[F_mu_ref_conc] simplify the refinement proof for the stack example

F_mu_ref_conc/examples/stack/stack_rules.v

@@ -28,6 +28,10 @@ Section Rules.
     by iIntros ([=]%auth_own_valid%singleton_valid%dec_agree_op_inv).
   Qed.
 
+  (* stacklink Q := {((Loc l), nil) ∣ l ↦ˢᵗᵏ (InjL #()) }
+          ∪  {((Loc l), cons y2 z2) ∣ ∃ y1 z1, l ↦ˢᵗᵏ (y1, z1) 
+                                    ∗ (y1, y2) ∈ Q
+                                    ∗ ▷ stacklink Q (z1, z2) }*)
   Program Definition StackLink_pre (Q : D) : D -n> D := λne P v,
     (∃ l w, ⌜v.1 = LocV l⌝ ∗ l ↦ˢᵗᵏ w ∗
             ((⌜w = InjLV UnitV⌝ ∧ ⌜v.2 = FoldV (InjLV UnitV)⌝) ∨
@@ -46,7 +50,7 @@ Section Rules.
       ((⌜w = InjLV UnitV⌝ ∧ ⌜v.2 = FoldV (InjLV UnitV)⌝) ∨
       (∃ y1 z1 y2 z2, ⌜w = InjRV (PairV y1 (FoldV z1))⌝
                       ∗ ⌜v.2 = FoldV (InjRV (PairV y2 z2))⌝
-                      ∗ Q (y1, y2) ∗ ▷ @StackLink Q (z1, z2))))%I.
+                      ∗ Q (y1, y2) ∗ ▷ StackLink Q (z1, z2))))%I.
   Proof. by rewrite {1}/StackLink fixpoint_unfold. Qed.
 
   Global Opaque StackLink. (* So that we can only use the unfold above. *)
@@ -55,11 +59,14 @@ Section Rules.
     PersistentP (StackLink Q v).
   Proof. 
     iIntros "H". iLöb as "IH" forall (v). rewrite StackLink_unfold.
-    iDestruct "H" as (l w) "[% [#Hl [#Hr|Hr]]]"; subst.
-    { iExists l, w; iAlways; eauto. }
-    iDestruct "Hr" as (y1 z1 y2 z2) "[#H1 [#H2 [#HQ H']]]".
-    rewrite later_forall. iDestruct ("IH" with "* H'") as "#H''". iClear "H'".
-    iAlways. eauto 20.
+    iDestruct "H" as (l w) "[% [#Hl [[% %]|Hr]]]"; subst.
+    { iExists l, _; iAlways; eauto. }
+    iDestruct "Hr" as (y1 z1 y2 z2) "[% [% [#HQ Hrec]]]"; subst.    
+    rewrite later_forall. 
+    iSpecialize ("IH" $! (z1, z2)). rewrite later_wand. 
+    iSpecialize ("IH" with "Hrec"). rewrite -always_later.
+    iDestruct "IH" as "#IH".
+    iAlways. iExists _,_; eauto 20.
   Qed.
 
   Lemma stackR_alloc (h : stackUR) (i : loc) (v : val) :

F_mu_ref_conc/notation.v

+From iris_logrel.F_mu_ref_conc Require Import lang.
+From iris.program_logic Require Import language.
+
+Set Default Proof Using "Type".
+Import lang.
+Coercion App : expr >-> Funclass.
+
+(* No scope for the values, does not conflict and scope is often not inferred
+properly. *)
+Notation "# l" := (LocV l%Z%V) (at level 8, format "# l").
+Notation "# l" := (Loc l%Z%V) (at level 8, format "# l") : expr_scope.
+
+(** Syntax inspired by Coq/Ocaml. Constructions with higher precedence come
+    first. *)
+Notation "( e1 , e2 , .. , en )" := (Pair .. (Pair e1 e2) .. en) : expr_scope.
+Notation "( e1 , e2 , .. , en )" := (PairV .. (PairV e1 e2) .. en) : val_scope.
+Notation "'case:' e0 'of' 'InjL' => e1 | 'InjR' => e2 'end'" :=
+  (Case e0 e1 e2)
+  (e0, e1, e2 at level 200) : expr_scope.
+Notation "()" := Unit : expr_scope.
+Notation "()" := UnitV : val_scope.
+
+Notation "! e" := (Load e%E) (at level 9, right associativity) : expr_scope.
+Notation "'ref' e" := (Alloc e%E)
+  (at level 30, right associativity) : expr_scope.
+
+(* The unicode ← is already part of the notation "_ ← _; _" for bind. *)
+Notation "e1 <- e2" := (Store e1%E e2%E) (at level 80) : expr_scope.
+Notation "'rec:' e" := (Rec e%E)
+  (at level 102, e at level 200) : expr_scope.
+Notation "'rec:' e" := (locked (RecV e%E))
+  (at level 102, e at level 200) : val_scope.
+Notation "'if:' e1 'then' e2 'else' e3" := (If e1%E e2%E e3%E)
+  (at level 200, e1, e2, e3 at level 200) : expr_scope.
+
+Notation "'Λ:' e" := (TLam e%E)
+  (at level 102, e at level 200) : expr_scope.
+Notation "'Λ:' e" := (TLamV e%E)
+  (at level 102, e at level 200) : val_scope.
+

_CoqProject

@@ -35,6 +35,7 @@ F_mu_ref_conc/soundness_unary.v
 F_mu_ref_conc/context_refinement.v
 F_mu_ref_conc/soundness_binary.v
 F_mu_ref_conc/tactics.v
+F_mu_ref_conc/notation.v
 F_mu_ref_conc/examples/lock.v
 F_mu_ref_conc/examples/counter.v
 F_mu_ref_conc/examples/stack/stack_rules.v