Start working on adding arrays.

e5406329 · Robbert Krebbers · 9e4642cf · e5406329 · e5406329 · e5406329
Commit e5406329 authored Jul 01, 2018 by Robbert Krebbers
8 changed files
--- a/theories/c_translation/monad.v
+++ b/theories/c_translation/monad.v
@@ -62,8 +62,8 @@ Section a_wp.
  Context `{amonadG Σ}.

  Definition env_inv (env : val) : iProp Σ :=
-    (∃ (X : gset cloc) (σ : gmap cloc (lvl * val)),
-      ⌜ X ⊆ locked_locs σ ⌝ ∧
+    (∃ (X : gset val) (σ : gmap cloc (lvl * val)),
+      ⌜ ∀ v, v ∈ X → ∃ cl, cloc_of_val v = Some cl ∧ cl ∈ locked_locs σ ⌝ ∧
      is_mset env X ∗
      full_locking_heap σ)%I.

@@ -300,7 +300,7 @@ Section a_wp_run.
    iIntros (k γ') "#Hlock". rewrite- wp_fupd.
    iMod (flock_res_single_alloc _ ∅ _ _ (env_inv env ∗ R)%I
      with "Hlock [Henv Hσ $HR]") as (i) "[_ Hres]"; first done.
-    { iNext. iExists ∅, ∅. rewrite /locked_locs dom_empty_L. by iFrame. }
+    { iNext. iExists ∅, ∅. iFrame. iPureIntro; set_solver. }
    iSpecialize ("Hwp" $! amg).
    iMod (wp_value_inv with "Hwp") as "Hwp".
    wp_let. wp_bind (ev env k).

--- a/theories/c_translation/translation.v
+++ b/theories/c_translation/translation.v
--- a/theories/lib/locking_heap.v
+++ b/theories/lib/locking_heap.v
--- a/theories/vcgen/dcexpr.v
+++ b/theories/vcgen/dcexpr.v
 From iris.heap_lang Require Export proofmode notation.
 From iris.bi Require Import big_op.
-From iris_c.c_translation Require Import monad translation proofmode.
+From iris_c.c_translation Require Export translation proofmode.

-Definition known_locs := list loc.
+Definition known_locs := list cloc.

 Inductive dloc :=
  | dLoc : nat → dloc
-  | dLocUnknown : loc → dloc.
+  | dLocUnknown : cloc → dloc.

 Global Instance dloc_decision : EqDecision dloc.
 Proof. solve_decision. Defined.

+(* This data type is kind of redundant, as long as we don't have symbolic
+Booleans and integers *)
 Inductive dbase_lit : Type :=
  | dLitInt : Z → dbase_lit
  | dLitBool : bool → dbase_lit
  | dLitUnit : dbase_lit
-  | dLitLoc : dloc → dbase_lit
  | dLitUnknown : base_lit → dbase_lit.

 Global Instance dlit_decision : EqDecision dbase_lit.
@@ -23,6 +24,7 @@ Proof. solve_decision. Defined.

 Inductive dval : Type :=
  | dLitV : dbase_lit → dval
+  | dLocV : dloc → dval
  | dValUnknown : val → dval.

 Global Instance dval_EqDecision : EqDecision dval.
@@ -44,9 +46,9 @@ Global Instance doption_fmap : FMap doption := λ A B f m,
  | dUnknown o => dUnknown (f <$> o)
  end.

-Definition dloc_interp (E : known_locs) (dl : dloc) : loc :=
+Definition dloc_interp (E : known_locs) (dl : dloc) : cloc :=
  match dl with
-  | dLoc i => from_option id inhabitant (E !! i)
+  | dLoc i => default inhabitant (E !! i)
  | dLocUnknown l => l
  end.

@@ -55,13 +57,13 @@ Definition dbase_lit_interp (E : known_locs) (l : dbase_lit) : base_lit :=
  | dLitInt x => LitInt x
  | dLitBool b => LitBool b
  | dLitUnit => LitUnit
-  | dLitLoc dl => LitLoc (dloc_interp E dl)
  | dLitUnknown l => l
  end.

 Definition dval_interp (E : known_locs) (v : dval) : val :=
  match v with
  | dLitV l => LitV (dbase_lit_interp E l)
+  | dLocV dl => cloc_to_val (dloc_interp E dl)
  | dValUnknown v => v
  end.

@@ -130,6 +132,7 @@ Definition dbin_op_eval
                bin_op_eval op (dval_interp E dv1) (dval_interp E dv2))
         | _, _ => dNone
         end
+  | _, _ => dNone
  end.

