Commit 306c0cdf authored by MARCHE Claude's avatar MARCHE Claude
Browse files

sumrange: proof of complexity in progress

parent ef1b0c5c
......@@ -357,27 +357,51 @@ module CumulativeTree
*)
(** preliminaries: definition of the depth of a tree, and showing
that it is indeed logarithmic in function of the number of its
elements *)
use import int.MinMax
function depth (t:tree) : int =
match t with
| Leaf _ -> 0
| Leaf _ -> 1
| Node _ l r -> 1 + max (depth l) (depth r)
end
lemma depth_min : forall t. depth t >= 1
use import bv.Pow2int
let rec lemma depth_is_log (t:tree) (a :array int) (k:int)
requires { k >= 0 }
requires { is_tree_for t a t.indexes.low t.indexes.high }
requires { t.indexes.high - t.indexes.low <= pow2 k }
variant { t }
ensures { depth t <= k+1 }
= match t with
| Leaf _ -> ()
| Node _ l r ->
depth_is_log l a (k-1);
depth_is_log r a (k-1)
end
(** [update_aux] function instrumented with a credit *)
use import ref.Ref
let rec update_compl (t:tree) (i:int) (ghost a :array int) (v:int) (ghost c:ref int): (tree,int)
let rec update_aux_complexity (t:tree) (i:int) (ghost a :array int) (v:int) (ghost c:ref int): (tree,int)
requires { is_tree_for t a t.indexes.low t.indexes.high }
requires { t.indexes.low <= i < t.indexes.high }
requires { !c >= depth t }
variant { t }
ensures { !c - old !c <= depth t }
returns { (t',delta) ->
delta = v - a[i] /\
t'.indexes.low = t.indexes.low /\
t'.indexes.high = t.indexes.high /\
is_tree_for t' a[i<-v] t'.indexes.low t'.indexes.high }
= c := !c - 1;
= c := !c + 1;
match t with
| Leaf ind ->
assert { i = ind.low };
......@@ -385,33 +409,60 @@ module CumulativeTree
| Node ind l r ->
let m = l.indexes.high in
if i < m then
let l',delta = update_compl l i a v c in
let l',delta = update_aux_complexity l i a v c in
assert { is_tree_for l' a[i<-v] t.indexes.low m };
assert { is_tree_for r a[i<-v] m t.indexes.high };
(Node {ind with isum = ind.isum + delta } l' r, delta)
else
let r',delta = update_compl r i a v c in
let r',delta = update_aux_complexity r i a v c in
assert { is_tree_for l a[i<-v] t.indexes.low m };
assert { is_tree_for r' a[i<-v] m t.indexes.high };
(Node {ind with isum = ind.isum + delta} l r',delta) (*>*)
end
(** auxiliary result: depth of a cumulative tree is indeed
logarithmic in function of the number of its elements *)
use import bv.Pow2int
(** [query_aux] function instrumented with a credit *)
let rec lemma depth_is_log (t:tree) (a :array int) (k:int)
requires { k >= 0 }
requires { is_tree_for t a t.indexes.low t.indexes.high }
requires { t.indexes.high - t.indexes.low <= pow2 k }
variant { t }
ensures { depth t <= k }
= match t with
| Leaf _ -> ()
| Node _ l r ->
depth_is_log l a (k-1);
depth_is_log r a (k-1)
let rec query_aux_complexity (t:tree) (ghost a: array int)
(i j:int) (ghost c:ref int) : int
requires { is_tree_for t a t.indexes.low t.indexes.high }
requires { 0 <= t.indexes.low <= i < j <= t.indexes.high <= a.length }
variant { t }
(*
ensures { !c - old !c <=
if i = t.indexes.low /\ j = t.indexes.high then 1 else
if i = t.indexes.low \/ j = t.indexes.high then depth t else
2 * depth t }
*)
ensures {
i = t.indexes.low /\ j = t.indexes.high -> !c - old !c <= 1 }
ensures {
i = t.indexes.low \/ j = t.indexes.high -> !c - old !c <= 1 + depth t }
ensures { !c - old !c <= 2 * depth t }
ensures { result = sum a i j }
= c := !c + 1;
match t with
| Leaf ind ->
ind.isum
| Node ind l r ->
let k1 = ind.low in
let k3 = ind.high in
if i=k1 && j=k3 then ind.isum else
let m = l.indexes.high in
if j <= m then
begin
assert { depth l < depth t };
assert { i = t.indexes.low <-> i = l.indexes.low };
assert { j = t.indexes.high -> j = l.indexes.high };
query_aux_complexity l a i j c
end
else
if i >= m then query_aux_complexity r a i j c else
begin
'L1: let tmp = query_aux_complexity l a i m c in
assert { !c - at !c 'L1 <= depth t };
tmp + query_aux_complexity r a m j c
end
end
end
end
\ No newline at end of file
......@@ -6,7 +6,7 @@
<prover id="1" name="Alt-Ergo" version="1.30" timelimit="1" steplimit="0" memlimit="1000"/>
<prover id="2" name="Z3" version="4.5.0" timelimit="1" steplimit="0" memlimit="1000"/>
<prover id="3" name="CVC4" version="1.5" timelimit="1" steplimit="0" memlimit="1000"/>
<file name="../sumrange.mlw" proved="true">
<file name="../sumrange.mlw">
<theory name="ArraySum" proved="true" sum="c43abcc65051af09a54f471f27f69208">
<goal name="sum_right" proved="true">
<transf name="assert" proved="true" arg1="(forall x. 0 &lt; x &lt; j -&gt; sum a (j-x) j = sum a (j-x) (j-1) + a[j-1])">
......@@ -121,7 +121,7 @@
<proof prover="2"><result status="valid" time="0.05"/></proof>
</goal>
</theory>
<theory name="CumulativeTree" proved="true" sum="6f92715b7d5c25074deca072f60d514f">
<theory name="CumulativeTree" sum="926714608746ce5cc75c06bb87a4995d">
<goal name="WP_parameter tree_of_array" expl="VC for tree_of_array" proved="true">
<proof prover="3"><result status="valid" time="0.43"/></proof>
</goal>
......@@ -190,90 +190,237 @@
<goal name="WP_parameter update" expl="VC for update" proved="true">
<proof prover="3"><result status="valid" time="0.08"/></proof>
</goal>
<goal name="WP_parameter update_compl" expl="VC for update_compl" proved="true">
<goal name="depth_min" proved="true">
<transf name="induction_ty_lex" proved="true" >
<goal name="depth_min.0" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
</transf>
</goal>
<goal name="WP_parameter depth_is_log" expl="VC for depth_is_log" proved="true">
<transf name="split_goal_wp" proved="true" >
