Commit e5406329 authored by Robbert Krebbers's avatar Robbert Krebbers

Start working on adding arrays.

parent 9e4642cf
......@@ -62,8 +62,8 @@ Section a_wp.
Context `{amonadG Σ}.
Definition env_inv (env : val) : iProp Σ :=
( (X : gset cloc) (σ : gmap cloc (lvl * val)),
X locked_locs σ
( (X : gset val) (σ : gmap cloc (lvl * val)),
v, v X cl, cloc_of_val v = Some cl cl locked_locs σ
is_mset env X
full_locking_heap σ)%I.
......@@ -300,7 +300,7 @@ Section a_wp_run.
iIntros (k γ') "#Hlock". rewrite- wp_fupd.
iMod (flock_res_single_alloc _ _ _ (env_inv env R)%I
with "Hlock [Henv Hσ $HR]") as (i) "[_ Hres]"; first done.
{ iNext. iExists , . rewrite /locked_locs dom_empty_L. by iFrame. }
{ iNext. iExists , . iFrame. iPureIntro; set_solver. }
iSpecialize ("Hwp" $! amg).
iMod (wp_value_inv with "Hwp") as "Hwp".
wp_let. wp_bind (ev env k).
......
This diff is collapsed.
This diff is collapsed.
From iris.heap_lang Require Export proofmode notation.
From iris.bi Require Import big_op.
From iris_c.c_translation Require Import monad translation proofmode.
From iris_c.c_translation Require Export translation proofmode.
Definition known_locs := list loc.
Definition known_locs := list cloc.
Inductive dloc :=
| dLoc : nat dloc
| dLocUnknown : loc dloc.
| dLocUnknown : cloc dloc.
Global Instance dloc_decision : EqDecision dloc.
Proof. solve_decision. Defined.
(* This data type is kind of redundant, as long as we don't have symbolic
Booleans and integers *)
Inductive dbase_lit : Type :=
| dLitInt : Z dbase_lit
| dLitBool : bool dbase_lit
| dLitUnit : dbase_lit
| dLitLoc : dloc dbase_lit
| dLitUnknown : base_lit dbase_lit.
Global Instance dlit_decision : EqDecision dbase_lit.
......@@ -23,6 +24,7 @@ Proof. solve_decision. Defined.
Inductive dval : Type :=
| dLitV : dbase_lit dval
| dLocV : dloc dval
| dValUnknown : val dval.
Global Instance dval_EqDecision : EqDecision dval.
......@@ -44,9 +46,9 @@ Global Instance doption_fmap : FMap doption := λ A B f m,
| dUnknown o => dUnknown (f <$> o)
end.
Definition dloc_interp (E : known_locs) (dl : dloc) : loc :=
Definition dloc_interp (E : known_locs) (dl : dloc) : cloc :=
match dl with
| dLoc i => from_option id inhabitant (E !! i)
| dLoc i => default inhabitant (E !! i)
| dLocUnknown l => l
end.
......@@ -55,13 +57,13 @@ Definition dbase_lit_interp (E : known_locs) (l : dbase_lit) : base_lit :=
| dLitInt x => LitInt x
| dLitBool b => LitBool b
| dLitUnit => LitUnit
| dLitLoc dl => LitLoc (dloc_interp E dl)
| dLitUnknown l => l
end.
Definition dval_interp (E : known_locs) (v : dval) : val :=
match v with
| dLitV l => LitV (dbase_lit_interp E l)
| dLocV dl => cloc_to_val (dloc_interp E dl)
| dValUnknown v => v
end.
......@@ -130,6 +132,7 @@ Definition dbin_op_eval
bin_op_eval op (dval_interp E dv1) (dval_interp E dv2))
| _, _ => dNone
end
| _, _ => dNone
end.
Lemma dbin_op_eval_correct E op dv1 dv2 w :
......@@ -137,29 +140,30 @@ Lemma dbin_op_eval_correct E op dv1 dv2 w :
bin_op_eval op (dval_interp E dv1) (dval_interp E dv2) =
Some (dval_interp E w).
Proof.
destruct dv1 as [dl1 | v1].