 Lemma dbin_op_eval_correct E op dv1 dv2 w :
@@ -137,29 +140,30 @@ Lemma dbin_op_eval_correct E op dv1 dv2 w :
  bin_op_eval op (dval_interp E dv1) (dval_interp E dv2) =
  Some (dval_interp E w).
 Proof.
-  destruct dv1 as [dl1 | v1].
-  - destruct dv2 as [dl2 | v2].
+  destruct dv1 as [dl1 | v1|]=> //.
+  - destruct dv2 as [dl2 | v2|]=> //.
    + unfold bin_op_eval. simpl. case_decide; simplify_eq/=.
      { inversion 1. rewrite /bin_op_eval /=.  f_equal. simplify_eq /=.
         do 2 case_bool_decide; simplify_eq /=; eauto. destruct H0. done. }
      { rewrite /bin_op_eval; intros; destruct dl1, dl2;
          rewrite /bin_op_eval_int /bin_op_eval_bool; simplify_eq /=; f_equal;
            try (destruct op; done); simpl.
-        -  rewrite /bin_op_eval in H0; case_decide; first done.
-           destruct b; simplify_eq /=; f_equal.
+        - rewrite /bin_op_eval in H0; case_decide; first done.
+          destruct b; simplify_eq /=; f_equal.
        - destruct op; simplify_eq /=; try done.
-        -  case_decide; first done. destruct b0; simplify_eq /=; f_equal.
-           destruct op; simplify_eq /=; try done.
-        -  case_decide; first done. destruct b; simplify_eq /=; f_equal.
-        -  case_decide; first done; destruct b; simplify_eq /=; f_equal;
+        - case_decide; first done. destruct b0; simplify_eq /=; f_equal.
+          destruct op; simplify_eq /=; try done.
+        - case_decide; first done. destruct b; simplify_eq /=; f_equal.
+        - case_decide; first done; destruct b; simplify_eq /=; f_equal;
            destruct op; simplify_eq /=; try done.
-        -  case_decide; first done; destruct b; simplify_eq /=; f_equal.
-        -  case_decide; first done; destruct b; simplify_eq /=; f_equal.
-        -  case_decide; first done; destruct b,b0; simplify_eq /=; f_equal.
-           destruct op; simplify_eq /=; try done. }
-    + simpl; destruct (bin_op_eval op #(dbase_lit_interp E dl1) v2);
+        - case_decide; first done; destruct b; simplify_eq /=; f_equal.
+        - case_decide; first done; destruct b,b0; simplify_eq /=; f_equal.
+            destruct op; simplify_eq /=; try done. }
+    + simpl; destruct (bin_op_eval op #(dbase_lit_interp E dl1) _);
        try by inversion 1.
-  - simpl; destruct (bin_op_eval op v1 (dval_interp E dv2));
+  - simpl; destruct (bin_op_eval op _ (dval_interp E dv2)), dv2;
+      try by inversion 1.
+  - simpl; destruct (bin_op_eval op _ (dval_interp E dv2)), dv2;
      try by inversion 1.
 Qed.

@@ -174,13 +178,14 @@ Definition dun_op_eval (E : known_locs) (op : un_op) (dv : dval) : doption dval
    | _, dLitUnknown l => dUnknown (dValUnknown <$> un_op_eval op (dval_interp E dv))
    | _,_ => dNone
    end
+  | dLocV _ => dNone
  end.

 Lemma dun_op_eval_correct E op dv w :
  doption_interp (dun_op_eval E op dv) = Some w →
  un_op_eval op (dval_interp E dv) = Some (dval_interp E w).
 Proof.
-  destruct dv as [dl | v]; simpl; last first.
+  destruct dv as [dl | v|]=> //=; last first.
  - destruct (un_op_eval op v); simpl; by inversion 1.
  - destruct op.
    + destruct dl; simpl; try by inversion 1.
@@ -216,7 +221,7 @@ Fixpoint dcexpr_interp (E: known_locs) (de: dcexpr) : expr :=

 Definition dval_wf (E: known_locs) (dv : dval) : bool :=
  match dv with
-  | dLitV (dLitLoc (dLoc i)) => bool_decide (is_Some (E!!i))
+  | dLocV (dLoc i) => bool_decide (is_Some (E !! i))
  | _  => true
  end.

@@ -233,7 +238,7 @@ Fixpoint dcexpr_wf (E: known_locs) (de: dcexpr) : bool :=
 Lemma dval_wf_mono (E E': known_locs) (dv: dval) :
  dval_wf E dv → E `prefix_of` E' → dval_wf E' dv.
 Proof.
-  destruct dv as [d|]; last done. destruct d; eauto.
+  destruct dv as [d| |]=> //.
  destruct d as [i|]; last done; simplify_eq /=.
  intros Hb Hpre. case_bool_decide; last done.
  clear Hb. generalize dependent E. revert E'. induction i as [| i].
@@ -283,7 +288,7 @@ Proof. destruct op, dv1,dv2; simpl; repeat case_match; intros; simplify_eq/=; do
 Lemma dval_interp_mono (E E': known_locs) (dv: dval) :
  dval_wf E dv → E `prefix_of` E' → dval_interp E dv = dval_interp E' dv.
 Proof.
-  destruct dv as [d|]; last done. destruct d; eauto.
+  destruct dv as [d| |]=> //.
  destruct d as [i|]; last done; simplify_eq /=.
  intros Hb Hpre. case_bool_decide; last done.
  clear Hb. generalize dependent E. revert E'. induction i as [| i].
@@ -314,7 +319,7 @@ Proof. induction de; simpl; solve_closed. Qed.

