diff --git a/case_studies/extra_proofs/minivec/minivec.v b/case_studies/extra_proofs/minivec/minivec.v
index f8dea5592074e18ef2e38ab70824fb2167f0b2be..cc198f955eea3a2eaaff3ac901bfba91c0184cc4 100644
--- a/case_studies/extra_proofs/minivec/minivec.v
+++ b/case_studies/extra_proofs/minivec/minivec.v
@@ -34,7 +34,7 @@ Section project_vec_els.
Lemma project_vec_els_length len els :
length (project_vec_els len els) = (len `min` length els)%nat.
- Proof. by rewrite /project_vec_els fmap_length take_length. Qed.
+ Proof. by rewrite /project_vec_els length_fmap length_take. Qed.
Lemma project_vec_els_insert_lt (len : nat) (i : nat) x els:
(i < len)%nat →
@@ -86,8 +86,8 @@ Section project_vec_els.
intros Ha.
assert (length (<#> <$#> xs) = length (project_vec_els len x2)) as Hlen.
{ rewrite Ha. done. }
- rewrite fmap_length project_vec_els_length in Hlen.
- rewrite fmap_length in Hlen.
+ rewrite length_map project_vec_els_length in Hlen.
+ rewrite length_map in Hlen.
lia.
Qed.
End project_vec_els.
diff --git a/case_studies/minivec/output/minivec/proofs/proof_Vec_T_push.v b/case_studies/minivec/output/minivec/proofs/proof_Vec_T_push.v
index f4ca557c39c1f4ced556f12f9faf3fc2308814e7..673683198e4a8705e14f5044ab24beaaccedb83f 100644
--- a/case_studies/minivec/output/minivec/proofs/proof_Vec_T_push.v
+++ b/case_studies/minivec/output/minivec/proofs/proof_Vec_T_push.v
@@ -21,7 +21,7 @@ Proof.
all: match type of Hxs with _ = project_vec_els ?len2 ?xs2 =>
rename xs2 into xs';
specialize (project_vec_els_length len2 xs') as Hlen_eq;
- rewrite -Hxs !fmap_length in Hlen_eq
+ rewrite -Hxs !length_fmap in Hlen_eq
end.
(*all: rewrite project_vec_els_length in Hlen_cap.*)
@@ -44,7 +44,7 @@ Proof.
apply (list_eq_split (length xs)).
- rewrite take_insert/=; [|lia].
rewrite !fmap_app.
- rewrite take_app_alt ?project_vec_els_length; last solve_goal.
+ rewrite take_app_length' ?project_vec_els_length; last solve_goal.
rewrite project_vec_els_take project_vec_els_take_r.
rewrite take_app_le; [|lia].
rewrite take_ge; [|lia].
@@ -52,7 +52,7 @@ Proof.
rewrite -Hxs list_fmap_compose//.
- rewrite drop_insert_le/=; [|lia].
rewrite !fmap_app.
- rewrite drop_app_alt ?project_vec_els_length; last solve_goal.
+ rewrite drop_app_length' ?project_vec_els_length; last solve_goal.
rewrite project_vec_els_drop. apply list_eq_singleton.
split; solve_goal.
}
@@ -60,7 +60,7 @@ Proof.
{
(* TODO *)
assert (length xs < length xs') as Hlt.
- { efeed pose proof (Hlook_2 (length xs)) as Hlook_3; first (simpl; lia).
+ { opose proof* (Hlook_2 (length xs)) as Hlook_3; first (simpl; lia).
apply lookup_lt_Some in Hlook_3.
lia. }
simpl in Hlt.
@@ -73,23 +73,23 @@ Proof.
{
(* TODO should get this in a different way *)
assert (length xs < length xs') as Hlt.
- { efeed pose proof (Hlook_2 (length xs)) as Hlook_3; first (simpl; lia).
+ { opose proof* (Hlook_2 (length xs)) as Hlook_3; first (simpl; lia).
apply lookup_lt_Some in Hlook_3.
lia. }
simpl in *. lia. }
{
(* TODO we should get this in a different way *)
assert (length xs < length xs') as Hlt.
- { efeed pose proof (Hlook_2 (length xs)) as Hlook_3; first (simpl; lia).
+ { opose proof* (Hlook_2 (length xs)) as Hlook_3; first (simpl; lia).
apply lookup_lt_Some in Hlook_3.
lia. }
rewrite project_vec_els_insert_lt /=; [|lia].
apply (list_eq_split (length xs)).
- rewrite take_insert/=; [|lia].
rewrite !fmap_app.
- rewrite take_app_alt ?project_vec_els_length; last solve_goal.
+ rewrite take_app_length' ?project_vec_els_length; last solve_goal.
rewrite project_vec_els_take. rewrite Hxs. f_equal. lia.
- - rewrite drop_insert_le/=; [|lia]. rewrite !fmap_app drop_app_alt ?project_vec_els_length; [|solve_goal].
+ - rewrite drop_insert_le/=; [|lia]. rewrite !fmap_app drop_app_length' ?project_vec_els_length; [|solve_goal].
rewrite project_vec_els_drop.
apply list_eq_singleton. split; first solve_goal.
normalize_and_simpl_goal. solve_goal.
diff --git a/flake.lock b/flake.lock
index 1dabb1f1eff9e3c6529a7df5501d4513b9d31f56..edf1f92dfd318851711bd3f742394418149ee3f3 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,17 +1,12 @@
{
"nodes": {
"crane": {
- "inputs": {
- "nixpkgs": [
- "nixpkgs"
- ]
- },
"locked": {
- "lastModified": 1713979152,
- "narHash": "sha256-apdecPuh8SOQnkEET/kW/UcfjCRb8JbV5BKjoH+DcP4=",
+ "lastModified": 1742394900,
+ "narHash": "sha256-vVOAp9ahvnU+fQoKd4SEXB2JG2wbENkpqcwlkIXgUC0=",
"owner": "ipetkov",
"repo": "crane",
- "rev": "a5eca68a2cf11adb32787fc141cddd29ac8eb79c",
+ "rev": "70947c1908108c0c551ddfd73d4f750ff2ea67cd",
"type": "github"
},
"original": {
@@ -28,11 +23,11 @@
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
- "lastModified": 1714026264,
- "narHash": "sha256-rIRsxOZ/eUnWVHfbJlXXQtYriPICFgHGyao5jxm1FMQ=",
+ "lastModified": 1742366221,
+ "narHash": "sha256-GhWGWyGUvTF7H2DDGlQehsve1vRqIKAFhxy6D82Nj3Q=",
"owner": "nix-community",
"repo": "fenix",
- "rev": "4e14e4f21fbd7afae40a492b7d937cbf16f76b11",
+ "rev": "a074d1bc9fd34f6b3a9049c5a61a82aea2044801",
"type": "github"
},
"original": {
@@ -46,11 +41,11 @@
"systems": "systems"
},
"locked": {
- "lastModified": 1710146030,
- "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
+ "lastModified": 1731533236,
+ "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
- "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
+ "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
@@ -61,16 +56,16 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1713828541,
- "narHash": "sha256-KtvQeE12MSkCOhvVmnmcZCjnx7t31zWin2XVSDOwBDE=",
+ "lastModified": 1742268799,
+ "narHash": "sha256-IhnK4LhkBlf14/F8THvUy3xi/TxSQkp9hikfDZRD4Ic=",
"owner": "NixOS",
"repo": "nixpkgs",
- "rev": "b500489fd3cf653eafc075f9362423ad5cdd8676",
+ "rev": "da044451c6a70518db5b730fe277b70f494188f1",
"type": "github"
},
"original": {
"id": "nixpkgs",
- "ref": "nixos-23.11",
+ "ref": "nixos-24.11",
"type": "indirect"
}
},
@@ -85,11 +80,11 @@
"rust-analyzer-src": {
"flake": false,
"locked": {
- "lastModified": 1713944769,
- "narHash": "sha256-CmR7q1UAgW9OaJaahz3gCzzUY4ROvVI92xjfSp9xot4=",
+ "lastModified": 1742296961,
+ "narHash": "sha256-gCpvEQOrugHWLimD1wTFOJHagnSEP6VYBDspq96Idu0=",
"owner": "rust-lang",
"repo": "rust-analyzer",
- "rev": "73a427588a787847fb0e9547d7615200587165db",
+ "rev": "15d87419f1a123d8f888d608129c3ce3ff8f13d4",
"type": "github"
},
"original": {
diff --git a/flake.nix b/flake.nix
index 2ef40849ac9e2e73f3477e7984b3eaae38d2a3e7..bfd3900b1223efc18d33e8fa3b1b2188e06615db 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,12 +1,9 @@
{
inputs = {
- nixpkgs.url = "nixpkgs/nixos-23.11";
+ nixpkgs.url = "nixpkgs/nixos-24.11";
flake-utils.url = "github:numtide/flake-utils";
- crane = {
- url = "github:ipetkov/crane";
- inputs.nixpkgs.follows = "nixpkgs";
- };
+ crane.url = "github:ipetkov/crane";
fenix = {
url = "github:nix-community/fenix";
@@ -23,72 +20,57 @@
}:
flake-utils.lib.eachDefaultSystem (system: let
ocamlFlambda = _: prev: rec {
- ocamlPackages_4_14 = prev.ocamlPackages.overrideScope' (_: prev: {
- ocaml = prev.ocaml.override {flambdaSupport = true;};
+ ocamlPackages = prev.ocamlPackages.overrideScope (_: prev: {
+ ocaml = prev.ocaml.override {
+ flambdaSupport = true;
+ };
});
- coqPackages_8_17 = prev.coqPackages_8_17.overrideScope' (_: prev: {
+ coqPackages = prev.coqPackages_8_20.overrideScope (_: prev: {
coq = prev.coq.override {
- ocamlPackages_4_14 = ocamlPackages_4_14;
+ customOCamlPackages = ocamlPackages;
};
});
};
+
overlays = [fenix.overlays.default ocamlFlambda];
pkgs = import nixpkgs {inherit overlays system;};
name = "refinedrust";
version = "0.1.0";
+ meta = with pkgs.lib; {
+ homepage = "https://gitlab.mpi-sws.org/lgaeher/refinedrust-dev";
+ license = licenses.bsd3;
+ };
+
coq = {
- pkgs = pkgs.coqPackages_8_17;
+ pkgs = pkgs.coqPackages;
toolchain = [coq.pkgs.coq] ++ coq.pkgs.coq.nativeBuildInputs;
version = coq.pkgs.coq.coq-version;
stdpp = {
- version = "4be5fd62ddbd5359f912e2cebb415b015c37e565";
- sha256 = "sha256-9pNWjPy1l1EovcKZchC/23FwlllD/Oa3jEOtN5tDzik=";
+ version = "9b19c60ce8fb8ccc518b5ecdbf025642afab7835";
+ sha256 = "sha256-BJ3nmS//EQFaU4kaJsUTZ9MO5zw3V3aoCPB62I0h/OI=";
};
iris = {
- version = "1de1b3112754e14a4968534572e118a23344eafe";
- sha256 = "sha256-Cimb3XxnchPSWVGMSyWmJdLQqHMilw11o2hq/4h8dVQ=";
+ version = "8a8f05fb7de603d25df5797d1ba5a0efb2cbc658";
+ sha256 = "sha256-Ypffk0cnhKRODRQylsP3/kyRQ2dSMOJ1sCkA/v89z34=";
};
lambda-rust = {
- version = "4ec2733cce240e3595c37cb926eb000455be77a4";
- sha256 = "sha256-kX9NIPPOoajuJDVly9qGUCCd3lt8Da2k0dZnDY2zKbY=";
+ version = "74bdf4e8a67147232f0a80ab6f648c20503a76bb";
+ sha256 = "sha256-cq5eroG13wnfbFGGLuqCm+9425ZmPaboj7CZaPBx35g=";
};
};
- meta = with pkgs.lib; {
- homepage = "https://gitlab.mpi-sws.org/lgaeher/refinedrust-dev";
- license = licenses.bsd3;
- };
-
rust = {
toolchain = pkgs.fenix.fromToolchainFile {
file = ./rust-toolchain.toml;
sha256 = "sha256-0NR5RJ4nNCMl9ZQDA6eGAyrDWS8fB28xIIS1QGLlOxw=";
};
- env = let
- cargo-bindeps = pkgs.symlinkJoin {
- name = "cargo-bindeps";
- paths = [pkgs.cargo];
- nativeBuildInputs = [pkgs.makeWrapper];
- postBuild = ''
- wrapProgram $out/bin/cargo \
- --add-flags "-Zbindeps"
- '';
- };
-
- craneLib = (crane.mkLib pkgs).overrideScope (_: prev: {
- downloadCargoPackageFromGit = prev.downloadCargoPackageFromGit.override (args: {
- pkgsBuildBuild = args.pkgsBuildBuild // {cargo = cargo-bindeps;};
- });
- });
- in
- craneLib.overrideToolchain rust.toolchain;
-
+ env = (crane.mkLib pkgs).overrideToolchain rust.toolchain;
lib = "${rust.toolchain}/lib/rustlib/$(rustc -Vv | grep '^host:' | cut -d' ' -f2)/lib";
src = "${rust.toolchain}/lib/rustlib/rustc-src/rust/compiler";
};
@@ -125,7 +107,6 @@
lambda-rust = mkDepCoqDerivation coq.lambda-rust {
pname = "lambda-rust";
- owner = "lgaeher";
propagatedBuildInputs = [iris];
};
@@ -160,6 +141,8 @@
[makeWrapper]
++ lib.optionals stdenv.isDarwin [libzip libiconv];
+ doNotRemoveReferencesToRustToolchain = true;
+
postInstall = with pkgs.lib.strings; ''
wrapProgram $out/bin/refinedrust-rustc \
--set LD_LIBRARY_PATH "${rust.lib}" \
diff --git a/scripts/setup-coq.sh b/scripts/setup-coq.sh
index c893d9499821cc11f0128283b904261d9d439c14..ed3f4f048e899859caef2e0cfc56d5765ce76694 100755
--- a/scripts/setup-coq.sh
+++ b/scripts/setup-coq.sh
@@ -10,6 +10,6 @@ opam repo add coq-released https://coq.inria.fr/opam/released
opam repo add iris-dev https://gitlab.mpi-sws.org/iris/opam.git
# install deps
-opam pin add coq-lambda-rust.dev https://gitlab.mpi-sws.org/lgaeher/lambda-rust.git#rr --no-action -y
+#opam pin add coq-lambda-rust.dev https://gitlab.mpi-sws.org/lgaeher/lambda-rust.git#rr --no-action -y
export OPAMFLAGS="$OPAMFLAGS -y"
make builddep
diff --git a/theories/caesium/base.v b/theories/caesium/base.v
index 61f7226e6450f3dabd853e8138339dbdff2990e4..5797ed96bae99fe26601973962eb28796c76c14e 100644
--- a/theories/caesium/base.v
+++ b/theories/caesium/base.v
@@ -71,12 +71,12 @@ Proof.
- rewrite Forall2_cons. by rewrite IH.
Qed.
-Lemma drop_app' {A} (l k : list A) n :
+Lemma drop_app_length' {A} (l k : list A) n :
length l = n → drop n (l ++ k) = k.
-Proof. intros <-. apply drop_app. Qed.
-Lemma take_app' {A} (l k : list A) n :
+Proof. intros <-. apply drop_app_length. Qed.
+Lemma take_app_length' {A} (l k : list A) n :
length l = n → take n (l ++ k) = l.
-Proof. intros <-. apply take_app. Qed.
+Proof. intros <-. apply take_app_length. Qed.
(* TODO move *)
@@ -90,7 +90,7 @@ Proof.
intros [-> | Ha]%elem_of_cons Hnodup.
{ exists v1. apply lookup_insert. }
inversion Hnodup as [ | ? ? Hnel Hnodup']; subst.
- efeed pose proof IH as Hb; [done | done | ].
+ opose proof* IH as Hb; [done | done | ].
destruct Hb as (v & Hlook). exists v.
rewrite lookup_insert_ne; first done.
intros ->. apply Hnel. done.
diff --git a/theories/caesium/config/dune b/theories/caesium/config/dune
index a930360397b1258e856ec204ff1322b83eff17bb..9f587536d794b4ebf00e6175ae0ad30539bec526 100644
--- a/theories/caesium/config/dune
+++ b/theories/caesium/config/dune
@@ -1,6 +1,6 @@
(coq.theory
(name caesium.config)
(package refinedrust)
- (flags :standard -w -notation-overridden -w -redundant-canonical-projection)
+ (flags :standard -w -notation-incompatible-prefix -w -redundant-canonical-projection)
(synopsis "Configuration of the Caesium language")
(theories lithium stdpp iris RecordUpdate Ltac2))
diff --git a/theories/caesium/dune b/theories/caesium/dune
index e8b460b1a85ca2a3015e18790fd1d280a96780a6..5672cecd3b85340508230e7ad308e627d73b9c9f 100644
--- a/theories/caesium/dune
+++ b/theories/caesium/dune
@@ -1,6 +1,6 @@
(coq.theory
(name caesium)
(package refinedrust)
- (flags :standard -w -notation-overridden -w -redundant-canonical-projection)
+ (flags :standard -w -notation-incompatible-prefix -w -redundant-canonical-projection)
(synopsis "Caesium language")
(theories lithium stdpp iris RecordUpdate Ltac2))
diff --git a/theories/caesium/ghost_state.v b/theories/caesium/ghost_state.v
index 6420018916042c6af4a022195d006e997089bee4..94ad7735d5225c9d3b4edda07d512a5a15bff4c9 100644
--- a/theories/caesium/ghost_state.v
+++ b/theories/caesium/ghost_state.v
@@ -142,30 +142,30 @@ Section definitions.
(** Heap stuff. *)
- Definition heap_mapsto_mbyte_st (st : lock_state) (l : loc) (id : alloc_id)
+ Definition heap_pointsto_mbyte_st (st : lock_state) (l : loc) (id : alloc_id)
(q : Qp) (b : mbyte) : iProp Σ :=
own heap_heap_name (â—¯ {[ l.2 := (q, to_lock_stateR st, to_agree (id, b)) ]}).
- Definition heap_mapsto_mbyte_def (l : loc) (q : Qp) (b : mbyte) : iProp Σ :=
- ∃ id, ⌜l.1 = ProvAlloc (Some id)⌠∗ heap_mapsto_mbyte_st (RSt 0) l id q b.
- Definition heap_mapsto_mbyte_aux : seal (@heap_mapsto_mbyte_def). by eexists. Qed.
- Definition heap_mapsto_mbyte := unseal heap_mapsto_mbyte_aux.
- Definition heap_mapsto_mbyte_eq : @heap_mapsto_mbyte = @heap_mapsto_mbyte_def :=
- seal_eq heap_mapsto_mbyte_aux.
+ Definition heap_pointsto_mbyte_def (l : loc) (q : Qp) (b : mbyte) : iProp Σ :=
+ ∃ id, ⌜l.1 = ProvAlloc (Some id)⌠∗ heap_pointsto_mbyte_st (RSt 0) l id q b.
+ Definition heap_pointsto_mbyte_aux : seal (@heap_pointsto_mbyte_def). by eexists. Qed.
+ Definition heap_pointsto_mbyte := unseal heap_pointsto_mbyte_aux.
+ Definition heap_pointsto_mbyte_eq : @heap_pointsto_mbyte = @heap_pointsto_mbyte_def :=
+ seal_eq heap_pointsto_mbyte_aux.
- Definition heap_mapsto_def (l : loc) (q : Qp) (v : val) : iProp Σ :=
+ Definition heap_pointsto_def (l : loc) (q : Qp) (v : val) : iProp Σ :=
loc_in_bounds l 0 (length v) ∗
- ([∗ list] i ↦ b ∈ v, heap_mapsto_mbyte (l +ₗ i) q b)%I.
- Definition heap_mapsto_aux : seal (@heap_mapsto_def). by eexists. Qed.
- Definition heap_mapsto := unseal heap_mapsto_aux.
- Definition heap_mapsto_eq : @heap_mapsto = @heap_mapsto_def :=
- seal_eq heap_mapsto_aux.
+ ([∗ list] i ↦ b ∈ v, heap_pointsto_mbyte (l +ₗ i) q b)%I.
+ Definition heap_pointsto_aux : seal (@heap_pointsto_def). by eexists. Qed.
+ Definition heap_pointsto := unseal heap_pointsto_aux.
+ Definition heap_pointsto_eq : @heap_pointsto = @heap_pointsto_def :=
+ seal_eq heap_pointsto_aux.
(** Token witnessing that [l] has an allocation identifier that is alive. *)
Definition alloc_alive_loc_def (l : loc) : iProp Σ :=
|={⊤, ∅}=> ((∃ id q, ⌜l.1 = ProvAlloc (Some id)⌠∗ alloc_alive id q true) ∨
- (∃ a q v, ⌜v ≠[]⌠∗ heap_mapsto (l.1, a) q v)).
+ (∃ a q v, ⌜v ≠[]⌠∗ heap_pointsto (l.1, a) q v)).
Definition alloc_alive_loc_aux : seal (@alloc_alive_loc_def). by eexists. Qed.
Definition alloc_alive_loc := unseal alloc_alive_loc_aux.
Definition alloc_alive_loc_eq : @alloc_alive_loc = @alloc_alive_loc_def :=
@@ -236,22 +236,22 @@ Section definitions.
End definitions.
Global Typeclasses Opaque alloc_meta loc_in_bounds alloc_alive alloc_global
- fntbl_entry heap_mapsto_mbyte heap_mapsto alloc_alive_loc
+ fntbl_entry heap_pointsto_mbyte heap_pointsto alloc_alive_loc
freeable.
-Notation "l ↦{ q } v" := (heap_mapsto l q v)
+Notation "l ↦{ q } v" := (heap_pointsto l q v)
(at level 20, q at level 50, format "l ↦{ q } v") : bi_scope.
-Notation "l ↦ v" := (heap_mapsto l 1 v) (at level 20) : bi_scope.
+Notation "l ↦ v" := (heap_pointsto l 1 v) (at level 20) : bi_scope.
Notation "l ↦{ q '}' ':' P" := (∃ v, l ↦{ q } v ∗ P v)%I
(at level 20, q at level 50, format "l ↦{ q '}' ':' P") : bi_scope.
Notation "l ↦: P " := (∃ v, l ↦ v ∗ P v)%I
(at level 20, format "l ↦: P") : bi_scope.
-Definition heap_mapsto_layout `{!heapG Σ} (l : loc) (q : Qp) (ly : layout) : iProp Σ :=
+Definition heap_pointsto_layout `{!heapG Σ} (l : loc) (q : Qp) (ly : layout) : iProp Σ :=
(∃ v, ⌜v `has_layout_val` ly⌠∗ ⌜l `has_layout_loc` ly⌠∗ l ↦{q} v).
-Notation "l ↦{ q }| ly |" := (heap_mapsto_layout l q ly)
+Notation "l ↦{ q }| ly |" := (heap_pointsto_layout l q ly)
(at level 20, q at level 50, format "l ↦{ q }| ly |") : bi_scope.
-Notation "l ↦| ly | " := (heap_mapsto_layout l 1%Qp ly)
+Notation "l ↦| ly | " := (heap_pointsto_layout l 1%Qp ly)
(at level 20, format "l ↦| ly |") : bi_scope.
Section heap.
@@ -651,41 +651,41 @@ Section heap.
Implicit Types σ : state.
Implicit Types E : coPset.
- Global Instance heap_mapsto_mbyte_tl l q v : Timeless (heap_mapsto_mbyte l q v).
- Proof. rewrite heap_mapsto_mbyte_eq. apply _. Qed.
+ Global Instance heap_pointsto_mbyte_tl l q v : Timeless (heap_pointsto_mbyte l q v).
+ Proof. rewrite heap_pointsto_mbyte_eq. apply _. Qed.
- Global Instance heap_mapsto_mbyte_frac l v :
- Fractional (λ q, heap_mapsto_mbyte l q v)%I.
+ Global Instance heap_pointsto_mbyte_frac l v :
+ Fractional (λ q, heap_pointsto_mbyte l q v)%I.
Proof.
- intros p q. rewrite heap_mapsto_mbyte_eq. iSplit.
+ intros p q. rewrite heap_pointsto_mbyte_eq. iSplit.
- iDestruct 1 as (??) "[H1 H2]". iSplitL "H1"; iExists id; by iSplit.
- iIntros "[H1 H2]". iDestruct "H1" as (??) "H1". iDestruct "H2" as (??) "H2".
destruct l; simplify_eq/=. iExists _. iSplit; first done. by iSplitL "H1".
Qed.
- Global Instance heap_mapsto_mbyte_as_fractional l q v:
- AsFractional (heap_mapsto_mbyte l q v) (λ q, heap_mapsto_mbyte l q v)%I q.
+ Global Instance heap_pointsto_mbyte_as_fractional l q v:
+ AsFractional (heap_pointsto_mbyte l q v) (λ q, heap_pointsto_mbyte l q v)%I q.
Proof. split; [done|]. apply _. Qed.
- Global Instance heap_mapsto_timeless l q v : Timeless (l↦{q}v).
- Proof. rewrite heap_mapsto_eq. apply _. Qed.
+ Global Instance heap_pointsto_timeless l q v : Timeless (l↦{q}v).
+ Proof. rewrite heap_pointsto_eq. apply _. Qed.
- Global Instance heap_mapsto_fractional l v: Fractional (λ q, l ↦{q} v)%I.
