Changeset 2153 for src/ASM

Timestamp:

Jul 4, 2012, 3:38:52 PM (8 years ago)

Author:

boender

Message:

• updated the proof some more

File:

• src/ASM/Policy.ma (modified) (7 diffs)

src/ASM/Policy.ma

@@ -35 +35 @@
   | #sigma normalize nodelta #H @conj [ @conj
     [ @(proj1 ?? (proj1 ?? (proj1 ?? H)))
-    | (* #Ht destruct (Ht) *) @(proj2 ?? (proj1 ?? (proj1 ?? H)))
+    | @(proj2 ?? (proj1 ?? (proj1 ?? H)))
     ]
     | @(proj2 ?? H)
@@ -48 +48 @@
     | #j2 #H2 @conj [ @conj
       [ @(proj1 ?? (proj1 ?? (proj1 ?? (proj1 ?? (proj1 ?? H2)))))
-      | (*#Ht @(equal_compact_unsafe_compact ?? op)
-        [ @(proj2 ?? (proj1 ?? H2)) @Ht
-        | cases daemon (* add sigma_safe to properties *)
-        | @(proj2 ?? (proj1 ?? (proj1 ?? (proj1 ?? H2))))
-        ]*)
-        @(proj2 ?? (proj1 ?? (proj1 ?? (proj1 ?? H2))))
+      | @(proj2 ?? (proj1 ?? (proj1 ?? (proj1 ?? H2))))
       ]
       | @(proj2 ?? H2)
@@ -68 +63 @@
 qed.
 
+  
 lemma pe_int_refl: ∀program.reflexive ? (sigma_jump_equal program).
 #program whd #x whd #n #Hn
@@ -153 +149 @@
 ]
 qed.
+
+lemma jump_pc_equal: ∀program.∀n.
+  match \snd (jump_expansion_internal program n) with
+  [ None   ⇒ True
+  | Some p1 ⇒ match \snd (jump_expansion_internal program (S n)) with
+    [ None ⇒ True
+    | Some p2 ⇒ sigma_jump_equal program p1 p2 → sigma_pc_equal program p1 p2
+    ]
+  ].
+ #program #n lapply (refl ? (jump_expansion_internal program n))
+ cases (jump_expansion_internal program n) in ⊢ (???% → %); #x cases x -x
+ #Nno_ch #No cases No
+ [ normalize nodelta #HN #NEQ @I
+ | #Npol normalize nodelta #HN #NEQ lapply (refl ? (jump_expansion_internal program (S n)))
+   cases (jump_expansion_internal program (S n)) in ⊢ (???% → %); #x cases x -x
+   #Sno_ch #So cases So
+   [ normalize nodelta #HS #SEQ @I
+   | #Spol normalize nodelta #HS #SEQ #Hj
+     whd in match (jump_expansion_internal program (S n)) in SEQ; (*80s*)
+     >NEQ in SEQ; normalize nodelta cases Nno_ch in HN;
+     [ #HN normalize nodelta #SEQ >(Some_eq ??? (proj2 ?? (pair_destruct ?????? (pi1_eq ???? SEQ))))
+       / by /
+     | #HN normalize nodelta cases (jump_expansion_step program (create_label_map program) «Npol,?»)     
+       #x cases x -x #Stno_ch #Stno_o normalize nodelta cases Stno_o
+       [ normalize nodelta #_ #H destruct (H)
+       | #Stno_p normalize nodelta #HSt #STeq 
+         <(Some_eq ??? (proj2 ?? (pair_destruct ?????? (pi1_eq ???? STeq)))) in Hj; #Hj
+         @(proj2 ?? (proj1 ?? HSt)) @(proj2 ?? (proj1 ?? (proj1 ?? HSt))) @Hj
+       ]
+     ]
+   ]
+ ]
+qed.
+       
 