 (** * Reification of C syntax *)
 (** ** LocLookup *)
-Class LocLookup (E : known_locs) (l : loc) (i : nat) :=
+Class LocLookup (E : known_locs) (l : cloc) (i : nat) :=
  loc_lookup : E !! i = Some l.

 Global Instance loc_lookup_here l E : LocLookup (l :: E) l 0.
@@ -324,30 +329,16 @@ Global Instance loc_lookup_there l l' E i :
  LocLookup E l i → LocLookup (l' :: E) l (S i).
 Proof. done. Qed.

-(** ** BaseLitQuote *)
-Class BaseLitQuote (E : known_locs) (l : base_lit) (dl : dbase_lit) :=
-  { base_lit_quote : l = dbase_lit_interp E dl;
-    base_lit_quote_wf : dval_wf E (dLitV dl) }.
-
-(** BaseLitQuote for locs *)
-Global Instance base_lit_quote_loc E l i :
-  LocLookup E l i → BaseLitQuote E (LitLoc l) (dLitLoc (dLoc i)) | 1.
-Proof.
-  rewrite /LocLookup=>Hi.
-  split; rewrite /= ?Hi //.
-Qed.
-
-Global Instance base_lit_quote_loc_unknown E l :
-  BaseLitQuote E (LitLoc l) (dLitLoc (dLocUnknown l)) | 10.
-Proof. done. Qed.
+(** ** IntoDBaseLit *)
+Class IntoDBaseLit (E : known_locs) (l : base_lit) (dl : dbase_lit) :=
+  into_dbase_lit : l = dbase_lit_interp E dl.

-(** BaseLitQuote for constants *)
-Global Instance base_lit_quote_int E i :
-  BaseLitQuote E (LitInt i) (dLitInt i).
+Global Instance into_dbase_lit_int E i :
+  IntoDBaseLit E (LitInt i) (dLitInt i).
 Proof. split; eauto. Qed.

-Global Instance base_lit_quote_default E l :
-  BaseLitQuote E l (dLitUnknown l) | 1000.
+Global Instance into_dbase_lit_default E l :
+  IntoDBaseLit E l (dLitUnknown l) | 1000.
 Proof. split; eauto. Qed.

 (** ** ExprIntoDVal *)
@@ -355,12 +346,17 @@ Class ExprIntoDVal (E : known_locs) (e : expr) (dv : dval) :=
  { expr_into_dval : e = of_val (dval_interp E dv);
    expr_into_dval_wf : dval_wf E dv }.

-Global Instance expr_into_dval_loc E l dl :
-  BaseLitQuote E l dl → ExprIntoDVal E (Lit l) (dLitV dl).
-Proof.
-  intros ?; split; simpl; eauto using base_lit_quote_wf.
-  rewrite -base_lit_quote //.
-Qed.
+Global Instance expr_into_dval_lit E l dl :
+  IntoDBaseLit E l dl → ExprIntoDVal E (Lit l) (dLitV dl).
+Proof. intros ?; split=> //=. rewrite -into_dbase_lit //. Qed.
+
+Global Instance expr_into_dval_loc E l i :
+  LocLookup E l i → ExprIntoDVal E (cloc_to_val l) (dLocV (dLoc i)) | 1.
+Proof. rewrite /LocLookup=> Hi. split; rewrite /= ?Hi //. Qed.
+
+Global Instance expr_into_dval_loc_unknown E l :
+  ExprIntoDVal E (cloc_to_val l) (dLocV (dLocUnknown l)) | 10.
+Proof. done. Qed.

 Global Instance expr_into_dval_default E e v :
  IntoVal e v → ExprIntoDVal E e (dValUnknown v) | 1000.
@@ -371,12 +367,17 @@ Class IntoDVal (E : known_locs) (v : val) (dv : dval) :=
  { into_dval : v = dval_interp E dv;
    into_dval_wf : dval_wf E dv }.

