diff options
| author |  Andres Erbsen <andreser@mit.edu> | 2017-03-27 17:44:38 -0400 |
|---|---|---|
| committer | Andres Erbsen <andreser@mit.edu> | 2017-03-30 14:12:36 -0400 |
| commit | 7e20c1c9eb1e8e28680a5169853522493c7011b9 (patch) | |
| tree | 873581572e9dc059111cd522be3a924cb2ec8e33 /src | |
| parent | ba864554da71ebe20b2494b1e8adf04779cd904b (diff) | |
make fsatz recurse when proving nonzero-ness, undo Weierstrass workaround
After | File Name | Before || Change
-----------------------------------------------------------------------------------------------------------
29m00.03s | Total | 33m00.88s || -4m00.84s
-----------------------------------------------------------------------------------------------------------
11m48.99s | WeierstrassCurve/WeierstrassCurveTheorems | 16m37.07s || -4m00.08s
1m46.82s | Test/Curve25519SpecTestVectors | 1m47.06s || -0m00.24s
1m18.46s | Spec/MontgomeryCurve | 0m43.03s || +0m00.43s
0m50.03s | Specific/GF25519Reflective/Reified/LadderStep | 0m50.00s || +0m00.03s
0m43.21s | Spec/Ed25519 | 0m42.48s || +0m00.73s
0m37.78s | ModularArithmetic/Conversion | 0m40.14s || -0m00.35s
0m34.92s | Specific/GF25519Reflective/Reified/AddCoordinates | 0m36.07s || -0m00.14s
0m32.14s | Specific/GF25519Bounded | 0m31.64s || +0m00.50s
0m29.53s | ModularArithmetic/ModularBaseSystemProofs | 0m29.72s || -0m00.18s
0m24.83s | Reflection/Z/Interpretations128/Relations | 0m23.35s || +0m00.47s
0m23.51s | CompleteEdwardsCurve/CompleteEdwardsCurveTheorems | 0m23.57s || -0m00.05s
0m20.51s | ModularArithmetic/Pow2BaseProofs | 0m22.19s || -0m00.67s
0m20.13s | Specific/GF25519 | 0m22.72s || -0m00.58s
0m19.08s | Reflection/Named/MapCastWf | 0m19.60s || -0m00.52s
0m18.74s | CompleteEdwardsCurve/ExtendedCoordinates | 0m17.30s || +0m00.43s
0m18.47s | Reflection/Z/Interpretations64/Relations | 0m19.28s || -0m00.81s
0m18.12s | EdDSARepChange | 0m18.55s || -0m00.42s
0m14.69s | Util/ZUtil | 0m15.19s || -0m00.50s
0m13.86s | Reflection/Named/ContextProperties/SmartMap | 0m14.23s || -0m00.37s
0m13.65s | Reflection/Named/ContextProperties/NameUtil | 0m15.92s || -0m00.26s
0m11.98s | Specific/GF25519Reflective/Reified/Mul | 0m12.53s || -0m00.54s
0m11.84s | Experiments/Ed25519 | 0m11.87s || -0m00.02s
0m11.64s | Specific/NewBaseSystemTest | 0m11.70s || -0m00.05s
0m11.28s | Algebra/Field | 0m11.55s || -0m00.27s
0m09.04s | Reflection/Named/MapCastInterp | 0m09.25s || -0m00.21s
0m09.02s | Assembly/GF25519 | 0m09.52s || -0m00.50s
0m08.92s | Specific/GF25519BoundedCommon | 0m08.75s || +0m00.16s
0m08.88s | Testbit | 0m10.14s || -0m00.25s
0m08.25s | BoundedArithmetic/Double/Proofs/Multiply | 0m08.14s || +0m00.10s
0m08.16s | ModularArithmetic/Montgomery/ZProofs | 0m08.50s || -0m00.33s
0m08.02s | BoundedArithmetic/ArchitectureToZLikeProofs | 0m08.18s || -0m00.16s
0m07.94s | Reflection/InlineWf | 0m08.34s || -0m00.39s
0m07.48s | BoundedArithmetic/Double/Proofs/SpreadLeftImmediate | 0m06.54s || +0m00.94s
0m07.47s | Algebra/Ring | 0m07.50s || -0m00.03s
0m07.41s | BoundedArithmetic/Double/Proofs/ShiftRightDoubleWordImmediate | 0m07.65s || -0m00.24s
0m07.10s | MxDHRepChange | 0m07.48s || -0m00.38s
0m06.48s | Specific/GF1305 | 0m06.40s || +0m00.08s
0m06.33s | BoundedArithmetic/Double/Proofs/RippleCarryAddSub | 0m05.14s || +0m00.19s
0m06.27s | Reflection/Z/InterpretationsGen | 0m06.42s || -0m00.15s
0m06.01s | Specific/GF25519Reflective/Reified/PreFreeze | 0m05.91s || +0m00.09s
0m05.96s | Bedrock/Word | 0m05.77s || +0m00.19s
0m05.90s | NewBaseSystem | 0m06.06s || -0m00.15s
0m05.76s | Util/FixedWordSizesEquality | 0m05.98s || -0m00.22s
0m05.49s | Specific/GF25519Reflective/Reified/CarrySub | 0m05.42s || +0m00.07s
0m05.38s | CompleteEdwardsCurve/Pre | 0m04.22s || +0m00.16s
0m05.17s | Specific/SC25519 | 0m05.31s || -0m00.13s
0m05.08s | Util/ListUtil | 0m05.16s || -0m00.08s
0m05.04s | Experiments/GenericFieldPow | 0m05.20s || -0m00.16s
0m05.01s | Specific/GF25519Reflective/Reified/CarryAdd | 0m05.04s || -0m00.03s
0m04.98s | Specific/GF25519Reflective/CommonBinOp | 0m05.18s || -0m00.19s
0m04.75s | ModularArithmetic/ModularBaseSystemListProofs | 0m04.81s || -0m00.05s
0m04.59s | Algebra/Field_test | 0m12.12s || -0m00.52s
0m04.48s | Reflection/InlineCastWf | 0m04.72s || -0m00.23s
0m03.97s | Specific/GF25519Reflective/CommonUnOp | 0m04.16s || -0m00.18s
0m03.97s | Specific/GF25519Reflective/Common9_4Op | 0m04.11s || -0m00.14s
