + let s_tmp4 ≝ setweak_v_flag m t s_tmp3 false in + (* newpc = nextpc *) + Some ? (pair ?? s_tmp4 new_pc) ]). + +(* H:X = SP + 1 *) +ndefinition execute_TSX ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_sp_reg m t s ) + (λSP_op.opt_map ?? (set_indX_16_reg m t s (succ_w16 SP_op)) + (* H:X = SP + 1 *) + (λs_tmp.Some ? (pair ?? s_tmp cur_pc))). + +(* A = X *) +ndefinition execute_TXA ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_indX_8_low_reg m t s) + (λX_op.Some ? (pair ?? (set_acc_8_low_reg m t s X_op) cur_pc)). + +(* SP = H:X - 1 *) +ndefinition execute_TXS ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + opt_map ?? (get_indX_16_reg m t s ) + (λX_op.opt_map ?? (set_sp_reg m t s (pred_w16 X_op)) + (* SP = H:X - 1 *) + (λs_tmp.Some ? (pair ?? s_tmp cur_pc))). + +(* I = 0 *) +ndefinition execute_WAIT ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λi:instr_mode.λcur_pc:word16. + Some ? (pair ?? (setweak_i_flag m t s false) cur_pc). + +(* **** *) +(* TICK *) +(* **** *) + +(* enumerazione delle possibili modalita' di sospensione *) +ninductive susp_type : Type ≝ + BGND_MODE: susp_type +| STOP_MODE: susp_type +| WAIT_MODE: susp_type. + +ndefinition susp_type_ind : ΠP:susp_type → Prop.P BGND_MODE → P STOP_MODE → P WAIT_MODE → Πs:susp_type.P s ≝ +λP:susp_type → Prop.λp:P BGND_MODE.λp1:P STOP_MODE.λp2:P WAIT_MODE.λs:susp_type. + match s with [ BGND_MODE ⇒ p | STOP_MODE ⇒ p1 | WAIT_MODE ⇒ p2 ]. + +ndefinition susp_type_rec : ΠP:susp_type → Set.P BGND_MODE → P STOP_MODE → P WAIT_MODE → Πs:susp_type.P s ≝ +λP:susp_type → Set.λp:P BGND_MODE.λp1:P STOP_MODE.λp2:P WAIT_MODE.λs:susp_type. + match s with [ BGND_MODE ⇒ p | STOP_MODE ⇒ p1 | WAIT_MODE ⇒ p2 ]. + +ndefinition susp_type_rect : ΠP:susp_type → Type.P BGND_MODE → P STOP_MODE → P WAIT_MODE → Πs:susp_type.P s ≝ +λP:susp_type → Type.λp:P BGND_MODE.λp1:P STOP_MODE.λp2:P WAIT_MODE.λs:susp_type. + match s with [ BGND_MODE ⇒ p | STOP_MODE ⇒ p1 | WAIT_MODE ⇒ p2 ]. + +(* un tipo opzione ad hoc + - errore: errore+stato (seguira' reset o ??, cmq lo stato non va buttato) + - sospensione: sospensione+stato (seguira' resume o ??) + - ok: stato +*) +ninductive tick_result (A:Type) : Type ≝ + TickERR : A → error_type → tick_result A +| TickSUSP : A → susp_type → tick_result A +| TickOK : A → tick_result A. + +ndefinition tick_result_ind + : ΠA:Type.ΠP:tick_result A → Prop.(Πa:A.Πn:error_type.P (TickERR A a n)) → + (Πa:A.Πn:susp_type.P (TickSUSP A a n)) → (Πa:A.P (TickOK A a))→Πt:tick_result A.P t ≝ +λA:Type.λP:tick_result A → Prop.λf:Πa:A.Πn:error_type.P (TickERR A a n). +λf1:Πa:A.Πn:susp_type.P (TickSUSP A a n).λf2:Πa:A.P (TickOK A a).λt:tick_result A. + match t with [ TickERR a n ⇒ f a n | TickSUSP a n ⇒ f1 a n | TickOK a ⇒ f2 a ]. + +ndefinition tick_result_rec + : ΠA:Type.ΠP:tick_result A → Set.(Πa:A.Πn:error_type.P (TickERR A a n)) → + (Πa:A.Πn:susp_type.P (TickSUSP A a n)) → (Πa:A.P (TickOK A a))→Πt:tick_result A.P t ≝ +λA:Type.λP:tick_result A → Set.λf:Πa:A.Πn:error_type.P (TickERR A a n). +λf1:Πa:A.Πn:susp_type.P (TickSUSP A a n).λf2:Πa:A.P (TickOK A a).λt:tick_result A. + match t with [ TickERR a n ⇒ f a n | TickSUSP a n ⇒ f1 a n | TickOK a ⇒ f2 a ]. + +ndefinition tick_result_rect + : ΠA:Type.ΠP:tick_result A → Type.(Πa:A.Πn:error_type.P (TickERR A a n)) → + (Πa:A.Πn:susp_type.P (TickSUSP A a n)) → (Πa:A.P (TickOK A a))→Πt:tick_result A.P t ≝ +λA:Type.λP:tick_result A → Type.λf:Πa:A.Πn:error_type.P (TickERR A a n). +λf1:Πa:A.Πn:susp_type.P (TickSUSP A a n).λf2:Πa:A.P (TickOK A a).λt:tick_result A. + match t with [ TickERR a n ⇒ f a n | TickSUSP a n ⇒ f1 a n | TickOK a ⇒ f2 a ]. + +(* sostanazialmente simula + - fetch/decode/execute + - l'esecuzione e' considerata atomica quindi nel caso di un'instruzione + da 3 cicli la successione sara' + ([fetch/decode] s,clk:None) → + ( s,clk:Some 1,pseudo,mode,3,cur_pc) → + ( s,clk:Some 2,pseudo,mode,3,cur_pc) → + ([execute] s',clk:None) *) + +ndefinition tick_execute ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. +λpseudo:any_opcode m.λmode:instr_mode.λcur_pc:word16. + let abs_pseudo ≝ match pseudo with [ anyOP pseudo' ⇒ pseudo' ] in + let a_status_and_fetch ≝ match abs_pseudo with + [ ADC ⇒ execute_ADC m t s mode cur_pc (* add with carry *) + | ADD ⇒ execute_ADD m t s mode cur_pc (* add *) + | AIS ⇒ execute_AIS m t s mode cur_pc (* add immediate to SP *) + | AIX ⇒ execute_AIX m t s mode cur_pc (* add immediate to X *) + | AND ⇒ execute_AND m t s mode cur_pc (* and *) + | ASL ⇒ execute_ASL m t s mode cur_pc (* aritmetic shift left *) + | ASR ⇒ execute_ASR m t s mode cur_pc (* aritmetic shift right *) + | BCC ⇒ execute_BCC m t s mode cur_pc (* branch if C=0 *) + | BCLRn ⇒ execute_BCLRn m t s mode cur_pc (* clear bit n *) + | BCS ⇒ execute_BCS m t s mode cur_pc (* branch if C=1 *) + | BEQ ⇒ execute_BEQ m t s mode cur_pc (* branch if Z=1 *) + | BGE ⇒ execute_BGE m t s mode cur_pc (* branch if N⊙V=0 (great or equal) *) + | BGND ⇒ execute_BGND m t s mode cur_pc (* !!background mode!!*) + | BGT ⇒ execute_BGT m t s mode cur_pc (* branch if Z|N⊙V=0 clear (great) *) + | BHCC ⇒ execute_BHCC m t s mode cur_pc (* branch if H=0 *) + | BHCS ⇒ execute_BHCS m t s mode cur_pc (* branch if H=1 *) + | BHI ⇒ execute_BHI m t s mode cur_pc (* branch if C|Z=0, (higher) *) + | BIH ⇒ execute_BIH m t s mode cur_pc (* branch if nIRQ=1 *) + | BIL ⇒ execute_BIL m t s mode cur_pc (* branch if nIRQ=0 *) + | BIT ⇒ execute_BIT m t s mode cur_pc (* flag = and (bit test) *) + | BLE ⇒ execute_BLE m t s mode cur_pc (* branch if Z|N⊙V=1 (less or equal) *) + | BLS ⇒ execute_BLS m t s mode cur_pc (* branch if C|Z=1 (lower or same) *) + | BLT ⇒ execute_BLT m t s mode cur_pc (* branch if N⊙1=1 (less) *) + | BMC ⇒ execute_BMC m t s mode cur_pc (* branch if I=0 (interrupt mask clear) *) + | BMI ⇒ execute_BMI m t s mode cur_pc (* branch if N=1 (minus) *) + | BMS ⇒ execute_BMS m t s mode cur_pc (* branch if I=1 (interrupt mask set) *) + | BNE ⇒ execute_BNE m t s mode cur_pc (* branch if Z=0 *) + | BPL ⇒ execute_BPL m t s mode cur_pc (* branch if N=0 (plus) *) + | BRA ⇒ execute_BRA m t s mode cur_pc (* branch always *) + | BRCLRn ⇒ execute_BRCLRn m t s mode cur_pc (* branch if bit n clear *) + | BRN ⇒ execute_BRN m t s mode cur_pc (* branch never (nop) *) + | BRSETn ⇒ execute_BRSETn m t s mode cur_pc (* branch if bit n set *) + | BSETn ⇒ execute_BSETn m t s mode cur_pc (* set bit n *) + | BSR ⇒ execute_BSR m t s mode cur_pc (* branch to subroutine *) + | CBEQA ⇒ execute_CBEQA m t s mode cur_pc (* compare (A) and BEQ *) + | CBEQX ⇒ execute_CBEQX m t s mode cur_pc (* compare (X) and BEQ *) + | CLC ⇒ execute_CLC m t s mode cur_pc (* C=0 *) + | CLI ⇒ execute_CLI m t s mode cur_pc (* I=0 *) + | CLR ⇒ execute_CLR m t s mode cur_pc (* operand=0 *) + | CMP ⇒ execute_CMP m t s mode cur_pc (* flag = sub (compare A) *) + | COM ⇒ execute_COM m t s mode cur_pc (* not (1 complement) *) + | CPHX ⇒ execute_CPHX m t s mode cur_pc (* flag = sub (compare H:X) *) + | CPX ⇒ execute_CPX m t s mode cur_pc (* flag = sub (compare X) *) + | DAA ⇒ execute_DAA m t s mode cur_pc (* decimal adjust A *) + | DBNZ ⇒ execute_DBNZ m t s mode cur_pc (* dec and BNE *) + | DEC ⇒ execute_DEC m t s mode cur_pc (* operand=operand-1 (decrement) *) + | DIV ⇒ execute_DIV m t s mode cur_pc (* div *) + | EOR ⇒ execute_EOR m t s mode cur_pc (* xor *) + | INC ⇒ execute_INC m t s mode cur_pc (* operand=operand+1 (increment) *) + | JMP ⇒ execute_JMP m t s mode cur_pc (* jmp word [operand] *) + | JSR ⇒ execute_JSR m t s mode cur_pc (* jmp to subroutine *) + | LDA ⇒ execute_LDA m t s mode cur_pc (* load in A *) + | LDHX ⇒ execute_LDHX m t s mode cur_pc (* load in H:X *) + | LDX ⇒ execute_LDX m t s mode cur_pc (* load in X *) + | LSR ⇒ execute_LSR m t s mode cur_pc (* logical shift right *) + | MOV ⇒ execute_MOV m t s mode cur_pc (* move *) + | MUL ⇒ execute_MUL m t s mode cur_pc (* mul *) + | NEG ⇒ execute_NEG m t s mode cur_pc (* neg (2 complement) *) + | NOP ⇒ execute_NOP m t s mode cur_pc (* nop *) + | NSA ⇒ execute_NSA m t s mode cur_pc (* nibble swap A (al:ah <- ah:al) *) + | ORA ⇒ execute_ORA m t s mode cur_pc (* or *) + | PSHA ⇒ execute_PSHA m t s mode cur_pc (* push A *) + | PSHH ⇒ execute_PSHH m t s mode cur_pc (* push H *) + | PSHX ⇒ execute_PSHX m t s mode cur_pc (* push X *) + | PULA ⇒ execute_PULA m t s mode cur_pc (* pop A *) + | PULH ⇒ execute_PULH m t s mode cur_pc (* pop H *) + | PULX ⇒ execute_PULX m t s mode cur_pc (* pop X *) + | ROL ⇒ execute_ROL m t s mode cur_pc (* rotate left *) + | ROR ⇒ execute_ROR m t s mode cur_pc (* rotate right *) + | RSP ⇒ execute_RSP m t s mode cur_pc (* reset SP (0x00FF) *) + | RTI ⇒ execute_RTI m t s mode cur_pc (* return from interrupt *) + | RTS ⇒ execute_RTS m t s mode cur_pc (* return from subroutine *) + | SBC ⇒ execute_SBC m t s mode cur_pc (* sub with carry*) + | SEC ⇒ execute_SEC m t s mode cur_pc (* C=1 *) + | SEI ⇒ execute_SEI m t s mode cur_pc (* I=1 *) + | SHA ⇒ execute_SHA m t s mode cur_pc (* swap spc_high,A *) + | SLA ⇒ execute_SLA m t s mode cur_pc (* swap spc_low,A *) + | STA ⇒ execute_STA m t s mode cur_pc (* store from A *) + | STHX ⇒ execute_STHX m t s mode cur_pc (* store from H:X *) + | STOP ⇒ execute_STOP m t s mode cur_pc (* !!stop mode!! *) + | STX ⇒ execute_STX m t s mode cur_pc (* store from X *) + | SUB ⇒ execute_SUB m t s mode cur_pc (* sub *) + | SWI ⇒ execute_SWI m t s mode cur_pc (* software interrupt *) + | TAP ⇒ execute_TAP m t s mode cur_pc (* flag=A (transfer A to process status byte *) + | TAX ⇒ execute_TAX m t s mode cur_pc (* X=A (transfer A to X) *) + | TPA ⇒ execute_TPA m t s mode cur_pc (* A=flag (transfer process status byte to A) *) + | TST ⇒ execute_TST m t s mode cur_pc (* flag = sub (test) *) + | TSX ⇒ execute_TSX m t s mode cur_pc (* X:H=SP (transfer SP to H:X) *) + | TXA ⇒ execute_TXA m t s mode cur_pc (* A=X (transfer X to A) *) + | TXS ⇒ execute_TXS m t s mode cur_pc (* SP=X:H (transfer H:X to SP) *) + | WAIT ⇒ execute_WAIT m t s mode cur_pc (* !!wait mode!!*) + ] in match a_status_and_fetch with +(* errore nell'execute (=caricamento argomenti)? riportato in output *) +(* nessun avanzamento e clk a None *) + [ None ⇒ TickERR ? (set_clk_desc m t s (None ?)) ILL_EX_AD + | Some status_and_newpc ⇒ +(* aggiornamento centralizzato di pc e clk *) + match status_and_newpc with + [ pair s_tmp1 new_pc ⇒ + let s_tmp2 ≝ set_pc_reg m t s_tmp1 new_pc in + let s_tmp3 ≝ set_clk_desc m t s_tmp2 (None ?) in +(* distinzione fra le 4 modalita' possibili, normale/BGND/STOP/WAIT *) + match eq_op abs_pseudo BGND with + [ true ⇒ TickSUSP ? s_tmp3 BGND_MODE + | false ⇒ match eq_op abs_pseudo STOP with + [ true ⇒ TickSUSP ? s_tmp3 STOP_MODE + | false ⇒ match eq_op abs_pseudo WAIT with + [ true ⇒ TickSUSP ? s_tmp3 WAIT_MODE + | false ⇒ TickOK ? s_tmp3 + ]]]]]. + +ndefinition tick ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + let opt_info ≝ get_clk_desc m t s in + match opt_info with + (* e' il momento del fetch *) + [ None ⇒ match fetch m t s with + (* errore nel fetch/decode? riportato in output, nessun avanzamento *) + [ FetchERR err ⇒ TickERR ? s err + (* nessun errore nel fetch *) + | FetchOK fetch_info cur_pc ⇒ match fetch_info with + [ quadruple pseudo mode _ tot_clk ⇒ + match eq_b8 〈x0,x1〉 tot_clk with + (* un solo clk, execute subito *) + [ true ⇒ tick_execute m t s pseudo mode cur_pc + (* piu' clk, execute rimandata *) + | false ⇒ TickOK ? (set_clk_desc m t s (Some ? (quintuple ????? 〈x0,x1〉 pseudo mode tot_clk cur_pc))) + ] + ] + ] + (* il fetch e' gia' stato eseguito, e' il turno di execute? *) + | Some info ⇒ match info with [ quintuple cur_clk pseudo mode tot_clk cur_pc ⇒ + match eq_b8 (succ_b8 cur_clk) tot_clk with + (* si *) + [ true ⇒ tick_execute m t s pseudo mode cur_pc + (* no, avanzamento cur_clk *) + | false ⇒ TickOK ? (set_clk_desc m t s (Some ? (quintuple ????? (succ_b8 cur_clk) pseudo mode tot_clk cur_pc))) + ] + ] + ]. + +(* ********** *) +(* ESECUZIONE *) +(* ********** *) + +nlet rec execute (m:mcu_type) (t:memory_impl) (s:tick_result (any_status m t)) (n:nat) on n ≝ + match s with + [ TickERR s' error ⇒ TickERR ? s' error + | TickSUSP s' susp ⇒ TickSUSP ? s' susp + | TickOK s' ⇒ match n with [ O ⇒ TickOK ? s' | S n' ⇒ execute m t (tick m t s') n' ] + ]. + +nlemma breakpoint_err : ∀m,t,s,err,n.execute m t (TickERR ? s err) n = TickERR ? s err. + #m; #t; #s; #err; #n; + ncases n; + ##[ ##2: #n1 ##] + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma breakpoint_susp : ∀m,t,s,susp,n.execute m t (TickSUSP ? s susp) n = TickSUSP ? s susp. + #m; #t; #s; #susp; #n; + ncases n; + ##[ ##2: #n1 ##] + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma breakpoint : + ∀m,t,n1,n2,s. execute m t s (n1 + n2) = execute m t (execute m t s n1) n2. + #m; #t; #n1; + nelim n1; + ##[ ##1: nnormalize; #n2; #s; ncases s; nnormalize; ##[ ##1,2: #x ##] #y; napply (refl_eq ??) + ##| ##2: #n3; #H; #n2; #s; ncases s; + ##[ ##1: #x; #y; nnormalize; nrewrite > (breakpoint_err m t x y n2); napply (refl_eq ??) + ##| ##2: #x; #y; nnormalize; nrewrite > (breakpoint_susp m t x y n2); napply (refl_eq ??) + ##| ##3: #x; nrewrite > (Sn_p_n_to_S_npn n3 n2); + nchange with ((execute m t (tick m t x) (n3+n2)) = + (execute m t (execute m t (tick m t x) n3) n2)); + nrewrite > (H n2 (tick m t x)); + napply (refl_eq ??) + ##] + ##] +nqed. diff --git a/helm/software/matita/contribs/ng_assembly/freescale/nat_lemmas.ma b/helm/software/matita/contribs/ng_assembly/freescale/nat_lemmas.ma index 70b9bbbb9..72ceb6188 100644 --- a/helm/software/matita/contribs/ng_assembly/freescale/nat_lemmas.ma +++ b/helm/software/matita/contribs/ng_assembly/freescale/nat_lemmas.ma @@ -113,3 +113,53 @@ nlemma eqnat_to_eq : ∀n1,n2:nat.(eq_nat n1 n2 = true → n1 = n2). ##] ##] nqed. + +nlemma Sn_p_n_to_S_npn : ∀n1,n2.