- destruct dv2 as [dl2 | v2].
destruct dv1 as [dl1 | v1|]=> //.
- destruct dv2 as [dl2 | v2|]=> //.
+ unfold bin_op_eval. simpl. case_decide; simplify_eq/=.
{ inversion 1. rewrite /bin_op_eval /=. f_equal. simplify_eq /=.
do 2 case_bool_decide; simplify_eq /=; eauto. destruct H0. done. }
{ rewrite /bin_op_eval; intros; destruct dl1, dl2;
rewrite /bin_op_eval_int /bin_op_eval_bool; simplify_eq /=; f_equal;
try (destruct op; done); simpl.
- rewrite /bin_op_eval in H0; case_decide; first done.
destruct b; simplify_eq /=; f_equal.
- rewrite /bin_op_eval in H0; case_decide; first done.
destruct b; simplify_eq /=; f_equal.
- destruct op; simplify_eq /=; try done.
- case_decide; first done. destruct b0; simplify_eq /=; f_equal.
destruct op; simplify_eq /=; try done.
- case_decide; first done. destruct b; simplify_eq /=; f_equal.
- case_decide; first done; destruct b; simplify_eq /=; f_equal;
- case_decide; first done. destruct b0; simplify_eq /=; f_equal.
destruct op; simplify_eq /=; try done.
- case_decide; first done. destruct b; simplify_eq /=; f_equal.
- case_decide; first done; destruct b; simplify_eq /=; f_equal;
destruct op; simplify_eq /=; try done.
- case_decide; first done; destruct b; simplify_eq /=; f_equal.
- case_decide; first done; destruct b; simplify_eq /=; f_equal.
- case_decide; first done; destruct b,b0; simplify_eq /=; f_equal.
destruct op; simplify_eq /=; try done. }
+ simpl; destruct (bin_op_eval op #(dbase_lit_interp E dl1) v2);
- case_decide; first done; destruct b; simplify_eq /=; f_equal.
- case_decide; first done; destruct b,b0; simplify_eq /=; f_equal.
destruct op; simplify_eq /=; try done. }
+ simpl; destruct (bin_op_eval op #(dbase_lit_interp E dl1) _);
try by inversion 1.
- simpl; destruct (bin_op_eval op v1 (dval_interp E dv2));
- simpl; destruct (bin_op_eval op _ (dval_interp E dv2)), dv2;
try by inversion 1.
- simpl; destruct (bin_op_eval op _ (dval_interp E dv2)), dv2;
try by inversion 1.
Qed.
......@@ -174,13 +178,14 @@ Definition dun_op_eval (E : known_locs) (op : un_op) (dv : dval) : doption dval
| _, dLitUnknown l => dUnknown (dValUnknown <$> un_op_eval op (dval_interp E dv))
| _,_ => dNone
end
| dLocV _ => dNone
end.
Lemma dun_op_eval_correct E op dv w :
doption_interp (dun_op_eval E op dv) = Some w
un_op_eval op (dval_interp E dv) = Some (dval_interp E w).
Proof.
destruct dv as [dl | v]; simpl; last first.
destruct dv as [dl | v|]=> //=; last first.
- destruct (un_op_eval op v); simpl; by inversion 1.
- destruct op.
+ destruct dl; simpl; try by inversion 1.
......@@ -216,7 +221,7 @@ Fixpoint dcexpr_interp (E: known_locs) (de: dcexpr) : expr :=
Definition dval_wf (E: known_locs) (dv : dval) : bool :=
match dv with
| dLitV (dLitLoc (dLoc i)) => bool_decide (is_Some (E!!i))
| dLocV (dLoc i) => bool_decide (is_Some (E !! i))
| _ => true
end.
......@@ -233,7 +238,7 @@ Fixpoint dcexpr_wf (E: known_locs) (de: dcexpr) : bool :=
Lemma dval_wf_mono (E E': known_locs) (dv: dval) :
dval_wf E dv E `prefix_of` E' dval_wf E' dv.