- Proof. rewrite heap_mapsto_eq. apply _. Qed.
+ Global Instance heap_pointsto_fractional l v: Fractional (λ q, l ↦{q} v)%I.
+ Proof. rewrite heap_pointsto_eq. apply _. Qed.
- Global Instance heap_mapsto_as_fractional l q v:
+ Global Instance heap_pointsto_as_fractional l q v:
AsFractional (l ↦{q} v) (λ q, l ↦{q} v)%I q.
Proof. split; first done. apply _. Qed.
- Lemma heap_mapsto_loc_in_bounds l q v:
+ Lemma heap_pointsto_loc_in_bounds l q v:
l ↦{q} v -∗ loc_in_bounds l 0 (length v).
- Proof. rewrite heap_mapsto_eq. iIntros "[$ _]". Qed.
+ Proof. rewrite heap_pointsto_eq. iIntros "[$ _]". Qed.
- Lemma heap_mapsto_is_alloc l q v :
+ Lemma heap_pointsto_is_alloc l q v :
l ↦{q} v -∗
⌜(∃ aid, l.1 = ProvAlloc (Some aid)) ∨ (l.1 = ProvAlloc None ∧ l.2 ≠0%nat ∧ v = [])âŒ.
Proof.
- iIntros "Hl". iPoseProof (heap_mapsto_loc_in_bounds with "Hl") as "Hlb".
+ iIntros "Hl". iPoseProof (heap_pointsto_loc_in_bounds with "Hl") as "Hlb".
iPoseProof (loc_in_bounds_is_alloc with "Hlb") as "%Ha".
iPoseProof (loc_in_bounds_ptr_in_range with "Hlb") as "%Hran".
iPureIntro. rewrite /min_alloc_start in Hran. destruct Hran as [Hran _].
@@ -693,53 +693,53 @@ Section heap.
right. destruct v; simpl in *; eauto with lia.
Qed.
- Lemma heap_mapsto_loc_in_bounds_0 l q v:
+ Lemma heap_pointsto_loc_in_bounds_0 l q v:
l ↦{q} v -∗ loc_in_bounds l 0 0.
Proof.
iIntros "Hl". iApply loc_in_bounds_shorten_suf; last first.
- - by iApply heap_mapsto_loc_in_bounds.
+ - by iApply heap_pointsto_loc_in_bounds.
- lia.
Qed.
- Lemma heap_mapsto_nil l q:
+ Lemma heap_pointsto_nil l q:
l ↦{q} [] ⊣⊢ loc_in_bounds l 0 0.
- Proof. rewrite heap_mapsto_eq/heap_mapsto_def /=. solve_sep_entails. Qed.
+ Proof. rewrite heap_pointsto_eq/heap_pointsto_def /=. solve_sep_entails. Qed.
- Lemma heap_mapsto_cons_mbyte l b v q:
- l ↦{q} (b::v) ⊣⊢ heap_mapsto_mbyte l q b ∗ loc_in_bounds l 0 1 ∗ (l +ₗ 1) ↦{q} v.
+ Lemma heap_pointsto_cons_mbyte l b v q:
+ l ↦{q} (b::v) ⊣⊢ heap_pointsto_mbyte l q b ∗ loc_in_bounds l 0 1 ∗ (l +ₗ 1) ↦{q} v.
Proof.
- rewrite heap_mapsto_eq/heap_mapsto_def /= shift_loc_0. setoid_rewrite shift_loc_assoc.
+ rewrite heap_pointsto_eq/heap_pointsto_def /= shift_loc_0. setoid_rewrite shift_loc_assoc.
have Hn:(∀ n, Z.of_nat (S n) = 1 + n) by lia. setoid_rewrite Hn.
have ->:(∀ n, S n = 1 + n)%nat by lia.
rewrite -loc_in_bounds_split_suf.
solve_sep_entails.
Qed.
- Lemma heap_mapsto_cons l b v q:
+ Lemma heap_pointsto_cons l b v q:
l ↦{q} (b::v) ⊣⊢ l ↦{q} [b] ∗ (l +ₗ 1) ↦{q} v.
Proof.
- rewrite heap_mapsto_cons_mbyte !assoc. f_equiv.
- rewrite heap_mapsto_eq/heap_mapsto_def /= shift_loc_0.
+ rewrite heap_pointsto_cons_mbyte !assoc. f_equiv.
+ rewrite heap_pointsto_eq/heap_pointsto_def /= shift_loc_0.
solve_sep_entails.
Qed.
- Lemma heap_mapsto_app l v1 v2 q:
+ Lemma heap_pointsto_app l v1 v2 q:
l ↦{q} (v1 ++ v2) ⊣⊢ l ↦{q} v1 ∗ (l +ₗ length v1) ↦{q} v2.
Proof.
elim: v1 l.
- - move => l /=. rewrite heap_mapsto_nil shift_loc_0.
+ - move => l /=. rewrite heap_pointsto_nil shift_loc_0.
iSplit; [ iIntros "Hl" | by iIntros "[_ $]" ].
- iSplit => //. by iApply heap_mapsto_loc_in_bounds_0.
+ iSplit => //. by iApply heap_pointsto_loc_in_bounds_0.
- move => b v1 IH l /=.
- rewrite heap_mapsto_cons IH assoc -heap_mapsto_cons.
+ rewrite heap_pointsto_cons IH assoc -heap_pointsto_cons.
rewrite shift_loc_assoc.
by have -> : (∀ n : nat, 1 + n = S n) by lia.
Qed.
- Lemma heap_mapsto_mbyte_agree l q1 q2 v1 v2 :
- heap_mapsto_mbyte l q1 v1 ∗ heap_mapsto_mbyte l q2 v2 ⊢ ⌜v1 = v2âŒ.
+ Lemma heap_pointsto_mbyte_agree l q1 q2 v1 v2 :
+ heap_pointsto_mbyte l q1 v1 ∗ heap_pointsto_mbyte l q2 v2 ⊢ ⌜v1 = v2âŒ.
Proof.
- rewrite heap_mapsto_mbyte_eq.
+ rewrite heap_pointsto_mbyte_eq.
iIntros "[H1 H2]".
iDestruct "H1" as (??) "H1". iDestruct "H2" as (??) "H2".
iCombine "H1 H2" as "H". rewrite own_valid discrete_valid.
@@ -748,37 +748,37 @@ Section heap.
move => -[] /= _ /to_agree_op_inv_L => ?. by simplify_eq.
Qed.
- Lemma heap_mapsto_agree l q1 q2 v1 v2 :
+ Lemma heap_pointsto_agree l q1 q2 v1 v2 :
length v1 = length v2 →
l ↦{q1} v1 -∗ l ↦{q2} v2 -∗ ⌜v1 = v2âŒ.
Proof.
elim: v1 v2 l. 1: by iIntros ([] ??)"??".
move => ?? IH []//=???[?].
- rewrite !heap_mapsto_cons_mbyte.
+ rewrite !heap_pointsto_cons_mbyte.
iIntros "[? [_ ?]] [? [_ ?]]".
iDestruct (IH with "[$] [$]") as %-> => //.
- by iDestruct (heap_mapsto_mbyte_agree with "[$]") as %->.
+ by iDestruct (heap_pointsto_mbyte_agree with "[$]") as %->.
Qed.
- Lemma heap_mapsto_layout_has_layout l ly :
+ Lemma heap_pointsto_layout_has_layout l ly :
l ↦|ly| -∗ ⌜l `has_layout_loc` lyâŒ.
Proof. iIntros "(% & % & % & ?)". done. Qed.
- Lemma heap_mapsto_ptr_in_range l q v :
+ Lemma heap_pointsto_ptr_in_range l q v :
l ↦{q} v -∗ ⌜min_alloc_start ≤ l.2 ∧ l.2 + length v ≤ max_alloc_endâŒ.
Proof.
- iIntros "Hl". iPoseProof (heap_mapsto_loc_in_bounds with "Hl") as "Hlb".
+ iIntros "Hl". iPoseProof (heap_pointsto_loc_in_bounds with "Hl") as "Hlb".
iPoseProof (loc_in_bounds_ptr_in_range with "Hlb") as "%Ha".
rewrite Nat2Z.inj_0 Z.sub_0_r in Ha. done.
Qed.
- Lemma heap_mapsto_prov_none_nil l q :
+ Lemma heap_pointsto_prov_none_nil l q :
l.1 = ProvAlloc None →
min_alloc_start ≤ l.2 →
l.2 ≤ max_alloc_end →
⊢ l ↦{q} [].
Proof.
- intros ???. rewrite heap_mapsto_eq.
+ intros ???. rewrite heap_pointsto_eq.
iSplit; last done. by iApply loc_in_bounds_prov_none.
Qed.
@@ -787,7 +787,7 @@ Section heap.
heap_range_free h l.2 (length v) →
heap_ctx h ==∗
heap_ctx (heap_alloc l.2 v aid h) ∗
- ([∗ list] i↦b ∈ v, heap_mapsto_mbyte_st (RSt 0) (l +ₗ i) aid 1 b).
+ ([∗ list] i↦b ∈ v, heap_pointsto_mbyte_st (RSt 0) (l +ₗ i) aid 1 b).
Proof.
move => Haid Hfree. destruct l as [? a]. simplify_eq/=.
have [->|Hv] := decide(v = []); first by iIntros "$ !>" => //=.
@@ -822,8 +822,8 @@ Section heap.
Proof.
iIntros (Hid Hfree Hstart Hlen Hrange) "#Hr Hal Hctx".
iMod (heap_alloc_st with "Hctx") as "[$ Hl]" => //.
- iModIntro. rewrite heap_mapsto_eq /heap_mapsto_def.
- rewrite heap_mapsto_mbyte_eq /heap_mapsto_mbyte_def.
+ iModIntro. rewrite heap_pointsto_eq /heap_pointsto_def.
+ rewrite heap_pointsto_mbyte_eq /heap_pointsto_mbyte_def.
iSplitR "Hal"; last first; last iSplit.
- rewrite freeable_eq. iExists id. iFrame. iSplit => //.
by iApply (alloc_meta_mono with "Hr").
@@ -833,9 +833,9 @@ Section heap.
iIntros (???) "!> H". iExists id. by iFrame.
Qed.
- Lemma heap_mapsto_mbyte_lookup_q ls l aid h q b:
+ Lemma heap_pointsto_mbyte_lookup_q ls l aid h q b:
heap_ctx h -∗
- heap_mapsto_mbyte_st ls l aid q b -∗
+ heap_pointsto_mbyte_st ls l aid q b -∗
⌜∃ n' : nat,
h !! l.2 = Some (HeapCell aid (match ls with RSt n => RSt (n+n') | WSt => WSt end) b)âŒ.
Proof.
@@ -853,9 +853,9 @@ Section heap.
- exists O. by rewrite Nat.add_0_r.
Qed.
- Lemma heap_mapsto_mbyte_lookup_1 ls l aid h b:
+ Lemma heap_pointsto_mbyte_lookup_1 ls l aid h b:
heap_ctx h -∗
- heap_mapsto_mbyte_st ls l aid 1%Qp b -∗
+ heap_pointsto_mbyte_st ls l aid 1%Qp b -∗
⌜h !! l.2 = Some (HeapCell aid ls b)âŒ.
Proof.
iIntros "Hâ— Hâ—¯".
@@ -868,37 +868,37 @@ Section heap.
destruct ls, ls''; rewrite ?Nat.add_0_r; naive_solver.
Qed.
- Lemma heap_mapsto_lookup_q flk l h q v:
+ Lemma heap_pointsto_lookup_q flk l h q v:
(∀ n, flk (RSt n) : Prop) →
heap_ctx h -∗ l ↦{q} v -∗ ⌜heap_lookup_loc l v flk hâŒ.
Proof.
iIntros (?) "Hh Hl".
iInduction v as [|b v] "IH" forall (l) => //.
- rewrite heap_mapsto_cons_mbyte heap_mapsto_mbyte_eq /=.
+ rewrite heap_pointsto_cons_mbyte heap_pointsto_mbyte_eq /=.
iDestruct "Hl" as "[Hb [_ Hl]]". iDestruct "Hb" as (? Heq) "Hb".
rewrite /heap_lookup_loc /=. iSplit; last by iApply ("IH" with "Hh Hl").
- iDestruct (heap_mapsto_mbyte_lookup_q with "Hh Hb") as %[n Hn].
+ iDestruct (heap_pointsto_mbyte_lookup_q with "Hh Hb") as %[n Hn].
by iExists _, _.
Qed.
- Lemma heap_mapsto_lookup_1 (flk : lock_state → Prop) l h v:
+ Lemma heap_pointsto_lookup_1 (flk : lock_state → Prop) l h v:
flk (RSt 0%nat) →
heap_ctx h -∗ l ↦ v -∗ ⌜heap_lookup_loc l v flk hâŒ.
Proof.
iIntros (?) "Hh Hl".
iInduction v as [|b v] "IH" forall (l) => //.
- rewrite heap_mapsto_cons_mbyte heap_mapsto_mbyte_eq /=.
+ rewrite heap_pointsto_cons_mbyte heap_pointsto_mbyte_eq /=.
iDestruct "Hl" as "[Hb [_ Hl]]". iDestruct "Hb" as (? Heq) "Hb".
rewrite /heap_lookup_loc /=. iSplit; last by iApply ("IH" with "Hh Hl").
- iDestruct (heap_mapsto_mbyte_lookup_1 with "Hh Hb") as %Hl.
+ iDestruct (heap_pointsto_mbyte_lookup_1 with "Hh Hb") as %Hl.
by iExists _, _.
Qed.
Lemma heap_read_mbyte_vs h n1 n2 nf l aid q b:
h !! l.2 = Some (HeapCell aid (RSt (n1 + nf)) b) →
- heap_ctx h -∗ heap_mapsto_mbyte_st (RSt n1) l aid q b
+ heap_ctx h -∗ heap_pointsto_mbyte_st (RSt n1) l aid q b
==∗ heap_ctx (<[l.2:=HeapCell aid (RSt (n2 + nf)) b]> h)
- ∗ heap_mapsto_mbyte_st (RSt n2) l aid q b.
+ ∗ heap_pointsto_mbyte_st (RSt n2) l aid q b.
Proof.
intros Hσv. do 2 apply wand_intro_r. rewrite left_id -!own_op to_heapUR_insert.
eapply own_update, auth_update, singleton_local_update.
@@ -915,11 +915,11 @@ Section heap.
heap_ctx (heap_upd l v (λ st, if st is Some (RSt (S n)) then RSt n else WSt) h2) ∗ l ↦{q} v.
Proof.
iIntros "Hh Hv".
- iDestruct (heap_mapsto_lookup_q with "Hh Hv") as %Hat. 2: iSplitR => //. 1: by naive_solver.
+ iDestruct (heap_pointsto_lookup_q with "Hh Hv") as %Hat. 2: iSplitR => //. 1: by naive_solver.
iInduction (v) as [|b v] "IH" forall (l Hat) => //=.
{ iFrame. by iIntros "!#" (?) "$ !#". }
- rewrite ->heap_mapsto_cons_mbyte, heap_mapsto_mbyte_eq.
- iDestruct "Hv" as "[Hb [? Hl]]". iDestruct "Hb" as (? Heq) "Hb".
+ rewrite ->heap_pointsto_cons_mbyte, heap_pointsto_mbyte_eq.
+ iDestruct "Hv" as "[Hb [Hlb Hl]]". iDestruct "Hb" as (? Heq) "Hb".
move: Hat. rewrite /heap_lookup_loc Heq /= => -[[? [? [Hin [?[n ?]]]]] ?]; simplify_eq/=.
iMod ("IH" with "[] Hh Hl") as "{IH}[Hh IH]".
{ iPureIntro => /=. by destruct l; simplify_eq/=. }
@@ -928,12 +928,12 @@ Section heap.
iModIntro. iSplitL "Hh".
{ iStopProof. f_equiv. symmetry. apply partial_alter_to_insert.
rewrite heap_update_lookup_not_in_range /shift_loc /= ?Hin ?Heq //; lia. }
- iIntros (h2) "Hh". iDestruct (heap_mapsto_mbyte_lookup_q with "Hh Hb") as %[n' Hn].
+ iIntros (h2) "Hh". iDestruct (heap_pointsto_mbyte_lookup_q with "Hh Hb") as %[n' Hn].
iMod ("IH" with "Hh") as (Hat) "[Hh Hl]". iSplitR.
{ rewrite /shift_loc /= Z.add_1_r Heq in Hat. iPureIntro. naive_solver. }
iMod (heap_read_mbyte_vs _ 1 0 with "Hh Hb") as "[Hh Hb]".
{ rewrite heap_update_lookup_not_in_range // /shift_loc /=. lia. }
- rewrite heap_mapsto_cons_mbyte heap_mapsto_mbyte_eq. iFrame. iModIntro.
+ rewrite heap_pointsto_cons_mbyte heap_pointsto_mbyte_eq. iFrame "Hl Hlb". iModIntro.
iSplitR "Hb"; [ iStopProof | iExists _; by iFrame ].
f_equiv. symmetry. apply partial_alter_to_insert.
rewrite heap_update_lookup_not_in_range /shift_loc /= ?Hn ?Heq //. lia.
@@ -941,8 +941,8 @@ Section heap.
Lemma heap_write_mbyte_vs h st1 st2 l aid b b':
h !! l.2 = Some (HeapCell aid st1 b) →
- heap_ctx h -∗ heap_mapsto_mbyte_st st1 l aid 1%Qp b
- ==∗ heap_ctx (<[l.2:=HeapCell aid st2 b']> h) ∗ heap_mapsto_mbyte_st st2 l aid 1%Qp b'.
+ heap_ctx h -∗ heap_pointsto_mbyte_st st1 l aid 1%Qp b
+ ==∗ heap_ctx (<[l.2:=HeapCell aid st2 b']> h) ∗ heap_pointsto_mbyte_st st2 l aid 1%Qp b'.
Proof.
intros Hσv. do 2 apply wand_intro_r. rewrite left_id -!own_op to_heapUR_insert.
eapply own_update, auth_update, singleton_local_update.
@@ -956,9 +956,9 @@ Section heap.
Proof.
iIntros (Hlen Hf) "Hh Hmt".
iInduction (v) as [|v b] "IH" forall (l v' Hlen); destruct v' => //; first by iFrame.
- move: Hlen => [] Hlen. rewrite !heap_mapsto_cons_mbyte !heap_mapsto_mbyte_eq.
+ move: Hlen => [] Hlen. rewrite !heap_pointsto_cons_mbyte !heap_pointsto_mbyte_eq.
iDestruct "Hmt" as "[Hb [$ Hl]]". iDestruct "Hb" as (? Heq) "Hb".
- iDestruct (heap_mapsto_mbyte_lookup_1 with "Hh Hb") as % Hin; auto.
+ iDestruct (heap_pointsto_mbyte_lookup_1 with "Hh Hb") as % Hin; auto.
iMod ("IH" with "[//] Hh Hl") as "[Hh $]".
iMod (heap_write_mbyte_vs with "Hh Hb") as "[Hh Hb]".
{ rewrite heap_update_lookup_not_in_range /shift_loc //=. lia. }
@@ -977,11 +977,11 @@ Section heap.
heap_ctx (heap_upd l v' (λ _, RSt 0) h2) ∗ l ↦ v'.
Proof.
iIntros (Hlen) "Hh Hv".
- iDestruct (heap_mapsto_lookup_1 with "Hh Hv") as %Hat. 2: iSplitR => //. 1: by naive_solver.
+ iDestruct (heap_pointsto_lookup_1 with "Hh Hv") as %Hat. 2: iSplitR => //. 1: by naive_solver.
iInduction (v) as [|b v] "IH" forall (l v' Hat Hlen) => //=; destruct v' => //.
{ iFrame. by iIntros "!#" (?) "$ !#". }
move: Hlen => -[] Hlen.
- rewrite heap_mapsto_cons_mbyte heap_mapsto_mbyte_eq.
+ rewrite heap_pointsto_cons_mbyte heap_pointsto_mbyte_eq.
iDestruct "Hv" as "[Hb [? Hl]]". iDestruct "Hb" as (? Heq) "Hb".
move: Hat. rewrite /heap_lookup_loc Heq /= => -[[? [? [Hin [??]]]] ?]; simplify_eq/=.
iMod ("IH" with "[] [] Hh Hl") as "{IH}[Hh IH]"; [|done|].
@@ -990,7 +990,7 @@ Section heap.
{ rewrite heap_update_lookup_not_in_range /shift_loc /= ?Hin ?Heq //=. lia. }
iSplitL "Hh". { rewrite /heap_upd /=. erewrite partial_alter_to_insert; first done.
rewrite heap_update_lookup_not_in_range; last lia. by rewrite Heq Hin. }
- iIntros "!#" (h2) "Hh". iDestruct (heap_mapsto_mbyte_lookup_1 with "Hh Hb") as %Hn.
+ iIntros "!#" (h2) "Hh". iDestruct (heap_pointsto_mbyte_lookup_1 with "Hh Hb") as %Hn.
iMod ("IH" with "Hh") as (Hat) "[Hh Hl]". iSplitR.
{ rewrite /shift_loc /= Z.add_1_r Heq in Hat. iPureIntro. naive_solver. }
iMod (heap_write_mbyte_vs with "Hh Hb") as "[Hh Hb]".
@@ -998,13 +998,12 @@ Section heap.
rewrite /heap_upd !Heq /=. erewrite partial_alter_to_insert; last done.
rewrite Z.add_1_r Heq. iFrame.
rewrite heap_update_lookup_not_in_range; last lia. rewrite Hn /=. iFrame.
- rewrite heap_mapsto_cons_mbyte heap_mapsto_mbyte_eq. iFrame.
- iExists _. by iFrame.
+ rewrite heap_pointsto_cons_mbyte heap_pointsto_mbyte_eq. by iFrame.
Qed.
Lemma heap_free_free_st l h v aid :
l.1 = ProvAlloc (Some aid) →
- heap_ctx h ∗ ([∗ list] i↦b ∈ v, heap_mapsto_mbyte_st (RSt 0) (l +ₗ i) aid 1 b) ==∗
+ heap_ctx h ∗ ([∗ list] i↦b ∈ v, heap_pointsto_mbyte_st (RSt 0) (l +ₗ i) aid 1 b) ==∗
heap_ctx (heap_free l.2 (length v) h).
Proof.
move => Haid. destruct l as [? a]. simplify_eq/=.
@@ -1031,15 +1030,15 @@ Section heap.
heap_ctx h -∗ l ↦ v ==∗ heap_ctx (heap_free l.2 (length v) h).
Proof.
iIntros "Hctx Hl".
- iDestruct (heap_mapsto_is_alloc with "Hl") as %[[??]|(? & _ & ->)]; last done.
+ iDestruct (heap_pointsto_is_alloc with "Hl") as %[[??]|(? & _ & ->)]; last done.
iMod (heap_free_free_st with "[$Hctx Hl]"); [done| |done].
- rewrite heap_mapsto_eq /heap_mapsto_def. iDestruct "Hl" as "[_ Hl]".
+ rewrite heap_pointsto_eq /heap_pointsto_def. iDestruct "Hl" as "[_ Hl]".
iApply (big_sepL_impl with "Hl"). iIntros (???) "!> H".
- rewrite heap_mapsto_mbyte_eq /heap_mapsto_mbyte_def /=.
+ rewrite heap_pointsto_mbyte_eq /heap_pointsto_mbyte_def /=.
iDestruct "H" as (?) "[% H]". by destruct l; simplify_eq/=.
Qed.
- Lemma heap_mapsto_reshape_sl (sl : struct_layout) v l q :
+ Lemma heap_pointsto_reshape_sl (sl : struct_layout) v l q :
v `has_layout_val` sl →
l ↦{q} v ⊣⊢ loc_in_bounds l 0 (ly_size sl) ∗ ([∗ list] i ↦ v ∈ reshape (ly_size <$> (sl_members sl).*2) v, (l +ₗ offset_of_idx (sl_members sl) i) ↦{q} v).
Proof.
@@ -1047,70 +1046,70 @@ Section heap.
elim: (sl_members sl) l v; simpl.
{ intros l v Hlen. destruct v; last done.
- rewrite right_id. apply heap_mapsto_nil. }
+ rewrite right_id. apply heap_pointsto_nil. }
intros [m ly] s IH l v Hlen; simpl in Hlen.
specialize (take_drop (ly_size ly) v) as Heq.
rewrite -Heq.
assert (length (take (ly_size ly) v) = ly_size ly) as Hlen2.
- { rewrite take_length. lia. }
+ { rewrite length_take. lia. }
iSplit.
- - iIntros "Hpts". iPoseProof (heap_mapsto_loc_in_bounds with "Hpts") as "#Ha".
+ - iIntros "Hpts". iPoseProof (heap_pointsto_loc_in_bounds with "Hpts") as "#Ha".
simpl. iSplitR.
{ rewrite -Hlen Heq//. }
- rewrite heap_mapsto_app.
+ rewrite heap_pointsto_app.
iDestruct "Hpts" as "(Hpts1 & Hpts)".
rewrite /offset_of_idx. simpl. setoid_rewrite <-shift_loc_assoc_nat.
iSplitL "Hpts1".
- { simpl. rewrite shift_loc_0_nat -{4}Hlen2 take_app. done. }
+ { simpl. rewrite shift_loc_0_nat -{4}Hlen2 take_app_length. done. }
iPoseProof (IH with "Hpts") as "(_ & Hc)".