-Global Instance into_dval_loc E l dl :
-  BaseLitQuote E l dl → IntoDVal E (LitV l) (dLitV dl).
-Proof.
-  intros ?; split; simpl; eauto using base_lit_quote_wf.
-  rewrite -base_lit_quote //.
-Qed.
+Global Instance into_dval_lit E l dl :
+  IntoDBaseLit E l dl → IntoDVal E (LitV l) (dLitV dl).
+Proof. intros ?; split=> //=. rewrite -into_dbase_lit //. Qed.
+
+Global Instance into_dval_loc E l i :
+  LocLookup E l i → IntoDVal E (cloc_to_val l) (dLocV (dLoc i)) | 1.
+Proof. rewrite /LocLookup=> Hi. split; rewrite /= ?Hi //. Qed.
+
+Global Instance into_dval_loc_unknown E l :
+  ExprIntoDVal E (cloc_to_val l) (dLocV (dLocUnknown l)) | 10.
+Proof. done. Qed.

 Global Instance into_dval_default E v : IntoDVal E v (dValUnknown v) | 1000.
 Proof. done. Qed.

--- a/theories/vcgen/denv.v
+++ b/theories/vcgen/denv.v
 From iris.proofmode Require Import environments coq_tactics.
 Import env_notations.
 From iris_c.vcgen Require Import dcexpr.
-From iris_c.lib Require Import U locking_heap.
 From iris_c.c_translation Require Import monad.
 From iris.algebra Require Import frac.

 Section denv.
  Definition is_dloc (E: known_locs) (dv: dval) : option nat :=
    match dv with
-    | dLitV (dLitLoc (dLoc i)) => Some i
+    | dLocV (dLoc i) => Some i
    | _ => None
    end.

  Record penv_item := PenvItem {
-    penv_loc   : loc;
+    penv_loc   : cloc;
    penv_level : lvl;
    penv_frac  : frac;
    penv_val  : val
@@ -151,11 +150,8 @@ Section denv.
    end.
 End denv.

-Lemma is_dloc_some E dv i: is_dloc E dv = Some i → dv = dLitV (dLitLoc (dLoc i)).
-Proof.
-  destruct dv as [d|]; [destruct d|]; intros; simplify_eq /=.
-  by destruct d; simplify_eq.
-Qed.
+Lemma is_dloc_some E dv i : is_dloc E dv = Some i → dv = dLocV (dLoc i).
+Proof. by destruct dv as [|[]|]; intros; simplify_eq /=. Qed.

 Lemma denv_merge_nil_r m :
  denv_merge m [] = m.
@@ -242,7 +238,7 @@ Section denv_spec.
          iDestruct (mapsto_value_agree with "H1 H2") as %->.
          iCombine "H1 H2" as "H".
          iApply (mapsto_downgrade' with "H").
-          apply lvl_included. destruct x,x'; eauto.
+          apply lvl_included. destruct x,x'; simpl; eauto.
        * iIntros "[H1 H2]".
          rewrite /denv_interp_aux. simpl.  iDestruct "H1" as "[$ H1]".
          iDestruct ("IHm" $! i (k+1)%nat with "[H1 H2]") as "H".

--- a/theories/vcgen/splitenv.v
+++ b/theories/vcgen/splitenv.v
 From iris.proofmode Require Import environments coq_tactics.
 Import env_notations.
-From iris_c.vcgen Require Import dcexpr denv.
-From iris_c.lib Require Import U locking_heap.
-From iris_c.c_translation Require Import monad.
+From iris_c.vcgen Require Export dcexpr denv.
 From iris.algebra Require Import frac.

 Section splitenv.
@@ -48,34 +46,18 @@ Section splitenv.
  Class ListOfMapsto (Γls : penv) (E : known_locs) (ps : denv) :=
    list_of_mapsto : penv_interp Γls ⊢ denv_interp E ps.

-  Global Instance list_of_mapsto_Nil E : ListOfMapsto [] E [].
+  Global Instance list_of_mapsto_nil E : ListOfMapsto [] E [].
  Proof. unfold ListOfMapsto. simpl. eauto. Qed.