Proof.
destruct dv as [d|]; last done. destruct d; eauto.
destruct dv as [d| |]=> //.
destruct d as [i|]; last done; simplify_eq /=.
intros Hb Hpre. case_bool_decide; last done.
clear Hb. generalize dependent E. revert E'. induction i as [| i].
......@@ -283,7 +288,7 @@ Proof. destruct op, dv1,dv2; simpl; repeat case_match; intros; simplify_eq/=; do
Lemma dval_interp_mono (E E': known_locs) (dv: dval) :
dval_wf E dv E `prefix_of` E' dval_interp E dv = dval_interp E' dv.
Proof.
destruct dv as [d|]; last done. destruct d; eauto.
destruct dv as [d| |]=> //.
destruct d as [i|]; last done; simplify_eq /=.
intros Hb Hpre. case_bool_decide; last done.
clear Hb. generalize dependent E. revert E'. induction i as [| i].
......@@ -314,7 +319,7 @@ Proof. induction de; simpl; solve_closed. Qed.
(** * Reification of C syntax *)
(** ** LocLookup *)
Class LocLookup (E : known_locs) (l : loc) (i : nat) :=
Class LocLookup (E : known_locs) (l : cloc) (i : nat) :=
loc_lookup : E !! i = Some l.
Global Instance loc_lookup_here l E : LocLookup (l :: E) l 0.
......@@ -324,30 +329,16 @@ Global Instance loc_lookup_there l l' E i :
LocLookup E l i LocLookup (l' :: E) l (S i).
Proof. done. Qed.
(** ** BaseLitQuote *)
Class BaseLitQuote (E : known_locs) (l : base_lit) (dl : dbase_lit) :=
{ base_lit_quote : l = dbase_lit_interp E dl;
base_lit_quote_wf : dval_wf E (dLitV dl) }.
(** BaseLitQuote for locs *)
Global Instance base_lit_quote_loc E l i :
LocLookup E l i BaseLitQuote E (LitLoc l) (dLitLoc (dLoc i)) | 1.
Proof.
rewrite /LocLookup=>Hi.
split; rewrite /= ?Hi //.
Qed.
Global Instance base_lit_quote_loc_unknown E l :
BaseLitQuote E (LitLoc l) (dLitLoc (dLocUnknown l)) | 10.
Proof. done. Qed.
(** ** IntoDBaseLit *)
Class IntoDBaseLit (E : known_locs) (l : base_lit) (dl : dbase_lit) :=
into_dbase_lit : l = dbase_lit_interp E dl.
(** BaseLitQuote for constants *)
Global Instance base_lit_quote_int E i :
BaseLitQuote E (LitInt i) (dLitInt i).
Global Instance into_dbase_lit_int E i :
IntoDBaseLit E (LitInt i) (dLitInt i).
Proof. split; eauto. Qed.
Global Instance base_lit_quote_default E l :
BaseLitQuote E l (dLitUnknown l) | 1000.
Global Instance into_dbase_lit_default E l :
IntoDBaseLit E l (dLitUnknown l) | 1000.
Proof. split; eauto. Qed.
(** ** ExprIntoDVal *)
......@@ -355,12 +346,17 @@ Class ExprIntoDVal (E : known_locs) (e : expr) (dv : dval) :=
{ expr_into_dval : e = of_val (dval_interp E dv);
expr_into_dval_wf : dval_wf E dv }.
Global Instance expr_into_dval_loc E l dl :
BaseLitQuote E l dl ExprIntoDVal E (Lit l) (dLitV dl).
Proof.
intros ?; split; simpl; eauto using base_lit_quote_wf.
rewrite -base_lit_quote //.
Qed.
Global Instance expr_into_dval_lit E l dl :
IntoDBaseLit E l dl ExprIntoDVal E (Lit l) (dLitV dl).
Proof. intros ?; split=> //=. rewrite -into_dbase_lit //. Qed.
Global Instance expr_into_dval_loc E l i :
LocLookup E l i ExprIntoDVal E (cloc_to_val l) (dLocV (dLoc i)) | 1.
Proof. rewrite /LocLookup=> Hi. split; rewrite /= ?Hi //. Qed.