- { rewrite drop_length Hlen. unfold fmap. lia. }
+ { rewrite length_drop Hlen. unfold fmap. lia. }
rewrite -{6}Hlen2.
- rewrite drop_app.
- rewrite take_length.
+ rewrite drop_app_length.
+ rewrite length_take.
rewrite Nat.min_l; first done.
lia.
- iIntros "(#Ha & Hb & Hc)".
rewrite /offset_of_idx. simpl.
- rewrite heap_mapsto_app.
- rewrite shift_loc_0_nat. rewrite -{2}Hlen2 take_app. iFrame.
+ rewrite heap_pointsto_app.
+ rewrite shift_loc_0_nat. rewrite -{2}Hlen2 take_app_length. iFrame.
iApply IH.
- { rewrite drop_length Hlen. rewrite /fmap. lia. }
+ { rewrite length_drop Hlen. rewrite /fmap. lia. }
iSplitR.
{ iApply loc_in_bounds_offset_suf; last done.
- done.
- simpl. lia.
- - simpl. rewrite take_length /fmap. lia. }
- iEval (rewrite -{2}Hlen2) in "Hc". rewrite drop_app.
+ - simpl. rewrite length_take /fmap. lia. }
+ iEval (rewrite -{2}Hlen2) in "Hc". rewrite drop_app_length.
iApply (big_sepL_wand with "Hc").
iApply big_sepL_intro. iModIntro.
iIntros (k v' Hlook) "Hp".
rewrite shift_loc_assoc_nat.
- rewrite take_length. rewrite Nat.min_l; first done.
+ rewrite length_take. rewrite Nat.min_l; first done.
lia.
Qed.
(* for simplicity: restricting to uniform sizes *)
- Lemma heap_mapsto_mjoin_uniform l (vs : list val) (sz : nat) q :
+ Lemma heap_pointsto_mjoin_uniform l (vs : list val) (sz : nat) q :
(∀ v, v ∈ vs → length v = sz) →
l ↦{q} mjoin vs ⊣⊢ loc_in_bounds l 0 (length vs * sz) ∗ ([∗ list] i ↦ v ∈ vs, (l +ₗ (sz * i)) ↦{q} v).
Proof.
intros Hsz.
assert (length (mjoin vs) = length vs * sz)%nat as Hlen.
{ induction vs as [ | v vs IH]; simpl; first lia.
- rewrite app_length. rewrite Hsz; [ | apply elem_of_cons; by left].
+ rewrite length_app. rewrite Hsz; [ | apply elem_of_cons; by left].
f_equiv. apply IH. intros. apply Hsz. apply elem_of_cons; by right. }
induction vs as [ | v vs IH] in l, Hlen, Hsz |-*; simpl.
- { rewrite right_id. by rewrite heap_mapsto_nil. }
+ { rewrite right_id. by rewrite heap_pointsto_nil. }
iSplit.
- - iIntros "Hl". iPoseProof (heap_mapsto_loc_in_bounds with "Hl") as "#Hlb".
- rewrite heap_mapsto_app. iDestruct "Hl" as "[Hl1 Hl]".
+ - iIntros "Hl". iPoseProof (heap_pointsto_loc_in_bounds with "Hl") as "#Hlb".
+ rewrite heap_pointsto_app. iDestruct "Hl" as "[Hl1 Hl]".
rewrite Z.mul_0_r shift_loc_0_nat. iFrame "Hl1".
iSplitR. { rewrite Hlen. done. }
iPoseProof (IH with "Hl") as "Ha".
{ intros. apply Hsz. apply elem_of_cons; by right. }
- { simpl in Hlen. rewrite app_length in Hlen. rewrite Hsz in Hlen; [ | apply elem_of_cons; by left]. lia. }
+ { simpl in Hlen. rewrite length_app in Hlen. rewrite Hsz in Hlen; [ | apply elem_of_cons; by left]. lia. }
iDestruct "Ha" as "(_ & Ha)".
iApply (big_sepL_wand with "Ha").
iApply big_sepL_intro. iIntros "!>" (k v' _).
@@ -1119,11 +1118,11 @@ Section heap.
assert ((sz + sz * k)%Z = (sz * S k)%Z) as -> by lia.
eauto.
- iIntros "(Hlb & Hv)".
- rewrite Z.mul_0_r shift_loc_0_nat heap_mapsto_app.
+ rewrite Z.mul_0_r shift_loc_0_nat heap_pointsto_app.
iDestruct "Hv" as "($ & Hv)".
iApply IH.
{ intros. apply Hsz. apply elem_of_cons; by right. }
- { simpl in Hlen. rewrite app_length in Hlen. rewrite Hsz in Hlen; [ | apply elem_of_cons; by left]. lia. }
+ { simpl in Hlen. rewrite length_app in Hlen. rewrite Hsz in Hlen; [ | apply elem_of_cons; by left]. lia. }
iSplitL "Hlb".
+ iApply (loc_in_bounds_offset with "Hlb"); first done.
{ simpl. lia. }
@@ -1146,18 +1145,18 @@ Section alloc_alive.
alloc_alive_loc l1 -∗ alloc_alive_loc l2.
Proof. rewrite alloc_alive_loc_eq /alloc_alive_loc_def => ->. by iIntros "$". Qed.
- Lemma heap_mapsto_alive_strong l :
+ Lemma heap_pointsto_alive_strong l :
(|={⊤, ∅}=> (∃ q v, ⌜length v ≠0%nat⌠∗ l ↦{q} v)) -∗ alloc_alive_loc l.
Proof.
rewrite alloc_alive_loc_eq. move: l => [? a]. iIntros ">(%q&%v&%&?)". iModIntro.
iRight. iExists a, q, _. iFrame. by destruct v.
Qed.
- Lemma heap_mapsto_alive l q v:
+ Lemma heap_pointsto_alive l q v:
length v ≠0%nat →
l ↦{q} v -∗ alloc_alive_loc l.
Proof.
- iIntros (?) "Hl". iApply heap_mapsto_alive_strong.
+ iIntros (?) "Hl". iApply heap_pointsto_alive_strong.
iApply fupd_mask_intro; [set_solver|]. iIntros "?".
iExists _, _. by iFrame.
Qed.
@@ -1180,7 +1179,7 @@ Section alloc_alive.
eexists _. naive_solver.
- iIntros "(((?&Halive&?&?)&Hctx&?&?)&?) !>".
iDestruct "H" as (????) "H".
- iDestruct (heap_mapsto_lookup_q (λ _, True) with "Hctx H") as %Hlookup => //.
+ iDestruct (heap_pointsto_lookup_q (λ _, True) with "Hctx H") as %Hlookup => //.
destruct v => //. destruct Hlookup as [[id [?[?[??]]]]?].
iLeft. iExists id. iSplit; first done. iDestruct "Halive" as %Halive.
iPureIntro. apply: (Halive _ (HeapCell _ _ _)). done.
@@ -1240,7 +1239,7 @@ Section free_blocks.
iDestruct "Hl" as (v Hv ?) "Hl".
iDestruct (alloc_alive_lookup with "Hsctx Hkill") as %[[????k] [??]].
iDestruct (alloc_meta_lookup with "Hrctx Hrange") as %[al'' [?[[??]?]]]. simplify_eq/=.
- iDestruct (heap_mapsto_lookup_1 (λ st : lock_state, st = RSt 0) with "Hhctx Hl") as %? => //.
+ iDestruct (heap_pointsto_lookup_1 (λ st : lock_state, st = RSt 0) with "Hhctx Hl") as %? => //.
iExists _. iSplitR. { iPureIntro. by econstructor. }
iMod (heap_free_free with "Hhctx Hl") as "Hhctx". rewrite Hv. iFrame => /=.
iMod (alloc_alive_kill _ _ ({| al_start := l.2; al_len := ly_size ly; al_alive := true; al_kind := k |}) with "Hsctx Hkill") as "[$ Hd]".
diff --git a/theories/caesium/heap.v b/theories/caesium/heap.v
index 5ff9283679bed9d61b8368cd93d31ac9570e5007..b06580ca4f2865fbc892155f9026596776e5abe0 100644
--- a/theories/caesium/heap.v
+++ b/theories/caesium/heap.v
@@ -343,10 +343,10 @@ Definition heap_loc_eq (l1 l2 : loc) (st : heap_state) : option bool :=
(* Allocations are different from NULL pointers. But the comparison
is only defined if the location is in bounds of its allocation. *)
else if bool_decide (l1 = NULL_loc) then
- guard (heap_state_loc_in_bounds l2 0 st);
+ guard (heap_state_loc_in_bounds l2 0 st);;
Some false
else if bool_decide (l2 = NULL_loc) then
- guard (heap_state_loc_in_bounds l1 0 st);
+ guard (heap_state_loc_in_bounds l1 0 st);;
Some false
(* Two function pointers compare equal if their address is equal. *)
else if bool_decide (l1.1 = ProvFnPtr ∧ l2.1 = ProvFnPtr) then
@@ -355,15 +355,15 @@ Definition heap_loc_eq (l1 l2 : loc) (st : heap_state) : option bool :=
(* Two allocations can be compared if they are both alive and in
bounds (it is ok if they have different provenances). Comparison
compares the addresses. *)
- guard (valid_ptr l1 st);
- guard (valid_ptr l2 st);
+ guard (valid_ptr l1 st);;
+ guard (valid_ptr l2 st);;
Some (bool_decide (l1.2 = l2.2)).
Lemma heap_loc_eq_symmetric l1 l2 st:
heap_loc_eq l1 l2 st = heap_loc_eq l2 l1 st.
Proof.
rewrite /heap_loc_eq.
- repeat case_bool_decide=> //; repeat case_option_guard => //; naive_solver.
+ repeat case_bool_decide=> //; repeat case_guard => //; naive_solver.
Qed.
Lemma heap_loc_eq_NULL_NULL st:
@@ -457,25 +457,25 @@ Proof.
destruct ot => /=.
- destruct (val_to_bool v) => /=.
+ destruct (val_to_bytes v) eqn:Hv => //=.
- * move: Hv => /mapM_length. lia.
- * by rewrite replicate_length.
- + by rewrite replicate_length.
+ * move: Hv => /length_mapM. lia.
+ * by rewrite length_replicate.
+ + by rewrite length_replicate.
- destruct (val_to_bytes v) eqn:Hv => //=.
- + move: Hv => /mapM_length. lia.
- + by rewrite replicate_length.
+ + move: Hv => /length_mapM. lia.
+ + by rewrite length_replicate.
- case_match => //=.
- destruct (val_to_bytes v) as [v'|] eqn:Hv => //=. 2: by rewrite replicate_length.
- move: Hv => /mapM_length ->.
- destruct (val_to_Z v') eqn:Hv' => //=. 2: by rewrite replicate_length.
+ destruct (val_to_bytes v) as [v'|] eqn:Hv => //=. 2: by rewrite length_replicate.
+ move: Hv => /length_mapM ->.
+ destruct (val_to_Z v') eqn:Hv' => //=. 2: by rewrite length_replicate.
move: Hv' => /val_to_Z_length /=?.
by repeat case_match.
- - by rewrite resize_length.
+ - by rewrite length_resize.
- done.
- destruct (val_to_char v) => /=.
+ destruct (val_to_bytes v) eqn:Hv => //=.
- * move: Hv => /mapM_length. lia.
- * by rewrite replicate_length.
- + by rewrite replicate_length.
+ * move: Hv => /length_mapM. lia.
+ * by rewrite length_replicate.
+ + by rewrite length_replicate.
Qed.
Lemma mem_cast_id_loc l :
@@ -510,27 +510,27 @@ Lemma mem_cast_struct_reshape sl v st ots:
(reshape (ly_size <$> (sl_members sl).*2) v)).
Proof.
move => ? Hv Hly. rewrite /mem_cast/=-/mem_cast resize_all_alt. 2: {
- rewrite join_length Hv {1}/ly_size /=.
+ rewrite length_join Hv {1}/ly_size /=.
apply: sum_list_eq.
(* TODO: This is the same proof as below. Somehow unify these two proofs. *)
apply Forall2_same_length_lookup_2.
- { rewrite !fmap_length zip_with_length reshape_length pad_struct_length !fmap_length. lia. }
+ { rewrite !length_fmap length_zip_with length_reshape pad_struct_length !length_fmap. lia. }
move => i n1 n2. rewrite !list_lookup_fmap.
move => /fmap_Some[?[/fmap_Some[?[??]]?]]; simplify_eq.
move => /fmap_Some[?[/lookup_zip_with_Some[?[?[?[Hs?]]]]?]].
- move: Hs => /pad_struct_lookup_Some[|n[?[? Hor]]]. { by rewrite fmap_length. }
+ move: Hs => /pad_struct_lookup_Some[|n[?[? Hor]]]. { by rewrite length_fmap. }
unfold field_list in *. simplify_eq/=.
- destruct Hor as [[? Hl] | [??]]; simplify_eq/=. 2: by rewrite replicate_length.
+ destruct Hor as [[? Hl] | [??]]; simplify_eq/=. 2: by rewrite length_replicate.
move: Hl. rewrite list_lookup_fmap. move => /fmap_Some[?[??]]. simplify_eq.
destruct n as [n|] => //. rewrite mem_cast_length. by erewrite Hly.
}
rewrite reshape_join //.
apply Forall2_same_length_lookup_2.
- { rewrite zip_with_length reshape_length pad_struct_length !fmap_length. lia. }
+ { rewrite length_zip_with length_reshape pad_struct_length !length_fmap. lia. }
move => i v' sz /lookup_zip_with_Some[?[?[?[/pad_struct_lookup_Some Hl ?]]]].
- move: Hl => [|n[?[Hin2 Hor]]]. { rewrite fmap_length //. } simplify_eq.
+ move: Hl => [|n[?[Hin2 Hor]]]. { rewrite length_fmap //. } simplify_eq.
rewrite !list_lookup_fmap => /fmap_Some[?[/fmap_Some[?[Hin ?]]?]]. rewrite Hin2 in Hin. simplify_eq/=.
- destruct Hor as [[? Hl] |[??]]; simplify_eq. 2: by rewrite replicate_length.
+ destruct Hor as [[? Hl] |[??]]; simplify_eq. 2: by rewrite length_replicate.
move: Hl. rewrite list_lookup_fmap => /fmap_Some[?[??]]. simplify_eq. rewrite mem_cast_length.
destruct n => //. by apply: Hly.
Qed.
@@ -546,11 +546,11 @@ Proof.
destruct (val_to_bool v) as [b | ] eqn:Heq.
+ rewrite (val_to_bytes_id_bool _ b); last done. simpl.
rewrite Heq. simpl. rewrite (val_to_bytes_id_bool _ b); done.
- + simpl. destruct v; simpl; first done. rewrite replicate_length. done.
+ + simpl. destruct v; simpl; first done. rewrite length_replicate. done.
- rewrite /mem_cast.
destruct (val_to_bytes v) as [v' | ] eqn:Heq; simpl.
+ erewrite val_to_bytes_idemp; done.
- + rewrite replicate_length.
+ + rewrite length_replicate.
generalize (length v). intros []; done.
- rewrite /mem_cast.
destruct (val_to_loc v) as [l | ] eqn:Heq; simpl.
@@ -561,11 +561,11 @@ Proof.
case_bool_decide; first by rewrite val_to_of_loc //.
case_bool_decide; by rewrite val_to_of_loc //.
* destruct v; simpl; first done.
- rewrite replicate_length. done.
+ rewrite length_replicate. done.
+ destruct v; simpl; first done.
- rewrite replicate_length //.
+ rewrite length_replicate //.
- rewrite /mem_cast. fold mem_cast.
- simpl. rewrite resize_length.
+ simpl. rewrite length_resize.
simpl in Hly.
f_equiv. f_equiv.
@@ -581,40 +581,40 @@ Proof.
simpl in Hwf; destruct Hwf as ((Hwf1 & <-) & Hwf).
rewrite take_resize.
rewrite resize_app; first last.
- { rewrite mem_cast_length take_length//. }
+ { rewrite mem_cast_length length_take//. }
inversion IH as [ | ? IH1 ? IH2 ]; subst.
f_equiv.
* apply IH1; last done.
- rewrite /has_layout_val take_length. lia.
+ rewrite /has_layout_val length_take. lia.
* (* use IH *)
specialize (IH' (drop (ly_size (ot_layout ot)) v) _ IH2).
rewrite drop_resize_le; last lia.
rewrite -{2}IH'; last done; first last.
- { rewrite drop_length. unfold fmap. lia. }
+ { rewrite length_drop. unfold fmap. lia. }
f_equiv; first done.
f_equiv; first done.
- rewrite drop_length.
+ rewrite length_drop.
f_equiv.
- rewrite drop_app'; first done.
- rewrite mem_cast_length take_length. lia.
+ rewrite drop_app_length'; first done.
+ rewrite mem_cast_length length_take. lia.
+ (* padding field *)
f_equiv.
rewrite drop_resize_le; last lia.
specialize (IH' (drop (ly_size ly) v) _ IH).
rewrite -{2}IH'; last done; first last.
- { rewrite drop_length. unfold fmap. lia. }
+ { rewrite length_drop. unfold fmap. lia. }
f_equiv. f_equiv; first done.
- rewrite drop_length.
+ rewrite length_drop.
f_equiv.
- rewrite drop_app'; first done.
- rewrite replicate_length//.
+ rewrite drop_app_length'; first done.
+ rewrite length_replicate//.
- done.
- rewrite /mem_cast.
destruct (val_to_char v) as [z | ] eqn:Heq.
+ rewrite (val_to_bytes_id_char _ z); last done. simpl.
rewrite Heq. simpl. rewrite (val_to_bytes_id_char _ z); done.
- + rewrite replicate_length.
+ + rewrite length_replicate.
generalize (length v) as n. simpl.
clear.
intros n. case_match eqn:Heq1; last done.
@@ -894,7 +894,7 @@ Proof.
rewrite heap_update_lookup_not_in_range; last lia. rewrite Heq /= Hfaid.
apply (Hσ a2 _ Heq).
- rewrite lookup_partial_alter_ne // -/heap_update in H.
- by unshelve eapply (IH _ _ Hσ _ Hfaid Hlen a2 hc) => //.
+ by apply (IH _ _ Hσ Hcontains Hfaid Hlen a2 hc) => //.
Qed.
Lemma heap_update_heap_cell_alloc_alive σ a v1 v2 Paid Plk faid flk:
@@ -915,7 +915,7 @@ Proof.
rewrite heap_update_lookup_not_in_range; last lia. rewrite Heq /= Hfaid.
apply (Hσ a2 _ Heq).
- rewrite lookup_partial_alter_ne // -/heap_update in H.
- by unshelve eapply (IH _ _ Hσ _ Hfaid Hlen a2 hc) => //.
+ by apply (IH _ _ Hσ Hcontains Hfaid Hlen a2 hc) => //.
Qed.
Lemma heap_update_alloc_alive_in_heap σ a v1 v2 Paid Plk faid flk:
diff --git a/theories/caesium/int_type.v b/theories/caesium/int_type.v
index 664e9d14abb63a325da2968ec537f6001b253817..e447505359f93f0ced994cb252bb3d717f071d4f 100644
--- a/theories/caesium/int_type.v
+++ b/theories/caesium/int_type.v
@@ -252,12 +252,12 @@ Proof.
unfold min_int, max_int in *.
destruct (it_signed it) eqn:Heq.
- rewrite /wrap_signed.
- efeed pose proof (Z_mod_lt (z + int_half_modulus it) (int_modulus it)).
+ opose proof* (Z_mod_lt (z + int_half_modulus it) (int_modulus it)).
{ specialize (int_modulus_ge_1 it). lia. }
specialize (int_modulus_twice_half_modulus it).
lia.
- rewrite /wrap_unsigned.
- efeed pose proof (Z_mod_lt (z) (int_modulus it)).
+ opose proof* (Z_mod_lt (z) (int_modulus it)).
{ specialize (int_modulus_ge_1 it). lia. }
lia.
Qed.
diff --git a/theories/caesium/lang.v b/theories/caesium/lang.v
index 83e3f6107bbae016bc9ec57f9d781717a7c05f8a..05b8479e1063e2dc538be270c95ee61bc59f803b 100644
--- a/theories/caesium/lang.v
+++ b/theories/caesium/lang.v
@@ -48,7 +48,7 @@ Inductive expr :=
| StuckE (* stuck expression *)
.
End expr.
-Arguments Call _%E _%E.
+Arguments Call _%_E _%_E.
Lemma expr_ind (P : expr → Prop) :
(∀ (x : var_name), P (Var x)) →
(∀ (v : val), P (Val v)) →
@@ -95,7 +95,7 @@ Inductive stmt :=
| ExprS (e : expr) (s : stmt)
.
-Arguments Switch _%E _%E _%E.
+Arguments Switch _%_E _%_E _%_E.
Record function := {
f_args : list (var_name * layout);
@@ -854,7 +854,7 @@ Lemma fill_item_no_val_inj Ki1 Ki2 e1 e2 :
Proof.
move: Ki1 Ki2 => [ ^ Ki1] [ ^Ki2] He1 He2 ? //; simplify_eq; try done; f_equal.
all: destruct Ki1E, Ki2E => //; simplify_eq => //.
- all: efeed pose proof list_expr_val_eq_inv as HEQ; [| | done |] => //; naive_solver.
+ all: opose proof* list_expr_val_eq_inv as HEQ; [| | done |] => //; naive_solver.
Qed.
Lemma expr_ctx_step_val Ki e σ1 κ e2 σ2 ef :
@@ -911,5 +911,3 @@ Ltac unfold_common_caesium_defs :=
bits_per_int, bytes_per_int, bytes_per_addr_log,
(* Other byte-level definitions *)
bits_per_byte in *.
-
-
diff --git a/theories/caesium/lifting.v b/theories/caesium/lifting.v
index 016da6d1ebd436c01cb6f303e675abdc9520846c..ae59c1429f3cc531b5d1dd2ebf132f84e3744afb 100644
--- a/theories/caesium/lifting.v
+++ b/theories/caesium/lifting.v
@@ -86,7 +86,8 @@ Section time.
iMod (own_update with "Hd") as "Hd".
{ eapply (auth_update_dealloc _ _ (m - k)%nat). eapply nat_local_update. rewrite right_id. lia. }
iModIntro. assert (m = ((m - k) + k)%nat) as Heq by lia. rewrite {1} Heq.
- iDestruct "Hcd" as "(Hcd & $)".
+ iDestruct "Hcd" as "(Hcd & Hatime)".
+ iSplitR "Hatime"; last iFrame.
iExists (m - k)%nat. iFrame.
replace (m - k + (n + k))%nat with (m + n)%nat by lia. done.
Qed.
@@ -100,9 +101,10 @@ Section time.
iMod (step_additive_time_receipt _ m with "CTX Ht") as "(Ht & Hv)"; first done.
iMod (own_update with "Ht") as "Ht".
{ apply (mono_nat.mono_nat_update (m + (k + n))). lia. }
- iMod ("Hv" with "Ht") as "(Ht & $)".
- iModIntro. iExists k.
- iFrame. replace (m + (k + n))%nat with (k + (m + n))%nat by lia. done.
+ iMod ("Hv" with "Ht") as "(Ht & Hatime)".
+ iModIntro.
+ iSplitR "Hatime"; iFrame.
+ by replace (m + (k + n))%nat with (k + (m + n))%nat by lia.
Qed.
Lemma timec_interp_bound_both E n m k :
@@ -128,7 +130,7 @@ Section time.
iPureIntro. lia.
}
iMod ("Hcl" with "Hi") as "_".
- iFrame. iPureIntro. done.
+ iFrame "Ht Hpc". iPureIntro. done.
Qed.
Lemma timec_interp_bound_atime E n m :
@@ -178,7 +180,7 @@ Lemma to_expr_wp `{!refinedcG Σ} (e : expr) s E Φ :
Proof. auto. Qed.
Local Hint Extern 0 (reducible _ _) => eexists _, _, _, _; simpl : core.
-Local Hint Extern 0 (head_reducible _ _) => eexists _, _, _, _; simpl : core.
+Local Hint Extern 0 (base_reducible _ _) => eexists _, _, _, _; simpl : core.
Local Hint Unfold heap_at : core.
@@ -408,7 +410,7 @@ Section lifting.
iIntros (???) "Hcred [Hst Htime]".
iMod (timec_interp_enable_atime with "[$Htime $Hd]") as "(Htime & Hc)".
replace (S (ns - n) + n)%nat with (S ns) by lia.
- replace (S (ns - n + n))%nat with (S ns) by lia.
+ iFrame "Htime".
by iFrame.
Qed.
@@ -474,11 +476,11 @@ Section lifting.
Qed.
(* TODO: add this lemma to iris? *)
- Lemma wp_lift_head_step_fupdN {s E Φ} e1 :
+ Lemma wp_lift_base_step_fupdN {s E Φ} e1 :
to_val e1 = None →
(∀ σ1 ns κ κs nt, state_interp σ1 ns (κ ++ κs) nt ={E,∅}=∗
- ⌜head_reducible e1 σ1⌠∗
- ∀ e2 σ2 efs, ⌜head_step e1 σ1 κ e2 σ2 efs⌠-∗
+ ⌜base_reducible e1 σ1⌠∗
+ ∀ e2 σ2 efs, ⌜base_step e1 σ1 κ e2 σ2 efs⌠-∗
£ (S (num_laters_per_step ns)) ={∅}=∗ ▷ |={∅,E}=>
state_interp σ2 (S ns) κs (length efs + nt) ∗
WP e2 @ s; E {{ Φ }} ∗
@@ -487,11 +489,11 @@ Section lifting.
Proof.
iIntros (?) "H". iApply wp_lift_step_fupdN=>//. iIntros (σ1 ns κ κs nt) "Hσ".
iMod ("H" with "Hσ") as "[% H]"; iModIntro.
- iSplit. { destruct s; iPureIntro; first apply head_prim_reducible; done. }
+ iSplit. { destruct s; iPureIntro; first apply base_prim_reducible; done. }
iIntros (e2 σ2 efs ?).
iIntros "Hcred".
iMod ("H" with "[] Hcred") as "H".
- { iPureIntro. by eapply head_reducible_prim_step. }
+ { iPureIntro. by eapply base_reducible_prim_step. }
iApply step_fupd_intro; first done.
iApply step_fupdN_intro; first done.
iNext. iNext. done.
@@ -501,7 +503,7 @@ Section lifting.
⊢ WP AllocFailed @ E {{ Φ }}.
Proof.
iLöb as "IH".
- iApply wp_lift_pure_det_head_step_no_fork'; [done|by eauto using AllocFailedStep| | by iIntros "!> _"].
+ iApply wp_lift_pure_det_base_step_no_fork'; [done|by eauto using AllocFailedStep| | by iIntros "!> _"].
move => ????? . inversion 1; simplify_eq => //.
match goal with | H: to_rtexpr ?e = AllocFailed |- _ => destruct e; discriminate end.
Qed.
@@ -521,7 +523,7 @@ Section lifting.
-∗ WP e @ E {{ Φ }}.
Proof.
iIntros (? He ?) "#CTX Hc Hp HWP".
- iApply wp_lift_head_step_fupdN => //.
+ iApply wp_lift_base_step_fupdN => //.
iIntros (σ1 ns κ κs nt) "([[% Hhctx] Hfnctx] & Htime)".
iMod (timec_interp_bound_both with "CTX Htime Hc Hp") as "(Htime & Hc & %)"; first done.
iMod (timec_interp_alloc_atime _ 1 with "CTX Htime") as "(Htime & Hc2)"; first done.
@@ -580,7 +582,7 @@ Section lifting.
-∗ WP e @ E {{ Φ }}.
Proof.
iIntros (He ?) "HWP".
- iApply wp_lift_head_step_fupd => //.
+ iApply wp_lift_base_step_fupd => //.
iIntros (σ1 ns κ κs nt) "([[% Hhctx] Hfnctx] & Htime)".
iMod ("HWP" $! σ1 with "[$Hhctx $Hfnctx//]") as (Hstep) "HWP".
iModIntro. iSplit. {
@@ -892,9 +894,9 @@ Proof.
iIntros (? Ho Hl Hll Hlv) "#CTX Hc Hp Hmt HΦ".
iApply (wp_lift_expr_step_credits with "CTX Hc Hp"); auto.
iIntros ([[h ub] fn]) "((%&Hhctx&Hactx)&Hfctx)/=".
- iDestruct (heap_mapsto_is_alloc with "Hmt") as %Haid.
+ iDestruct (heap_pointsto_is_alloc with "Hmt") as %Haid.
destruct o; try by destruct Ho.
- - iModIntro. iDestruct (heap_mapsto_lookup_q (λ st, ∃ n, st = RSt n) with "Hhctx Hmt") as %Hat. { naive_solver. }
+ - iModIntro. iDestruct (heap_pointsto_lookup_q (λ st, ∃ n, st = RSt n) with "Hhctx Hmt") as %Hat. { naive_solver. }
iSplit; first by eauto 11 using DerefS.
iIntros (? e2 σ2 efs Hst ?) "!> Hcred Hc !>". inv_expr_step.
iSplit => //. unfold end_st, end_expr.
@@ -927,9 +929,9 @@ Proof.
iIntros (Ho Hl Hll Hlv) "Hmt HΦ".
iApply wp_lift_expr_step; auto.
iIntros ([[h ub] fn]) "((%&Hhctx&Hactx)&Hfctx)/=".
- iDestruct (heap_mapsto_is_alloc with "Hmt") as %Haid.
+ iDestruct (heap_pointsto_is_alloc with "Hmt") as %Haid.
destruct o; try by destruct Ho.
- - iModIntro. iDestruct (heap_mapsto_lookup_q (λ st, ∃ n, st = RSt n) with "Hhctx Hmt") as %Hat. { naive_solver. }
+ - iModIntro. iDestruct (heap_pointsto_lookup_q (λ st, ∃ n, st = RSt n) with "Hhctx Hmt") as %Hat. { naive_solver. }
iSplit; first by eauto 11 using DerefS.
iIntros (? e2 σ2 efs Hst ?) "!> Hcred !>". inv_expr_step.
iSplit => //. unfold end_st, end_expr.
@@ -987,11 +989,11 @@ Proof.
iIntros (? Hl1 Hl2 Hly1 Hly2 Hvo Hve Hlen1 Hlen2 Hneq) "#CTX Hc Hp Hl1 Hl2 HΦ".
iApply (wp_lift_expr_step_credits with "CTX Hc Hp"); auto.
iIntros (σ1) "((%&Hhctx&?)&Hfctx)".
- iDestruct (heap_mapsto_is_alloc with "Hl1") as %Haid1.
- iDestruct (heap_mapsto_is_alloc with "Hl2") as %Haid2.
+ iDestruct (heap_pointsto_is_alloc with "Hl1") as %Haid1.
+ iDestruct (heap_pointsto_is_alloc with "Hl2") as %Haid2.
move: (Hvo) (Hve) => /val_to_Z_ot_length ? /val_to_Z_ot_length ?.
- iDestruct (heap_mapsto_lookup_q (λ st : lock_state, ∃ n : nat, st = RSt n) with "Hhctx Hl1") as %? => //. { naive_solver. }
- iDestruct (heap_mapsto_lookup_1 (λ st : lock_state, st = RSt 0%nat) with "Hhctx Hl2") as %? => //.
+ iDestruct (heap_pointsto_lookup_q (λ st : lock_state, ∃ n : nat, st = RSt n) with "Hhctx Hl1") as %? => //. { naive_solver. }
+ iDestruct (heap_pointsto_lookup_1 (λ st : lock_state, st = RSt 0%nat) with "Hhctx Hl2") as %? => //.
iModIntro. iSplit; first by eauto 15 using CasFailS.
iIntros (? e2 σ2 efs Hst ?) "!> Hcred Hc". inv_expr_step;
@@ -1019,11 +1021,11 @@ Proof.
iIntros (Hl1 Hl2 Hly1 Hly2 Hvo Hve Hlen1 Hlen2 Hneq) "Hl1 Hl2 HΦ".
iApply wp_lift_expr_step; auto.
iIntros (σ1) "((%&Hhctx&?)&Hfctx)".
- iDestruct (heap_mapsto_is_alloc with "Hl1") as %Haid1.
- iDestruct (heap_mapsto_is_alloc with "Hl2") as %Haid2.
+ iDestruct (heap_pointsto_is_alloc with "Hl1") as %Haid1.
+ iDestruct (heap_pointsto_is_alloc with "Hl2") as %Haid2.
move: (Hvo) (Hve) => /val_to_Z_ot_length ? /val_to_Z_ot_length ?.
- iDestruct (heap_mapsto_lookup_q (λ st : lock_state, ∃ n : nat, st = RSt n) with "Hhctx Hl1") as %? => //. { naive_solver. }
- iDestruct (heap_mapsto_lookup_1 (λ st : lock_state, st = RSt 0%nat) with "Hhctx Hl2") as %? => //.
+ iDestruct (heap_pointsto_lookup_q (λ st : lock_state, ∃ n : nat, st = RSt n) with "Hhctx Hl1") as %? => //. { naive_solver. }
+ iDestruct (heap_pointsto_lookup_1 (λ st : lock_state, st = RSt 0%nat) with "Hhctx Hl2") as %? => //.
iModIntro. iSplit; first by eauto 15 using CasFailS.
iIntros (? e2 σ2 efs Hst ?) "!> Hcred". inv_expr_step;
have ? : (vo = vo0) by [apply: heap_lookup_loc_inj_val => //; congruence];
@@ -1053,11 +1055,11 @@ Proof.
iIntros (? Hl1 Hl2 Hly1 Hly2 Hvo Hve Hlen1 Hlen2 Hneq) "#CTX Hc Hp Hl1 Hl2 HΦ".
iApply (wp_lift_expr_step_credits with "CTX Hc Hp"); auto.
iIntros (σ1) "((%&Hhctx&?)&Hfctx)".
- iDestruct (heap_mapsto_is_alloc with "Hl1") as %Haid1.
- iDestruct (heap_mapsto_is_alloc with "Hl2") as %Haid2.
+ iDestruct (heap_pointsto_is_alloc with "Hl1") as %Haid1.
+ iDestruct (heap_pointsto_is_alloc with "Hl2") as %Haid2.
move: (Hvo) (Hve) => /val_to_Z_ot_length ? /val_to_Z_ot_length ?.
- iDestruct (heap_mapsto_lookup_1 (λ st : lock_state, st = RSt 0%nat) with "Hhctx Hl1") as %? => //.
- iDestruct (heap_mapsto_lookup_q (λ st : lock_state, ∃ n : nat, st = RSt n) with "Hhctx Hl2") as %? => //. { naive_solver. }
+ iDestruct (heap_pointsto_lookup_1 (λ st : lock_state, st = RSt 0%nat) with "Hhctx Hl1") as %? => //.
+ iDestruct (heap_pointsto_lookup_q (λ st : lock_state, ∃ n : nat, st = RSt n) with "Hhctx Hl2") as %? => //. { naive_solver. }
iModIntro. iSplit; first by eauto 15 using CasSucS.
iIntros (? e2 σ2 efs Hst ?) "!> Hcred Hc". inv_expr_step;
have ? : (ve = ve0) by [apply: heap_lookup_loc_inj_val => //; congruence];
@@ -1084,11 +1086,11 @@ Proof.
iIntros (Hl1 Hl2 Hly1 Hly2 Hvo Hve Hlen1 Hlen2 Hneq) "Hl1 Hl2 HΦ".
iApply wp_lift_expr_step; auto.
iIntros (σ1) "((%&Hhctx&?)&Hfctx)".
- iDestruct (heap_mapsto_is_alloc with "Hl1") as %Haid1.
- iDestruct (heap_mapsto_is_alloc with "Hl2") as %Haid2.
+ iDestruct (heap_pointsto_is_alloc with "Hl1") as %Haid1.
+ iDestruct (heap_pointsto_is_alloc with "Hl2") as %Haid2.
move: (Hvo) (Hve) => /val_to_Z_ot_length ? /val_to_Z_ot_length ?.
- iDestruct (heap_mapsto_lookup_1 (λ st : lock_state, st = RSt 0%nat) with "Hhctx Hl1") as %? => //.
- iDestruct (heap_mapsto_lookup_q (λ st : lock_state, ∃ n : nat, st = RSt n) with "Hhctx Hl2") as %? => //. { naive_solver. }
+ iDestruct (heap_pointsto_lookup_1 (λ st : lock_state, st = RSt 0%nat) with "Hhctx Hl1") as %? => //.
+ iDestruct (heap_pointsto_lookup_q (λ st : lock_state, ∃ n : nat, st = RSt n) with "Hhctx Hl2") as %? => //. { naive_solver. }
iModIntro. iSplit; first by eauto 15 using CasSucS.
iIntros (? e2 σ2 efs Hst ?) "!> Hcred". inv_expr_step;
have ? : (ve = ve0) by [apply: heap_lookup_loc_inj_val => //; congruence];
@@ -1259,7 +1261,7 @@ Proof.
iIntros "!>" (v' Hv') "Hcred". iMod "HE". iModIntro. iFrame.
inversion Hv'; simplify_eq.
case_bool_decide.
- { rewrite Hprov. iApply ("HΦ" with "[] Hcred"). iApply heap_mapsto_prov_none_nil; done. }
+ { rewrite Hprov. iApply ("HΦ" with "[] Hcred"). iApply heap_pointsto_prov_none_nil; done. }
exfalso. match goal with H : ¬ (valid_ptr _ _) |- _ => apply H end.
rewrite Hprov. split; right; done.
Qed.
@@ -1337,7 +1339,7 @@ Proof.
{ iIntros (? vt). split.
- by inversion 1.
- intros ->. econstructor; [done | | done].
- rewrite /erase_prov /has_layout_val fmap_length //. }
+ rewrite /erase_prov /has_layout_val length_fmap //. }
eauto.
Qed.
@@ -1973,14 +1975,14 @@ Proof.
iApply (wp_wand with "HT").
iIntros (v0) "HT". iPoseProof ("IH" $! (vs ++ [v0]) (previous_mems ++ [(Some s, ly)]) with "[] [] [HT]") as "HT".
{ done. }
- { rewrite /field_names. rewrite omap_app !app_length/=. rewrite Heq//. }
+ { rewrite /field_names. rewrite omap_app !length_app/=. rewrite Heq//. }
{ rewrite -app_assoc. simpl. done. }
simpl.
rewrite pad_struct_snoc_Some; done.
- simpl. iApply wp_value.
iPoseProof ("IH" $! (vs) (previous_mems ++ [(None, ly)]) field_specs with "[] [] [HT]") as "HT".
{ done. }
- { rewrite /field_names omap_app !app_length/=. rewrite Nat.add_0_r. done. }
+ { rewrite /field_names omap_app !length_app/=. rewrite Nat.add_0_r. done. }
{ simpl. rewrite -app_assoc. done. }
simpl. rewrite pad_struct_snoc_None; done.
Qed.
@@ -2011,7 +2013,7 @@ Proof.
iIntros (Halg) "Hinit".
iApply wp_struct_init; first done.
apply use_struct_layout_alg_inv in Halg as (mems & Halg & Hfields).
- efeed pose proof struct_layout_alg_has_fields as Hmems; first apply Halg.
+ opose proof* struct_layout_alg_has_fields as Hmems; first apply Halg.
move: Hfields Hmems. clear Halg.
generalize (sls_fields sls) as fields => fields.
rewrite /sl_has_members.
@@ -2273,7 +2275,7 @@ Proof.
iApply wp_alloc_failed.
}
iMod (heap_alloc_new_block_upd with "[$Hhctx $Hactx]") as "(Hctx & Hlv & Hlf)" => //.
- rewrite replicate_length.
+ rewrite length_replicate.
iDestruct ("Hwp" with "Hlv Hlf [//]") as "Hpost".
iModIntro. iSplit => //.
iFrame "Hctx Hfctx". iApply wp_value. iApply ("Hpost" with "Hcred Hc").
@@ -2297,7 +2299,7 @@ Proof.
iApply wp_alloc_failed.
}
iMod (heap_alloc_new_block_upd with "[$Hhctx $Hactx]") as "(Hctx & Hlv & Hlf)" => //.
- rewrite replicate_length.
+ rewrite length_replicate.
iDestruct ("Hwp" with "Hlv Hlf [//]") as "Hpost".
iModIntro. iSplit => //.
iFrame "Hctx Hfctx". iApply wp_value. iApply ("Hpost" with "Hcred").
@@ -2376,7 +2378,7 @@ Lemma wp_call_credits vf vl f fn Φ n m :
) -∗
WP (Call (Val vf) (Val <$> vl)) {{ Φ }}.
Proof.
- move => Hf Hly. move: (Hly) => /Forall2_length. rewrite fmap_length => Hlen_vs.
+ move => Hf Hly. move: (Hly) => /Forall2_length. rewrite length_fmap => Hlen_vs.
iIntros "#TIME Hc Hp Hf HWP". iApply (wp_lift_expr_step_credits with "TIME Hc Hp"); [done.. | ].
iIntros (σ1) "((%&Hhctx&Hbctx)&Hfctx)".
iDestruct (fntbl_entry_lookup with "Hfctx Hf") as %[a [? Hfn]]; subst. iModIntro.
@@ -2395,7 +2397,7 @@ Proof.
iFrame.
iDestruct ("HWP" $! lsa lsv with "[//] Hla [Hlv] Hcred Hc") as "Ha". {
rewrite big_sepL2_fmap_r. iApply (big_sepL2_mono with "Hlv") => ??? ?? /=.
- iIntros "?". iExists _. iFrame. iPureIntro. split; first by apply replicate_length.
+ iIntros "?". iExists _. iFrame. iPureIntro. split; first by apply length_replicate.
apply: Forall2_lookup_lr. 2: done. 1: done. rewrite list_lookup_fmap. apply fmap_Some. naive_solver.
}
iApply fupd_wp. iMod "Ha" as (Ψ') "(HQinit & HΨ')". iModIntro.
@@ -2411,9 +2413,9 @@ Proof.
iDestruct "Ha" as "[% Ha]". iDestruct "Hv" as "[% Hv]".
iDestruct "Hfree_a" as "[% Hfree_a]". iDestruct "Hfree_v" as "[% Hfree_v]".
rewrite !zip_fmap_r !big_sepL_fmap/=. iFrame.
- setoid_rewrite replicate_length. iFrame.
+ setoid_rewrite length_replicate. iFrame.
iApply (big_sepL_impl' with "Hfree_a").
- { rewrite !zip_with_length !min_l ?fmap_length //; lia. }
+ { rewrite !length_zip_with !min_l ?length_fmap //; lia. }
iIntros (??? [?[v0[?[??]]]]%lookup_zip_with_Some [?[ly0[?[??]]]]%lookup_zip_with_Some) "!> H2"; simplify_eq/=.
have -> : v0 `has_layout_val` ly0.2; last done.
eapply Forall2_lookup_lr; [done..|].
@@ -2440,7 +2442,7 @@ Lemma wp_call vf vl f fn Φ:
) -∗
WP (Call (Val vf) (Val <$> vl)) {{ Φ }}.
Proof.
- move => Hf Hly. move: (Hly) => /Forall2_length. rewrite fmap_length => Hlen_vs.
+ move => Hf Hly. move: (Hly) => /Forall2_length. rewrite length_fmap => Hlen_vs.
iIntros "Hf HWP". iApply wp_lift_expr_step; first done.
iIntros (σ1) "((%&Hhctx&Hbctx)&Hfctx)".
iDestruct (fntbl_entry_lookup with "Hfctx Hf") as %[a [? Hfn]]; subst. iModIntro.
@@ -2458,7 +2460,7 @@ Proof.
iDestruct ("HWP" $! lsa lsv with "[//] Hla [Hlv] Hcred") as (Ψ') "(HQinit & HΨ')". {
rewrite big_sepL2_fmap_r. iApply (big_sepL2_mono with "Hlv") => ??? ?? /=.
- iIntros "?". iExists _. iFrame. iPureIntro. split; first by apply replicate_length.
+ iIntros "?". iExists _. iFrame. iPureIntro. split; first by apply length_replicate.
apply: Forall2_lookup_lr. 2: done. 1: done. rewrite list_lookup_fmap. apply fmap_Some. naive_solver.
}
iFrame. rewrite stmt_wp_eq. iApply "HQinit" => //.
@@ -2472,9 +2474,9 @@ Proof.
iDestruct "Ha" as "[% Ha]". iDestruct "Hv" as "[% Hv]".
iDestruct "Hfree_a" as "[% Hfree_a]". iDestruct "Hfree_v" as "[% Hfree_v]".
rewrite !zip_fmap_r !big_sepL_fmap/=. iFrame.
- setoid_rewrite replicate_length. iFrame.
+ setoid_rewrite length_replicate. iFrame.
iApply (big_sepL_impl' with "Hfree_a").
- { rewrite !zip_with_length !min_l ?fmap_length //; lia. }
+ { rewrite !length_zip_with !min_l ?length_fmap //; lia. }
iIntros (??? [?[v0[?[??]]]]%lookup_zip_with_Some [?[ly0[?[??]]]]%lookup_zip_with_Some) "!> H2"; simplify_eq/=.
have -> : v0 `has_layout_val` ly0.2; last done.
eapply Forall2_lookup_lr; [done..|].
@@ -2512,7 +2514,7 @@ Lemma wps_free Q Ψ s l v_size v_align (n_size n_align : nat) :
WPs (Free (Val v_size) (Val v_align) (val_of_loc l) s) {{ Q, Ψ }}.
Proof.
iIntros (???) "Hl Hf HWP". rewrite !stmt_wp_unfold. iIntros (???) "?". subst.
- iPoseProof (heap_mapsto_layout_has_layout with "Hl") as "%".
+ iPoseProof (heap_pointsto_layout_has_layout with "Hl") as "%".
iApply wp_lift_stmt_step. iIntros (σ) "(Hhctx&Hfctx)".
iMod (heap_free_block_upd with "Hl Hf Hhctx") as (σ') "(%Hf & Hhctx)".
iModIntro. iSplit; first by eauto 10 using FreeS, val_to_of_loc.
@@ -2575,10 +2577,10 @@ Proof.
iIntros ([h1 ?]) "((%&Hhctx&Hfctx)&?) /=". iMod "HWP" as (Hly) "[Hl HWP]".
iApply (fupd_mask_weaken ∅); first set_solver. iIntros "HE".
iDestruct "Hl" as (v' Hlyv' ?) "Hl".
- iDestruct (heap_mapsto_is_alloc with "Hl") as %Haid.
+ iDestruct (heap_pointsto_is_alloc with "Hl") as %Haid.
unfold E. case: Ho => ->.
- iModIntro.
- iDestruct (heap_mapsto_lookup_1 (λ st : lock_state, st = RSt 0%nat) with "Hhctx Hl") as %? => //.
+ iDestruct (heap_pointsto_lookup_1 (λ st : lock_state, st = RSt 0%nat) with "Hhctx Hl") as %? => //.
iSplit; first by eauto 12 using AssignS.
iIntros (? e2 σ2 efs Hstep ?) "Hcred Hat !> !>". inv_stmt_step. unfold end_val.
iMod (heap_write with "Hhctx Hl") as "[$ Hl]" => //; first congruence.
@@ -2613,10 +2615,10 @@ Proof.
iApply wp_lift_stmt_step_fupd. iIntros ([h1 ?]) "((%&Hhctx&Hfctx)&?) /=". iMod "HWP" as (Hly) "[Hl HWP]".
iApply (fupd_mask_weaken ∅); first set_solver. iIntros "HE".
iDestruct "Hl" as (v' Hlyv' ?) "Hl".
- iDestruct (heap_mapsto_is_alloc with "Hl") as %Haid.
+ iDestruct (heap_pointsto_is_alloc with "Hl") as %Haid.
unfold E. case: Ho => ->.
- iModIntro.
- iDestruct (heap_mapsto_lookup_1 (λ st : lock_state, st = RSt 0%nat) with "Hhctx Hl") as %? => //.
+ iDestruct (heap_pointsto_lookup_1 (λ st : lock_state, st = RSt 0%nat) with "Hhctx Hl") as %? => //.
iSplit; first by eauto 12 using AssignS.
iIntros (? e2 σ2 efs Hstep ?) "Hcred !> !>". inv_stmt_step. unfold end_val.
iMod (heap_write with "Hhctx Hl") as "[$ Hl]" => //; first congruence.
diff --git a/theories/caesium/loc.v b/theories/caesium/loc.v
index a559791abdadebcc3c893ce124f3875976299e0d..807a354ebe47b3e3bd5eca8ff109d03fb13cfe62 100644
--- a/theories/caesium/loc.v
+++ b/theories/caesium/loc.v
@@ -98,7 +98,7 @@ Lemma shift_loc_inj1 l1 l2 n : l1 +ₗ n = l2 +ₗ n → l1 = l2.
Proof. destruct l1, l2. case => -> ?. f_equal. lia. Qed.
Global Instance shift_loc_inj2 l : Inj (=) (=) (shift_loc l).
-Proof. destruct l as [b o]; intros n n' [=?]; lia. Qed.
+Proof. destruct l as [b o]; intros n n' H; inversion H; lia. Qed.
Lemma shift_loc_block l n : (l +â‚— n).1 = l.1.
Proof. done. Qed.
diff --git a/theories/caesium/syntypes.v b/theories/caesium/syntypes.v
index c5b7f69eb1c63e4a993868d1585f9ecc55389750..da1961d31ec1c46c31510c35e4eb9262a02bfc66 100644
--- a/theories/caesium/syntypes.v
+++ b/theories/caesium/syntypes.v
@@ -43,7 +43,7 @@ Proof.
- destruct vs as [ | v vs].
{ apply Forall2_nil_inv_l in Hf. naive_solver. }
apply Forall2_cons_inv in Hf as (Hlen & Hf).
- simpl. rewrite app_length Hlen.
+ simpl. rewrite length_app Hlen.
rewrite IH; done.
Qed.
@@ -150,7 +150,7 @@ Ltac unsafe_unfold_common_caesium_defs :=
Definition I2v_def (z : Z) (I : IntType) : val := i2v z I.
Definition I2v_aux z I : seal (I2v_def z I). Proof. by eexists. Qed.
Definition I2v z I : val := (I2v_aux z I).(unseal).
-Definition I2v_unfold z I : I2v z I = i2v z I := (I2v_aux z I).(seal_eq).
+Definition I2v_unfold z I : I2v z I = i2v z I := (I2v_aux z I).(seal_eq).
