source: src/ASM/CostsProof.ma @ 1923

Last change on this file since 1923 was 1923, checked in by mulligan, 8 years ago

Small change, closing daemon that went under the RADAR

File size: 35.2 KB
Line 
1include "ASM/ASMCostsSplit.ma".
2include "ASM/WellLabeled.ma".
3include "ASM/Status.ma".
4include "common/StructuredTraces.ma".
5include "arithmetics/bigops.ma".
6
7include alias "arithmetics/nat.ma".
8include alias "basics/logic.ma".
9
10let rec compute_max_trace_label_label_cost
11  (cm: ?)
12  (cost_labels: BitVectorTrie costlabel 16)
13   (trace_ends_flag: trace_ends_with_ret)
14    (start_status: Status cm) (final_status: Status cm)
15      (the_trace: trace_label_label (ASM_abstract_status cm cost_labels) trace_ends_flag
16        start_status final_status) on the_trace: nat ≝
17  match the_trace with
18  [ tll_base ends_flag initial final given_trace labelled_proof ⇒
19      compute_max_trace_any_label_cost … given_trace
20  ]
21and compute_max_trace_any_label_cost
22  (cm: ?)
23  (cost_labels: BitVectorTrie costlabel 16)
24  (trace_ends_flag: trace_ends_with_ret)
25   (start_status: Status cm) (final_status: Status cm)
26     (the_trace: trace_any_label (ASM_abstract_status cm cost_labels) trace_ends_flag start_status final_status)
27       on the_trace: nat ≝
28  match the_trace with
29  [ tal_base_not_return the_status _ _ _ _ ⇒ current_instruction_cost cm the_status
30  | tal_base_return the_status _ _ _ ⇒ current_instruction_cost cm the_status
31  | tal_base_call pre_fun_call start_fun_call final _ _ _ call_trace _ ⇒
32      let current_instruction_cost ≝ current_instruction_cost cm pre_fun_call in
33      let call_trace_cost ≝ compute_max_trace_label_return_cost … call_trace in
34        call_trace_cost + current_instruction_cost
35  | tal_step_call end_flag pre_fun_call start_fun_call after_fun_call final
36     _ _ _ call_trace _ final_trace ⇒
37      let current_instruction_cost ≝ current_instruction_cost cm pre_fun_call in
38      let call_trace_cost ≝ compute_max_trace_label_return_cost … call_trace in
39      let final_trace_cost ≝ compute_max_trace_any_label_cost cm cost_labels end_flag … final_trace in
40        call_trace_cost + current_instruction_cost + final_trace_cost
41  | tal_step_default end_flag status_pre status_init status_end _ tail_trace _ _ ⇒
42      let current_instruction_cost ≝ current_instruction_cost cm status_pre in
43      let tail_trace_cost ≝
44       compute_max_trace_any_label_cost cm cost_labels end_flag
45        status_init status_end tail_trace
46      in
47        current_instruction_cost + tail_trace_cost
48  ]
49and compute_max_trace_label_return_cost
50  (cm: ?)
51  (cost_labels: BitVectorTrie costlabel 16)
52  (start_status: Status cm) (final_status: Status cm)
53    (the_trace: trace_label_return (ASM_abstract_status cm cost_labels) start_status final_status)
54      on the_trace: nat ≝
55  match the_trace with
56  [ tlr_base before after trace_to_lift ⇒ compute_max_trace_label_label_cost … trace_to_lift
57  | tlr_step initial labelled final labelled_trace ret_trace ⇒
58      let labelled_cost ≝ compute_max_trace_label_label_cost … labelled_trace in
59      let return_cost ≝ compute_max_trace_label_return_cost … ret_trace in
60        labelled_cost + return_cost
61  ].
62
63include alias "arithmetics/nat.ma".
64
65lemma execute_1_ok_clock:
66  ∀cm.
67  ∀s.
68    clock ?? (execute_1 cm s) = current_instruction_cost … s + clock … s.
69  #cm #s cases (execute_1_ok cm s) #clock_assm #_ assumption
70qed-.
71
72let rec compute_max_trace_label_label_cost_is_ok
73  (cm: ?)
74  (cost_labels: BitVectorTrie costlabel 16)
75   (trace_ends_flag: trace_ends_with_ret)
76    (start_status: Status cm) (final_status: Status cm)
77      (the_trace: trace_label_label (ASM_abstract_status cm cost_labels) trace_ends_flag
78        start_status final_status) on the_trace:
79          clock … cm … final_status = (compute_max_trace_label_label_cost cm cost_labels trace_ends_flag start_status final_status the_trace) + (clock … cm … start_status) ≝ ?
80and compute_max_trace_any_label_cost_is_ok
81  (cm: ?)
82  (cost_labels: BitVectorTrie costlabel 16)
83  (trace_ends_flag: trace_ends_with_ret)
84   (start_status: Status cm) (final_status: Status cm)
85     (the_trace: trace_any_label (ASM_abstract_status cm cost_labels) trace_ends_flag start_status final_status)
86       on the_trace:
87         clock … cm … final_status = (compute_max_trace_any_label_cost cm cost_labels trace_ends_flag start_status final_status the_trace) + (clock … cm … start_status) ≝ ?
88and compute_max_trace_label_return_cost_is_ok
89  (cm: ?)
90  (cost_labels: BitVectorTrie costlabel 16)
91  (start_status: Status cm) (final_status: Status cm)
92    (the_trace: trace_label_return (ASM_abstract_status cm cost_labels) start_status final_status)
93      on the_trace:
94        clock … cm … final_status = (compute_max_trace_label_return_cost cm cost_labels start_status final_status the_trace) + clock … cm … start_status ≝ ?.