(S n1) + n2 = S (n1 + n2). + #n1; + nelim n1; + ##[ ##1: nnormalize; #n2; napply (refl_eq ??) + ##| ##2: #n; #H; #n2; nrewrite > (H n2); + ncases n in H:(%) ⊢ %; + ##[ ##1: nnormalize; #H; napply (refl_eq ??) + ##| ##2: #n3; nnormalize; #H; napply (refl_eq ??) + ##] + ##] +nqed. + +nlemma n_p_Sn_to_S_npn : ∀n1,n2.n1 + (S n2) = S (n1 + n2). + #n1; + nelim n1; + ##[ ##1: nnormalize; #n2; napply (refl_eq ??) + ##| ##2: #n; #H; #n2; + nrewrite > (Sn_p_n_to_S_npn n (S n2)); + nrewrite > (H n2); + napply (refl_eq ??) + ##] +nqed. + +nlemma Opn_to_n : ∀n.O + n = n. + #n; nnormalize; napply (refl_eq ??). +nqed. + +nlemma npO_to_n : ∀n.n + O = n. + #n; + nelim n; + ##[ ##1: nnormalize; napply (refl_eq ??) + ##| ##2: #n1; #H; + nrewrite > (Sn_p_n_to_S_npn n1 O); + nrewrite > H; + napply (refl_eq ??) + ##] +nqed. + +nlemma symmetric_plusnat : symmetricT nat nat plus. + #n1; + nelim n1; + ##[ ##1: #n2; nrewrite > (npO_to_n n2); nnormalize; napply (refl_eq ??) + ##| ##2: #n2; #H; #n3; + nrewrite > (Sn_p_n_to_S_npn n2 n3); + nrewrite > (n_p_Sn_to_S_npn n3 n2); + nrewrite > (H n3); + napply (refl_eq ??) + ##] +nqed. diff --git a/helm/software/matita/contribs/ng_assembly/freescale/status.ma b/helm/software/matita/contribs/ng_assembly/freescale/status.ma new file mode 100755 index 000000000..90d19cdd7 --- /dev/null +++ b/helm/software/matita/contribs/ng_assembly/freescale/status.ma @@ -0,0 +1,1407 @@ +(**************************************************************************) +(* ___ *) +(* ||M|| *) +(* ||A|| A project by Andrea Asperti *) +(* ||T|| *) +(* ||I|| Developers: *) +(* ||T|| The HELM team. *) +(* ||A|| http://helm.cs.unibo.it *) +(* \ / *) +(* \ / This file is distributed under the terms of the *) +(* v GNU General Public License Version 2 *) +(* *) +(**************************************************************************) + +(* ********************************************************************** *) +(* Progetto FreeScale *) +(* *) +(* Sviluppato da: *) +(* Cosimo Oliboni, oliboni@cs.unibo.it *) +(* *) +(* Questo materiale fa parte della tesi: *) +(* "Formalizzazione Interattiva dei Microcontroller a 8bit FreeScale" *) +(* *) +(* data ultima modifica 15/11/2007 *) +(* ********************************************************************** *) + +include "freescale/memory_abs.ma". +include "freescale/opcode_base.ma". +include "freescale/prod.ma". + +(* *********************************** *) +(* STATUS INTERNO DEL PROCESSORE (ALU) *) +(* *********************************** *) + +(* ALU dell'HC05 *) +nrecord alu_HC05: Type ≝ + { + (* A: registo accumulatore *) + acc_low_reg_HC05 : byte8; + (* X: registro indice *) + indX_low_reg_HC05 : byte8; + (* SP: registo stack pointer *) + sp_reg_HC05 : word16; + (* modificatori di SP: per esempio e' definito come 0000000011xxxxxxb *) + (* la logica della sua costruzione e' quindi (SP∧mask)∨fix *) + (* totalmente racchiusa nella ALU, bastera' fare get(set(SP)) *) + sp_mask_HC05 : word16; + sp_fix_HC05 : word16; + (* PC: registro program counter *) + pc_reg_HC05 : word16; + (* modificatore di PC: per esempio e' definito come 00xxxxxxxxxxxxxxb *) + (* la logica della sua costruzione e' quindi (PC∧mask) *) + (* totalmente racchiusa nella ALU, bastera' fare get(set(PC)) *) + pc_mask_HC05 : word16; + + (* H: flag semi-carry (somma nibble basso) *) + h_flag_HC05 : bool; + (* I: flag mascheramento degli interrupt mascherabili: 1=mascherati *) + i_flag_HC05 : bool; + (* N: flag segno/negativita' *) + n_flag_HC05 : bool; + (* Z: flag zero *) + z_flag_HC05 : bool; + (* C: flag carry *) + c_flag_HC05 : bool; + + (* IRQ: flag che simula il pin esterno IRQ *) + irq_flag_HC05 : bool + }. + +ndefinition alu_HC05_ind : + ΠP:alu_HC05 → Prop.(Πb,b1,w,w1,w2,w3,w4,b2,b3,b4,b5,b6,b7.P (mk_alu_HC05 b b1 w w1 w2 w3 w4 b2 b3 b4 b5 b6 b7)) → Πa:alu_HC05.P a ≝ +λP:alu_HC05 → Prop.λf:Πb,b1,w,w1,w2,w3,w4,b2,b3,b4,b5,b6,b7.P (mk_alu_HC05 b b1 w w1 w2 w3 w4 b2 b3 b4 b5 b6 b7).λa:alu_HC05. + match a with [ mk_alu_HC05 b b1 w w1 w2 w3 w4 b2 b3 b4 b5 b6 b7 ⇒ f b b1 w w1 w2 w3 w4 b2 b3 b4 b5 b6 b7 ]. + +ndefinition alu_HC05_rec : + ΠP:alu_HC05 → Set.(Πb,b1,w,w1,w2,w3,w4,b2,b3,b4,b5,b6,b7.P (mk_alu_HC05 b b1 w w1 w2 w3 w4 b2 b3 b4 b5 b6 b7)) → Πa:alu_HC05.P a ≝ +λP:alu_HC05 → Set.λf:Πb,b1,w,w1,w2,w3,w4,b2,b3,b4,b5,b6,b7.P (mk_alu_HC05 b b1 w w1 w2 w3 w4 b2 b3 b4 b5 b6 b7).λa:alu_HC05. + match a with [ mk_alu_HC05 b b1 w w1 w2 w3 w4 b2 b3 b4 b5 b6 b7 ⇒ f b b1 w w1 w2 w3 w4 b2 b3 b4 b5 b6 b7 ]. + +ndefinition alu_HC05_rect : + ΠP:alu_HC05 → Type.(Πb,b1,w,w1,w2,w3,w4,b2,b3,b4,b5,b6,b7.P (mk_alu_HC05 b b1 w w1 w2 w3 w4 b2 b3 b4 b5 b6 b7)) → Πa:alu_HC05.P a ≝ +λP:alu_HC05 → Type.λf:Πb,b1,w,w1,w2,w3,w4,b2,b3,b4,b5,b6,b7.P (mk_alu_HC05 b b1 w w1 w2 w3 w4 b2 b3 b4 b5 b6 b7).λa:alu_HC05. + match a with [ mk_alu_HC05 b b1 w w1 w2 w3 w4 b2 b3 b4 b5 b6 b7 ⇒ f b b1 w w1 w2 w3 w4 b2 b3 b4 b5 b6 b7 ]. + +ndefinition acc_low_reg_HC05 ≝ λalu.match alu with [ mk_alu_HC05 x _ _ _ _ _ _ _ _ _ _ _ _ ⇒ x ]. +ndefinition indX_low_reg_HC05 ≝ λalu.match alu with [ mk_alu_HC05 _ x _ _ _ _ _ _ _ _ _ _ _ ⇒ x ]. +ndefinition sp_reg_HC05 ≝ λalu.match alu with [ mk_alu_HC05 _ _ x _ _ _ _ _ _ _ _ _ _ ⇒ x ]. +ndefinition sp_mask_HC05 ≝ λalu.match alu with [ mk_alu_HC05 _ _ _ x _ _ _ _ _ _ _ _ _ ⇒ x ]. +ndefinition sp_fix_HC05 ≝ λalu.match alu with [ mk_alu_HC05 _ _ _ _ x _ _ _ _ _ _ _ _ ⇒ x ]. +ndefinition pc_reg_HC05 ≝ λalu.match alu with [ mk_alu_HC05 _ _ _ _ _ x _ _ _ _ _ _ _ ⇒ x ]. +ndefinition pc_mask_HC05 ≝ λalu.match alu with [ mk_alu_HC05 _ _ _ _ _ _ x _ _ _ _ _ _ ⇒ x ]. +ndefinition h_flag_HC05 ≝ λalu.match alu with [ mk_alu_HC05 _ _ _ _ _ _ _ x _ _ _ _ _ ⇒ x ]. +ndefinition i_flag_HC05 ≝ λalu.match alu with [ mk_alu_HC05 _ _ _ _ _ _ _ _ x _ _ _ _ ⇒ x ]. +ndefinition n_flag_HC05 ≝ λalu.match alu with [ mk_alu_HC05 _ _ _ _ _ _ _ _ _ x _ _ _ ⇒ x ]. +ndefinition z_flag_HC05 ≝ λalu.match alu with [ mk_alu_HC05 _ _ _ _ _ _ _ _ _ _ x _ _ ⇒ x ]. +ndefinition c_flag_HC05 ≝ λalu.match alu with [ mk_alu_HC05 _ _ _ _ _ _ _ _ _ _ _ x _ ⇒ x ]. +ndefinition irq_flag_HC05 ≝ λalu.match alu with [ mk_alu_HC05 _ _ _ _ _ _ _ _ _ _ _ _ x ⇒ x ]. + +notation "{hvbox('A_Reg' ≝ acclow ; break 'X_Reg' ≝ indxlow ; break 'Sp_Reg' ≝ sp ; break 'Sp_Mask' ≝ spm ; break 'Sp_Fix' ≝ spf ; break 'Pc_Reg' ≝ pc ; break 'Pc_Mask' ≝ pcm ; break 'H_Flag' ≝ hfl ; break 'I_Flag' ≝ ifl ; break 'N_Flag' ≝ nfl ; break 'Z_Flag' ≝ zfl ; break 'C_Flag' ≝ cfl ; break 'IRQ_Flag' ≝ irqfl)}" + non associative with precedence 80 for + @{ 'mk_alu_HC05 $acclow $indxlow $sp $spm $spf $pc $pcm $hfl $ifl $nfl $zfl $cfl $irqfl }. +interpretation "mk_alu_HC05" 'mk_alu_HC05 acclow indxlow sp spm spf pc pcm hfl ifl nfl zfl cfl irqfl = + (mk_alu_HC05 acclow indxlow sp spm spf pc pcm hfl ifl nfl zfl cfl irqfl). + +(* ALU dell'HC08/HCS08 *) +nrecord alu_HC08: Type ≝ + { + (* A: registo accumulatore *) + acc_low_reg_HC08 : byte8; + (* X: registro indice parte bassa *) + indX_low_reg_HC08 : byte8; + (* H: registro indice parte alta *) + indX_high_reg_HC08 : byte8; + (* SP: registo stack pointer *) + sp_reg_HC08 : word16; + (* PC: registro program counter *) + pc_reg_HC08 : word16; + + (* V: flag overflow *) + v_flag_HC08 : bool; + (* H: flag semi-carry (somma nibble basso) *) + h_flag_HC08 : bool; + (* I: flag mascheramento degli interrupt mascherabili: 1=mascherati *) + i_flag_HC08 : bool; + (* N: flag segno/negativita' *) + n_flag_HC08 : bool; + (* Z: flag zero *) + z_flag_HC08 : bool; + (* C: flag carry *) + c_flag_HC08 : bool; + + (* IRQ: flag che simula il pin esterno IRQ *) + irq_flag_HC08 : bool + }. + +ndefinition alu_HC08_ind : + ΠP:alu_HC08 → Prop.(Πb,b1,b2,w,w1,b3,b4,b5,b6,b7,b8,b9.P (mk_alu_HC08 b b1 b2 w w1 b3 b4 b5 b6 b7 b8 b9)) → Πa:alu_HC08.P a ≝ +λP:alu_HC08 → Prop.λf:Πb,b1,b2,w,w1,b3,b4,b5,b6,b7,b8,b9.P (mk_alu_HC08 b b1 b2 w w1 b3 b4 b5 b6 b7 b8 b9).λa:alu_HC08. + match a with [ mk_alu_HC08 b b1 b2 w w1 b3 b4 b5 b6 b7 b8 b9 ⇒ f b b1 b2 w w1 b3 b4 b5 b6 b7 b8 b9 ]. + +ndefinition alu_HC08_rec : + ΠP:alu_HC08 → Set.(Πb,b1,b2,w,w1,b3,b4,b5,b6,b7,b8,b9.P (mk_alu_HC08 b b1 b2 w w1 b3 b4 b5 b6 b7 b8 b9)) → Πa:alu_HC08.P a ≝ +λP:alu_HC08 → Set.λf:Πb,b1,b2,w,w1,b3,b4,b5,b6,b7,b8,b9.P (mk_alu_HC08 b b1 b2 w w1 b3 b4 b5 b6 b7 b8 b9).λa:alu_HC08. + match a with [ mk_alu_HC08 b b1 b2 w w1 b3 b4 b5 b6 b7 b8 b9 ⇒ f b b1 b2 w w1 b3 b4 b5 b6 b7 b8 b9 ]. + +ndefinition alu_HC08_rect : + ΠP:alu_HC08 → Type.(Πb,b1,b2,w,w1,b3,b4,b5,b6,b7,b8,b9.P (mk_alu_HC08 b b1 b2 w w1 b3 b4 b5 b6 b7 b8 b9)) → Πa:alu_HC08.P a ≝ +λP:alu_HC08 → Type.λf:Πb,b1,b2,w,w1,b3,b4,b5,b6,b7,b8,b9.P (mk_alu_HC08 b b1 b2 w w1 b3 b4 b5 b6 b7 b8 b9).λa:alu_HC08. + match a with [ mk_alu_HC08 b b1 b2 w w1 b3 b4 b5 b6 b7 b8 b9 ⇒ f b b1 b2 w w1 b3 b4 b5 b6 b7 b8 b9 ]. + +ndefinition acc_low_reg_HC08 ≝ λalu.match alu with [ mk_alu_HC08 x _ _ _ _ _ _ _ _ _ _ _ ⇒ x ]. +ndefinition indX_low_reg_HC08 ≝ λalu.match alu with [ mk_alu_HC08 _ x _ _ _ _ _ _ _ _ _ _ ⇒ x ]. +ndefinition indX_high_reg_HC08 ≝ λalu.match alu with [ mk_alu_HC08 _ _ x _ _ _ _ _ _ _ _ _ ⇒ x ]. +ndefinition sp_reg_HC08 ≝ λalu.match alu with [ mk_alu_HC08 _ _ _ x _ _ _ _ _ _ _ _ ⇒ x ]. +ndefinition pc_reg_HC08 ≝ λalu.match alu with [ mk_alu_HC08 _ _ _ _ x _ _ _ _ _ _ _ ⇒ x ]. +ndefinition v_flag_HC08 ≝ λalu.match alu with [ mk_alu_HC08 _ _ _ _ _ x _ _ _ _ _ _ ⇒ x ]. +ndefinition h_flag_HC08 ≝ λalu.match alu with [ mk_alu_HC08 _ _ _ _ _ _ x _ _ _ _ _ ⇒ x ]. +ndefinition i_flag_HC08 ≝ λalu.match alu with [ mk_alu_HC08 _ _ _ _ _ _ _ x _ _ _ _ ⇒ x ]. +ndefinition n_flag_HC08 ≝ λalu.match alu with [ mk_alu_HC08 _ _ _ _ _ _ _ _ x _ _ _ ⇒ x ]. +ndefinition z_flag_HC08 ≝ λalu.match alu with [ mk_alu_HC08 _ _ _ _ _ _ _ _ _ x _ _ ⇒ x ]. +ndefinition c_flag_HC08 ≝ λalu.match alu with [ mk_alu_HC08 _ _ _ _ _ _ _ _ _ _ x _ ⇒ x ]. +ndefinition irq_flag_HC08 ≝ λalu.match alu with [ mk_alu_HC08 _ _ _ _ _ _ _ _ _ _ _ x ⇒ x ]. + +notation "{hvbox('A_Reg' ≝ acclow ; break 'X_Reg' ≝ indxlow ; break 'H_Reg' ≝ indxhigh ; break 'Sp_Reg' ≝ sp ; break 'Pc_Reg' ≝ pc ; break 'V_Flag' ≝ vfl ; break 'H_Flag' ≝ hfl ; break 'I_Flag' ≝ ifl ; break 'N_Flag' ≝ nfl ; break 'Z_Flag' ≝ zfl ; break 'C_Flag' ≝ cfl ; break 'IRQ_Flag' ≝ irqfl)}" + non associative with precedence 80 for + @{ 'mk_alu_HC08 $acclow $indxlow $indxhigh $sp $pc $vfl $hfl $ifl $nfl $zfl $cfl $irqfl }. +interpretation "mk_alu_HC08" 'mk_alu_HC08 acclow indxlow indxhigh sp pc vfl hfl ifl nfl zfl cfl irqfl = + (mk_alu_HC08 acclow indxlow indxhigh sp pc vfl hfl ifl nfl zfl cfl irqfl). + +(* ALU dell'RS08 *) +nrecord alu_RS08: Type ≝ + { + (* A: registo accumulatore *) + acc_low_reg_RS08 : byte8; + (* PC: registro program counter *) + pc_reg_RS08 : word16; + (* modificatore di PC: per esempio e' definito come 00xxxxxxxxxxxxxxb *) + (* la logica della sua costruzione e' quindi (PC∧mask) *) + (* totalmente racchiusa nella ALU, bastera' fare get(set(PC)) *) + pc_mask_RS08 : word16; + (* SPC: registro shadow program counter *) + (* NB: il suo modificatore e' lo stesso di PC *) + spc_reg_RS08 : word16; + + (* X: registro indice parte bassa *) + (* NB: in realta' e' mappato in memoria e non risiede nella ALU *) + (* la lettura/scrittura avviene tramite la locazione [0x000F] *) + (* la funzione memory_filter_read/write si occupera' di intercettare *) + (* e deviare sul registro le letture/scritture (modulo load_write) *) + x_map_RS08 : byte8; + (* PS: registro selezione di pagina *) + (* serve a indirizzare la finestra RAM di 64b [0x00C0-0x00FF] *) + (* su tutta la memoria installata [0x0000-0x3FFF]: [00pp pppp ppxx xxxx] *) + (* NB: in realta' e' mappato in memoria e non risiede nella ALU *) + (* la lettura/scrittura avviene tramite la locazione [0x001F] *) + (* la funzione memory_filter_read/write si occupera' di intercettare *) + (* e deviare sul registro le letture/scritture (modulo load_write) *) + ps_map_RS08 : byte8; + + (* Z: flag zero *) + z_flag_RS08 : bool; + (* C: flag carry *) + c_flag_RS08 : bool + }. + +ndefinition alu_RS08_ind : + ΠP:alu_RS08 → Prop.(Πb,w,w1,w2,b1,b2,b3,b4.P (mk_alu_RS08 b w w1 w2 b1 b2 b3 b4)) → Πa:alu_RS08.P a ≝ +λP:alu_RS08 → Prop.λf:Πb,w,w1,w2,b1,b2,b3,b4.P (mk_alu_RS08 b w w1 w2 b1 b2 b3 b4).λa:alu_RS08. + match a with [ mk_alu_RS08 b w w1 w2 b1 b2 b3 b4 ⇒ f b w w1 w2 b1 b2 b3 b4 ]. + +ndefinition alu_RS08_rec : + ΠP:alu_RS08 → Set.(Πb,w,w1,w2,b1,b2,b3,b4.P (mk_alu_RS08 b w w1 w2 b1 b2 b3 b4)) → Πa:alu_RS08.P a ≝ +λP:alu_RS08 → Set.λf:Πb,w,w1,w2,b1,b2,b3,b4.P (mk_alu_RS08 b w w1 w2 b1 b2 b3 b4).λa:alu_RS08. + match a with [ mk_alu_RS08 b w w1 w2 b1 b2 b3 b4 ⇒ f b w w1 w2 b1 b2 b3 b4 ]. + +ndefinition alu_RS08_rect : + ΠP:alu_RS08 → Type.(Πb,w,w1,w2,b1,b2,b3,b4.P (mk_alu_RS08 b w w1 w2 b1 b2 b3 b4)) → Πa:alu_RS08.P a ≝ +λP:alu_RS08 → Type.λf:Πb,w,w1,w2,b1,b2,b3,b4.P (mk_alu_RS08 b w w1 w2 b1 b2 b3 b4).λa:alu_RS08. + match a with [ mk_alu_RS08 b w w1 w2 b1 b2 b3 b4 ⇒ f b w w1 w2 b1 b2 b3 b4 ]. + +ndefinition acc_low_reg_RS08 ≝ λalu.match alu with [ mk_alu_RS08 x _ _ _ _ _ _ _ ⇒ x ]. +ndefinition pc_reg_RS08 ≝ λalu.match alu with [ mk_alu_RS08 _ x _ _ _ _ _ _ ⇒ x ]. +ndefinition pc_mask_RS08 ≝ λalu.match alu with [ mk_alu_RS08 _ _ x _ _ _ _ _ ⇒ x ]. +ndefinition spc_reg_RS08 ≝ λalu.match alu with [ mk_alu_RS08 _ _ _ x _ _ _ _ ⇒ x ]. +ndefinition x_map_RS08 ≝ λalu.match alu with [ mk_alu_RS08 _ _ _ _ x _ _ _ ⇒ x ]. +ndefinition ps_map_RS08 ≝ λalu.match alu with [ mk_alu_RS08 _ _ _ _ _ x _ _ ⇒ x ]. +ndefinition z_flag_RS08 ≝ λalu.match alu with [ mk_alu_RS08 _ _ _ _ _ _ x _ ⇒ x ]. +ndefinition c_flag_RS08 ≝ λalu.match alu with [ mk_alu_RS08 _ _ _ _ _ _ _ x ⇒ x ]. + +notation "{hvbox('A_Reg' ≝ acclow ; break 'Pc_Reg' ≝ pc ; break 'Pc_Mask' ≝ pcm ; break 'Spc_Reg' ≝ spc ; break 'X_Map' ≝ xm ; break 'Ps_Map' ≝ psm ; break 'Z_Flag' ≝ zfl ; break 'C_Flag' ≝ cfl)}" + non associative with precedence 80 for + @{ 'mk_alu_RS08 $acclow $pc $pcm $spc $xm $psm $zfl $cfl }. +interpretation "mk_alu_RS08" 'mk_alu_RS08 acclow pc pcm spc xm psm zfl cfl = + (mk_alu_RS08 acclow pc pcm spc xm psm zfl cfl). + +(* tipo processore dipendente dalla mcu, varia solo la ALU *) +nrecord any_status (mcu:mcu_type) (t:memory_impl): Type ≝ + { + alu : match mcu with + [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ]; + + (* descritore della memoria *) + mem_desc : aux_mem_type t; + (* descrittore del tipo di memoria installata *) + chk_desc : aux_chk_type t; + (* descrittore del click = stato di avanzamento dell'esecuzione+cur_pc conseguente a fetch *) + (* 1) None = istruzione eseguita, attesa del fetch *) + (* 2) Some cur_clk,pseudo,mode,clks,cur_pc = fetch eseguito, countup a esecuzione *) + clk_desc : option (Prod5T byte8 (any_opcode mcu) (instr_mode) byte8 word16) + }. + +ndefinition any_status_ind : + Πmcu.Πt.ΠP:any_status mcu t → Prop. + (Πx:match mcu with [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ]. + Πn,n1,n2.P (mk_any_status mcu t x n n1 n2)) → Πa:any_status mcu t.P a ≝ +λmcu.λt.λP:any_status mcu t → Prop. +λf:Πx:match mcu with [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ]. + Πn,n1,n2.P (mk_any_status mcu t x n n1 n2).λa:any_status mcu t. + match a with [ mk_any_status x n n1 n2 ⇒ f x n n1 n2 ]. + +ndefinition any_status_rec : + Πmcu.Πt.ΠP:any_status mcu t → Set. + (Πx:match mcu with [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ]. + Πn,n1,n2.P (mk_any_status mcu t x n n1 n2)) → Πa:any_status mcu t.P a ≝ +λmcu.λt.λP:any_status mcu t → Set. +λf:Πx:match mcu with [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ]. + Πn,n1,n2.P (mk_any_status mcu t x n n1 n2).λa:any_status mcu t. + match a with [ mk_any_status x n n1 n2 ⇒ f x n n1 n2 ]. + +ndefinition any_status_rect : + Πmcu.Πt.ΠP:any_status mcu t → Type. + (Πx:match mcu with [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ]. + Πn,n1,n2.P (mk_any_status mcu t x n n1 n2)) → Πa:any_status mcu t.P a ≝ +λmcu.λt.λP:any_status mcu t → Type. +λf:Πx:match mcu with [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ]. + Πn,n1,n2.P (mk_any_status mcu t x n n1 n2).λa:any_status mcu t. + match a with [ mk_any_status x n n1 n2 ⇒ f x n n1 n2 ]. + +ndefinition alu ≝ λmcu.λt.λw:any_status mcu t.match w with [ mk_any_status (x:match mcu with [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ]) _ _ _ ⇒ x ]. +ndefinition mem_desc ≝ λmcu.λt.λw:any_status mcu t.match w with [ mk_any_status _ x _ _ ⇒ x ].   +ndefinition chk_desc ≝ λmcu.λt.λw:any_status mcu t.match w with [ mk_any_status _ _ x _ ⇒ x ]. +ndefinition clk_desc ≝ λmcu.λt.λw:any_status mcu t.match w with [ mk_any_status _ _ _ x ⇒ x ]. + +(* evitare di mostrare la memoria/descrittore che impalla il visualizzatore *) +notation > "{hvbox('Alu' ≝ alu ; break 'Clk' ≝ clk)}" non associative with precedence 80 + for @{ 'mk_any_status $alu $mem $chk $clk }. +interpretation "mk_any_status" 'mk_any_status alu mem chk clk = + (mk_any_status alu mem chk clk). + +(* **************** *) +(* GETTER SPECIFICI *) +(* **************** *) + +(* funzione ausiliaria per il tipaggio dei getter *) +ndefinition aux_get_typing ≝ λx:Type.λm:mcu_type.match m with + [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ] → x. + +(* REGISTRI *) + +(* getter di A, esiste sempre *) +ndefinition get_acc_8_low_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing byte8 with + [ HC05 ⇒ acc_low_reg_HC05 + | HC08 ⇒ acc_low_reg_HC08 + | HCS08 ⇒ acc_low_reg_HC08 + | RS08 ⇒ acc_low_reg_RS08 ] + (alu m t s). + +(* getter di X, non esiste sempre *) +ndefinition get_indX_8_low_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing (option byte8) with + [ HC05 ⇒ λalu.Some ? (indX_low_reg_HC05 alu) + | HC08 ⇒ λalu.Some ? (indX_low_reg_HC08 alu) + | HCS08 ⇒ λalu.Some ? (indX_low_reg_HC08 alu) + | RS08 ⇒ λalu.None ? ] + (alu m t s). + +(* getter di H, non esiste sempre *) +ndefinition get_indX_8_high_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing (option byte8) with + [ HC05 ⇒ λalu.None ? + | HC08 ⇒ λalu.Some ? (indX_high_reg_HC08 alu) + | HCS08 ⇒ λalu.Some ? (indX_high_reg_HC08 alu) + | RS08 ⇒ λalu.None ? ] + (alu m t s). + +(* getter di H:X, non esiste sempre *) +ndefinition get_indX_16_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing (option word16) with + [ HC05 ⇒ λalu.None ? + | HC08 ⇒ λalu.Some ? (mk_word16 (indX_high_reg_HC08 alu) (indX_low_reg_HC08 alu)) + | HCS08 ⇒ λalu.Some ? (mk_word16 (indX_high_reg_HC08 alu) (indX_low_reg_HC08 alu)) + | RS08 ⇒ λalu.None ? ] + (alu m t s). + +(* getter di SP, non esiste sempre *) +ndefinition get_sp_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing (option word16) with + [ HC05 ⇒ λalu.Some ? (sp_reg_HC05 alu) + | HC08 ⇒ λalu.Some ? (sp_reg_HC08 alu) + | HCS08 ⇒ λalu.Some ? (sp_reg_HC08 alu) + | RS08 ⇒ λalu.None ? ] + (alu m t s). + +(* getter di PC, esiste sempre *) +ndefinition get_pc_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing word16 with + [ HC05 ⇒ pc_reg_HC05 + | HC08 ⇒ pc_reg_HC08 + | HCS08 ⇒ pc_reg_HC08 + | RS08 ⇒ pc_reg_RS08 ] + (alu m t s). + +(* getter di SPC, non esiste sempre *) +ndefinition get_spc_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing (option word16) with + [ HC05 ⇒ λalu.None ? + | HC08 ⇒ λalu.None ? + | HCS08 ⇒ λalu.None ? + | RS08 ⇒ λalu.Some ? (spc_reg_RS08 alu) ] + (alu m t s). + +(* REGISTRI MEMORY MAPPED *) + +(* getter di memory mapped X, non esiste sempre *) +ndefinition get_x_map ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing (option byte8) with + [ HC05 ⇒ λalu.None ? + | HC08 ⇒ λalu.None ? + | HCS08 ⇒ λalu.None ? + | RS08 ⇒ λalu.Some ? (x_map_RS08 alu) ] + (alu m t s). + +(* getter di memory mapped PS, non esiste sempre *) +ndefinition get_ps_map ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing (option byte8) with + [ HC05 ⇒ λalu.None ? + | HC08 ⇒ λalu.None ? + | HCS08 ⇒ λalu.None ? + | RS08 ⇒ λalu.Some ? (ps_map_RS08 alu) ] + (alu m t s). + +(* FLAG *) + +(* getter di V, non esiste sempre *) +ndefinition get_v_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing (option bool) with + [ HC05 ⇒ λalu.None ? + | HC08 ⇒ λalu.Some ? (v_flag_HC08 alu) + | HCS08 ⇒ λalu.Some ? (v_flag_HC08 alu) + | RS08 ⇒ λalu.None ? ] + (alu m t s). + +(* getter di H, non esiste sempre *) +ndefinition get_h_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing (option bool) with + [ HC05 ⇒ λalu.Some ? (h_flag_HC05 alu) + | HC08 ⇒ λalu.Some ? (h_flag_HC08 alu) + | HCS08 ⇒ λalu.Some ? (h_flag_HC08 alu) + | RS08 ⇒ λalu.None ? ] + (alu m t s). + +(* getter di I, non esiste sempre *) +ndefinition get_i_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing (option bool) with + [ HC05 ⇒ λalu.Some ? (i_flag_HC05 alu) + | HC08 ⇒ λalu.Some ? (i_flag_HC08 alu) + | HCS08 ⇒ λalu.Some ? (i_flag_HC08 alu) + | RS08 ⇒ λalu.None ? ] + (alu m t s). + +(* getter di N, non esiste sempre *) +ndefinition get_n_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing (option bool) with + [ HC05 ⇒ λalu.Some ? (n_flag_HC05 alu) + | HC08 ⇒ λalu.Some ? (n_flag_HC08 alu) + | HCS08 ⇒ λalu.Some ? (n_flag_HC08 alu) + | RS08 ⇒ λalu.None ? ] + (alu m t s). + +(* getter di Z, esiste sempre *) +ndefinition get_z_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing bool with + [ HC05 ⇒ z_flag_HC05 + | HC08 ⇒ z_flag_HC08 + | HCS08 ⇒ z_flag_HC08 + | RS08 ⇒ z_flag_RS08 ] + (alu m t s). + +(* getter di C, esiste sempre *) +ndefinition get_c_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing bool with + [ HC05 ⇒ c_flag_HC05 + | HC08 ⇒ c_flag_HC08 + | HCS08 ⇒ c_flag_HC08 + | RS08 ⇒ c_flag_RS08 ] + (alu m t s). + +(* getter di IRQ, non esiste sempre *) +ndefinition get_irq_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. + match m + return aux_get_typing (option bool) with + [ HC05 ⇒ λalu.Some ? (irq_flag_HC05 alu) + | HC08 ⇒ λalu.Some ? (irq_flag_HC08 alu) + | HCS08 ⇒ λalu.Some ? (irq_flag_HC08 alu) + | RS08 ⇒ λalu.None ? ] + (alu m t s). + +(* DESCRITTORI ESTERNI ALLA ALU *) + +(* getter della ALU, esiste sempre *) +ndefinition get_alu ≝ λm:mcu_type.λt:memory_impl.λs:any_status m t.alu m t s. + +(* getter della memoria, esiste sempre *) +ndefinition get_mem_desc ≝ λm:mcu_type.λt:memory_impl.λs:any_status m t.mem_desc m t s. + +(* getter del descrittore, esiste sempre *) +ndefinition get_chk_desc ≝ λm:mcu_type.λt:memory_impl.λs:any_status m t.chk_desc m t s. + +(* getter del clik, esiste sempre *) +ndefinition get_clk_desc ≝ λm:mcu_type.λt:memory_impl.λs:any_status m t.clk_desc m t s. + +(* ***************************** *) +(* SETTER SPECIFICI FORTI/DEBOLI *) +(* ***************************** *) + +(* funzione ausiliaria per il tipaggio dei setter forti *) +ndefinition aux_set_typing ≝ λx:Type.λm:mcu_type. + match m with [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ] + → x → + match m with [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ]. + +(* funzione ausiliaria per il tipaggio dei setter deboli *) +ndefinition aux_set_typing_opt ≝ λx:Type.λm:mcu_type.option + (match m with [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ] + → x → + match m with [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ]). + +(* DESCRITTORI ESTERNI ALLA ALU *) + +(* setter forte della ALU *) +ndefinition set_alu ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λalu'. + mk_any_status m t alu' (get_mem_desc m t s) (get_chk_desc m t s) (get_clk_desc m t s). + +(* setter forte della memoria *) +ndefinition set_mem_desc ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λmem':aux_mem_type t. + mk_any_status m t (get_alu m t s) mem' (get_chk_desc m t s) (get_clk_desc m t s). + +(* setter forte del descrittore *) +ndefinition set_chk_desc ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λchk':aux_chk_type t. + mk_any_status m t (get_alu m t s) (get_mem_desc m t s) chk' (get_clk_desc m t s). + +(* setter forte del clik *) +ndefinition set_clk_desc ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t. +λclk':option (Prod5T byte8 (any_opcode m) (instr_mode) byte8 word16). + mk_any_status m t (get_alu m t s) (get_mem_desc m t s) (get_chk_desc m t s) clk'. + +(* REGISTRO A *) + +(* setter specifico HC05 di A *) +ndefinition set_acc_8_low_reg_HC05 ≝ +λalu.λacclow':byte8. + mk_alu_HC05 + acclow' + (indX_low_reg_HC05 alu) + (sp_reg_HC05 alu) + (sp_mask_HC05 alu) + (sp_fix_HC05 alu) + (pc_reg_HC05 alu) + (pc_mask_HC05 alu) + (h_flag_HC05 alu) + (i_flag_HC05 alu) + (n_flag_HC05 alu) + (z_flag_HC05 alu) + (c_flag_HC05 alu) + (irq_flag_HC05 alu). + +(* setter specifico HC08/HCS08 di A *) +ndefinition set_acc_8_low_reg_HC08 ≝ +λalu.λacclow':byte8. + mk_alu_HC08 + acclow' + (indX_low_reg_HC08 alu) + (indX_high_reg_HC08 alu) + (sp_reg_HC08 alu) + (pc_reg_HC08 alu) + (v_flag_HC08 alu) + (h_flag_HC08 alu) + (i_flag_HC08 alu) + (n_flag_HC08 alu) + (z_flag_HC08 alu) + (c_flag_HC08 alu) + (irq_flag_HC08 alu). + +(* setter specifico RS08 di A *) +ndefinition set_acc_8_low_reg_RS08 ≝ +λalu.λacclow':byte8. + mk_alu_RS08 + acclow' + (pc_reg_RS08 alu) + (pc_mask_RS08 alu) + (spc_reg_RS08 alu) + (x_map_RS08 alu) + (ps_map_RS08 alu) + (z_flag_RS08 alu) + (c_flag_RS08 alu). + +(* setter forte di A *) +ndefinition set_acc_8_low_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λacclow':byte8. + set_alu m t s + (match m return aux_set_typing byte8 with + [ HC05 ⇒ set_acc_8_low_reg_HC05 + | HC08 ⇒ set_acc_8_low_reg_HC08 + | HCS08 ⇒ set_acc_8_low_reg_HC08 + | RS08 ⇒ set_acc_8_low_reg_RS08 + ] (alu m t s) acclow'). + +(* REGISTRO X *) + +(* setter specifico HC05 di X *) +ndefinition set_indX_8_low_reg_HC05 ≝ +λalu.λindxlow':byte8. + mk_alu_HC05 + (acc_low_reg_HC05 alu) + indxlow' + (sp_reg_HC05 alu) + (sp_mask_HC05 alu) + (sp_fix_HC05 alu) + (pc_reg_HC05 alu) + (pc_mask_HC05 alu) + (h_flag_HC05 alu) + (i_flag_HC05 alu) + (n_flag_HC05 alu) + (z_flag_HC05 alu) + (c_flag_HC05 alu) + (irq_flag_HC05 alu). + +(* setter specifico HC08/HCS08 di X *) +ndefinition set_indX_8_low_reg_HC08 ≝ +λalu.λindxlow':byte8. + mk_alu_HC08 + (acc_low_reg_HC08 alu) + indxlow' + (indX_high_reg_HC08 alu) + (sp_reg_HC08 alu) + (pc_reg_HC08 alu) + (v_flag_HC08 alu) + (h_flag_HC08 alu) + (i_flag_HC08 alu) + (n_flag_HC08 alu) + (z_flag_HC08 alu) + (c_flag_HC08 alu) + (irq_flag_HC08 alu). + +(* setter forte di X *) +ndefinition set_indX_8_low_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λindxlow':byte8. + opt_map ?? (match m return aux_set_typing_opt byte8 with + [ HC05 ⇒ Some ? set_indX_8_low_reg_HC05 + | HC08 ⇒ Some ? set_indX_8_low_reg_HC08 + | HCS08 ⇒ Some ? set_indX_8_low_reg_HC08 + | RS08 ⇒ None ? ]) + (λf.Some ? (set_alu m t s (f (alu m t s) indxlow'))). + +(* setter debole di X *) +ndefinition setweak_indX_8_low_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λindxlow':byte8. + match set_indX_8_low_reg m t s indxlow' with + [ None ⇒ s | Some s' ⇒ s' ]. + +(* REGISTRO H *) + +(* setter specifico HC08/HCS08 di H *) +ndefinition set_indX_8_high_reg_HC08 ≝ +λalu.λindxhigh':byte8. + mk_alu_HC08 + (acc_low_reg_HC08 alu) + (indX_low_reg_HC08 alu) + indxhigh' + (sp_reg_HC08 alu) + (pc_reg_HC08 alu) + (v_flag_HC08 alu) + (h_flag_HC08 alu) + (i_flag_HC08 alu) + (n_flag_HC08 alu) + (z_flag_HC08 alu) + (c_flag_HC08 alu) + (irq_flag_HC08 alu). + +(* setter forte di H *) +ndefinition set_indX_8_high_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λindxhigh':byte8. + opt_map ?? (match m return aux_set_typing_opt byte8 with + [ HC05 ⇒ None ? + | HC08 ⇒ Some ? set_indX_8_high_reg_HC08 + | HCS08 ⇒ Some ? set_indX_8_high_reg_HC08 + | RS08 ⇒ None ? ]) + (λf.Some ? (set_alu m t s (f (alu m t s) indxhigh'))). + +(* setter debole di H *) +ndefinition setweak_indX_8_high_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λindxhigh':byte8. + match set_indX_8_high_reg m t s indxhigh' with + [ None ⇒ s | Some s' ⇒ s' ]. + +(* REGISTRO H:X *) + +(* setter specifico HC08/HCS08 di H:X *) +ndefinition set_indX_16_reg_HC08 ≝ +λalu.λindx16:word16. + mk_alu_HC08 + (acc_low_reg_HC08 alu) + (w16l indx16) + (w16h indx16) + (sp_reg_HC08 alu) + (pc_reg_HC08 alu) + (v_flag_HC08 alu) + (h_flag_HC08 alu) + (i_flag_HC08 alu) + (n_flag_HC08 alu) + (z_flag_HC08 alu) + (c_flag_HC08 alu) + (irq_flag_HC08 alu). + +(* setter forte di H:X *) +ndefinition set_indX_16_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λindx16:word16. + opt_map ?? (match m return aux_set_typing_opt word16 with + [ HC05 ⇒ None ? + | HC08 ⇒ Some ? set_indX_16_reg_HC08 + | HCS08 ⇒ Some ? set_indX_16_reg_HC08 + | RS08 ⇒ None ? ]) + (λf.Some ? (set_alu m t s (f (alu m t s) indx16))). + +(* setter debole di H:X *) +ndefinition setweak_indX_16_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λindx16:word16. + match set_indX_16_reg m t s indx16 with + [ None ⇒ s | Some s' ⇒ s' ]. + +(* REGISTRO SP *) + +(* setter specifico HC05 di SP, effettua (SP∧mask)∨fix *) +ndefinition set_sp_reg_HC05 ≝ +λalu.λsp':word16. + mk_alu_HC05 + (acc_low_reg_HC05 alu) + (indX_low_reg_HC05 alu) + (or_w16 (and_w16 sp' (sp_mask_HC05 alu)) (sp_fix_HC05 alu)) + (sp_mask_HC05 alu) + (sp_fix_HC05 alu) + (pc_reg_HC05 alu) + (pc_mask_HC05 alu) + (h_flag_HC05 alu) + (i_flag_HC05 alu) + (n_flag_HC05 alu) + (z_flag_HC05 alu) + (c_flag_HC05 alu) + (irq_flag_HC05 alu). + +(* setter specifico HC08/HCS08 di SP *) +ndefinition set_sp_reg_HC08 ≝ +λalu.λsp':word16. + mk_alu_HC08 + (acc_low_reg_HC08 alu) + (indX_low_reg_HC08 alu) + (indX_high_reg_HC08 alu) + sp' + (pc_reg_HC08 alu) + (v_flag_HC08 alu) + (h_flag_HC08 alu) + (i_flag_HC08 alu) + (n_flag_HC08 alu) + (z_flag_HC08 alu) + (c_flag_HC08 alu) + (irq_flag_HC08 alu). + +(* setter forte di SP *) +ndefinition set_sp_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λsp':word16. + opt_map ?? (match m return aux_set_typing_opt word16 with + [ HC05 ⇒ Some ? set_sp_reg_HC05 + | HC08 ⇒ Some ? set_sp_reg_HC08 + | HCS08 ⇒ Some ? set_sp_reg_HC08 + | RS08 ⇒ None ? ]) + (λf.Some ? (set_alu m t s (f (alu m t s) sp'))). + +(* setter debole di SP *) +ndefinition setweak_sp_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λsp':word16. + match set_sp_reg m t s sp' with + [ None ⇒ s | Some s' ⇒ s' ]. + +(* REGISTRO PC *) + +(* setter specifico HC05 di PC, effettua PC∧mask *) +ndefinition set_pc_reg_HC05 ≝ +λalu.λpc':word16. + mk_alu_HC05 + (acc_low_reg_HC05 alu) + (indX_low_reg_HC05 alu) + (sp_reg_HC05 alu) + (sp_mask_HC05 alu) + (sp_fix_HC05 alu) + (and_w16 pc' (pc_mask_HC05 alu)) + (pc_mask_HC05 alu) + (h_flag_HC05 alu) + (i_flag_HC05 alu) + (n_flag_HC05 alu) + (z_flag_HC05 alu) + (c_flag_HC05 alu) + (irq_flag_HC05 alu). + +(* setter specifico HC08/HCS08 di PC *) +ndefinition set_pc_reg_HC08 ≝ +λalu.λpc':word16. + mk_alu_HC08 + (acc_low_reg_HC08 alu) + (indX_low_reg_HC08 alu) + (indX_high_reg_HC08 alu) + (sp_reg_HC08 alu) + pc' + (v_flag_HC08 alu) + (h_flag_HC08 alu) + (i_flag_HC08 alu) + (n_flag_HC08 alu) + (z_flag_HC08 alu) + (c_flag_HC08 alu) + (irq_flag_HC08 alu). + +(* setter specifico RS08 di PC, effettua PC∧mask *) +ndefinition set_pc_reg_RS08 ≝ +λalu.λpc':word16. + mk_alu_RS08 + (acc_low_reg_RS08 alu) + (and_w16 pc' (pc_mask_RS08 alu)) + (pc_mask_RS08 alu) + (spc_reg_RS08 alu) + (x_map_RS08 alu) + (ps_map_RS08 alu) + (z_flag_RS08 alu) + (c_flag_RS08 alu). + +(* setter forte di PC *) +ndefinition set_pc_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λpc':word16. + set_alu m t s + (match m return aux_set_typing word16 with + [ HC05 ⇒ set_pc_reg_HC05 + | HC08 ⇒ set_pc_reg_HC08 + | HCS08 ⇒ set_pc_reg_HC08 + | RS08 ⇒ set_pc_reg_RS08 + ] (alu m t s) pc'). + +(* REGISTRO SPC *) + +(* setter specifico RS08 di SPC, effettua SPC∧mask *) +ndefinition set_spc_reg_RS08 ≝ +λalu.