Commit 71518adc authored by Léon Gondelman 's avatar Léon Gondelman

get rid of awp_bind rule in examples, use vcg_solver instead.

parent 149ef27a
......@@ -56,22 +56,22 @@ Section factorial_spec.
AWP factorial #n @ R {{ v, v = #(fact n) }}%I.
Proof.
awp_lam.
iApply awp_bind. awp_alloc_ret r "[Hr _]".
iApply awp_bind. awp_alloc_ret c "[Hc _]".
iApply a_sequence_spec'. iNext.
vcg_solver.
iExists 1%nat; iSplit; [ done | iIntros (r) "[Hr _]"]. vcg_continue. iIntros "Hr".
iExists 1%nat; iSplit; [ done | iIntros (c) "[Hc _]"]. vcg_continue. iIntros "Hr Hc".
iApply (awp_wand _ (λ _, c C #n r C #(fact n))%I with "[Hr Hc]").
- iApply ((factorial_body_spec n 0 c r) with "[$Hr $Hc]"); eauto with lia.
- iIntros (?) "[Hc Hr]". iModIntro.
awp_load_ret r.
- iIntros (?) "[Hc Hr]". vcg_continue. iModIntro. eauto.
Qed.
Lemma factorial_spec_with_inv (n: nat) R :
awp (factorial #n) R (λ v, v = #(fact n))%I.
Proof.
awp_lam.
iApply awp_bind. awp_alloc_ret r "[Hr _]".
iApply awp_bind. awp_alloc_ret c "[Hc _]".
iApply a_sequence_spec'. iNext. do 3 awp_lam.
vcg_solver.
iExists 1%nat; iSplit; [ done | iIntros (r) "[Hr _]"]. vcg_continue. iIntros "Hr".
iExists 1%nat; iSplit; [ done | iIntros (c) "[Hc _]"]. vcg_continue. iIntros "Hr Hc".
do 3 awp_lam.
iApply (a_while_inv_spec
(k:nat, k n c C #k r C #(fact k))%I with "[Hr Hc]").
- iExists O. eauto with iFrame lia.
......@@ -87,8 +87,9 @@ Section factorial_spec.
{ rewrite Nat.add_1_r /fact. lia. }
assert (Z_of_nat' (k + 1)%nat = (k + 1)) as <- by lia.
iExists (k+1)%nat. eauto with iFrame lia.
+ iLeft. iSplit; eauto. do 2 iModIntro.
+ iLeft. iSplit; eauto. iModIntro.
iRevert "H". iIntros "%". assert (k = n) as -> by lia.
awp_load_ret r.
vcg_continue. eauto.
Qed.
End factorial_spec.
......@@ -93,6 +93,15 @@ Section memcpy.
AWP a_invoke memcpy (♯ₗp ||| (♯ₗq ||| n)) @ R {{ _, p C ls2 q C ls2 }}.
Proof.
iIntros (? ?) "Hp Hq". vcg_solver. awp_lam.
(* This can replace the proof-in-progress below:
vcg_solver. iExists 1%nat; iSplit; first done. iIntros (pp) "[Hpp _]".
vcg_continue. iIntros "Hpp". iExists 1%nat; iSplit; first done.
iIntros (qq) "[Hqq _]". vcg_continue. iIntros "Hpp Hqq".
repeat awp_proj. awp_let. set (e :=( whileᶜ (_) { _ })%E).
unfold e. vcg_solver. iIntros "Hpp Hqq". *)
iApply awp_bind. vcg_solver. iExists 1%nat; iSplit; first done.
iIntros (pp) "[Hpp _]". vcg_continue. iIntros "Hpp". awp_let.
iApply awp_bind. vcg_solver. iIntros "Hpp". iExists 1%nat; iSplit; first done.
......
......@@ -42,7 +42,10 @@ Section tests_vcg.
AWP (swap_with_alloc (cloc_to_val l1)) (cloc_to_val l2) @ R {{ _, l1 C v2 l2 C v1 }}.
Proof.
iIntros "Hl1 Hl2".
do 2 awp_lam. iApply awp_bind. awp_alloc_ret r "[Hr _]".
vcg_solver. iIntros "!> !> !> **". eauto with iFrame.
do 2 awp_lam.
vcg_solver.
iIntros "Hl2 Hl1". iExists 1%nat. iSplit; first done.
iIntros (l3) "[Hl3 _]". vcg_continue.
iIntros "!> !> !> **". eauto with iFrame.
Qed.
End tests_vcg.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment