Commit af80690d authored by Robbert Krebbers's avatar Robbert Krebbers

Define uPred_{equiv,dist,entails} as an inductive.

This better seals off their definition. Although it did not give
much of a speedup, I think it is conceptually nicer.
parent bcfc00b8
Pipeline #110 passed with stage
...@@ -132,9 +132,9 @@ Proof. intros [??]; split; naive_solver eauto using agree_valid_le. Qed. ...@@ -132,9 +132,9 @@ Proof. intros [??]; split; naive_solver eauto using agree_valid_le. Qed.
(** Internalized properties *) (** Internalized properties *)
Lemma agree_equivI {M} a b : (to_agree a to_agree b)%I (a b : uPred M)%I. Lemma agree_equivI {M} a b : (to_agree a to_agree b)%I (a b : uPred M)%I.
Proof. split. by intros [? Hv]; apply (Hv n). apply: to_agree_ne. Qed. Proof. do 2 split. by intros [? Hv]; apply (Hv n). apply: to_agree_ne. Qed.
Lemma agree_validI {M} x y : (x y) (x y : uPred M). Lemma agree_validI {M} x y : (x y) (x y : uPred M).
Proof. by intros r n _ ?; apply: agree_op_inv. Qed. Proof. split=> r n _ ?; by apply: agree_op_inv. Qed.
End agree. End agree.
Arguments agreeC : clear implicits. Arguments agreeC : clear implicits.
......
...@@ -60,8 +60,8 @@ Proof. ...@@ -60,8 +60,8 @@ Proof.
Qed. Qed.
Lemma dec_agree_equivI {M} a b : (DecAgree a DecAgree b)%I (a = b : uPred M)%I. Lemma dec_agree_equivI {M} a b : (DecAgree a DecAgree b)%I (a = b : uPred M)%I.
Proof. split. by case. by destruct 1. Qed. Proof. do 2 split. by case. by destruct 1. Qed.
Lemma dec_agree_validI {M} (x y : dec_agreeRA) : (x y) (x = y : uPred M). Lemma dec_agree_validI {M} (x y : dec_agreeRA) : (x y) (x = y : uPred M).
Proof. intros r n _ ?. by apply: dec_agree_op_inv. Qed. Proof. split=> r n _ ?. by apply: dec_agree_op_inv. Qed.
End dec_agree. End dec_agree.
...@@ -145,7 +145,7 @@ Lemma excl_equivI {M} (x y : excl A) : ...@@ -145,7 +145,7 @@ Lemma excl_equivI {M} (x y : excl A) :
| ExclUnit, ExclUnit | ExclBot, ExclBot => True | ExclUnit, ExclUnit | ExclBot, ExclBot => True
| _, _ => False | _, _ => False
end : uPred M)%I. end : uPred M)%I.
Proof. split. by destruct 1. by destruct x, y; try constructor. Qed. Proof. do 2 split. by destruct 1. by destruct x, y; try constructor. Qed.
Lemma excl_validI {M} (x : excl A) : Lemma excl_validI {M} (x : excl A) :
( x)%I (if x is ExclBot then False else True : uPred M)%I. ( x)%I (if x is ExclBot then False else True : uPred M)%I.
Proof. by destruct x. Qed. Proof. by destruct x. Qed.
......
...@@ -138,7 +138,7 @@ Lemma option_equivI {M} (x y : option A) : ...@@ -138,7 +138,7 @@ Lemma option_equivI {M} (x y : option A) :
(x y)%I (match x, y with (x y)%I (match x, y with
| Some a, Some b => a b | None, None => True | _, _ => False | Some a, Some b => a b | None, None => True | _, _ => False
end : uPred M)%I. end : uPred M)%I.
Proof. split. by destruct 1. by destruct x, y; try constructor. Qed. Proof. do 2 split. by destruct 1. by destruct x, y; try constructor. Qed.
Lemma option_validI {M} (x : option A) : Lemma option_validI {M} (x : option A) :
( x)%I (match x with Some a => a | None => True end : uPred M)%I. ( x)%I (match x with Some a => a | None => True end : uPred M)%I.
Proof. by destruct x. Qed. Proof. by destruct x. Qed.
......
...@@ -21,10 +21,13 @@ Arguments uPred_holds {_} _%I _ _. ...@@ -21,10 +21,13 @@ Arguments uPred_holds {_} _%I _ _.
Section cofe. Section cofe.
Context {M : cmraT}. Context {M : cmraT}.
Instance uPred_equiv : Equiv (uPred M) := λ P Q, n x,
{n} x P n x Q n x. Inductive uPred_equiv' (P Q : uPred M) : Prop :=
Instance uPred_dist : Dist (uPred M) := λ n P Q, n' x, { uPred_in_equiv : n x, {n} x P n x Q n x }.
n' n {n'} x P n' x Q n' x. Instance uPred_equiv : Equiv (uPred M) := uPred_equiv'.
Inductive uPred_dist' (n : nat) (P Q : uPred M) : Prop :=
{ uPred_in_dist : n' x, n' n {n'} x P n' x Q n' x }.
Instance uPred_dist : Dist (uPred M) := uPred_dist'.
Program Instance uPred_compl : Compl (uPred M) := λ c, Program Instance uPred_compl : Compl (uPred M) := λ c,
{| uPred_holds n x := c (S n) n x |}. {| uPred_holds n x := c (S n) n x |}.
Next Obligation. by intros c n x y ??; simpl in *; apply uPred_ne with x. Qed. Next Obligation. by intros c n x y ??; simpl in *; apply uPred_ne with x. Qed.
...@@ -35,14 +38,16 @@ Section cofe. ...@@ -35,14 +38,16 @@ Section cofe.
Definition uPred_cofe_mixin : CofeMixin (uPred M). Definition uPred_cofe_mixin : CofeMixin (uPred M).
Proof. Proof.
split. split.
- intros P Q; split; [by intros HPQ n x i ??; apply HPQ|]. - intros P Q; split.
intros HPQ n x ?; apply HPQ with n; auto. + by intros HPQ n; split=> i x ??; apply HPQ.
+ intros HPQ; split=> n x ?; apply HPQ with n; auto.
- intros n; split. - intros n; split.
+ by intros P x i. + by intros P; split=> x i.
+ by intros P Q HPQ x i ??; symmetry; apply HPQ. + by intros P Q HPQ; split=> x i ??; symmetry; apply HPQ.
+ by intros P Q Q' HP HQ i x ??; trans (Q i x);[apply HP|apply HQ]. + intros P Q Q' HP HQ; split=> i x ??.
- intros n P Q HPQ i x ??; apply HPQ; auto. by trans (Q i x);[apply HP|apply HQ].
- intros n c i x ??; symmetry; apply (chain_cauchy c i (S n)); auto. - intros n P Q HPQ; split=> i x ??; apply HPQ; auto.
- intros n c; split=>i x ??; symmetry; apply (chain_cauchy c i (S n)); auto.
Qed. Qed.
Canonical Structure uPredC : cofeT := CofeT uPred_cofe_mixin. Canonical Structure uPredC : cofeT := CofeT uPred_cofe_mixin.
End cofe. End cofe.
...@@ -71,30 +76,32 @@ Qed. ...@@ -71,30 +76,32 @@ Qed.
Instance uPred_map_ne {M1 M2 : cmraT} (f : M2 -n> M1) Instance uPred_map_ne {M1 M2 : cmraT} (f : M2 -n> M1)
`{!CMRAMonotone f} n : Proper (dist n ==> dist n) (uPred_map f). `{!CMRAMonotone f} n : Proper (dist n ==> dist n) (uPred_map f).
Proof. Proof.
by intros x1 x2 Hx n' y; split; apply Hx; auto using validN_preserving. intros x1 x2 Hx; split=> n' y ??.
split; apply Hx; auto using validN_preserving.
Qed. Qed.
Lemma uPred_map_id {M : cmraT} (P : uPred M): uPred_map cid P P. Lemma uPred_map_id {M : cmraT} (P : uPred M): uPred_map cid P P.
Proof. by intros n x ?. Qed. Proof. by split=> n x ?. Qed.
Lemma uPred_map_compose {M1 M2 M3 : cmraT} (f : M1 -n> M2) (g : M2 -n> M3) Lemma uPred_map_compose {M1 M2 M3 : cmraT} (f : M1 -n> M2) (g : M2 -n> M3)
`{!CMRAMonotone f, !CMRAMonotone g} (P : uPred M3): `{!CMRAMonotone f, !CMRAMonotone g} (P : uPred M3):
uPred_map (g f) P uPred_map f (uPred_map g P). uPred_map (g f) P uPred_map f (uPred_map g P).
Proof. by intros n x Hx. Qed. Proof. by split=> n x Hx. Qed.
Lemma uPred_map_ext {M1 M2 : cmraT} (f g : M1 -n> M2) Lemma uPred_map_ext {M1 M2 : cmraT} (f g : M1 -n> M2)
`{!CMRAMonotone f, !CMRAMonotone g} : `{!CMRAMonotone f} `{!CMRAMonotone g}:
( x, f x g x) x, uPred_map f x uPred_map g x. ( x, f x g x) -> x, uPred_map f x uPred_map g x.
Proof. move=> Hfg x P n Hx /=. by rewrite /uPred_holds /= Hfg. Qed. Proof. intros Hf P; split=> n x Hx /=; by rewrite /uPred_holds /= Hf. Qed.
Definition uPredC_map {M1 M2 : cmraT} (f : M2 -n> M1) `{!CMRAMonotone f} : Definition uPredC_map {M1 M2 : cmraT} (f : M2 -n> M1) `{!CMRAMonotone f} :
uPredC M1 -n> uPredC M2 := CofeMor (uPred_map f : uPredC M1 uPredC M2). uPredC M1 -n> uPredC M2 := CofeMor (uPred_map f : uPredC M1 uPredC M2).
Lemma upredC_map_ne {M1 M2 : cmraT} (f g : M2 -n> M1) Lemma upredC_map_ne {M1 M2 : cmraT} (f g : M2 -n> M1)
`{!CMRAMonotone f, !CMRAMonotone g} n : `{!CMRAMonotone f, !CMRAMonotone g} n :
f {n} g uPredC_map f {n} uPredC_map g. f {n} g uPredC_map f {n} uPredC_map g.
Proof. Proof.
by intros Hfg P n' y ??; by intros Hfg P; split=> n' y ??;
rewrite /uPred_holds /= (dist_le _ _ _ _(Hfg y)); last lia. rewrite /uPred_holds /= (dist_le _ _ _ _(Hfg y)); last lia.
Qed. Qed.
(** logical entailement *) (** logical entailement *)
Definition uPred_entails {M} (P Q : uPred M) := n x, {n} x P n x Q n x. Inductive uPred_entails {M} (P Q : uPred M) : Prop :=
{ uPred_in_entails : n x, {n} x P n x Q n x }.
Hint Extern 0 (uPred_entails _ _) => reflexivity. Hint Extern 0 (uPred_entails _ _) => reflexivity.
Instance uPred_entails_rewrite_relation M : RewriteRelation (@uPred_entails M). Instance uPred_entails_rewrite_relation M : RewriteRelation (@uPred_entails M).
...@@ -218,9 +225,9 @@ Definition uPred_iff {M} (P Q : uPred M) : uPred M := ((P → Q) ∧ (Q → P))% ...@@ -218,9 +225,9 @@ Definition uPred_iff {M} (P Q : uPred M) : uPred M := ((P → Q) ∧ (Q → P))%
Infix "↔" := uPred_iff : uPred_scope. Infix "↔" := uPred_iff : uPred_scope.
Class TimelessP {M} (P : uPred M) := timelessP : P (P False). Class TimelessP {M} (P : uPred M) := timelessP : P (P False).
Arguments timelessP {_} _ {_} _ _ _ _. Arguments timelessP {_} _ {_}.
Class AlwaysStable {M} (P : uPred M) := always_stable : P P. Class AlwaysStable {M} (P : uPred M) := always_stable : P P.
Arguments always_stable {_} _ {_} _ _ _ _. Arguments always_stable {_} _ {_}.