Global Instance expr_into_dval_loc_unknown E l :
ExprIntoDVal E (cloc_to_val l) (dLocV (dLocUnknown l)) | 10.
Proof. done. Qed.
Global Instance expr_into_dval_default E e v :
IntoVal e v ExprIntoDVal E e (dValUnknown v) | 1000.
......@@ -371,12 +367,17 @@ Class IntoDVal (E : known_locs) (v : val) (dv : dval) :=
{ into_dval : v = dval_interp E dv;
into_dval_wf : dval_wf E dv }.
Global Instance into_dval_loc E l dl :
BaseLitQuote E l dl IntoDVal E (LitV l) (dLitV dl).
Proof.
intros ?; split; simpl; eauto using base_lit_quote_wf.
rewrite -base_lit_quote //.
Qed.
Global Instance into_dval_lit E l dl :
IntoDBaseLit E l dl IntoDVal E (LitV l) (dLitV dl).
Proof. intros ?; split=> //=. rewrite -into_dbase_lit //. Qed.
Global Instance into_dval_loc E l i :
LocLookup E l i IntoDVal E (cloc_to_val l) (dLocV (dLoc i)) | 1.
Proof. rewrite /LocLookup=> Hi. split; rewrite /= ?Hi //. Qed.
Global Instance into_dval_loc_unknown E l :
ExprIntoDVal E (cloc_to_val l) (dLocV (dLocUnknown l)) | 10.
Proof. done. Qed.
Global Instance into_dval_default E v : IntoDVal E v (dValUnknown v) | 1000.
Proof. done. Qed.
......
From iris.proofmode Require Import environments coq_tactics.
Import env_notations.
From iris_c.vcgen Require Import dcexpr.
From iris_c.lib Require Import U locking_heap.
From iris_c.c_translation Require Import monad.
From iris.algebra Require Import frac.
Section denv.
Definition is_dloc (E: known_locs) (dv: dval) : option nat :=
match dv with
| dLitV (dLitLoc (dLoc i)) => Some i
| dLocV (dLoc i) => Some i
| _ => None
end.
Record penv_item := PenvItem {
penv_loc : loc;
penv_loc : cloc;
penv_level : lvl;
penv_frac : frac;
penv_val : val
......@@ -151,11 +150,8 @@ Section denv.
end.
End denv.
Lemma is_dloc_some E dv i: is_dloc E dv = Some i dv = dLitV (dLitLoc (dLoc i)).
Proof.
destruct dv as [d|]; [destruct d|]; intros; simplify_eq /=.
by destruct d; simplify_eq.
Qed.
Lemma is_dloc_some E dv i : is_dloc E dv = Some i dv = dLocV (dLoc i).
Proof. by destruct dv as [|[]|]; intros; simplify_eq /=. Qed.
Lemma denv_merge_nil_r m :
denv_merge m [] = m.
......@@ -242,7 +238,7 @@ Section denv_spec.
iDestruct (mapsto_value_agree with "H1 H2") as %->.
iCombine "H1 H2" as "H".
iApply (mapsto_downgrade' with "H").
apply lvl_included. destruct x,x'; eauto.
apply lvl_included. destruct x,x'; simpl; eauto.
* iIntros "[H1 H2]".
rewrite /denv_interp_aux. simpl. iDestruct "H1" as "[$ H1]".
iDestruct ("IHm" $! i (k+1)%nat with "[H1 H2]") as "H".
......
From iris.proofmode Require Import environments coq_tactics.
Import env_notations.
From iris_c.vcgen Require Import dcexpr denv.
From iris_c.lib Require Import U locking_heap.
From iris_c.c_translation Require Import monad.
From iris_c.vcgen Require Export dcexpr denv.
From iris.algebra Require Import frac.
Section splitenv.
......@@ -48,34 +46,18 @@ Section splitenv.
Class ListOfMapsto (Γls : penv) (E : known_locs) (ps : denv) :=
list_of_mapsto : penv_interp Γls denv_interp E ps.
Global Instance list_of_mapsto_Nil E : ListOfMapsto [] E [].
Global Instance list_of_mapsto_nil E : ListOfMapsto [] E [].
Proof. unfold ListOfMapsto. simpl. eauto. Qed.
Global Instance list_of_mapsto_cons_dLitV E Γls ps lit dlit i l x q :
BaseLitQuote E lit dlit
LocLookup E l i
ListOfMapsto Γls E ps
ListOfMapsto (PenvItem l x q (LitV lit) :: Γls) E
(denv_insert i x q (dLitV dlit) ps).
Proof.
rewrite /LocLookup => [[Hlit ?] Hi].
rewrite /ListOfMapsto => HΓls /=.
iDestruct 1 as "[Hl H]". cbn.
rewrite Hlit. unfold penv_interp in *. rewrite HΓls.
rewrite -denv_insert_interp. iFrame. simpl. rewrite Hi. done.
Qed.
Global Instance list_of_mapsto_cons_dValUnknown E Γls ps v i l x q :
Global Instance list_of_mapsto_cons E Γls ps v dv i l x q :
LocLookup E l i
IntoDVal E v dv
ListOfMapsto Γls E ps
ListOfMapsto (PenvItem l x q v :: Γls) E
(denv_insert i x q (dValUnknown v) ps) | 100.
(denv_insert i x q dv ps).
Proof.
rewrite /LocLookup => Hi.
rewrite /ListOfMapsto => HΓls /=.
iDestruct 1 as "[Hl H]". cbn.
unfold penv_interp in *. rewrite HΓls.
rewrite -denv_insert_interp. iFrame. simpl. rewrite Hi. done.
rewrite /LocLookup /ListOfMapsto /penv_interp=> Hi [-> ?] HΓls /=.
iIntros "[Hl H] /=". rewrite HΓls -denv_insert_interp /= Hi. iFrame.
Qed.
Lemma tac_envs_split_mapsto Γs_in Γs_out Γls Γp c ps P:
......@@ -99,4 +81,3 @@ Section splitenv.
- by iApply Hexhale.
Qed.
End splitenv.
......@@ -8,45 +8,45 @@ From iris_c.lib Require Import locking_heap U.
Section tests_vcg.
Context `{amonadG Σ}.
Lemma test_seq (s l : loc) :
Lemma test_seq s l :
s C[ULvl] #0 - l C[ULvl] #1 -
AWP (l = 2 ; 1 + (l = 1)) + (s = 4)
AWP (l = 2 ; 1 + (♯ₗ l = 1)) + (♯ₗ s = 4)
{{ v, v = #6 s C[LLvl] #4 l C[LLvl] #1 }}.
Proof.
iIntros "Hs Hl".
vcg_solver. eauto with iFrame.
Qed.
Lemma test_seq2 (s l : loc) :
Lemma test_seq2 s l :
s C[ULvl] #0 - l C[ULvl] #1 -
AWP (l = 2 ; ∗ᶜ l) + (s = 4) {{ v, v = #6 s C[LLvl] #4 l C #2 }}.
AWP (l = 2 ; ∗ᶜ ♯ₗl) + (♯ₗs = 4) {{ v, v = #6 s C[LLvl] #4 l C #2 }}.
Proof.
iIntros "Hs Hl".
vcg_solver.
rewrite Qp_half_half. eauto with iFrame.
Qed.
Lemma test_seq3 (l : loc) :
Lemma test_seq3 l :
l C #0 -
AWP l = 2 ; 1 + (l = 1) {{ _, l C[LLvl] #1 }}.
AWP l = 2 ; 1 + (♯ₗl = 1) {{ _, l C[LLvl] #1 }}.
Proof.
iIntros "Hl". vcg_solver. iModIntro. eauto with iFrame.
Qed.
Lemma test_seq4 (l k : loc) :
Lemma test_seq4 l k :
l C #0 -
k C #0 -
AWP (l = 2 ; 1 + (l = 1)) + (k = 2 ; 1 + (k = 1))
AWP (l = 2 ; 1 + (♯ₗl = 1)) + (♯ₗk = 2 ; 1 + (♯ₗk = 1))
{{ v, v = #4 l C[LLvl] #1 k C[LLvl] #1 }}.
Proof.
iIntros "Hl Hk".
vcg_solver. iModIntro. by eauto with iFrame.