<goal name="WP_parameter update_compl.0" expl="assertion" proved="true">
<goal name="WP_parameter depth_is_log.0" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter update_compl.1" expl="postcondition" proved="true">
<goal name="WP_parameter depth_is_log.1" expl="variant decrease" proved="true">
<proof prover="3"><result status="valid" time="0.05"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.2" expl="precondition" proved="true">
<proof prover="1" timelimit="5"><result status="valid" time="0.02" steps="79"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.3" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.4" expl="precondition" proved="true">
<proof prover="1"><result status="valid" time="0.08" steps="146"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.5" expl="variant decrease" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.6" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.01"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.7" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.8" expl="precondition" proved="true">
<proof prover="1"><result status="valid" time="0.05" steps="121"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.9" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.03"/></proof>
<proof prover="1"><result status="valid" time="0.02" steps="120"/></proof>
<proof prover="2"><result status="valid" time="0.02"/></proof>
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
</transf>
</goal>
<goal name="WP_parameter update_aux_complexity" expl="VC for update_aux_complexity" proved="true">
<transf name="split_goal_wp" proved="true" >
<goal name="WP_parameter update_aux_complexity.0" expl="assertion" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter update_aux_complexity.1" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.02"/></proof>
<proof prover="1"><result status="valid" time="0.02" steps="74"/></proof>
<proof prover="2"><result status="valid" time="0.02"/></proof>
<proof prover="3"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="WP_parameter update_aux_complexity.2" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.09"/></proof>
</goal>
<goal name="WP_parameter update_compl.2" expl="variant decrease" proved="true">
<goal name="WP_parameter update_aux_complexity.3" expl="variant decrease" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter update_compl.3" expl="precondition" proved="true">
<goal name="WP_parameter update_aux_complexity.4" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="WP_parameter update_compl.4" expl="precondition" proved="true">
<goal name="WP_parameter update_aux_complexity.5" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.05"/></proof>
</goal>
<goal name="WP_parameter update_compl.5" expl="precondition" proved="true">
<goal name="WP_parameter update_aux_complexity.6" expl="assertion" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter update_compl.6" expl="assertion" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter update_compl.7" expl="assertion" proved="true">
<goal name="WP_parameter update_aux_complexity.7" expl="assertion" proved="true">
<proof prover="3"><result status="valid" time="0.63"/></proof>
</goal>
<goal name="WP_parameter update_compl.8" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.47"/></proof>
<goal name="WP_parameter update_aux_complexity.8" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.03"/></proof>
<proof prover="1"><result status="valid" time="0.07" steps="123"/></proof>
<proof prover="2"><result status="valid" time="0.02"/></proof>
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter update_aux_complexity.9" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.42"/></proof>
</goal>
<goal name="WP_parameter update_compl.9" expl="variant decrease" proved="true">
<goal name="WP_parameter update_aux_complexity.10" expl="variant decrease" proved="true">
<proof prover="3"><result status="valid" time="0.02"/></proof>
</goal>
<goal name="WP_parameter update_compl.10" expl="precondition" proved="true">
<goal name="WP_parameter update_aux_complexity.11" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter update_compl.11" expl="precondition" proved="true">
<goal name="WP_parameter update_aux_complexity.12" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter update_compl.12" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.05"/></proof>
</goal>
<goal name="WP_parameter update_compl.13" expl="assertion" proved="true">
<goal name="WP_parameter update_aux_complexity.13" expl="assertion" proved="true">
<proof prover="3"><result status="valid" time="0.79"/></proof>
</goal>
<goal name="WP_parameter update_compl.14" expl="assertion" proved="true">
<goal name="WP_parameter update_aux_complexity.14" expl="assertion" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter update_compl.15" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.42"/></proof>
<goal name="WP_parameter update_aux_complexity.15" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter update_aux_complexity.16" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.47"/></proof>
</goal>
</transf>
</goal>
<goal name="WP_parameter depth_is_log" expl="VC for depth_is_log" proved="true">
<transf name="split_goal_wp" proved="true" >
<goal name="WP_parameter depth_is_log.0" expl="postcondition" proved="true">
<goal name="WP_parameter query_aux_complexity" expl="VC for query_aux_complexity">
<proof prover="0"><result status="unknown" time="2.01"/></proof>
