Commit 2c6727dc by Robbert Krebbers

### Use Φ and Ψ for (value-) indexed uPreds/iProps.

```This avoids ambiguity with P and Q that we were using before for both
uPreds/iProps and indexed uPreds/iProps.```
parent 5e9653fb
 ... @@ -124,11 +124,11 @@ Next Obligation. ... @@ -124,11 +124,11 @@ Next Obligation. Qed. Qed. Next Obligation. intros M P Q x1 x2 [|n]; auto with lia. Qed. Next Obligation. intros M P Q x1 x2 [|n]; auto with lia. Qed. Program Definition uPred_forall {M A} (P : A → uPred M) : uPred M := Program Definition uPred_forall {M A} (Ψ : A → uPred M) : uPred M := {| uPred_holds n x := ∀ a, P a n x |}. {| uPred_holds n x := ∀ a, Ψ a n x |}. Solve Obligations with naive_solver eauto 2 using uPred_ne, uPred_weaken. Solve Obligations with naive_solver eauto 2 using uPred_ne, uPred_weaken. Program Definition uPred_exist {M A} (P : A → uPred M) : uPred M := Program Definition uPred_exist {M A} (Ψ : A → uPred M) : uPred M := {| uPred_holds n x := ∃ a, P a n x |}. {| uPred_holds n x := ∃ a, Ψ a n x |}. Solve Obligations with naive_solver eauto 2 using uPred_ne, uPred_weaken. Solve Obligations with naive_solver eauto 2 using uPred_ne, uPred_weaken. Program Definition uPred_eq {M} {A : cofeT} (a1 a2 : A) : uPred M := Program Definition uPred_eq {M} {A : cofeT} (a1 a2 : A) : uPred M := ... @@ -299,10 +299,10 @@ Global Instance eq_proper (A : cofeT) : ... @@ -299,10 +299,10 @@ Global Instance eq_proper (A : cofeT) : Proper ((≡) ==> (≡) ==> (≡)) (@uPred_eq M A) := ne_proper_2 _. Proper ((≡) ==> (≡) ==> (≡)) (@uPred_eq M A) := ne_proper_2 _. Global Instance forall_ne A : Global Instance forall_ne A : Proper (pointwise_relation _ (dist n) ==> dist n) (@uPred_forall M A). Proper (pointwise_relation _ (dist n) ==> dist n) (@uPred_forall M A). Proof. by intros n P1 P2 HP12 x n'; split; intros HP a; apply HP12. Qed. Proof. by intros n Ψ1 Ψ2 HΨ x n'; split; intros HP a; apply HΨ. Qed. Global Instance forall_proper A : Global Instance forall_proper A : Proper (pointwise_relation _ (≡) ==> (≡)) (@uPred_forall M A). Proper (pointwise_relation _ (≡) ==> (≡)) (@uPred_forall M A). Proof. by intros P1 P2 HP12 x n'; split; intros HP a; apply HP12. Qed. Proof. by intros Ψ1 Ψ2 HΨ x n'; split; intros HP a; apply HΨ. Qed. Global Instance exists_ne A : Global Instance exists_ne A : Proper (pointwise_relation _ (dist n) ==> dist n) (@uPred_exist M A). Proper (pointwise_relation _ (dist n) ==> dist n) (@uPred_exist M A). Proof. by intros n P1 P2 HP x; split; intros [a ?]; exists a; apply HP. Qed. Proof. by intros n P1 P2 HP x; split; intros [a ?]; exists a; apply HP. Qed. ... @@ -359,20 +359,20 @@ Proof. ... @@ -359,20 +359,20 @@ Proof. Qed. Qed. Lemma impl_elim P Q R : P ⊑ (Q → R) → P ⊑ Q → P ⊑ R. Lemma impl_elim P Q R : P ⊑ (Q → R) → P ⊑ Q → P ⊑ R. Proof. by intros HP HP' x n ??; apply HP with x n, HP'. Qed. Proof. by intros HP HP' x n ??; apply HP with x n, HP'. Qed. Lemma forall_intro {A} P (Q : A → uPred M): (∀ a, P ⊑ Q a) → P ⊑ (∀ a, Q a). Lemma forall_intro {A} P (Ψ : A → uPred M): (∀ a, P ⊑ Ψ a) → P ⊑ (∀ a, Ψ a). Proof. by intros HPQ x n ?? a; apply HPQ. Qed. Proof. by intros HPΨ x n ?? a; apply HPΨ. Qed. Lemma forall_elim {A} {P : A → uPred M} a : (∀ a, P a) ⊑ P a. Lemma forall_elim {A} {Ψ : A → uPred M} a : (∀ a, Ψ a) ⊑ Ψ a. Proof. intros x n ? HP; apply HP. Qed. Proof. intros x n ? HP; apply HP. Qed. Lemma exist_intro {A} {P : A → uPred M} a : P a ⊑ (∃ a, P a). Lemma exist_intro {A} {Ψ : A → uPred M} a : Ψ a ⊑ (∃ a, Ψ a). Proof. by intros x n ??; exists a. Qed. Proof. by intros x n ??; exists a. Qed. Lemma exist_elim {A} (P : A → uPred M) Q : (∀ a, P a ⊑ Q) → (∃ a, P a) ⊑ Q. Lemma exist_elim {A} (Φ : A → uPred M) Q : (∀ a, Φ a ⊑ Q) → (∃ a, Φ a) ⊑ Q. Proof. by intros HPQ x n ? [a ?]; apply HPQ with a. Qed. Proof. by intros HΦΨ x n ? [a ?]; apply HΦΨ with a. Qed. Lemma eq_refl {A : cofeT} (a : A) P : P ⊑ (a ≡ a). Lemma eq_refl {A : cofeT} (a : A) P : P ⊑ (a ≡ a). Proof. by intros x n ??; simpl. Qed. Proof. by intros x n ??; simpl. Qed. Lemma eq_rewrite {A : cofeT} a b (Q : A → uPred M) P Lemma eq_rewrite {A : cofeT} a b (Ψ : A → uPred M) P `{HQ:∀ n, Proper (dist n ==> dist n) Q} : P ⊑ (a ≡ b) → P ⊑ Q a → P ⊑ Q b. `{HΨ : ∀ n, Proper (dist n ==> dist n) Ψ} : P ⊑ (a ≡ b) → P ⊑ Ψ a → P ⊑ Ψ b. Proof. Proof. intros Hab Ha x n ??; apply HQ with n a; auto. by symmetry; apply Hab with x. intros Hab Ha x n ??; apply HΨ with n a; auto. by symmetry; apply Hab with x. Qed. Qed. Lemma eq_equiv `{Empty M, !CMRAIdentity M} {A : cofeT} (a b : A) : Lemma eq_equiv `{Empty M, !CMRAIdentity M} {A : cofeT} (a b : A) : True ⊑ (a ≡ b) → a ≡ b. True ⊑ (a ≡ b) → a ≡ b. ... @@ -392,7 +392,7 @@ Lemma or_intro_l' P Q R : P ⊑ Q → P ⊑ (Q ∨ R). ... @@ -392,7 +392,7 @@ Lemma or_intro_l' P Q R : P ⊑ Q → P ⊑ (Q ∨ R). Proof. intros ->; apply or_intro_l. Qed. Proof. intros ->; apply or_intro_l. Qed. Lemma or_intro_r' P Q R : P ⊑ R → P ⊑ (Q ∨ R). Lemma or_intro_r' P Q R : P ⊑ R → P ⊑ (Q ∨ R). Proof. intros ->; apply or_intro_r. Qed. Proof. intros ->; apply or_intro_r. Qed. Lemma exist_intro' {A} P (Q : A → uPred M) a : P ⊑ Q a → P ⊑ (∃ a, Q a). Lemma exist_intro' {A} P (Ψ : A → uPred M) a : P ⊑ Ψ a → P ⊑ (∃ a, Ψ a). Proof. intros ->; apply exist_intro. Qed. Proof. intros ->; apply exist_intro. Qed. Hint Resolve or_elim or_intro_l' or_intro_r'. Hint Resolve or_elim or_intro_l' or_intro_r'. ... @@ -451,14 +451,14 @@ Proof. ... @@ -451,14 +451,14 @@ Proof. intros HP HQ'; apply impl_intro_l; rewrite -HQ'. intros HP HQ'; apply impl_intro_l; rewrite -HQ'. apply impl_elim with P; eauto. apply impl_elim with P; eauto. Qed. Qed. Lemma forall_mono {A} (P Q : A → uPred M) : Lemma forall_mono {A} (Φ Ψ : A → uPred M) : (∀ a, P a ⊑ Q a) → (∀ a, P a) ⊑ (∀ a, Q a). (∀ a, Φ a ⊑ Ψ a) → (∀ a, Φ a) ⊑ (∀ a, Ψ a). Proof. Proof. intros HP. apply forall_intro=> a; rewrite -(HP a); apply forall_elim. intros HP. apply forall_intro=> a; rewrite -(HP a); apply forall_elim. Qed. Qed. Lemma exist_mono {A} (P Q : A → uPred M) : Lemma exist_mono {A} (Φ Ψ : A → uPred M) : (∀ a, P a ⊑ Q a) → (∃ a, P a) ⊑ (∃ a, Q a). (∀ a, Φ a ⊑ Ψ a) → (∃ a, Φ a) ⊑ (∃ a, Ψ a). Proof. intros