GitLab

- Memory and registers are split up into typed atomic cells
- Value type now contains only scalar values
- Instructions are compiled down to WMM "operations", allowing stores
  and loads of composite values to be split up into atomic parts
- Scheduler now executes one operation at a time, rather than one block
  at a time
- New scheduler steps for WMM
- Commands (formerly Thread Actions) such as allocation now executed at
  the global scheduler level. Action IDs no longer needed.
- Threads and stacks changed completely; registers now stored in stack
  frames
- Monads pretty-print properly again!
- Patricia trees replaced with sptrees

Lots of code is still commented out, and tests still don't work, but
the main formalization code compiles.

- Free was changed from a store message to a thread_action message
- Stack frames are now freed properly when returning from a function
- Heap/stack addresses are tracked separately again
- New stores are added to invalidation buffers, per the spec
- Thread actions are executed now
- Tests still don't work yet

It's finally done! The first memory consistency proof in the formalization:
a sequentially consistent schedule (one that always commits memory messages
from the front of a thread's outbox queue) will always produce locally
sequentially consistent semantics.

Changes made in the process of this proof include:

- Removed thread IDs and stack IDs from the thread and stack records;
  keeping up with invariants for them was pointless bookkeeping

- Defined custom tactics multi_case_tac and rw_assums, which greatly
  reduced the size and complexity of some proofs

- Added several new invariants to state_ok, including memory consistency
  invariants (committed messages are all distinct, no message can be in
  both the commit list and a thread's outbox, etc.)

Removed a special case in the parser for FuncRefV constants, which
required every SSA variable to have a known type. This required
BundleParser to be rearranged to parse everything else before function
bodies, making functions available to functions defined above them
(something the spec requires, so that's progress!)

Also added support for COMMINST in the parser.

uvmThreadSemantics was becoming a huge file that took several minutes
to compile, so it's been split into uvmThreadsStacks and
uvmInstructionSemantics.

In uvmThreadsStacks, new 'thread_ok' and 'stack_ok' predicates define
basic consistency requirements for thread and stack data structures.
All functions in this file have also been proven to produce valid
thread/stack structures when given valid input. This is a prerequisite
for proving execution state homomorphisms.

'thread_state' has been renamed to 'thread', and 'state_follows' has
been renamed to 'thread_follows'.

The current version of the Mu specification does not use $-variables to
pass return values from terminsts to the normal destination of an EXC
clause, instead allowing terminsts to have normal SSA return values
that may be referenced in the EXC clause. This commit updates the
formalism to match.

Several other refactorings are included, such as making exec_terminst
only return modified stacks, using a simpler representation of common
instructions, and defining prefix/infix operators for SSA variables and
registers in HOL.

The NEWTHREAD instruction isn't parsed yet, but its associated memory message is
now supported, and the scheduler has been modified to support multiple threads.

thread_states are now generated on-demand when they are first executed, provided
there is an associated DoNewThread memory action and its stack ID can be
resolved. This required the 'tid' field of 'Message' to be changed to a
'thread_id option', as there must be an initial DoNewThread action that is not
generated by any thread ID.

The THROW instruction and EXC resume_values have also been updated to have only
one argument, to match the spec.

Translation method now uses an intermediary type datastructure.
It is similar to the previous method which was done in two stages.

To do:
  - Clean up code base
  - Add abstractions
  - Fix the testing script

The translation method has been changed into two phases. The first is to
determine the final type of what the translated term would be. The
second, is with this type information, to create the final translated
term.

To do:
  -- Implement abstractions for translation

The datatype translation seems to be working now for standard sets.
Currently abstractions need to be implementation and also a mechanism to
generally translate theorems and other objects in hol.

Currently the expected translation function works for constants. This
needs to be extended for other term types.

The robustness of the type inference can also be improved on.
Currently the new type is generated by appending new elements to a list
which has an implicit ordering.

Basic testcases work with valid typing.

To do:
  -- Add type-checking to provide an error when set functions cannot be
translated
  -- Add other cases