<proof prover="1"><result status="timeout" time="1.00"/></proof>
<proof prover="2"><result status="timeout" time="1.00"/></proof>
<proof prover="3"><result status="unknown" time="1.97"/></proof>
<transf name="split_goal_wp" >
<goal name="WP_parameter query_aux_complexity.0" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.1" expl="variant decrease" proved="true">
<goal name="WP_parameter query_aux_complexity.1" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.02"/></proof>
<proof prover="1"><result status="valid" time="0.01" steps="76"/></proof>
<proof prover="2"><result status="valid" time="0.02"/></proof>
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.2" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.3" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.06"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.4" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.5" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.6" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.02"/></proof>
<proof prover="1"><result status="valid" time="0.01" steps="78"/></proof>
<proof prover="2"><result status="valid" time="0.02"/></proof>
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.7" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.05"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.2" expl="precondition" proved="true">
<proof prover="1" timelimit="5"><result status="valid" time="0.02" steps="79"/></proof>
<goal name="WP_parameter query_aux_complexity.8" expl="assertion" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.3" expl="precondition" proved="true">
<goal name="WP_parameter query_aux_complexity.9" expl="assertion" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.4" expl="precondition" proved="true">
<proof prover="1"><result status="valid" time="0.08" steps="143"/></proof>
<goal name="WP_parameter query_aux_complexity.10" expl="assertion" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.5" expl="variant decrease" proved="true">
<goal name="WP_parameter query_aux_complexity.11" expl="variant decrease" proved="true">
<proof prover="3"><result status="valid" time="0.05"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.12" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.13" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.14" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.04"/></proof>
<proof prover="1"><result status="valid" time="0.03" steps="99"/></proof>
<proof prover="2"><result status="valid" time="0.02"/></proof>
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.6" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.01"/></proof>
<goal name="WP_parameter query_aux_complexity.15" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.06"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.7" expl="precondition" proved="true">
<goal name="WP_parameter query_aux_complexity.16" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.17" expl="variant decrease" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.18" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.8" expl="precondition" proved="true">
<proof prover="1"><result status="valid" time="0.05" steps="118"/></proof>
<goal name="WP_parameter query_aux_complexity.19" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter depth_is_log.9" expl="postcondition" proved="true">
<goal name="WP_parameter query_aux_complexity.20" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.03"/></proof>
<proof prover="1"><result status="valid" time="0.02" steps="99"/></proof>
<proof prover="2"><result status="valid" time="0.02"/></proof>
<proof prover="3"><result status="valid" time="0.05"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.21" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.03"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.22" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.06"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.23" expl="variant decrease" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.24" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.25" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.26" expl="assertion" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.27" expl="variant decrease" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.28" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.29" expl="precondition" proved="true">
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.30" expl="postcondition" proved="true">
<proof prover="0"><result status="valid" time="0.04"/></proof>
<proof prover="1"><result status="valid" time="0.06" steps="124"/></proof>
<proof prover="2"><result status="valid" time="0.02"/></proof>
<proof prover="3"><result status="valid" time="0.04"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.31" expl="postcondition">
<proof prover="0"><result status="timeout" time="2.00"/></proof>
<proof prover="1"><result status="timeout" time="1.00"/></proof>
<proof prover="2"><result status="timeout" time="1.00"/></proof>
<proof prover="3"><result status="unknown" time="2.02"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.32" expl="postcondition">
<proof prover="3"><result status="unknown" time="1.07"/></proof>
</goal>
<goal name="WP_parameter query_aux_complexity.33" expl="postcondition" proved="true">
<proof prover="3"><result status="valid" time="0.06"/></proof>
</goal>
</transf>
</goal>
</theory>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment