[F_mu_ref_conc] simplify the refinement proof for the stack example

c958e6ec · Dan Frumin · 10632f27 · c958e6ec · c958e6ec · c958e6ec
Commit c958e6ec authored Mar 20, 2017 by Dan Frumin
4 changed files
--- a/F_mu_ref_conc/examples/stack/refinement.v
+++ b/F_mu_ref_conc/examples/stack/refinement.v
--- a/F_mu_ref_conc/examples/stack/stack_rules.v
+++ b/F_mu_ref_conc/examples/stack/stack_rules.v
@@ -28,6 +28,10 @@ Section Rules.
    by iIntros ([=]%auth_own_valid%singleton_valid%dec_agree_op_inv).
  Qed.

+  (* stacklink Q := {((Loc l), nil) ∣ l ↦ˢᵗᵏ (InjL #()) }
+          ∪  {((Loc l), cons y2 z2) ∣ ∃ y1 z1, l ↦ˢᵗᵏ (y1, z1) 
+                                    ∗ (y1, y2) ∈ Q
+                                    ∗ ▷ stacklink Q (z1, z2) }*)
  Program Definition StackLink_pre (Q : D) : D -n> D := λne P v,
    (∃ l w, ⌜v.1 = LocV l⌝ ∗ l ↦ˢᵗᵏ w ∗
            ((⌜w = InjLV UnitV⌝ ∧ ⌜v.2 = FoldV (InjLV UnitV)⌝) ∨
@@ -46,20 +50,23 @@ Section Rules.
      ((⌜w = InjLV UnitV⌝ ∧ ⌜v.2 = FoldV (InjLV UnitV)⌝) ∨
      (∃ y1 z1 y2 z2, ⌜w = InjRV (PairV y1 (FoldV z1))⌝
                      ∗ ⌜v.2 = FoldV (InjRV (PairV y2 z2))⌝
-                      ∗ Q (y1, y2) ∗ ▷ @StackLink Q (z1, z2))))%I.
+                      ∗ Q (y1, y2) ∗ ▷ StackLink Q (z1, z2))))%I.
  Proof. by rewrite {1}/StackLink fixpoint_unfold. Qed.

  Global Opaque StackLink. (* So that we can only use the unfold above. *)

  Global Instance StackLink_persistent (Q : D) v `{∀ vw, PersistentP (Q vw)} :
    PersistentP (StackLink Q v).
-  Proof.
+  Proof. 
    iIntros "H". iLöb as "IH" forall (v). rewrite StackLink_unfold.
-    iDestruct "H" as (l w) "[% [#Hl [#Hr|Hr]]]"; subst.
-    { iExists l, w; iAlways; eauto. }
-    iDestruct "Hr" as (y1 z1 y2 z2) "[#H1 [#H2 [#HQ H']]]".
-    rewrite later_forall. iDestruct ("IH" with "* H'") as "#H''". iClear "H'".
-    iAlways. eauto 20.
+    iDestruct "H" as (l w) "[% [#Hl [[% %]|Hr]]]"; subst.
+    { iExists l, _; iAlways; eauto. }
+    iDestruct "Hr" as (y1 z1 y2 z2) "[% [% [#HQ Hrec]]]"; subst.    
+    rewrite later_forall. 
+    iSpecialize ("IH" $! (z1, z2)). rewrite later_wand. 
+    iSpecialize ("IH" with "Hrec"). rewrite -always_later.
+    iDestruct "IH" as "#IH".
+    iAlways. iExists _,_; eauto 20.
  Qed.

  Lemma stackR_alloc (h : stackUR) (i : loc) (v : val) :
@@ -79,7 +86,7 @@ Section Rules.
    stack_owns h ∗ l ↦ᵢ v ==∗ stack_owns (<[l := DecAgree v]> h) ∗ l ↦ˢᵗᵏ v.
  Proof.
    iIntros "[[Hown Hall] Hl]".
-    iDestruct (own_valid with "Hown") as %Hvalid.
+    iDestruct (own_valid with "Hown") as %Hvalid. 
    destruct (h !! l) as [av|] eqn:?.
    { iDestruct (big_sepM_lookup with "Hall") as "Hl'"; first done.
      destruct av as [v'|]; last by iExFalso.

--- a/F_mu_ref_conc/notation.v
+++ b/F_mu_ref_conc/notation.v
+From iris_logrel.F_mu_ref_conc Require Import lang.
+From iris.program_logic Require Import language.
+
+Set Default Proof Using "Type".
+Import lang.
+Coercion App : expr >-> Funclass.
+
+(* No scope for the values, does not conflict and scope is often not inferred
+properly. *)
+Notation "# l" := (LocV l%Z%V) (at level 8, format "# l").
+Notation "# l" := (Loc l%Z%V) (at level 8, format "# l") : expr_scope.
+
+(** Syntax inspired by Coq/Ocaml. Constructions with higher precedence come
+    first. *)
+Notation "( e1 , e2 , .. , en )" := (Pair .. (Pair e1 e2) .. en) : expr_scope.
+Notation "( e1 , e2 , .. , en )" := (PairV .. (PairV e1 e2) .. en) : val_scope.
+Notation "'case:' e0 'of' 'InjL' => e1 | 'InjR' => e2 'end'" :=
+  (Case e0 e1 e2)
+  (e0, e1, e2 at level 200) : expr_scope.
+Notation "()" := Unit : expr_scope.
+Notation "()" := UnitV : val_scope.
+
+Notation "! e" := (Load e%E) (at level 9, right associativity) : expr_scope.
+Notation "'ref' e" := (Alloc e%E)
+  (at level 30, right associativity) : expr_scope.
+
+(* The unicode ← is already part of the notation "_ ← _; _" for bind. *)
+Notation "e1 <- e2" := (Store e1%E e2%E) (at level 80) : expr_scope.
+Notation "'rec:' e" := (Rec e%E)
+  (at level 102, e at level 200) : expr_scope.
+Notation "'rec:' e" := (locked (RecV e%E))
+  (at level 102, e at level 200) : val_scope.
+Notation "'if:' e1 'then' e2 'else' e3" := (If e1%E e2%E e3%E)
+  (at level 200, e1, e2, e3 at level 200) : expr_scope.
+
+Notation "'Λ:' e" := (TLam e%E)
+  (at level 102, e at level 200) : expr_scope.
+Notation "'Λ:' e" := (TLamV e%E)
+  (at level 102, e at level 200) : val_scope.
+
--- a/_CoqProject
+++ b/_CoqProject
@@ -35,6 +35,7 @@ F_mu_ref_conc/soundness_unary.v
 F_mu_ref_conc/context_refinement.v
 F_mu_ref_conc/soundness_binary.v
 F_mu_ref_conc/tactics.v
+F_mu_ref_conc/notation.v
 F_mu_ref_conc/examples/lock.v
 F_mu_ref_conc/examples/counter.v
 F_mu_ref_conc/examples/stack/stack_rules.v