 lemma pe_step: ∀program:(Σl:list labelled_instruction.S (|l|) < 2^16 ∧ is_well_labelled_p l).
@@ -413 +443 @@
         @conj 
         [ @(equal_compact_unsafe_compact ?? Fp)
-          [ cases daemon
+          [ lapply (jump_pc_equal program (2*|program|))
+            >Feq >Geq normalize nodelta #H @H @Heq
           | cases daemon
           | @(proj2 ?? (proj1 ?? HGp))
@@ -487 +518 @@
                   normalize nodelta #Hpe
                   lapply (measure_incr_or_equal program Xp program (le_n (|program|)) 0)
-                  [ cases daemon (* reorder *)
+                  [ @HXp
                   | lapply (Hfa x Hx) >Xeq >Seq
                     lapply (measure_special program «Xp,?»)
-                    [ cases daemon (* reorder *)
+                    [ @HXp
                     | lapply Seq whd in match (jump_expansion_internal program (S x)); (*340s*)
                       >Xeq normalize nodelta cases Xno_ch in HXp Xeq; #HXp #Xeq
@@ -517 +548 @@
         ]
       ]
-    | #Hfull
-      whd in match (jump_expansion_internal program (S (2*|program|))); (*65s*)
-      >Feq normalize nodelta cases Fno_ch in HFp Feq; #HFp #Feq
-      normalize nodelta
-      [ @conj 
-        [ cases daemon (* XXX *)
-        | @(proj2 ?? (proj1 ?? (proj1 ?? (proj1 ?? HFp))))
-        ]
-      | cases (jump_expansion_step ???); #z cases z -z #stch #sto cases sto
-        [ #_ / by I/
-        | -sto #stp normalize nodelta #Hstp @conj 
-          [ @(equal_compact_unsafe_compact ?? Fp)
-            [ @(proj2 ?? (proj1 ?? Hstp)) @(proj2 ?? (proj1 ?? (proj1 ?? Hstp)))
-              #i #Hi
-              cases (dec_is_jump (\snd (nth i ? program 〈None ?, Comment []〉)))
-              [ #Hj 
-                lapply (proj2 ?? (proj1 ?? (proj1 ?? (proj1 ?? (proj1 ?? Hstp)))) i (le_S_to_le … Hi))
-                lapply (Hfull i Hi Hj)
-                cases (bvt_lookup … (bitvector_of_nat ? i) (\snd Fp) 〈0,short_jump〉)
-                #fp #fj #Hfj >Hfj normalize nodelta
-                cases (bvt_lookup … (bitvector_of_nat ? i) (\snd stp) 〈0,short_jump〉)
-                #stp #stj cases stj normalize nodelta
-                [1,2: #H cases H #H2 cases H2 destruct (H2)
-                |3: #_ @refl
-                ]
-              | #Hj >(proj1 ?? (proj1 ?? (proj1 ?? (proj1 ?? (proj1 ?? (proj1 ?? (proj1 ?? Hstp)))))) i Hi Hj)
+    | #Hfull lapply (refl ? (jump_expansion_internal program (S (2*|program|))))
+      cases (jump_expansion_internal program (S (2*|program|))) in ⊢ (???% → %);
+      #z cases z -z #Gch #Go cases Go normalize nodelta
+      [ #HGp #Geq @I
+      | -Go #Gp normalize nodelta #HGp #Geq @conj
+        [ @(equal_compact_unsafe_compact ?? Fp)
+          [ lapply (jump_pc_equal program (2*(|program|))) >Feq >Geq normalize nodelta
+            #H @H #i #Hi
+            cases (dec_is_jump (\snd (nth i ? program 〈None ?, Comment []〉)))
+            [ #Hj whd in match (jump_expansion_internal program (S (2*|program|))) in Geq; (*85s*)
+              >Feq in Geq; normalize nodelta cases Fno_ch