95  [1:
96    cases the_trace
97    #ends_flag #start_status #end_status #any_label_trace #is_costed
98    normalize @compute_max_trace_any_label_cost_is_ok
99  |2:
100    cases the_trace
101    [1,2:
102      #start_status #final_status #is_next #is_not_return try (#is_costed)
103      change with (current_instruction_cost cm start_status) in ⊢ (???(?%?));
104      cases(is_next) @execute_1_ok_clock
105    |3:
106      #status_pre_fun_call #status_start_fun_call #status_final #is_next
107      #classifier_assm #after_return_assm #call_trace #costed_assm
108      whd in match (compute_max_trace_any_label_cost … (tal_base_call …));
109      >(compute_max_trace_label_return_cost_is_ok … call_trace)
110      >associative_plus @eq_f cases(is_next)
111      @execute_1_ok_clock
112    |4:
113      #end_flag #status_pre_fun_call #status_start_fun_call #status_after_fun_call
114      #status_final #is_next #is_call #is_after_return #call_trace #not_costed #final_trace
115      change with (
116      let current_instruction_cost ≝ current_instruction_cost cm status_pre_fun_call in
117      let call_trace_cost ≝ compute_max_trace_label_return_cost cm … call_trace in
118      let final_trace_cost ≝ compute_max_trace_any_label_cost cm cost_labels end_flag … final_trace in
119        call_trace_cost + current_instruction_cost + final_trace_cost) in ⊢ (???(?%?));
120      normalize nodelta;
121      >(compute_max_trace_any_label_cost_is_ok … cost_labels end_flag status_after_fun_call
122          status_final final_trace)
123      >(compute_max_trace_label_return_cost_is_ok … cost_labels status_start_fun_call
124        status_after_fun_call call_trace)
125      cases(is_next) in match (clock … cm status_start_fun_call);
126      >(execute_1_ok_clock cm status_pre_fun_call)
127      <associative_plus in ⊢ (??%?);
128      <commutative_plus in match (
129        compute_max_trace_any_label_cost cm cost_labels end_flag status_after_fun_call status_final final_trace
130          + compute_max_trace_label_return_cost cm cost_labels status_start_fun_call status_after_fun_call call_trace);
131      >associative_plus in ⊢ (??%?); >associative_plus in ⊢ (???%); >associative_plus in ⊢ (???%);
132      @eq_f >commutative_plus in ⊢ (??%?); >associative_plus in ⊢ (??%?);
133      @eq_f @commutative_plus
134    |5:
135      #end_flag #status_pre #status_init #status_end #is_next
136      #trace_any_label #is_other #is_not_costed
137      change with (
138      let current_instruction_cost ≝ current_instruction_cost cm status_pre in
139      let tail_trace_cost ≝
140       compute_max_trace_any_label_cost cm cost_labels end_flag
141        status_init status_end trace_any_label
142      in
143        current_instruction_cost + tail_trace_cost) in ⊢ (???(?%?));
144      normalize nodelta;
145      >(compute_max_trace_any_label_cost_is_ok cm cost_labels end_flag
146         status_init status_end trace_any_label)
147      cases(is_next) in match (clock … cm status_init);
148      >(execute_1_ok_clock … status_pre)
149      >commutative_plus >associative_plus >associative_plus @eq_f
150      @commutative_plus
151    ]
152  |3:
153    cases the_trace
154    [1:
155      #status_before #status_after #trace_to_lift
156      normalize @compute_max_trace_label_label_cost_is_ok
157    |2:
158      #status_initial #status_labelled #status_final #labelled_trace #ret_trace
159      normalize
160      >(compute_max_trace_label_return_cost_is_ok cm cost_labels status_labelled status_final ret_trace);
161      >(compute_max_trace_label_label_cost_is_ok cm cost_labels doesnt_end_with_ret status_initial status_labelled labelled_trace);
162      <associative_plus in ⊢ (??%?);
163      >commutative_plus in match (
164        compute_max_trace_label_return_cost cm cost_labels status_labelled status_final ret_trace
165          + compute_max_trace_label_label_cost cm cost_labels doesnt_end_with_ret status_initial status_labelled labelled_trace);
166      %
167    ]
168  ]
169qed.
170
171let rec compute_trace_label_label_cost_using_paid
172  (cm: ?)
173  (cost_labels: BitVectorTrie costlabel 16)
174   (trace_ends_flag: trace_ends_with_ret)
175    (start_status: Status cm) (final_status: Status cm)
176      (the_trace: trace_label_label (ASM_abstract_status cm cost_labels) trace_ends_flag
177        start_status final_status) on the_trace: nat ≝
178  match the_trace with
179  [ tll_base ends_flag initial final given_trace labelled_proof ⇒
180      compute_paid_trace_label_label cm cost_labels … the_trace +
181      compute_trace_any_label_cost_using_paid … given_trace
182  ]
183and compute_trace_any_label_cost_using_paid
184  (cm: ?)
185  (cost_labels: BitVectorTrie costlabel 16)
186  (trace_ends_flag: trace_ends_with_ret)
187   (start_status: Status cm) (final_status: Status cm)
188     (the_trace: trace_any_label (ASM_abstract_status cm cost_labels) trace_ends_flag start_status final_status)
189       on the_trace: nat ≝
190  match the_trace with
191  [ tal_base_not_return the_status _ _ _ _ ⇒ 0
192  | tal_base_return the_status _ _ _ ⇒ 0
193  | tal_base_call pre_fun_call start_fun_call final _ _ _ call_trace _ ⇒
194      compute_trace_label_return_cost_using_paid … call_trace
195  | tal_step_call end_flag pre_fun_call start_fun_call after_fun_call final
196     _ _ _ call_trace _ final_trace ⇒
197      let call_trace_cost ≝ compute_trace_label_return_cost_using_paid … call_trace in
198      let final_trace_cost ≝ compute_trace_any_label_cost_using_paid cm cost_labels end_flag … final_trace in
199        call_trace_cost + final_trace_cost
200  | tal_step_default end_flag status_pre status_init status_end _ tail_trace _ _ ⇒
201     compute_trace_any_label_cost_using_paid cm cost_labels end_flag
202      status_init status_end tail_trace
203  ]
204and compute_trace_label_return_cost_using_paid
205  (cm: ?)
