-
Notifications
You must be signed in to change notification settings - Fork 0
/
theorem_pile.sml
169 lines (159 loc) Β· 4.6 KB
/
theorem_pile.sml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
val helper_theorem = prove(
``( ! a . let b = f a in p b )
==>
(! a . ? b. (b = f a) /\ p b)``,
rw [] >>
POP_ASSUM (ASSUME_TAC o EVAL_RULE o SPEC ``a`` ) >>
rw []
);
val helper_theorem_two = prove(
``(! a . ? b. (b = f a) /\ p b)
==>
( ! a . let b = f a in p b )
``,
simp []
);
val word_bit_concat1 = prove(
``
((FINITE π(:Ξ±)) β§ (FINITE π(:Ξ²)) /\
(x < (dimindex(:'a) + dimindex(:'b)) /\ ~(x < dimindex(:'b) ) ))
==>
((word_bit x ( word_join (a:'a word) (b:'b word)))
= word_bit (x-dimindex(:'b)) a
)
``,
strip_tac >>
`x < dimindex(:('a+'b))` by fs [fcpTheory.index_sum] >>
`(x -dimindex(:'b)) < dimindex(:'a)` by fsrw_tac [ARITH_ss] [] >>
rw [GSYM word_bit] >>
lrw [word_join_index]
);
val word_bit_concat2 = prove(
``
((FINITE π(:Ξ±)) β§ (FINITE π(:Ξ²)) /\
(x < dimindex(:'b)))
==>
((word_bit x ( word_join (a:'a word) (b:'b word)))
= word_bit x b
)
``,
strip_tac >>
`x < dimindex(:'a) + dimindex(:'b)` by fsrw_tac [ARITH_ss] [] >>
`x < dimindex(:('a+'b))` by pop_assum (fn tm => fs
[fcpTheory.index_sum,tm]) >>
rw [GSYM word_bit] >>
rw [word_join_index]
);
val BITS_TO_WORD_join = prove (
``
(dimindex(:'a) = (LENGTH a))
/\
(dimindex(:'b) = (LENGTH b))
==>
((BITS_TO_WORD (b++a)):('a+'b) word =
(word_join ((BITS_TO_WORD a):'a word) ((BITS_TO_WORD b):'b word)))
``,
simp[GSYM WORD_EQ] >>
rw [] >>
Cases_on `x<dimindex(:'b)` >>
(* TODO Have to find out what this means and then get rid of the cheat *)
`(FINITE π(:Ξ±)) β§ (FINITE π(:Ξ²))` by cheat >>
fs [fcpTheory.index_sum] >>
rfs [] >>
rw [word_bit_concat1, word_bit_concat2 ] >>
rw [ADD_COMM, word_bit_BITS_TO_WORD,EL_APPEND1,EL_APPEND2] >>
rw [fcpTheory.index_sum] >>
`x - (LENGTH b) < LENGTH a` by simp [] >>
simp [ word_bit_BITS_TO_WORD,EL_APPEND1,EL_APPEND2]
);
(* val BITS_TO_WORD_concat = prove ( *)
(* `` *)
(* (dimindex(:'a) = (LENGTH a)) *)
(* /\ *)
(* (dimindex(:'b) = (LENGTH b)) *)
(* /\ *)
(* (dimindex(:'c) = (LENGTH a)+(LENGTH b)) *)
(* ==> *)
(* ((BITS_TO_WORD (b++a)):('c) word = *)
(* w2w ( ((BITS_TO_WORD a):'a word) @@ ((BITS_TO_WORD b):'b word))) *)
(* ``, *)
(* simp[GSYM WORD_EQ] >> *)
(* rw [] >> *)
(* Cases_on `x<dimindex(:'b)` >> *)
(* `(FINITE π(:Ξ±)) β§ (FINITE π(:Ξ²))` by cheat >> *)
(* fs [fcpTheory.index_sum] >> *)
(* rfs [word_concat_def ] >> *)
(* rw [WORD_w2w_EXTRACT, fcpTheory.index_sum ] *)
(* (1* PUH *1) *)
(* rw [word_bit_concat1, word_bit_concat2 ] >> *)
(* rw [ADD_COMM, word_bit_BITS_TO_WORD,EL_APPEND1,EL_APPEND2] >> *)
(* (1* PUH *1) *)
(* rw [ INST_TYPE [gamma |-> Type `:('a+'b) word`] word_concat_def] >> *)
(* rw [BITS_TO_WORD_join] >> *)
(* ); *)
(* A fully padded block concerted into a word equals INT_MINw XOR 1w *)
val padding_block_full = prove (
``
(dimindex(:'r)>1)
==>
(( BITS_TO_WORD ( T::( Zeros (dimindex(:'r)-1) ++ [T] ))): ('r+1) word
= (INT_MINw || 1w):('r+1) word
)
``,
strip_tac >>
qmatch_abbrev_tac`( BITS_TO_WORD (T::rest)) = w` >>
`LENGTH [T]=1` by rw[] >>
`LENGTH rest=dimindex(:'r)` by simp[Abbr `rest`] >>
simp_tac pure_ss [Once (CONS_APPEND)] >>
rw [BITS_TO_WORD_join] >>
`dimindex(:'r) > 0 ` by simp [] >>
POP_ASSUM (fn thm => rw [Abbr `rest`, int_min_lemma, thm] ) >>
rw [BITS_TO_WORD_def] >>
simp[GSYM WORD_EQ, GSYM word_bit] >>
strip_tac >>
`FINITE π(:'r+1) ` by cheat >>
`FINITE π(:'r) ` by cheat >>
`dimindex(:'r+1) = dimindex(:'r) + 1 ` by fs [fcpTheory.index_sum] >>
DISCH_TAC >>
rw [word_join_index, word_L ] >>
qunabbrev_tac `w` >>
qpat_assum `x < dimindex(:'r+1)`
(fn thm => ( assume_tac (MATCH_MP word_L thm))
>> assume_tac thm) >>
rw [word_bit_or]
>- (* x=0 *)
(
`x=0` by simp [] >>
rw [word_bit_T]
)
>>
`x < dimindex(:'r+1)` by simp [] >>
rw [word_bit_T] >>
`x-1 < dimindex(:'r)` by simp [] >>
rw [word_L] >>
simp []
);
(* TODO check if this can be deleted *)
val SplittoWords_Pad_reduction = prove(
``
(dimindex(:'r) >1)
==>
( SplittoWords (Pad (dimindex(:'r)) (FLAT (MAP WORD_TO_BITS (m: 'r word::mr))))
=
m :: SplittoWords (Pad (dimindex(:'r)) (FLAT (MAP WORD_TO_BITS
(mr))))
)
``,
rw [] >>
qmatch_abbrev_tac `LHS = RHS` >> qunabbrev_tac `LHS` >>
simp [LENGTH_WORD_TO_BITS,Pad_APPEND, SplittoWords_def] >>
qpat_abbrev_tac `rest = (Pad (dimindex (:Ο)) (FLAT (MAP WORD_TO_BITS
mr)))` >>
`LENGTH (WORD_TO_BITS m)=dimindex(:'r)` by rw [LENGTH_WORD_TO_BITS] >>
`LENGTH (rest) > 0` by simp [Abbr`rest`,Pad_def] >>
`LENGTH (WORD_TO_BITS m)> 0` by simp [] >>
Q.ISPECL_THEN [`rest`,`WORD_TO_BITS m`] assume_tac (GEN_ALL
Split_LENGTH_APPEND) >>
res_tac >>
rfs [] >> simp [Abbr`RHS`,BITS_TO_WORD_WORD_TO_BITS, SplittoWords_def]
);