(** Rust repr options *)
Inductive struct_repr :=
@@ -1530,7 +1530,7 @@ Proof.
inversion IH as [ | ?? Hst IH1]; subst.
apply Forall2_cons_inv_l in Hfields as ([n' ly] & fields' & [<- Hst'] & Hfields & ->).
apply Hst in Hst' as (ot & Hot & <-).
- efeed pose proof (IH') as Ha; [done.. | ].
+ opose proof* (IH') as Ha; [done.. | ].
destruct Ha as (ots & Hots').
exists (ot :: ots). econstructor; done.
}
@@ -1671,5 +1671,3 @@ Lemma syn_type_size_eq_refl `{!LayoutAlg} st :
Proof.
intros ly1 ly2 ? ?. assert (ly1 = ly2) as <- by by eapply syn_type_has_layout_inj. done.
Qed.
-
-
diff --git a/theories/caesium/tactics.v b/theories/caesium/tactics.v
index 162169be57e6f34f124938eb6b5649ebb4cd7682..a8c9260b2441bb951117f6069c2463272e57cd89 100644
--- a/theories/caesium/tactics.v
+++ b/theories/caesium/tactics.v
@@ -39,7 +39,7 @@ Inductive expr :=
| LocInfoE (a : location_info) (e : expr)
| StructInit (sls : struct_layout_spec) (fs : list (string * expr))
| EnumInit (els : enum_layout_spec) (variant : var_name) (ty : rust_type) (e : expr)
-| MacroE (m : list lang.expr → lang.expr) (es : list expr) (wf : MacroWfSubst m)
+| MacroE (m : list lang.expr → lang.expr) (es : list expr) (well_founded : MacroWfSubst m)
| Borrow (m : mutability) (κn : string) (ty : option rust_type) (e : expr)
| Box (st : syn_type)
(* for opaque expressions*)
@@ -79,7 +79,7 @@ Lemma expr_ind (P : expr → Prop) :
(∀ (a : location_info) (e : expr), P e → P (LocInfoE a e)) →
(∀ (ly : struct_layout_spec) (fs : list (string * expr)), Forall P fs.*2 → P (StructInit ly fs)) →
(∀ (els : enum_layout_spec) (variant : var_name) (ty : rust_type) (e : expr), P e → P (EnumInit els variant ty e)) →
- (∀ (m : list lang.expr → lang.expr) (es : list expr) (wf : MacroWfSubst m), Forall P es → P (MacroE m es wf)) →
+ (∀ (m : list lang.expr → lang.expr) (es : list expr) (well_founded : MacroWfSubst m), Forall P es → P (MacroE m es well_founded)) →
(∀ (m : mutability) (ty : option rust_type) (κn : string) (e : expr), P e → P (Borrow m κn ty e)) →
(∀ (st : syn_type), P (Box st)) →
(∀ (e : lang.expr), P (Expr e)) → ∀ (e : expr), P e.
@@ -687,7 +687,7 @@ Fixpoint subst_l (xs : list (var_name * val)) (e : expr) : expr :=
| EnumData els variant e => EnumData els variant (subst_l xs e)
| OffsetOf s m => OffsetOf s m
| OffsetOfUnion ul m => OffsetOfUnion ul m
- | MacroE m es wf => MacroE m (subst_l xs <$> es) wf
+ | MacroE m es well_founded => MacroE m (subst_l xs <$> es) well_founded
| Borrow m κn ty e => Borrow m κn ty (subst_l xs e)
| Box st => Box st
| Expr e => Expr (lang.subst_l xs e)
diff --git a/theories/caesium/time.v b/theories/caesium/time.v
index 835449f2a5e288f5a87fe4ae97edb2f7d1244543..97469edcf4c8aff29e88cc522204de4788bbb9a2 100644
--- a/theories/caesium/time.v
+++ b/theories/caesium/time.v
@@ -160,7 +160,7 @@ Section time.
iDestruct (own_valid_2 with "Hm0 Hm") as %?%mono_nat_both_valid.
iDestruct (own_valid_2 with "Hm'0 Hm'")
as %[?%nat_included _]%auth_both_valid_discrete.
- iModIntro. iFrame. iSplitL; auto with iFrame lia.
+ iModIntro. iFrame. iPureIntro. lia.
Qed.
End time.
diff --git a/theories/caesium/val.v b/theories/caesium/val.v
index 234b7d1fb48644f90cec52d46eceb6f14ab96838..a58ebbba7e708c2cbc9b386f20185489890c8e90 100644
--- a/theories/caesium/val.v
+++ b/theories/caesium/val.v
@@ -67,7 +67,7 @@ Global Typeclasses Opaque NULL.
Lemma val_of_loc_n_length n l:
length (val_of_loc_n n l) = n.
Proof.
- by rewrite /val_of_loc_n fmap_length rev_length seq_length.
+ by rewrite /val_of_loc_n length_fmap length_rev length_seq.
Qed.
Lemma val_to_of_loc_n n l:
@@ -144,7 +144,7 @@ Definition val_to_Z (v : val) (it : int_type) : option Z :=
Definition val_to_byte_prov (v : val) : option alloc_id :=
if v is MByte _ (Some p) :: _ then
- guard (Forall (λ e, Is_true (if e is MByte _ (Some p') then bool_decide (p = p') else false)) v); Some p
+ guard (Forall (λ e, Is_true (if e is MByte _ (Some p') then bool_decide (p = p') else false)) v);; Some p
else None.
Definition provs_in_bytes (v : val) : list alloc_id :=
@@ -198,7 +198,7 @@ Lemma i2v_length n it: length (i2v n it) = bytes_per_int it.
Proof.
rewrite /i2v. destruct (val_of_Z n it None) eqn:Heq.
- by apply val_of_Z_length in Heq.
- - by rewrite replicate_length.
+ - by rewrite length_replicate.
Qed.
Lemma val_to_Z_length v it z:
@@ -293,7 +293,7 @@ Lemma val_of_Z_go_to_prov z n p :
val_to_byte_prov (val_of_Z_go z n p) = p.
Proof.
destruct n as [|n] => // _. destruct p as [a|] => //.
- rewrite /val_to_byte_prov/=. case_option_guard as Hf => //.
+ rewrite /val_to_byte_prov/=. case_guard as Hf => //.
contradict Hf. constructor; [by eauto|].
move: (z `div` byte_modulus) => {}z.
elim: n z => /=; eauto.
@@ -477,7 +477,7 @@ Qed.
Lemma erase_prov_length v :
length (erase_prov v) = length v.
Proof.
- rewrite /erase_prov fmap_length //.
+ rewrite /erase_prov length_fmap //.
Qed.
Lemma val_to_Z_go_erase_prov v z :
val_to_Z_go v = Some z →
diff --git a/theories/lithium/Z_bitblast.v b/theories/lithium/Z_bitblast.v
index f3247b45096ccfff36ed232dc089615b1a06a3c9..a24d4a5f51afcb0c17efcbcec1cd6a30cef02959 100644
--- a/theories/lithium/Z_bitblast.v
+++ b/theories/lithium/Z_bitblast.v
@@ -62,7 +62,7 @@ Proof. eauto. Qed.
(** TODO: replace this with [do [ tac ] in H] from ssreflect? *)
Tactic Notation "tactic" tactic3(tac) "in" ident(H) :=
let H' := fresh in
- unshelve epose proof (tac_tactic_in_hyp _ _ H _) as H'; [shelve|
+ unshelve opose proof* (tac_tactic_in_hyp _ _ H _) as H'; [shelve|
tac; let H := fresh H in intros H; exact H |];
clear H; rename H' into H.
@@ -516,10 +516,8 @@ Tactic Notation "bitblast" ident(H) :=
tactic bitblast_bool_decide_simplify in H.
Tactic Notation "bitblast" ident(H) "with" constr(i) "as" ident(H') :=
lazymatch type of H with
- (* We cannot use [efeed pose proof] since this causes weird failures
- in combination with [Set Mangle Names]. *)
- | @eq Z _ _ => pose proof (Z_bits_inj'' _ _ H i) as H'; efeed specialize H'; [try bitblast_done..|]
- | ∀ x, _ => pose proof (H i) as H'; efeed specialize H'; [try bitblast_done..|]
+ | @eq Z _ _ => opose proof* (Z_bits_inj'' _ _ H i); [try bitblast_done..|]
+ | ∀ x, _ => opose proof* (H i); [try bitblast_done..|]
end; bitblast H'.
Tactic Notation "bitblast" ident(H) "with" constr(i) :=
let H' := fresh "H" in bitblast H with i as H'.
diff --git a/theories/lithium/base.v b/theories/lithium/base.v
index bd731143d033735055d361d77abdf7071ef0f468..6d5145027b5e0aa73478e56f243c1c4db726e4d7 100644
--- a/theories/lithium/base.v
+++ b/theories/lithium/base.v
@@ -13,16 +13,11 @@ Export RecordSetNotations.
Set Default Proof Using "Type".
-Export Unset Program Cases.
-Export Set Keyed Unification.
+#[export] Unset Program Cases.
+#[export] Set Keyed Unification.
+#[export] Unset Automatic Proposition Inductives.
-(* We always annotate hints with locality ([Global] or [Local]). This enforces
-that at least global hints are annotated. *)
-Export Set Warnings "+deprecated-hint-without-locality".
-Export Set Warnings "+deprecated-hint-rewrite-without-locality".
-Export Set Warnings "+deprecated-typeclasses-transparency-without-locality".
-
-Export Set Default Goal Selector "!".
+#[export] Set Default Goal Selector "!".
(* ensure that set from RecordUpdate simplifies when it is applied to a concrete value *)
Global Arguments set _ _ _ _ _ !_ /.
@@ -51,6 +46,56 @@ Notation "'[@{' A '}' ]" := (@nil A) (only parsing) : list_scope.
(** More automation for modular arithmetics. *)
Ltac Zify.zify_post_hook ::= Z.to_euclidean_division_equations.
+(* We remove a lot of cases from
+Z.euclidean_division_equations_cleanup since they cause significant
+slowdowns (e.g. around 200% slowdown in kvm_set_valid_leaf_pte) *)
+Ltac Z.euclidean_division_equations_cleanup ::=
+ repeat
+ (repeat match goal with
+ | [ H : 0 <= ?x < _ |- _ ] => destruct H
+ end;
+ repeat match goal with
+ | [ H : ?x <> ?x -> _ |- _ ] => clear H
+ | [ H : ?x < ?x -> _ |- _ ] => clear H
+ (* | [ H : ?T -> _, H' : ~?T |- _ ] => clear H *)
+ (* | [ H : ~?T -> _, H' : ?T |- _ ] => clear H *)
+ | [ H : ?A -> ?x <> ?x -> _ |- _ ] => clear H
+ | [ H : ?A -> ?x < ?x -> _ |- _ ] => clear H
+ (* | [ H : ?A -> ?B -> _, H' : ~?B |- _ ] => clear H *)
+ (* | [ H : ?A -> ~?B -> _, H' : ?B |- _ ] => clear H *)
+ (* | [ H : 0 < ?x -> _, H' : ?x < 0 |- _ ] => clear H *)
+ (* | [ H : ?x < 0 -> _, H' : 0 < ?x |- _ ] => clear H *)
+ (* | [ H : ?A -> 0 < ?x -> _, H' : ?x < 0 |- _ ] => clear H *)
+ (* | [ H : ?A -> ?x < 0 -> _, H' : 0 < ?x |- _ ] => clear H *)
+ (* | [ H : 0 <= ?x -> _, H' : ?x < 0 |- _ ] => clear H *)
+ (* | [ H : ?x <= 0 -> _, H' : 0 < ?x |- _ ] => clear H *)
+ (* | [ H : ?A -> 0 <= ?x -> _, H' : ?x < 0 |- _ ] => clear H *)
+ (* | [ H : ?A -> ?x <= 0 -> _, H' : 0 < ?x |- _ ] => clear H *)
+ (* | [ H : 0 < ?x -> _, H' : ?x <= 0 |- _ ] => clear H *)
+ (* | [ H : ?x < 0 -> _, H' : 0 <= ?x |- _ ] => clear H *)
+ (* | [ H : ?A -> 0 < ?x -> _, H' : ?x <= 0 |- _ ] => clear H *)
+ (* | [ H : ?A -> ?x < 0 -> _, H' : 0 <= ?x |- _ ] => clear H *)
+ (* | [ H : ?x < ?y -> _, H' : ?x = ?y |- _ ] => clear H *)
+ (* | [ H : ?x < ?y -> _, H' : ?y = ?x |- _ ] => clear H *)
+ (* | [ H : ?A -> ?x < ?y -> _, H' : ?x = ?y |- _ ] => clear H *)
+ (* | [ H : ?A -> ?x < ?y -> _, H' : ?y = ?x |- _ ] => clear H *)
+ (* | [ H : ?x = ?y -> _, H' : ?x < ?y |- _ ] => clear H *)
+ (* | [ H : ?x = ?y -> _, H' : ?y < ?x |- _ ] => clear H *)
+ (* | [ H : ?A -> ?x = ?y -> _, H' : ?x < ?y |- _ ] => clear H *)
+ (* | [ H : ?A -> ?x = ?y -> _, H' : ?y < ?x |- _ ] => clear H *)
+ end;
+ repeat match goal with
+ | [ H : ?x = ?x -> ?Q |- _ ] => specialize (H eq_refl)
+ (* | [ H : ?T -> ?Q, H' : ?T |- _ ] => specialize (H H') *)
+ | [ H : ?A -> ?x = ?x -> ?Q |- _ ] => specialize (fun a => H a eq_refl)
+ (* | [ H : ?A -> ?B -> ?Q, H' : ?B |- _ ] => specialize (fun a => H a H') *)
+ (* | [ H : 0 <= ?x -> ?Q, H' : ?x <= 0 |- _ ] => specialize (fun pf => H (@Z.eq_le_incl 0 x (eq_sym pf))) *)
+ (* | [ H : ?A -> 0 <= ?x -> ?Q, H' : ?x <= 0 |- _ ] => specialize (fun a pf => H a (@Z.eq_le_incl 0 x (eq_sym pf))) *)
+ (* | [ H : ?x <= 0 -> ?Q, H' : 0 <= ?x |- _ ] => specialize (fun pf => H (@Z.eq_le_incl 0 x pf)) *)
+ (* | [ H : ?A -> ?x <= 0 -> ?Q, H' : 0 <= ?x |- _ ] => specialize (fun a pf => H a (@Z.eq_le_incl x 0 pf)) *)
+ end).
+
+
(** * tactics *)
Lemma rel_to_eq {A} (R : A → A → Prop) `{!Reflexive R} x y:
x = y → R x y.
@@ -147,8 +192,7 @@ Ltac evalZ :=
Create HintDb simplify_length discriminated.
-Global Hint Rewrite rev_length app_length @take_length @drop_length @cons_length @nil_length : simplify_length.
-Global Hint Rewrite @insert_length : simplify_length.
+Global Hint Rewrite length_rev @length_app @length_take @length_drop @length_cons @length_nil @length_insert : simplify_length.
Ltac simplify_length :=
autorewrite with simplify_length.
@@ -156,7 +200,7 @@ Ltac saturate_list_lookup :=
repeat match goal with
| H : @lookup _ _ _ list_lookup ?l ?i = Some _ |- _ =>
let H' := fresh "H" in
- pose proof (lookup_lt_Some _ _ _ H) as H';
+ opose proof* (lookup_lt_Some _ _ _ H) as H';
tactic simplify_length in H';
lazymatch type of H' with
| ?T => assert_fails (clear H'; assert T by lia)
@@ -312,7 +356,7 @@ Proof.
Qed.
Lemma list_elem_of_insert2' {A} (l : list A) i (x1 x2 x3 : A) :
l !! i = Some x3 → x1 ∈ l → x1 ≠x3 → x1 ∈ <[i:=x2]> l.
-Proof. move => ???. efeed pose proof (list_elem_of_insert2 (A:=A)) as Hi; naive_solver. Qed.
+Proof. move => ???. opose proof* (list_elem_of_insert2 (A:=A)) as Hi; naive_solver. Qed.
Lemma list_fmap_ext' {A B} f (g : A → B) (l1 l2 : list A) :
(∀ x, x ∈ l1 → f x = g x) → l1 = l2 → f <$> l1 = g <$> l2.
@@ -369,7 +413,7 @@ Proof.
elim: i l.
- move => [] //=??[->]. rewrite !filter_cons. by repeat (case_decide; case_bool_decide) => //=; lia.
- move => i IH [|? l]//=?. rewrite !filter_cons. case_decide => //=; rewrite IH // Nat.sub_succ_l //.
- repeat case_bool_decide => //; try lia. feed pose proof (length_filter_gt P l x') => //; try lia.
+ repeat case_bool_decide => //; try lia. opose proof* (length_filter_gt P l x') => //; try lia.
by apply: elem_of_list_lookup_2.
Qed.
@@ -395,10 +439,6 @@ Proof.
do 2 case_match => //=; rewrite IH // => i ??; by apply: (Hx (S i)).
Qed.
-Lemma join_length {A} (l : list (list A)) :
- length (mjoin l) = sum_list (length <$> l).
-Proof. elim: l => // ?? IH; csimpl. rewrite app_length IH //. Qed.
-
Lemma sum_list_eq l1 l2:
Forall2 eq l1 l2 →
sum_list l1 = sum_list l2.
@@ -409,7 +449,7 @@ Lemma reshape_join {A} szs (ls : list (list A)) :
reshape szs (mjoin ls) = ls.
Proof.
revert ls. induction szs as [|sz szs IH]; simpl; intros ls; [by inversion 1|].
- intros (?&?&?&?&?)%Forall2_cons_inv_r; simplify_eq/=. rewrite take_app drop_app. f_equal.
+ intros (?&?&?&?&?)%Forall2_cons_inv_r; simplify_eq/=. rewrite take_app_length drop_app_length. f_equal.
naive_solver.
Qed.
@@ -524,9 +564,9 @@ Section list_subequiv.
list_subequiv ig (<[j := x]>l1) l2 ↔ list_subequiv ig l1 l2.
Proof.
unfold list_subequiv. move => ?. split => Hs i; move: (Hs i) => [<- H].
- - split; first by rewrite insert_length. move => ?.
+ - split; first by rewrite length_insert. move => ?.
rewrite -H; last done. rewrite list_lookup_insert_ne; naive_solver.
- - split; first by rewrite insert_length. move => ?.
+ - split; first by rewrite length_insert. move => ?.
rewrite list_lookup_insert_ne; naive_solver.
Qed.
@@ -545,9 +585,9 @@ Section list_subequiv.
Proof.
move => ??. unfold list_subequiv. split.
- move => Hs. move: (Hs j) => [<- <-]//. rewrite list_lookup_insert //. split => // i.
- rewrite insert_length. split => // Hi. move: (Hs i) => [? <-];[|set_solver].
+ rewrite length_insert. split => // Hi. move: (Hs i) => [? <-];[|set_solver].
rewrite list_lookup_insert_ne //. set_solver.
- - rewrite insert_length. move => [? Hs] i. split; first by move: (Hs 0) => [? _]//.
+ - rewrite length_insert. move => [? Hs] i. split; first by move: (Hs 0) => [? _]//.
case: (decide (i = j)) => [->|?].
+ by rewrite list_lookup_insert.
+ rewrite list_lookup_insert_ne//. move: (Hs i) => [? H]// ?. apply H. set_solver.
@@ -557,9 +597,9 @@ Section list_subequiv.
list_subequiv ig (l1 ++ l3) (l2 ++ l3) ↔ list_subequiv ig l1 l2.
Proof.
rewrite /list_subequiv. split => H i; move: (H i) => [Hlen Hlookup].
- - rewrite app_length app_length in Hlen. split; first by lia.
+ - rewrite length_app length_app in Hlen. split; first by lia.
move => /Hlookup. apply lookup_eq_app_r. by lia.
- - split; first by rewrite app_length app_length Hlen.
+ - split; first by rewrite length_app length_app Hlen.
move => /Hlookup. apply lookup_eq_app_r. by lia.
Qed.
@@ -568,7 +608,7 @@ Section list_subequiv.
list_subequiv ig (f <$> l1) (f <$> l2).
Proof.
move => Hs i. move: (Hs 0%nat) => [Hlen _].
- do 2 rewrite fmap_length. split => // ?. rewrite !list_lookup_fmap.
+ do 2 rewrite length_fmap. split => // ?. rewrite !list_lookup_fmap.
f_equal. move: (Hs i) => [_ ?]. naive_solver.
Qed.
@@ -592,7 +632,7 @@ Section list_subequiv.
- move => Hsub. split; apply list_eq => n; move: (Hsub n) => Hn; set_unfold.
+ destruct (decide (n < i)%nat).
* rewrite !lookup_take; by naive_solver lia.
- * rewrite !lookup_ge_None_2 // take_length; lia.
+ * rewrite !lookup_ge_None_2 // length_take; lia.
+ rewrite !lookup_drop. apply Hsub. set_unfold. lia.
- move => [Ht Hd] n. split; first done.
move => ?. have ? : (n ≠i) by set_solver.
@@ -626,7 +666,7 @@ Section sep_list.
destruct (lookup_lt_is_Some_2 l i Hl) as [y Hy].
rewrite big_sepL_delete; [| by apply list_lookup_insert].
rewrite insert_take_drop // -{3}(take_drop_middle l i y) // !big_sepL_app /=.
- do 3 f_equiv. rewrite take_length. case_decide => //. lia.
+ do 3 f_equiv. rewrite length_take. case_decide => //. lia.
Qed.
Lemma big_sepL_impl' {B} Φ (Ψ : _ → B → _) (l1 : list A) (l2 : list B) :
@@ -654,7 +694,7 @@ End sep_list.
iIntros (Hlen1 Hlen2) "Hl #Himpl".
rewrite !big_sepL2_alt. iDestruct "Hl" as (Hl1) "Hl".
iSplit. { iPureIntro. congruence. }
- iApply (big_sepL_impl' with "Hl"). { rewrite !zip_with_length. lia. }
+ iApply (big_sepL_impl' with "Hl"). { rewrite !length_zip_with. lia. }
iIntros "!>" (k [x1 x2] [y1 y2]).
rewrite !lookup_zip_with_Some.
iDestruct 1 as %(?&?&?&?).
@@ -1029,5 +1069,3 @@ Proof.
Qed.
(* lower priority than rule for constants *)
Global Hint Resolve bitblast_pos_xI | 15 : bitblast.
-
-
diff --git a/theories/lithium/dune b/theories/lithium/dune
index e47bfadb469a725c6ef1b6edc866d469742e0636..4abc5d0b68f588cb3414a7f751a22ec0ff957f13 100644
--- a/theories/lithium/dune
+++ b/theories/lithium/dune
@@ -1,6 +1,6 @@
(coq.theory
(name lithium)
(package refinedrust)
- (flags :standard -w -notation-overridden -w -redundant-canonical-projection)
+ (flags :standard -w -notation-incompatible-prefix -w -redundant-canonical-projection)
(synopsis "Lithium")
(theories stdpp iris RecordUpdate Ltac2))
diff --git a/theories/lithium/instances.v b/theories/lithium/instances.v
index 155213466821bb47ef7960c0f31eae404e64ab55..de755c42a15c5f7f8c328ef6c0e5fe16be43f42e 100644
--- a/theories/lithium/instances.v
+++ b/theories/lithium/instances.v
@@ -89,7 +89,7 @@ Lemma subsume_list_insert_in_ig {Σ} A ig i x (l1 l2 : list A) (f : nat → A
return subsume_list A ig l1 l2 f T.
Proof.
unfold CanSolve => ?. iIntros "Hsub Hl".
- rewrite insert_length. iApply "Hsub".
+ rewrite length_insert. iApply "Hsub".
destruct (decide (i < length l1)%nat). 2: { by rewrite list_insert_ge; [|lia]. }
iDestruct (big_sepL_insert_acc with "Hl") as "[_ Hl]". { by apply: list_lookup_insert. }
have [//|y ?]:= lookup_lt_is_Some_2 l1 i.
@@ -104,10 +104,10 @@ Lemma subsume_list_insert_not_in_ig {Σ} A ig i x (l1 l2 : list A) (f : nat →
exhale ⌜i < length l1âŒ%nat;
{subsume_list A (i :: ig) l1 l2 f};
∀ x2, inhale ⌜l2 !! i = Some x2âŒ;
- (f i x) :> (f i x2);
+ (f i x) :>> (f i x2);
return T.
Proof.
- unfold CanSolve. iIntros (?) "[% Hsub] Hl". rewrite big_sepL_insert // insert_length.
+ unfold CanSolve. iIntros (?) "[% Hsub] Hl". rewrite big_sepL_insert // length_insert.
iDestruct "Hl" as "[Hx Hl]". case_bool_decide => //.
iDestruct ("Hsub" with "[Hl]") as "[% [Hl HT]]". {
iApply (big_sepL_impl with "Hl"). iIntros "!>" (???) "?".
@@ -133,7 +133,7 @@ Lemma subsume_list_cons_l {Σ} A ig (x1 : A) (l1 l2 : list A) (f : nat → A →
subsume_list A ig (x1 :: l1) l2 f T :-
exhale ⌜0 ∉ igâŒ;
∃ x2 l2', exhale ⌜l2 = x2 :: l2'âŒ;
- (f 0%nat x1) :> (f 0%nat x2);
+ (f 0%nat x1) :>> (f 0%nat x2);
{subsume_list A (pred <$> ig) l1 l2' (λ i, f (S i)) T}.