-  Global Instance list_of_mapsto_cons_dLitV E Γls ps lit dlit i l x q :
-    BaseLitQuote E lit dlit →
-    LocLookup E l i →
-    ListOfMapsto Γls E ps →
-    ListOfMapsto (PenvItem l x q (LitV lit) :: Γls) E
-                 (denv_insert i x q (dLitV dlit) ps).
-  Proof.
-    rewrite /LocLookup => [[Hlit ?] Hi].
-    rewrite /ListOfMapsto => HΓls /=.
-    iDestruct 1 as "[Hl H]". cbn.
-    rewrite Hlit. unfold penv_interp in *. rewrite HΓls.
-    rewrite -denv_insert_interp. iFrame. simpl. rewrite Hi. done.
-  Qed.
-
-  Global Instance list_of_mapsto_cons_dValUnknown E Γls ps v i l x q :
+  Global Instance list_of_mapsto_cons E Γls ps v dv i l x q :
    LocLookup E l i →
+    IntoDVal E v dv →
    ListOfMapsto Γls E ps →
    ListOfMapsto (PenvItem l x q v :: Γls) E
-                 (denv_insert i x q (dValUnknown v) ps) | 100.
+                 (denv_insert i x q dv ps).
  Proof.
-    rewrite /LocLookup => Hi.
-    rewrite /ListOfMapsto => HΓls /=.
-    iDestruct 1 as "[Hl H]". cbn.
-    unfold penv_interp in *. rewrite HΓls.
-    rewrite -denv_insert_interp. iFrame. simpl. rewrite Hi. done.
+    rewrite /LocLookup /ListOfMapsto /penv_interp=> Hi [-> ?] HΓls /=.
+    iIntros "[Hl H] /=". rewrite HΓls -denv_insert_interp /= Hi. iFrame.
  Qed.

  Lemma tac_envs_split_mapsto  Γs_in Γs_out Γls Γp c ps P:
@@ -99,4 +81,3 @@ Section splitenv.
    - by iApply Hexhale.
  Qed.
 End splitenv.
-
--- a/theories/vcgen/tests/test.v
+++ b/theories/vcgen/tests/test.v
@@ -8,45 +8,45 @@ From iris_c.lib Require Import locking_heap U.
 Section tests_vcg.
  Context `{amonadG Σ}.

-  Lemma test_seq (s l : loc) :
+  Lemma test_seq s l :
    s ↦C[ULvl] #0 -∗ l ↦C[ULvl] #1 -∗
-    AWP (♯l =ᶜ ♯2 ;ᶜ ♯1 +ᶜ (♯l =ᶜ ♯1)) +ᶜ (♯s =ᶜ ♯4)
+    AWP (♯ₗl =ᶜ ♯2 ;ᶜ ♯1 +ᶜ (♯ₗ l =ᶜ ♯1)) +ᶜ (♯ₗ s =ᶜ ♯4)
    {{ v, ⌜v = #6⌝ ∧ s ↦C[LLvl] #4 ∗ l ↦C[LLvl] #1 }}.
  Proof.
    iIntros "Hs Hl".
    vcg_solver. eauto with iFrame.
  Qed.

-  Lemma test_seq2 (s l : loc) :
+  Lemma test_seq2 s l :
    s ↦C[ULvl] #0 -∗ l ↦C[ULvl] #1 -∗
-    AWP (♯l =ᶜ ♯2 ;ᶜ ∗ᶜ ♯l) +ᶜ (♯s =ᶜ ♯4) {{ v, ⌜v = #6⌝ ∧ s ↦C[LLvl] #4 ∗ l ↦C #2 }}.
+    AWP (♯ₗl =ᶜ ♯2 ;ᶜ ∗ᶜ ♯ₗl) +ᶜ (♯ₗs =ᶜ ♯4) {{ v, ⌜v = #6⌝ ∧ s ↦C[LLvl] #4 ∗ l ↦C #2 }}.
  Proof.
    iIntros "Hs Hl".
    vcg_solver.
    rewrite Qp_half_half. eauto with iFrame.
  Qed.

-  Lemma test_seq3 (l : loc) :
+  Lemma test_seq3 l :
    l ↦C #0 -∗
-    AWP ♯l =ᶜ ♯2 ;ᶜ ♯1 +ᶜ (♯l =ᶜ ♯1) {{ _, l ↦C[LLvl] #1 }}.
+    AWP ♯ₗl =ᶜ ♯2 ;ᶜ ♯1 +ᶜ (♯ₗl =ᶜ ♯1) {{ _, l ↦C[LLvl] #1 }}.
  Proof.
    iIntros "Hl". vcg_solver. iModIntro. eauto with iFrame.
  Qed.

-  Lemma test_seq4 (l k : loc) :
+  Lemma test_seq4 l k :
    l ↦C #0 -∗
    k ↦C #0 -∗
-    AWP (♯l =ᶜ ♯2 ;ᶜ ♯1 +ᶜ (♯l =ᶜ ♯1)) +ᶜ (♯k =ᶜ ♯2 ;ᶜ ♯1 +ᶜ (♯k =ᶜ ♯1))
+    AWP (♯ₗl =ᶜ ♯2 ;ᶜ ♯1 +ᶜ (♯ₗl =ᶜ ♯1)) +ᶜ (♯ₗk =ᶜ ♯2 ;ᶜ ♯1 +ᶜ (♯ₗk =ᶜ ♯1))
      {{ v, ⌜v = #4⌝ ∧ l ↦C[LLvl] #1 ∗ k ↦C[LLvl] #1 }}.
  Proof.
    iIntros "Hl Hk".
    vcg_solver. iModIntro. by eauto with iFrame.
  Qed.