Module uPred. Section uPred_logic. Module uPred. Section uPred_logic.
Context {M : cmraT}. Context {M : cmraT}.
...@@ -229,15 +236,20 @@ Implicit Types P Q : uPred M. ...@@ -229,15 +236,20 @@ Implicit Types P Q : uPred M.
Implicit Types A : Type. Implicit Types A : Type.
Notation "P ⊑ Q" := (@uPred_entails M P%I Q%I). (* Force implicit argument M *) Notation "P ⊑ Q" := (@uPred_entails M P%I Q%I). (* Force implicit argument M *)
Arguments uPred_holds {_} !_ _ _ /. Arguments uPred_holds {_} !_ _ _ /.
Hint Immediate uPred_in_entails.
Global Instance: PreOrder (@uPred_entails M). Global Instance: PreOrder (@uPred_entails M).
Proof. split. by intros P x i. by intros P Q Q' HP HQ x i ??; apply HQ, HP. Qed. Proof.
split.
* by intros P; split=> x i.
* by intros P Q Q' HP HQ; split=> x i ??; apply HQ, HP.
Qed.
Global Instance: AntiSymm () (@uPred_entails M). Global Instance: AntiSymm () (@uPred_entails M).
Proof. intros P Q HPQ HQP; split; auto. Qed. Proof. intros P Q HPQ HQP; split=> x n; by split; [apply HPQ|apply HQP]. Qed.
Lemma equiv_spec P Q : P Q P Q Q P. Lemma equiv_spec P Q : P Q P Q Q P.
Proof. Proof.
split; [|by intros [??]; apply (anti_symm ())]. split; [|by intros [??]; apply (anti_symm ())].
intros HPQ; split; intros x i; apply HPQ. intros HPQ; split; split=> x i; apply HPQ.
Qed. Qed.
Lemma equiv_entails P Q : P Q P Q. Lemma equiv_entails P Q : P Q P Q.
Proof. apply equiv_spec. Qed. Proof. apply equiv_spec. Qed.
...@@ -253,31 +265,34 @@ Qed. ...@@ -253,31 +265,34 @@ Qed.
(** Non-expansiveness and setoid morphisms *) (** Non-expansiveness and setoid morphisms *)
Global Instance const_proper : Proper (iff ==> ()) (@uPred_const M). Global Instance const_proper : Proper (iff ==> ()) (@uPred_const M).
Proof. by intros φ1 φ2 Hφ [|n] ??; try apply Hφ. Qed. Proof. intros φ1 φ2 Hφ. by split=> -[|n] ?; try apply Hφ. Qed.
Global Instance and_ne n : Proper (dist n ==> dist n ==> dist n) (@uPred_and M). Global Instance and_ne n : Proper (dist n ==> dist n ==> dist n) (@uPred_and M).
Proof. Proof.
intros P P' HP Q Q' HQ; split; intros [??]; split; by apply HP || by apply HQ. intros P P' HP Q Q' HQ; split=> x n' ??.
split; (intros [??]; split; [by apply HP|by apply HQ]).
Qed. Qed.
Global Instance and_proper : Global Instance and_proper :
Proper (() ==> () ==> ()) (@uPred_and M) := ne_proper_2 _. Proper (() ==> () ==> ()) (@uPred_and M) := ne_proper_2 _.
Global Instance or_ne n : Proper (dist n ==> dist n ==> dist n) (@uPred_or M). Global Instance or_ne n : Proper (dist n ==> dist n ==> dist n) (@uPred_or M).
Proof. Proof.
intros P P' HP Q Q' HQ; split; intros [?|?]; intros P P' HP Q Q' HQ; split=> x n' ??.
first [by left; apply HP | by right; apply HQ]. split; (intros [?|?]; [left; by apply HP|right; by apply HQ]).
Qed. Qed.
Global Instance or_proper : Global Instance or_proper :
Proper (() ==> () ==> ()) (@uPred_or M) := ne_proper_2 _. Proper (() ==> () ==> ()) (@uPred_or M) := ne_proper_2 _.
Global Instance impl_ne n : Global Instance impl_ne n :
Proper (dist n ==> dist n ==> dist n) (@uPred_impl M). Proper (dist n ==> dist n ==> dist n) (@uPred_impl M).
Proof. Proof.
intros P P' HP Q Q' HQ; split; intros HPQ x' n'' ????; apply HQ,HPQ,HP; auto. intros P P' HP Q Q' HQ; split=> x n' ??.
split; intros HPQ x' n'' ????; apply HQ, HPQ, HP; auto.
Qed. Qed.
Global Instance impl_proper : Global Instance impl_proper :
Proper (() ==> () ==> ()) (@uPred_impl M) := ne_proper_2 _. Proper (() ==> () ==> ()) (@uPred_impl M) := ne_proper_2 _.
Global Instance sep_ne n : Proper (dist n ==> dist n ==> dist n) (@uPred_sep M). Global Instance sep_ne n : Proper (dist n ==> dist n ==> dist n) (@uPred_sep M).
Proof. Proof.
intros P P' HP Q Q' HQ n' x ??; split; intros (x1&x2&?&?&?); cofe_subst x; intros P P' HP Q Q' HQ; split=> n' x ??.
exists x1, x2; split_and?; try (apply HP || apply HQ); split; intros (x1&x2&?&?&?); cofe_subst x;
exists x1, x2; split_and!; try (apply HP || apply HQ);
eauto using cmra_validN_op_l, cmra_validN_op_r. eauto using cmra_validN_op_l, cmra_validN_op_r.
Qed. Qed.
Global Instance sep_proper : Global Instance sep_proper :
...@@ -285,7 +300,7 @@ Global Instance sep_proper : ...@@ -285,7 +300,7 @@ Global Instance sep_proper :
Global Instance wand_ne n : Global Instance wand_ne n :
Proper (dist n ==> dist n ==> dist n) (@uPred_wand M). Proper (dist n ==> dist n ==> dist n) (@uPred_wand M).
Proof. Proof.
intros P P' HP Q Q' HQ n' x ??; split; intros HPQ n'' x' ???; intros P P' HP Q Q' HQ; split=> n' x ??; split; intros HPQ x' n'' ???;
apply HQ, HPQ, HP; eauto using cmra_validN_op_r. apply HQ, HPQ, HP; eauto using cmra_validN_op_r.
Qed. Qed.
Global Instance wand_proper : Global Instance wand_proper :
...@@ -293,41 +308,51 @@ Global Instance wand_proper : ...@@ -293,41 +308,51 @@ Global Instance wand_proper :
Global Instance eq_ne (A : cofeT) n : Global Instance eq_ne (A : cofeT) n :
Proper (dist n ==> dist n ==> dist n) (@uPred_eq M A). Proper (dist n ==> dist n ==> dist n) (@uPred_eq M A).
Proof. Proof.
intros x x' Hx y y' Hy n' z; split; intros; simpl in *. intros x x' Hx y y' Hy; split=> n' z; split; intros; simpl in *.
- by rewrite -(dist_le _ _ _ _ Hx) -?(dist_le _ _ _ _ Hy); auto. * by rewrite -(dist_le _ _ _ _ Hx) -?(dist_le _ _ _ _ Hy); auto.
- by rewrite (dist_le _ _ _ _ Hx) ?(dist_le _ _ _ _ Hy); auto. * by rewrite (dist_le _ _ _ _ Hx) ?(dist_le _ _ _ _ Hy); auto.
Qed. Qed.
Global Instance eq_proper (A : cofeT) : Global Instance eq_proper (A : cofeT) :
Proper (() ==> () ==> ()) (@uPred_eq M A) := ne_proper_2 _. Proper (() ==> () ==> ()) (@uPred_eq M A) := ne_proper_2 _.
Global Instance forall_ne A : Global Instance forall_ne A n :
Proper (pointwise_relation _ (dist n) ==> dist n) (@uPred_forall M A). Proper (pointwise_relation _ (dist n) ==> dist n) (@uPred_forall M A).
Proof. by intros n Ψ1 Ψ2 HΨ n' x; split; intros HP a; apply HΨ. Qed. Proof. by intros Ψ1 Ψ2 HΨ; split=> n' x; split; intros HP a; apply HΨ. Qed.