HP. apply exist_elim=> a; rewrite (HP a); apply exist_intro. Qed. Proof. intros HΦ. apply exist_elim=> a; rewrite (HΦ a); apply exist_intro. Qed. Global Instance const_mono' : Proper (impl ==> (⊑)) (@uPred_const M). Global Instance const_mono' : Proper (impl ==> (⊑)) (@uPred_const M). Proof. intros φ1 φ2; apply const_mono. Qed. Proof. intros φ1 φ2; apply const_mono. Qed. Global Instance and_mono' : Proper ((⊑) ==> (⊑) ==> (⊑)) (@uPred_and M). Global Instance and_mono' : Proper ((⊑) ==> (⊑) ==> (⊑)) (@uPred_and M). ... @@ -532,7 +532,7 @@ Proof. ... @@ -532,7 +532,7 @@ Proof. Qed. Qed. Lemma and_or_r P Q R : ((P ∨ Q) ∧ R)%I ≡ (P ∧ R ∨ Q ∧ R)%I. Lemma and_or_r P Q R : ((P ∨ Q) ∧ R)%I ≡ (P ∧ R ∨ Q ∧ R)%I. Proof. by rewrite -!(comm _ R) and_or_l. Qed. Proof. by rewrite -!(comm _ R) and_or_l. Qed. Lemma and_exist_l {A} P (Q : A → uPred M) : (P ∧ ∃ a, Q a)%I ≡ (∃ a, P ∧ Q a)%I. Lemma and_exist_l {A} P (Ψ : A → uPred M) : (P ∧ ∃ a, Ψ a)%I ≡ (∃ a, P ∧ Ψ a)%I. Proof. Proof. apply (anti_symm (⊑)). apply (anti_symm (⊑)). - apply impl_elim_r'. apply exist_elim=>a. apply impl_intro_l. - apply impl_elim_r'. apply exist_elim=>a. apply impl_intro_l. ... @@ -540,10 +540,9 @@ Proof. ... @@ -540,10 +540,9 @@ Proof. - apply exist_elim=>a. apply and_intro; first by rewrite and_elim_l. - apply exist_elim=>a. apply and_intro; first by rewrite and_elim_l. by rewrite -(exist_intro a) and_elim_r. by rewrite -(exist_intro a) and_elim_r. Qed. Qed. Lemma and_exist_r {A} P (Q : A → uPred M) : ((∃ a, Q a) ∧ P)%I ≡ (∃ a, Q a ∧ P)%I. Lemma and_exist_r {A} P (Φ: A → uPred M) : ((∃ a, Φ a) ∧ P)%I ≡ (∃ a, Φ a ∧ P)%I. Proof. Proof. rewrite -(comm _ P) and_exist_l. rewrite -(comm _ P) and_exist_l. apply exist_proper=>a. by rewrite comm. apply exist_proper=>a. by rewrite comm. Qed. Qed. (* BI connectives *) (* BI connectives *) ... @@ -652,18 +651,18 @@ Proof. ... @@ -652,18 +651,18 @@ Proof. Qed. Qed. Lemma sep_or_r P Q R : ((P ∨ Q) ★ R)%I ≡ ((P ★ R) ∨ (Q ★ R))%I. Lemma sep_or_r P Q R : ((P ∨ Q) ★ R)%I ≡ ((P ★ R) ∨ (Q ★ R))%I. Proof. by rewrite -!(comm _ R) sep_or_l. Qed. Proof. by rewrite -!(comm _ R) sep_or_l. Qed. Lemma sep_exist_l {A} P (Q : A → uPred M) : (P ★ ∃ a, Q a)%I ≡ (∃ a, P ★ Q a)%I. Lemma sep_exist_l {A} P (Ψ : A → uPred M) : (P ★ ∃ a, Ψ a)%I ≡ (∃ a, P ★ Ψ a)%I. Proof. Proof. intros; apply (anti_symm (⊑)). intros; apply (anti_symm (⊑)). - apply wand_elim_r', exist_elim=>a. apply wand_intro_l. - apply wand_elim_r', exist_elim=>a. apply wand_intro_l. by rewrite -(exist_intro a). by rewrite -(exist_intro a). - apply exist_elim=> a; apply sep_mono; auto using exist_intro. - apply exist_elim=> a; apply sep_mono; auto using exist_intro. Qed. Qed. Lemma sep_exist_r {A} (P: A → uPred M) Q: ((∃ a, P a) ★ Q)%I ≡ (∃ a, P a ★ Q)%I. Lemma sep_exist_r {A} (Φ: A → uPred M) Q: ((∃ a, Φ a) ★ Q)%I ≡ (∃ a, Φ a ★ Q)%I. Proof. setoid_rewrite (comm _ _ Q); apply sep_exist_l. Qed. Proof. setoid_rewrite (comm _ _ Q); apply sep_exist_l. Qed. Lemma sep_forall_l {A} P (Q : A → uPred M) : (P ★ ∀ a, Q a) ⊑ (∀ a, P ★ Q a). Lemma sep_forall_l {A} P (Ψ : A → uPred M) : (P ★ ∀ a, Ψ a) ⊑ (∀ a, P ★ Ψ a). Proof. by apply forall_intro=> a; rewrite forall_elim. Qed. Proof. by apply forall_intro=> a; rewrite forall_elim. Qed. Lemma sep_forall_r {A} (P : A → uPred M) Q : ((∀ a, P a) ★ Q) ⊑ (∀ a, P a ★ Q). Lemma sep_forall_r {A} (Φ : A → uPred M) Q : ((∀ a, Φ a) ★ Q) ⊑ (∀ a, Φ a ★ Q). Proof. by apply forall_intro=> a; rewrite forall_elim. Qed. Proof. by apply forall_intro=> a; rewrite forall_elim. Qed. (* Later *) (* Later *) ... @@ -685,12 +684,12 @@ Lemma later_and P Q : (▷ (P ∧ Q))%I ≡ (▷ P ∧ ▷ Q)%I. ... @@ -685,12 +684,12 @@ Lemma later_and P Q : (▷ (P ∧ Q))%I ≡ (▷ P ∧ ▷ Q)%I. Proof. by intros x [|n]; split. Qed. Proof. by intros x [|n]; split. Qed. Lemma later_or P Q : (▷ (P ∨ Q))%I ≡ (▷ P ∨ ▷ Q)%I. Lemma later_or P Q : (▷ (P ∨ Q))%I ≡ (▷ P ∨ ▷ Q)%I. Proof. intros x [|n]; simpl; tauto. Qed. Proof. intros x [|n]; simpl; tauto. Qed. Lemma later_forall {A} (P : A → uPred M) : (▷ ∀ a, P a)%I ≡ (∀ a, ▷ P a)%I. Lemma later_forall {A} (Φ : A → uPred M) : (▷ ∀ a, Φ a)%I ≡ (∀ a, ▷ Φ a)%I. Proof. by intros x [|n]. Qed. Proof. by intros x [|n]. Qed. Lemma later_exist_1 {A} (P : A → uPred M) : (∃ a, ▷ P a) ⊑ (▷ ∃ a, P a). Lemma later_exist_1 {A} (Φ : A → uPred M) : (∃ a, ▷ Φ a) ⊑ (▷ ∃ a, Φ a). Proof. by intros x [|[|n]]. Qed. Proof. by intros x [|[|n]]. Qed. Lemma later_exist `{Inhabited A} (P : A → uPred M) : Lemma later_exist `{Inhabited A} (Φ : A → uPred M) : (▷ ∃ a, P a)%I ≡ (∃ a, ▷ P a)%I. (▷ ∃ a, Φ a)%I ≡ (∃ a, ▷ Φ a)%I. Proof. intros x [|[|n]]; split; done || by exists inhabitant; simpl. Qed. Proof. intros x [|[|n]]; split; done || by exists inhabitant; simpl. Qed. Lemma later_sep P Q : (▷ (P ★ Q))%I ≡ (▷ P ★ ▷ Q)%I. Lemma later_sep P Q : (▷ (P ★ Q))%I ≡ (▷ P ★ ▷ Q)%I. Proof. Proof. ... @@ -718,10 +717,10 @@ Lemma later_wand P Q : ▷ (P -★ Q) ⊑ (▷ P -★ ▷ Q). ... @@ -718,10 +717,10 @@ Lemma later_wand P Q : ▷ (P -★ Q) ⊑ (▷ P -★ ▷ Q). Proof. apply wand_intro_r;rewrite -later_sep; apply later_mono,wand_elim_l. Qed. Proof. apply wand_intro_r;rewrite -later_sep; apply later_mono,wand_elim_l. Qed. Lemma later_iff P Q : (▷ (P ↔ Q)) ⊑ (▷P ↔ ▷Q). Lemma later_iff P Q : (▷ (P ↔ Q)) ⊑ (▷P ↔ ▷Q). Proof. by rewrite /uPred_iff later_and !later_impl. Qed. Proof. by rewrite /uPred_iff later_and !later_impl. Qed. Lemma löb_all_1 {A} (P Q : A → uPred M) : Lemma löb_all_1 {A} (Φ Ψ : A → uPred M) : (∀ a, (▷(∀ b, P b → Q b) ∧ P a) ⊑ Q a) → ∀ a, P a ⊑ Q a. (∀ a, (▷ (∀ b, Φ b → Ψ b) ∧ Φ a) ⊑ Ψ a) → ∀ a, Φ a ⊑ Ψ a. Proof. Proof. intros Hlöb a. apply impl_entails. transitivity (∀ a, P a → Q a)%I; last first. intros Hlöb a. apply impl_entails. transitivity (∀ a, Φ a → Ψ a)%I; last first. { by rewrite (forall_elim a). } clear a. { by rewrite (forall_elim a). } clear a. etransitivity; last by eapply löb. etransitivity; last by eapply löb. apply impl_intro_l, forall_intro=>a. rewrite right_id. by apply impl_intro_r. apply impl_intro_l, forall_intro=>a. rewrite right_id. by apply impl_intro_r. ... @@ -744,9 +743,9 @@ Lemma always_and P Q : (□ (P ∧ Q))%I ≡ (□ P ∧ □ Q)%I. ... @@ -744,9 +743,9 @@ Lemma always_and P Q : (□ (P ∧ Q))%I ≡ (□ P ∧ □ Q)%I. Proof. done. Qed. Proof. done. Qed. Lemma always_or P Q : (□ (P ∨ Q))%I ≡ (□ P ∨ □ Q)%I. Lemma always_or P Q : (□ (P ∨ Q))%I ≡ (□ P ∨ □ Q)%I. Proof. done. Qed. Proof. done. Qed. Lemma always_forall {A} (P : A → uPred M) : (□ ∀ a, P a)%I ≡ (∀ a, □ P a)%I. Lemma always_forall {A} (Ψ : A → uPred M) : (□ ∀ a, Ψ a)%I ≡ (∀ a, □ Ψ a)%I. Proof. done. Qed. Proof. done. Qed. Lemma always_exist {A} (P : A → uPred M) : (□ ∃ a, P a)%I ≡ (∃ a, □ P a)%I. Lemma always_exist {A} (Ψ : A → uPred M) : (□ ∃ a, Ψ a)%I ≡ (∃ a, □ Ψ a)%I. Proof. done. Qed. Proof. done. Qed. Lemma always_and_sep_1 P Q : □ (P ∧ Q) ⊑ □ (P ★ Q). Lemma always_and_sep_1 P Q : □ (P ∧ Q) ⊑ □ (P ★ Q). Proof. Proof. ... @@ -898,14 +897,14 @@ Proof. ... @@ -898,14 +897,14 @@ Proof. apply HP, HPQ, uPred_weaken with x' (S n'); apply HP, HPQ, uPred_weaken with x' (S n'); eauto 3 using cmra_validN_le, cmra_validN_op_r. eauto 3 using cmra_validN_le, cmra_validN_op_r. Qed. Qed. Global Instance forall_timeless {A} (P : A → uPred M) : Global Instance forall_timeless {A} (Ψ : A → uPred M) : (∀ x, TimelessP (P x)) → TimelessP (∀ x, P x). (∀ x, TimelessP (Ψ x)) → TimelessP (∀ x, Ψ x). Proof. by setoid_rewrite timelessP_spec=>HP x n ?? a; apply HP. Qed. Proof. by setoid_rewrite timelessP_spec=> HΨ x n ?? a; apply HΨ. Qed. Global Instance exist_timeless {A} (P : A → uPred M) : Global Instance exist_timeless {A} (Ψ : A → uPred M) : (∀ x, TimelessP (P x)) → TimelessP (∃ x, P x). (∀ x, TimelessP (Ψ x)) → TimelessP (∃ x, Ψ x). Proof. Proof. by setoid_rewrite timelessP_spec=>HP x [|n] ?; by setoid_rewrite timelessP_spec=> HΨ x [|n] ?; [|intros [a ?]; exists a; apply HP]. [|intros [a ?]; exists a; apply HΨ]. Qed. Qed. Global Instance always_timeless P : TimelessP P → TimelessP (□ P). Global Instance always_timeless P : TimelessP P → TimelessP (□ P). Proof. Proof. ... @@ -940,11 +939,11 @@ Global Instance or_always_stable P Q : AS P → AS Q → AS (P ∨ Q). ... @@ -940,11 +939,11 @@ Global Instance or_always_stable P Q : AS P → AS Q → AS (P ∨ Q). Proof. by intros; rewrite /AlwaysStable always_or; apply or_mono. Qed. Proof. by intros; rewrite /AlwaysStable always_or; apply or_mono. Qed. Global Instance sep_always_stable P Q: AS P → AS Q → AS (P ★ Q). Global Instance sep_always_stable P Q: AS P → AS Q → AS (P ★ Q). Proof. by intros; rewrite /AlwaysStable always_sep; apply sep_mono. Qed. Proof. by intros; rewrite /AlwaysStable always_sep; apply sep_mono. Qed. Global Instance forall_always_stable {A} (P : A → uPred M) : Global Instance forall_always_stable {A} (Ψ : A → uPred M) : (∀ x, AS (P x)) → AS (∀ x, P x). (∀ x, AS (Ψ x)) → AS (∀ x, Ψ x). Proof. by intros; rewrite /AlwaysStable always_forall; apply forall_mono. Qed. Proof. by intros; rewrite /AlwaysStable always_forall; apply forall_mono. Qed. Global Instance exist_always_stable {A} (P : A → uPred M) : Global Instance exist_always_stable {A} (Ψ : A → uPred M) : (∀ x, AS (P x)) → AS (∃ x, P x). (∀ x, AS (Ψ x)) → AS (∃ x, Ψ x). Proof. by intros; rewrite /AlwaysStable always_exist; apply exist_mono. Qed. Proof. by intros; rewrite /AlwaysStable always_exist; apply exist_mono. Qed. Global Instance eq_always_stable {A : cofeT} (a b : A) : AS (a ≡ b : uPred M)%I. Global Instance eq_always_stable {A : cofeT} (a b : A) : AS (a ≡ b : uPred M)%I. Proof. by intros; rewrite /AlwaysStable always_eq. Qed. Proof. by intros; rewrite /AlwaysStable always_eq. Qed. ... @@ -954,8 +953,8 @@ Global Instance later_always_stable P : AS P → AS (▷ P). ... @@ -954,8 +953,8 @@ Global Instance later_always_stable P : AS P → AS (▷ P). Proof. by intros; rewrite /AlwaysStable always_later; apply later_mono. Qed. Proof. by intros; rewrite /AlwaysStable always_later; apply later_mono. Qed. Global Instance ownM_unit_always_stable (a : M) : AS (uPred_ownM (unit a)). Global Instance ownM_unit_always_stable (a : M) : AS (uPred_ownM (unit a)). Proof. by rewrite /AlwaysStable always_ownM_unit. Qed. Proof. by rewrite /AlwaysStable always_ownM_unit. Qed. Global Instance default_always_stable {A} P (Q : A → uPred M) (mx : option A) : Global Instance default_always_stable {A} P (Ψ : A → uPred M) (mx : option A) : AS P → (∀ x, AS (Q x)) → AS (default P mx Q). AS P → (∀ x, AS (Ψ x)) → AS (default P mx Ψ). Proof. destruct mx; apply _. Qed. Proof. destruct mx; apply _. Qed. (* Derived lemmas for always stable *) (* Derived lemmas for always stable *) ... ...
 ... @@ -16,17 +16,17 @@ Notation "'Π★' Ps" := (uPred_big_sep Ps) (at level 20) : uPred_scope. ... @@ -16,17 +16,17 @@ Notation "'Π★' Ps" := (uPred_big_sep Ps) (at level 20) : uPred_scope. (** * Other big ops *) (** * Other big ops *) (** We use a type class to obtain overloaded notations *) (** We use a type class to obtain overloaded notations *) Definition uPred_big_sepM {M} `{Countable K} {A} Definition uPred_big_sepM {M} `{Countable K} {A} (m : gmap K A) (P : K → A → uPred M) : uPred M := (m : gmap K A) (Φ : K → A → uPred M) : uPred M := uPred_big_sep (curry P <\$> map_to_list m). uPred_big_sep (curry Φ <\$> map_to_list m). Instance: Params (@uPred_big_sepM) 6. Instance: Params (@uPred_big_sepM) 6. Notation "'Π★{map' m } P" := (uPred_big_sepM m P) Notation "'Π★{map' m } Φ" := (uPred_big_sepM m Φ) (at level 20, m at level 10, format "Π★{map m } P") : uPred_scope. (at level 20, m at level 10, format "Π★{map m } Φ") : uPred_scope. Definition uPred_big_sepS {M} `{Countable A} Definition uPred_big_sepS {M} `{Countable A} (X : gset A) (P : A → uPred M) : uPred M := uPred_big_sep (P <\$> elements X). (X : gset A) (Φ : A → uPred M) : uPred M := uPred_big_sep (Φ <\$> elements X). Instance: Params (@uPred_big_sepS) 5. Instance: Params (@uPred_big_sepS) 5. Notation "'Π★{set' X } P" := (uPred_big_sepS X P) Notation "'Π★{set' X } Φ" := (uPred_big_sepS X Φ) (at level 20, X at level 10, format "Π★{set X } P") : uPred_scope. (at level 20, X at level 10, format "Π★{set X } Φ") : uPred_scope. (** * Always stability for lists *) (** * Always stability for lists *) Class AlwaysStableL {M} (Ps : list (uPred M)) := Class AlwaysStableL {M} (Ps : list (uPred