206  (cost_labels: BitVectorTrie costlabel 16)
207  (start_status: Status cm) (final_status: Status cm)
208    (the_trace: trace_label_return (ASM_abstract_status cm cost_labels) start_status final_status)
209      on the_trace: nat ≝
210  match the_trace with
211  [ tlr_base before after trace_to_lift ⇒ compute_trace_label_label_cost_using_paid … trace_to_lift
212  | tlr_step initial labelled final labelled_trace ret_trace ⇒
213      let labelled_cost ≝ compute_trace_label_label_cost_using_paid … labelled_trace in
214      let return_cost ≝ compute_trace_label_return_cost_using_paid … ret_trace in
215        labelled_cost + return_cost
216  ].
217
218let rec compute_trace_label_label_cost_using_paid_ok
219  (cm: ?)
220  (cost_labels: BitVectorTrie costlabel 16)
221   (trace_ends_flag: trace_ends_with_ret)
222    (start_status: Status cm) (final_status: Status cm)
223      (the_trace: trace_label_label (ASM_abstract_status cm cost_labels) trace_ends_flag
224        start_status final_status) on the_trace:
225 compute_trace_label_label_cost_using_paid cm cost_labels … the_trace =
226 compute_max_trace_label_label_cost … the_trace ≝ ?
227and compute_trace_any_label_cost_using_paid_ok
228  (cm: ?)
229  (cost_labels: BitVectorTrie costlabel 16)
230  (trace_ends_flag: trace_ends_with_ret)
231   (start_status: Status cm) (final_status: Status cm)
232     (the_trace: trace_any_label (ASM_abstract_status cm cost_labels)
233      trace_ends_flag start_status final_status) on the_trace:     
234  compute_paid_trace_any_label cm cost_labels trace_ends_flag … the_trace
235  +compute_trace_any_label_cost_using_paid cm cost_labels trace_ends_flag … the_trace
236  =compute_max_trace_any_label_cost cm cost_labels trace_ends_flag … the_trace ≝ ?
237and compute_trace_label_return_cost_using_paid_ok
238  (cm: ?)
239  (cost_labels: BitVectorTrie costlabel 16)
240  (start_status: Status cm) (final_status: Status cm)
241    (the_trace: trace_label_return (ASM_abstract_status cm cost_labels)
242     start_status final_status) on the_trace:
243 compute_trace_label_return_cost_using_paid cm cost_labels … the_trace =
244 compute_max_trace_label_return_cost cm cost_labels … the_trace ≝ ?.
245[ cases the_trace #endsf #ss #es #tr #H normalize
246  @compute_trace_any_label_cost_using_paid_ok
247| cases the_trace
248  [ #ss #fs #H1 #H2 #H3 whd in ⊢ (??(?%%)%); <plus_n_O %
249  | #ss #fs #H1 #H2 whd in ⊢ (??(?%%)%); <plus_n_O %
250  |
251    #sp #ss #sf #H1 #H2 #tr1 #tr2 #H3
252    whd in ⊢ (???%); whd in ⊢ (??(??%)?); whd in ⊢ (??(?%?)?);
253    >compute_trace_label_return_cost_using_paid_ok in ⊢ (??%?);
254    >commutative_plus in ⊢ (??%?); @eq_f %
255  | #ef #spfc #ssfc #safc #sf #H1 #H2 #H3 #tr1 #H4 #tr2 whd in ⊢ (??(?%%)%);
256    <compute_trace_any_label_cost_using_paid_ok
257    <compute_trace_label_return_cost_using_paid_ok
258    -compute_trace_label_label_cost_using_paid_ok
259    -compute_trace_label_return_cost_using_paid_ok
260    -compute_trace_any_label_cost_using_paid_ok
261    >commutative_plus in ⊢ (???(?%?));
262    >commutative_plus in ⊢ (??(??%)?);
263    >associative_plus >associative_plus in ⊢ (???%); @eq_f2 try %
264    <associative_plus <commutative_plus %
265  | #ef #sp #si #se #H1 #tr #H2 #H3 whd in ⊢ (??(?%%)%); >associative_plus @eq_f2
266    [ % | @compute_trace_any_label_cost_using_paid_ok ]
267  ]
268| cases the_trace
269  [ #sb #sa #tr normalize @compute_trace_label_label_cost_using_paid_ok
270  | #si #sl #sf #tr1 #tr2 normalize @eq_f2
271    [ @compute_trace_label_label_cost_using_paid_ok
272    | @compute_trace_label_return_cost_using_paid_ok ]]]
273qed.
274
275include alias "ASM/BitVectorTrie.ma".