Global Instance forall_proper A : Global Instance forall_proper A :
Proper (pointwise_relation _ () ==> ()) (@uPred_forall M A). Proper (pointwise_relation _ () ==> ()) (@uPred_forall M A).
Proof. by intros Ψ1 Ψ2 HΨ n' x; split; intros HP a; apply HΨ. Qed. Proof. by intros Ψ1 Ψ2 HΨ; split=> n' x; split; intros HP a; apply HΨ. Qed.
Global Instance exist_ne A : Global Instance exist_ne A n :
Proper (pointwise_relation _ (dist n) ==> dist n) (@uPred_exist M A). Proper (pointwise_relation _ (dist n) ==> dist n) (@uPred_exist M A).
Proof. by intros n P1 P2 HP x; split; intros [a ?]; exists a; apply HP. Qed. Proof.
intros Ψ1 Ψ2 HΨ; split=> n' x ??; split; intros [a ?]; exists a; by apply HΨ.
Qed.
Global Instance exist_proper A : Global Instance exist_proper A :
Proper (pointwise_relation _ () ==> ()) (@uPred_exist M A). Proper (pointwise_relation _ () ==> ()) (@uPred_exist M A).
Proof. by intros P1 P2 HP n' x; split; intros [a ?]; exists a; apply HP. Qed. Proof.
intros Ψ1 Ψ2 HΨ; split=> n' x ?; split; intros [a ?]; exists a; by apply HΨ.
Qed.
Global Instance later_contractive : Contractive (@uPred_later M). Global Instance later_contractive : Contractive (@uPred_later M).
Proof. Proof.
intros n P Q HPQ [|n'] x ??; simpl; [done|]. intros n P Q HPQ; split=> -[|n'] x ??; simpl; [done|].
apply (HPQ n'); eauto using cmra_validN_S. apply (HPQ n'); eauto using cmra_validN_S.
Qed. Qed.
Global Instance later_proper : Global Instance later_proper :
Proper (() ==> ()) (@uPred_later M) := ne_proper _. Proper (() ==> ()) (@uPred_later M) := ne_proper _.
Global Instance always_ne n: Proper (dist n ==> dist n) (@uPred_always M). Global Instance always_ne n : Proper (dist n ==> dist n) (@uPred_always M).
Proof. intros P1 P2 HP n' x; split; apply HP; eauto using cmra_unit_validN. Qed. Proof.
intros P1 P2 HP; split=> n' x; split; apply HP; eauto using cmra_unit_validN.
Qed.
Global Instance always_proper : Global Instance always_proper :
Proper (() ==> ()) (@uPred_always M) := ne_proper _. Proper (() ==> ()) (@uPred_always M) := ne_proper _.
Global Instance ownM_ne n : Proper (dist n ==> dist n) (@uPred_ownM M). Global Instance ownM_ne n : Proper (dist n ==> dist n) (@uPred_ownM M).
Proof. move=> a b Ha n' x ? /=. by rewrite (dist_le _ _ _ _ Ha); last lia. Qed. Proof.
intros a b Ha; split=> n' x ? /=. by rewrite (dist_le _ _ _ _ Ha); last lia.
Qed.
Global Instance ownM_proper: Proper (() ==> ()) (@uPred_ownM M) := ne_proper _. Global Instance ownM_proper: Proper (() ==> ()) (@uPred_ownM M) := ne_proper _.
Global Instance valid_ne {A : cmraT} n : Global Instance valid_ne {A : cmraT} n :
Proper (dist n ==> dist n) (@uPred_valid M A). Proper (dist n ==> dist n) (@uPred_valid M A).
Proof. move=> a b Ha n' x ? /=. by rewrite (dist_le _ _ _ _ Ha); last lia. Qed. Proof.
intros a b Ha; split=> n' x ? /=. by rewrite (dist_le _ _ _ _ Ha); last lia.
Qed.
Global Instance valid_proper {A : cmraT} : Global Instance valid_proper {A : cmraT} :
Proper (() ==> ()) (@uPred_valid M A) := ne_proper _. Proper (() ==> ()) (@uPred_valid M A) := ne_proper _.
Global Instance iff_ne n : Proper (dist n ==> dist n ==> dist n) (@uPred_iff M). Global Instance iff_ne n : Proper (dist n ==> dist n ==> dist n) (@uPred_iff M).
...@@ -337,43 +362,45 @@ Global Instance iff_proper : ...@@ -337,43 +362,45 @@ Global Instance iff_proper :
(** Introduction and elimination rules *) (** Introduction and elimination rules *)
Lemma const_intro φ P : φ P φ. Lemma const_intro φ P : φ P φ.
Proof. by intros ???. Qed. Proof. by intros ?; split. Qed.
Lemma const_elim φ Q R : Q φ (φ Q R) Q R. Lemma const_elim φ Q R : Q φ (φ Q R) Q R.
Proof. intros HQP HQR n x ??; apply HQR; first eapply (HQP n); eauto. Qed. Proof. intros HQP HQR; split=> n x ??; apply HQR; first eapply HQP; eauto. Qed.
Lemma False_elim P : False P. Lemma False_elim P : False P.
Proof. by intros n x ?. Qed. Proof. by split=> n x ?. Qed.
Lemma and_elim_l P Q : (P Q) P. Lemma and_elim_l P Q : (P Q) P.
Proof. by intros n x ? [??]. Qed. Proof. by split=> n x ? [??]. Qed.
Lemma and_elim_r P Q : (P Q) Q. Lemma and_elim_r P Q : (P Q) Q.
Proof. by intros n x ? [??]. Qed. Proof. by split=> n x ? [??]. Qed.
Lemma and_intro P Q R : P Q P R P (Q R). Lemma and_intro P Q R : P Q P R P (Q R).
Proof. intros HQ HR n x ??; split; auto. Qed. Proof. intros HQ HR; split=> n x ??; by split; [apply HQ|apply HR]. Qed.
Lemma or_intro_l P Q : P (P Q). Lemma or_intro_l P Q : P (P Q).
Proof. intros n x ??; left; auto. Qed. Proof. split=> n x ??; left; auto. Qed.
Lemma or_intro_r P Q : Q (P Q). Lemma or_intro_r P Q : Q (P Q).
Proof. intros n x ??; right; auto. Qed. Proof. split=> n x ??; right; auto. Qed.
Lemma or_elim P Q R : P R Q R (P Q) R. Lemma or_elim P Q R : P R Q R (P Q) R.
Proof. intros HP HQ n x ? [?|?]. by apply HP. by apply HQ. Qed. Proof. intros HP HQ; split=> n x ? [?|?]. by apply HP. by apply HQ. Qed.
Lemma impl_intro_r P Q R : (P Q) R P (Q R). Lemma impl_intro_r P Q R : (P Q) R P (Q R).
Proof. Proof.
intros HQ; repeat intro; apply HQ; naive_solver eauto using uPred_weaken. intros HQ; split=> n x ?? n' x' ????.
apply HQ; naive_solver eauto using uPred_weaken.
Qed. Qed.
Lemma impl_elim P Q R : P (Q R) P Q P R. Lemma impl_elim P Q R : P (Q R) P Q P R.
Proof. by intros HP HP' n x ??; apply HP with n x, HP'. Qed. Proof. by intros HP HP'; split=> n x ??; apply HP with n x, HP'. Qed.
Lemma forall_intro {A} P (Ψ : A uPred M): ( a, P Ψ a) P ( a, Ψ a). Lemma forall_intro {A} P (Ψ : A uPred M): ( a, P Ψ a) P ( a, Ψ a).
Proof. by intros HPΨ n x ?? a; apply HPΨ. Qed. Proof. by intros HPΨ; split=> n x ?? a; apply HPΨ. Qed.
Lemma forall_elim {A} {Ψ : A uPred M} a : ( a, Ψ a) Ψ a. Lemma forall_elim {A} {Ψ : A uPred M} a : ( a, Ψ a) Ψ a.
Proof. intros n x ? HP; apply HP. Qed. Proof. split=> n x ? HP; apply HP. Qed.
Lemma exist_intro {A} {Ψ : A uPred M} a : Ψ a ( a, Ψ a). Lemma exist_intro {A} {Ψ : A uPred M} a : Ψ a ( a, Ψ a).
Proof. by intros n x ??; exists a. Qed. Proof. by split=> n x ??; exists a. Qed.
Lemma exist_elim {A} (Φ : A uPred M) Q : ( a, Φ a Q) ( a, Φ a) Q. Lemma exist_elim {A} (Φ : A uPred M) Q : ( a, Φ a Q) ( a, Φ a) Q.
Proof. by intros HΦΨ n x ? [a ?]; apply HΦΨ with a. Qed. Proof. by intros HΦΨ; split=> n x ? [a ?]; apply HΦΨ with a. Qed.
Lemma eq_refl {A : cofeT} (a : A) P : P (a a). Lemma eq_refl {A : cofeT} (a : A) P : P (a a).
Proof. by intros n x ??; simpl. Qed. Proof. by split=> n x ??; simpl. Qed.
Lemma eq_rewrite {A : cofeT} a b (Ψ : A uPred M) P Lemma eq_rewrite {A : cofeT} a b (Ψ : A uPred M) P
`{HΨ : n, Proper (dist n ==> dist n) Ψ} : P (a b) P Ψ a P Ψ b. `{HΨ : n, Proper (dist n ==> dist n) Ψ} : P (a b) P Ψ a P Ψ b.
Proof. Proof.
intros Hab Ha n x ??; apply HΨ with n a; auto. by symmetry; apply Hab with x. intros Hab Ha; split=> n x ??.
apply HΨ with n a; auto. by symmetry; apply Hab with x. by apply Ha.
Qed. Qed.
Lemma eq_equiv `{Empty M, !CMRAIdentity M} {A : cofeT} (a b : A) : Lemma eq_equiv `{Empty M, !CMRAIdentity M} {A : cofeT} (a b : A) :
True (a b) a b. True (a b) a b.
...@@ -382,7 +409,7 @@ Proof. ...@@ -382,7 +409,7 @@ Proof.
apply cmra_valid_validN, cmra_empty_valid. apply cmra_valid_validN, cmra_empty_valid.
Qed. Qed.
Lemma iff_equiv P Q : True (P Q) P Q. Lemma iff_equiv P Q : True (P Q) P Q.
Proof. by intros HPQ n x ?; split; intros; apply HPQ with n x. Qed. Proof. by intros HPQ; split=> n x ?; split; intros; apply HPQ with n x. Qed.
(* Derived logical stuff *) (* Derived logical stuff *)
Lemma True_intro P : P True. Lemma True_intro P : P True.
...@@ -552,23 +579,23 @@ Proof. apply (eq_rewrite a b (λ b, b ≡ a)%I); auto using eq_refl. solve_ne. Q ...@@ -552,23 +579,23 @@ Proof. apply (eq_rewrite a b (λ b, b ≡ a)%I); auto using eq_refl. solve_ne. Q
(* BI connectives *) (* BI connectives *)
Lemma sep_mono P P' Q Q' : P Q P' Q' (P P') (Q Q'). Lemma sep_mono P P' Q Q' : P Q P' Q' (P P') (Q Q').
Proof. Proof.
intros HQ HQ' n' x ? (x1&x2&?&?&?); exists x1, x2; cofe_subst x; intros HQ HQ'; split; intros n' x ? (x1&x2&?&?&?); exists x1,x2; cofe_subst x;
eauto 7 using cmra_validN_op_l, cmra_validN_op_r. eauto 7 using cmra_validN_op_l, cmra_validN_op_r, uPred_in_entails.
Qed. Qed.
Global Instance True_sep : LeftId () True%I (@uPred_sep M). Global Instance True_sep : LeftId () True%I (@uPred_sep M).
Proof. Proof.
intros P n x Hvalid; split. intros P; split=> n x Hvalid; split.
- intros (x1&x2&?&_&?); cofe_subst; eauto using uPred_weaken, cmra_included_r. - intros (x1&x2&?&_&?); cofe_subst; eauto