Skip to content

Commit 2f91738

Browse files
fdupressoskgo
fdupress
authored and
oskgo
committed
swap total_prob parameter, simplify proofs
1 parent 1eade22 commit 2f91738

File tree

1 file changed

+31
-35
lines changed

1 file changed

+31
-35
lines changed

theories/modules/TotalProb.ec

Lines changed: 31 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ local lemma RandAux_partition_eq (dt' : t distr) (i' : input) (x' : t) &m :
7575
mu1 dt' x' * Pr[M.main(i', x') @ &m : res].
7676
proof.
7777
byphoare
78-
(_ :
78+
(:
7979
dt = dt' /\ i = i' /\ (glob M) = (glob M){m} ==>
8080
res /\ x_of_glob_RA (glob RandAux) = x') => //.
8181
proc; rewrite /x_of_glob_RA /=.
@@ -86,53 +86,53 @@ seq 1 :
8686
(1%r - mu1 dt x')
8787
0%r
8888
(i = i' /\ (glob M) = (glob M){m}) => //.
89-
+ auto.
90-
+ rnd (pred1 x'); auto.
91-
+ call (_ : i = i' /\ x = x' /\ glob M = (glob M){m} ==> res).
89+
+ by auto.
90+
+ by rnd (pred1 x'); auto.
91+
+ call (: i = i' /\ x = x' /\ glob M = (glob M){m} ==> res).
9292
+ bypr => &hr [#] -> -> glob_eq.
93-
byequiv (_ : ={i, x, glob M} ==> ={res}) => //; sim.
94-
+ auto.
95-
hoare; call (_ : true); auto; smt().
93+
by byequiv (: ={i, x, glob M} ==> ={res}) => //; sim.
94+
+ by auto.
95+
by hoare; call (: true); auto; smt().
9696
qed.
9797
98-
lemma total_prob' (dt' : t distr) (supp : t list) (i' : input) &m :
98+
lemma total_prob' (supp : t list) (dt' : t distr) (i' : input) &m :
9999
is_finite_for (support dt') supp =>
100100
Pr[Rand(M).f(dt', i') @ &m : res] =
101101
big predT
102102
(fun x' => mu1 dt' x' * Pr[M.main(i', x') @ &m : res])
103103
supp.
104104
proof.
105105
move => [uniq_supp supp_iff].
106-
have -> :
106+
have ->:
107107
Pr[Rand(M).f(dt', i') @ &m : res] = Pr[RandAux.f(dt', i') @ &m : res].
108-
+ byequiv (_ : ={dt, i, glob M} ==> ={res}) => //; proc; sim.
108+
+ by byequiv (_ : ={dt, i, glob M} ==> ={res}) => //; proc; sim.
109109
rewrite (EPL.list_partitioning RandAux (dt', i') E phi supp &m) //.
110110
have -> /= :
111111
Pr[RandAux.f(dt', i') @ &m: res /\ ! (x_of_glob_RA (glob RandAux) \in supp)] =
112112
0%r.
113-
+ byphoare (_ : dt = dt' /\ i = i' ==> _) => //; proc.
114-
seq 1 :
115-
(RandAux.x \in supp)
116-
1%r
117-
0%r
118-
0%r
119-
1%r => //.
120-
+ by hoare; call (_ : true); auto; smt().
121-
by rnd pred0; auto; smt(mu0).
113+
+ byphoare (: dt = dt' /\ i = i' ==> _) => //; proc.
114+
seq 1 :
115+
(RandAux.x \in supp)
116+
1%r
117+
0%r
118+
0%r
119+
1%r => //.
120+
+ by hoare; call (: true); auto; smt().
121+
by rnd pred0; auto; smt(mu0).
122122
by congr; apply fun_ext => x'; rewrite RandAux_partition_eq.
123123
qed.
124124
125125
end section.
126126
127127
(*& total probability lemma for distributions with finite support &*)
128128
129-
lemma total_prob (M <: T) (dt : t distr) (supp : t list) (i : input) &m :
129+
lemma total_prob (M <: T) (supp : t list) (dt : t distr) (i : input) &m :
130130
is_finite_for (support dt) supp =>
131131
Pr[Rand(M).f(dt, i) @ &m : res] =
132132
big predT
133133
(fun (x : t) => mu1 dt x * Pr[M.main(i, x) @ &m : res])
134134
supp.
135-
proof. move => iff_supp_dt_supp; by apply (total_prob' M). qed.
135+
proof. exact: (total_prob' M). qed.
136136

137137
end TotalGeneral.
138138

@@ -151,9 +151,9 @@ lemma total_prob_bool (M <: T) (i : input) &m :
151151
Pr[M.main(i, true) @ &m : res] / 2%r +
152152
Pr[M.main(i, false) @ &m : res] / 2%r.
153153
proof.
154-
rewrite (total_prob M DBool.dbool [true; false]) //.
155-
+ by smt(supp_dbool).
156-
by rewrite 2!big_cons big_nil /= /predT /predF /= 2!dbool1E.
154+
rewrite (total_prob M [true; false]) //.
155+
+ smt(supp_dbool).
156+
by rewrite 2!big_cons big_nil /= 2!dbool1E.
157157
qed.
158158

159159
end TotalBool.
@@ -168,18 +168,16 @@ proof *.
168168

169169
(*& total probability lemma for `drange` &*)
170170

171-
lemma total_prob_drange (M <: T) (m n : int, i : input) &m :
171+
lemma total_prob_drange (M <: T) (m n : int) (i : input) &m :
172172
m < n =>
173173
Pr[Rand(M).f(drange m n, i) @ &m : res] =
174174
bigi predT
175175
(fun (j : int) => Pr[M.main(i, j) @ &m : res] / (n - m)%r)
176176
m n.
177177
proof.
178-
move => lt_m_n.
179-
rewrite (total_prob M (drange m n) (range m n)).
178+
move => lt_m_n; rewrite (total_prob M (range m n)).
180179
+ by rewrite /is_finite_for; smt(range_uniq mem_range supp_drange).
181-
apply eq_big_seq => x x_in_range_m_n /=.
182-
by rewrite drange1E (_ : m <= x < n) 1:-mem_range.
180+
by apply: eq_big_seq=> |> y; rewrite drange1E mem_range=> ->.
183181
qed.
184182

185183
end TotalRange.
@@ -198,18 +196,16 @@ proof *.
198196

199197
(*& total probability lemma for `duniform` &*)
200198

201-
lemma total_prob_uniform (M <: T) (xs : t list, i : input) &m :
199+
lemma total_prob_uniform (M <: T) (xs : t list) (i : input) &m :
202200
uniq xs => xs <> [] =>
203201
Pr[Rand(M).f(duniform xs, i) @ &m : res] =
204202
big predT
205203
(fun (x : t) => Pr[M.main(i, x) @ &m : res] / (size xs)%r)
206204
xs.
207205
proof.
208-
move => uniq_xs xs_ne_nil.
209-
rewrite (total_prob M (duniform xs) xs).
210-
+ by smt(supp_duniform).
211-
apply eq_big_seq => y y_in_xs /=.
212-
by rewrite duniform1E_uniq // (_ : y \in xs).
206+
move => uniq_xs xs_ne_nil; rewrite (total_prob M xs).
207+
+ smt(supp_duniform).
208+
by apply: eq_big_seq=> |> x; rewrite duniform1E_uniq=> // ->.
213209
qed.
214210

215211
end TotalUniform.

0 commit comments

Comments
 (0)