λspc':word16. + mk_alu_RS08 + (acc_low_reg_RS08 alu) + (pc_reg_RS08 alu) + (pc_mask_RS08 alu) + (and_w16 spc' (pc_mask_RS08 alu)) + (x_map_RS08 alu) + (ps_map_RS08 alu) + (z_flag_RS08 alu) + (c_flag_RS08 alu). + +(* setter forte di SPC *) +ndefinition set_spc_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λspc':word16. + opt_map ?? (match m return aux_set_typing_opt word16 with + [ HC05 ⇒ None ? + | HC08 ⇒ None ? + | HCS08 ⇒ None ? + | RS08 ⇒ Some ? set_spc_reg_RS08 ]) + (λf.Some ? (set_alu m t s (f (alu m t s) spc'))). + +(* setter debole di SPC *) +ndefinition setweak_spc_reg ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λspc':word16. + match set_spc_reg m t s spc' with + [ None ⇒ s | Some s' ⇒ s' ]. + +(* REGISTRO MEMORY MAPPED X *) + +(* setter specifico RS08 di memory mapped X *) +ndefinition set_x_map_RS08 ≝ +λalu.λxm':byte8. + mk_alu_RS08 + (acc_low_reg_RS08 alu) + (pc_reg_RS08 alu) + (pc_mask_RS08 alu) + (spc_reg_RS08 alu) + xm' + (ps_map_RS08 alu) + (z_flag_RS08 alu) + (c_flag_RS08 alu). + +(* setter forte di memory mapped X *) +ndefinition set_x_map ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λxm':byte8. + opt_map ?? (match m return aux_set_typing_opt byte8 with + [ HC05 ⇒ None ? + | HC08 ⇒ None ? + | HCS08 ⇒ None ? + | RS08 ⇒ Some ? set_x_map_RS08 ]) + (λf.Some ? (set_alu m t s (f (alu m t s) xm'))). + +(* setter debole di memory mapped X *) +ndefinition setweak_x_map ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λxm':byte8. + match set_x_map m t s xm' with + [ None ⇒ s | Some s' ⇒ s' ]. + +(* REGISTRO MEMORY MAPPED PS *) + +(* setter specifico RS08 di memory mapped PS *) +ndefinition set_ps_map_RS08 ≝ +λalu.λpsm':byte8. + mk_alu_RS08 + (acc_low_reg_RS08 alu) + (pc_reg_RS08 alu) + (pc_mask_RS08 alu) + (spc_reg_RS08 alu) + (x_map_RS08 alu) + psm' + (z_flag_RS08 alu) + (c_flag_RS08 alu). + +(* setter forte di memory mapped PS *) +ndefinition set_ps_map ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λpsm':byte8. + opt_map ?? (match m return aux_set_typing_opt byte8 with + [ HC05 ⇒ None ? + | HC08 ⇒ None ? + | HCS08 ⇒ None ? + | RS08 ⇒ Some ? set_ps_map_RS08 ]) + (λf.Some ? (set_alu m t s (f (alu m t s) psm'))). + +(* setter debole di memory mapped PS *) +ndefinition setweak_ps_map ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λpsm':byte8. + match set_ps_map m t s psm' with + [ None ⇒ s | Some s' ⇒ s' ]. + +(* FLAG V *) + +(* setter specifico HC08/HCS08 di V *) +ndefinition set_v_flag_HC08 ≝ +λalu.λvfl':bool. + mk_alu_HC08 + (acc_low_reg_HC08 alu) + (indX_low_reg_HC08 alu) + (indX_high_reg_HC08 alu) + (sp_reg_HC08 alu) + (pc_reg_HC08 alu) + vfl' + (h_flag_HC08 alu) + (i_flag_HC08 alu) + (n_flag_HC08 alu) + (z_flag_HC08 alu) + (c_flag_HC08 alu) + (irq_flag_HC08 alu). + +(* setter forte di V *) +ndefinition set_v_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λvfl':bool. + opt_map ?? (match m return aux_set_typing_opt bool with + [ HC05 ⇒ None ? + | HC08 ⇒ Some ? set_v_flag_HC08 + | HCS08 ⇒ Some ? set_v_flag_HC08 + | RS08 ⇒ None ? ]) + (λf.Some ? (set_alu m t s (f (alu m t s) vfl'))). + +(* setter debole di V *) +ndefinition setweak_v_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λvfl':bool. + match set_v_flag m t s vfl' with + [ None ⇒ s | Some s' ⇒ s' ]. + +(* FLAG H *) + +(* setter specifico HC05 di H *) +ndefinition set_h_flag_HC05 ≝ +λalu.λhfl':bool. + mk_alu_HC05 + (acc_low_reg_HC05 alu) + (indX_low_reg_HC05 alu) + (sp_reg_HC05 alu) + (sp_mask_HC05 alu) + (sp_fix_HC05 alu) + (pc_reg_HC05 alu) + (pc_mask_HC05 alu) + hfl' + (i_flag_HC05 alu) + (n_flag_HC05 alu) + (z_flag_HC05 alu) + (c_flag_HC05 alu) + (irq_flag_HC05 alu). + +(* setter specifico HC08/HCS08 di H *) +ndefinition set_h_flag_HC08 ≝ +λalu.λhfl':bool. + mk_alu_HC08 + (acc_low_reg_HC08 alu) + (indX_low_reg_HC08 alu) + (indX_high_reg_HC08 alu) + (sp_reg_HC08 alu) + (pc_reg_HC08 alu) + (v_flag_HC08 alu) + hfl' + (i_flag_HC08 alu) + (n_flag_HC08 alu) + (z_flag_HC08 alu) + (c_flag_HC08 alu) + (irq_flag_HC08 alu). + +(* setter forte di H *) +ndefinition set_h_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λhfl':bool. + opt_map ?? (match m return aux_set_typing_opt bool with + [ HC05 ⇒ Some ? set_h_flag_HC05 + | HC08 ⇒ Some ? set_h_flag_HC08 + | HCS08 ⇒ Some ? set_h_flag_HC08 + | RS08 ⇒ None ? ]) + (λf.Some ? (set_alu m t s (f (alu m t s) hfl'))). + +(* setter debole di H *) +ndefinition setweak_h_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λhfl':bool. + match set_h_flag m t s hfl' with + [ None ⇒ s | Some s' ⇒ s' ]. + +(* FLAG I *) + +(* setter specifico HC05 di I *) +ndefinition set_i_flag_HC05 ≝ +λalu.λifl':bool. + mk_alu_HC05 + (acc_low_reg_HC05 alu) + (indX_low_reg_HC05 alu) + (sp_reg_HC05 alu) + (sp_mask_HC05 alu) + (sp_fix_HC05 alu) + (pc_reg_HC05 alu) + (pc_mask_HC05 alu) + (h_flag_HC05 alu) + ifl' + (n_flag_HC05 alu) + (z_flag_HC05 alu) + (c_flag_HC05 alu) + (irq_flag_HC05 alu). + +(* setter specifico HC08/HCS08 di I *) +ndefinition set_i_flag_HC08 ≝ +λalu.λifl':bool. + mk_alu_HC08 + (acc_low_reg_HC08 alu) + (indX_low_reg_HC08 alu) + (indX_high_reg_HC08 alu) + (sp_reg_HC08 alu) + (pc_reg_HC08 alu) + (v_flag_HC08 alu) + (h_flag_HC08 alu) + ifl' + (n_flag_HC08 alu) + (z_flag_HC08 alu) + (c_flag_HC08 alu) + (irq_flag_HC08 alu). + +(* setter forte di I *) +ndefinition set_i_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λifl':bool. + opt_map ?? (match m return aux_set_typing_opt bool with + [ HC05 ⇒ Some ? set_i_flag_HC05 + | HC08 ⇒ Some ? set_i_flag_HC08 + | HCS08 ⇒ Some ? set_i_flag_HC08 + | RS08 ⇒ None ? ]) + (λf.Some ? (set_alu m t s (f (alu m t s) ifl'))). + +(* setter debole di I *) +ndefinition setweak_i_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λifl':bool. + match set_i_flag m t s ifl' with + [ None ⇒ s | Some s' ⇒ s' ]. + +(* FLAG N *) + +(* setter specifico HC05 di N *) +ndefinition set_n_flag_HC05 ≝ +λalu.λnfl':bool. + mk_alu_HC05 + (acc_low_reg_HC05 alu) + (indX_low_reg_HC05 alu) + (sp_reg_HC05 alu) + (sp_mask_HC05 alu) + (sp_fix_HC05 alu) + (pc_reg_HC05 alu) + (pc_mask_HC05 alu) + (h_flag_HC05 alu) + (i_flag_HC05 alu) + nfl' + (z_flag_HC05 alu) + (c_flag_HC05 alu) + (irq_flag_HC05 alu). + +(* setter specifico HC08/HCS08 di N *) +ndefinition set_n_flag_HC08 ≝ +λalu.λnfl':bool. + mk_alu_HC08 + (acc_low_reg_HC08 alu) + (indX_low_reg_HC08 alu) + (indX_high_reg_HC08 alu) + (sp_reg_HC08 alu) + (pc_reg_HC08 alu) + (v_flag_HC08 alu) + (h_flag_HC08 alu) + (i_flag_HC08 alu) + nfl' + (z_flag_HC08 alu) + (c_flag_HC08 alu) + (irq_flag_HC08 alu). + +(* setter forte di N *) +ndefinition set_n_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λnfl':bool. + opt_map ?? (match m return aux_set_typing_opt bool with + [ HC05 ⇒ Some ? set_n_flag_HC05 + | HC08 ⇒ Some ? set_n_flag_HC08 + | HCS08 ⇒ Some ? set_n_flag_HC08 + | RS08 ⇒ None ? ]) + (λf.Some ? (set_alu m t s (f (alu m t s) nfl'))). + +(* setter debole di N *) +ndefinition setweak_n_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λnfl':bool. + match set_n_flag m t s nfl' with + [ None ⇒ s | Some s' ⇒ s' ]. + +(* FLAG Z *) + +(* setter specifico HC05 di Z *) +ndefinition set_z_flag_HC05 ≝ +λalu.λzfl':bool. + mk_alu_HC05 + (acc_low_reg_HC05 alu) + (indX_low_reg_HC05 alu) + (sp_reg_HC05 alu) + (sp_mask_HC05 alu) + (sp_fix_HC05 alu) + (pc_reg_HC05 alu) + (pc_mask_HC05 alu) + (h_flag_HC05 alu) + (i_flag_HC05 alu) + (n_flag_HC05 alu) + zfl' + (c_flag_HC05 alu) + (irq_flag_HC05 alu). + +(* setter specifico HC08/HCS08 di Z *) +ndefinition set_z_flag_HC08 ≝ +λalu.λzfl':bool. + mk_alu_HC08 + (acc_low_reg_HC08 alu) + (indX_low_reg_HC08 alu) + (indX_high_reg_HC08 alu) + (sp_reg_HC08 alu) + (pc_reg_HC08 alu) + (v_flag_HC08 alu) + (h_flag_HC08 alu) + (i_flag_HC08 alu) + (n_flag_HC08 alu) + zfl' + (c_flag_HC08 alu) + (irq_flag_HC08 alu). + +(* setter sprcifico RS08 di Z *) +ndefinition set_z_flag_RS08 ≝ +λalu.λzfl':bool. + mk_alu_RS08 + (acc_low_reg_RS08 alu) + (pc_reg_RS08 alu) + (pc_mask_RS08 alu) + (spc_reg_RS08 alu) + (x_map_RS08 alu) + (ps_map_RS08 alu) + zfl' + (c_flag_RS08 alu). + +(* setter forte di Z *) +ndefinition set_z_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λzfl':bool. + set_alu m t s + (match m return aux_set_typing bool with + [ HC05 ⇒ set_z_flag_HC05 + | HC08 ⇒ set_z_flag_HC08 + | HCS08 ⇒ set_z_flag_HC08 + | RS08 ⇒ set_z_flag_RS08 + ] (alu m t s) zfl'). + +(* FLAG C *) + +(* setter specifico HC05 di C *) +ndefinition set_c_flag_HC05 ≝ +λalu.λcfl':bool. + mk_alu_HC05 + (acc_low_reg_HC05 alu) + (indX_low_reg_HC05 alu) + (sp_reg_HC05 alu) + (sp_mask_HC05 alu) + (sp_fix_HC05 alu) + (pc_reg_HC05 alu) + (pc_mask_HC05 alu) + (h_flag_HC05 alu) + (i_flag_HC05 alu) + (n_flag_HC05 alu) + (z_flag_HC05 alu) + cfl' + (irq_flag_HC05 alu). + +(* setter specifico HC08/HCS08 di C *) +ndefinition set_c_flag_HC08 ≝ +λalu.λcfl':bool. + mk_alu_HC08 + (acc_low_reg_HC08 alu) + (indX_low_reg_HC08 alu) + (indX_high_reg_HC08 alu) + (sp_reg_HC08 alu) + (pc_reg_HC08 alu) + (v_flag_HC08 alu) + (h_flag_HC08 alu) + (i_flag_HC08 alu) + (n_flag_HC08 alu) + (z_flag_HC08 alu) + cfl' + (irq_flag_HC08 alu). + +(* setter specifico RS08 di C *) +ndefinition set_c_flag_RS08 ≝ +λalu.λcfl':bool. + mk_alu_RS08 + (acc_low_reg_RS08 alu) + (pc_reg_RS08 alu) + (pc_mask_RS08 alu) + (spc_reg_RS08 alu) + (x_map_RS08 alu) + (ps_map_RS08 alu) + (z_flag_RS08 alu) + cfl'. + +(* setter forte di C *) +ndefinition set_c_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λcfl':bool. + set_alu m t s + (match m return aux_set_typing bool with + [ HC05 ⇒ set_c_flag_HC05 + | HC08 ⇒ set_c_flag_HC08 + | HCS08 ⇒ set_c_flag_HC08 + | RS08 ⇒ set_c_flag_RS08 + ] (alu m t s) cfl'). + +(* FLAG IRQ *) + +(* setter specifico HC05 di IRQ *) +ndefinition set_irq_flag_HC05 ≝ +λalu.λirqfl':bool. + mk_alu_HC05 + (acc_low_reg_HC05 alu) + (indX_low_reg_HC05 alu) + (sp_reg_HC05 alu) + (sp_mask_HC05 alu) + (sp_fix_HC05 alu) + (pc_reg_HC05 alu) + (pc_mask_HC05 alu) + (h_flag_HC05 alu) + (i_flag_HC05 alu) + (n_flag_HC05 alu) + (z_flag_HC05 alu) + (c_flag_HC05 alu) + irqfl'. + +(* setter specifico HC08/HCS08 di IRQ *) +ndefinition set_irq_flag_HC08 ≝ +λalu.λirqfl':bool. + mk_alu_HC08 + (acc_low_reg_HC08 alu) + (indX_low_reg_HC08 alu) + (indX_high_reg_HC08 alu) + (sp_reg_HC08 alu) + (pc_reg_HC08 alu) + (v_flag_HC08 alu) + (h_flag_HC08 alu) + (i_flag_HC08 alu) + (n_flag_HC08 alu) + (z_flag_HC08 alu) + (c_flag_HC08 alu) + irqfl'. + +(* setter forte di IRQ *) +ndefinition set_irq_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λirqfl':bool. + opt_map ?? (match m return aux_set_typing_opt bool with + [ HC05 ⇒ Some ? set_irq_flag_HC05 + | HC08 ⇒ Some ? set_irq_flag_HC08 + | HCS08 ⇒ Some ? set_irq_flag_HC08 + | RS08 ⇒ None ? ]) + (λf.Some ? (set_alu m t s (f (alu m t s) irqfl'))). + +(* setter debole di IRQ *) +ndefinition setweak_irq_flag ≝ +λm:mcu_type.λt:memory_impl.λs:any_status m t.λirqfl':bool. + match set_irq_flag m t s irqfl' with + [ None ⇒ s | Some s' ⇒ s' ]. + +(* ***************** *) +(* CONFRONTO FRA ALU *) +(* ***************** *) + +(* confronto registro per registro dell'HC05 *) +ndefinition eq_alu_HC05 ≝ +λalu1,alu2:alu_HC05. + match alu1 with + [ mk_alu_HC05 acclow1 indxlow1 sp1 spm1 spf1 pc1 pcm1 hfl1 ifl1 nfl1 zfl1 cfl1 irqfl1 ⇒ + match alu2 with + [ mk_alu_HC05 acclow2 indxlow2 sp2 spm2 spf2 pc2 pcm2 hfl2 ifl2 nfl2 zfl2 cfl2 irqfl2 ⇒ + (eq_b8 acclow1 acclow2) ⊗ + (eq_b8 indxlow1 indxlow2) ⊗ + (eq_w16 sp1 sp2) ⊗ + (eq_w16 spm1 spm2) ⊗ + (eq_w16 spf1 spf2) ⊗ + (eq_w16 pc1 pc2) ⊗ + (eq_w16 pcm1 pcm2) ⊗ + (eq_bool hfl1 hfl2) ⊗ + (eq_bool ifl1 ifl2) ⊗ + (eq_bool nfl1 nfl2) ⊗ + (eq_bool zfl1 zfl2) ⊗ + (eq_bool cfl1 cfl2) ⊗ + (eq_bool irqfl1 irqfl2) ]]. + +(* confronto registro per registro dell'HC08 *) +ndefinition eq_alu_HC08 ≝ +λalu1,alu2:alu_HC08. + match alu1 with + [ mk_alu_HC08 acclow1 indxlow1 indxhigh1 sp1 pc1 vfl1 hfl1 ifl1 nfl1 zfl1 cfl1 irqfl1 ⇒ + match alu2 with + [ mk_alu_HC08 acclow2 indxlow2 indxhigh2 sp2 pc2 vfl2 hfl2 ifl2 nfl2 zfl2 cfl2 irqfl2 ⇒ + (eq_b8 acclow1 acclow2) ⊗ + (eq_b8 indxlow1 indxlow2) ⊗ + (eq_b8 indxhigh1 indxhigh2) ⊗ + (eq_w16 sp1 sp2) ⊗ + (eq_w16 pc1 pc2) ⊗ + (eq_bool vfl1 vfl2) ⊗ + (eq_bool hfl1 hfl2) ⊗ + (eq_bool ifl1 ifl2) ⊗ + (eq_bool nfl1 nfl2) ⊗ + (eq_bool zfl1 zfl2) ⊗ + (eq_bool cfl1 cfl2) ⊗ + (eq_bool irqfl1 irqfl2) ]]. + +(* confronto registro per registro dell'RS08 *) +ndefinition eq_alu_RS08 ≝ +λalu1,alu2:alu_RS08. + match alu1 with + [ mk_alu_RS08 acclow1 pc1 pcm1 spc1 xm1 psm1 zfl1 cfl1 ⇒ + match alu2 with + [ mk_alu_RS08 acclow2 pc2 pcm2 spc2 xm2 psm2 zfl2 cfl2 ⇒ + (eq_b8 acclow1 acclow2) ⊗ + (eq_w16 pc1 pc2) ⊗ + (eq_w16 pcm1 pcm2) ⊗ + (eq_w16 spc1 spc2) ⊗ + (eq_b8 xm1 xm2) ⊗ + (eq_b8 psm1 psm2) ⊗ + (eq_bool zfl1 zfl2) ⊗ + (eq_bool cfl1 cfl2) ]]. + +(* ******************** *) +(* CONFRONTO FRA STATUS *) +(* ******************** *) + +(* confronto di una regione di memoria [addr1 ; ... ; addrn] *) +nlet rec forall_memory_ranged + (t:memory_impl) + (chk1:aux_chk_type t) (chk2:aux_chk_type t) + (mem1:aux_mem_type t) (mem2:aux_mem_type t) + (addrl:list word16) on addrl ≝ + match addrl return λ_.bool with + [ nil ⇒ true + | cons hd tl ⇒ (eq_option byte8 (mem_read t mem1 chk1 hd) + (mem_read t mem2 chk2 hd) eq_b8) ⊗ + (forall_memory_ranged t chk1 chk2 mem1 mem2 tl) + ]. + +(* il clk e' option (Prod5T byte8 (any_opcode m) (instr_mode) byte8 word16) *) +ndefinition eq_clk ≝ +λm:mcu_type.λc1,c2:option (Prod5T byte8 (any_opcode m) (instr_mode) byte8 word16). + match c1 with + [ None ⇒ match c2 with + [ None ⇒ true | Some _ ⇒ false ] + | Some c1' ⇒ match c2 with + [ None ⇒ false | Some c2' ⇒ (eq_b8 (fst5T ????? c1') (fst5T ????? c2')) ⊗ + (eq_anyop m (snd5T ????? c1') (snd5T ????? c2')) ⊗ + (eq_instrmode (thd5T ????? c1') (thd5T ????? c2')) ⊗ + (eq_b8 (frth5T ????? c1') (frth5T ????? c2')) ⊗ + (eq_w16 (ffth5T ????? c1') (ffth5T ????? c2')) ] + ]. + +(* generalizzazione del confronto fra stati *) +ndefinition eq_status ≝ +λm:mcu_type.λt:memory_impl.λs1,s2:any_status m t.