0m03.96s | Specific/GF25519Reflective/CommonUnOpWireToFE | 0m03.91s || +0m00.04s
0m03.70s | Specific/GF25519Reflective/Reified/CarryOpp | 0m03.73s || -0m00.02s
0m03.53s | ModularArithmetic/BarrettReduction/ZHandbook | 0m03.71s || -0m00.18s
0m03.51s | BaseSystemProofs | 0m03.52s || -0m00.01s
0m03.39s | Reflection/EtaWf | 0m03.45s || -0m00.06s
0m03.37s | Reflection/Named/CompileWf | 0m03.81s || -0m00.43s
0m03.34s | Specific/GF25519Reflective/Reified/Sub | 0m03.47s || -0m00.13s
0m03.16s | BoundedArithmetic/InterfaceProofs | 0m03.14s || +0m00.02s
0m02.99s | Reflection/LinearizeWf | 0m03.09s || -0m00.09s
0m02.90s | Specific/GF25519Reflective/Reified/Add | 0m03.02s || -0m00.12s
0m02.84s | ModularArithmetic/BarrettReduction/ZGeneralized | 0m02.88s || -0m00.04s
0m02.79s | Specific/FancyMachine256/Montgomery | 0m02.77s || +0m00.02s
0m02.77s | ModularArithmetic/ZBoundedZ | 0m02.91s || -0m00.14s
0m02.74s | Reflection/Named/CompileInterp | 0m03.65s || -0m00.90s
0m02.68s | BoundedArithmetic/Double/Proofs/Decode | 0m02.62s || +0m00.06s
0m02.68s | Specific/GF25519Reflective/CommonUnOpFEToWire | 0m02.72s || -0m00.04s
0m02.63s | ModularArithmetic/ModularArithmeticTheorems | 0m02.65s || -0m00.02s
0m02.62s | Specific/FancyMachine256/Barrett | 0m02.58s || +0m00.04s
0m02.58s | Specific/GF25519Reflective/Reified/Pack | 0m02.56s || +0m00.02s
0m02.54s | Reflection/InlineInterp | 0m02.53s || +0m00.01s
0m02.46s | BoundedArithmetic/Double/Proofs/ShiftRight | 0m02.52s || -0m00.06s
0m02.42s | Specific/GF25519Reflective/Reified/Unpack | 0m02.42s || +0m00.00s
0m02.40s | Specific/GF25519ReflectiveAddCoordinates | 0m02.33s || +0m00.06s
0m02.39s | Reflection/Named/ContextProperties | 0m02.42s || -0m00.02s
0m02.38s | BoundedArithmetic/Double/Proofs/ShiftLeft | 0m02.40s || -0m00.02s
0m02.34s | Assembly/State | 0m02.44s || -0m00.10s
0m02.22s | Specific/GF25519Reflective/Reified/Opp | 0m02.23s || -0m00.00s
0m02.22s | Reflection/Named/NameUtilProperties | 0m02.31s || -0m00.08s
0m02.18s | ModularArithmetic/ModularBaseSystemOpt | 0m02.19s || -0m00.00s
0m02.16s | Reflection/WfProofs | 0m02.15s || +0m00.01s
0m02.14s | ModularArithmetic/BarrettReduction/ZBounded | 0m02.19s || -0m00.04s
0m02.12s | Reflection/TestCase | 0m02.23s || -0m00.10s
0m01.99s | Specific/GF25519Reflective/Reified/GeModulus | 0m01.96s || +0m00.03s
0m01.90s | WeierstrassCurve/Pre | 0m01.55s || +0m00.34s
0m01.87s | Reflection/WfReflective | 0m01.83s || +0m00.04s
0m01.79s | Util/WordUtil | 0m01.82s || -0m00.03s
0m01.76s | Specific/FancyMachine256/Core | 0m01.75s || +0m00.01s
0m01.71s | SaturatedBaseSystem | 0m01.92s || -0m00.20s
0m01.68s | Algebra/Group | 0m01.72s || -0m00.04s
0m01.67s | ModularArithmetic/Montgomery/ZBounded | 0m01.68s || -0m00.01s
0m01.63s | Assembly/Evaluables | 0m01.68s || -0m00.05s
0m01.45s | Specific/GF25519Reflective/Common | 0m01.39s || +0m00.06s
0m01.43s | Reflection/Z/Interpretations128/RelationsCombinations | 0m01.16s || +0m00.27s
0m01.42s | Reflection/Named/InterpretToPHOASWf | 0m01.51s || -0m00.09s
0m01.32s | Util/NatUtil | 0m01.32s || +0m00.00s
0m01.30s | Util/Tuple | 0m01.30s || +0m00.00s
0m01.30s | ModularArithmetic/PrimeFieldTheorems | 0m01.29s || +0m00.01s
0m01.30s | Assembly/WordizeUtil | 0m01.46s || -0m00.15s
0m01.30s | ModularArithmetic/BarrettReduction/Z | 0m01.34s || -0m00.04s
0m01.30s | Reflection/MapCastInterp | 0m01.30s || +0m00.00s
0m01.26s | Specific/GF25519Reflective | 0m01.30s || -0m00.04s
0m01.22s | Assembly/Compile | 0m01.26s || -0m00.04s
0m01.21s | Reflection/Z/Interpretations64/RelationsCombinations | 0m01.19s || +0m00.02s
0m01.20s | Reflection/Z/Syntax/Equality | 0m01.17s || +0m00.03s
0m01.18s | Assembly/Bounds | 0m01.35s || -0m00.17s
0m01.06s | BaseSystem | 0m01.05s || +0m00.01s
0m01.01s | Experiments/Ed25519Extraction | 0m00.98s || +0m00.03s
0m01.00s | Reflection/SmartBoundInterp | 0m01.02s || -0m00.02s
0m00.99s | BoundedArithmetic/Double/Repeated/Proofs/Decode | 0m01.02s || -0m00.03s
0m00.99s | Reflection/Relations | 0m00.96s || +0m00.03s
0m00.96s | ModularArithmetic/ExtendedBaseVector | 0m01.03s || -0m00.07s
0m00.89s | Assembly/Conversions | 0m00.89s || +0m00.00s
0m00.89s | Reflection/Named/InterpretToPHOASInterp | 0m00.92s || -0m00.03s
0m00.88s | Reflection/SmartCastWf | 0m00.89s || -0m00.01s
0m00.84s | Algebra/IntegralDomain | 0m00.86s || -0m00.02s
0m00.84s | Reflection/InlineCastInterp | 0m00.89s || -0m00.05s
0m00.80s | Specific/GF25519Reflective/CommonUnOpFEToZ | 0m00.87s || -0m00.06s
