source: src/ASM/CostsProof.ma @ 1567

Last change on this file since 1567 was 1567, checked in by mulligan, 8 years ago

more work on big proof, 2.5 cases left

File size: 30.6 KB
Line 
1include "ASM/ASMCosts.ma".
2include "ASM/WellLabeled.ma".
3include "ASM/Status.ma".
4include "common/StructuredTraces.ma".
5
6(*
7definition next_instruction_is_labelled ≝
8  λcost_labels: BitVectorTrie Byte 16.
9  λs: Status.
10  let pc ≝ program_counter … (execute_1 s) in
11    match lookup_opt … pc cost_labels with
12    [ None ⇒ False
13    | _    ⇒ True
14    ].
15
16definition current_instruction_cost ≝
17  λs: Status. \snd (fetch (code_memory … s) (program_counter … s)).
18
19definition is_call_p ≝
20  λs.
21  match s with
22  [ ACALL _ ⇒ True
23  | LCALL _ ⇒ True
24  | JMP ⇒ True (* XXX: is function pointer call *)
25  | _ ⇒ False
26  ].
27
28definition next_instruction ≝
29  λs: Status.
30  let 〈instruction, ignore, ignore〉 ≝ fetch (code_memory … s) (program_counter … s) in
31    instruction.
32
33inductive trace_ends_with_ret: Type[0] ≝
34  | ends_with_ret: trace_ends_with_ret
35  | doesnt_end_with_ret: trace_ends_with_ret.
36
37definition next_instruction_is_labelled ≝
38  λcost_labels: BitVectorTrie Byte 16.
39  λs: Status.
40  let pc ≝ program_counter … (execute 1 s) in
41    match lookup_opt … pc cost_labels with
42    [ None ⇒ False
43    | _    ⇒ True
44    ].
45
46definition next_instruction_properly_relates_program_counters ≝
47  λbefore: Status.
48  λafter : Status.
49  let size ≝ current_instruction_cost before in
50  let pc_before ≝ program_counter … before in
51  let pc_after ≝ program_counter … after in
52  let sum ≝ \snd (half_add … pc_before (bitvector_of_nat … size)) in
53    sum = pc_after.
54
55definition current_instruction ≝
56  λs: Status.
57  let pc ≝ program_counter … s in
58  \fst (\fst (fetch … (code_memory … s) pc)).
59
60definition current_instruction_is_labelled ≝
61  λcost_labels: BitVectorTrie Byte 16.
62  λs: Status.
63  let pc ≝ program_counter … s in
64    match lookup_opt … pc cost_labels with
65    [ None ⇒ False
66    | _    ⇒ True
67    ].
68
69inductive trace_label_return (cost_labels: BitVectorTrie Byte 16): Status → Status → Type[0] ≝
70  | tlr_base:
71      ∀status_before: Status.
72      ∀status_after: Status.
73        trace_label_label cost_labels ends_with_ret status_before status_after →
74        trace_label_return cost_labels status_before status_after
75  | tlr_step:
76      ∀status_initial: Status.
77      ∀status_labelled: Status.
78      ∀status_final: Status.
79          trace_label_label cost_labels doesnt_end_with_ret status_initial status_labelled →
80            trace_label_return cost_labels status_labelled status_final →
81              trace_label_return cost_labels status_initial status_final
82with trace_label_label: trace_ends_with_ret → Status → Status → Type[0] ≝
83  | tll_base:
84      ∀ends_flag: trace_ends_with_ret.
85      ∀start_status: Status.
86      ∀end_status: Status.
87        trace_label_label_pre cost_labels ends_flag start_status end_status →
88        current_instruction_is_labelled cost_labels start_status →
89        trace_label_label cost_labels ends_flag start_status end_status
90with trace_label_label_pre: trace_ends_with_ret → Status → Status → Type[0] ≝
91  | tllp_base_not_return:
92      ∀start_status: Status.
93        let final_status ≝ execute 1 start_status in
94        current_instruction start_status ≠ (RealInstruction … (RET [[relative]])) →
95        ¬ (is_jump_p (current_instruction start_status)) →
96        current_instruction_is_labelled cost_labels final_status →
97          trace_label_label_pre cost_labels doesnt_end_with_ret start_status final_status
98  | tllp_base_return:
99      ∀start_status: Status.
100        let final_status ≝ execute 1 start_status in
101          current_instruction start_status = (RealInstruction … (RET [[relative]])) →
102            trace_label_label_pre cost_labels ends_with_ret start_status final_status
103  | tllp_base_jump:
104      ∀start_status: Status.
105        let final_status ≝ execute 1 start_status in
106          is_jump_p (current_instruction start_status) →
107            current_instruction_is_labelled cost_labels final_status →
108              trace_label_label_pre cost_labels doesnt_end_with_ret start_status final_status
109  | tllp_step_call:
110      ∀end_flag: trace_ends_with_ret.