Qed.
Definition stupid (l : loc) : expr :=
a_store (a_ret #l) (a_ret #1); a_ret #0.
Definition stupid (l : cloc) : expr :=
a_store (♯ₗ l) ( 1); a_ret #0.
Lemma test_seq_fail (l : loc) :
Lemma test_seq_fail l :
l C[ULvl] #0 -
awp (a_bin_op PlusOp (a_bin_op PlusOp (stupid l) (stupid l)) (a_ret #0))
True (λ v, l C #1).
......@@ -54,19 +54,19 @@ Section tests_vcg.
iIntros "Hl". vcg_solver. Fail by eauto with iFrame.
Abort.
Lemma test_seq5 (l k : loc) :
Lemma test_seq5 l k :
l C #0 -
k C #0 -
AWP 0 + (l = 1 ; k = 2 ; 0) {{ v, v = #0 l C #1 k C #2 }}.
AWP 0 + (l = 1 ; ♯ₗk = 2 ; 0) {{ v, v = #0 l C #1 k C #2 }}.
Proof.
iIntros "Hl Hk". vcg_solver.
repeat iModIntro. by eauto with iFrame.
Qed.
Lemma test_sp1 (l k : loc) :
Lemma test_sp1 l k :
l C #0 -
k C #0 -
AWP 1 + (l = 1 ; (k = 2) + ∗ᶜ l ; ∗ᶜ k + (l = 2))
AWP 1 + (l = 1 ; (♯ₗk = 2) + ∗ᶜ ♯ₗl ; ∗ᶜ ♯ₗk + (♯ₗl = 2))
{{ v, v = #5 l C[LLvl] #2 k C #2 }}.
Proof.
iIntros "Hl Hk". vcg_solver.
......@@ -74,40 +74,40 @@ Section tests_vcg.
eauto with iFrame.
Qed.
Lemma test_sp2 (l : loc) :
Lemma test_sp2 l :
l C #0 -
AWP 1 + (l = 1 ; ∗ᶜ l + ∗ᶜ l ; l = 2) {{ v, v = #3 l C[LLvl] #2 }}.
AWP 1 + (l = 1 ; ∗ᶜ ♯ₗl + ∗ᶜ ♯ₗl ; ♯ₗl = 2) {{ v, v = #3 l C[LLvl] #2 }}.
Proof.
iIntros "Hl". vcg_solver.
repeat iModIntro. rewrite ?Qp_half_half.
eauto with iFrame.
Qed.
Lemma store_load (s l : loc) R :
Lemma store_load s l R :
s C #0 - l C #1 -
AWP a_ret (LitV s) = ∗ᶜ (a_ret (LitV l)) @ R {{ _, s C[LLvl] #1 l C #1 }}.
AWP ♯ₗs = ∗ᶜ ♯ₗl @ R {{ _, s C[LLvl] #1 l C #1 }}.
Proof.
iIntros "Hs Hl".
vcg_solver. eauto with iFrame.
Qed.
Lemma store_load_load (s1 s2 l : loc) R :
Lemma store_load_load s1 s2 l R :
s1 C #0 - l C #1 - s2 C #0 -
AWP s1 = ∗ᶜ l ; ∗ᶜ s1 + 42 @ R {{ _, s1 C #1 l C #1 }}.
AWP s1 = ∗ᶜ ♯ₗl ; ∗ᶜ ♯ₗs1 + 42 @ R {{ _, s1 C #1 l C #1 }}.
(* (a_store (a_ret #s2) (a_load (a_ret #l)))) R (λ _, s1 ↦U #1 ∗ l ↦U #1). *)
Proof.
iIntros "Hs1 Hl Hs2". vcg_solver. iModIntro.
rewrite Qp_half_half. eauto with iFrame.
Qed.
Lemma test3 (l : loc) :
Lemma test3 l :
l C #1 -
AWP (l = 2) + (l = 2) {{ _, True }}.
AWP (l = 2) + (♯ₗl = 2) {{ _, True }}.
Proof. iIntros "Hl". vcg_solver. Abort.