Proof.
iIntros "[% Hs]". iDestruct "Hs" as (???) "Hs". subst.
diff --git a/theories/lithium/normalize.v b/theories/lithium/normalize.v
index 1e36764b4f25db9c7b8a1e3c4dac00e419019404..40fe35a0a9337d257868ba06cbced1ff92e8a7d6 100644
--- a/theories/lithium/normalize.v
+++ b/theories/lithium/normalize.v
@@ -32,7 +32,7 @@ Ltac normalize_autorewrite :=
#[export] Hint Rewrite @drop_0 @take_ge using can_solve : lithium_rewrite.
#[export] Hint Rewrite @take_app_le @drop_app_ge using can_solve : lithium_rewrite.
-#[export] Hint Rewrite @insert_length @app_length @fmap_length @rotate_length @replicate_length @drop_length : lithium_rewrite.
+#[export] Hint Rewrite @length_insert @length_app @length_fmap @length_rotate @length_replicate @length_drop : lithium_rewrite.
#[export] Hint Rewrite <- @fmap_take @fmap_drop : lithium_rewrite.
#[export] Hint Rewrite @list_insert_fold : lithium_rewrite.
#[export] Hint Rewrite @list_insert_insert : lithium_rewrite.
@@ -84,18 +84,18 @@ Proof. done. Qed.
Global Instance normalize_end A (x : A): Normalize false x x | 100.
Proof. done. Qed.
-Lemma normalize_fmap_length A B (f : A → B) l r p `{!Normalize p (length l) r} :
+Lemma normalize_length_fmap A B (f : A → B) l r p `{!Normalize p (length l) r} :
Normalize true (length (f <$> l)) r.
-Proof. by rewrite fmap_length. Qed.
-Global Hint Extern 5 (Normalize _ (length (_ <$> _)) _) => class_apply normalize_fmap_length : typeclass_instances.
+Proof. by rewrite length_fmap. Qed.
+Global Hint Extern 5 (Normalize _ (length (_ <$> _)) _) => class_apply normalize_length_fmap: typeclass_instances.
Lemma normalize_insert_length A i (x : A) l r p `{!Normalize p (length l) r} :
Normalize true (length (<[i:=x]> l)) r.
-Proof. by rewrite insert_length. Qed.
+Proof. by rewrite length_insert. Qed.
Global Hint Extern 5 (Normalize _ (length (<[_:=_]> _)) _) => class_apply normalize_insert_length : typeclass_instances.
Lemma normalize_app_length A (l1 l2 : list A) r1 r2 r3 p1 p2 p3
`{!Normalize p1 (length l1) r1} `{!Normalize p2 (length l2) r2} `{!Normalize p3 (r1 + r2)%nat r3}:
Normalize true (length (l1 ++ l2)) r3.
-Proof. unfold Normalize in *; subst. by rewrite app_length. Qed.
+Proof. unfold Normalize in *; subst. by rewrite length_app. Qed.
Global Hint Extern 5 (Normalize _ (length (_ ++ _)) _) => class_apply normalize_app_length : typeclass_instances.
Lemma normalize_app_assoc A (l1 l2 l3 : list A) r1 r2 p1 p2
`{!Normalize p1 (l2 ++ l3) r1} `{!Normalize p2 (l1 ++ r1) r2}:
@@ -123,11 +123,11 @@ Proof. unfold Normalize in *; subst. by rewrite Nat.sub_0_r. Qed.
Global Hint Extern 5 (Normalize _ (_ - 0)%nat _) => class_apply normalize_minus_n_O : typeclass_instances.
Lemma normalize_rotate_length A n (l : list A) r p `{!Normalize p (length l) r} :
Normalize true (length (rotate n l)) r.
-Proof. by rewrite rotate_length. Qed.
+Proof. by rewrite length_rotate. Qed.
Global Hint Extern 5 (Normalize _ (length (rotate _ _)) _) => class_apply normalize_rotate_length : typeclass_instances.
Lemma normalize_replicate_length A n (l : list A) :
Normalize true (length (replicate n l)) n.
-Proof. by rewrite replicate_length. Qed.
+Proof. by rewrite length_replicate. Qed.
Global Hint Extern 5 (Normalize _ (length (replicate _ _)) _) => class_apply normalize_replicate_length : typeclass_instances.
Ltac normalize_tc :=
diff --git a/theories/lithium/simpl_instances.v b/theories/lithium/simpl_instances.v
index 65edf52aa53499bfb3de549205a962293349256d..c237ef415b66b0e95924dd1ca42d95b4706d47ee 100644
--- a/theories/lithium/simpl_instances.v
+++ b/theories/lithium/simpl_instances.v
@@ -343,7 +343,7 @@ Proof.
unfold IsProtected in * => T. elim: ig l1 l2.
- move => ??/=. move => [??]. naive_solver.
- move => i ig IH l1 l2/= [x /IH [Hi ?]]. split => // i'.
- move: (Hi i') => [<- Hlookup]. rewrite insert_length. split => //.
+ move: (Hi i') => [<- Hlookup]. rewrite length_insert. split => //.
move => Hi'. rewrite -Hlookup ?list_lookup_insert_ne; set_solver.
Qed.
@@ -360,10 +360,10 @@ Global Instance simpl_fmap_app_and {A B} (l : list A) l1 l2 (f : A → B):
Proof.
split.
- move => [Hl1 [Hl2 ?]]; subst. split => //.
- rewrite -Hl1 -fmap_app fmap_length take_length_le ?take_drop //.
- rewrite -Hl1 fmap_length take_length. lia.
+ rewrite -Hl1 -fmap_app length_fmap length_take_le ?take_drop //.
+ rewrite -Hl1 length_fmap length_take. lia.
- move => [/fmap_app_inv [? [? [? [? Hfmap]]]] ?]; subst.
- by rewrite fmap_length take_app drop_app.
+ by rewrite length_fmap take_app_length drop_app_length.
Qed.
Global Instance simpl_fmap_assume_inj_Unsafe {A B} (l1 l2 : list A) (f : A → B) `{!AssumeInj (=) (=) f}:
SimplAndUnsafe (f <$> l1 = f <$> l2) (λ T, l1 = l2 ∧ T).
@@ -376,11 +376,11 @@ Proof.
- move => [n'[?[?[??]]]]; subst. split => //.
have ->: (n = n' + (n - n'))%nat by lia. rewrite replicate_add. do 2 f_equal. lia.
- move => [Hr ?].
- have Hn: (n = length l1 + length l2)%nat by rewrite -(replicate_length n x) -app_length Hr.
- move: Hr. rewrite Hn replicate_add => /app_inj_1[|<- <-]. 1: by rewrite replicate_length.
+ have Hn: (n = length l1 + length l2)%nat by rewrite -(length_replicate n x) -length_app Hr.
+ move: Hr. rewrite Hn replicate_add => /app_inj_1[|<- <-]. 1: by rewrite length_replicate.
exists (length l1). repeat split => //.
- + rewrite !replicate_length. lia.
- + rewrite !replicate_length. f_equal. lia.
+ + rewrite !length_replicate. lia.
+ + rewrite !length_replicate. f_equal. lia.
Qed.
Global Instance simpl_replicate_eq_nil {A} (x : A) n :
@@ -415,7 +415,7 @@ Global Instance simpl_app_r_id {A} (l1 l2 : list A):
Proof.
split.
- move => H. assert (length (l1 ++ l2) = length l2) as Hlen by by rewrite -H.
- rewrite app_length in Hlen. assert (length l1 = 0%nat) by lia. by destruct l1.
+ rewrite length_app in Hlen. assert (length l1 = 0%nat) by lia. by destruct l1.
- by naive_solver.
Qed.
@@ -424,8 +424,8 @@ Global Instance simpl_app_l_id {A} (l1 l2 : list A):
Proof.
split.
- move => H. assert (length (l1 ++ l2) = length l1) as Hlen by by rewrite -H.
- rewrite app_length in Hlen. assert (length l2 = 0%nat) by lia. by destruct l2.
- - move => ->. by rewrite -app_nil_end.
+ rewrite length_app in Hlen. assert (length l2 = 0%nat) by lia. by destruct l2.
+ - move => ->. by rewrite app_nil_r.
Qed.
(* TODO: make something more general *)
diff --git a/theories/lithium/solvers.v b/theories/lithium/solvers.v
index 27dd89ea5cf8e1728b5cd8bb48e1203b2fc18f51..a5c1396cecb2c0fe0bc41524db7862f9d32bc5da 100644
--- a/theories/lithium/solvers.v
+++ b/theories/lithium/solvers.v
@@ -186,7 +186,7 @@ Ltac enrich_context_base :=
| |- context C [ length (filter ?P ?l) ] =>
let G := context C[enrich_marker length (filter P l)] in
change_no_check G;
- pose proof (filter_length P l)
+ pose proof (length_filter P l)
end.
Ltac enrich_context :=
@@ -249,7 +249,7 @@ Module Rep.
Import Ltac2.Printf.
(* Check whether the current goal is a backtracking point *)
- Ltac2 rep_check_backtrack_point (x : unit) : bool :=
+ Ltac2 rep_check_backtrack_point (_ : unit) : bool :=
let tac_res := Control.focus 1 1 (fun _ => Control.case (fun _ => ltac1:(rep_check_backtrack_point_hook))) in
match tac_res with
| Err _ => false
diff --git a/theories/lithium/syntax.v b/theories/lithium/syntax.v
index 4cc5f7b86498346b44b9ee94bd9e80d75919c79b..f399d9bd1f9f87c6ea8b9c9495a0deabe524fcc6 100644
--- a/theories/lithium/syntax.v
+++ b/theories/lithium/syntax.v
@@ -126,8 +126,8 @@ Notation "'accu'" := (li.accu) (in custom lithium at level 0) : lithium_scope.
Notation "'trace' x" := (li.trace x) (in custom lithium at level 0, x constr,
format "'trace' '[' x ']'") : lithium_scope.
-Notation "x :> y" := (li.subsume x y) (in custom lithium at level 0, x constr, y constr,
- format "'[' x ']' :> '[' y ']'") : lithium_scope.
+Notation "x :>> y" := (li.subsume x y) (in custom lithium at level 0, x constr, y constr,
+ format "'[' x ']' :>> '[' y ']'") : lithium_scope.
Notation "'return' x" := (li.ret x) (in custom lithium at level 0, x constr,
format "'return' '[' x ']'") : lithium_scope.
@@ -387,6 +387,14 @@ Section test.
liFromSyntax.
Abort.
+ (* TODO: investigate why the () around False is necessary. *)
+ Lemma ex1_2 :
+ ⊢ [{ '(x1, _, _) ↠{get_tuple}; exhale ⌜x1 = 0âŒ; (False) :>> [{ false }]; done }].
+ Proof.
+ iStartProof.
+ liFromSyntax.
+ Abort.
+
Lemma ex1_3 :
⊢ ∀ n1 n2, (⌜n1 + Z.to_nat n2 > 0⌠∗ ⌜n2 = 1âŒ) -∗
check_wp (n1 + 1) (λ v,
diff --git a/theories/refinedrust.opam b/theories/refinedrust.opam
index e046268fb8566832600d17518ce1e9fafe7845be..e2828f92494b065f2e14dc60180223834f436381 100644
--- a/theories/refinedrust.opam
+++ b/theories/refinedrust.opam
@@ -11,13 +11,13 @@ RefinedRust is a prototype framework for verifying safe and unsafe Rust code.
license: "BSD-3-Clause"
depends: [
- "coq" { (= "8.17.1" ) }
- "coq-iris" { (= "dev.2023-09-11.0.1de1b311") | (= "dev") }
+ "coq" { (= "8.20.1" ) }
+ "coq-iris" { (= "dev.2025-01-25.1.8a8f05fb") | (= "dev") }
"coq-stdpp-unstable"
"dune" {>= "3.9.1"}
- "coq-record-update" {= "0.3.0"}
- "coq-equations" { = "1.3+8.17" }
- "coq-lambda-rust" { = "dev" }
+ "coq-record-update" {= "0.3.4"}
+ "coq-equations" {= "1.3.1+8.20"}
+ "coq-lifetime-logic" { (= "dev.2025-03-26.0.74bdf4e8") | (= "dev") }
]
build: [
diff --git a/theories/rust_typing/adequacy.v b/theories/rust_typing/adequacy.v
index 12fbc7b5fd81a2d981b9fbe0b8dfee9d5b6952a6..da18830f4c102486bc17cdb9d6c43fbfd86eb02d 100644
--- a/theories/rust_typing/adequacy.v
+++ b/theories/rust_typing/adequacy.v
@@ -129,9 +129,8 @@ Proof.
+ by iApply big_sepL_nil.
+ by iIntros (??????) "HL Hv _".
- iFrame. iIntros (?? _ _ ?) "_ _ _". iApply fupd_mask_intro_discard => //. iPureIntro. by eauto.
- - iFrame.
- rewrite /heap_state_ctx /alloc_meta_ctx /to_alloc_meta_map /alloc_alive_ctx /to_alloc_alive_map.
- iFrame. iR. iExists 0. iFrame.
+ - rewrite /heap_state_ctx /alloc_meta_ctx /to_alloc_meta_map /alloc_alive_ctx /to_alloc_alive_map.
+ by iFrame.
Qed.
(*Print Assumptions refinedrust_adequacy.*)
diff --git a/theories/rust_typing/annotations.v b/theories/rust_typing/annotations.v
index 1fd15082313eec0820cad74f2db802325098367e..45cf222982fafbb57ec797044a381f11cfff535f 100644
--- a/theories/rust_typing/annotations.v
+++ b/theories/rust_typing/annotations.v
@@ -1,36 +1,36 @@
From refinedrust Require Import base.
-Inductive stop_annot : Type :=
+Inductive stop_annot : Prop :=
StopAnnot.
(** Annotation for starting a local lifetime [n ⊑ ⨅ sup].
[n] will contain a fresh atomic lifetime, which is the handle to end [n]. *)
-Inductive startlft_annot : Type :=
+Inductive startlft_annot : Set :=
StartLftAnnot (n : string) (sup : list string).
(** Similar to startlft, but do not include a new atomic lifetime in n, thus making [n = ⨅ sup]. *)
-Inductive aliaslft_annot : Type :=
+Inductive aliaslft_annot : Set :=
AliasLftAnnot (n : string) (sup : list string).
(** Annotation for ending a local lifetime n. *)
-Inductive endlft_annot : Type :=
+Inductive endlft_annot : Set :=
EndLftAnnot (n : string).
(** Annotation for extending a local lifetime n ⊑ ⨅ κs to be equal to ⨅ κs. *)
-Inductive extend_annot : Type :=
+Inductive extend_annot : Set :=
ExtendLftAnnot (n : string).
(** Annotation for stratifying the context at this point. *)
-Inductive stratify_context_annot : Type :=
+Inductive stratify_context_annot : Set :=
StratifyContextAnnot.
(** Annotation for creating a dynamic inclusion of a lifetime κ1 ⊑ κ2 *)
-Inductive includelft_annot : Type :=
+Inductive includelft_annot : Set :=
DynIncludeLftAnnot (n1 n2 : string).
(** Annotation for copying the entry n2 ↦ κ in the name map for n1, so that n1 ↦ κ. *)
-Inductive copylftname_annot : Type :=
+Inductive copylftname_annot : Set :=
CopyLftNameAnnot (n1 n2 : string).
(** LftNameTrees for copying lifetime names *)
@@ -41,27 +41,27 @@ Inductive LftNameTree : Set :=
.
(** Annotation for shortening the lifetime of an expression *)
-Inductive shortenlft_annot : Type :=
+Inductive shortenlft_annot : Set :=
ShortenLftAnnot (t : LftNameTree).
(** Annotation for adding lifetime names to the context for the semantic lifetimes of the given expression *)
-Inductive get_lft_names_annot : Type :=
+Inductive get_lft_names_annot : Set :=
GetLftNamesAnnot (t : LftNameTree).
(** This indicates that a goto to the head of a loop is following.
Invariants are specified in the context. *)
-Inductive loop_start_annot : Type :=
+Inductive loop_start_annot : Set :=
| InitLoopAnnot.
(** This asserts that an expression has a particular syntactic Rust type by triggering subtyping to the intended type. *)
-Inductive assert_type_annot : Type :=
+Inductive assert_type_annot : Set :=
| AssertTypeAnnot (ty : rust_type).
(** TODO: just a place holder until we handle drops properly. *)
-Inductive drop_annot : Type :=
+Inductive drop_annot : Set :=
| DropAnnot.
(** Annotation to extract a value assignment for the given expression.
This is a hack we currently need due to restricted evar instantiation on function calls. *)
-Inductive extract_value_annot : Type :=
+Inductive extract_value_annot : Set :=
| ExtractValueAnnot.
diff --git a/theories/rust_typing/arrays.v b/theories/rust_typing/arrays.v
index f1aadc9b9d38974425107cdfe8d19738d8ed0076..6d745e57496fe25b728a1a8afe812f932dc011d4 100644
--- a/theories/rust_typing/arrays.v
+++ b/theories/rust_typing/arrays.v
@@ -38,7 +38,7 @@ Section array.
Definition array_own_el_shr (π : thread_id) (κ : lft) (i : nat) (ly : layout) (ty : type rt) (r : place_rfn rt) (l : loc) : iProp Σ :=
∃ r', place_rfn_interp_shared r r' ∗ ty.(ty_shr) κ π r' (offset_loc l ly i).
- Lemma array_own_val_join_mapsto (Ï€ : thread_id) (q : Qp) vs ly (ty : type rt) rs l len :
+ Lemma array_own_val_join_pointsto (Ï€ : thread_id) (q : Qp) vs ly (ty : type rt) rs l len :
len = length rs →
vs `has_layout_val` mk_array_layout ly len →
l ↦{q} vs -∗
@@ -49,10 +49,10 @@ Section array.
iIntros (Hvs) "Hl Ha".
set (szs := replicate (length rs) (ly_size ly)).
assert (length rs = length (reshape szs vs)).
- { subst szs. rewrite reshape_length replicate_length //. }
+ { subst szs. rewrite length_reshape length_replicate //. }
rewrite -{1}(join_reshape szs vs); first last.
{ rewrite sum_list_replicate. rewrite Hvs /mk_array_layout /ly_mult {2}/ly_size. lia. }
- rewrite (heap_mapsto_mjoin_uniform _ _ (ly_size ly)); first last.
+ rewrite (heap_pointsto_mjoin_uniform _ _ (ly_size ly)); first last.
{ subst szs. intros v'.
intros ?%reshape_replicate_elem_length; first done.
rewrite Hvs. rewrite {1}/ly_size /mk_array_layout /=. lia. }
@@ -65,7 +65,7 @@ Section array.
iExists _, _; iFrame. rewrite /offset_loc. done.
Qed.
- Lemma array_own_val_extract_mapsto π q ly ty rs l len :
+ Lemma array_own_val_extract_pointsto π q ly ty rs l len :
len = length rs →
syn_type_has_layout (ty_syn_type ty) ly →
loc_in_bounds l 0 (ly_size ly * len) -∗
@@ -88,11 +88,11 @@ Section array.
iDestruct "Hv" as "(% & _ & Hv)". by iApply (ty_own_val_has_layout with "Hv"). }
iSplitL "Hl". {
rewrite big_sepL2_const_sepL_r. iDestruct "Hl" as "(_ & Hl)".
- iApply heap_mapsto_mjoin_uniform. { done. }
+ iApply heap_pointsto_mjoin_uniform. { done. }
iSplitR; last done.
rewrite -Hlen'. rewrite Nat.mul_comm. done. }
iSplitR. { rewrite /has_layout_val.
- rewrite join_length.
+ rewrite length_join.
rewrite (sum_list_fmap_same (ly_size ly)).
- iPureIntro. rewrite -Hlen' Nat.mul_comm. done.
- apply Forall_elem_of_iff. done. }
@@ -108,7 +108,7 @@ Section array.
rewrite Heq1. constructor. rewrite Ha; first last. { eapply elem_of_list_lookup_2. eauto. }
done.
Qed.
- Lemma array_own_val_extract_mapsto_fupd F π q ly ty rs l len :
+ Lemma array_own_val_extract_pointsto_fupd F π q ly ty rs l len :
len = length rs →
syn_type_has_layout (ty_syn_type ty) ly →
loc_in_bounds l 0 (ly_size ly * len) -∗
@@ -118,7 +118,7 @@ Section array.
Proof.
iIntros (-> ?) "#Hlb Ha".
iMod (big_sepL_fupd with "Ha") as "Ha".
- by iApply array_own_val_extract_mapsto.
+ by iApply array_own_val_extract_pointsto.
Qed.
Program Definition array_t (len : nat) (ty : type rt) : type (list (place_rfn rt)) := {|
@@ -183,12 +183,12 @@ Section array.
{ iNext. iModIntro. iSplit.
- iIntros "(%v & Hl & %ly' & %Hst' & %Hsz & %Hlen & %Hv & Hv)".
iExists ly'. iSplitR; first done. iSplitR; first done. iSplitR; first done.
- iApply (array_own_val_join_mapsto with "Hl Hv"); done.
+ iApply (array_own_val_join_pointsto with "Hl Hv"); done.
- iIntros "(%ly' & %Hst' & %Hsz & %Hlen & Hl)".
apply syn_type_has_layout_array_inv in Hst as (ly0 & Hst0 & -> & ?).
assert (ly0 = ly') as ->. { by eapply syn_type_has_layout_inj. }
- iPoseProof (array_own_val_extract_mapsto with "Hlb Hl") as "(%vs & Hl & % & Ha)"; [done.. | ].
- iExists vs. iFrame. iExists ly'. do 4 iR. done.
+ iPoseProof (array_own_val_extract_pointsto with "Hlb Hl") as "(%vs & Hl & % & Ha)"; [done.. | ].
+ iExists vs. iFrame "Hl". iExists ly'. do 4 iR. done.
}
iMod (bor_exists with "LFT Hb") as "(%ly' & Hb)"; first done.
@@ -329,10 +329,10 @@ Section lemmas.
rewrite /size_of_st /use_layout_alg' Halg /= in Hv2.
rewrite replicate_add. rewrite reshape_app.
rewrite sum_list_replicate.
- rewrite take_app_alt; last lia.
- rewrite drop_app_alt; last lia.
+ rewrite take_app_length'; last lia.
+ rewrite drop_app_length'; last lia.
iPoseProof (big_sepL2_app_inv with "Hb") as "[Hb1 Hb2]".
- { rewrite reshape_length replicate_length. eauto. }
+ { rewrite length_reshape length_replicate. eauto. }
iSplitL "Hb1".
- iExists _. iR. iSplitR. { iPureIntro. lia. }
iR. iSplitR. { iPureIntro. rewrite /has_layout_val ly_size_mk_array_layout. lia. }
@@ -355,12 +355,12 @@ Section lemmas.
iExists ly1. iR. iSplitR. { iPureIntro. lia. }
rewrite /has_layout_val ly_size_mk_array_layout in Hv1.
rewrite /has_layout_val ly_size_mk_array_layout in Hv2.
- rewrite app_length -Hlen1 -Hlen2. iR.
- iSplitR. { iPureIntro. rewrite /has_layout_val app_length Hv1 Hv2 ly_size_mk_array_layout. lia. }
+ rewrite length_app -Hlen1 -Hlen2. iR.
+ iSplitR. { iPureIntro. rewrite /has_layout_val length_app Hv1 Hv2 ly_size_mk_array_layout. lia. }
rewrite replicate_add. rewrite reshape_app.
rewrite sum_list_replicate.
- rewrite take_app_alt; last lia.
- rewrite drop_app_alt; last lia.
+ rewrite take_app_length'; last lia.
+ rewrite drop_app_length'; last lia.
iApply (big_sepL2_app with "Hb1 Hb2").
Qed.
@@ -373,7 +373,7 @@ Section lemmas.
rewrite /ty_shr/=. iIntros (Hlen1 Hlen2).
iIntros "(%ly & %Halg & %Hsz & %Hlen & %Hly & Hb)".
rewrite big_sepL_app. iDestruct "Hb" as "(Hb1 & Hb2)".
- rewrite app_length in Hlen.
+ rewrite length_app in Hlen.
iSplitL "Hb1".
- iExists _. iR. iSplitR. { iPureIntro. lia. }
iSplitR. { iPureIntro. lia. }
@@ -398,7 +398,7 @@ Section lemmas.
assert (ly2 = ly1) as -> by by eapply syn_type_has_layout_inj. clear Halg2.
rewrite /size_of_st /use_layout_alg' Halg1 /= in Hsz.
iExists _. iR. iSplitR. { iPureIntro. lia. }
- rewrite app_length. iSplitR. { iPureIntro. lia. }
+ rewrite length_app. iSplitR. { iPureIntro. lia. }
iR. iApply (big_sepL_app).
iFrame.
rewrite /OffsetLocSt /use_layout_alg' Halg1 /=.
@@ -708,7 +708,7 @@ Section subltype.
rewrite !ltype_own_array_unfold /array_ltype_own.
iDestruct "Ha" as "(%ly & %Halg & %Hsz & %Hly & Hlb & %r' & Hrfn & #Ha)".
iExists ly. iSplitR. { rewrite -Hst. done. }
- iR. iR. iFrame. iExists r'. iFrame.
+ iR. iR. iFrame "Hlb". iExists r'. iFrame.
iModIntro. iMod "Ha" as "(%Hlen & Ha)". iR.
iMod (array_ltype_incl_big_wand 0 with "Hel Ha") as "Ha"; [done.. | ].
done.