0m00.79s | Util/NumTheoryUtil | 0m00.94s || -0m00.14s
0m00.78s | BoundedArithmetic/Double/Proofs/BitwiseOr | 0m00.76s || +0m00.02s
0m00.76s | Reflection/MapCastByDeBruijnInterp | 0m00.72s || +0m00.04s
0m00.75s | BoundedArithmetic/Double/Proofs/LoadImmediate | 0m00.76s || -0m00.01s
0m00.74s | BoundedArithmetic/X86ToZLikeProofs | 0m00.73s || +0m00.01s
0m00.74s | Reflection/WfInversion | 0m00.78s || -0m00.04s
0m00.73s | Reflection/Named/CompileProperties | 0m00.77s || -0m00.04s
0m00.71s | Assembly/LL | 0m00.73s || -0m00.02s
0m00.69s | Assembly/Pipeline | 0m00.69s || +0m00.00s
0m00.69s | Util/IterAssocOp | 0m00.74s || -0m00.05s
0m00.68s | Assembly/HL | 0m00.70s || -0m00.01s
0m00.68s | Util/PartiallyReifiedProp | 0m00.70s || -0m00.01s
0m00.67s | Karatsuba | 0m00.71s || -0m00.03s
0m00.67s | Assembly/QhasmEvalCommon | 0m00.67s || +0m00.00s
0m00.66s | Specific/GF25519BoundedAddCoordinates | 0m00.63s || +0m00.03s
0m00.65s | Assembly/PhoasCommon | 0m00.62s || +0m00.03s
0m00.62s | Specific/GF25519Reflective/Reified | 0m00.62s || +0m00.00s
0m00.62s | Reflection/MultiSizeTest | 0m00.65s || -0m00.03s
0m00.58s | ModularArithmetic/PseudoMersenneBaseParamProofs | 0m00.58s || +0m00.00s
0m00.58s | Reflection/MapCastByDeBruijnWf | 0m00.57s || +0m00.01s
0m00.58s | Spec/WeierstrassCurve | 0m00.48s || +0m00.09s
0m00.55s | Encoding/ModularWordEncodingTheorems | 0m00.58s || -0m00.02s
0m00.54s | ModularArithmetic/ExtPow2BaseMulProofs | 0m00.53s || +0m00.01s
0m00.53s | Spec/EdDSA | 0m00.53s || +0m00.00s
0m00.53s | Util/AdditionChainExponentiation | 0m00.56s || -0m00.03s
0m00.53s | BoundedArithmetic/Double/Repeated/Proofs/Multiply | 0m00.53s || +0m00.00s
0m00.52s | Reflection/InterpByIsoProofs | 0m00.53s || -0m00.01s
0m00.52s | Reflection/Named/WfInterp | 0m00.52s || +0m00.00s
0m00.51s | ModularArithmetic/ModularBaseSystemList | 0m00.51s || +0m00.00s
0m00.51s | BoundedArithmetic/Interface | 0m00.51s || +0m00.00s
0m00.51s | BoundedArithmetic/X86ToZLike | 0m00.53s || -0m00.02s
0m00.51s | Encoding/ModularWordEncodingPre | 0m00.53s || -0m00.02s
0m00.51s | Reflection/WfReflectiveGen | 0m00.48s || +0m00.03s
0m00.50s | ModularArithmetic/ModularBaseSystem | 0m00.54s || -0m00.04s
0m00.50s | Reflection/Named/FMapContext | 0m00.52s || -0m00.02s
0m00.49s | BoundedArithmetic/Double/Proofs/SelectConditional | 0m00.48s || +0m00.01s
0m00.48s | Spec/ModularWordEncoding | 0m00.50s || -0m00.02s
0m00.47s | Spec/CompleteEdwardsCurve | 0m00.48s || -0m00.01s
0m00.47s | Assembly/StringConversion | 0m00.42s || +0m00.04s
0m00.47s | Reflection/InterpWfRel | 0m00.47s || +0m00.00s
0m00.47s | Reflection/BoundByCastInterp | 0m00.45s || +0m00.01s
0m00.46s | Util/CPSUtil | 0m00.51s || -0m00.04s
0m00.45s | Algebra/ScalarMult | 0m00.47s || -0m00.01s
0m00.44s | Util/Decidable | 0m00.43s || +0m00.01s
0m00.44s | BoundedArithmetic/Double/Core | 0m00.41s || +0m00.03s
0m00.44s | BoundedArithmetic/Double/Repeated/Proofs/RippleCarryAddSub | 0m00.42s || +0m00.02s
0m00.44s | Reflection/SmartBoundWf | 0m00.45s || -0m00.01s
0m00.43s | BoundedArithmetic/Double/Repeated/Core | 0m00.43s || +0m00.00s
0m00.43s | BoundedArithmetic/Double/Repeated/Proofs/ShiftLeftRight | 0m00.44s || -0m00.01s
0m00.43s | Util/HList | 0m00.43s || +0m00.00s
0m00.43s | Reflection/InputSyntax | 0m00.42s || +0m00.01s
0m00.42s | Algebra/Monoid | 0m00.46s || -0m00.04s
0m00.42s | Assembly/Qhasm | 0m00.43s || -0m00.01s
0m00.42s | Util/NUtil | 0m00.43s || -0m00.01s
0m00.41s | ModularArithmetic/ZBounded | 0m00.40s || +0m00.00s
0m00.41s | BoundedArithmetic/Double/Repeated/Proofs/LoadImmediate | 0m00.39s || +0m00.01s
0m00.41s | BoundedArithmetic/Double/Repeated/Proofs/SelectConditional | 0m00.41s || +0m00.00s
0m00.41s | BoundedArithmetic/Double/Repeated/Proofs/ShiftRightDoubleWordImmediate | 0m00.42s || -0m00.01s
0m00.41s | Reflection/Named/PositiveContext/DefaultsProperties | 0m00.36s || +0m00.04s
0m00.40s | ModularArithmetic/Pre | 0m00.43s || -0m00.02s
0m00.40s | BoundedArithmetic/Double/Repeated/Proofs/BitwiseOr | 0m00.44s || -0m00.03s
0m00.40s | Reflection/Z/Interpretations64 | 0m00.40s || +0m00.00s
0m00.40s | Reflection/Z/Reify | 0m00.40s || +0m00.00s
0m00.40s | Reflection/InterpWf | 0m00.41s || -0m00.00s
0m00.39s | BoundedArithmetic/ArchitectureToZLike | 0m00.41s || -0m00.01s
0m00.39s | BoundedArithmetic/StripCF | 0m00.41s || -0m00.01s
0m00.39s | BoundedArithmetic/Double/Proofs/ShiftLeftRightTactic | 0m00.39s || +0m00.00s