M)) := ... @@ -97,56 +97,56 @@ Proof. induction 1; simpl; auto with I. Qed. ... @@ -97,56 +97,56 @@ Proof. induction 1; simpl; auto with I. Qed. Section gmap. Section gmap. Context `{Countable K} {A : Type}. Context `{Countable K} {A : Type}. Implicit Types m : gmap K A. Implicit Types m : gmap K A. Implicit Types P : K → A → uPred M. Implicit Types Φ Ψ : K → A → uPred M. Lemma big_sepM_mono P Q m1 m2 : Lemma big_sepM_mono Φ Ψ m1 m2 : m2 ⊆ m1 → (∀ x k, m2 !! k = Some x → P k x ⊑ Q k x) → m2 ⊆ m1 → (∀ x k, m2 !! k = Some x → Φ k x ⊑ Ψ k x) → (Π★{map m1} P) ⊑ (Π★{map m2} Q). (Π★{map m1} Φ) ⊑ (Π★{map m2} Ψ). Proof. Proof. intros HX HP. transitivity (Π★{map m2} P)%I. intros HX HΦ. transitivity (Π★{map m2} Φ)%I. - by apply big_sep_contains, fmap_contains, map_to_list_contains. - by apply big_sep_contains, fmap_contains, map_to_list_contains. - apply big_sep_mono', Forall2_fmap, Forall2_Forall. - apply big_sep_mono', Forall2_fmap, Forall2_Forall. apply Forall_forall=> -[i x] ? /=. by apply HP, elem_of_map_to_list. apply Forall_forall=> -[i x] ? /=. by apply HΦ, elem_of_map_to_list. Qed. Qed. Global Instance big_sepM_ne m n : Global Instance big_sepM_ne m n : Proper (pointwise_relation _ (pointwise_relation _ (dist n)) ==> (dist n)) Proper (pointwise_relation _ (pointwise_relation _ (dist n)) ==> (dist n)) (uPred_big_sepM (M:=M) m). (uPred_big_sepM (M:=M) m). Proof. Proof. intros P1 P2 HP. apply big_sep_ne, Forall2_fmap. intros Φ1 Φ2 HΦ. apply big_sep_ne, Forall2_fmap. apply Forall2_Forall, Forall_true=> -[i x]; apply HP. apply Forall2_Forall, Forall_true=> -[i x]; apply HΦ. Qed. Qed. Global Instance big_sepM_proper m : Global Instance big_sepM_proper m : Proper (pointwise_relation _ (pointwise_relation _ (≡)) ==> (≡)) Proper (pointwise_relation _ (pointwise_relation _ (≡)) ==> (≡)) (uPred_big_sepM (M:=M) m). (uPred_big_sepM (M:=M) m). Proof. Proof. intros P1 P2 HP; apply equiv_dist=> n. intros Φ1 Φ2 HΦ; apply equiv_dist=> n. apply big_sepM_ne=> k x; apply equiv_dist, HP. apply big_sepM_ne=> k x; apply equiv_dist, HΦ. Qed. Qed. Global Instance big_sepM_mono' m : Global Instance big_sepM_mono' m : Proper (pointwise_relation _ (pointwise_relation _ (⊑)) ==> (⊑)) Proper (pointwise_relation _ (pointwise_relation _ (⊑)) ==> (⊑)) (uPred_big_sepM (M:=M) m). (uPred_big_sepM (M:=M) m). Proof. intros P1 P2 HP. apply big_sepM_mono; intros; [done|apply HP]. Qed. Proof. intros Φ1 Φ2 HΦ. apply big_sepM_mono; intros; [done|apply HΦ]. Qed. Lemma big_sepM_empty P : (Π★{map ∅} P)%I ≡ True%I. Lemma big_sepM_empty Φ : (Π★{map ∅} Φ)%I ≡ True%I. Proof. by rewrite /uPred_big_sepM map_to_list_empty. Qed. Proof. by rewrite /uPred_big_sepM map_to_list_empty. Qed. Lemma big_sepM_insert P (m : gmap K A) i x : Lemma big_sepM_insert Φ (m : gmap K A) i x : m !! i = None → (Π★{map <[i:=x]> m} P)%I ≡ (P i x ★ Π★{map m} P)%I. m !! i = None → (Π★{map <[i:=x]> m} Φ)%I ≡ (Φ i x ★ Π★{map m} Φ)%I. Proof. intros ?; by rewrite /uPred_big_sepM map_to_list_insert. Qed. Proof. intros ?; by rewrite /uPred_big_sepM map_to_list_insert. Qed. Lemma