λaddrl:list word16. + match s1 with [ mk_any_status alu1 mem1 chk1 clk1 ⇒ + match s2 with [ mk_any_status alu2 mem2 chk2 clk2 ⇒ + + (* 1) confronto della ALU *) + (match m return λm:mcu_type. + match m with + [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ] → + match m with + [ HC05 ⇒ alu_HC05 | HC08 ⇒ alu_HC08 | HCS08 ⇒ alu_HC08 | RS08 ⇒ alu_RS08 ] → + bool with + [ HC05 ⇒ eq_alu_HC05 | HC08 ⇒ eq_alu_HC08 | HCS08 ⇒ eq_alu_HC08 | RS08 ⇒ eq_alu_RS08 ] + alu1 alu2) ⊗ + + (* 2) confronto della memoria in [inf,inf+n] *) + (forall_memory_ranged t chk1 chk2 mem1 mem2 addrl) ⊗ + + (* 3) confronto del clik *) + (eq_clk m clk1 clk2) + ]]. diff --git a/helm/software/matita/contribs/ng_assembly/freescale/status_lemmas.ma b/helm/software/matita/contribs/ng_assembly/freescale/status_lemmas.ma new file mode 100755 index 000000000..f741bab69 --- /dev/null +++ b/helm/software/matita/contribs/ng_assembly/freescale/status_lemmas.ma @@ -0,0 +1,1049 @@ +(**************************************************************************) +(* ___ *) +(* ||M|| *) +(* ||A|| A project by Andrea Asperti *) +(* ||T|| *) +(* ||I|| Developers: *) +(* ||T|| The HELM team. *) +(* ||A|| http://helm.cs.unibo.it *) +(* \ / *) +(* \ / This file is distributed under the terms of the *) +(* v GNU General Public License Version 2 *) +(* *) +(**************************************************************************) + +(* ********************************************************************** *) +(* Progetto FreeScale *) +(* *) +(* Sviluppato da: *) +(* Cosimo Oliboni, oliboni@cs.unibo.it *) +(* *) +(* Questo materiale fa parte della tesi: *) +(* "Formalizzazione Interattiva dei Microcontroller a 8bit FreeScale" *) +(* *) +(* data ultima modifica 15/11/2007 *) +(* ********************************************************************** *) + +include "freescale/word16_lemmas.ma". +include "freescale/opcode_base_lemmas1.ma". +include "freescale/status.ma". +include "freescale/option_lemmas.ma". +include "freescale/prod_lemmas.ma". + +(* *********************************** *) +(* STATUS INTERNO DEL PROCESSORE (ALU) *) +(* *********************************** *) + +nlemma aluHC05_destruct_1 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13. + mk_alu_HC05 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 = mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 → + x1 = y1. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange with (match mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 + with [ mk_alu_HC05 a _ _ _ _ _ _ _ _ _ _ _ _ ⇒ x1 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC05_destruct_2 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13. + mk_alu_HC05 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 = mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 → + x2 = y2. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange with (match mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 + with [ mk_alu_HC05 _ a _ _ _ _ _ _ _ _ _ _ _ ⇒ x2 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC05_destruct_3 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13. + mk_alu_HC05 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 = mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 → + x3 = y3. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange with (match mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 + with [ mk_alu_HC05 _ _ a _ _ _ _ _ _ _ _ _ _ ⇒ x3 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC05_destruct_4 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13. + mk_alu_HC05 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 = mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 → + x4 = y4. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange with (match mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 + with [ mk_alu_HC05 _ _ _ a _ _ _ _ _ _ _ _ _ ⇒ x4 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC05_destruct_5 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13. + mk_alu_HC05 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 = mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 → + x5 = y5. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange with (match mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 + with [ mk_alu_HC05 _ _ _ _ a _ _ _ _ _ _ _ _ ⇒ x5 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC05_destruct_6 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13. + mk_alu_HC05 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 = mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 → + x6 = y6. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange with (match mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 + with [ mk_alu_HC05 _ _ _ _ _ a _ _ _ _ _ _ _ ⇒ x6 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC05_destruct_7 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13. + mk_alu_HC05 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 = mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 → + x7 = y7. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange with (match mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 + with [ mk_alu_HC05 _ _ _ _ _ _ a _ _ _ _ _ _ ⇒ x7 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC05_destruct_8 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13. + mk_alu_HC05 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 = mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 → + x8 = y8. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange with (match mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 + with [ mk_alu_HC05 _ _ _ _ _ _ _ a _ _ _ _ _ ⇒ x8 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC05_destruct_9 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13. + mk_alu_HC05 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 = mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 → + x9 = y9. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange with (match mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 + with [ mk_alu_HC05 _ _ _ _ _ _ _ _ a _ _ _ _ ⇒ x9 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC05_destruct_10 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13. + mk_alu_HC05 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 = mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 → + x10 = y10. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange with (match mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 + with [ mk_alu_HC05 _ _ _ _ _ _ _ _ _ a _ _ _ ⇒ x10 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC05_destruct_11 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13. + mk_alu_HC05 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 = mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 → + x11 = y11. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange with (match mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 + with [ mk_alu_HC05 _ _ _ _ _ _ _ _ _ _ a _ _ ⇒ x11 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC05_destruct_12 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13. + mk_alu_HC05 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 = mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 → + x12 = y12. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange with (match mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 + with [ mk_alu_HC05 _ _ _ _ _ _ _ _ _ _ _ a _ ⇒ x12 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC05_destruct_13 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,x13,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12,y13. + mk_alu_HC05 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 x13 = mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 → + x13 = y13. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange with (match mk_alu_HC05 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 y13 + with [ mk_alu_HC05 _ _ _ _ _ _ _ _ _ _ _ _ a ⇒ x13 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma symmetric_eqaluHC05 : symmetricT alu_HC05 bool eq_alu_HC05. + #alu1; #alu2; + ncases alu1; + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + ncases alu2; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; + nchange with ( + ((eq_b8 x1 y1) ⊗ (eq_b8 x2 y2) ⊗ (eq_w16 x3 y3) ⊗ (eq_w16 x4 y4) ⊗ + (eq_w16 x5 y5) ⊗ (eq_w16 x6 y6) ⊗ (eq_w16 x7 y7) ⊗ (eq_bool x8 y8) ⊗ + (eq_bool x9 y9) ⊗ (eq_bool x10 y10) ⊗ (eq_bool x11 y11) ⊗ (eq_bool x12 y12) ⊗ + (eq_bool x13 y13)) = ((eq_b8 y1 x1) ⊗ (eq_b8 y2 x2) ⊗ (eq_w16 y3 x3) ⊗ + (eq_w16 y4 x4) ⊗ (eq_w16 y5 x5) ⊗ (eq_w16 y6 x6) ⊗ (eq_w16 y7 x7) ⊗ + (eq_bool y8 x8) ⊗ (eq_bool y9 x9) ⊗ (eq_bool y10 x10) ⊗ (eq_bool y11 x11) ⊗ + (eq_bool y12 x12) ⊗ (eq_bool y13 x13))); + nrewrite > (symmetric_eqb8 x1 y1); + nrewrite > (symmetric_eqb8 x2 y2); + nrewrite > (symmetric_eqw16 x3 y3); + nrewrite > (symmetric_eqw16 x4 y4); + nrewrite > (symmetric_eqw16 x5 y5); + nrewrite > (symmetric_eqw16 x6 y6); + nrewrite > (symmetric_eqw16 x7 y7); + nrewrite > (symmetric_eqbool x8 y8); + nrewrite > (symmetric_eqbool x9 y9); + nrewrite > (symmetric_eqbool x10 y10); + nrewrite > (symmetric_eqbool x11 y11); + nrewrite > (symmetric_eqbool x12 y12); + nrewrite > (symmetric_eqbool x13 y13); + napply (refl_eq ??). +nqed. + +nlemma eqaluHC05_to_eq : ∀alu1,alu2.eq_alu_HC05 alu1 alu2 = true → alu1 = alu2. + #alu1; #alu2; + ncases alu1; + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + ncases alu2; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nchange in H:(%) with ( + ((eq_b8 x1 y1) ⊗ (eq_b8 x2 y2) ⊗ + (eq_w16 x3 y3) ⊗ (eq_w16 x4 y4) ⊗ + (eq_w16 x5 y5) ⊗ (eq_w16 x6 y6) ⊗ + (eq_w16 x7 y7) ⊗ (eq_bool x8 y8) ⊗ + (eq_bool x9 y9) ⊗ (eq_bool x10 y10) ⊗ + (eq_bool x11 y11) ⊗ (eq_bool x12 y12) ⊗ + (eq_bool x13 y13)) = true); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H)); + nletin H1 ≝ (andb_true_true_l ?? H); + nrewrite > (eqbool_to_eq x12 y12 (andb_true_true_r ?? (andb_true_true_l ?? H))); + nletin H2 ≝ (andb_true_true_l ?? H1); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H2)); + nletin H3 ≝ (andb_true_true_l ?? H2); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H3)); + nletin H4 ≝ (andb_true_true_l ?? H3); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H4)); + nletin H5 ≝ (andb_true_true_l ?? H4); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H5)); + nletin H6 ≝ (andb_true_true_l ?? H5); + nrewrite > (eqw16_to_eq ?? (andb_true_true_r ?? H6)); + nletin H7 ≝ (andb_true_true_l ?? H6); + nrewrite > (eqw16_to_eq ?? (andb_true_true_r ?? H7)); + nletin H8 ≝ (andb_true_true_l ?? H7); + nrewrite > (eqw16_to_eq ?? (andb_true_true_r ?? H8)); + nletin H9 ≝ (andb_true_true_l ?? H8); + nrewrite > (eqw16_to_eq ?? (andb_true_true_r ?? H9)); + nletin H10 ≝ (andb_true_true_l ?? H9); + nrewrite > (eqw16_to_eq ?? (andb_true_true_r ?? H10)); + nletin H11 ≝ (andb_true_true_l ?? H10); + nrewrite > (eqb8_to_eq ?? (andb_true_true_r ?? H11)); + nrewrite > (eqb8_to_eq ?? (andb_true_true_l ?? H11)); + napply (refl_eq ??). +nqed. + +nlemma eq_to_eqaluHC05 : ∀alu1,alu2.alu1 = alu2 → eq_alu_HC05 alu1 alu2 = true. + #alu1; #alu2; + ncases alu1; + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; #x13; + ncases alu2; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #y13; #H; + nrewrite > (aluHC05_destruct_1 ?????????????????????????? H); + nrewrite > (aluHC05_destruct_2 ?????????????????????????? H); + nrewrite > (aluHC05_destruct_3 ?????????????????????????? H); + nrewrite > (aluHC05_destruct_4 ?????????????????????????? H); + nrewrite > (aluHC05_destruct_5 ?????????????????????????? H); + nrewrite > (aluHC05_destruct_6 ?????????????????????????? H); + nrewrite > (aluHC05_destruct_7 ?????????????????????????? H); + nrewrite > (aluHC05_destruct_8 ?????????????????????????? H); + nrewrite > (aluHC05_destruct_9 ?????????????????????????? H); + nrewrite > (aluHC05_destruct_10 ?????????????????????????? H); + nrewrite > (aluHC05_destruct_11 ?????????????????????????? H); + nrewrite > (aluHC05_destruct_12 ?????????????????????????? H); + nrewrite > (aluHC05_destruct_13 ?????????????????????????? H); + nchange with ( + ((eq_b8 y1 y1) ⊗ (eq_b8 y2 y2) ⊗ + (eq_w16 y3 y3) ⊗ (eq_w16 y4 y4) ⊗ + (eq_w16 y5 y5) ⊗ (eq_w16 y6 y6) ⊗ + (eq_w16 y7 y7) ⊗ (eq_bool y8 y8) ⊗ + (eq_bool y9 y9) ⊗ (eq_bool y10 y10) ⊗ + (eq_bool y11 y11) ⊗ (eq_bool y12 y12) ⊗ + (eq_bool y13 y13)) = true); + nrewrite > (eq_to_eqb8 y1 y1 (refl_eq ??)); + nrewrite > (eq_to_eqb8 y2 y2 (refl_eq ??)); + nrewrite > (eq_to_eqw16 y3 y3 (refl_eq ??)); + nrewrite > (eq_to_eqw16 y4 y4 (refl_eq ??)); + nrewrite > (eq_to_eqw16 y5 y5 (refl_eq ??)); + nrewrite > (eq_to_eqw16 y6 y6 (refl_eq ??)); + nrewrite > (eq_to_eqw16 y7 y7 (refl_eq ??)); + nrewrite > (eq_to_eqbool y8 y8 (refl_eq ??)); + nrewrite > (eq_to_eqbool y9 y9 (refl_eq ??)); + nrewrite > (eq_to_eqbool y10 y10 (refl_eq ??)); + nrewrite > (eq_to_eqbool y11 y11 (refl_eq ??)); + nrewrite > (eq_to_eqbool y12 y12 (refl_eq ??)); + nrewrite > (eq_to_eqbool y13 y13 (refl_eq ??)); + napply (refl_eq ??). +nqed. + +nlemma aluHC08_destruct_1 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12. + mk_alu_HC08 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 = mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 → + x1 = y1. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nchange with (match mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 + with [ mk_alu_HC08 a _ _ _ _ _ _ _ _ _ _ _ ⇒ x1 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC08_destruct_2 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12. + mk_alu_HC08 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 = mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 → + x2 = y2. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nchange with (match mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 + with [ mk_alu_HC08 _ a _ _ _ _ _ _ _ _ _ _ ⇒ x2 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC08_destruct_3 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12. + mk_alu_HC08 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 = mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 → + x3 = y3. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nchange with (match mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 + with [ mk_alu_HC08 _ _ a _ _ _ _ _ _ _ _ _ ⇒ x3 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC08_destruct_4 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12. + mk_alu_HC08 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 = mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 → + x4 = y4. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nchange with (match mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 + with [ mk_alu_HC08 _ _ _ a _ _ _ _ _ _ _ _ ⇒ x4 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC08_destruct_5 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12. + mk_alu_HC08 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 = mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 → + x5 = y5. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nchange with (match mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 + with [ mk_alu_HC08 _ _ _ _ a _ _ _ _ _ _ _ ⇒ x5 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC08_destruct_6 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12. + mk_alu_HC08 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 = mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 → + x6 = y6. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nchange with (match mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 + with [ mk_alu_HC08 _ _ _ _ _ a _ _ _ _ _ _ ⇒ x6 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC08_destruct_7 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12. + mk_alu_HC08 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 = mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 → + x7 = y7. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nchange with (match mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 + with [ mk_alu_HC08 _ _ _ _ _ _ a _ _ _ _ _ ⇒ x7 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC08_destruct_8 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12. + mk_alu_HC08 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 = mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 → + x8 = y8. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nchange with (match mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 + with [ mk_alu_HC08 _ _ _ _ _ _ _ a _ _ _ _ ⇒ x8 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC08_destruct_9 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12. + mk_alu_HC08 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 = mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 → + x9 = y9. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nchange with (match mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 + with [ mk_alu_HC08 _ _ _ _ _ _ _ _ a _ _ _ ⇒ x9 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC08_destruct_10 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12. + mk_alu_HC08 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 = mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 → + x10 = y10. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nchange with (match mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 + with [ mk_alu_HC08 _ _ _ _ _ _ _ _ _ a _ _ ⇒ x10 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC08_destruct_11 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12. + mk_alu_HC08 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 = mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 → + x11 = y11. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nchange with (match mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 + with [ mk_alu_HC08 _ _ _ _ _ _ _ _ _ _ a _ ⇒ x11 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluHC08_destruct_12 : +∀x1,x2,x3,x4,x5,x6,x7,x8,x9,x10,x11,x12,y1,y2,y3,y4,y5,y6,y7,y8,y9,y10,y11,y12. + mk_alu_HC08 x1 x2 x3 x4 x5 x6 x7 x8 x9 x10 x11 x12 = mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 → + x12 = y12. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nchange with (match mk_alu_HC08 y1 y2 y3 y4 y5 y6 y7 y8 y9 y10 y11 y12 + with [ mk_alu_HC08 _ _ _ _ _ _ _ _ _ _ _ a ⇒ x12 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma symmetric_eqaluHC08 : symmetricT alu_HC08 bool eq_alu_HC08. + #alu1; #alu2; + ncases alu1; + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + ncases alu2; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; + nchange with ( + ((eq_b8 x1 y1) ⊗ (eq_b8 x2 y2) ⊗ (eq_b8 x3 y3) ⊗ (eq_w16 x4 y4) ⊗ + (eq_w16 x5 y5) ⊗ (eq_bool x6 y6) ⊗ (eq_bool x7 y7) ⊗ (eq_bool x8 y8) ⊗ + (eq_bool x9 y9) ⊗ (eq_bool x10 y10) ⊗ (eq_bool x11 y11) ⊗ (eq_bool x12 y12)) = + ((eq_b8 y1 x1) ⊗ (eq_b8 y2 x2) ⊗ (eq_b8 y3 x3) ⊗ (eq_w16 y4 x4) ⊗ + (eq_w16 y5 x5) ⊗ (eq_bool y6 x6) ⊗ (eq_bool y7 x7) ⊗ (eq_bool y8 x8) ⊗ + (eq_bool y9 x9) ⊗ (eq_bool y10 x10) ⊗ (eq_bool y11 x11) ⊗ (eq_bool y12 x12))); + nrewrite > (symmetric_eqb8 x1 y1); + nrewrite > (symmetric_eqb8 x2 y2); + nrewrite > (symmetric_eqb8 x3 y3); + nrewrite > (symmetric_eqw16 x4 y4); + nrewrite > (symmetric_eqw16 x5 y5); + nrewrite > (symmetric_eqbool x6 y6); + nrewrite > (symmetric_eqbool x7 y7); + nrewrite > (symmetric_eqbool x8 y8); + nrewrite > (symmetric_eqbool x9 y9); + nrewrite > (symmetric_eqbool x10 y10); + nrewrite > (symmetric_eqbool x11 y11); + nrewrite > (symmetric_eqbool x12 y12); + napply (refl_eq ??). +nqed. + +nlemma eqaluHC08_to_eq : ∀alu1,alu2.eq_alu_HC08 alu1 alu2 = true → alu1 = alu2. + #alu1; #alu2; + ncases alu1; + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + ncases alu2; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nchange in H:(%) with ( + ((eq_b8 x1 y1) ⊗ (eq_b8 x2 y2) ⊗ (eq_b8 x3 y3) ⊗ (eq_w16 x4 y4) ⊗ + (eq_w16 x5 y5) ⊗ (eq_bool x6 y6) ⊗ (eq_bool x7 y7) ⊗ (eq_bool x8 y8) ⊗ + (eq_bool x9 y9) ⊗ (eq_bool x10 y10) ⊗ (eq_bool x11 y11) ⊗ (eq_bool x12 y12)) = true); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H)); + nletin H1 ≝ (andb_true_true_l ?? H); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H1)); + nletin H2 ≝ (andb_true_true_l ?? H1); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H2)); + nletin H3 ≝ (andb_true_true_l ?? H2); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H3)); + nletin H4 ≝ (andb_true_true_l ?? H3); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H4)); + nletin H5 ≝ (andb_true_true_l ?? H4); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H5)); + nletin H6 ≝ (andb_true_true_l ?? H5); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H6)); + nletin H7 ≝ (andb_true_true_l ?? H6); + nrewrite > (eqw16_to_eq ?? (andb_true_true_r ?? H7)); + nletin H8 ≝ (andb_true_true_l ?? H7); + nrewrite > (eqw16_to_eq ?? (andb_true_true_r ?? H8)); + nletin H9 ≝ (andb_true_true_l ?? H8); + nrewrite > (eqb8_to_eq ?? (andb_true_true_r ?? H9)); + nletin H10 ≝ (andb_true_true_l ?? H9); + nrewrite > (eqb8_to_eq ?? (andb_true_true_r ?? H10)); + nrewrite > (eqb8_to_eq ?? (andb_true_true_l ?? H10)); + napply (refl_eq ??). +nqed. + +nlemma eq_to_eqaluHC08 : ∀alu1,alu2.alu1 = alu2 → eq_alu_HC08 alu1 alu2 = true. + #alu1; #alu2; + ncases alu1; + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; #x9; #x10; #x11; #x12; + ncases alu2; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #y9; #y10; #y11; #y12; #H; + nrewrite > (aluHC08_destruct_1 ???????????????????????? H); + nrewrite > (aluHC08_destruct_2 ???????????????????????? H); + nrewrite > (aluHC08_destruct_3 ???????????????????????? H); + nrewrite > (aluHC08_destruct_4 ???????????????????????? H); + nrewrite > (aluHC08_destruct_5 ???????????????????????? H); + nrewrite > (aluHC08_destruct_6 ???????????????????????? H); + nrewrite > (aluHC08_destruct_7 ???????????????????????? H); + nrewrite > (aluHC08_destruct_8 ???????????????????????? H); + nrewrite > (aluHC08_destruct_9 ???????????????????????? H); + nrewrite > (aluHC08_destruct_10 ???????????????????????? H); + nrewrite > (aluHC08_destruct_11 ???????????????????????? H); + nrewrite > (aluHC08_destruct_12 ???????????????????????? H); + nchange with ( + ((eq_b8 y1 y1) ⊗ (eq_b8 y2 y2) ⊗ (eq_b8 y3 y3) ⊗ (eq_w16 y4 y4) ⊗ + (eq_w16 y5 y5) ⊗ (eq_bool y6 y6) ⊗ (eq_bool y7 y7) ⊗ (eq_bool y8 y8) ⊗ + (eq_bool y9 y9) ⊗ (eq_bool y10 y10) ⊗ (eq_bool y11 y11) ⊗ (eq_bool y12 y12)) = true); + nrewrite > (eq_to_eqb8 y1 y1 (refl_eq ??)); + nrewrite > (eq_to_eqb8 y2 y2 (refl_eq ??)); + nrewrite > (eq_to_eqb8 y3 y3 (refl_eq ??)); + nrewrite > (eq_to_eqw16 y4 y4 (refl_eq ??)); + nrewrite > (eq_to_eqw16 y5 y5 (refl_eq ??)); + nrewrite > (eq_to_eqbool y6 y6 (refl_eq ??)); + nrewrite > (eq_to_eqbool y7 y7 (refl_eq ??)); + nrewrite > (eq_to_eqbool y8 y8 (refl_eq ??)); + nrewrite > (eq_to_eqbool y9 y9 (refl_eq ??)); + nrewrite > (eq_to_eqbool y10 y10 (refl_eq ??)); + nrewrite > (eq_to_eqbool y11 y11 (refl_eq ??)); + nrewrite > (eq_to_eqbool y12 y12 (refl_eq ??)); + napply (refl_eq ??). +nqed. + +nlemma aluRS08_destruct_1 : +∀x1,x2,x3,x4,x5,x6,x7,x8,y1,y2,y3,y4,y5,y6,y7,y8. + mk_alu_RS08 x1 x2 x3 x4 x5 x6 x7 x8 = mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 → + x1 = y1. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #H; + nchange with (match mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 + with [ mk_alu_RS08 a _ _ _ _ _ _ _ ⇒ x1 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluRS08_destruct_2 : +∀x1,x2,x3,x4,x5,x6,x7,x8,y1,y2,y3,y4,y5,y6,y7,y8. + mk_alu_RS08 x1 x2 x3 x4 x5 x6 x7 x8 = mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 → + x2 = y2. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #H; + nchange with (match mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 + with [ mk_alu_RS08 _ a _ _ _ _ _ _ ⇒ x2 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluRS08_destruct_3 : +∀x1,x2,x3,x4,x5,x6,x7,x8,y1,y2,y3,y4,y5,y6,y7,y8. + mk_alu_RS08 x1 x2 x3 x4 x5 x6 x7 x8 = mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 → + x3 = y3. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #H; + nchange with (match mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 + with [ mk_alu_RS08 _ _ a _ _ _ _ _ ⇒ x3 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluRS08_destruct_4 : +∀x1,x2,x3,x4,x5,x6,x7,x8,y1,y2,y3,y4,y5,y6,y7,y8. + mk_alu_RS08 x1 x2 x3 x4 x5 x6 x7 x8 = mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 → + x4 = y4. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #H; + nchange with (match mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 + with [ mk_alu_RS08 _ _ _ a _ _ _ _ ⇒ x4 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluRS08_destruct_5 : +∀x1,x2,x3,x4,x5,x6,x7,x8,y1,y2,y3,y4,y5,y6,y7,y8. + mk_alu_RS08 x1 x2 x3 x4 x5 x6 x7 x8 = mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 → + x5 = y5. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #H; + nchange with (match mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 + with [ mk_alu_RS08 _ _ _ _ a _ _ _ ⇒ x5 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluRS08_destruct_6 : +∀x1,x2,x3,x4,x5,x6,x7,x8,y1,y2,y3,y4,y5,y6,y7,y8. + mk_alu_RS08 x1 x2 x3 x4 x5 x6 x7 x8 = mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 → + x6 = y6. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #H; + nchange with (match mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 + with [ mk_alu_RS08 _ _ _ _ _ a _ _ ⇒ x6 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluRS08_destruct_7 : +∀x1,x2,x3,x4,x5,x6,x7,x8,y1,y2,y3,y4,y5,y6,y7,y8. + mk_alu_RS08 x1 x2 x3 x4 x5 x6 x7 x8 = mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 → + x7 = y7. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #H; + nchange with (match mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 + with [ mk_alu_RS08 _ _ _ _ _ _ a _ ⇒ x7 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma aluRS08_destruct_8 : +∀x1,x2,x3,x4,x5,x6,x7,x8,y1,y2,y3,y4,y5,y6,y7,y8. + mk_alu_RS08 x1 x2 x3 x4 x5 x6 x7 x8 = mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 → + x8 = y8. + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #H; + nchange with (match mk_alu_RS08 y1 y2 y3 y4 y5 y6 y7 y8 + with [ mk_alu_RS08 _ _ _ _ _ _ _ a ⇒ x8 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma symmetric_eqaluRS08 : symmetricT alu_RS08 bool eq_alu_RS08. + #alu1; #alu2; + ncases alu1; + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; + ncases alu2; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; + nchange with ( + ((eq_b8 x1 y1) ⊗ (eq_w16 x2 y2) ⊗ + (eq_w16 x3 y3) ⊗ (eq_w16 x4 y4) ⊗ + (eq_b8 x5 y5) ⊗ (eq_b8 x6 y6) ⊗ + (eq_bool x7 y7) ⊗ (eq_bool x8 y8)) = + ((eq_b8 y1 x1) ⊗ (eq_w16 y2 x2) ⊗ + (eq_w16 y3 x3) ⊗ (eq_w16 y4 x4) ⊗ + (eq_b8 y5 x5) ⊗ (eq_b8 y6 x6) ⊗ + (eq_bool y7 x7) ⊗ (eq_bool y8 x8))); + nrewrite > (symmetric_eqb8 x1 y1); + nrewrite > (symmetric_eqw16 x2 y2); + nrewrite > (symmetric_eqw16 x3 y3); + nrewrite > (symmetric_eqw16 x4 y4); + nrewrite > (symmetric_eqb8 x5 y5); + nrewrite > (symmetric_eqb8 x6 y6); + nrewrite > (symmetric_eqbool x7 y7); + nrewrite > (symmetric_eqbool x8 y8); + napply (refl_eq ??). +nqed. + +nlemma eqaluRS08_to_eq : ∀alu1,alu2.eq_alu_RS08 alu1 alu2 = true → alu1 = alu2. + #alu1; #alu2; + ncases alu1; + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; + ncases alu2; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #H; + nchange in H:(%) with ( + ((eq_b8 x1 y1) ⊗ (eq_w16 x2 y2) ⊗ + (eq_w16 x3 y3) ⊗ (eq_w16 x4 y4) ⊗ + (eq_b8 x5 y5) ⊗ (eq_b8 x6 y6) ⊗ + (eq_bool x7 y7) ⊗ (eq_bool x8 y8)) = true); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H)); + nletin H1 ≝ (andb_true_true_l ?? H); + nrewrite > (eqbool_to_eq ?? (andb_true_true_r ?? H1)); + nletin H2 ≝ (andb_true_true_l ?? H1); + nrewrite > (eqb8_to_eq ?? (andb_true_true_r ?? H2)); + nletin H3 ≝ (andb_true_true_l ?? H2); + nrewrite > (eqb8_to_eq ?? (andb_true_true_r ?? H3)); + nletin H4 ≝ (andb_true_true_l ?? H3); + nrewrite > (eqw16_to_eq ?? (andb_true_true_r ?? H4)); + nletin H5 ≝ (andb_true_true_l ?? H4); + nrewrite > (eqw16_to_eq ?? (andb_true_true_r ?? H5)); + nletin H6 ≝ (andb_true_true_l ?? H5); + nrewrite > (eqw16_to_eq ?? (andb_true_true_r ?? H6)); + nrewrite > (eqb8_to_eq ?? (andb_true_true_l ?? H6)); + napply (refl_eq ??). +nqed. + +nlemma eq_to_eqaluRS08 : ∀alu1,alu2.alu1 = alu2 → eq_alu_RS08 alu1 alu2 = true. + #alu1; #alu2; + ncases alu1; + #x1; #x2; #x3; #x4; #x5; #x6; #x7; #x8; + ncases alu2; + #y1; #y2; #y3; #y4; #y5; #y6; #y7; #y8; #H; + nrewrite > (aluRS08_destruct_1 ???????????????? H); + nrewrite > (aluRS08_destruct_2 ???????????????? H); + nrewrite > (aluRS08_destruct_3 ???????????????? H); + nrewrite > (aluRS08_destruct_4 ???????????????? H); + nrewrite > (aluRS08_destruct_5 ???????????????? H); + nrewrite > (aluRS08_destruct_6 ???????????????? H); + nrewrite > (aluRS08_destruct_7 ???????????????? H); + nrewrite > (aluRS08_destruct_8 ???????????????? H); + nchange with ( + ((eq_b8 y1 y1) ⊗ (eq_w16 y2 y2) ⊗ + (eq_w16 y3 y3) ⊗ (eq_w16 y4 y4) ⊗ + (eq_b8 y5 y5) ⊗ (eq_b8 y6 y6) ⊗ + (eq_bool y7 y7) ⊗ (eq_bool y8 y8)) = true); + nrewrite > (eq_to_eqb8 y1 y1 (refl_eq ??)); + nrewrite > (eq_to_eqw16 y2 y2 (refl_eq ??)); + nrewrite > (eq_to_eqw16 y3 y3 (refl_eq ??)); + nrewrite > (eq_to_eqw16 y4 y4 (refl_eq ??)); + nrewrite > (eq_to_eqb8 y5 y5 (refl_eq ??)); + nrewrite > (eq_to_eqb8 y6 y6 (refl_eq ??)); + nrewrite > (eq_to_eqbool y7 y7 (refl_eq ??)); + nrewrite > (eq_to_eqbool y8 y8 (refl_eq ??)); + napply (refl_eq ??). +nqed. + +nlemma symmetric_eqclk : ∀mcu,clk1,clk2.eq_clk mcu clk1 clk2 = eq_clk mcu clk2 clk1. + #mcu; #clk1; #clk2; + ncases clk1; + ncases clk2; + ##[ ##1: napply (refl_eq ??) + ##| ##2,3: nnormalize; #H; napply (refl_eq ??) + ##| ##4: #p1; ncases p1; #x1; #x2; #x3; #x4; #x5; + #p2; ncases p2; #y1; #y2; #y3; #y4; #y5; + nchange with ( + ((eq_b8 y1 x1) ⊗ (eq_anyop ? y2 x2) ⊗ (eq_instrmode y3 x3) ⊗ (eq_b8 y4 x4) ⊗ (eq_w16 y5 x5)) = + ((eq_b8 x1 y1) ⊗ (eq_anyop ? x2 y2) ⊗ (eq_instrmode x3 y3) ⊗ (eq_b8 x4 y4) ⊗ (eq_w16 x5 y5))); + nrewrite > (symmetric_eqb8 x1 y1); + nrewrite > (symmetric_eqanyop ? x2 y2); + nrewrite > (symmetric_eqinstrmode x3 y3); + nrewrite > (symmetric_eqb8 x4 y4); + nrewrite > (symmetric_eqw16 x5 y5); + napply (refl_eq ??) + ##] +nqed. + +nlemma eqclk_to_eq : ∀mcu,clk1,clk2.eq_clk mcu clk1 clk2 = true → clk1 = clk2. + #mcu; #clk1; #clk2; + ncases clk1; + ncases clk2; + ##[ ##1: nnormalize; #H; napply (refl_eq ??) + ##| ##2,3: nnormalize; #H; #H1; napply (bool_destruct ??? H1) + ##| ##4: #p1; ncases p1; #x1; #x2; #x3; #x4; #x5; + #p2; ncases p2; #y1; #y2; #y3; #y4; #y5; #H; + nchange in H:(%) with ( + ((eq_b8 y1 x1) ⊗ (eq_anyop ? y2 x2) ⊗ (eq_instrmode y3 x3) ⊗ (eq_b8 y4 x4) ⊗ (eq_w16 y5 x5)) = true); + nrewrite > (eqw16_to_eq ?? (andb_true_true_r ?? H)); + nletin H1 ≝ (andb_true_true_l ?? H); + nrewrite > (eqb8_to_eq ?? (andb_true_true_r ?? H1)); + nletin H2 ≝ (andb_true_true_l ?? H1); + nrewrite > (eqinstrmode_to_eq ?? (andb_true_true_r ?? H2)); + nletin H3 ≝ (andb_true_true_l ?? H2); + nrewrite > (eqanyop_to_eq ??? (andb_true_true_r ?? H3)); + nrewrite > (eqb8_to_eq ?? (andb_true_true_l ?? H3)); + napply (refl_eq ??) + ##] +nqed. + +nlemma eq_to_eqclk : ∀mcu,clk1,clk2.clk1 = clk2 → eq_clk mcu clk1 clk2 = true. + #mcu; #clk1; #clk2; + ncases clk1; + ncases clk2; + ##[ ##1: nnormalize; #H; napply (refl_eq ??) + ##| ##2: nnormalize; #p; #H1; nelim (option_destruct_none_some ?? H1) + ##| ##3: nnormalize; #p; #H1; nelim (option_destruct_some_none ?? H1) + ##| ##4: #p1; ncases p1; #x1; #x2; #x3; #x4; #x5; + #p2; ncases p2; #y1; #y2; #y3; #y4; #y5; #H; + nrewrite > (quintuple_destruct_1 ??????????????? (option_destruct_some_some ??? H)); + nrewrite > (quintuple_destruct_2 ??????????????? (option_destruct_some_some ??? H)); + nrewrite > (quintuple_destruct_3 ??????????????? (option_destruct_some_some ??? H)); + nrewrite > (quintuple_destruct_4 ??????????????? (option_destruct_some_some ??? H)); + nrewrite > (quintuple_destruct_5 ??????????????? (option_destruct_some_some ??? H)); + nchange with ( + ((eq_b8 x1 x1) ⊗ (eq_anyop ? x2 x2) ⊗ (eq_instrmode x3 x3) ⊗ (eq_b8 x4 x4) ⊗ (eq_w16 x5 x5)) = true); + nrewrite > (eq_to_eqb8 x1 x1 (refl_eq ??)); + nrewrite > (eq_to_eqanyop mcu x2 x2 (refl_eq ? x2)); + nrewrite > (eq_to_eqinstrmode x3 x3 (refl_eq ??)); + nrewrite > (eq_to_eqb8 x4 x4 (refl_eq ??)); + nrewrite > (eq_to_eqw16 x5 x5 (refl_eq ??)); + nnormalize; + napply (refl_eq ??) + ##] +nqed. + +nlemma symmetric_forallmemoryranged : +∀t.