Lemma test_while (l : loc) R :
Lemma test_while l R :
l C #1 -
AWP while (∗ᶜ l < 2) { l = 1 } @ R {{ _, True }}.
AWP while (∗ᶜ l < 2) { ♯ₗl = 1 } @ R {{ _, True }}.
Proof.
iIntros "Hl".
iLöb as "IH".
......
......@@ -3,7 +3,6 @@ From iris.algebra Require Import frac.
From iris.bi Require Import big_op.
From iris_c.vcgen Require Import dcexpr denv.
From iris_c.c_translation Require Import monad translation proofmode.
From iris_c.lib Require Import locking_heap U.
(*
TODO
......@@ -122,9 +121,9 @@ Section vcg.
vcg_wp_continuation E Φ v))
end
| _ =>
mapsto_wand_list E m ( (l : loc) q v,
dval_interp E dv = #l
l C{q} v (l C{q} v - vcg_wp_continuation E Φ v))%I
mapsto_wand_list E m ( (cl : cloc) q v,
dval_interp E dv = cloc_to_val cl
cl C{q} v (cl C{q} v - vcg_wp_continuation E Φ v))%I
end%I.
Definition vcg_wp_store (E : known_locs) (dv1 dv2 : dval) (m : denv)
......@@ -140,10 +139,10 @@ Section vcg.
vcg_wp_continuation E Φ (dval_interp E dv2)))
end
| _ =>
mapsto_wand_list E m ( (l : loc) (v : val),
dval_interp E dv1 = #l
dloc_interp E (dLocUnknown l) C v
(dloc_interp E (dLocUnknown l) C[LLvl] dval_interp E dv2 -
mapsto_wand_list E m ( (cl : cloc) (v : val),
dval_interp E dv1 = cloc_to_val cl
cl C v
(cl C[LLvl] dval_interp E dv2 -
vcg_wp_continuation E Φ (dval_interp E dv2)))%I
end%I.
......@@ -206,7 +205,7 @@ Section vcg_spec.
mapsto_wand_list_aux E m Φ k -
([ list] ndio m, from_option
(λ '{| denv_level := lv; denv_frac := q; denv_dval := dv |},
default 1%positive (E !! (k + n)%nat) C[lv]{q} dval_interp E dv) True dio) - Φ.
default inhabitant (E !! (k + n)%nat) C[lv]{q} dval_interp E dv) True dio) - Φ.
Proof.
iIntros "H". iInduction m as [|[[x q dv]|]] "IH" forall (k); simpl; first auto.
- iIntros "[H1 H2]". rewrite -plus_n_O. iSpecialize ("H" with "H1").
......@@ -230,15 +229,13 @@ Section vcg_spec.
revert ms ms' mNew dv. induction de;
intros ms ms' mNew dv Hsp; simplify_eq/=; eauto.
- destruct (vcg_sp E ms de) as [[[ms1 mNew1] dv1]|] eqn:Hout; simplify_eq /=.
destruct dv1 as [dv1|dv1]; destruct dv1; simplify_eq/=.
destruct d as [i|?]; simplify_eq/=.
destruct dv1 as [?|[i|?]|]; simplify_eq/=.
destruct (denv_delete_frac_2 i ms1 mNew1) as [[[[ms2 mNew2] q] dv1]|] eqn:Hout1; simplify_eq/=.
transitivity (length ms1).
+ by eapply IHde.
+ by eapply denv_delete_frac_2_length.
- destruct (vcg_sp E ms de1) as [[[ms1 mNew1] dv1]|] eqn:Hde1; simplify_eq /=.
destruct dv1 as [dv1|dv1]; destruct dv1; simplify_eq/=.
destruct d as [i|?]; simplify_eq/=.
destruct dv1 as [?|[i|?]|]; simplify_eq/=.
destruct (vcg_sp E ms1 de2) as [[[ms2 mNew2] dv2]|] eqn:Hde2; simplify_eq /=.
destruct (denv_delete_full_2 i ms2 (denv_merge mNew1 mNew2)) as [[[ms3 mNew3] dv1]|] eqn:Hout1; simplify_eq/=.
transitivity (length ms1).