-  Definition stupid (l : loc) : expr :=
-    a_store (a_ret #l) (a_ret #1);ᶜ a_ret #0.
+  Definition stupid (l : cloc) : expr :=
+    a_store (♯ₗ l) (♯ 1);ᶜ a_ret #0.

-  Lemma test_seq_fail (l : loc) :
+  Lemma test_seq_fail l :
    l ↦C[ULvl] #0 -∗
    awp (a_bin_op PlusOp (a_bin_op PlusOp (stupid l) (stupid l)) (a_ret #0))
        True (λ v, l ↦C #1).
@@ -54,19 +54,19 @@ Section tests_vcg.
    iIntros "Hl". vcg_solver. Fail by eauto with iFrame.
  Abort.

-  Lemma test_seq5 (l k : loc) :
+  Lemma test_seq5 l k :
    l ↦C #0 -∗
    k ↦C #0 -∗
-    AWP ♯0 +ᶜ (♯l =ᶜ ♯1 ;ᶜ ♯k =ᶜ ♯2 ;ᶜ ♯0) {{ v, ⌜v = #0⌝ ∗ l ↦C #1 ∗ k ↦C #2 }}.
+    AWP ♯0 +ᶜ (♯ₗl =ᶜ ♯1 ;ᶜ ♯ₗk =ᶜ ♯2 ;ᶜ ♯0) {{ v, ⌜v = #0⌝ ∗ l ↦C #1 ∗ k ↦C #2 }}.
  Proof.
    iIntros "Hl Hk". vcg_solver.
    repeat iModIntro. by eauto with iFrame.
  Qed.

-  Lemma test_sp1 (l k : loc) :
+  Lemma test_sp1 l k :
    l ↦C #0 -∗
    k ↦C #0 -∗
-    AWP ♯1 +ᶜ (♯l =ᶜ ♯1 ;ᶜ (♯k =ᶜ ♯2) +ᶜ ∗ᶜ ♯l ;ᶜ ∗ᶜ ♯k +ᶜ (♯l =ᶜ ♯2))
+    AWP ♯1 +ᶜ (♯ₗl =ᶜ ♯1 ;ᶜ (♯ₗk =ᶜ ♯2) +ᶜ ∗ᶜ ♯ₗl ;ᶜ ∗ᶜ ♯ₗk +ᶜ (♯ₗl =ᶜ ♯2))
      {{ v, ⌜v = #5⌝ ∗ l ↦C[LLvl] #2 ∗ k ↦C #2 }}.
  Proof.
    iIntros "Hl Hk". vcg_solver.
@@ -74,40 +74,40 @@ Section tests_vcg.
    eauto with iFrame.
  Qed.

-  Lemma test_sp2 (l : loc) :
+  Lemma test_sp2 l :
    l ↦C #0 -∗
-    AWP ♯1 +ᶜ (♯l =ᶜ ♯1 ;ᶜ ∗ᶜ ♯l +ᶜ ∗ᶜ ♯l ;ᶜ ♯l =ᶜ ♯2) {{ v, ⌜v = #3⌝ ∗ l ↦C[LLvl] #2 }}.
+    AWP ♯1 +ᶜ (♯ₗl =ᶜ ♯1 ;ᶜ ∗ᶜ ♯ₗl +ᶜ ∗ᶜ ♯ₗl ;ᶜ ♯ₗl =ᶜ ♯2) {{ v, ⌜v = #3⌝ ∗ l ↦C[LLvl] #2 }}.
  Proof.
    iIntros "Hl". vcg_solver.
    repeat iModIntro. rewrite ?Qp_half_half.
    eauto with iFrame.
  Qed.

-  Lemma store_load (s l : loc) R :
+  Lemma store_load s l R :
    s ↦C #0 -∗ l ↦C #1 -∗
-    AWP a_ret (LitV s) =ᶜ ∗ᶜ (a_ret (LitV l)) @ R {{ _, s ↦C[LLvl] #1 ∗ l ↦C #1 }}.
+    AWP ♯ₗs =ᶜ ∗ᶜ ♯ₗl @ R {{ _, s ↦C[LLvl] #1 ∗ l ↦C #1 }}.
  Proof.
    iIntros "Hs Hl".
    vcg_solver. eauto with iFrame.
  Qed.