@@ -780,7 +780,7 @@ Section subltype.
rewrite !ltype_own_array_unfold /array_ltype_own.
iDestruct "Ha" as "(%ly & %Halg & %Hsz & %Hly & Hlb & Hcred & %r' & Hrfn & Ha)".
iExists ly. iSplitR. { rewrite -Hst. done. }
- iR. iR. iFrame. iExists r'. iFrame.
+ iR. iR. iFrame "Hlb Hcred". iExists r'. iFrame.
iModIntro. iNext. iMod "Ha" as "(%Hlen & Ha)". iR.
iPoseProof ("Hel" with "") as "Hc".
iMod (array_ltype_incl_big_wand 0 with "Hc Ha") as "Ha"; [done.. | ].
@@ -922,7 +922,7 @@ End subltype.
Section unfold.
Context `{!typeGS Σ}.
- Local Lemma ofty_owned_array_extract_mapsto π F {rt} (ty : type rt) ly len l rs :
+ Local Lemma ofty_owned_array_extract_pointsto π F {rt} (ty : type rt) ly len l rs :
lftE ⊆ F →
length rs = len →
syn_type_has_layout ty.(ty_syn_type) ly →
@@ -935,7 +935,7 @@ Section unfold.
iIntros (? ? ?) "Hlb Hown".
setoid_rewrite ltype_own_ofty_unfold. rewrite /lty_of_ty_own.
simpl. iEval (rewrite /ty_own_val/=).
- iPoseProof (array_own_val_extract_mapsto_fupd with "Hlb [Hown]") as "Ha"; [done.. | | ].
+ iPoseProof (array_own_val_extract_pointsto_fupd with "Hlb [Hown]") as "Ha"; [done.. | | ].
{ iApply (big_sepL_wand with "Hown").
iApply big_sepL_intro. iModIntro. iIntros (k r Hlook).
rewrite /array_own_el_loc.
@@ -945,7 +945,7 @@ Section unfold.
iApply (fupd_mask_mono with "Ha"); done.
Qed.
- Local Lemma ofty_owned_array_join_mapsto π {rt} (ty : type rt) ly len l rs v :
+ Local Lemma ofty_owned_array_join_pointsto π {rt} (ty : type rt) ly len l rs v :
length rs = len →
v `has_layout_val` mk_array_layout ly len →
syn_type_has_layout ty.(ty_syn_type) ly →
@@ -955,7 +955,7 @@ Section unfold.
([∗ list] k ↦ r ∈ rs, (l offset{ly}â‚— k) â—â‚—[ Ï€, Owned false] r @ (â— ty)).
Proof.
iIntros (? ? ? ?) "Hl Ha".
- iPoseProof (array_own_val_join_mapsto with "Hl Ha") as "Ha"; [done.. | ].
+ iPoseProof (array_own_val_join_pointsto with "Hl Ha") as "Ha"; [done.. | ].
iApply (big_sepL_wand with "Ha").
iApply big_sepL_intro. iModIntro.
rewrite /array_own_el_loc.
@@ -964,9 +964,9 @@ Section unfold.
iExists _. iR.
iSplitR. { iPureIntro. apply has_layout_loc_offset_loc; last done. by eapply use_layout_alg_wf. }
iPoseProof (ty_own_val_sidecond with "Hv") as "#$".
- iPoseProof (heap_mapsto_loc_in_bounds with "Hl") as "#Hlb".
+ iPoseProof (heap_pointsto_loc_in_bounds with "Hl") as "#Hlb".
iPoseProof (ty_own_val_has_layout with "Hv") as "%Hv"; first done.
- rewrite Hv. iR. iR. iExists _. iFrame. iNext. iModIntro. eauto with iFrame.
+ rewrite Hv. iR. iR. iExists _. by iFrame.
Qed.
Lemma array_t_unfold_1_owned {rt} wl (ty : type rt) (len : nat) rs :
@@ -978,14 +978,13 @@ Section unfold.
iModIntro. rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iExists (mk_array_layout ly len). iFrame "% ∗".
simpl. iSplitR. { iPureIntro. eapply syn_type_has_layout_array; done. }
- iR. iR. iExists _. iFrame.
+ iR. iR.
iNext. iMod "Hb" as "(%Hlen & Hb)".
rewrite big_sepL2_replicate_l; last done.
- iMod (ofty_owned_array_extract_mapsto with "Hlb [Hb]") as "(%v & Hl & % & Ha)"; [done.. | | ].
+ iMod (ofty_owned_array_extract_pointsto with "Hlb [Hb]") as "(%v & Hl & % & Ha)"; [done.. | | ].
{ iApply (big_sepL_impl with "Hb"). iModIntro. iIntros (k r Hlook). iIntros "(_ & $)". }
iModIntro. iExists v. iFrame.
- iEval (rewrite /ty_own_val/=).
- iExists _. iR. iR. iR. iR. done.
+ iR. done.
Qed.
Lemma array_t_unfold_1_shared {rt} κ (ty : type rt) (len : nat) rs :
@@ -1057,10 +1056,9 @@ Section unfold.
iSplit.
{ iIntros "(%rs' & Hauth & Ha)".
iExists _. iFrame. iMod "Ha" as "(%Hlen & Ha)".
- iMod (ofty_owned_array_extract_mapsto with "Hlb Ha") as "(%v & Hl & % & Ha)"; [done.. | ].
+ iMod (ofty_owned_array_extract_pointsto with "Hlb Ha") as "(%v & Hl & % & Ha)"; [done.. | ].
iModIntro. iExists v. iFrame.
- rewrite /ty_own_val/=.
- iExists _. iR. iR. iR. iR. done.
+ iR. done.
}
{ iIntros "(%rs' & Hauth & Ha)".
iExists _. iFrame.
@@ -1068,7 +1066,7 @@ Section unfold.
rewrite /ty_own_val/=.
iDestruct "Hv" as "(%ly' & %Hst' & _ & %Hlen & %Hvly & Ha)".
assert (ly' = ly) as -> by by eapply syn_type_has_layout_inj.
- iR. iApply (ofty_owned_array_join_mapsto with "Hl Ha"); done.
+ iR. iApply (ofty_owned_array_join_pointsto with "Hl Ha"); done.
}
Qed.
@@ -1102,13 +1100,13 @@ Section unfold.
iModIntro. iExists _. iR.
iSplitR. { iPureIntro. move: Hsz. rewrite ly_size_mk_array_layout MaxInt_eq. lia. }
iR. rewrite ly_size_mk_array_layout. iFrame.
- iExists rs'. iFrame. iNext. iMod "Ha" as "(%v & Hl & Hv)".
+ iNext. iMod "Ha" as "(%v & Hl & Hv)".
rewrite /ty_own_val /=.
iDestruct "Hv" as "(%ly & %Hst' & % & %Hlen & %Hvly & Ha)".
assert (ly' = ly) as -> by by eapply syn_type_has_layout_inj.
iR.
rewrite big_sepL2_replicate_l; last done.
- iPoseProof (ofty_owned_array_join_mapsto with "Hl Ha") as "Ha"; [done.. | ].
+ iPoseProof (ofty_owned_array_join_pointsto with "Hl Ha") as "Ha"; [done.. | ].
iApply (big_sepL_wand with "Ha"). iApply big_sepL_intro.
iModIntro. iModIntro. iIntros (k r Hlook) "$".
simp_ltypes. done.
@@ -1196,14 +1194,13 @@ Section unfold.
rewrite /ty_own_val/=.
iDestruct "Hv" as "(%ly'' & %Hst' & _ & %Hlen & %Hvly & Ha)".
assert (ly'' = ly') as -> by by eapply syn_type_has_layout_inj.
- iR. iApply (ofty_owned_array_join_mapsto with "Hl Ha"); done.
+ iR. iApply (ofty_owned_array_join_pointsto with "Hl Ha"); done.
}
{ iIntros "(%rs' & Hauth & Ha)".
iExists _. iFrame. iMod "Ha" as "(%Hlen & Ha)".
- iMod (ofty_owned_array_extract_mapsto with "Hlb Ha") as "(%v & Hl & % & Ha)"; [done.. | ].
+ iMod (ofty_owned_array_extract_pointsto with "Hlb Ha") as "(%v & Hl & % & Ha)"; [done.. | ].
iModIntro. iExists v. iFrame.
- rewrite /ty_own_val/=.
- iExists _. iR. iSplitR. { iPureIntro. lia. } iR. iR. done.
+ iR. iSplitR. { iPureIntro. lia. } iR. done.
}
Qed.
@@ -1302,10 +1299,10 @@ Section lemmas.
{ rewrite Nat.add_0_r. rewrite take_drop. done. }
rewrite IH. simpl.
destruct (decide (i < length l)) as [Hlt | Hnlt].
- - rewrite insert_app_l. 2: { rewrite take_length interpret_inserts_length. lia. }
- rewrite insert_take_drop. 2: { rewrite take_length interpret_inserts_length. lia. }
+ - rewrite insert_app_l. 2: { rewrite length_take interpret_inserts_length. lia. }
+ rewrite insert_take_drop. 2: { rewrite length_take interpret_inserts_length. lia. }
rewrite take_take. rewrite Nat.min_l; last lia.
- rewrite drop_ge; first last. { rewrite take_length. lia. }
+ rewrite drop_ge; first last. { rewrite length_take. lia. }
rewrite Nat.add_succ_r.
rewrite -app_assoc.
assert (length l - i = S (length l - S i)) as -> by lia.
@@ -1326,9 +1323,9 @@ Section lemmas.
Proof.
rewrite /interpret_iml. simpl.
rewrite interpret_inserts_full_iml.
- rewrite take_0 replicate_length Nat.min_l; last lia.
+ rewrite take_0 length_replicate Nat.min_l; last lia.
rewrite drop_ge; first by rewrite app_nil_r.
- rewrite interpret_inserts_length replicate_length. lia.
+ rewrite interpret_inserts_length length_replicate. lia.
Qed.
Lemma array_ltype_make_defaults {rt} (def : type rt) b r len lts :
@@ -1422,7 +1419,7 @@ Section lemmas.
iIntros (rt' def' lts' rs') "Hcred' %Hst' Hb".
rewrite ltype_own_array_unfold /array_ltype_own.
iModIntro.
- iExists ly. rewrite -Hst'. iR. iR. iR. iR. iFrame.
+ iExists ly. rewrite -Hst'. iR. iR. iR. iR.
iSplitL "Hat Hcred Hcred'".
{ destruct wl; last done. iFrame. rewrite /num_cred. iApply lc_succ. iFrame. }
iExists rs'. iR.
@@ -1465,7 +1462,7 @@ Section lemmas.
iSplitL "Hb Hcred'".
{ rewrite ltype_own_array_unfold /array_ltype_own.
iModIntro.
- iExists ly. rewrite -Hst'. iR. iR. iR. iR. iFrame.
+ iExists ly. rewrite -Hst'. iR. iR. iR. iR. iFrame "Hcred'".
iExists rs'. iR.
iPoseProof (big_sepL2_length with "Hb") as "%Hleneq".
rewrite interpret_iml_length in Hleneq. iR.
@@ -1720,10 +1717,10 @@ Section lemmas.
(*assert (ly0 = ly1) as -> by by eapply syn_type_has_layout_inj.*)
iExists _. iR.
iSplitR. { iPureIntro. apply (use_layout_alg_size) in Hst1. lia. }
- rewrite replicate_length. iR.
+ rewrite length_replicate. iR.
iSplitR. { rewrite /has_layout_val/mk_array_layout/ly_mult /= -Hly /=. done. }
iApply big_sepL2_intro.
- { rewrite reshape_length !replicate_length//. }
+ { rewrite length_reshape !length_replicate//. }
iModIntro. iIntros (k ?? Hlook1 Hlook2).
apply lookup_replicate in Hlook1 as (-> & ?).
iExists _. iR.
@@ -1940,7 +1937,7 @@ Section rules.
{ rewrite /i Z2Nat.id; last done. iFrame. rewrite -Hsteq//. }
rewrite insert_interpret_iml.
iMod ("Hcl" with "[//] [] [] [] [] Hb") as "(Hb & ? & Hcondv)".
- { rewrite insert_length //. }
+ { rewrite length_insert //. }
{ iApply "Hincl". }
{ iApply typed_place_cond_ty_array_lift; [done.. | ].
iDestruct "Hcond" as "($ & _)". }
@@ -2030,7 +2027,7 @@ Section rules.
rewrite insert_interpret_iml.
iMod ("Hcl" with "[] [] Hb") as "(Hb & Hcondv)".
{ done. }
- { rewrite insert_length //. }
+ { rewrite length_insert //. }
(*{ iPureIntro. rewrite Forall_cons. split; first lia. done. }*)
iFrame.
iModIntro.
@@ -2658,10 +2655,10 @@ Section rules.
iDestruct "Ha" as "(%ly & %Hst1 & % & <- & %Hvly & Ha)".
iExists _. iR.
assert (ly_size ly = ly_size ly') as Hlysz. { eapply Hszeq; done. }
- rewrite -Hlysz replicate_length. iR.
- rewrite replicate_length. iR.
+ rewrite -Hlysz length_replicate. iR.
+ rewrite length_replicate. iR.
iSplitR. { iPureIntro. rewrite /has_layout_val/mk_array_layout/ly_mult/=. rewrite -Hlysz.
- rewrite replicate_length in Hvly. done. }
+ rewrite length_replicate in Hvly. done. }
clear.
iInduction len as [ | len] "IH" forall (v); simpl; first done.
iDestruct "Ha" as "((%r1 & -> & Ha) & Hr)".
@@ -2748,7 +2745,7 @@ Section rules.
iIntros "(%Hlen & HT)". iIntros (????) "#CTX #HE HL Hl".
simpl.
iPoseProof (big_sepL2_length with "Hl") as "%Hlen'".
- rewrite insert_length interpret_iml_length in Hlen'. subst len.
+ rewrite length_insert interpret_iml_length in Hlen'. subst len.
edestruct (lookup_lt_is_Some_2 rs j) as (r & Hlook); first done.
rewrite -{5}(list_insert_id _ _ _ Hlook).
@@ -2772,7 +2769,7 @@ Section rules.
iMod ("HT" with "[//] CTX HE HL") as "(#Hincl & HL & HT)".
iDestruct "Hincl" as "(%Hsteq & Hincl & _)".
iExists _, _, _, _. iFrame.
- iSplitR. { iPureIntro. rewrite insert_length//. }
+ iSplitR. { iPureIntro. rewrite length_insert//. }
iApply logical_step_fupd.
iApply (logical_step_compose with "Hstep").
iApply (logical_step_compose with "Hstep'").
@@ -2796,7 +2793,7 @@ Section rules.
iMod ("HT" with "[//] CTX HE HL") as "(#Hincl & HL & HT)".
iDestruct "Hincl" as "(%Hsteq & Hincl & _)".
iExists _, _, _, _. iFrame.
- iSplitR. { iPureIntro. rewrite insert_length//. }
+ iSplitR. { iPureIntro. rewrite length_insert//. }
iApply logical_step_fupd.
iApply (logical_step_compose with "Hstep").
iApply (logical_step_compose with "Hstep'").
@@ -2840,7 +2837,7 @@ Section rules.
iIntros "(%Hlen & HT)". iIntros (????) "#CTX #HE HL Hl".
unfold CanSolve in *.
iPoseProof (big_sepL2_length with "Hl") as "%Hlen'".
- rewrite insert_length interpret_iml_length in Hlen'. subst len.
+ rewrite length_insert interpret_iml_length in Hlen'. subst len.
iMod ("HT" with "[//] [//] [//] CTX HE HL [Hl]") as "(%L2 & %R2 & %iml2 & %rs2 & %Hleneq & Hstep & HL & HT)".
{ edestruct (lookup_lt_is_Some_2 rs j) as (r & Hlook). { lia. }
rewrite -{2}(list_insert_id _ _ _ Hlook).
@@ -2878,8 +2875,7 @@ Section rules.
iIntros "Hcred2 !> (Ha & $)".
iModIntro.
rewrite ltype_own_array_unfold /array_ltype_own.
- iExists _. iFrame "∗%".
- iExists _. iR. iR. iNext.
+ iExists _. iFrame "∗%". iR. iNext.
iApply (big_sepL2_mono with "Ha").
intros ??? Hlook1 Hlook2.
rewrite /OffsetLocSt /use_layout_alg' Halg/=. done.
@@ -3056,10 +3052,10 @@ Section value.
iExists ly.
iSplitR. { done. }
iSplitR. { iPureIntro. rewrite Hsz in Hsz'. lia. }
- iSplitR. { rewrite fmap_length reshape_length replicate_length //. }
+ iSplitR. { rewrite length_fmap length_reshape length_replicate //. }
iSplitR. { rewrite /has_layout_val /mk_array_layout /ly_mult /= Hv Hsz. done. }
iApply big_sepL2_intro.
- { rewrite fmap_length reshape_length !replicate_length//. }
+ { rewrite length_fmap length_reshape !length_replicate//. }
iModIntro. iIntros (k ?? Hlook1 Hlook2).
rewrite list_lookup_fmap in Hlook1.
rewrite Hlook2 in Hlook1. simpl in Hlook1. injection Hlook1 as [= <-].
@@ -3076,7 +3072,7 @@ Section value.
rewrite /has_layout_val Hzero //.
- rewrite sublist_lookup_reshape in Hlook2.
{ rewrite sublist_lookup_Some' in Hlook2. destruct Hlook2 as (-> & ?).
- iPureIntro. rewrite /has_layout_val take_length drop_length. lia. }
+ iPureIntro. rewrite /has_layout_val length_take length_drop. lia. }
{ lia. }
{ rewrite Hv. lia. }
}
@@ -3104,7 +3100,7 @@ Section value.
rewrite /ty_own_val/=.
iDestruct "Hv" as "(%ly'' & %Hst & %Hsz & <- & %Hv & Hl)".
apply syn_type_has_layout_untyped_inv in Hst as (-> & Hwf & Hsz' & Hal).
- rewrite fmap_length. rewrite fmap_length in Hv.
+ rewrite length_fmap. rewrite length_fmap in Hv.
iExists (UntypedOp (mk_array_layout ly (length vs'))).
iSplitR. { iPureIntro. apply use_op_alg_untyped; done. }
@@ -3123,7 +3119,7 @@ Section value.
iPoseProof (big_sepL2_Forall2 with "Hl1") as "%Hl1".
apply Forall2_eq in Hl1 as ->.
iClear "Hl1". rewrite big_sepL2_elim_r.
- rewrite reshape_length replicate_length.
+ rewrite length_reshape length_replicate.
rewrite join_reshape.
- iPureIntro. left. done.
- rewrite sum_list_replicate Hv ly_size_mk_array_layout.
@@ -3134,7 +3130,7 @@ Section value.
- done.
- by apply array_layout_wf.
- rewrite ly_size_mk_array_layout.
- move: Hsz. rewrite fmap_length MaxInt_eq. lia.
+ move: Hsz. rewrite length_fmap MaxInt_eq. lia.
- rewrite /ly_align_in_bounds ly_align_mk_array_layout //.
Qed.
Lemma value_t_untyped_from_array π v vs n ly :
diff --git a/theories/rust_typing/automation.v b/theories/rust_typing/automation.v
index 10e230e30628e72f5beaf7fe3e31abaf17bc9874..d5f7de348b45ffc0576ab06ad5d640b5c23478db 100644
--- a/theories/rust_typing/automation.v
+++ b/theories/rust_typing/automation.v
@@ -1,3 +1,4 @@
+Require Import Coq.Strings.String.
From iris.proofmode Require Import coq_tactics reduction string_ident.
From refinedrust Require Export type.
From lithium Require Export all.
@@ -234,7 +235,7 @@ Definition digit_to_ascii (n : nat) : ascii :=
end.
Definition nat_to_string (n : nat) : string.
Proof.
- refine (string_rev _).
+ refine (String.rev _).
refine (lt_wf_rec n (λ _, string) _).
intros m rec.
refine (match m as m' return m = m' → _ with
@@ -298,11 +299,11 @@ Ltac build_local_sepconj local_locs spatial_env ex_names base base_app :=
end
end.
-(** Composes the loop invariant from the invariant [inv : bb_inv_t] (a constr),
+(** Composes the loop invariant from the invariant [Inv : bb_inv_t] (a constr),
the runtime function [FN : runtime_function], the current Iris environment [env : env],
and the current contexts [current_E : elctx], [current_L : llctx],
and poses it with the identifier [Hinv]. *)
-Ltac pose_loop_invariant Hinv FN inv envs current_E current_L :=
+Ltac pose_loop_invariant Hinv FN Inv envs current_E current_L :=
(* find Σ *)
let Σ :=
let tgs := constr:(_ : typeGS _) in
@@ -320,11 +321,11 @@ Ltac pose_loop_invariant Hinv FN inv envs current_E current_L :=
in
(* extract the invariants *)
- let functional_inv := match inv with
+ let functional_inv := match Inv with
| (wrap_inv ?inv, _) => uconstr:(inv)
end
in
- let llctx_inv := match inv with
+ let llctx_inv := match Inv with
| (_, wrap_inv ?inv) => uconstr:(inv)
end
in
@@ -443,9 +444,9 @@ Ltac liRGoto goto_bb :=
| H : bb_inv_map_marker ?LOOP_INV_MAP |- _ =>
let loop_inv_map := eval hnf in LOOP_INV_MAP in
(* find the loop invariant *)
- let inv := find_bb_inv loop_inv_map goto_bb in
- let inv := match inv with
- | PolySome ?inv => inv
+ let Inv := find_bb_inv loop_inv_map goto_bb in
+ let Inv := match Inv with
+ | PolySome ?Inv => Inv
| PolyNone =>
(* we are not jumping to a loop head *)
fail 1 "infer_loop_invariant: no loop invariant found"
@@ -955,7 +956,7 @@ Global Hint Unfold OffsetLocSt : core.
#[global] Typeclasses Opaque layout_wf.
(* In my experience, this has led to more problems with [normalize_autorewrite] rewriting below definitions too eagerly. *)
-Export Unset Keyed Unification.
+#[export] Unset Keyed Unification.
Create HintDb unfold_tydefs.
diff --git a/theories/rust_typing/automation/dune b/theories/rust_typing/automation/dune
index 7114e6e3c37514c93a1dfe6f467cf21096cc9f1d..2dac6187029764a7d39f8c69b1777a70f5e8347d 100644
--- a/theories/rust_typing/automation/dune
+++ b/theories/rust_typing/automation/dune
@@ -1,6 +1,6 @@
(coq.theory
(name refinedrust.automation)
(package refinedrust)
- (flags -w -notation-overridden -w -redundant-canonical-projection)
+ (flags -w -notation-incompatible-prefix -w -notation-overridden -w -redundant-canonical-projection)
(synopsis "RefinedRust automation components")
(theories stdpp iris RecordUpdate Ltac2 caesium refinedrust lithium))
diff --git a/theories/rust_typing/automation/ident_to_string.v b/theories/rust_typing/automation/ident_to_string.v
index 3c6f91692cb80a3c35cca580be7cb1a2a5fea0ad..777b75886cca2f3781e0afe65ca70da1faf5a1c6 100644
--- a/theories/rust_typing/automation/ident_to_string.v
+++ b/theories/rust_typing/automation/ident_to_string.v
@@ -47,7 +47,7 @@ Module Import IdentToStringImpl .
if Int.equal n 1 then [1] else
let r := powers_of_two (Int.sub n 1) in
match r with
- | h :: t => Int.mul 2 h :: r
+ | h :: _ => Int.mul 2 h :: r
| [] => []
end.
@@ -112,6 +112,7 @@ Module Import IdentToStringImpl .
Local Open Scope string_scope.
Set Default Proof Mode "Classic".
Goal forall my_var: nat, my_var = my_var.
+ Proof.
intros.
match goal with
| |- _ = ?x => let r := varconstr_to_string x in pose r
diff --git a/theories/rust_typing/automation/solvers.v b/theories/rust_typing/automation/solvers.v
index 3f655dd6eb65f04bbc8cdc7d4a22d84240a89f71..ccd0dd6ac449d0cd273136216b824a5b0663e814 100644
--- a/theories/rust_typing/automation/solvers.v
+++ b/theories/rust_typing/automation/solvers.v
@@ -1,9 +1,11 @@
+Require Import Coq.Strings.String.
From iris.proofmode Require Import coq_tactics reduction string_ident.
From refinedrust Require Export type ltypes hlist.
From lithium Require Export all.
From lithium Require Import hooks.
From refinedrust.automation Require Import ident_to_string lookup_definition proof_state.
From refinedrust Require Import int programs program_rules functions uninit mut_ref shr_ref products value arrays.
+
Set Default Proof Using "Type".
diff --git a/theories/rust_typing/axioms.v b/theories/rust_typing/axioms.v
index 26c79f96731790bb3a6085a6765e6eee88b6268e..ed590efad1c3de4a587743fd56099f90395fcbf0 100644
--- a/theories/rust_typing/axioms.v
+++ b/theories/rust_typing/axioms.v
@@ -14,7 +14,7 @@ Proof. apply proof_irrelevance. Qed.
We might be able to get by without it however and just require UIP. *)
(* Equations seems to change the arguments for eq_refl, restore *)
-Global Arguments eq_refl {A}%type_scope {x}, [_] _.