0m00.39s | Reflection/Z/BoundsInterpretations | 0m00.38s || +0m00.01s
0m00.39s | Reflection/Z/Interpretations128 | 0m00.41s || -0m00.01s
0m00.38s | Algebra | 0m00.35s || +0m00.03s
0m00.38s | Reflection/Z/Syntax | 0m00.37s || +0m00.01s
0m00.38s | Reflection/Z/Syntax/Util | 0m00.35s || +0m00.03s
0m00.36s | Reflection/MapCastByDeBruijn | 0m00.35s || +0m00.01s
0m00.35s | ModularArithmetic/ModularBaseSystemListZOperations | 0m00.33s || +0m00.01s
0m00.35s | ModularArithmetic/ModularBaseSystemListZOperationsProofs | 0m00.34s || +0m00.00s
0m00.35s | Reflection/Z/HexNotationConstants | 0m00.35s || +0m00.00s
0m00.34s | Spec/MxDH | 0m00.34s || +0m00.00s
0m00.34s | ModularArithmetic/Pow2Base | 0m00.39s || -0m00.04s
0m00.34s | Assembly/QhasmUtil | 0m00.36s || -0m00.01s
0m00.34s | ModularArithmetic/PseudoMersenneBaseParams | 0m00.42s || -0m00.07s
0m00.34s | ModularArithmetic/Montgomery/Z | 0m00.33s || +0m00.01s
0m00.34s | Reflection/Named/PositiveContext/Defaults | 0m00.33s || +0m00.01s
0m00.34s | Reflection/Named/RegisterAssign | 0m00.36s || -0m00.01s
0m00.34s | Reflection/Named/DeadCodeElimination | 0m00.35s || -0m00.00s
0m00.33s | BoundedArithmetic/Eta | 0m00.37s || -0m00.03s
0m00.33s | Reflection/Tuple | 0m00.33s || +0m00.00s
0m00.33s | ModularArithmetic/ModularBaseSystemWord | 0m00.32s || +0m00.01s
0m00.33s | Reflection/Named/Syntax | 0m00.35s || -0m00.01s
0m00.33s | Reflection/Z/CNotations | 0m00.34s || -0m00.01s
0m00.32s | Tactics/Algebra_syntax/Nsatz | 0m00.34s || -0m00.02s
0m00.32s | Reflection/Reify | 0m00.34s || -0m00.02s
0m00.32s | Reflection/Named/MapCast | 0m00.32s || +0m00.00s
0m00.32s | Reflection/Named/Wf | 0m00.30s || +0m00.02s
0m00.32s | Reflection/Named/Compile | 0m00.30s || +0m00.02s
0m00.32s | Reflection/Named/PositiveContext | 0m00.33s || -0m00.01s
0m00.32s | Reflection/Named/ContextProperties/Tactics | 0m00.30s || +0m00.02s
0m00.32s | Reflection/Named/IdContext | 0m00.31s || +0m00.01s
0m00.32s | Reflection/Z/BinaryNotationConstants | 0m00.31s || +0m00.01s
0m00.32s | Reflection/Z/FoldTypes | 0m00.34s || -0m00.02s
0m00.32s | Reflection/Z/JavaNotations | 0m00.32s || +0m00.00s
0m00.31s | Util/Factorize | 0m00.32s || -0m00.01s
0m00.31s | Reflection/Named/EstablishLiveness | 0m00.32s || -0m00.01s
0m00.31s | Reflection/Named/SmartMap | 0m00.32s || -0m00.01s
0m00.30s | Reflection/Named/InterpretToPHOAS | 0m00.29s || +0m00.01s
0m00.29s | Spec/ModularArithmetic | 0m00.34s || -0m00.05s
0m00.29s | Reflection/FilterLive | 0m00.29s || +0m00.00s
0m00.29s | Reflection/Named/ContextDefinitions | 0m00.33s || -0m00.04s
0m00.29s | Reflection/MultiSizeTest2 | 0m00.30s || -0m00.01s
0m00.28s | Reflection/Named/ContextOn | 0m00.31s || -0m00.02s
0m00.27s | Bedrock/Nomega | 0m00.26s || +0m00.01s
0m00.27s | Util/FixedWordSizes | 0m00.28s || -0m00.01s
0m00.27s | Reflection/Z/OpInversion | 0m00.31s || -0m00.03s
0m00.26s | Reflection/MapCastWf | 0m00.29s || -0m00.02s
0m00.25s | Reflection/ExprInversion | 0m00.26s || -0m00.01s
0m00.24s | Assembly/QhasmCommon | 0m00.26s || -0m00.02s
0m00.23s | Reflection/Equality | 0m00.23s || +0m00.00s
0m00.22s | Util/Sum | 0m00.22s || +0m00.00s
0m00.21s | Reflection/SmartMap | 0m00.23s || -0m00.02s
0m00.19s | Util/CaseUtil | 0m00.18s || +0m00.01s
0m00.19s | Reflection/LinearizeInterp | 0m00.22s || -0m00.03s
0m00.18s | Util/LetInMonad | 0m00.16s || +0m00.01s
0m00.17s | Reflection/EtaInterp | 0m00.17s || +0m00.00s
0m00.17s | Reflection/CommonSubexpressionElimination | 0m00.16s || +0m00.01s
0m00.16s | Reflection/InterpProofs | 0m00.17s || -0m00.01s
0m00.16s | Experiments/ExtrHaskellNats | 0m00.16s || +0m00.00s
0m00.13s | Reflection/Wf | 0m00.11s || +0m00.02s
0m00.11s | Reflection/BoundByCastWf | 0m00.11s || +0m00.00s
0m00.11s | Reflection/Named/NameUtil | 0m00.10s || +0m00.00s
0m00.10s | Util/Option | 0m00.12s || -0m00.01s
0m00.09s | Util/Sigma | 0m00.08s || +0m00.00s
0m00.09s | Util/Relations | 0m00.09s || +0m00.00s
0m00.08s | Reflection/Conversion | 0m00.09s || -0m00.00s
0m00.08s | Util/PointedProp | 0m00.08s || +0m00.00s
0m00.07s | Util/Prod | 0m00.07s || +0m00.00s
0m00.07s | Reflection/TypeInversion | 0m00.08s || -0m00.00s
0m00.06s | Util/Equality | 0m00.06s || +0m00.00s
0m00.05s | Util/Tactics | 0m00.04s || +0m00.01s
0m00.05s | Reflection/Inline | 0m00.06s || -0m00.00s
0m00.05s | Reflection/SmartBound | 0m00.07s || -0m00.02s
0m00.05s | Reflection/MapCast | 0m00.05s || +0m00.00s