∀chk1,chk2:aux_chk_type t.∀mem1,mem2:aux_mem_type t.∀addrl. + forall_memory_ranged t chk1 chk2 mem1 mem2 addrl = + forall_memory_ranged t chk2 chk1 mem2 mem1 addrl. + #t; #chk1; #chk2; #mem1; #mem2; #addrl; + napply (list_ind word16 ??? addrl); + ##[ ##1: nnormalize; napply (refl_eq ??) + ##| ##2: #a; #l; #H; + nchange with ( + ((eq_option byte8 (mem_read t mem1 chk1 a) + (mem_read t mem2 chk2 a) eq_b8) ⊗ + (forall_memory_ranged t chk1 chk2 mem1 mem2 l)) = + ((eq_option byte8 (mem_read t mem2 chk2 a) + (mem_read t mem1 chk1 a) eq_b8) ⊗ + (forall_memory_ranged t chk2 chk1 mem2 mem1 l))); + nrewrite > H; + nrewrite > (symmetric_eqoption ? (mem_read t mem1 chk1 a) (mem_read t mem2 chk2 a) eq_b8 symmetric_eqb8); + napply (refl_eq ??) + ##] +nqed. + +nlemma anystatus_destruct_1 : +∀m,t.∀x1,x2,x3,x4,y1,y2,y3,y4. + mk_any_status m t x1 x2 x3 x4 = mk_any_status m t y1 y2 y3 y4 → + x1 = y1. + #m; #t; + #x1; #x2; #x3; #x4; + #y1; #y2; #y3; #y4; #H; + nchange with (match mk_any_status m t y1 y2 y3 y4 + with [ mk_any_status a _ _ _ ⇒ x1 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma anystatus_destruct_2 : +∀m,t.∀x1,x2,x3,x4,y1,y2,y3,y4. + mk_any_status m t x1 x2 x3 x4 = mk_any_status m t y1 y2 y3 y4 → + x2 = y2. + #m; #t; + #x1; #x2; #x3; #x4; + #y1; #y2; #y3; #y4; #H; + nchange with (match mk_any_status m t y1 y2 y3 y4 + with [ mk_any_status _ a _ _ ⇒ x2 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma anystatus_destruct_3 : +∀m,t.∀x1,x2,x3,x4,y1,y2,y3,y4. + mk_any_status m t x1 x2 x3 x4 = mk_any_status m t y1 y2 y3 y4 → + x3 = y3. + #m; #t; + #x1; #x2; #x3; #x4; + #y1; #y2; #y3; #y4; #H; + nchange with (match mk_any_status m t y1 y2 y3 y4 + with [ mk_any_status _ _ a _ ⇒ x3 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma anystatus_destruct_4 : +∀m,t.∀x1,x2,x3,x4,y1,y2,y3,y4. + mk_any_status m t x1 x2 x3 x4 = mk_any_status m t y1 y2 y3 y4 → + x4 = y4. + #m; #t; + #x1; #x2; #x3; #x4; + #y1; #y2; #y3; #y4; #H; + nchange with (match mk_any_status m t y1 y2 y3 y4 + with [ mk_any_status _ _ _ a ⇒ x4 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +nlemma symmetric_eqstatus : +∀addrl:list word16.∀m:mcu_type.∀t:memory_impl.∀s1,s2:any_status m t. + eq_status m t s1 s2 addrl = eq_status m t s2 s1 addrl. + #addrl; #m; + ncases m; #t; #s1; + ##[ ##1: ncases s1; #x1; #x2; #x3; #x4; + #s2; ncases s2; #y1; #y2; #y3; #y4; + nchange with ( + ((eq_alu_HC05 x1 y1) ⊗ (forall_memory_ranged t x3 y3 x2 y2 addrl) ⊗ (eq_clk HC05 x4 y4)) = + ((eq_alu_HC05 y1 x1) ⊗ (forall_memory_ranged t y3 x3 y2 x2 addrl) ⊗ (eq_clk HC05 y4 x4))); + nrewrite > (symmetric_eqaluHC05 x1 y1) + ##| ##2,3: ncases s1; #x1; #x2; #x3; #x4; + #s2; ncases s2; #y1; #y2; #y3; #y4; + nchange with ( + ((eq_alu_HC08 x1 y1) ⊗ (forall_memory_ranged t x3 y3 x2 y2 addrl) ⊗ (eq_clk ? x4 y4)) = + ((eq_alu_HC08 y1 x1) ⊗ (forall_memory_ranged t y3 x3 y2 x2 addrl) ⊗ (eq_clk ? y4 x4))); + nrewrite > (symmetric_eqaluHC08 x1 y1) + ##| ##4: ncases s1; #x1; #x2; #x3; #x4; + #s2; ncases s2; #y1; #y2; #y3; #y4; + nchange with ( + ((eq_alu_RS08 x1 y1) ⊗ (forall_memory_ranged t x3 y3 x2 y2 addrl) ⊗ (eq_clk RS08 x4 y4)) = + ((eq_alu_RS08 y1 x1) ⊗ (forall_memory_ranged t y3 x3 y2 x2 addrl) ⊗ (eq_clk RS08 y4 x4))); + nrewrite > (symmetric_eqaluRS08 x1 y1) + ##] + nrewrite > (symmetric_forallmemoryranged t x3 y3 x2 y2 addrl); + nrewrite > (symmetric_eqclk ? x4 y4); + napply (refl_eq ??). +nqed. + +nlemma eqstatus_to_eq : +∀addrl:list word16.∀m:mcu_type.∀t:memory_impl.∀s1,s2:any_status m t. + (eq_status m t s1 s2 addrl = true) → + ((alu m t s1 = alu m t s2) ∧ + (clk_desc m t s1 = clk_desc m t s2) ∧ + ((forall_memory_ranged t (chk_desc m t s1) (chk_desc m t s2) + (mem_desc m t s1) (mem_desc m t s2) addrl) = true)). + #addrl; #m; #t; + ncases m; #s1; + ##[ ##1: ncases s1; #x1; #x2; #x3; #x4; + #s2; ncases s2; #y1; #y2; #y3; #y4; #H; + nchange in H:(%) with ( + ((eq_alu_HC05 x1 y1) ⊗ (forall_memory_ranged t x3 y3 x2 y2 addrl) ⊗ (eq_clk ? x4 y4)) = true); + nrewrite > (eqaluHC05_to_eq ?? (andb_true_true_l ?? (andb_true_true_l ?? H))) + ##| ##2,3: ncases s1; #x1; #x2; #x3; #x4; + #s2; ncases s2; #y1; #y2; #y3; #y4; #H; + nchange in H:(%) with ( + ((eq_alu_HC08 x1 y1) ⊗ (forall_memory_ranged t x3 y3 x2 y2 addrl) ⊗ (eq_clk ? x4 y4)) = true); + nrewrite > (eqaluHC08_to_eq ?? (andb_true_true_l ?? (andb_true_true_l ?? H))) + ##| ##4: ncases s1; #x1; #x2; #x3; #x4; + #s2; ncases s2; #y1; #y2; #y3; #y4; #H; + nchange in H:(%) with ( + ((eq_alu_RS08 x1 y1) ⊗ (forall_memory_ranged t x3 y3 x2 y2 addrl) ⊗ (eq_clk ? x4 y4)) = true); + nrewrite > (eqaluRS08_to_eq ?? (andb_true_true_l ?? (andb_true_true_l ?? H))) + ##] + nchange with ((y1 = y1) ∧ (x4 = y4) ∧ (forall_memory_ranged t x3 y3 x2 y2 addrl = true)); + nrewrite > (andb_true_true_r ?? (andb_true_true_l ?? H)); + nrewrite > (eqclk_to_eq ??? (andb_true_true_r ?? H)); + napply (conj ?? (conj ?? (refl_eq ??) (refl_eq ??)) (refl_eq ??)). +nqed. + +nlemma eq_to_eqstatus_strong : +∀addrl:list word16.∀m:mcu_type.∀t:memory_impl.∀s1,s2:any_status m t. + s1 = s2 → (eq_status m t s1 s2 addrl = true). + #addrl; #m; #t; + ncases m; + ##[ ##1: #s1; ncases s1; #x1; #x2; #x3; #x4; + #s2; ncases s2; #y1; #y2; #y3; #y4; #H; + nchange with ( + ((eq_alu_HC05 x1 y1) ⊗ (forall_memory_ranged t x3 y3 x2 y2 addrl) ⊗ (eq_clk ? x4 y4)) = true); + nrewrite > (anystatus_destruct_1 ?????????? H); + nrewrite > (eq_to_eqaluHC05 y1 y1 (refl_eq ??)) + ##| ##2,3: #s1; ncases s1; #x1; #x2; #x3; #x4; + #s2; ncases s2; #y1; #y2; #y3; #y4; #H; + nchange with ( + ((eq_alu_HC08 x1 y1) ⊗ (forall_memory_ranged t x3 y3 x2 y2 addrl) ⊗ (eq_clk ? x4 y4)) = true); + nrewrite > (anystatus_destruct_1 ?????????? H); + nrewrite > (eq_to_eqaluHC08 y1 y1 (refl_eq ??)) + ##| ##4: #s1; ncases s1; #x1; #x2; #x3; #x4; + #s2; ncases s2; #y1; #y2; #y3; #y4; #H; + nchange with ( + ((eq_alu_RS08 x1 y1) ⊗ (forall_memory_ranged t x3 y3 x2 y2 addrl) ⊗ (eq_clk ? x4 y4)) = true); + nrewrite > (anystatus_destruct_1 ?????????? H); + nrewrite > (eq_to_eqaluRS08 y1 y1 (refl_eq ??)) + ##] + nrewrite > (anystatus_destruct_2 ?????????? H); + nrewrite > (anystatus_destruct_3 ?????????? H); + nrewrite > (anystatus_destruct_4 ?????????? H); + nrewrite > (eq_to_eqclk ? y4 y4 (refl_eq ??)); + nchange with ((forall_memory_ranged ?????? ⊗ true) =true); + nrewrite > (symmetric_andbool (forall_memory_ranged t y3 y3 y2 y2 addrl) true); + nchange with (forall_memory_ranged ?????? = true); + napply (list_ind word16 ??? addrl); + ##[ ##1,3,5,7: nnormalize; napply (refl_eq ??) + ##| ##2,4,6,8: #a; #l'; #H; + nchange with ( + ((eq_option byte8 (mem_read t y2 y3 a) + (mem_read t y2 y3 a) eq_b8) ⊗ + (forall_memory_ranged t y3 y3 y2 y2 l')) = true); + nrewrite > H; + nrewrite > (eq_to_eqoption ? (mem_read t y2 y3 a) (mem_read t y2 y3 a) eq_b8 eq_to_eqb8 (refl_eq ??)); + nnormalize; + napply (refl_eq ??) + ##] +nqed. + +nlemma eq_to_eqstatus_weak : +∀addrl:list word16.∀m:mcu_type.∀t:memory_impl.∀s1,s2:any_status m t. + (alu m t s1 = alu m t s2) → + (clk_desc m t s1 = clk_desc m t s2) → + ((forall_memory_ranged t (chk_desc m t s1) (chk_desc m t s2) + (mem_desc m t s1) (mem_desc m t s2) addrl) = true) → + (eq_status m t s1 s2 addrl = true). + #addrl; #m; #t; + ncases m; + ##[ ##1: #s1; ncases s1; #x1; #x2; #x3; #x4; + #s2; ncases s2; #y1; #y2; #y3; #y4; #H; #H1; #H2; + nchange with (((eq_alu_HC05 x1 y1) ⊗ (forall_memory_ranged t x3 y3 x2 y2 addrl) ⊗ (eq_clk ? x4 y4)) = true); + nchange in H:(%) with (x1 = y1); + nrewrite > H; + nrewrite > (eq_to_eqaluHC05 y1 y1 (refl_eq ??)) + ##| ##2,3: #s1; ncases s1; #x1; #x2; #x3; #x4; + #s2; ncases s2; #y1; #y2; #y3; #y4; #H; #H1; #H2; + nchange with (((eq_alu_HC08 x1 y1) ⊗ (forall_memory_ranged t x3 y3 x2 y2 addrl) ⊗ (eq_clk ? x4 y4)) = true); + nchange in H:(%) with (x1 = y1); + nrewrite > H; + nrewrite > (eq_to_eqaluHC08 y1 y1 (refl_eq ??)) + ##| ##4: #s1; ncases s1; #x1; #x2; #x3; #x4; + #s2; ncases s2; #y1; #y2; #y3; #y4; #H; #H1; #H2; + nchange with (((eq_alu_RS08 x1 y1) ⊗ (forall_memory_ranged t x3 y3 x2 y2 addrl) ⊗ (eq_clk ? x4 y4)) = true); + nchange in H:(%) with (x1 = y1); + nrewrite > H; + nrewrite > (eq_to_eqaluRS08 y1 y1 (refl_eq ??)) + ##] + nchange in H2:(%) with (forall_memory_ranged t x3 y3 x2 y2 addrl = true); + nrewrite > H2; + nchange in H1:(%) with (x4 = y4); + nrewrite > H1; + nrewrite > (eq_to_eqclk ? y4 y4 (refl_eq ??)); + nnormalize; + napply (refl_eq ??). +nqed. diff --git a/helm/software/matita/contribs/ng_assembly/freescale/table_HCS08_tests.ma b/helm/software/matita/contribs/ng_assembly/freescale/table_HCS08_tests.ma index 463a3b7a6..9880fadb9 100755 --- a/helm/software/matita/contribs/ng_assembly/freescale/table_HCS08_tests.ma +++ b/helm/software/matita/contribs/ng_assembly/freescale/table_HCS08_tests.ma @@ -42,7 +42,7 @@ nlemma ok_byte_table_HCS08 : forall_byte8 (λb. (⊖ (test_not_impl_byte b HCS08_not_impl_byte) ⊙ eq_nat (get_byte_count HCS08 b 0 opcode_table_HCS08) 0)) = true. napply (refl_eq ??). -qed. +nqed. (* HCS08: opcode non implementati come da manuale (0x9E+byte) *) ndefinition HCS08_not_impl_word ≝ diff --git a/helm/software/matita/contribs/ng_assembly/freescale/translation.ma b/helm/software/matita/contribs/ng_assembly/freescale/translation.ma new file mode 100755 index 000000000..eac7385d5 --- /dev/null +++ b/helm/software/matita/contribs/ng_assembly/freescale/translation.ma @@ -0,0 +1,376 @@ +(**************************************************************************) +(* ___ *) +(* ||M|| *) +(* ||A|| A project by Andrea Asperti *) +(* ||T|| *) +(* ||I|| Developers: *) +(* ||T|| The HELM team. *) +(* ||A|| http://helm.cs.unibo.it *) +(* \ / *) +(* \ / This file is distributed under the terms of the *) +(* v GNU General Public License Version 2 *) +(* *) +(**************************************************************************) + +(* ********************************************************************** *) +(* Progetto FreeScale *) +(* *) +(* Sviluppato da: *) +(* Cosimo Oliboni, oliboni@cs.unibo.it *) +(* *) +(* Questo materiale fa parte della tesi: *) +(* "Formalizzazione Interattiva dei Microcontroller a 8bit FreeScale" *) +(* *) +(* data ultima modifica 15/11/2007 *) +(* ********************************************************************** *) + +include "freescale/table_HC05.ma". +include "freescale/table_HC08.ma". +include "freescale/table_HCS08.ma". +include "freescale/table_RS08.ma". +include "freescale/option.ma". + +(* ***************************** *) +(* TRADUZIONE ESADECIMALE → INFO *) +(* ***************************** *) + +(* accesso alla tabella della ALU prescelta *) +ndefinition opcode_table ≝ +λm:mcu_type. + match m + return λm:mcu_type.list (Prod4T (any_opcode m) instr_mode byte8_or_word16 byte8) + with + [ HC05 ⇒ opcode_table_HC05 + | HC08 ⇒ opcode_table_HC08 + | HCS08 ⇒ opcode_table_HCS08 + | RS08 ⇒ opcode_table_RS08 + ]. + +(* traduzione mcu+esadecimale → info *) +(* NB: la ricerca per byte non matcha con una word con lo stesso byte superiore uguale *) +(* NB: per matchare una word (precode+code) bisogna passare una word *) +(* NB: il risultato e' sempre un'opzione, NON esiste un dummy opcode tipo UNKNOWN/ILLEGAL *) +nlet rec full_info_of_word16_aux (m:mcu_type) (borw:byte8_or_word16) + (param:list (Prod4T (any_opcode m) instr_mode byte8_or_word16 byte8)) on param ≝ + match param with + [ nil ⇒ None ? + | cons hd tl ⇒ + match thd4T ???? hd with + [ Byte b ⇒ match borw with + [ Byte borw' ⇒ match eq_b8 borw' b with + [ true ⇒ Some ? hd + | false ⇒ full_info_of_word16_aux m borw tl ] + | Word _ ⇒ full_info_of_word16_aux m borw tl ] + | Word w ⇒ match borw with + [ Byte _ ⇒ full_info_of_word16_aux m borw tl + | Word borw' ⇒ match eq_w16 borw' w with + [ true ⇒ Some ? hd + | false ⇒ full_info_of_word16_aux m borw tl ] + ]]]. + +ndefinition full_info_of_word16 ≝ +λm:mcu_type.λborw:byte8_or_word16. +full_info_of_word16_aux m borw (opcode_table m). + +(* ******************************************************* *) +(* TRADUZIONE MCU+OPCODE+MODALITA'+ARGOMENTI → ESADECIMALE *) +(* ******************************************************* *) + +(* introduzione di un tipo byte8 dipendente dall'mcu_type (phantom type) *) +ninductive t_byte8 (m:mcu_type) : Type ≝ + TByte : byte8 → t_byte8 m. + +ndefinition t_byte8_ind + : Πm:mcu_type.ΠP:t_byte8 m → Prop.(Πb:byte8.P (TByte m b)) → Πt:t_byte8 m.P t ≝ +λm:mcu_type.λP:t_byte8 m → Prop.λf:Πb:byte8.P (TByte m b).λt:t_byte8 m. + match t with [ TByte (b:byte8) ⇒ f b ]. + +ndefinition t_byte8_rec + : Πm:mcu_type.ΠP:t_byte8 m → Set.(Πb:byte8.P (TByte m b)) → Πt:t_byte8 m.P t ≝ +λm:mcu_type.λP:t_byte8 m → Set.λf:Πb:byte8.P (TByte m b).λt:t_byte8 m. + match t with [ TByte (b:byte8) ⇒ f b ]. + +ndefinition t_byte8_rect + : Πm:mcu_type.ΠP:t_byte8 m → Type.(Πb:byte8.P (TByte m b)) → Πt:t_byte8 m.P t ≝ +λm:mcu_type.λP:t_byte8 m → Type.λf:Πb:byte8.P (TByte m b).