111      ∀status_pre_fun_call: Status.
112      ∀status_after_fun_call: Status.
113      ∀status_final: Status.
114        let status_start_fun_call ≝ execute 1 status_pre_fun_call in
115          is_call_p (current_instruction status_pre_fun_call) →
116          next_instruction_properly_relates_program_counters status_pre_fun_call status_after_fun_call →
117          trace_label_return cost_labels status_start_fun_call status_after_fun_call →
118          trace_label_label_pre cost_labels end_flag status_after_fun_call status_final →
119            trace_label_label_pre cost_labels end_flag status_pre_fun_call status_final
120  | tllp_step_default:
121      ∀end_flag: trace_ends_with_ret.
122      ∀status_pre: Status.
123      ∀status_end: Status.
124        let status_init ≝ execute 1 status_pre in
125          trace_label_label_pre cost_labels end_flag status_init status_end →
126          ¬ (is_call_p (current_instruction status_pre)) →
127          ¬ (is_jump_p (current_instruction status_pre)) →
128          (current_instruction status_pre) ≠ (RealInstruction … (RET [[relative]])) →
129          ¬ (current_instruction_is_labelled cost_labels status_init) →
130            trace_label_label_pre cost_labels end_flag status_pre status_end.
131*)
132
133(* XXX: not us
134definition compute_simple_path0 (s:Status) (is_labelled s) (well_balanced s) (labelled_p p): trace_lab_ret ≝ ….
135
136lemma simple_path_ok:
137 ∀st: Status.∀H.
138 let p ≝ compute_simple_path0 st H in
139   ∀n.
140    nth_path n p = execute n st ∧
141     (execute' (path_length p) st = 〈st',τ〉 →
142      τ = cost_trace p)
143  ].
144*)
145
146let rec compute_max_trace_label_label_cost
147  (cost_labels: BitVectorTrie costlabel 16)
148   (trace_ends_flag: trace_ends_with_ret)
149    (start_status: Status) (final_status: Status)
150      (the_trace: trace_label_label (ASM_abstract_status cost_labels) trace_ends_flag
151        start_status final_status) on the_trace: nat ≝
152  match the_trace with
153  [ tll_base ends_flag initial final given_trace labelled_proof ⇒
154      compute_max_trace_any_label_cost … given_trace
155  ]
156and compute_max_trace_any_label_cost
157  (cost_labels: BitVectorTrie costlabel 16)
158  (trace_ends_flag: trace_ends_with_ret)
159   (start_status: Status) (final_status: Status)
160     (the_trace: trace_any_label (ASM_abstract_status cost_labels) trace_ends_flag start_status final_status)
161       on the_trace: nat ≝
162  match the_trace with
163  [ tal_base_not_return the_status _ _ _ _ ⇒ current_instruction_cost the_status
164  | tal_base_return the_status _ _ _ ⇒ current_instruction_cost the_status
165  | tal_step_call end_flag pre_fun_call start_fun_call after_fun_call final
166     _ _ _ call_trace final_trace ⇒
167      let current_instruction_cost ≝ current_instruction_cost pre_fun_call in
168      let call_trace_cost ≝ compute_max_trace_label_return_cost … call_trace in
169      let final_trace_cost ≝ compute_max_trace_any_label_cost cost_labels end_flag … final_trace in
170        call_trace_cost + current_instruction_cost + final_trace_cost
171  | tal_step_default end_flag status_pre status_init status_end _ tail_trace _ _ ⇒
172      let current_instruction_cost ≝ current_instruction_cost status_pre in
173      let tail_trace_cost ≝
174       compute_max_trace_any_label_cost cost_labels end_flag
175        status_init status_end tail_trace
176      in
177        current_instruction_cost + tail_trace_cost
178  ]
179and compute_max_trace_label_return_cost
180  (cost_labels: BitVectorTrie costlabel 16)
181  (start_status: Status) (final_status: Status)
182    (the_trace: trace_label_return (ASM_abstract_status cost_labels) start_status final_status)
183      on the_trace: nat ≝
184  match the_trace with
185  [ tlr_base before after trace_to_lift ⇒ compute_max_trace_label_label_cost … trace_to_lift
186  | tlr_step initial labelled final labelled_trace ret_trace ⇒
187      let labelled_cost ≝ compute_max_trace_label_label_cost … labelled_trace in
188      let return_cost ≝ compute_max_trace_label_return_cost … ret_trace in
189        labelled_cost + return_cost
190  ].
191
192(*Useless now?
193(* To be moved *)
194lemma pred_minus_1:
195  ∀m, n: nat.
196  ∀proof: n < m.
197    pred (m - n) = m - n - 1.