big_sepM_singleton P i x : (Π★{map {[i := x]}} P)%I ≡ (P i x)%I. Lemma big_sepM_singleton Φ i x : (Π★{map {[i := x]}} Φ)%I ≡ (Φ i x)%I. Proof. Proof. rewrite -insert_empty big_sepM_insert/=; last auto using lookup_empty. rewrite -insert_empty big_sepM_insert/=; last auto using lookup_empty. by rewrite big_sepM_empty right_id. by rewrite big_sepM_empty right_id. Qed. Qed. Lemma big_sepM_sepM P Q m : Lemma big_sepM_sepM Φ Ψ m : (Π★{map m} (λ i x, P i x ★ Q i x))%I ≡ (Π★{map m} P ★ Π★{map m} Q)%I. (Π★{map m} (λ i x, Φ i x ★ Ψ i x))%I ≡ (Π★{map m} Φ ★ Π★{map m} Ψ)%I. Proof. Proof. rewrite /uPred_big_sepM. rewrite /uPred_big_sepM. induction (map_to_list m) as [|[i x] l IH]; csimpl; rewrite ?right_id //. induction (map_to_list m) as [|[i x] l IH]; csimpl; rewrite ?right_id //. by rewrite IH -!assoc (assoc _ (Q _ _)) [(Q _ _ ★ _)%I]comm -!assoc. by rewrite IH -!assoc (assoc _ (Ψ _ _)) [(Ψ _ _ ★ _)%I]comm -!assoc. Qed. Qed. Lemma big_sepM_later P m : (▷ Π★{map m} P)%I ≡ (Π★{map m} (λ i x, ▷ P i x))%I. Lemma big_sepM_later Φ m : (▷ Π★{map m} Φ)%I ≡ (Π★{map m} (λ i x, ▷ Φ i x))%I. Proof. Proof. rewrite /uPred_big_sepM. rewrite /uPred_big_sepM. induction (map_to_list m) as [|[i x] l IH]; csimpl; rewrite ?later_True //. induction (map_to_list m) as [|[i x] l IH]; csimpl; rewrite ?later_True //. ... @@ -158,56 +158,56 @@ End gmap. ... @@ -158,56 +158,56 @@ End gmap. Section gset. Section gset. Context `{Countable A}. Context `{Countable A}. Implicit Types X : gset A. Implicit Types X : gset A. Implicit Types P : A → uPred M. Implicit Types Φ : A → uPred M. Lemma big_sepS_mono P Q X Y : Lemma big_sepS_mono Φ Ψ X Y : Y ⊆ X → (∀ x, x ∈ Y → P x ⊑ Q x) → (Π★{set X} P) ⊑ (Π★{set Y} Q). Y ⊆ X → (∀ x, x ∈ Y → Φ x ⊑ Ψ x) → (Π★{set X} Φ) ⊑ (Π★{set Y} Ψ). Proof. Proof. intros HX HP. transitivity (Π★{set Y} P)%I. intros HX HΦ. transitivity (Π★{set Y} Φ)%I. - by apply big_sep_contains, fmap_contains, elements_contains. - by apply big_sep_contains, fmap_contains, elements_contains. - apply big_sep_mono', Forall2_fmap, Forall2_Forall. - apply big_sep_mono', Forall2_fmap, Forall2_Forall. apply Forall_forall=> x ? /=. by apply HP, elem_of_elements. apply Forall_forall=> x ? /=. by apply HΦ, elem_of_elements. Qed. Qed. Lemma big_sepS_ne X n : Lemma big_sepS_ne X n : Proper (pointwise_relation _ (dist n) ==> dist n) (uPred_big_sepS (M:=M) X). Proper (pointwise_relation _ (dist n) ==> dist n) (uPred_big_sepS (M:=M) X). Proof. Proof. intros P1 P2 HP. apply big_sep_ne, Forall2_fmap. intros Φ1 Φ2 HΦ. apply big_sep_ne, Forall2_fmap. apply Forall2_Forall, Forall_true=> x; apply HP. apply Forall2_Forall, Forall_true=> x; apply HΦ. Qed. Qed. Lemma big_sepS_proper X : Lemma big_sepS_proper X : Proper (pointwise_relation _ (≡) ==> (≡)) (uPred_big_sepS (M:=M) X). Proper (pointwise_relation _ (≡) ==> (≡)) (uPred_big_sepS (M:=M) X). Proof. Proof. intros P1 P2 HP; apply equiv_dist=> n. intros Φ1 Φ2 HΦ; apply equiv_dist=> n. apply big_sepS_ne=> x; apply equiv_dist, HP. apply big_sepS_ne=> x; apply equiv_dist, HΦ. Qed. Qed. Lemma big_sepS_mono' X :