λt:t_byte8 m. + match t with [ TByte (b:byte8) ⇒ f b ]. + +nlemma tbyte8_destruct : ∀m,b1,b2.TByte m b1 = TByte m b2 → b1 = b2. + #m; #b1; #b2; #H; + nchange with (match TByte m b2 with [ TByte a ⇒ b1 = a ]); + nrewrite < H; + nnormalize; + napply (refl_eq ??). +nqed. + +(* introduzione di un tipo dipendente (dalla modalita') per gli argomenti *) +ninductive MA_check : instr_mode → Type ≝ + maINH : MA_check MODE_INH +| maINHA : MA_check MODE_INHA +| maINHX : MA_check MODE_INHX +| maINHH : MA_check MODE_INHH +| maINHX0ADD : MA_check MODE_INHX0ADD +| maINHX1ADD : byte8 → MA_check MODE_INHX1ADD +| maINHX2ADD : word16 → MA_check MODE_INHX2ADD +| maIMM1 : byte8 → MA_check MODE_IMM1 +| maIMM1EXT : byte8 → MA_check MODE_IMM1EXT +| maIMM2 : word16 → MA_check MODE_IMM2 +| maDIR1 : byte8 → MA_check MODE_DIR1 +| maDIR2 : word16 → MA_check MODE_DIR2 +| maIX0 : MA_check MODE_IX0 +| maIX1 : byte8 → MA_check MODE_IX1 +| maIX2 : word16 → MA_check MODE_IX2 +| maSP1 : byte8 → MA_check MODE_SP1 +| maSP2 : word16 → MA_check MODE_SP2 +| maDIR1_to_DIR1 : byte8 → byte8 → MA_check MODE_DIR1_to_DIR1 +| maIMM1_to_DIR1 : byte8 → byte8 → MA_check MODE_IMM1_to_DIR1 +| maIX0p_to_DIR1 : byte8 → MA_check MODE_IX0p_to_DIR1 +| maDIR1_to_IX0p : byte8 → MA_check MODE_DIR1_to_IX0p +| maINHA_and_IMM1 : byte8 → MA_check MODE_INHA_and_IMM1 +| maINHX_and_IMM1 : byte8 → MA_check MODE_INHX_and_IMM1 +| maIMM1_and_IMM1 : byte8 → byte8 → MA_check MODE_IMM1_and_IMM1 +| maDIR1_and_IMM1 : byte8 → byte8 → MA_check MODE_DIR1_and_IMM1 +| maIX0_and_IMM1 : byte8 → MA_check MODE_IX0_and_IMM1 +| maIX0p_and_IMM1 : byte8 → MA_check MODE_IX0p_and_IMM1 +| maIX1_and_IMM1 : byte8 → byte8 → MA_check MODE_IX1_and_IMM1 +| maIX1p_and_IMM1 : byte8 → byte8 → MA_check MODE_IX1p_and_IMM1 +| maSP1_and_IMM1 : byte8 → byte8 → MA_check MODE_SP1_and_IMM1 +| maDIRn : ∀n.byte8 → MA_check (MODE_DIRn n) +| maDIRn_and_IMM1 : ∀n.byte8 → byte8 → MA_check (MODE_DIRn_and_IMM1 n) +| maTNY : ∀e.MA_check (MODE_TNY e) +| maSRT : ∀t.MA_check (MODE_SRT t) +. + +ndefinition instr_mode_ind + : Πi:instr_mode.ΠP:Πj.MA_check j → Prop. + P ? maINH → P ? maINHA → P ? maINHX → P ? maINHH → P ? maINHX0ADD → (Πb.P ? (maINHX1ADD b)) → + (Πw.P ? (maINHX2ADD w)) → (Πb.P ? (maIMM1 b)) → (Πb.P ? (maIMM1EXT b)) → (Πw.P ? (maIMM2 w)) → + (Πb.P ? (maDIR1 b)) → (Πw.P ? (maDIR2 w)) → P ? maIX0 → (Πb.P ? (maIX1 b)) → (Πw.P ? (maIX2 w)) → + (Πb.P ? (maSP1 b)) → (Πw.P ? (maSP2 w)) → (Πb1,b2.P ? (maDIR1_to_DIR1 b1 b2)) → + (Πb1,b2.P ? (maIMM1_to_DIR1 b1 b2)) → (Πb.P ? (maIX0p_to_DIR1 b)) → (Πb.P ? (maDIR1_to_IX0p b)) → + (Πb.P ? (maINHA_and_IMM1 b)) → (Πb.P ? (maINHX_and_IMM1 b)) → (Πb1,b2.P ? (maIMM1_and_IMM1 b1 b2)) → + (Πb1,b2.P ? (maDIR1_and_IMM1 b1 b2)) → (Πb.P ? (maIX0_and_IMM1 b)) → (Πb.P ? (maIX0p_and_IMM1 b)) → + (Πb1,b2.P ? (maIX1_and_IMM1 b1 b2)) → (Πb1,b2.P ? (maIX1p_and_IMM1 b1 b2)) → (Πb1,b2.P ? (maSP1_and_IMM1 b1 b2)) → + (Πn,b.P ? ((maDIRn n) b)) → (Πn,b1,b2.P ? ((maDIRn_and_IMM1 n) b1 b2)) → (Πe.P ? (maTNY e)) → (Πt.P ? (maSRT t)) → + Πma:MA_check i.P i ma ≝ +λi:instr_mode.λP:Πj.MA_check j → Prop. +λp:P ? maINH.λp1:P ? maINHA.λp2:P ? maINHX.λp3:P ? maINHH.λp4:P ? maINHX0ADD. +λf:Πb.P ? (maINHX1ADD b).λf1:Πw.P ? (maINHX2ADD w).λf2:Πb.P ? (maIMM1 b).λf3:Πb.P ? (maIMM1EXT b). +λf4:Πw.P ? (maIMM2 w).λf5:Πb.P ? (maDIR1 b).λf6:Πw.P ? (maDIR2 w).λp5:P ? maIX0. +λf7:Πb.P ? (maIX1 b).λf8:Πw.P ? (maIX2 w).λf9:Πb.P ? (maSP1 b).λf10:Πw.P ? (maSP2 w). +λf11:Πb1,b2.P ? (maDIR1_to_DIR1 b1 b2).λf12:Πb1,b2.P ? (maIMM1_to_DIR1 b1 b2). +λf13:Πb.P ? (maIX0p_to_DIR1 b).λf14:Πb.P ? (maDIR1_to_IX0p b).λf15:Πb.P ? (maINHA_and_IMM1 b). +λf16:Πb.P ? (maINHX_and_IMM1 b).λf17:Πb1,b2.P ? (maIMM1_and_IMM1 b1 b2). +λf18:Πb1,b2.P ? (maDIR1_and_IMM1 b1 b2).λf19:Πb.P ? (maIX0_and_IMM1 b). +λf20:Πb.P ? (maIX0p_and_IMM1 b).λf21:Πb1,b2.P ? (maIX1_and_IMM1 b1 b2). +λf22:Πb1,b2.P ? (maIX1p_and_IMM1 b1 b2).λf23:Πb1,b2.P ? (maSP1_and_IMM1 b1 b2). +λf24:Πn,b.P ? ((maDIRn n) b).λf25:Πn,b1,b2.P ? ((maDIRn_and_IMM1 n) b1 b2). +λf26:Πe.P ? (maTNY e).λf27:Πt.P ? (maSRT t).λma:MA_check i. + match ma with + [ maINH ⇒ p | maINHA ⇒ p1 | maINHX ⇒ p2 | maINHH ⇒ p3 | maINHX0ADD ⇒ p4 + | maINHX1ADD b ⇒ f b | maINHX2ADD w ⇒ f1 w | maIMM1 b ⇒ f2 b | maIMM1EXT b ⇒ f3 b + | maIMM2 w ⇒ f4 w | maDIR1 b ⇒ f5 b | maDIR2 w ⇒ f6 w | maIX0 ⇒ p5 | maIX1 b ⇒ f7 b + | maIX2 w ⇒ f8 w | maSP1 b ⇒ f9 b | maSP2 w ⇒ f10 w | maDIR1_to_DIR1 b1 b2 ⇒ f11 b1 b2 + | maIMM1_to_DIR1 b1 b2 ⇒ f12 b1 b2 | maIX0p_to_DIR1 b ⇒ f13 b | maDIR1_to_IX0p b ⇒ f14 b + | maINHA_and_IMM1 b ⇒ f15 b | maINHX_and_IMM1 b ⇒ f16 b | maIMM1_and_IMM1 b1 b2 ⇒ f17 b1 b2 + | maDIR1_and_IMM1 b1 b2 ⇒ f18 b1 b2 | maIX0_and_IMM1 b ⇒ f19 b | maIX0p_and_IMM1 b ⇒ f20 b + | maIX1_and_IMM1 b1 b2 ⇒ f21 b1 b2 | maIX1p_and_IMM1 b1 b2 ⇒ f22 b1 b2 | maSP1_and_IMM1 b1 b2 ⇒ f23 b1 b2 + | maDIRn n b ⇒ f24 n b | maDIRn_and_IMM1 n b1 b2 ⇒ f25 n b1 b2 | maTNY e ⇒ f26 e | maSRT t ⇒ f27 t ]. + +ndefinition instr_mode_rec + : Πi:instr_mode.ΠP:Πj.MA_check j → Set. + P ? maINH → P ? maINHA → P ? maINHX → P ? maINHH → P ? maINHX0ADD → (Πb.P ? (maINHX1ADD b)) → + (Πw.P ? (maINHX2ADD w)) → (Πb.P ? (maIMM1 b)) → (Πb.P ? (maIMM1EXT b)) → (Πw.P ? (maIMM2 w)) → + (Πb.P ? (maDIR1 b)) → (Πw.P ? (maDIR2 w)) → P ? maIX0 → (Πb.P ? (maIX1 b)) → (Πw.P ? (maIX2 w)) → + (Πb.P ? (maSP1 b)) → (Πw.P ? (maSP2 w)) → (Πb1,b2.P ? (maDIR1_to_DIR1 b1 b2)) → + (Πb1,b2.P ? (maIMM1_to_DIR1 b1 b2)) → (Πb.P ? (maIX0p_to_DIR1 b)) → (Πb.P ? (maDIR1_to_IX0p b)) → + (Πb.P ? (maINHA_and_IMM1 b)) → (Πb.P ? (maINHX_and_IMM1 b)) → (Πb1,b2.P ? (maIMM1_and_IMM1 b1 b2)) → + (Πb1,b2.P ? (maDIR1_and_IMM1 b1 b2)) → (Πb.P ? (maIX0_and_IMM1 b)) → (Πb.P ? (maIX0p_and_IMM1 b)) → + (Πb1,b2.P ? (maIX1_and_IMM1 b1 b2)) → (Πb1,b2.P ? (maIX1p_and_IMM1 b1 b2)) → (Πb1,b2.P ? (maSP1_and_IMM1 b1 b2)) → + (Πn,b.P ? ((maDIRn n) b)) → (Πn,b1,b2.P ? ((maDIRn_and_IMM1 n) b1 b2)) → (Πe.P ? (maTNY e)) → (Πt.P ? (maSRT t)) → + Πma:MA_check i.P i ma ≝ +λi:instr_mode.λP:Πj.MA_check j → Set. +λp:P ? maINH.λp1:P ? maINHA.λp2:P ? maINHX.λp3:P ? maINHH.λp4:P ? maINHX0ADD. +λf:Πb.P ? (maINHX1ADD b).λf1:Πw.P ? (maINHX2ADD w).λf2:Πb.P ? (maIMM1 b).λf3:Πb.P ? (maIMM1EXT b). +λf4:Πw.P ? (maIMM2 w).λf5:Πb.P ? (maDIR1 b).λf6:Πw.P ? (maDIR2 w).λp5:P ? maIX0. +λf7:Πb.P ? (maIX1 b).λf8:Πw.P ? (maIX2 w).λf9:Πb.P ? (maSP1 b).λf10:Πw.P ? (maSP2 w). +λf11:Πb1,b2.P ? (maDIR1_to_DIR1 b1 b2).λf12:Πb1,b2.P ? (maIMM1_to_DIR1 b1 b2). +λf13:Πb.P ? (maIX0p_to_DIR1 b).λf14:Πb.P ? (maDIR1_to_IX0p b).λf15:Πb.P ? (maINHA_and_IMM1 b). +λf16:Πb.P ? (maINHX_and_IMM1 b).λf17:Πb1,b2.P ? (maIMM1_and_IMM1 b1 b2). +λf18:Πb1,b2.P ? (maDIR1_and_IMM1 b1 b2).λf19:Πb.P ? (maIX0_and_IMM1 b). +λf20:Πb.P ? (maIX0p_and_IMM1 b).λf21:Πb1,b2.P ? (maIX1_and_IMM1 b1 b2). +λf22:Πb1,b2.P ? (maIX1p_and_IMM1 b1 b2).λf23:Πb1,b2.P ? (maSP1_and_IMM1 b1 b2). +λf24:Πn,b.P ? ((maDIRn n) b).λf25:Πn,b1,b2.P ? ((maDIRn_and_IMM1 n) b1 b2). +λf26:Πe.P ? (maTNY e).λf27:Πt.P ? (maSRT t).λma:MA_check i. + match ma with + [ maINH ⇒ p | maINHA ⇒ p1 | maINHX ⇒ p2 | maINHH ⇒ p3 | maINHX0ADD ⇒ p4 + | maINHX1ADD b ⇒ f b | maINHX2ADD w ⇒ f1 w | maIMM1 b ⇒ f2 b | maIMM1EXT b ⇒ f3 b + | maIMM2 w ⇒ f4 w | maDIR1 b ⇒ f5 b | maDIR2 w ⇒ f6 w | maIX0 ⇒ p5 | maIX1 b ⇒ f7 b + | maIX2 w ⇒ f8 w | maSP1 b ⇒ f9 b | maSP2 w ⇒ f10 w | maDIR1_to_DIR1 b1 b2 ⇒ f11 b1 b2 + | maIMM1_to_DIR1 b1 b2 ⇒ f12 b1 b2 | maIX0p_to_DIR1 b ⇒ f13 b | maDIR1_to_IX0p b ⇒ f14 b + | maINHA_and_IMM1 b ⇒ f15 b | maINHX_and_IMM1 b ⇒ f16 b | maIMM1_and_IMM1 b1 b2 ⇒ f17 b1 b2 + | maDIR1_and_IMM1 b1 b2 ⇒ f18 b1 b2 | maIX0_and_IMM1 b ⇒ f19 b | maIX0p_and_IMM1 b ⇒ f20 b + | maIX1_and_IMM1 b1 b2 ⇒ f21 b1 b2 | maIX1p_and_IMM1 b1 b2 ⇒ f22 b1 b2 | maSP1_and_IMM1 b1 b2 ⇒ f23 b1 b2 + | maDIRn n b ⇒ f24 n b | maDIRn_and_IMM1 n b1 b2 ⇒ f25 n b1 b2 | maTNY e ⇒ f26 e | maSRT t ⇒ f27 t ]. + +ndefinition instr_mode_rect + : Πi:instr_mode.ΠP:Πj.MA_check j → Type. + P ? maINH → P ? maINHA → P ? maINHX → P ? maINHH → P ? maINHX0ADD → (Πb.P ? (maINHX1ADD b)) → + (Πw.P ? (maINHX2ADD w)) → (Πb.P ? (maIMM1 b)) → (Πb.P ? (maIMM1EXT b)) → (Πw.P ? (maIMM2 w)) → + (Πb.P ? (maDIR1 b)) → (Πw.P ? (maDIR2 w)) → P ? maIX0 → (Πb.P ? (maIX1 b)) → (Πw.P ? (maIX2 w)) → + (Πb.P ? (maSP1 b)) → (Πw.P ? (maSP2 w)) → (Πb1,b2.P ? (maDIR1_to_DIR1 b1 b2)) → + (Πb1,b2.P ? (maIMM1_to_DIR1 b1 b2)) → (Πb.P ? (maIX0p_to_DIR1 b)) → (Πb.P ? (maDIR1_to_IX0p b)) → + (Πb.P ? (maINHA_and_IMM1 b)) → (Πb.P ? (maINHX_and_IMM1 b)) → (Πb1,b2.P ? (maIMM1_and_IMM1 b1 b2)) → + (Πb1,b2.P ? (maDIR1_and_IMM1 b1 b2)) → (Πb.P ? (maIX0_and_IMM1 b)) → (Πb.P ? (maIX0p_and_IMM1 b)) → + (Πb1,b2.P ? (maIX1_and_IMM1 b1 b2)) → (Πb1,b2.P ? (maIX1p_and_IMM1 b1 b2)) → (Πb1,b2.P ? (maSP1_and_IMM1 b1 b2)) → + (Πn,b.P ? ((maDIRn n) b)) → (Πn,b1,b2.P ? ((maDIRn_and_IMM1 n) b1 b2)) → (Πe.P ? (maTNY e)) → (Πt.P ? (maSRT t)) → + Πma:MA_check i.P i ma ≝ +λi:instr_mode.λP:Πj.MA_check j → Type. +λp:P ? maINH.λp1:P ? maINHA.λp2:P ? maINHX.λp3:P ? maINHH.λp4:P ? maINHX0ADD. +λf:Πb.P ? (maINHX1ADD b).λf1:Πw.P ? (maINHX2ADD w).λf2:Πb.P ? (maIMM1 b).λf3:Πb.P ? (maIMM1EXT b). +λf4:Πw.P ? (maIMM2 w).λf5:Πb.P ? (maDIR1 b).λf6:Πw.P ? (maDIR2 w).λp5:P ? maIX0. +λf7:Πb.P ? (maIX1 b).λf8:Πw.P ? (maIX2 w).λf9:Πb.P ? (maSP1 b).λf10:Πw.P ? (maSP2 w). +λf11:Πb1,b2.P ? (maDIR1_to_DIR1 b1 b2).λf12:Πb1,b2.P ? (maIMM1_to_DIR1 b1 b2). +λf13:Πb.P ? (maIX0p_to_DIR1 b).λf14:Πb.P ? (maDIR1_to_IX0p b).λf15:Πb.P ? (maINHA_and_IMM1 b). +λf16:Πb.P ? (maINHX_and_IMM1 b).λf17:Πb1,b2.P ? (maIMM1_and_IMM1 b1 b2). +λf18:Πb1,b2.P ? (maDIR1_and_IMM1 b1 b2).λf19:Πb.P ? (maIX0_and_IMM1 b). +λf20:Πb.P ? (maIX0p_and_IMM1 b).λf21:Πb1,b2.P ? (maIX1_and_IMM1 b1 b2). +λf22:Πb1,b2.P ? (maIX1p_and_IMM1 b1 b2).λf23:Πb1,b2.P ? (maSP1_and_IMM1 b1 b2). +λf24:Πn,b.P ? ((maDIRn n) b).λf25:Πn,b1,b2.P ? ((maDIRn_and_IMM1 n) b1 b2). +λf26:Πe.P ? (maTNY e).λf27:Πt.P ? (maSRT t).λma:MA_check i. + match ma with + [ maINH ⇒ p | maINHA ⇒ p1 | maINHX ⇒ p2 | maINHH ⇒ p3 | maINHX0ADD ⇒ p4 + | maINHX1ADD b ⇒ f b | maINHX2ADD w ⇒ f1 w | maIMM1 b ⇒ f2 b | maIMM1EXT b ⇒ f3 b + | maIMM2 w ⇒ f4 w | maDIR1 b ⇒ f5 b | maDIR2 w ⇒ f6 w | maIX0 ⇒ p5 | maIX1 b ⇒ f7 b + | maIX2 w ⇒ f8 w | maSP1 b ⇒ f9 b | maSP2 w ⇒ f10 w | maDIR1_to_DIR1 b1 b2 ⇒ f11 b1 b2 + | maIMM1_to_DIR1 b1 b2 ⇒ f12 b1 b2 | maIX0p_to_DIR1 b ⇒ f13 b | maDIR1_to_IX0p b ⇒ f14 b + | maINHA_and_IMM1 b ⇒ f15 b | maINHX_and_IMM1 b ⇒ f16 b | maIMM1_and_IMM1 b1 b2 ⇒ f17 b1 b2 + | maDIR1_and_IMM1 b1 b2 ⇒ f18 b1 b2 | maIX0_and_IMM1 b ⇒ f19 b | maIX0p_and_IMM1 b ⇒ f20 b + | maIX1_and_IMM1 b1 b2 ⇒ f21 b1 b2 | maIX1p_and_IMM1 b1 b2 ⇒ f22 b1 b2 | maSP1_and_IMM1 b1 b2 ⇒ f23 b1 b2 + | maDIRn n b ⇒ f24 n b | maDIRn_and_IMM1 n b1 b2 ⇒ f25 n b1 b2 | maTNY e ⇒ f26 e | maSRT t ⇒ f27 t ]. + +(* picker: trasforma l'argomento necessario in input a bytes_of_pseudo_instr_mode_param: + MA_check i → list (t_byte8 m) *) +ndefinition args_picker ≝ +λm:mcu_type.λi:instr_mode.λargs:MA_check i. + match args with + (* inherent: legale se nessun operando *) + [ maINH ⇒ nil ? + | maINHA ⇒ nil ? + | maINHX ⇒ nil ? + | maINHH ⇒ nil ? + (* inherent address: legale se nessun operando/1 byte/1 word *) + | maINHX0ADD ⇒ nil ? + | maINHX1ADD b ⇒ [ TByte m b ] + | maINHX2ADD w ⇒ [ TByte m (w16h w); TByte m (w16l w) ] + (* _0/1/2: legale se nessun operando/1 byte/1 word *) + | maIMM1 b ⇒ [ TByte m b ] + | maIMM1EXT b ⇒ [ TByte m b ] + | maIMM2 w ⇒ [ TByte m (w16h w); TByte m (w16l w) ] + | maDIR1 b ⇒ [ TByte m b ] + | maDIR2 w ⇒ [ TByte m (w16h w); TByte m (w16l w) ] + | maIX0 ⇒ nil ? + | maIX1 b ⇒ [ TByte m b ] + | maIX2 w ⇒ [ TByte m (w16h w); TByte m (w16l w) ] + | maSP1 b ⇒ [ TByte m b ] + | maSP2 w ⇒ [ TByte m (w16h w); TByte m (w16l w) ] + (* movimento: legale se 2 operandi byte *) + | maDIR1_to_DIR1 b1 b2 ⇒ [ TByte m b1 ; TByte m b2 ] + | maIMM1_to_DIR1 b1 b2 ⇒ [ TByte m b1 ; TByte m b2 ] + | maIX0p_to_DIR1 b ⇒ [ TByte m b] + | maDIR1_to_IX0p b ⇒ [ TByte m b] + (* cbeq/dbnz: legale se 1/2 operandi byte *) + | maINHA_and_IMM1 b ⇒ [ TByte m b] + | maINHX_and_IMM1 b ⇒ [ TByte m b] + | maIMM1_and_IMM1 b1 b2 ⇒ [ TByte m b1 ; TByte m b2 ] + | maDIR1_and_IMM1 b1 b2 ⇒ [ TByte m b1 ; TByte m b2 ] + | maIX0_and_IMM1 b ⇒ [ TByte m b] + | maIX0p_and_IMM1 b ⇒ [ TByte m b] + | maIX1_and_IMM1 b1 b2 ⇒ [ TByte m b1 ; TByte m b2 ] + | maIX1p_and_IMM1 b1 b2 ⇒ [ TByte m b1 ; TByte m b2 ] + | maSP1_and_IMM1 b1 b2 ⇒ [ TByte m b1 ; TByte m b2 ] + (* DIRn: legale se 1 operando byte *) + | maDIRn _ b ⇒ [ TByte m b] + (* DIRn_and_IMM1: legale se 2 operandi byte *) + | maDIRn_and_IMM1 _ b1 b2 ⇒ [ TByte m b1 ; TByte m b2 ] + (* TNY: legale se nessun operando *) + | maTNY _ ⇒ nil ? + (* SRT: legale se nessun operando *) + | maSRT _ ⇒ nil ? + ]. + +(* trasformatore finale: mcu+opcode+instr_mode+args → list (t_byte8 m) *) +nlet rec bytes_of_pseudo_instr_mode_param_aux (m:mcu_type) (o:any_opcode m) (i:instr_mode) (p:MA_check i) + (param:list (Prod4T (any_opcode m) instr_mode byte8_or_word16 byte8)) on param ≝ + match param with + [ nil ⇒ None ? | cons hd tl ⇒ + match (eq_anyop m o (fst4T ???? hd)) ⊗ (eq_instrmode i (snd4T ???? hd)) with + [ true ⇒ match thd4T ???? hd with + [ Byte isab ⇒ + Some ? ([ (TByte m isab) ]@(args_picker m i p)) + | Word isaw ⇒ + Some ? ([ (TByte m (w16h isaw)) ; (TByte m (w16l isaw)) ]@(args_picker m i p)) + ] + | false ⇒ bytes_of_pseudo_instr_mode_param_aux m o i p tl ]]. + +ndefinition bytes_of_pseudo_instr_mode_param ≝ +λm:mcu_type.λo:any_opcode m.λi:instr_mode.λp:MA_check i. +bytes_of_pseudo_instr_mode_param_aux m o i p (opcode_table m). + +(* ****************************** *) +(* APPROCCIO COMPILAZIONE AL VOLO *) +(* ****************************** *) + +(* ausiliario di compile *) +ndefinition defined_option ≝ + λT:Type.λo:option T. + match o with + [ None ⇒ False + | Some _ ⇒ True + ]. + +(* compila solo se l'intera istruzione+modalita'+argomenti ha riscontro nelle tabelle *) +ndefinition compile ≝ +λmcu:mcu_type.λi:instr_mode.λop:opcode.λarg:MA_check i. + match bytes_of_pseudo_instr_mode_param mcu (anyOP mcu op) i arg + return λres:option (list (t_byte8 mcu)).defined_option (list (t_byte8 mcu)) res → (list (t_byte8 mcu)) + with + [ None ⇒ λp:defined_option (list (t_byte8 mcu)) (None ?).False_rect ? p + | Some x ⇒ λp:defined_option (list (t_byte8 mcu)) (Some ? x).x + ]. + +(* detipatore del compilato: (t_byte8 m) → byte8 *) +nlet rec source_to_byte8_HC05_aux (p1:list (t_byte8 HC05)) (p2:list byte8) ≝ + match p1 with + [ nil ⇒ p2 + | cons hd tl ⇒ match hd with [ TByte b ⇒ source_to_byte8_HC05_aux tl (p2@[b]) ] + ]. + +nlet rec source_to_byte8_HC08_aux (p1:list (t_byte8 HC08)) (p2:list byte8) ≝ + match p1 with + [ nil ⇒ p2 + | cons hd tl ⇒ match hd with [ TByte b ⇒ source_to_byte8_HC08_aux tl (p2@[b]) ] + ]. + +nlet rec source_to_byte8_HCS08_aux (p1:list (t_byte8 HCS08)) (p2:list byte8) ≝ + match p1 with + [ nil ⇒ p2 + | cons hd tl ⇒ match hd with [ TByte b ⇒ source_to_byte8_HCS08_aux tl (p2@[b]) ] + ]. + +nlet rec source_to_byte8_RS08_aux (p1:list (t_byte8 RS08)) (p2:list byte8) ≝ + match p1 with + [ nil ⇒ p2 + | cons hd tl ⇒ match hd with [ TByte b ⇒ source_to_byte8_RS08_aux tl (p2@[b]) ] + ]. + +ndefinition source_to_byte8 ≝ +λm:mcu_type. + match m + return λm:mcu_type.list (t_byte8 m) → list byte8 + with + [ HC05 ⇒ λl:list (t_byte8 HC05).source_to_byte8_HC05_aux l [] + | HC08 ⇒ λl:list (t_byte8 HC08).source_to_byte8_HC08_aux l [] + | HCS08 ⇒ λl:list (t_byte8 HCS08).source_to_byte8_HCS08_aux l [] + | RS08 ⇒ λl:list (t_byte8 RS08).source_to_byte8_RS08_aux l [] + ].