-  Lemma store_load_load (s1 s2 l : loc) R :
+  Lemma store_load_load s1 s2 l R :
    s1 ↦C #0 -∗ l ↦C #1 -∗ s2 ↦C #0 -∗
-    AWP ♯s1 =ᶜ ∗ᶜ ♯l ;ᶜ ∗ᶜ ♯s1 +ᶜ ♯42 @ R {{ _, s1 ↦C #1 ∗ l ↦C #1 }}.
+    AWP ♯ₗs1 =ᶜ ∗ᶜ ♯ₗl ;ᶜ ∗ᶜ ♯ₗs1 +ᶜ ♯42 @ R {{ _, s1 ↦C #1 ∗ l ↦C #1 }}.
      (* (a_store (a_ret #s2) (a_load (a_ret #l)))) R  (λ _, s1 ↦U #1 ∗ l ↦U #1). *)
  Proof.
    iIntros "Hs1 Hl Hs2". vcg_solver. iModIntro.
    rewrite Qp_half_half. eauto with iFrame.
  Qed.

-  Lemma test3 (l : loc) :
+  Lemma test3 l :
    l ↦C #1 -∗
-    AWP (♯l =ᶜ ♯2) +ᶜ (♯l =ᶜ ♯2) {{ _, True }}.
+    AWP (♯ₗl =ᶜ ♯2) +ᶜ (♯ₗl =ᶜ ♯2) {{ _, True }}.
  Proof. iIntros "Hl". vcg_solver. Abort.

-  Lemma test_while (l : loc) R :
+  Lemma test_while l R :
    l ↦C #1 -∗
-    AWP whileᶜ (∗ᶜ ♯l <ᶜ ♯2) { ♯l =ᶜ ♯1 } @ R {{ _, True }}.
+    AWP whileᶜ (∗ᶜ ♯ₗl <ᶜ ♯2) { ♯ₗl =ᶜ ♯1 } @ R {{ _, True }}.
  Proof.
    iIntros "Hl".
    iLöb as "IH".

--- a/theories/vcgen/vcgen.v
+++ b/theories/vcgen/vcgen.v
@@ -3,7 +3,6 @@ From iris.algebra Require Import frac.
 From iris.bi Require Import big_op.
 From iris_c.vcgen Require Import dcexpr denv.
 From iris_c.c_translation Require Import monad translation proofmode.
-From iris_c.lib Require Import locking_heap U.

 (*
 TODO
@@ -122,9 +121,9 @@ Section vcg.
           vcg_wp_continuation E Φ v))
       end
    | _ =>
-      mapsto_wand_list E m (∃ (l : loc) q v,
-        ⌜dval_interp E dv = #l⌝ ∧
-        l ↦C{q} v ∗ (l ↦C{q} v -∗ vcg_wp_continuation E Φ v))%I
+      mapsto_wand_list E m (∃ (cl : cloc) q v,
+        ⌜dval_interp E dv = cloc_to_val cl⌝ ∧
+        cl ↦C{q} v ∗ (cl ↦C{q} v -∗ vcg_wp_continuation E Φ v))%I
    end%I.

  Definition vcg_wp_store (E : known_locs) (dv1 dv2 : dval) (m : denv)
@@ -140,10 +139,10 @@ Section vcg.
            vcg_wp_continuation E Φ (dval_interp E dv2)))
       end
    | _ =>
-       mapsto_wand_list E m (∃ (l : loc) (v : val),
-         ⌜dval_interp E dv1 = #l⌝ ∧
-         dloc_interp E (dLocUnknown l) ↦C v ∗
-         (dloc_interp E (dLocUnknown l) ↦C[LLvl] dval_interp E dv2 -∗
+       mapsto_wand_list E m (∃ (cl : cloc) (v : val),
+         ⌜dval_interp E dv1 = cloc_to_val cl⌝ ∧
+         cl ↦C v ∗
+         (cl ↦C[LLvl] dval_interp E dv2 -∗
          vcg_wp_continuation E Φ (dval_interp E dv2)))%I
    end%I.