276
277let rec compute_cost_trace_label_label
278  (cm: BitVectorTrie Byte 16)
279  (cost_labels: BitVectorTrie costlabel 16)
280   (trace_ends_flag: trace_ends_with_ret)
281    (start_status: Status cm) (final_status: Status cm)
282      (the_trace: trace_label_label (ASM_abstract_status cm cost_labels) trace_ends_flag
283        start_status final_status) on the_trace:
284         list (Σk:costlabel. ∃pc: Word. lookup_opt … pc cost_labels = Some … k) ≝
285  match the_trace with
286  [ tll_base ends_flag initial final given_trace labelled_proof ⇒
287     let pc ≝ program_counter ? cm initial in
288     let label ≝
289      match lookup_opt … pc cost_labels return λx: option ?. match x with [None ⇒ False | Some _ ⇒ True] → costlabel with
290      [ None ⇒ λabs. ⊥
291      | Some l ⇒ λ_. l ] labelled_proof in
292      (mk_Sig ?? label ?)::compute_cost_trace_any_label cm cost_labels ends_flag initial final … given_trace
293  ]
294and compute_cost_trace_any_label
295  (cm: BitVectorTrie Byte 16)
296  (cost_labels: BitVectorTrie costlabel 16)
297  (trace_ends_flag: trace_ends_with_ret)
298   (start_status: Status cm) (final_status: Status cm)
299     (the_trace: trace_any_label (ASM_abstract_status cm cost_labels) trace_ends_flag start_status final_status)
300       on the_trace: list (Σk:costlabel. ∃pc. lookup_opt … pc cost_labels = Some … k) ≝
301  match the_trace with
302  [ tal_base_not_return the_status _ _ _ _ ⇒ [ ]
303  | tal_base_call pre_fun_call start_fun_call final _ _ _ call_trace _ ⇒
304      compute_cost_trace_label_return … call_trace
305  | tal_base_return the_status _ _ _ ⇒ [ ]
306  | tal_step_call end_flag pre_fun_call start_fun_call after_fun_call final
307     _ _ _ call_trace _ final_trace ⇒
308      let call_cost_trace ≝ compute_cost_trace_label_return … call_trace in
309      let final_cost_trace ≝ compute_cost_trace_any_label cm cost_labels end_flag … final_trace in
310        call_cost_trace @ final_cost_trace
311  | tal_step_default end_flag status_pre status_init status_end _ tail_trace _ _ ⇒
312       compute_cost_trace_any_label cm cost_labels end_flag
313        status_init status_end tail_trace
314  ]
315and compute_cost_trace_label_return
316  (cm: BitVectorTrie Byte 16)
317  (cost_labels: BitVectorTrie costlabel 16)
318  (start_status: Status cm) (final_status: Status cm)
319    (the_trace: trace_label_return (ASM_abstract_status cm cost_labels) start_status final_status)
320      on the_trace: list (Σk:costlabel. ∃pc. lookup_opt … pc cost_labels = Some … k) ≝
321  match the_trace with
322  [ tlr_base before after trace_to_lift ⇒ compute_cost_trace_label_label cm … trace_to_lift
323  | tlr_step initial labelled final labelled_trace ret_trace ⇒
324      let labelled_cost ≝ compute_cost_trace_label_label cm … labelled_trace in
325      let return_cost ≝ compute_cost_trace_label_return cm … ret_trace in
326        labelled_cost @ return_cost
327  ].
328 [ %{pc} whd in match label;  generalize in match labelled_proof; whd in ⊢ (% → ?);
329  cases (lookup_opt costlabel … pc cost_labels) normalize
330  [ #abs cases abs | // ]
331 | // ]
332qed.
333
334include alias "arithmetics/nat.ma".
335include alias "basics/logic.ma".
336
337lemma and_intro_right:
338  ∀a, b: Prop.
339    a → (a → b) → a ∧ b.
340  #a #b /3/
341qed.
342
343lemma lt_m_n_to_exists_o_plus_m_n:
344  ∀m, n: nat.
345    m < n → ∃o: nat. m + o = n.
346  #m #n
347  cases m
348  [1:
349    #irrelevant
350    %{n} %
351  |2:
352    #m' #lt_hyp
353    %{(n - S m')}
354    >commutative_plus in ⊢ (??%?);
355    <plus_minus_m_m
356    [1:
357      %
358    |2:
359      @lt_S_to_lt
360      assumption
361    ]
362  ]
363qed.
364
365lemma lt_O_n_to_S_pred_n_n:
366  ∀n: nat.
367    0 < n → S (pred n) = n.
368  #n
369  cases n
370  [1:
371    #absurd
372    cases(lt_to_not_zero 0 0 absurd)
373  |2:
374    #n' #lt_hyp %
375  ]
376qed.
377
378lemma exists_plus_m_n_to_exists_Sn:
379  ∀m, n: nat.
380    m < n → ∃p: nat. S p = n.
381  #m #n
382  cases m
383  [1:
384    #lt_hyp %{(pred n)}
385    @(lt_O_n_to_S_pred_n_n … lt_hyp)
386  |2:
387    #m' #lt_hyp %{(pred n)}
388    @(lt_O_n_to_S_pred_n_n)
389    @(transitive_le … (S m') …)
390    [1:
391      //
392    |2:
393      @lt_S_to_lt
394      assumption
395    ]
396  ]
397qed.
398
399include alias "arithmetics/bigops.ma".
400
401(* This shoudl go in bigops! *)
402theorem bigop_sum_rev: ∀k1,k2,p,B,nil.∀op:Aop B nil.∀f:nat→B.
403 \big[op,nil]_{i<k1+k2|p i} (f i) =
404 op \big[op,nil]_{i<k2|p (i+k1)} (f (i+k1)) \big[op,nil]_{i<k1|p i} (f i).
405 #k1 #k2 #p #B #nil #op #f >bigop_sum
406 >commutative_plus @same_bigop #i @leb_elim normalize
407 [2,4: //
408 | #H1 #H2 <plus_minus_m_m //
409 | #H1 #H2 #H3 <plus_minus_m_m //]
410qed.
411
412(* This is taken by sigma_pi.ma that does not compile now *)
413definition natAop ≝ mk_Aop nat 0 plus (λa.refl ? a) (λn.sym_eq ??? (plus_n_O n))
414   (λa,b,c.sym_eq ??? (associative_plus a b c)).
415
416definition natACop ≝ mk_ACop nat 0 natAop commutative_plus.
417
418definition natDop ≝ mk_Dop nat 0 natACop times (λn.(sym_eq ??? (times_n_O n)))
419   distributive_times_plus.
420
421unification hint  0 ≔ ;
422   S ≟ mk_Aop nat 0 plus (λa.refl ? a) (λn.sym_eq ??? (plus_n_O n))
423   (λa,b,c.sym_eq ??? (associative_plus a b c))
424(* ---------------------------------------- *) ⊢
425   plus ≡ op ? ? S.
426
427unification hint  0 ≔ ;
428   S ≟ mk_ACop nat 0 (mk_Aop nat 0 plus (λa.refl ? a) (λn.sym_eq ??? (plus_n_O n))
429   (λa,b,c.sym_eq ??? (associative_plus a b c))) commutative_plus
430(* ---------------------------------------- *) ⊢
431   plus ≡ op ? ? S.
432   
433unification hint  0 ≔ ;
434   S ≟ natDop
435(* ---------------------------------------- *) ⊢
436   plus ≡ sum ? ? S.
437
438unification hint  0 ≔ ;
439   S ≟ natDop
440(* ---------------------------------------- *) ⊢
441   times ≡ prod ? ? S.
442
443notation > "Σ_{ ident i < n } f"
444  with precedence 20
445for @{'bigop $n plus 0 (λ${ident i}.true) (λ${ident i}. $f)}.
446
447notation < "Σ_{ ident i < n } f"
448  with precedence 20
449for @{'bigop $n plus 0 (λ${ident i}:$X.true) (λ${ident i}:$Y. $f)}.
450
451definition tech_cost_of_label0:
452 ∀cost_labels: BitVectorTrie costlabel 16.
453 ∀cost_map: identifier_map CostTag nat.
454 ∀codom_dom: (∀pc,k. lookup_opt … pc cost_labels = Some … k → present … cost_map k).
455 ∀ctrace:list (Σk:costlabel.∃pc. lookup_opt costlabel 16 pc cost_labels = Some ? k).
456 ∀i,p. present … cost_map (nth_safe ? i ctrace p).
457 #cost_labels #cost_map #codom_dom #ctrace #i #p
458 cases (nth_safe … i ctrace ?) normalize #id * #id_pc #K
459 lapply (codom_dom … K) #k_pres >(lookup_lookup_present … k_pres)
460 % #abs destruct (abs)
461qed.
462
463include alias "arithmetics/nat.ma".
464include alias "basics/logic.ma".
465
466lemma ltb_rect:
467 ∀P:Type[0].∀n,m. (n < m → P) → (¬ n < m → P) → P.
468 #P #n #m lapply (refl … (ltb n m)) cases (ltb n m) in ⊢ (???% → %); #E #H1 #H2
469 [ @H1 @leb_true_to_le @E | @H2 @leb_false_to_not_le @E ]
470qed.
471
472lemma same_ltb_rect:
473 ∀P,n,m,H1,H2,n',m',H1',H2'.
474  ltb n m = ltb n' m' → (∀x,y. H1 x = H1' y) → (∀x,y. H2 x = H2' y) →
475   ltb_rect P n m H1 H2 =
476   ltb_rect P n' m' H1' H2'.
477 #P #n #m #H1 #H2 #n' #m' #H1' #H2' #E #K1 #K2 whd in ⊢ (??%?);
478 cut (∀xxx,yyy,xxx',yyy'.
479   match ltb n m
480   return λx:bool.
481           eq bool (ltb n m) x
482            → (lt n m → P) → (Not (lt n m) → P) → P
483    with
484    [ true ⇒
485        λE0:eq bool (ltb n m) true.
486         λH10:lt n m → P.
487          λH20:Not (lt n m) → P. H10 (xxx E0)
488    | false ⇒
489        λE0:eq bool (ltb n m) false.
490         λH10:lt n m → P.
491          λH20:Not (lt n m) → P. H20 (yyy E0)]
492    (refl … (ltb n m)) H1 H2 =
493   match ltb n' m'
494   return λx:bool.
495           eq bool (ltb n' m') x
496            → (lt n' m' → P) → (Not (lt n' m') → P) → P
497    with
498    [ true ⇒
499        λE0:eq bool (ltb n' m') true.
500         λH10:lt n' m' → P.
501          λH20:Not (lt n' m') → P. H10 (xxx' E0)
502    | false ⇒
503        λE0:eq bool (ltb n' m') false.
504         λH10:lt n' m' → P.
505          λH20:Not (lt n' m') → P. H20 (yyy' E0)]
506    (refl … (ltb n' m')) H1' H2'
507  ) [2: #X @X]
508 >E cases (ltb n' m') #xxx #yyy #xxx' #yyy' normalize
509 [ @K1 | @K2 ]
510qed.
511
512
513definition tech_cost_of_label:
514 ∀cost_labels: BitVectorTrie costlabel 16.
515 ∀cost_map: identifier_map CostTag nat.
516 ∀codom_dom: (∀pc,k. lookup_opt … pc cost_labels = Some … k → present … cost_map k).
517 list (Σk:costlabel.∃pc. lookup_opt costlabel 16 pc cost_labels = Some ? k) →
518 nat → nat
519≝ λcost_labels,cost_map,codom_dom,ctrace,i.
520 ltb_rect ? i (|ctrace|)
521 (λH. lookup_present ?? cost_map (nth_safe ? i ctrace H) ?)
522 (λ_.0).
523 @tech_cost_of_label0 @codom_dom
524qed.
525
526lemma shift_nth_safe:
527 ∀T,i,l2,l1,K1,K2.