+              [ normalize nodelta #Heq
+                >(Some_eq ??? (proj2 ?? (pair_destruct ?????? (pi1_eq ???? Heq)))) %
+              | normalize nodelta cases (jump_expansion_step program (create_label_map program) «Fp,?»)
+                #x cases x -x #stch #sto normalize nodelta cases sto
+                [ normalize nodelta #_ #X destruct (X)
+                | -sto #stp normalize nodelta #Hst #Heq
+                   <(Some_eq ??? (proj2 ?? (pair_destruct ?????? (pi1_eq ???? Heq))))
+                   lapply (proj2 ?? (proj1 ?? (proj1 ?? (proj1 ?? (proj1 ?? Hst)))) i (le_S_to_le … Hi))
+                   lapply (Hfull i Hi Hj)
+                   cases (bvt_lookup … (bitvector_of_nat ? i) (\snd Fp) 〈0,short_jump〉)
+                   #fp #fj #Hfj >Hfj normalize nodelta
+                   cases (bvt_lookup … (bitvector_of_nat ? i) (\snd stp) 〈0,short_jump〉)
+                   #stp #stj cases stj normalize nodelta
+                   [1,2: #H cases H #H2 cases H2 destruct (H2)
+                   |3: #_ @refl
+                   ]
+                 ]
+               ]
+             | #Hj >(proj1 ?? (proj1 ?? (proj1 ?? (proj1 ?? HGp))) i Hi Hj)
                 >(proj1 ?? (proj1 ?? (proj1 ?? (proj1 ?? HFp))) i Hi Hj) @refl
               ]
-            | cases daemon  
-            | @(proj2 ?? (proj1 ?? (proj1 ?? (proj1 ?? Hstp))))
+            | cases daemon
+            | @(proj2 ?? (proj1 ?? HGp))
             ]
-          | @(proj2 ?? (proj1 ?? (proj1 ?? (proj1 ?? (proj1 ?? (proj1 ?? (proj1 ?? Hstp)))))))
+          | @(proj2 ?? (proj1 ?? (proj1 ?? (proj1 ?? HGp))))
           ]
         ]
       ]
     ]
-  ]
-| #n cases (jump_expansion_internal program n) cases (jump_expansion_internal program (S n))
-  #x cases x -x #nch #npol normalize nodelta #Hnpol
-  #x cases x -x #Sch #Spol normalize nodelta #HSpol
-  cases npol in Hnpol; cases Spol in HSpol;
-  [ #Hnpol #HSpol %1 //
-  |2,3: #x #Hnpol #HSpol %2 @nmk whd in match (policy_equal_opt ???); //
-    #H destruct (H)
-  |4: #np #Hnp #Sp #HSp whd in match (policy_equal_opt ???); @dec_bounded_forall #m
-      cases (bvt_lookup ?? (bitvector_of_nat 16 m) ? 〈0,short_jump〉)
-      #x1 #x2
-      cases (bvt_lookup ?? (bitvector_of_nat ? m) ? 〈0,short_jump〉)
-      #y1 #y2 normalize nodelta
-      @dec_eq_jump_length
-  ]
-]
+  | #n cases (jump_expansion_internal program n) cases (jump_expansion_internal program (S n))
+    #x cases x -x #nch #npol normalize nodelta #Hnpol
+    #x cases x -x #Sch #Spol normalize nodelta #HSpol
+    cases npol in Hnpol; cases Spol in HSpol;
+    [ #Hnpol #HSpol %1 //
+    |2,3: #x #Hnpol #HSpol %2 @nmk whd in match (policy_equal_opt ???); //
+      #H destruct (H)
+    |4: #np #Hnp #Sp #HSp whd in match (policy_equal_opt ???); @dec_bounded_forall #m
+        cases (bvt_lookup ?? (bitvector_of_nat 16 m) ? 〈0,short_jump〉)
+        #x1 #x2
+        cases (bvt_lookup ?? (bitvector_of_nat ? m) ? 〈0,short_jump〉)
+        #y1 #y2 normalize nodelta
+        @dec_eq_jump_length
+    ]
+  ]
 qed.