Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Monads: refactor reader_option and nondet connection #722

Merged
merged 3 commits into from
Mar 1, 2024
Merged

Monads: refactor reader_option and nondet connection #722

merged 3 commits into from
Mar 1, 2024

Conversation

corlewis
Copy link
Member

@corlewis corlewis commented Feb 24, 2024
edited
Loading

My overall aim with these changes is to make it possible to use the reader_option monad with the trace monad, in the same way that it can currently be used with the nondet monad.

Without these changes, the reader_option files Reader_Option_ND.thy and Reader_Option_VCG.thy depend on nondet files, and prove various lemmas connecting reader_option concepts with nondet concepts. As an example,

lemma ovalid_gets_the:
  "ovalid P f Q ⟹ ⦃P⦄ gets_the f ⦃Q⦄"

shows that the nondet concept of validity of gets_the f can be derived from the reader_option concept of validity. Most of these lemmas were in Reader_Option_ND.thy, which was described by a comment as

(* Reader option monad syntax plus the connection between the reader option monad and the nondet monad *)

What I've done in the first commit is to basically reverse the dependency: the reader_option directory now only contains definitions and lemmas for the reader_option monad and there's a file in nondet that has the lemmas connecting the two monads. The third commit then adds a file in trace that is basically the same thing but for the trace monad.

I am very open to suggestions if anyone has an idea for a nicer way to structure this or to reduce the copied content. I had a brief attempt at a locale but couldn't find a way to get it to work that didn't involve even more copying.

@corlewis corlewis self-assigned this Feb 24, 2024
@corlewis corlewis force-pushed the nondet_reader_option branch 3 times, most recently from 08b1b74 to 0ca0a8e Compare February 26, 2024 12:03
@Xaphiosis
Copy link
Member

Could you explain what you're trying to do? I'm seeing some theory files renamed and some proofs moved, and the commits refer to "reader_option and nondet connection" without any further description. I'm guessing you're doing something you then need for integration with the trace monad, but I'm really lost as to the intent. What do you mean by connection?

@corlewis
Copy link
Member Author

Could you explain what you're trying to do? I'm seeing some theory files renamed and some proofs moved, and the commits refer to "reader_option and nondet connection" without any further description. I'm guessing you're doing something you then need for integration with the trace monad, but I'm really lost as to the intent. What do you mean by connection?

My overall aim with these changes is to make it possible to use the reader_option monad with the trace monad, in the same way that it can currently be used with the nondet monad.

Without these changes, the reader_option files Reader_Option_ND.thy and Reader_Option_VCG.thy depend on nondet files, and prove various lemmas connecting reader_option concepts with nondet concepts. As an example,

lemma ovalid_gets_the:
  "ovalid P f Q ⟹ ⦃P⦄ gets_the f ⦃Q⦄"

shows that the nondet concept of validity of gets_the f can be derived from the reader_option concept of validity. Most of these lemmas were in Reader_Option_ND.thy, which was described by a comment as

(* Reader option monad syntax plus the connection between the reader option monad and the nondet monad *)

What I've done in the first commit is to basically reverse the dependency: the reader_option directory now only contains definitions and lemmas for the reader_option monad and there's a file in nondet that has the lemmas connecting the two monads. The third commit then adds a file in trace that is basically the same thing but for the trace monad.

@Xaphiosis
Copy link
Member

That's a very good explanation! Any chance some of it could make it to the commits? I had no idea until you explained it

@corlewis corlewis force-pushed the nondet_reader_option branch 2 times, most recently from bf54526 to 6f477aa Compare February 28, 2024 06:20
@corlewis
Copy link
Member Author

corlewis commented Feb 28, 2024
edited
Loading

That's a very good explanation! Any chance some of it could make it to the commits? I had no idea until you explained it

Done, do those commit descriptions make sense to you?

I also rebased and updated copyrights, which I had forgotten to do.

lsf37
lsf37 approved these changes Feb 28, 2024
View reviewed changes
Copy link
Member

@lsf37 lsf37 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 This works for me with the updated commit messages. You might still foreshadow in the first msg why you're doing that refactor (so that you can produce the same setup later for the trace monad).

michaelmcinerney
michaelmcinerney approved these changes Feb 28, 2024
View reviewed changes
Copy link
Contributor

@michaelmcinerney michaelmcinerney left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wish I knew more about the trace monad stuff to comment on that, but this looks like a very good thing to do!

@Xaphiosis
Copy link
Member

That's a very good explanation! Any chance some of it could make it to the commits? I had no idea until you explained it

Done, do those commit descriptions make sense to you?

I also rebased and updated copyrights, which I had forgotten to do.

Thanks! What Gerwin said. Also, two commits have "reader_option" but one has "reader option".

@corlewis
Copy link
Member Author

Commit messages updated, rebased over #725, and I realised that I had left a lemma collection in the nondet and trace files that was just about reader_option concepts and moved it.

@corlewis
lib/monads: refactor reader_option and nondet connection
6166731 
This reverses the dependency between reader_option and nondet. The
reader_option directory now only contains definitions and lemmas for the
reader_option monad and there's a file in nondet that has the lemmas
connecting the two monads.

In addition to resulting in a more structured divide between the
reader_option and nondet monad, it also makes it possible to setup
reader_option for use with other monads, such as the trace monad.

Signed-off-by: Corey Lewis <[email protected]>
@corlewis
lib+spec+proof+tools: update for reader_option refactor
ba42deb 
Signed-off-by: Corey Lewis <[email protected]>
@corlewis
lib/monads/trace: add connection to reader_option
a8e8f5e 
This duplicates nondet/Nondet_Reader_Option.thy but for the trace monad
instead. It proves various lemmas connecting reader_option concepts with
trace concepts.

Signed-off-by: Corey Lewis <[email protected]>
@corlewis corlewis merged commit 11492f2 into seL4:master Mar 1, 2024
12 of 13 checks passed
@corlewis corlewis deleted the nondet_reader_option branch March 1, 2024 01:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lsf37 lsf37 lsf37 approved these changes

@Xaphiosis Xaphiosis Xaphiosis approved these changes

@michaelmcinerney michaelmcinerney michaelmcinerney approved these changes

Assignees

@corlewis corlewis

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@corlewis @Xaphiosis @lsf37 @michaelmcinerney