198  #m #n
199  cases m
200  [ #proof
201    cases(lt_to_not_zero … proof)
202  | #m' #proof
203    normalize in ⊢ (???%);
204    cases n
205    [ normalize //
206    | #n' normalize
207      cases(m' - n')
208      [ %
209      | #Sm_n'
210        normalize //
211      ]
212    ]
213  ]
214qed.
215
216lemma succ_m_plus_one:
217  ∀m: nat.
218    S m = m + 1.
219 //
220qed.*)
221
222include alias "arithmetics/nat.ma".
223
224(*
225lemma minus_m_n_minus_minus_plus_1:
226  ∀m, n: nat.
227  ∀proof: n < m.
228    m - n = (m - n - 1) + 1.
229 /3 by lt_plus_to_minus_r, plus_minus/
230qed.
231*)
232
233lemma plus_minus_rearrangement_1:
234  ∀m, n, o: nat.
235  ∀proof_n_m: n ≤ m.
236  ∀proof_m_o: m ≤ o.
237    (m - n) + (o - m) = o - n.
238  #m #n #o #H1 #H2
239  lapply (minus_to_plus … H1 (refl …)) #K1 >K1
240  lapply (minus_to_plus … H2 (refl …)) #K2 >K2
241  /2 by plus_minus/
242qed.
243
244lemma plus_minus_rearrangement_2:
245  ∀m, n, o: nat. n ≤ m → o ≤ n →
246    (m - n) + (n - o) = m - o.
247 /2 by plus_minus_rearrangement_1/
248qed.
249
250axiom current_instruction_cost_non_zero:
251  ∀s: Status.
252    current_instruction_cost s > 0.
253   
254axiom minus_m_n_gt_o_0_le_n_m:
255  ∀m, n, o.
256  m - n = o → o > 0 → n ≤ m.
257
258let rec compute_max_trace_label_label_cost_is_ok
259  (cost_labels: BitVectorTrie costlabel 16)
260   (trace_ends_flag: trace_ends_with_ret)
261    (start_status: Status) (final_status: Status)
262      (the_trace: trace_label_label (ASM_abstract_status cost_labels) trace_ends_flag
263        start_status final_status) on the_trace:
264          And (compute_max_trace_label_label_cost cost_labels trace_ends_flag start_status final_status the_trace =
265            (clock … final_status) - (clock … start_status)) (clock … start_status ≤ clock … final_status) ≝ ?
266and compute_max_trace_any_label_cost_is_ok
267  (cost_labels: BitVectorTrie costlabel 16)
268  (trace_ends_flag: trace_ends_with_ret)
269   (start_status: Status) (final_status: Status)
270     (the_trace: trace_any_label (ASM_abstract_status cost_labels) trace_ends_flag start_status final_status)
271       on the_trace:
272         (compute_max_trace_any_label_cost cost_labels trace_ends_flag start_status final_status the_trace =
273           (clock … final_status) - (clock … start_status)) ∧ (clock … start_status ≤ clock … final_status) ≝ ?
274and compute_max_trace_label_return_cost_is_ok
275  (cost_labels: BitVectorTrie costlabel 16)
276  (start_status: Status) (final_status: Status)
277    (the_trace: trace_label_return (ASM_abstract_status cost_labels) start_status final_status)
278      on the_trace:
279        (compute_max_trace_label_return_cost cost_labels start_status final_status the_trace =
280          (clock … final_status) - (clock … start_status)) ∧ (clock … start_status ≤ clock … final_status) ≝ ?.
281  [1:
282    cases the_trace
283    #ends_flag #start_status #end_status #any_label_trace #is_costed
284    normalize @compute_max_trace_any_label_cost_is_ok
285  |2:
286    cases the_trace
287    [1:
288      #start_status #final_status #is_next #is_not_return #is_costed
289      change with (current_instruction_cost start_status) in ⊢ (?(??%?)?);
290      cases(is_next)
291      @conj
292      [1:
293        cases(execute_1 start_status)
294        #the_status #assm
295        whd in match eject; normalize nodelta
296        >assm %
297      |2:
298        cases(execute_1 start_status)
299        #the_status #assm
300        whd in match eject; normalize nodelta
301        @(minus_m_n_gt_o_0_le_n_m ? ? (current_instruction_cost start_status))
302        [1: assumption
303        |2: @current_instruction_cost_non_zero
304        ]
305      ]
306    |2:
307      #start_status #final_status #is_next #is_return
308      change with (current_instruction_cost start_status) in ⊢ (?(??%?)?);
309      cases(is_next)
310      @conj
311      [1:
312        cases(execute_1 start_status)
313        #the_status #assm
314        whd in match eject; normalize nodelta
315        >assm %
316      |2:
317        cases(execute_1 start_status)
318        #the_status #assm
319        whd in match eject; normalize nodelta
320        @(minus_m_n_gt_o_0_le_n_m ? ? (current_instruction_cost start_status))
321        [1: assumption
322        |2: @current_instruction_cost_non_zero
323        ]
324      ]
325    |3:
326      #end_flag #status_pre_fun_call #status_start_fun_call #status_after_fun_call
327      #status_final #is_next #is_call #is_after_return #call_trace #final_trace
328      change with (
329      let current_instruction_cost ≝ current_instruction_cost status_pre_fun_call in
330      let call_trace_cost ≝ compute_max_trace_label_return_cost … call_trace in
331      let final_trace_cost ≝ compute_max_trace_any_label_cost cost_labels end_flag … final_trace in
332        call_trace_cost + current_instruction_cost + final_trace_cost) in ⊢ (?(??%?)?);
333      normalize nodelta;
334      @conj
335      [1:
336        cases(compute_max_trace_label_return_cost_is_ok cost_labels status_start_fun_call
337          status_after_fun_call call_trace)
338        #trace_label_return_eq #trace_label_return_le
339        cases(compute_max_trace_any_label_cost_is_ok cost_labels end_flag status_after_fun_call
340          status_final final_trace)
341        #trace_any_label_eq #trace_any_label_le
342        >trace_label_return_eq >trace_any_label_eq
343        cases daemon (* XXX: complete me *)
344      |2:
345        cases daemon (* XXX: complete me *)
346      ]
347    |4:
348      #end_flag #status_pre #status_init #status_end #is_next
349      #trace_any_label #is_other #is_not_costed
350      cases daemon (* XXX: complete me *)
351    ]
352  |3:
353    cases the_trace
354    [1:
355      #status_before #status_after #trace_to_lift
356      normalize @compute_max_trace_label_label_cost_is_ok
357    |2:
358      #status_initial #status_labelled #status_final #labelled_trace #ret_trace
359      normalize
360      cases(compute_max_trace_label_label_cost_is_ok cost_labels doesnt_end_with_ret status_initial status_labelled labelled_trace);
361      #label_label_trace_equality #label_label_trace_leq
362      cases(compute_max_trace_label_return_cost_is_ok cost_labels status_labelled status_final ret_trace);
363      #label_return_trace_equality #label_return_trace_leq
364      >label_label_trace_equality >label_return_trace_equality
365      @conj
366      [2: @(transitive_le (clock (BitVectorTrie (Vector bool 8) 16) status_initial)
367            (clock (BitVectorTrie Byte 16) status_labelled)
368            (clock (BitVectorTrie (Vector bool 8) 16) status_final))
369      |1: @plus_minus_rearrangement_1
370      ]
371      assumption
372    ]
373  ]
374qed.
375
376(* XXX: work below here: *)
377
378let rec compute_paid_trace_any_label
379  (cost_labels: BitVectorTrie costlabel 16)
380  (trace_ends_flag: trace_ends_with_ret)
381   (start_status: Status) (final_status: Status)
382     (the_trace: trace_any_label (ASM_abstract_status cost_labels) trace_ends_flag start_status final_status)
383       on the_trace: nat ≝
384  match the_trace with
385  [ tal_base_not_return the_status _ _ _ _ ⇒ current_instruction_cost the_status
386  | tal_base_return the_status _ _ _ ⇒ current_instruction_cost the_status
387  | tal_step_call end_flag pre_fun_call start_fun_call after_fun_call final
388     _ _ _ call_trace final_trace ⇒
389      let current_instruction_cost ≝ current_instruction_cost pre_fun_call in
390      let final_trace_cost ≝ compute_paid_trace_any_label cost_labels end_flag … final_trace in
391        current_instruction_cost + final_trace_cost
392  | tal_step_default end_flag status_pre status_init status_end _ tail_trace _ _ ⇒
393      let current_instruction_cost ≝ current_instruction_cost status_pre in
394      let tail_trace_cost ≝
395       compute_paid_trace_any_label cost_labels end_flag
396        status_init status_end tail_trace
397      in
398        current_instruction_cost + tail_trace_cost
399  ].
400
401definition compute_paid_trace_label_label ≝
402 λcost_labels: BitVectorTrie costlabel 16.
403  λtrace_ends_flag: trace_ends_with_ret.
404   λstart_status: Status.
405    λfinal_status: Status.
406     λthe_trace: trace_label_label (ASM_abstract_status cost_labels) trace_ends_flag
407      start_status final_status.
408  match the_trace with
409  [ tll_base ends_flag initial final given_trace labelled_proof ⇒
410      compute_paid_trace_any_label … given_trace
411  ].