528  nth_safe T i l1 K1 = nth_safe T (i+|l2|) (l2@l1) K2.
529 #T #i #l2 elim l2 normalize
530  [ #l1 #K1 <plus_n_O #K2 %
531  | #hd #tl #IH #l1 #K1 <plus_n_Sm #K2 change with (? < ?) in K1; change with (? < ?) in K2;
532    whd in ⊢ (???%); @IH ]
533qed.
534
535lemma shift_nth_prefix:
536 ∀T,l1,i,l2,K1,K2.
537  nth_safe T i l1 K1 = nth_safe T i (l1@l2) K2.
538  #T #l1 elim l1 normalize
539  [
540    #i #l1 #K1 cases(lt_to_not_zero … K1)
541  |
542    #hd #tl #IH #i #l2
543    cases i
544    [
545      //
546    |
547      #i' #K1 #K2 whd in ⊢ (??%%);
548      @IH
549    ]
550  ]
551qed.
552
553lemma tech_cost_of_label_shift:
554 ∀cost_labels,cost_map,codom_dom,l1,l2,i.
555  i < |l2| →
556   tech_cost_of_label cost_labels cost_map codom_dom l2 i =
557   tech_cost_of_label cost_labels cost_map codom_dom (l1@l2) (i+|l1|).
558 #cost_labels #cost_Map #codom_dom #l1 #l2 #i #H
559 whd in match tech_cost_of_label; normalize nodelta @same_ltb_rect
560 [ @(ltb_rect ? i (|l2|)) @(ltb_rect ? (i+|l1|) (|l1@l2|)) #K1 #K2
561   whd in match ltb; normalize nodelta
562   [1: >le_to_leb_true try assumption applyS le_to_leb_true //
563   |4: >not_le_to_leb_false try assumption applyS not_le_to_leb_false
564       change with (¬ ? ≤ ?) in K1; applyS K1
565   |2: @⊥ @(absurd (i+|l1| < |l1@l2|)) // >length_append
566       applyS (monotonic_lt_plus_r … (|l1|)) //
567   |3: @⊥ @(absurd ?? K2) >length_append in K1; #K1 /2 by lt_plus_to_lt_l/ ]
568 | #H1 #H2
569   generalize in match (tech_cost_of_label0 ??? (l1@l2) ??);
570   <(shift_nth_safe … H1) #p %
571 | // ]
572qed.
573
574lemma tech_cost_of_label_prefix:
575 ∀cost_labels,cost_map,codom_dom,l1,l2,i.
576  i < |l1| →
577   tech_cost_of_label cost_labels cost_map codom_dom l1 i =
578   tech_cost_of_label cost_labels cost_map codom_dom (l1@l2) i.
579 #cost_labels #cost_map #codom_dom #l1 #l2 #i #H
580 whd in match tech_cost_of_label; normalize nodelta @same_ltb_rect
581 [1:
582   whd in match ltb; normalize nodelta
583   >(le_to_leb_true … H) applyS le_to_leb_true
584   >length_append whd in H; >commutative_plus @le_plus_a assumption
585 |2:
586   #K1 #K2
587   generalize in match (tech_cost_of_label0 ??? (l1@l2) ??);
588   <(shift_nth_prefix … l1 i l2 K1 K2) //
589 |3:
590   #_ #_ %
591 ]
592qed.
593   
594(* XXX: here *)
595let rec compute_trace_label_return_using_paid_ok_with_trace
596 (cm: ?) (total_program_size: nat) (total_program_size_limit: total_program_size ≤ 2^16)
597 (good_program_witness: good_program cm total_program_size)
598 (cost_labels: BitVectorTrie costlabel 16)
599 (cost_map: identifier_map CostTag nat)
600 (initial: Status cm) (final: Status cm)
601 (trace: trace_label_return (ASM_abstract_status cm cost_labels) initial final)
602 (codom_dom: (∀pc,k. lookup_opt … pc cost_labels = Some … k → present … cost_map k))
603 on trace:
604 ∀unrepeating_witness: tlr_unrepeating … trace.
605 ∀dom_codom:(∀k. ∀k_pres:present … cost_map k. ∀pc. lookup_opt … pc cost_labels = Some … k →
606   ∃reachable_witness: reachable_program_counter cm total_program_size pc.
607   pi1 … (block_cost cm pc total_program_size total_program_size_limit cost_labels reachable_witness good_program_witness) = lookup_present … k_pres).
608  let ctrace ≝ compute_cost_trace_label_return cm … trace in
609  compute_trace_label_return_cost_using_paid cm … trace =
610   (Σ_{i < |ctrace|} (tech_cost_of_label cost_labels cost_map codom_dom ctrace i))
611    ≝ ?
612and compute_trace_any_label_using_paid_ok_with_trace
613 (cm: ?) (total_program_size: nat) (total_program_size_limit: total_program_size ≤ 2^16)
614 (good_program_witness: good_program cm total_program_size)
615 (cost_labels: BitVectorTrie costlabel 16)
616 (trace_ends_flag: trace_ends_with_ret)
617 (cost_map: identifier_map CostTag nat)
618 (initial: Status cm) (final: Status cm)
619 (trace: trace_any_label (ASM_abstract_status cm cost_labels) trace_ends_flag initial final)
620 (codom_dom: (∀pc,k. lookup_opt … pc cost_labels = Some … k → present … cost_map k))
621 (dom_codom:(∀k. ∀k_pres:present … cost_map k. ∀pc. lookup_opt … pc cost_labels = Some … k →
622   ∃reachable_witness: reachable_program_counter cm total_program_size pc.
623   pi1 … (block_cost cm pc total_program_size total_program_size_limit cost_labels reachable_witness good_program_witness) = lookup_present … k_pres))
624 on trace:
625  ∀unrepeating_witness: tal_unrepeating … trace.
626  let ctrace ≝ compute_cost_trace_any_label … trace in
627  compute_trace_any_label_cost_using_paid … trace =
628   (Σ_{i < |ctrace|} (tech_cost_of_label cost_labels cost_map codom_dom ctrace i))
629    ≝ ?
630and compute_trace_label_label_using_paid_ok_with_trace
631 (cm: ?) (total_program_size: nat) (total_program_size_limit: total_program_size ≤ 2^16)
632 (good_program_witness: good_program cm total_program_size)
633 (cost_labels: BitVectorTrie costlabel 16)
634 (trace_ends_flag: trace_ends_with_ret)
635 (cost_map: identifier_map CostTag nat)
636 (initial: Status cm) (final: Status cm)
637 (trace: trace_label_label (ASM_abstract_status cm cost_labels) trace_ends_flag initial final)
638 (unrepeating_witness: tll_unrepeating … trace)
639 (codom_dom: (∀pc,k. lookup_opt … pc cost_labels = Some … k → present … cost_map k))
640 (dom_codom:(∀k. ∀k_pres:present … cost_map k. ∀pc. lookup_opt … pc cost_labels = Some … k →
641   ∃reachable_witness: reachable_program_counter cm total_program_size pc.
642   pi1 … (block_cost cm pc total_program_size total_program_size_limit cost_labels reachable_witness good_program_witness) = lookup_present … k_pres))
643 on trace:
644 ∀unrepeating_witness: tll_unrepeating … trace.
645  let ctrace ≝ compute_cost_trace_label_label … trace in
646  compute_trace_label_label_cost_using_paid … trace =
647   (Σ_{i < |ctrace|} (tech_cost_of_label cost_labels cost_map codom_dom ctrace i))
648    ≝ ?.
649  cases trace normalize nodelta
650  [ #sb #sa #tr #unrepeating_witness #dom_codom whd in ⊢ (??%?);
651    whd in match (compute_cost_trace_label_return ?????);
652    @(compute_trace_label_label_using_paid_ok_with_trace … good_program_witness)
653    assumption
654  | #si #sl #sf #tr1 #tr2 #unrepeating_witness #dom_codom
655    whd in ⊢ (??%?);
656    whd in match (compute_cost_trace_label_return ?????);
657    >append_length >bigop_sum_rev >commutative_plus @eq_f2
658    [ >(compute_trace_label_return_using_paid_ok_with_trace … good_program_witness … cost_map … codom_dom ? dom_codom)
659      -compute_trace_label_return_using_paid_ok_with_trace
660      [1:
661        @same_bigop [//] #i #H #_ -dom_codom @tech_cost_of_label_shift //
662      |2:
663        inversion unrepeating_witness
664        #tll_unrepeating #tlr_unrepeating #_ assumption
665      ]
666    | >(compute_trace_label_label_using_paid_ok_with_trace … good_program_witness … cost_map … codom_dom … dom_codom)
667      -compute_trace_label_label_using_paid_ok_with_trace
668      [1:
669        @same_bigop [//] #i #H #_ @(tech_cost_of_label_prefix … H)
670      |2,3:
671        inversion unrepeating_witness
672        #tll_unrepeating #tlr_unrepeating #_ assumption
673      ]
674    ]
675  |8:
676    #end_flag #start_status #end_status #trace_any_label #costed_assm
677    #unrepeating_witness'
678    whd in ⊢ (??%?); whd in ⊢ (??(?%?)?);
679    >(compute_trace_any_label_using_paid_ok_with_trace … good_program_witness … cost_map … codom_dom … dom_codom)
680    [1:
681      >bigop_0 in ⊢ (???%); >commutative_plus @eq_f2
682      [1:
683        @same_bigop [//] #i #H #_ -dom_codom >(plus_n_O i) >plus_n_Sm
684        <(tech_cost_of_label_shift ??? [?] ? i) //
685      |2:
686        change with (? = lookup_present ? ? ? ? ?)
687        generalize in match (tech_cost_of_label0 ? ? ? ? ? ?);
688        normalize in match (nth_safe ? ? ? ?);
689        whd in costed_assm; lapply costed_assm 
690        inversion (lookup_opt ? ? (program_counter … cm start_status) cost_labels)
691        [1:
692          #_ #absurd cases absurd
693        |2:
694          normalize nodelta #cost_label #Some_assm #_ #p
695          cases (dom_codom ? p ? Some_assm)
696          #reachable_witness #block_cost_assm <block_cost_assm
697          cases (block_cost ???????)
698          #cost -block_cost_assm #block_cost_assm
699          cases (block_cost_assm ??? trace_any_label ???)