0m00.05s | Reflection/BoundByCast | 0m00.05s || +0m00.00s
0m00.04s | Util/HProp | 0m00.03s || +0m00.01s
0m00.04s | Util/Tactics/DestructHyps | 0m00.01s || +0m00.03s
0m00.04s | Util/Bool | 0m00.04s || +0m00.00s
0m00.04s | Util/LetIn | 0m00.04s || +0m00.00s
0m00.04s | Reflection/Syntax | 0m00.04s || +0m00.00s
0m00.04s | Reflection/Eta | 0m00.06s || -0m00.01s
0m00.04s | Reflection/Linearize | 0m00.03s || +0m00.01s
0m00.04s | Reflection/InlineCast | 0m00.06s || -0m00.01s
0m00.04s | Reflection/SmartCastInterp | 0m00.04s || +0m00.00s
0m00.04s | Reflection/CountLets | 0m00.03s || +0m00.01s
0m00.04s | Reflection/FoldTypes | 0m00.04s || +0m00.00s
0m00.04s | Reflection/InterpByIso | 0m00.04s || +0m00.00s
0m00.03s | Util/GlobalSettings | 0m00.02s || +0m00.00s
0m00.03s | Util/Tactics/DoWithHyp | 0m00.02s || +0m00.00s
0m00.03s | Util/Tactics/SpecializeBy | 0m00.03s || +0m00.00s
0m00.03s | Util/Tactics/UniquePose | 0m00.02s || +0m00.00s
0m00.03s | Util/Logic | 0m00.03s || +0m00.00s
0m00.03s | Util/IffT | 0m00.04s || -0m00.01s
0m00.03s | Reflection/Map | 0m00.02s || +0m00.00s
0m00.03s | Reflection/TypeUtil | 0m00.03s || +0m00.00s
0m00.03s | Reflection/SmartCast | 0m00.04s || -0m00.01s
0m00.03s | Util/Sumbool | 0m00.03s || +0m00.00s
0m00.03s | Util/Unit | 0m00.03s || +0m00.00s
0m00.02s | Util/FixCoqMistakes | 0m00.01s || +0m00.01s
0m00.02s | Util/Isomorphism | 0m00.02s || +0m00.00s
0m00.02s | Util/Tactics/Head | 0m00.02s || +0m00.00s
0m00.02s | Util/Tactics/BreakMatch | 0m00.03s || -0m00.00s
0m00.02s | Util/Tactics/RewriteHyp | 0m00.02s || +0m00.00s
0m00.02s | Util/Tactics/SplitInContext | 0m00.02s || +0m00.00s
0m00.02s | Util/Tactics/VM | 0m00.02s || +0m00.00s
0m00.02s | Util/Notations | 0m00.03s || -0m00.00s
0m00.02s | Tactics/VerdiTactics | 0m00.03s || -0m00.00s
0m00.02s | Util/Tower | 0m00.04s || -0m00.02s
0m00.02s | Util/AutoRewrite | 0m00.02s || +0m00.00s
0m00.02s | Spec/Encoding | 0m00.02s || +0m00.00s
0m00.02s | Encoding/EncodingTheorems | 0m00.03s || -0m00.00s
0m00.02s | Util/Curry | 0m00.01s || +0m00.01s
0m00.01s | Util/Tactics/DestructHead | 0m00.02s || -0m00.01s
Diffstat (limited to 'src')
| -rw-r--r-- | src/Algebra/Field.v | 95 | ||||
| -rw-r--r-- | src/Algebra/Field_test.v | 13 | ||||
| -rw-r--r-- | src/CompleteEdwardsCurve/CompleteEdwardsCurveTheorems.v | 11 | ||||
| -rw-r--r-- | src/Spec/MontgomeryCurve.v | 48 | ||||
| -rw-r--r-- | src/WeierstrassCurve/WeierstrassCurveTheorems.v | 80 |
5 files changed, 134 insertions, 113 deletions
diff --git a/src/Algebra/Field.v b/src/Algebra/Field.v index 76b2a9ed3..ebc92c0e5 100644 --- a/src/Algebra/Field.v +++ b/src/Algebra/Field.v @@ -231,17 +231,6 @@ Ltac goal_to_field_equality fld := end end. -Ltac _introduce_inverse fld d d_nz := - let eq := match type of fld with Algebra.field(eq:=?eq) => eq end in - let mul := match type of fld with Algebra.field(mul:=?mul) => mul end in - let one := match type of fld with Algebra.field(one:=?one) => one end in - let inv := match type of fld with Algebra.field(inv:=?inv) => inv end in - match goal with [H: eq (mul d _) one |- _ ] => fail 1 | _ => idtac end; - let d_i := fresh "i" in - unique pose proof (right_multiplicative_inverse(H:=fld) _ d_nz); - set (inv d) as d_i in *; - clearbody d_i. - Ltac inequalities_to_inverse_equations fld := let eq := match type of fld with Algebra.field(eq:=?eq) => eq end in let zero := match type of fld with Algebra.field(zero:=?zero) => zero end in @@ -250,52 +239,80 @@ Ltac inequalities_to_inverse_equations fld := repeat match goal with | [H: not (eq _ _) |- _ ] => lazymatch type of H with - | not (eq ?d zero) => _introduce_inverse fld d H - | not (eq zero ?d) => _introduce_inverse fld d (symmetry(R:=fun a b => not (eq a b)) H) - | not (eq ?x ?y) => _introduce_inverse fld (sub x y) (Ring.neq_sub_neq_zero _ _ H) + | not (eq ?d zero) => + unique pose proof (right_multiplicative_inverse(H:=fld) _ H) + | not (eq zero ?d) => + unique pose proof (right_multiplicative_inverse(H:=fld) _ (symmetry(R:=fun a b => not (eq a b)) H)) + | not (eq ?x ?y) => + unique pose proof (right_multiplicative_inverse(H:=fld) _ (Ring.neq_sub_neq_zero _ _ H)) end end. -Ltac _nonzero_tac fld := - solve [trivial | IntegralDomain.solve_constant_nonzero | goal_to_field_equality fld; nsatz; IntegralDomain.solve_constant_nonzero]. +Ltac unique_pose_implication pf := + let B := match type of pf with ?A -> ?B => B end in + match goal with + | [H:B|-_] => fail 1 + | _ => unique pose proof pf + end. -Ltac _inverse_to_equation_by fld d tac := +Ltac inverses_to_conditional_equations fld := let eq := match type of fld with Algebra.field(eq:=?eq) => eq end in - let zero := match type of fld with Algebra.field(zero:=?zero) => zero end in - let one := match type of fld with Algebra.field(one:=?one) => one end in - let mul := match type of fld with Algebra.field(mul:=?mul) => mul end in - let div := match type of fld with Algebra.field(div:=?div) => div end in let inv := match type of fld with Algebra.field(inv:=?inv) => inv end in - let d_nz := fresh "nz" in - assert (not (eq d zero)) as d_nz by tac; - lazymatch goal with - | H: eq (mul ?di d) one |- _ => rewrite <-!(left_inv_unique(H:=fld) _ _ H) in * - | H: eq (mul d ?di) one |- _ => rewrite <-!(right_inv_unique(H:=fld) _ _ H) in * - | _ => _introduce_inverse fld d d_nz - end; - clear d_nz. - -Ltac inverses_to_equations_by fld tac := + repeat match goal with + | |- context[inv ?d] => + unique_pose_implication constr:(right_multiplicative_inverse(H:=fld) d) + | H: context[inv ?d] |- _ => + unique_pose_implication constr:(right_multiplicative_inverse(H:=fld) d) + end. + +Ltac clear_hypotheses_with_nonzero_requirements fld := + let eq := match type of fld with Algebra.field(eq:=?eq) => eq end in + let zero := match type of fld with Algebra.field(zero:=?zero) => zero end in + repeat match goal with + [H: not (eq _ zero) -> _ |- _ ] => clear H + end. + +Ltac forward_nonzero fld solver_tac := let eq := match type of fld with Algebra.field(eq:=?eq) => eq end in let zero := match type of fld with Algebra.field(zero:=?zero) => zero end in - let inv := match type of fld with Algebra.field(inv:=?inv) => inv end in repeat match goal with - | |- context[inv ?d] => _inverse_to_equation_by fld d tac - | H: context[inv ?d] |- _ => _inverse_to_equation_by fld d tac + | [H: not (eq ?x zero) -> _ |- _ ] + => let H' := fresh in + assert (H' : not (eq x zero)) by (clear_hypotheses_with_nonzero_requirements; solver_tac); specialize (H H') + | [H: not (eq ?x zero) -> _ |- _ ] + => let H' := fresh in + assert (H' : not (eq x zero)) by (clear H; solver_tac); specialize (H H') end. Ltac divisions_to_inverses fld := rewrite ?(field_div_definition(field:=fld)) in *. -Ltac fsatz := - let fld := guess_field in +Ltac fsatz_solve_on fld := goal_to_field_equality fld; - inequalities_to_inverse_equations fld; - divisions_to_inverses fld; - inverses_to_equations_by fld ltac:(solve_debugfail ltac:(_nonzero_tac fld)); + forward_nonzero fld ltac:(fsatz_solve_on fld); nsatz; solve_debugfail ltac:(IntegralDomain.solve_constant_nonzero). +Ltac fsatz_solve := + let fld := guess_field in + fsatz_solve_on fld. + +Ltac fsatz_prepare_hyps_on fld := + divisions_to_inverses fld; + inequalities_to_inverse_equations fld; + inverses_to_conditional_equations fld; + forward_nonzero fld ltac:(fsatz_solve_on fld). + +Ltac fsatz_prepare_hyps := + let fld := guess_field in + fsatz_prepare_hyps_on fld. + +Ltac fsatz := + let fld := guess_field in + fsatz_prepare_hyps_on fld; + fsatz_solve_on fld. + + Section FieldSquareRoot. Context {T eq zero one opp add mul sub inv div} `{@field T eq zero one opp add sub mul inv div} {eq_dec:DecidableRel eq}. Local Infix "=" := eq : type_scope. Local Notation "a <> b" := (not (a = b)) : type_scope. diff --git a/src/Algebra/Field_test.v b/src/Algebra/Field_test.v index 13a0ffa95..2df673163 100644 --- a/src/Algebra/Field_test.v +++ b/src/Algebra/Field_test.v @@ -55,7 +55,16 @@ Module _fsatz_test. Lemma fractional_equation_no_solution x (A:x<>1) (B:x<>opp two) (C:x*x+x <> two) (X:nine/(x*x + x - two) = opp three/(x+two) + seven*inv(x-1)) : False. Proof. fsatz. Qed. - Local Notation "x ^ 2" := (x*x). Local Notation "x ^ 3" := (x^2*x). + Local Notation "x ^ 2" := (x*x). + Lemma recursive_nonzero_solving + (a sqrt_a d x y : F) + (Hpoly : a * x^2 + y^2 = one + d * x^2 * y^2) + (Hsqrt : sqrt_a^2 = a) + (Hfrac : (sqrt_a / y)^2 <> d) + : x^2 = (y^2 - one) / (d * y^2 - a). + Proof. fsatz. Qed. + + Local Notation "x ^ 3" := (x^2*x). Lemma weierstrass_associativity_main a b x1 y1 x2 y2 x4 y4 (A: y1^2=x1^3+a*x1+b) (B: y2^2=x2^3+a*x2+b) @@ -77,6 +86,6 @@ Module _fsatz_test. x9 (Hx9: x9 = λ9^2-x1-x6) y9 (Hy9: y9 = λ9*(x1-x9)-y1) : x7 = x9 /\ y7 = y9. - Proof. split; fsatz. Qed. + Proof. fsatz_prepare_hyps; split; fsatz. Qed. End _test. End _fsatz_test.
\ No newline at end of file diff --git a/src/CompleteEdwardsCurve/CompleteEdwardsCurveTheorems.v b/src/CompleteEdwardsCurve/CompleteEdwardsCurveTheorems.v index a52bf38f6..996c5d672 100644 --- a/src/CompleteEdwardsCurve/CompleteEdwardsCurveTheorems.v +++ b/src/CompleteEdwardsCurve/CompleteEdwardsCurveTheorems.v @@ -95,14 +95,9 @@ Module E. Section PointCompression. Local Notation "x ^ 2" := (x*x). - Lemma a_d_y2_nonzero y : d * y^2 - a <> 0. - Proof. - destruct square_a as [sqrt_a], (dec (y=0)); - pose proof nonzero_a; pose proof (nonsquare_d (sqrt_a/y)); fsatz. - Qed. - - Lemma solve_correct : forall x y, onCurve x y <-> (x^2 = (y^2-1) / (d*y^2-a)). - Proof. pose proof a_d_y2_nonzero; t. Qed. + Lemma solve_correct x y : onCurve x y <-> (x^2 = (y^2-1) / (d*y^2-a)). + Proof. destruct square_a as [sqrt_a]; pose proof (nonsquare_d (sqrt_a/y)); + split; intros; fsatz. Qed. (* TODO: move *) Definition exist_option {A} (P : A -> Prop) (x : option A) diff --git a/src/Spec/MontgomeryCurve.v b/src/Spec/MontgomeryCurve.v index 2717f6bbc..cff35104c 100644 --- a/src/Spec/MontgomeryCurve.v +++ b/src/Spec/MontgomeryCurve.v @@ -60,6 +60,8 @@ Module M. end. Next Obligation. Proof. t. Qed. + Program Definition zero : point := ∞. + Program Definition opp (P:point) : point := match P return F*F+∞ with | (x, y) => (x, -y) @@ -73,23 +75,55 @@ Module M. Local Notation "27" := (3*9). Context {char_ge_28:@Ring.char_ge F Feq Fzero Fone Fopp Fadd Fsub Fmul 28}. - Let WeierstrassA := ((3-a^2)/(3*b^2)). - Let WeierstrassB := ((2*a^3-9*a)/(27*b^3)). + Local Notation WeierstrassA := ((3-a^2)/(3*b^2)). + Local Notation WeierstrassB := ((2*a^3-9*a)/(27*b^3)). Local Notation Wpoint := (@W.point F Feq Fadd Fmul WeierstrassA WeierstrassB). Local Notation Wadd := (@W.add F Feq Fzero Fone Fopp Fadd Fsub Fmul Finv Fdiv field Feq_dec char_ge_3 WeierstrassA WeierstrassB). + Program Definition to_Weierstrass (P:point) : Wpoint := + match coordinates P return F*F+∞ with + | (x, y) => ((x + a/3)/b, y/b) + | _ => ∞ + end. + Next Obligation. + Proof. clear char_ge_3; destruct P; t. Qed. + Program Definition of_Weierstrass (P:Wpoint) : point := match W.coordinates P return F*F+∞ with | (x,y) => (b*x-a/3, b*y) | _ => ∞ end. Next Obligation. - Proof. clear char_ge_3; subst WeierstrassA; subst WeierstrassB; destruct P; t. Qed. + Proof. clear char_ge_3; destruct P; t. Qed. - Lemma of_Weierstrass_add P1 P2 : - eq (of_Weierstrass (W.add P1 P2)) - (add (of_Weierstrass P1) (of_Weierstrass P2)). - Proof. cbv [WeierstrassA WeierstrassB eq of_Weierstrass W.add add coordinates W.coordinates proj1_sig] in *; clear char_ge_3; t. Qed. + (* TODO: move *) + Program Definition Wopp (P:Wpoint) : Wpoint := + match P return F*F+∞ with + | (x, y) => (x, -y) + | ∞ => ∞ + end. + Next Obligation. destruct P; t. Qed. + + Axiom Wgroup : @Algebra.group Wpoint (@W.eq F Feq Fadd Fmul WeierstrassA WeierstrassB) + Wadd (@W.zero F Feq Fadd Fmul WeierstrassA WeierstrassB) Wopp. + Program Definition _MW : _ /\ _ /\ _ := + @Group.group_from_redundant_representation + Wpoint W.eq Wadd W.zero Wopp + Wgroup + point eq add zero opp + of_Weierstrass + to_Weierstrass + _ _ _ _ _ + . + Next Obligation. cbv [W.eq eq to_Weierstrass of_Weierstrass W.add add coordinates W.coordinates proj1_sig] in *; t. Qed. + Next Obligation. cbv [W.eq eq to_Weierstrass of_Weierstrass W.add add coordinates W.coordinates proj1_sig] in *. clear char_ge_3. t. 2:intuition idtac. 2:intuition idtac. 2:intuition idtac. + { repeat split; destruct_head' and; t. } Qed. + Next Obligation. + (* addition case, same issue as in Weierstrass associativity *) + cbv [W.eq eq to_Weierstrass of_Weierstrass W.add add coordinates W.coordinates proj1_sig] in *. + clear char_ge_3. t. Qed. + Next Obligation. cbv [W.eq eq to_Weierstrass of_Weierstrass W.add add Wopp opp coordinates W.coordinates proj1_sig] in *. clear char_ge_3. t. Qed. + Next Obligation. cbv [W.eq eq to_Weierstrass of_Weierstrass W.add add Wopp opp coordinates W.coordinates proj1_sig] in *. clear char_ge_3. t. Qed. Section AddX. Lemma homogeneous_x_differential_addition_releations P1 P2 : diff --git a/src/WeierstrassCurve/WeierstrassCurveTheorems.v b/src/WeierstrassCurve/WeierstrassCurveTheorems.v index aa444c9ee..b9f7458b0 100644 --- a/src/WeierstrassCurve/WeierstrassCurveTheorems.v +++ b/src/WeierstrassCurve/WeierstrassCurveTheorems.v @@ -10,74 +10,40 @@ Module W. Context {F Feq Fzero Fone Fopp Fadd Fsub Fmul Finv Fdiv} {a b:F} {field:@Algebra.field F Feq Fzero Fone Fopp Fadd Fsub Fmul Finv Fdiv} {char_ge_3:@Ring.char_ge F Feq Fzero Fone Fopp Fadd Fsub Fmul (BinNat.N.succ_pos (BinNat.N.two))} - {char_ge_12:@Ring.char_ge F Feq Fzero Fone Fopp Fadd Fsub Fmul 12%positive} (* FIXME: we shouldn't need this *) + {char_ge_12:@Ring.char_ge F Feq Fzero Fone Fopp Fadd Fsub Fmul 12%positive} (* FIXME: shouldn't need we need 4, not 12? *) {Feq_dec:DecidableRel Feq}. Local Infix "=" := Feq : type_scope. Local Notation "a <> b" := (not (a = b)) : type_scope. Local Notation "0" := Fzero. Local Notation "1" := Fone. - Local Infix "+" := Fadd. Local Infix "*" := Fmul. - Local Infix "-" := Fsub. Local Infix "/" := Fdiv. - Local Notation eq := (@W.eq F Feq Fadd Fmul a b). - Local Notation point := (@W.point F Feq Fadd Fmul a b). - Local Notation "0" := Fzero. Local Notation "1" := Fone. - Local Notation "2" := (1+1). Local Notation "3" := (1+2). Local Notation "4" := (1+3). - Local Notation "8" := (1+(1+(1+(1+4)))). Local Notation "12" := (1+(1+(1+(1+8)))). - Local Notation "16" := (1+(1+(1+(1+12)))). Local Notation "20" := (1+(1+(1+(1+16)))). - Local Notation "24" := (1+(1+(1+(1+20)))). Local Notation "27" := (1+(1+(1+24))). - Local Notation "x ^ 2" := (x*x) (at level 30). Local Notation "x ^ 3" := (x*x^2) (at level 30). - Context {discriminant_nonzero:4*a^3 + 27*b^2 <> 0}. + Local Infix "+" := Fadd. Local Infix "-" := Fsub. Local Infix "*" := Fmul. + Local Notation "4" := (1+1+1+1). Local Notation "27" := (4*4 + 4+4 +1+1+1). + Context {discriminant_nonzero:4*a*a*a + 27*b*b <> 0}. - Program Definition inv (P:point) : point + Program Definition inv (P:@W.point F Feq Fadd Fmul a b) : @W.point F Feq Fadd Fmul a b := match W.coordinates P return F*F+_ with | inl (x1, y1) => inl (x1, Fopp y1) | _ => P end. Next Obligation. destruct P as [[[??]|[]]?]; cbv; trivial; fsatz. Qed. - Lemma same_x_same_y - (xA yA : F) - (A : yA ^ 2 = xA ^ 3 + a * xA + b) - (xB yB : F) - (B : yB ^ 2 = xB ^ 3 + a * xB + b) - (Hx: xA = xB) - (Hy:yB <> Fopp yA) - : yB = yA. - Proof. fsatz. Qed. - - Let is_redundant {T} (x:T) := x. - Ltac clear_marked_redundant := + Global Instance commutative_group : abelian_group(eq:=W.eq)(op:=W.add)(id:=W.zero)(inv:=inv). + Proof. repeat match goal with - [H:?P, Hr:is_redundant ?P |- _] => clear H Hr + | _ => solve [ contradiction | trivial | exact _ ] + | _ => intro + | |- Equivalence _ => split + | |- abelian_group => split | |- group => split | |- monoid => split + | |- is_associative => split | |- is_commutative => split + | |- is_left_inverse => split | |- is_right_inverse => split + | |- is_left_identity => split | |- is_right_identity => split + | _ => progress destruct_head' @W.point + | _ => progress destruct_head' sum + | _ => progress destruct_head' prod + | _ => progress destruct_head' unit + | _ => progress destruct_head' and + | _ => progress cbv [inv W.eq W.zero W.add W.coordinates proj1_sig]in* + | _ => progress break_match end. - Ltac t_step := - match goal with - | _ => solve [ contradiction | trivial | exact _ ] - | _ => intro - | [ A : ?yA ^ 2 = ?xA ^ 3 + a * ?xA + b, - B : ?yB ^ 2 = ?xB ^ 3 + a * ?xB + b, - Hx: ?xA = ?xB, - Hy: ?yB <> Fopp ?yA - |- _] => unique pose proof (same_x_same_y _ _ A _ _ B Hx Hy) - | |- Equivalence _ => split - | |- abelian_group => split | |- group => split | |- monoid => split - | |- is_associative => split | |- is_commutative => split - | |- is_left_inverse => split | |- is_right_inverse => split - | |- is_left_identity => split | |- is_right_identity => split - | p:point |- _ => destruct p - | _ => progress destruct_head' sum - | _ => progress destruct_head' prod - | _ => progress destruct_head' unit - | _ => progress destruct_head' and - | |- context[?P] => - unique pose proof (proj2_sig P); - unique pose proof (proj2_sig P:(is_redundant _)) - | _ => progress cbv [inv W.eq W.zero W.add W.coordinates proj1_sig] in * - | _ => progress break_match - | |- _ /\ _ => split | |- _ <-> _ => split - end. - Ltac t := repeat t_step; clear_marked_redundant. - - Global Instance commutative_group : abelian_group(eq:=W.eq)(op:=W.add)(id:=W.zero)(inv:=inv). - Proof. t. all:try (abstract fsatz). Qed. - + all: try abstract(fsatz_prepare_hyps; repeat split; fsatz_solve). + Qed. End W. End W. |