412
413let rec compute_trace_label_label_cost_using_paid
414  (cost_labels: BitVectorTrie costlabel 16)
415   (trace_ends_flag: trace_ends_with_ret)
416    (start_status: Status) (final_status: Status)
417      (the_trace: trace_label_label (ASM_abstract_status cost_labels) trace_ends_flag
418        start_status final_status) on the_trace: nat ≝
419  match the_trace with
420  [ tll_base ends_flag initial final given_trace labelled_proof ⇒
421      compute_paid_trace_label_label cost_labels … the_trace +
422      compute_trace_any_label_cost_using_paid … given_trace
423  ]
424and compute_trace_any_label_cost_using_paid
425  (cost_labels: BitVectorTrie costlabel 16)
426  (trace_ends_flag: trace_ends_with_ret)
427   (start_status: Status) (final_status: Status)
428     (the_trace: trace_any_label (ASM_abstract_status cost_labels) trace_ends_flag start_status final_status)
429       on the_trace: nat ≝
430  match the_trace with
431  [ tal_base_not_return the_status _ _ _ _ ⇒ 0
432  | tal_base_return the_status _ _ _ ⇒ 0
433  | tal_step_call end_flag pre_fun_call start_fun_call after_fun_call final
434     _ _ _ call_trace final_trace ⇒
435      let call_trace_cost ≝ compute_trace_label_return_cost_using_paid … call_trace in
436      let final_trace_cost ≝ compute_trace_any_label_cost_using_paid cost_labels end_flag … final_trace in
437        call_trace_cost + final_trace_cost
438  | tal_step_default end_flag status_pre status_init status_end _ tail_trace _ _ ⇒
439     compute_trace_any_label_cost_using_paid cost_labels end_flag
440      status_init status_end tail_trace
441  ]
442and compute_trace_label_return_cost_using_paid
443  (cost_labels: BitVectorTrie costlabel 16)
444  (start_status: Status) (final_status: Status)
445    (the_trace: trace_label_return (ASM_abstract_status cost_labels) start_status final_status)
446      on the_trace: nat ≝
447  match the_trace with
448  [ tlr_base before after trace_to_lift ⇒ compute_trace_label_label_cost_using_paid … trace_to_lift
449  | tlr_step initial labelled final labelled_trace ret_trace ⇒
450      let labelled_cost ≝ compute_trace_label_label_cost_using_paid … labelled_trace in
451      let return_cost ≝ compute_trace_label_return_cost_using_paid … ret_trace in
452        labelled_cost + return_cost
453  ].
454
455let rec compute_trace_label_label_cost_using_paid_ok
456  (cost_labels: BitVectorTrie costlabel 16)
457   (trace_ends_flag: trace_ends_with_ret)
458    (start_status: Status) (final_status: Status)
459      (the_trace: trace_label_label (ASM_abstract_status cost_labels) trace_ends_flag
460        start_status final_status) on the_trace:
461 compute_trace_label_label_cost_using_paid cost_labels … the_trace =
462 compute_max_trace_label_label_cost … the_trace ≝ ?
463and compute_trace_any_label_cost_using_paid_ok
464  (cost_labels: BitVectorTrie costlabel 16)
465  (trace_ends_flag: trace_ends_with_ret)
466   (start_status: Status) (final_status: Status)
467     (the_trace: trace_any_label (ASM_abstract_status cost_labels)
468      trace_ends_flag start_status final_status) on the_trace:     
469  compute_paid_trace_any_label cost_labels trace_ends_flag … the_trace
470  +compute_trace_any_label_cost_using_paid cost_labels trace_ends_flag … the_trace
471  =compute_max_trace_any_label_cost cost_labels trace_ends_flag … the_trace ≝ ?
472and compute_trace_label_return_cost_using_paid_ok
473  (cost_labels: BitVectorTrie costlabel 16)
474  (start_status: Status) (final_status: Status)
475    (the_trace: trace_label_return (ASM_abstract_status cost_labels)
476     start_status final_status) on the_trace:
477 compute_trace_label_return_cost_using_paid cost_labels … the_trace =
478 compute_max_trace_label_return_cost cost_labels … the_trace ≝ ?.