700          try @refl assumption
701        ]
702      ]
703    |2:
704      assumption
705    ]
706  |3:
707    #start_status #final_status #execute_assm #classifier_assm #costed_assm
708    #unrepeating_witness
709    %
710  |4:
711    #start_status #final_status #execute_assm #classifier_assm #unrepeating_witness
712    %
713  |5:
714    #status_pre_fun_call #status_start_fun_call #status_final #execute_assm
715    #classifier_assm #after_return_assm #trace_label_return #costed_assm #unrepeating_witness
716    whd in ⊢ (??%?);
717    @(compute_trace_label_return_using_paid_ok_with_trace … good_program_witness … cost_map … codom_dom ? dom_codom)
718    assumption
719  |6:
720    #end_flag #status_pre_fun_call #status_start_fun_call #status_after_fun_call
721    #status_final #execute_assm #classifier_assm #after_return_assm #trace_label_return
722    #costed_assm #trace_any_label #unrepeating_witness
723    whd in ⊢ (??%?);
724    >(compute_trace_label_return_using_paid_ok_with_trace … good_program_witness … cost_map … codom_dom ? dom_codom)
725    [1:
726      >(compute_trace_any_label_using_paid_ok_with_trace … good_program_witness … cost_map … codom_dom … dom_codom)
727      [1:
728        >length_append >bigop_sum_rev >commutative_plus @eq_f2
729        [ @same_bigop [2: #i #H #_ -dom_codom @tech_cost_of_label_shift assumption
730                      |1: #i #H % ]
731        | @same_bigop [#i #H %] #i #H #_ @(tech_cost_of_label_prefix … H)
732        ]
733      |2:
734        inversion unrepeating_witness
735        * #memb_1 #tal_unrepeating #tlr_unrepeating #_ assumption
736      ]
737    |2:
738      inversion unrepeating_witness
739      * #memb_1 #tal_unrepeating #tlr_unrepeating #_ assumption
740    ]
741  |7:
742    #end_flag #status_pre_fun_call #status_start_fun_call #status_final
743    #execute_assm #trace_any_label #classifier_assm #costed_assm #unrepeating_witness
744    whd in ⊢ (??%?);
745    @(compute_trace_any_label_using_paid_ok_with_trace … good_program_witness … cost_map … codom_dom … dom_codom)
746    inversion unrepeating_witness
747    #memb_1 #tal_unrepeating #_ assumption
748  ]
749qed.
750 
751lemma compute_max_trace_label_return_cost_ok_with_trace_aux:
752  ∀code_memory: BitVectorTrie Byte 16.
753  ∀total_program_size: nat.
754  ∀total_program_size_limit: total_program_size ≤ 2^16.
755  ∀good_program_witness: good_program code_memory total_program_size.
756  ∀cost_labels: BitVectorTrie costlabel 16.
757  ∀cost_map: identifier_map CostTag nat.
758  ∀initial: Status code_memory.
759  ∀final: Status code_memory.
760  ∀trace: trace_label_return (ASM_abstract_status code_memory cost_labels) initial final.
761  ∀unrepeating_witness: tlr_unrepeating … trace.
762  ∀codom_dom: (∀pc,k. lookup_opt … pc cost_labels = Some … k → present … cost_map k).
763  ∀dom_codom: (∀k. ∀k_pres:present … cost_map k. ∀pc. lookup_opt … pc cost_labels = Some … k →
764    ∃reachable_witness: reachable_program_counter code_memory total_program_size pc.
765      pi1 … (block_cost code_memory pc total_program_size total_program_size_limit cost_labels reachable_witness good_program_witness) = lookup_present … k_pres).
766        let ctrace ≝ compute_cost_trace_label_return code_memory … trace in
767          clock … code_memory … final =
768            clock … code_memory … initial + (Σ_{i < |ctrace|} (tech_cost_of_label cost_labels cost_map codom_dom ctrace i)).
769  #code_memory #total_program_size #total_program_size_limit
770  #good_program_witness #cost_labels #cost_map
771  #initial #final #trace #unrepeating_witness #codom_dom #dom_codom normalize nodelta
772  <compute_trace_label_return_using_paid_ok_with_trace try assumption
773  >commutative_plus >compute_trace_label_return_cost_using_paid_ok //
774qed.
775
776theorem compute_max_trace_label_return_cost_ok_with_trace:
777  ∀code_memory: BitVectorTrie Byte 16.
778  ∀total_program_size: nat.
779  ∀total_program_size_invariant: total_program_size ≤ 2^16.
780  ∀good_program_witness: good_program code_memory total_program_size.
781  ∀cost_labels: BitVectorTrie costlabel 16.
782  ∀cost_labels_injective:
783   (∀pc,pc',l.
784     lookup_opt costlabel 16 pc cost_labels=Some costlabel l
785      →lookup_opt costlabel 16 pc' cost_labels=Some costlabel l→pc=pc').
786  ∀reachable_program_counter_witness:
787    ∀lbl: costlabel.
788    ∀program_counter: Word.
789      Some costlabel lbl=lookup_opt costlabel 16 program_counter cost_labels →
790        reachable_program_counter code_memory total_program_size program_counter.
791  ∀initial: Status code_memory.
792  ∀final: Status code_memory.
793  ∀trace: trace_label_return (ASM_abstract_status code_memory cost_labels) initial final.
794  ∀unrepeating_witness: tlr_unrepeating … trace.
795    let cost_map ≝ traverse_code code_memory cost_labels cost_labels_injective total_program_size total_program_size_invariant
796      reachable_program_counter_witness good_program_witness in
797    let ctrace ≝ compute_cost_trace_label_return code_memory … trace in
798      clock … code_memory … final = clock … code_memory … initial + (Σ_{i < |ctrace|} (tech_cost_of_label cost_labels cost_map ? ctrace i)).
799  [1:
800    #code_memory #total_program_size #total_program_size_invariant #good_program_witness
801    #cost_labels #cost_labels_injective #reachable_program_counter_witness #initial #final #trace
802    #unrepeating_witness
803    @compute_max_trace_label_return_cost_ok_with_trace_aux try assumption
804  |2:
805    skip
806  ]
807  normalize nodelta
808  cases (traverse_code ? ? ? ? ? ? ?)
809  #cost_map * #dom_codom #codom_dom try assumption
810  #pc #k #lookup_opt_assm @(dom_codom … lookup_opt_assm)
811  lapply (sym_eq ? ? ? lookup_opt_assm)
812  -lookup_opt_assm #lookup_opt_assm
813  cases (reachable_program_counter_witness … lookup_opt_assm)
814  #fetch_n_assm #relevant assumption
815qed.
Note: See TracBrowser for help on using the repository browser.