......@@ -271,8 +268,7 @@ Section vcg_spec.
iApply awp_ret. wp_value_head. iSplit; eauto. rewrite /denv_interp //.
- specialize (IHde ms).
destruct (vcg_sp E ms de) as [[[ms1 mNew1] dv1]|]; simplify_eq /=.
destruct dv1 as [dv1|dv1]; destruct dv1; simplify_eq/=.
destruct d as [i|?]; simplify_eq/=.
destruct dv1 as [?|[i|?]|]; simplify_eq/=.
destruct (denv_delete_frac_2 i ms1 mNew1) as [[[[ms2 mNew2] q] dv1]|] eqn:Hfar; simplify_eq/=.
iPoseProof IHde as "Hawp"; first done.
iPoseProof denv_delete_frac_2_interp as "Hm"; first eassumption.
......@@ -289,8 +285,7 @@ Section vcg_spec.
by iFrame.
- specialize (IHde1 ms).
destruct (vcg_sp E ms de1) as [[[ms1 mNew1] dv1]|]; simplify_eq /=.
destruct dv1 as [dv1|dv1]; destruct dv1; simplify_eq/=.
destruct d as [i|?]; simplify_eq/=.
destruct dv1 as [?|[i|?]|]; simplify_eq/=.
specialize (IHde2 ms1).
destruct (vcg_sp E ms1 de2) as [[[ms2 mNew2] dv2]|]; simplify_eq /=.
destruct (denv_delete_full_2 i ms2 (denv_merge mNew1 mNew2))
......@@ -391,16 +386,14 @@ Section vcg_spec.
revert ms ms' mNew dv. induction de;
intros ms ms' mNew dv Hwfms Hwfde Hsp; simplify_eq/=; eauto.
- destruct (vcg_sp E ms de) as [[[ms1 mNew1] dv1]|] eqn:Hsp1; simplify_eq /=.
destruct dv1 as [dv1|dv1]; destruct dv1; simplify_eq/=.
destruct d as [i|?]; simplify_eq/=.
destruct dv1 as [?|[i|?]|]; simplify_eq/=.
destruct (denv_delete_frac_2 i ms1 mNew1) as [[[[ms2 mNew2] q] dv1]|] eqn:Hout1; simplify_eq/=.
destruct (IHde _ _ _ _ Hwfms Hwfde Hsp1) as (?&?&?).
eapply denv_wf_delete_frac_2 in Hout1; eauto.
destruct Hout1 as (?&?&?).
repeat split; eauto using denv_wf_insert.
- destruct (vcg_sp E ms de1) as [[[ms1 mNew1] dv1]|] eqn:Hsp1; simplify_eq /=.
destruct dv1 as [dv1|dv1]; destruct dv1; simplify_eq/=.
destruct d as [i|?]; simplify_eq/=.
destruct dv1 as [?|[i|?]|]; simplify_eq/=.
destruct (vcg_sp E ms1 de2) as [[[ms2 mNew2] dv2]|] eqn:Hsp2; simplify_eq /=.
destruct (denv_delete_full_2 i ms2 (denv_merge mNew1 mNew2)) as [[[ms3 mNew3] dv1]|] eqn:Hout1; simplify_eq/=.
apply andb_True in Hwfde. destruct Hwfde as [Hwfde1 Hwfde2].
......@@ -468,8 +461,8 @@ Section vcg_spec.
denv_wf E m
denv_interp E m -
vcg_wp_load E dv m Φ -
(l : loc) q w, dval_interp E dv = #l
l C{q} w (l C{q} w - vcg_wp_continuation E Φ w).
(cl : cloc) q w, dval_interp E dv = cloc_to_val cl
cl C{q} w (cl C{q} w - vcg_wp_continuation E Φ w).
Proof.
rewrite /vcg_wp_load. destruct (is_dloc E dv) as [i|] eqn:Hdloc.
+ destruct (denv_lookup i m) as [[q dv'] |] eqn:Hlkp; simpl; simplify_eq /=.
......@@ -517,10 +510,10 @@ Section vcg_spec.
dval_wf E dv2
denv_interp E m -