479[ cases the_trace #endsf #ss #es #tr #H normalize
480  @compute_trace_any_label_cost_using_paid_ok
481| cases the_trace
482  [ #ss #fs #H1 #H2 #H3 whd in ⊢ (??(?%%)%); <plus_n_O %
483  | #ss #fs #H1 #H2 whd in ⊢ (??(?%%)%); <plus_n_O %
484  | #ef #spfc #ssfc #safc #sf #H1 #H2 #H3 #tr1 #tr2 whd in ⊢ (??(?%%)%);
485    <compute_trace_any_label_cost_using_paid_ok
486    <compute_trace_label_return_cost_using_paid_ok
487    -compute_trace_label_label_cost_using_paid_ok
488    -compute_trace_label_return_cost_using_paid_ok
489    -compute_trace_any_label_cost_using_paid_ok
490    >commutative_plus in ⊢ (???(?%?));
491    >commutative_plus in ⊢ (??(??%)?);
492    >associative_plus >associative_plus in ⊢ (???%); @eq_f2 try %
493    <associative_plus <commutative_plus %
494  | #ef #sp #si #se #H1 #tr #H2 #H3 whd in ⊢ (??(?%%)%); >associative_plus @eq_f2
495    [ % | @compute_trace_any_label_cost_using_paid_ok ]
496  ]
497| cases the_trace
498  [ #sb #sa #tr normalize @compute_trace_label_label_cost_using_paid_ok
499  | #si #sl #sf #tr1 #tr2 normalize @eq_f2
500    [ @compute_trace_label_label_cost_using_paid_ok
501    | @compute_trace_label_return_cost_using_paid_ok ]]]
502qed.
503
504(*
505let rec compute_paid_trace_label_return
506  (cost_labels: BitVectorTrie costlabel 16)
507  (start_status: Status) (final_status: Status)
508    (the_trace: trace_label_return (ASM_abstract_status cost_labels) start_status final_status)
509      on the_trace: nat ≝
510 match the_trace with
511  [ tlr_base before after trace_to_lift ⇒ compute_paid_trace_label_label … trace_to_lift
512  | tlr_step initial labelled final labelled_trace ret_trace ⇒
513      let labelled_cost ≝ compute_paid_trace_label_label … labelled_trace in
514      let return_cost ≝ compute_paid_trace_label_return … ret_trace in
515        labelled_cost + return_cost
516  ].
517*)
518
519let rec compute_cost_trace_label_label
520  (cost_labels: BitVectorTrie costlabel 16)
521   (trace_ends_flag: trace_ends_with_ret)
522    (start_status: Status) (final_status: Status)
523      (the_trace: trace_label_label (ASM_abstract_status cost_labels) trace_ends_flag
524        start_status final_status) on the_trace:
525         list (Σk:costlabel. ∃pc. lookup_opt … pc cost_labels = Some … k) ≝
526  match the_trace with
527  [ tll_base ends_flag initial final given_trace labelled_proof ⇒
528     let pc ≝ program_counter … initial in
529     let label ≝
530      match lookup_opt … pc cost_labels return λx. match x with [None ⇒ False | Some _ ⇒ True] → costlabel with
531      [ None ⇒ λabs. ⊥
532      | Some l ⇒ λ_. l ] labelled_proof in
533     (dp … label ?)::compute_cost_trace_any_label … given_trace
534  ]
535and compute_cost_trace_any_label
536  (cost_labels: BitVectorTrie costlabel 16)
537  (trace_ends_flag: trace_ends_with_ret)
538   (start_status: Status) (final_status: Status)
539     (the_trace: trace_any_label (ASM_abstract_status cost_labels) trace_ends_flag start_status final_status)
540       on the_trace: list (Σk:costlabel. ∃pc. lookup_opt … pc cost_labels = Some … k) ≝
541  match the_trace with
542  [ tal_base_not_return the_status _ _ _ _ ⇒ []
543  | tal_base_return the_status _ _ _ ⇒ []
544  | tal_step_call end_flag pre_fun_call start_fun_call after_fun_call final
545     _ _ _ call_trace final_trace ⇒
546      let call_cost_trace ≝ compute_cost_trace_label_return … call_trace in
547      let final_cost_trace ≝ compute_cost_trace_any_label cost_labels end_flag … final_trace in
548        call_cost_trace @ final_cost_trace
549  | tal_step_default end_flag status_pre status_init status_end _ tail_trace _ _ ⇒
550       compute_cost_trace_any_label cost_labels end_flag
551        status_init status_end tail_trace
552  ]
553and compute_cost_trace_label_return
554  (cost_labels: BitVectorTrie costlabel 16)
555  (start_status: Status) (final_status: Status)
556    (the_trace: trace_label_return (ASM_abstract_status cost_labels) start_status final_status)
557      on the_trace: list (Σk:costlabel. ∃pc. lookup_opt … pc cost_labels = Some … k) ≝
558  match the_trace with
559  [ tlr_base before after trace_to_lift ⇒ compute_cost_trace_label_label … trace_to_lift
560  | tlr_step initial labelled final labelled_trace ret_trace ⇒
561      let labelled_cost ≝ compute_cost_trace_label_label … labelled_trace in
562      let return_cost ≝ compute_cost_trace_label_return … ret_trace in
563        labelled_cost @ return_cost
564  ].
565 [ %{pc} whd in match label;  generalize in match labelled_proof; whd in ⊢ (% → ?);
566  cases (lookup_opt costlabel … pc cost_labels) normalize
567  [ #abs cases abs | // ]
568 | // ]
569qed.
