Commit 21c3fd10 by Amin Timany

### Simplify the proof of factorial refinement

parent 75cfa329
Pipeline #13324 passed with stage
in 6 minutes and 50 seconds
 ... @@ -3,12 +3,6 @@ From iris_examples.logrel.F_mu_ref_conc Require Import ... @@ -3,12 +3,6 @@ From iris_examples.logrel.F_mu_ref_conc Require Import soundness_binary rules rules_binary. soundness_binary rules rules_binary. From iris.program_logic Require Import adequacy. From iris.program_logic Require Import adequacy. Fixpoint mathfact n := match n with | O => 1 | S m => n * (mathfact m) end. Definition fact : expr := Definition fact : expr := Rec (If (BinOp Eq (Var 1) (#n 0)) Rec (If (BinOp Eq (Var 1) (#n 0)) (#n 1) (#n 1) ... @@ -85,10 +79,9 @@ Section fact_equiv. ... @@ -85,10 +79,9 @@ Section fact_equiv. iIntros (j K) "Hj"; simpl. iIntros (j K) "Hj"; simpl. iMod (do_step_pure with "[\$Hj]") as "Hj"; auto. iMod (do_step_pure with "[\$Hj]") as "Hj"; auto. asimpl. asimpl. iApply (wp_mono _ _ _ (λ v, j ⤇ fill K (#n (mathfact n)) ∗ ⌜v = #nv (mathfact n)⌝))%I. iApply (wp_mono _ _ _ (λ v, ∃ m, j ⤇ fill K (#n (1 * m)) ∗ ⌜v = #nv m⌝))%I. { iIntros (?) "[? %]"; iExists (#nv _); iFrame; eauto. } { iIntros (?). iDestruct 1 as (m) "[Hm %]"; subst. replace (fill K (#n mathfact n)) with (fill K (#n (1 * mathfact n))) iExists (#nv _); iFrame; eauto. } by by repeat f_equal; lia. generalize 1 as l => l. generalize 1 as l => l. iInduction n as [|n] "IH" forall (l). iInduction n as [|n] "IH" forall (l). - iApply wp_pure_step_later; auto. - iApply wp_pure_step_later; auto. ... @@ -108,7 +101,7 @@ Section fact_equiv. ... @@ -108,7 +101,7 @@ Section fact_equiv. iNext; simpl. iNext; simpl. iMod (do_step_pure with "[\$Hj]") as "Hj"; auto. iMod (do_step_pure with "[\$Hj]") as "Hj"; auto. iApply wp_value. iApply wp_value. replace (l * 1) with l by lia. iExists 1. replace (l * 1) with l by lia. auto. auto. - iApply wp_pure_step_later; auto. - iApply wp_pure_step_later; auto. iNext; simpl; asimpl. iNext; simpl; asimpl. ... @@ -141,10 +134,11 @@ Section fact_equiv. ... @@ -141,10 +134,11 @@ Section fact_equiv. asimpl. asimpl. replace (n -0) with n by lia. replace (n -0) with n by lia. iApply wp_wand_r; iSplitL; first iApply ("IH" with "[Hj]"); eauto. iApply wp_wand_r; iSplitL; first iApply ("IH" with "[Hj]"); eauto. iIntros (v) "[H %]"; simplify_eq. iIntros (v). iDestruct 1 as (m) "[H %]"; simplify_eq. iApply wp_pure_step_later; auto. iApply wp_pure_step_later; auto. iNext; simpl; iApply wp_value. iNext; simpl; iApply wp_value. replace (l * (mathfact n + n * mathfact n)) with ((l + n * l) * mathfact n) iExists ((S n) * m); simpl. replace (l * (m + n * m)) with ((l + n * l) * m) by lia. by lia. iFrame; auto. iFrame; auto. Qed. Qed. ... @@ -163,9 +157,10 @@ Section fact_equiv. ... @@ -163,9 +157,10 @@ Section fact_equiv. iApply wp_pure_step_later; auto. iApply wp_pure_step_later; auto. iNext; asimpl. iNext; asimpl. rewrite -/fact. rewrite -/fact. iApply (wp_mono _ _ _ (λ v, j ⤇ fill K (#n (mathfact n)) ∗ ⌜v = #nv (1 * mathfact n)⌝))%I. iApply (wp_mono _ _ _ (λ v, ∃ m, j ⤇ fill K (#n m) ∗ ⌜v = #nv (1 * m)⌝))%I. { replace (1 * mathfact n) with (mathfact n) by lia. { iIntros (?). iDestruct 1 as (m) "[? %]"; simplify_eq. iIntros (?) "[? %]"; iExists (#nv _); iFrame; eauto. } replace (1 * m) with m by lia. iExists (#nv _); iFrame; eauto. } generalize 1 as l => l. generalize 1 as l => l. iInduction n as [|n] "IH" forall (K l). iInduction n as [|n] "IH" forall (K l). - rewrite fact_acc_body_unfold. - rewrite fact_acc_body_unfold. ... @@ -187,6 +182,7 @@ Section fact_equiv. ... @@ -187,6 +182,7 @@ Section fact_equiv. iApply wp_pure_step_later; auto. iApply wp_pure_step_later; auto. iNext; simpl. iNext; simpl. iApply wp_value. iApply wp_value. iExists 1. replace (l * 1) with l by lia; auto. replace (l * 1) with l by lia; auto. - rewrite {2}fact_acc_body_unfold. - rewrite {2}fact_acc_body_unfold. iApply (wp_bind (fill [AppLCtx _])). iApply (wp_bind (fill [AppLCtx _])). ... @@ -224,11 +220,13 @@ Section fact_equiv. ... @@ -224,11 +220,13 @@ Section fact_equiv. iApply wp_fupd. iApply wp_fupd. iApply wp_wand_r; iSplitL; iApply wp_wand_r; iSplitL; first iApply ("IH" \$! (BinOpRCtx _ (#nv _) :: K) with "[\$Hj]"); eauto. first iApply ("IH" \$! (BinOpRCtx _ (#nv _) :: K) with "[\$Hj]"); eauto. iIntros (v) "[Hj %]"; simplify_eq. iIntros (v). iDestruct 1 as (m) "[Hj %]"; simplify_eq. simpl. simpl. iMod (do_step_pure with "[\$Hj]") as "Hj"; auto. iMod (do_step_pure with "[\$Hj]") as "Hj"; auto. simpl. simpl. iModIntro. iFrame. iModIntro. iExists (S n * m). iFrame. eauto with lia. eauto with lia. Qed. Qed. ... ...
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!