@@ -206,7 +205,7 @@ Section vcg_spec.
    mapsto_wand_list_aux E m Φ k -∗
    ([∗ list] n↦dio ∈ m, from_option
        (λ '{| denv_level := lv; denv_frac := q; denv_dval := dv |},
-           default 1%positive (E !! (k + n)%nat) ↦C[lv]{q} dval_interp E dv) True dio) -∗ Φ.
+           default inhabitant (E !! (k + n)%nat) ↦C[lv]{q} dval_interp E dv) True dio) -∗ Φ.
  Proof.
    iIntros "H". iInduction m as [|[[x q dv]|]] "IH" forall (k); simpl; first auto.
    - iIntros "[H1 H2]". rewrite -plus_n_O. iSpecialize ("H" with "H1").
@@ -230,15 +229,13 @@ Section vcg_spec.
    revert ms ms' mNew dv. induction de;
    intros ms ms' mNew dv Hsp; simplify_eq/=; eauto.
    - destruct (vcg_sp E ms de) as [[[ms1 mNew1] dv1]|] eqn:Hout; simplify_eq /=.
-      destruct dv1 as [dv1|dv1]; destruct dv1; simplify_eq/=.
-      destruct d as [i|?]; simplify_eq/=.
+      destruct dv1 as [?|[i|?]|]; simplify_eq/=.
      destruct (denv_delete_frac_2 i ms1 mNew1) as [[[[ms2 mNew2] q] dv1]|] eqn:Hout1; simplify_eq/=.
      transitivity (length ms1).
      + by eapply IHde.
      + by eapply denv_delete_frac_2_length.
    - destruct (vcg_sp E ms de1) as [[[ms1 mNew1] dv1]|] eqn:Hde1; simplify_eq /=.
-      destruct dv1 as [dv1|dv1]; destruct dv1; simplify_eq/=.
-      destruct d as [i|?]; simplify_eq/=.
+      destruct dv1 as [?|[i|?]|]; simplify_eq/=.
      destruct (vcg_sp E ms1 de2) as [[[ms2 mNew2] dv2]|] eqn:Hde2; simplify_eq /=.
      destruct (denv_delete_full_2 i ms2 (denv_merge mNew1 mNew2)) as [[[ms3 mNew3] dv1]|] eqn:Hout1; simplify_eq/=.
      transitivity (length ms1).
@@ -271,8 +268,7 @@ Section vcg_spec.
      iApply awp_ret. wp_value_head. iSplit; eauto. rewrite /denv_interp //.
    - specialize (IHde ms).
      destruct (vcg_sp E ms de) as [[[ms1 mNew1] dv1]|]; simplify_eq /=.
-      destruct dv1 as [dv1|dv1]; destruct dv1; simplify_eq/=.
-      destruct d as [i|?]; simplify_eq/=.
+      destruct dv1 as [?|[i|?]|]; simplify_eq/=.
      destruct (denv_delete_frac_2 i ms1 mNew1) as [[[[ms2 mNew2] q] dv1]|] eqn:Hfar; simplify_eq/=.
      iPoseProof IHde as "Hawp"; first done.
      iPoseProof denv_delete_frac_2_interp as "Hm"; first eassumption.
@@ -289,8 +285,7 @@ Section vcg_spec.
      by iFrame.
    - specialize (IHde1 ms).
      destruct (vcg_sp E ms de1) as [[[ms1 mNew1] dv1]|]; simplify_eq /=.
-      destruct dv1 as [dv1|dv1]; destruct dv1; simplify_eq/=.
-      destruct d as [i|?]; simplify_eq/=.
+      destruct dv1 as [?|[i|?]|]; simplify_eq/=.
      specialize (IHde2 ms1).
      destruct (vcg_sp E ms1 de2) as [[[ms2 mNew2] dv2]|]; simplify_eq /=.
      destruct (denv_delete_full_2 i ms2 (denv_merge mNew1 mNew2))
@@ -391,16 +386,14 @@ Section vcg_spec.
    revert ms ms' mNew dv. induction de;
    intros ms ms' mNew dv Hwfms Hwfde Hsp; simplify_eq/=; eauto.
    - destruct (vcg_sp E ms de) as [[[ms1 mNew1] dv1]|] eqn:Hsp1; simplify_eq /=.
-      destruct dv1 as [dv1|dv1]; destruct dv1; simplify_eq/=.
-      destruct d as [i|?]; simplify_eq/=.
+      destruct dv1 as [?|[i|?]|]; simplify_eq/=.
      destruct (denv_delete_frac_2 i ms1 mNew1) as [[[[ms2 mNew2] q] dv1]|] eqn:Hout1; simplify_eq/=.
      destruct (IHde _ _ _ _ Hwfms Hwfde Hsp1) as (?&?&?).
      eapply denv_wf_delete_frac_2 in Hout1; eauto.
      destruct Hout1 as (?&?&?).
      repeat split; eauto using denv_wf_insert.
    - destruct (vcg_sp E ms de1) as [[[ms1 mNew1] dv1]|] eqn:Hsp1; simplify_eq /=.
-      destruct dv1 as [dv1|dv1]; destruct dv1; simplify_eq/=.
-      destruct d as [i|?]; simplify_eq/=.
+      destruct dv1 as [?|[i|?]|]; simplify_eq/=.
      destruct (vcg_sp E ms1 de2) as [[[ms2 mNew2] dv2]|] eqn:Hsp2; simplify_eq /=.
      destruct (denv_delete_full_2 i ms2 (denv_merge mNew1 mNew2)) as [[[ms3 mNew3] dv1]|] eqn:Hout1; simplify_eq/=.
      apply andb_True in Hwfde. destruct Hwfde as [Hwfde1 Hwfde2].
@@ -468,8 +461,8 @@ Section vcg_spec.
    denv_wf E m →
    denv_interp E m -∗
    vcg_wp_load E dv m Φ -∗
-    ∃ (l : loc) q w, ⌜dval_interp E dv = #l⌝