570
571(* ??????????????????????? *)
572axiom block_cost_static_dynamic_ok:
573 ∀cost_labels: BitVectorTrie costlabel 16.
574 ∀trace_ends_flag.
575 ∀start_status: Status.
576 ∀final_status: Status.
577 ∀the_trace:
578  trace_label_label (ASM_abstract_status cost_labels) trace_ends_flag
579   start_status final_status.
580 let mem ≝ code_memory … start_status in
581 let pc ≝ program_counter … start_status in
582 let program_size ≝ 2^16 in
583  block_cost mem cost_labels pc program_size =
584  compute_paid_trace_label_label cost_labels trace_ends_flag
585   start_status final_status the_trace.
586
587(* To be moved elsewhere*)
588lemma le_S_n_m_to_le_n_m: ∀n,m. S n ≤ m → n ≤ m.
589 #n #m #H change with (pred (S n) ≤ m) @(transitive_le ? (S n)) //
590qed.
591
592(* Here I would like to use arithmetics/bigops.ma, but it requires the
593   function f to be total on nat, which is not the case here *)
594let rec bigplus0 (b:nat) (f: ∀n:nat. n < b → nat) (n:nat) on n ≝
595  match n return λn.n < b → nat with
596   [ O ⇒ λ_. 0
597   | S k ⇒ λH. f k ? + bigplus0 b f k ?
598   ].
599 @(le_S_n_m_to_le_n_m … H)
600qed.
601
602definition bigplus ≝
603 λn,f.
604 match n return λx. x = n → nat with
605 [ O ⇒ λ_. 0
606 | S m ⇒ λH. bigplus0 n f m ? ] (refl … n).
607 <H % (* Automation works, but finds an ugly proof that goes in the contexts
608         of later theorems *)
609qed.
610
611lemma bigplus_0: ∀n. n=0 → ∀f. bigplus n f = 0.
612 #n #E >E //
613qed.
614
615lemma bigplus0_extensional:
616 ∀b,f1,f2,n,K. (∀n,H. f1 n H = f2 n H) → bigplus0 b f1 n K = bigplus0 b f2 n K.
617 #b #f1 #f2 #n elim n //
618 #m #IH #K #ext normalize @eq_f2 [ @ext | @IH @ext ]
619qed.
620
621lemma bigplus_extensional:
622 ∀b,f1,f2. (∀n,H. f1 n H = f2 n H) → bigplus b f1 = bigplus b f2.
623 #b cases b // #n #f1 #f2 @bigplus0_extensional
624qed.
625
626(*CSC: !!!!!!!!!!!!!!!!!!!!!!! *)
627axiom pi_f: ∀b. ∀f: ∀n. n < b → nat. ∀n. ∀p1,p2: n < b. f n p1 = f n p2.
628
629axiom bigplus0_sum:
630 ∀b1,b2. ∀f:(∀n. n < b1+b2 → nat). ∀n,K.
631  bigplus0 (b1+b2) f n K =
632  if ltb n b1 then
633   bigplus0 b1 (λn,H. f n ?) n ?
634  else
635   bigplus b1 (λn,H. f n ?)  + bigplus0 b2 (λn,H. f (b1+n) ?) (n-b1) ?.
636 cases daemon
637qed.
638
639lemma bigplus_sum:
640 ∀b1,b2. ∀f:(∀n. n < b1+b2 → nat).
641  bigplus (b1+b2) f =
642  bigplus b1 (λn,H. f n ?) + bigplus b2 (λn,H. f (b1+n) ?).
643 [2: normalize in H ⊢ %; >plus_n_Sm @le_plus // (*CSC: Automation is lost here*)
644 |3: normalize in H ⊢ %; @(transitive_le ? b1) // (*CSC: here too*)
645 | #b1 #b2 lapply (refl … (b1+b2)) cases (b1+b2) in ⊢ (??%? → ?);
646   [ #E #f cut (b1=0) [//] #E1 >bigplus_0 [2://] >bigplus_0 [2://]
647     cut (b2=0) // #E2 >bigplus_0 //
648   | #n #E #f whd in ⊢ (??%?); >bigplus0_sum
649 
650  #f cases b1
651   cases (b1+b2)
652 ]
653qed.
654
655lemma compute_max_trace_label_return_cost_ok_with_trace:
656 ∀cost_labels: BitVectorTrie costlabel 16.
657 ∀cost_map: identifier_map CostTag nat.
658 ∀initial,final.
659 ∀trace: trace_label_return (ASM_abstract_status cost_labels) initial final.
660 ∀codom_dom: (∀pc,k. lookup_opt … pc cost_labels = Some … k → present … cost_map k).
661 ∀dom_codom:(∀k. ∀k_pres:present … cost_map k. ∃pc. lookup_opt … pc cost_labels = Some … k →
662   block_cost (code_memory … initial) cost_labels pc 2^16 = lookup_present … k_pres).
663  let ctrace ≝ compute_cost_trace_label_return … trace in
664  compute_max_trace_label_return_cost … trace =
665   bigplus (|ctrace|) (λi,H.lookup_present … cost_map (nth_safe ? i ctrace H) ?).
666 [2: cases (nth_safe … i ctrace H) normalize #id * #id_pc #K
667   lapply (codom_dom … K) #k_pres //
668 | #cost_labels #costmap #initial #final #trace #codom_dom #dom_codom
669   cases trace
670   [ #sb #sa #tr whd in ⊢ (let ctrace ≝ % in ??%?);
671   | #si #sl #sf #tr1 #tr2 whd in ⊢ (let ctrace ≝ % in ??%?);
672   ]
673
674lemma
675 compute_max_trace_any_label_cost cost_label trace_ends_flag start_status
676  final_status the_trace =
677 
678
679let rec compute_paid_trace_label_label_cost
680  (cost_labels: BitVectorTrie Byte 16)
681   (trace_ends_flag: trace_ends_with_ret)
682    (start_status: Status) (final_status: Status)
683      (the_trace: trace_label_label (ASM_abstract_status cost_labels) trace_ends_flag
684        start_status final_status) on the_trace: nat ≝
685  match the_trace with
686  [ tll_base _ _ _ given_trace _ ⇒
687      compute_paid_trace_any_label_cost … given_trace
688  ]
689and compute_paid_trace_any_label_cost
690  (cost_labels: BitVectorTrie Byte 16)
691  (trace_ends_flag: trace_ends_with_ret)
692   (start_status: Status) (final_status: Status)
693     (the_trace: trace_any_label (ASM_abstract_status cost_labels) trace_ends_flag start_status final_status)
694       on the_trace: nat ≝
695  match the_trace with
696  [ tal_base_not_return the_status _ _ _ _ ⇒ current_instruction_cost the_status
697  | tal_base_return the_status _ _ _ ⇒ current_instruction_cost the_status
698  | tal_step_call end_flag pre_fun_call start_fun_call after_fun_call final
699     _ _ _ call_trace final_trace ⇒
700      let current_instruction_cost ≝ current_instruction_cost pre_fun_call in
701      let final_trace_cost ≝ compute_paid_trace_any_label_cost cost_labels end_flag … final_trace in
702        current_instruction_cost + final_trace_cost
703  | tal_step_default end_flag status_pre status_init status_end _ tail_trace _ _ ⇒
704      let current_instruction_cost ≝ current_instruction_cost status_pre in
705      let tail_trace_cost ≝
706       compute_paid_trace_any_label_cost cost_labels end_flag
707        status_init status_end tail_trace
708      in
709        current_instruction_cost + tail_trace_cost
710  ]
711and compute_paid_trace_label_return_cost
712  (cost_labels: BitVectorTrie Byte 16)
713  (start_status: Status) (final_status: Status)
714    (the_trace: trace_label_return (ASM_abstract_status cost_labels) start_status final_status)
715      on the_trace: nat ≝
716  match the_trace with
717  [ tlr_base before after trace_to_lift ⇒ compute_paid_trace_label_label_cost … trace_to_lift
718  | tlr_step initial labelled final labelled_trace ret_trace ⇒
719      let labelled_cost ≝ compute_paid_trace_label_label_cost … labelled_trace in
720      let return_cost ≝ compute_paid_trace_label_return_cost … ret_trace in
721        labelled_cost + return_cost
722  ].
723
724let rec trace_lab_rec_cost' (p: trace_lab_ret) : nat.
725 | (call b bf tr af tl) as self ⇒
726    trace_lab_lab_cost_nocall self + trace_lab_ret_cost' tr +
727    trace_lab_rec_cost' tl
728
729theorem main_lemma:
730 ∀p. trace_lab_rec_cost p = trace_lab_rec_cost' p.
731
732axiom lemma1:
733 ∀p: simple_path.
734  traverse_cost_internal (pc (hd p)) … = trace_lab_lab_cost_nocall p.
735
736axiom lemma2:
737 ∀s,l,cost_map.
738  is_labelled l s →
739   traverse_cost_internal s = cost_map l.
740
741axiom main_statement:
742 ∀s.
743 ∀cost_map.
744 let p ≝ compute_simple_path0 s in
745 ∑ (cost_trace p) cost_map = trace_lab_rec_cost' p.
746
747axiom main_statement:
748 ∀s.
749 ∀cost_map.
750 let p ≝ compute_simple_path0 s in
751  execute' (path_length p) s = 〈s',τ〉 →
752   Timer s' - Timer s = ∑ τ cost_map.
Note: See TracBrowser for help on using the repository browser.