+Global Arguments eq_refl {A}%_type_scope {x}, [_] _.
(* Uniqueness of identity proofs *)
(*Axiom (UIP_t : ∀ T, UIP_ T).*)
diff --git a/theories/rust_typing/base.v b/theories/rust_typing/base.v
index 08f46caaacc416830965a63ceec6569c040308c8..94716317a5844d3ce05f899346b1fe71c0746202 100644
--- a/theories/rust_typing/base.v
+++ b/theories/rust_typing/base.v
@@ -28,6 +28,7 @@ Definition lftE : coPset := ↑lftN.
Definition timeE : coPset := ↑timeN.
Definition shrE : coPset := ↑shrN.
+(* We want unit to be in Type, not in Set *)
Definition unitt : Type := unit.
Definition ttt : unitt := tt.
Notation "()" := ttt.
diff --git a/theories/rust_typing/box.v b/theories/rust_typing/box.v
index cf78101625ab31c6138430c4301de12a04c1353d..a3cf07d0d9dd833f4314b59dfdb7a82949db0286 100644
--- a/theories/rust_typing/box.v
+++ b/theories/rust_typing/box.v
@@ -211,7 +211,6 @@ Section subtype.
iDestruct ("Hincl" $! ri) as "(%Hst_eq & #Hsc_eq & #Hinclv & #Hincl_shr)".
rewrite -Hst_eq. iExists ly. iSplitR; first done. iFrame.
iSplitL "Hsc". { by iApply "Hsc_eq". }
- iExists _. iFrame.
iNext. iMod "Hb". iDestruct "Hb" as (v) "(Hl & Hv)". iExists v. iFrame. by iApply "Hinclv".
Qed.
@@ -322,7 +321,6 @@ Section subltype.
iIntros (Ï€ l). rewrite !ltype_own_box_unfold /box_ltype_own.
iIntros "(%ly & ? & ? & ? & %r' & Hrfn & #Hb)".
iExists ly. iFrame.
- iExists _. iFrame.
iModIntro. iMod "Hb". iDestruct "Hb" as "(%li & Hs & Hb)".
iDestruct ("Heq" $! _) as "(_ & Heq' & _)".
iModIntro. iExists _. iFrame "Hs". iApply ("Heq'" with "Hb").
@@ -489,53 +487,53 @@ Section unfold.
iModIntro. iIntros (Ï€ l). rewrite ltype_own_box_unfold /box_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
iIntros "(%ly & ? & ? & Hlb & Hcred & %r' & Hrfn & Hb)".
iModIntro. iExists ly. iFrame "∗".
- iExists _. iFrame. iNext. iMod "Hb".
+ iNext. iMod "Hb".
iDestruct "Hb" as (l' ly') "(Hl & % & % & Hf & Hb)".
iExists l'. iFrame.
- iExists l', ly'. iSplitR; first done. iFrame "∗ %".
+ iSplitR; first done. iFrame "∗ %".
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iDestruct "Hb" as "(%ly'' & % & % & Hsc & Hlb' & [Hcred Hat] & Hb)".
enough (ly'' = ly') as ->. { iModIntro. by iFrame. }
eapply syn_type_has_layout_inj; done.
Qed.
+
Lemma box_ltype_unfold_2_owned wl r :
⊢ ltype_incl' (Owned wl) r r (◠(box (ty))) (BoxLtype (◠ty)).
Proof.
iModIntro. iIntros (Ï€ l).
rewrite ltype_own_box_unfold /box_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
iIntros "(%ly & Halg & Hly & Hsc & Hlb & Hcred & %r' & Hrfn & Hb)".
- iModIntro. iExists ly. iFrame.
- iExists r'. iFrame. iNext.
+ iModIntro. iExists ly. iFrame. iNext.
iDestruct "Hb" as ">(%v & Hl & %l' & %ly' & -> & %Halg & %Hly & Hlb & Hsc' & Hf & Hcred & Hat & Hb)".
iExists l', ly'. iFrame "∗ %".
rewrite ltype_own_ofty_unfold /lty_of_ty_own. iModIntro. iR. iExists ly'.
iDestruct "Hb" as "(%ri & Hrfn & Hb)". iFrame "% ∗".
- eauto with iFrame.
Qed.
Lemma box_ltype_unfold_1_shared `{!Inhabited rt} κ r :
⊢ ltype_incl' (Shared κ) r r (BoxLtype (◠ty)) (◠(box (ty))).
Proof.
- iModIntro. iIntros (Ï€ l). rewrite ltype_own_box_unfold /box_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
+ iModIntro. iIntros (Ï€ l).
+ rewrite ltype_own_box_unfold /box_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
iIntros "(%ly & %Ha & % & #Hlb & %ri & Hrfn & #Hb)".
- iExists ly. iFrame. iFrame "Hlb %".
- iExists _. iFrame. iModIntro. iMod "Hb".
+ iExists ly. iFrame. do 3 iR.
+ iModIntro. iMod "Hb".
iDestruct "Hb" as "(%li & Hs & Hb)".
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iDestruct "Hb" as "(%ly' & >? & >? & >Hsc & >Hlb' & %ri' & >Hrfn & Hb)".
iExists _, _, _. iFrame.
injection Ha as <-. iFrame "#". done.
Qed.
+
Lemma box_ltype_unfold_2_shared κ r :
⊢ ltype_incl' (Shared κ) r r (◠(box (ty))) (BoxLtype (◠ty)).
Proof.
iModIntro. iIntros (Ï€ l). rewrite ltype_own_box_unfold /box_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
iIntros "(%ly & ? & ? & Hsc & ? & %r' & Hrfn & #Hb)". iExists ly. iFrame "∗ %".
- iExists _. iFrame. iModIntro.
- iMod "Hb". iDestruct "Hb" as "(%li & %ly' & %ri & Hrfn & ? & ? & ? & Hsc & Hlb & Hlbi & Hs & Hb)".
+ iModIntro. iMod "Hb".
+ iDestruct "Hb" as "(%li & %ly' & %ri & Hrfn & ? & ? & ? & Hsc & Hlb & Hlbi & Hs & Hb)".
iModIntro. iExists li. iFrame. iNext. iDestruct "Hb" as "#Hb".
- rewrite ltype_own_ofty_unfold /lty_of_ty_own. iExists ly'. iFrame.
- iExists _. iFrame. done.
+ rewrite ltype_own_ofty_unfold /lty_of_ty_own. iExists ly'. by iFrame.
Qed.
Lemma box_ltype_unfold_1_uniq κ γ r :
@@ -550,9 +548,8 @@ Section unfold.
iNext. iModIntro. iSplit.
* iIntros "(%r' & Hauth & Hb)". iExists _. iFrame. iMod "Hb".
iDestruct "Hb" as "(%l' & %ly' & Hl & %Halg & Hly & Hf & Hb)".
- iExists l'. iFrame.
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iExists l', ly'. iFrame "∗". iSplitR; first done.
+ iFrame "∗". iSplitR; first done.
iDestruct "Hb" as "(%ly'' & %Halg' & Hly & Hsc & Hlb & [Hcred Hat] & Hb)".
iModIntro. iFrame. iSplitR; first done.
simp_ltypes in Halg. replace ly'' with ly'; first done.
@@ -564,9 +561,9 @@ Section unfold.
iModIntro. iExists l', ly'. iFrame.
iSplitR; first done. iSplitR; first done.
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iExists ly'. iFrame. iSplitR; first done. iSplitR; first done.
- iExists _. iFrame.
+ iExists ly'. by iFrame.
Qed.
+
Lemma box_ltype_unfold_2_uniq κ γ r :
⊢ ltype_incl' (Uniq κ γ) r r (◠(box (ty))) (BoxLtype (◠ty)).
Proof.
@@ -585,13 +582,11 @@ Section unfold.
iModIntro. iExists l', ly'. iFrame.
iSplitR; first done. iSplitR; first done.
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iExists ly'. iFrame. iSplitR; first done. iSplitR; first done.
- iExists _. iFrame.
+ iExists ly'. by iFrame.
* iIntros "(%r' & Hauth & Hb)". iExists _. iFrame. iMod "Hb".
iDestruct "Hb" as "(%l' & %ly' & Hl & %Halg & Hly & Hf & Hb)".
- iExists l'. iFrame.
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iExists l', ly'. iFrame "∗". iSplitR; first done.
+ iFrame "∗". iSplitR; first done.
iDestruct "Hb" as "(%ly'' & %Halg' & Hly & Hsc & Hlb & [Hcred Hat] & Hb)".
iModIntro. iFrame. iSplitR; first done.
simp_ltypes in Halg. replace ly'' with ly'; first done.
@@ -685,17 +680,12 @@ Section lemmas.
iIntros "Hcred' !>". iIntros (rt2 lt2 r2 Hst) "Hl Hb". iModIntro.
iSplitL "Hf Hl Hb Hcred'".
{ rewrite ltype_own_box_unfold /box_ltype_own. iExists void*. iFrame "# ∗".
- iSplitR; first done. iSplitR; first done.
- iExists r2. iSplitR; first done. iNext.
- iExists l', ly'. iFrame. rewrite Hst.
- iFrame "%#". done. }
+ iSplitR; first done. iSplitR; first done. iR. iNext.
+ rewrite Hst. by iFrame "%#". }
iIntros (bmin) "%Hrt Hcond".
iDestruct "Hcond" as "(Hcondt & Hcondr)".
- iSplit.
- + iApply box_ltype_place_cond_ty; done.
- + destruct bmin; simpl; [done | | done].
- done.
- (*iExists eq_refl. done.*)
+ iSplit; [| done ].
+ by iApply box_ltype_place_cond_ty.
Qed.
Lemma box_ltype_acc_uniq {rt} F π (lt : ltype rt) (r : place_rfn rt) l q κ γ R :
@@ -844,8 +834,7 @@ Section lemmas.
iIntros (lt' r'') "Hpts #Hl'".
iMod ("Hclf" with "Hpts") as "Htok".
iFrame. iSplitL.
- { iModIntro. rewrite ltype_own_box_unfold /box_ltype_own. iExists void*. iFrame "% #".
- iR. iExists _. iR. iModIntro. iModIntro. iExists _. iFrame "#". }
+ { iModIntro. rewrite ltype_own_box_unfold /box_ltype_own. iExists void*. by iFrame "% #". }
iModIntro. iIntros (bmin) "Hincl Hcond".
iDestruct "Hcond" as "(Hcond_ty & Hcond_rfn)".
iModIntro. iSplit.
@@ -1226,8 +1215,8 @@ Section rules.
simpl. iPoseProof (gvar_pobs_agree_2 with "Hinterp HObs") as "#<-".
iExists _, _, _, _. iFrame. iApply maybe_logical_step_intro.
iL. rewrite ltype_own_box_unfold /box_ltype_own.
- iExists _. iFrame. iExists _. iR. by iFrame.
- - iExists _, _, _, _. iFrame. iApply maybe_logical_step_intro. by iFrame.
+ iExists _. by iFrame.
+ - iExists _, _, _, _. iFrame. iApply maybe_logical_step_intro. by iFrame.
Qed.
Global Instance resolve_ghost_box_owned_inst {rt} π E L l (lt : ltype rt) γ wl rm lb :
ResolveGhost π E L rm lb l (BoxLtype lt) (Owned wl) (PlaceGhost γ) | 7 := λ T, i2p (resolve_ghost_box_Owned π E L l lt γ wl rm lb T).
@@ -1269,7 +1258,7 @@ Section rules.
simpl. iPoseProof (gvar_pobs_agree_2 with "Hinterp HObs") as "#<-".
iExists _, _, _, _. iFrame. iApply maybe_logical_step_intro.
iL. rewrite ltype_own_box_unfold /box_ltype_own.
- iExists _. iFrame. iExists _. iR. by iFrame.
+ iExists _. by iFrame.
- iExists _, _, _, _. iFrame. iApply maybe_logical_step_intro. by iFrame.
Qed.
Global Instance resolve_ghost_box_shared_inst {rt} π E L l (lt : ltype rt) γ κ rm lb :
diff --git a/theories/rust_typing/dune b/theories/rust_typing/dune
index 58c0e901291af9b512be1b271f06552b050fb32e..7733f573ce989c8786486c9e747d86cc0cc6780f 100644
--- a/theories/rust_typing/dune
+++ b/theories/rust_typing/dune
@@ -1,6 +1,6 @@
(coq.theory
(name refinedrust)
(package refinedrust)
- (flags -w -notation-overridden -w -redundant-canonical-projection)
+ (flags -w -notation-incompatible-prefix -w -notation-overridden -w -redundant-canonical-projection)
(synopsis "RefinedRust")
(theories stdpp iris RecordUpdate Ltac2 caesium lithium lrust Equations))
diff --git a/theories/rust_typing/enum.v b/theories/rust_typing/enum.v
index d55afaabd614e1c640630cc2fccb5fea13d46df8..26804c595184f54c8fda7d38983081b42b195ac8 100644
--- a/theories/rust_typing/enum.v
+++ b/theories/rust_typing/enum.v
@@ -126,7 +126,7 @@ Section union.
iPureIntro. apply syn_type_has_layout_untyped_inv in Halg1 as (-> & _ & _).
move: Hv0 Hv1. apply ly_size_layout_of_union_member in Hly.
rewrite /has_layout_val/active_union_rest_ly.
- rewrite take_length drop_length.
+ rewrite length_take length_drop.
rewrite {4}/ly_size.
lia.
Qed.
@@ -178,14 +178,14 @@ Section union.
{ iNext. iModIntro. iSplit.
- iIntros "(%v & Hl & Ha & Hb)".
rewrite -{1}(take_drop (ly_size ly') v).
- rewrite heap_mapsto_app. iDestruct "Hl" as "(Hl1 & Hl2)".
+ rewrite heap_pointsto_app. iDestruct "Hl" as "(Hl1 & Hl2)".
iPoseProof (ty_own_val_has_layout with "Ha") as "%Hlyv"; first done.
- rewrite /has_layout_val take_length in Hlyv.
+ rewrite /has_layout_val length_take in Hlyv.
iSplitL "Hl1 Ha". { iExists _. iFrame. }
iPoseProof (ty_has_layout with "Hb") as "(%ly2 & %Hst2 & %Hlyv2)".
apply syn_type_has_layout_untyped_inv in Hst2 as (-> & ? & ? & ?).
- move: Hlyv2. rewrite /has_layout_val drop_length /active_union_rest_ly {2}/ly_size/= => Hlyv2.
- rewrite take_length. rewrite Nat.min_l; last lia.
+ move: Hlyv2. rewrite /has_layout_val length_drop /active_union_rest_ly {2}/ly_size/= => Hlyv2.
+ rewrite length_take. rewrite Nat.min_l; last lia.
eauto with iFrame.
- iIntros "((%v1 & Hl1 & Hv1) & (%v2 & Hl2 & Hv2))".
iExists (v1 ++ v2).
@@ -194,9 +194,9 @@ Section union.
apply syn_type_has_layout_untyped_inv in Hst2 as (-> & ? & ? & ?).
move: Hlyv2. rewrite /has_layout_val /active_union_rest_ly {1}/ly_size/= => Hlyv2.
rewrite /has_layout_val in Hlyv.
- rewrite heap_mapsto_app. rewrite Hlyv. iFrame.
- iSplitL "Hv1". { rewrite take_app'; first done. lia. }
- rewrite drop_app'; last lia. done. }
+ rewrite heap_pointsto_app. rewrite Hlyv. iFrame.
+ iSplitL "Hv1". { rewrite take_app_length'; first done. lia. }
+ rewrite drop_app_length'; last lia. done. }
iMod (bor_sep with "LFT Hb") as "(Hb1 & Hb2)"; first done.
(* now share both parts *)
@@ -231,8 +231,7 @@ Section union.
simpl. rewrite right_id.
rewrite -lft_tok_sep.
rewrite ty_lfts_unfold.
- iDestruct "Htok2" as "(? & ?)". iFrame.
- iExists ul, ly'. iR. iR. iR. done.
+ iDestruct "Htok2" as "(? & ?)". by iFrame.
Qed.
Next Obligation.
iIntros (rt ty variant uls κ κ' π r l) "#Hincl Hb".
@@ -383,7 +382,7 @@ Section enum.
Note that, crucially, also the [e : enum rto] is already an input to this typeclass (determined by the [rust_type] annotation on [EnumInit]), because we need the type parameters of the enum to already be determined.
(As an example, imagine constructing the [None] variant of [Option<T>]).
*)
- Class ConstructEnum {rti rto} (e : enum rto) (variant : string) (ty : type rti) (input : rti) (out : rto) : Type := construct_enum {
+ Class ConstructEnum {rti rto} (e : enum rto) (variant : string) (ty : type rti) (input : rti) (out : rto) : Prop := construct_enum {
(* sidecondition that we need to solve *)
(*construct_enum_sc : Prop;*)
(* agreemtn that we get as a result *)
@@ -652,11 +651,10 @@ Section ne.
Proof.
rewrite /struct_own_el_val{1}/ty_own_val/=.
iSplit.
- - iIntros "(%r' & %ly & Hrfn & ? & ? & %ul & %ly' & ? & ? & ? & ? & ?)".
- iExists ly. iFrame. iExists ul, ly'. iFrame.
- iExists r'. iFrame.
+ - iIntros "(%r' & %ly & Hrfn & $ & $ & %ul & %ly' & ? & ? & ? & ? & ?)".
+ iExists ul, ly'. iFrame.
- iIntros "(%ly' & ? & ? & %ul & %ly & ? & ? & ? & (%r' & ? & ?) & ?)".
- iExists r', ly'. iFrame. iExists ul, ly. iFrame.
+ iExists r', ly'. iFrame.
Qed.
Local Lemma enum_el_shr_unfold {rt} (ty : type rt) π κ i fields l r tag uls :
@@ -674,10 +672,9 @@ Section ne.
rewrite /struct_own_el_shr{1}/ty_shr/=.
iSplit.
- iIntros "(%r' & %ly & Hrfn & ? & ? & _ & %ul & %ly' & ? & ? & ? & ? & ?)".
- iExists ly. iFrame. iR. iExists ul, ly'. iFrame.
- iExists r'. iFrame.
+ iExists ly. iFrame.
- iIntros "(%ly' & ? & ? & _ & %ul & %ly & ? & ? & ? & (%r' & ? & ?) & ?)".
- iExists r', ly'. iFrame. iExists ul, ly. iFrame.
+ iExists r', ly'. iFrame.
Qed.
Global Instance enum_t_ne {rt1 rt2} (F : type rt1 → enum rt2) :
@@ -923,8 +920,8 @@ Section unfold.
(*assert (syn_type_has_layout (ty_syn_type (enum_tag_type en (enum_tag en r'))) ly0).*)
- (*rewrite heap_mapsto_reshape_sl; last done. iDestruct "Hl" as "(_ & Hl)".*)
- iPoseProof (struct_own_val_join_mapsto with "Hl Hv") as "Hl".
+ (*rewrite heap_pointsto_reshape_sl; last done. iDestruct "Hl" as "(_ & Hl)".*)
+ iPoseProof (struct_own_val_join_pointsto with "Hl Hv") as "Hl".
{ done. }
{ done. }
{ done. }
@@ -960,7 +957,7 @@ Section unfold.
iPoseProof (ty_own_val_active_union_split with "Hv") as "(%ul' & %ly & %v1 & %v2 & -> & %Huls & %Hty & Hv1 & Hv2)".
assert (ul' = ul) as ->. { admit. }
- rewrite heap_mapsto_app. iDestruct "Hl" as "(Hl1 & Hl2)".
+ rewrite heap_pointsto_app. iDestruct "Hl" as "(Hl1 & Hl2)".
iSplitL "Hl1 Hv1".
{ rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iExists ly.
@@ -1180,15 +1177,15 @@ Section rules.
iPoseProof (ty_own_val_has_layout with "Hv") as "%Hv"; first done.
iR.
iSplitL "Hv".
- - rewrite take_app'; first done. done.
- - rewrite drop_app'; last done.
+ - rewrite take_app_length'; first done. done.
+ - rewrite drop_app_length'; last done.
iApply uninit_own_spec.
iExists _. iSplitR. { iPureIntro. apply syn_type_has_layout_untyped; first done.
- by apply layout_wf_align_log_0.
- rewrite ly_size_active_union_rest_ly. apply use_union_layout_alg_size in Hul'. lia.
- by apply ly_align_in_bounds_1. }
iPureIntro. rewrite /has_layout_val.
- rewrite replicate_length. rewrite /use_layout_alg'.
+ rewrite length_replicate. rewrite /use_layout_alg'.
erewrite elem_of_list_to_map_1; first last.
{ eapply elem_of_list_lookup_2. done. }
{ apply els_variants_nodup. }
@@ -1485,7 +1482,7 @@ End enum_test.
(drop o v) `has_layout_val` (ly_offset ly o) →
v `has_layout_val` ly ∨ (ly_size ly ≤ o ∧ length v ≤ o).
Proof.
- rewrite /has_layout_val. rewrite drop_length.
+ rewrite /has_layout_val. rewrite length_drop.
destruct ly as [sz al].
rewrite /ly_offset /ly_size /=.
intros ?. destruct (decide (length v = sz)); first by left. right. lia.
diff --git a/theories/rust_typing/existentials.v b/theories/rust_typing/existentials.v
index 36e78a04c88012ae3ca5ecbc927650fd12b2f366..0707b62b96eae47d87ceda83ce84bb64529921b9 100644
--- a/theories/rust_typing/existentials.v
+++ b/theories/rust_typing/existentials.v
@@ -346,9 +346,7 @@ Section open.
iModIntro.
rewrite ltype_own_core_equiv. simp_ltypes.
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iExists ly. simpl. iFrame "#%". iFrame.
- iExists r''. iSplitR; first done. iModIntro.
- iExists v'. iFrame. iExists r0. by iFrame.
+ iExists ly. simpl. iFrame "#%". by iFrame.
Qed.
(* We open this into a ShadowedLtype for [Shared].
@@ -373,7 +371,7 @@ Section open.
rewrite ltype_own_shadowed_unfold /shadowed_ltype_own.
simp_ltypes. iSplitR; first done. iSplitL; last done.
iApply ltype_own_ofty_unfold. rewrite /lty_of_ty_own.
- iExists ly. iSplitR; first done. iSplitR; first done. iFrame "#".
+ iExists ly. iSplitR; first done. do 3 iR.
iExists r. iSplitR; first done. iModIntro. done.
Qed.
@@ -445,7 +443,7 @@ Section open.
iMod ("Hub" with "Hdead' Hb") as "Hown".
rewrite {2}ltype_own_ofty_unfold /lty_of_ty_own.
iDestruct "Hown" as "(% &_ & _ & _ & _ & _ & %r1 & -> & >(%v1 & Hl & Hv))".
- iModIntro. iExists v1. iFrame. iExists r1. iFrame. }
+ iModIntro. iFrame. }
{ iNext. rewrite /V. iFrame. }
iMod ("Hcl_tok" with "Htok") as "$".
@@ -465,7 +463,7 @@ Section open.
iDestruct "Hb" as "(% & _ & _ & _ & _ & _ & Hb)".
iDestruct "Hb" as "(%r1 & -> & >(%v1 & Hl & Hv1))".
iMod ("HP" with "Hdead") as "HP".
- iModIntro. iExists v1. iFrame. iExists r1. iFrame.
+ iModIntro. iFrame.
Qed.
End open.
diff --git a/theories/rust_typing/existentials_na.v b/theories/rust_typing/existentials_na.v
index e2652b98e4a7e0c20901061ee3b90e6a311fe3af..fc216963ee5429628ce81ee2168360311ec6a7f6 100644
--- a/theories/rust_typing/existentials_na.v
+++ b/theories/rust_typing/existentials_na.v
@@ -158,8 +158,7 @@ Section na_ex.
iDestruct "Hinv" as (v) "((% & Hl & HP) & Hv)".
iPoseProof (ty_own_val_sidecond with "HP") as "#>Hsc".
iModIntro; iSplit; [iNext | done].
- iExists v; iFrame.
- iExists v0; iFrame. }
+ iExists v; iFrame. }
iMod (bor_na with "Hbor") as "Hbor"; first solve_ndisj.
@@ -196,7 +195,7 @@ Section contr.
intros HP HF.
constructor; simpl.
- apply HF.
- - destruct HP as [Hlft _ _].
+ - destruct HP as [Hlft _].
destruct HF as [_ Hlft' _ _ _ _].
apply ty_lft_morphism_of_direct.
apply ty_lft_morphism_to_direct in Hlft'.
@@ -239,7 +238,7 @@ Section contr.
intros HP HF.
constructor; simpl.
- apply HF.
- - destruct HP as [Hlft _ _].
+ - destruct HP as [Hlft _].
destruct HF as [_ Hlft' _ _ _ _].
apply ty_lft_morphism_of_direct.
apply ty_lft_morphism_to_direct in Hlft'.
@@ -350,9 +349,7 @@ Section na_subtype.
iModIntro.
rewrite ltype_own_core_equiv. simp_ltypes.
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iExists ly. simpl. iFrame "#%". iFrame.
- iExists r''. iSplitR; first done. iModIntro.
- iExists v'. iFrame. iExists r0. by iFrame.
+ iExists ly. simpl. iFrame "#%". by iFrame.
Qed.
Lemma typed_place_na_ex_plain_t_owned π E L l (ty : type rt) x wl bmin K T :
diff --git a/theories/rust_typing/fraction_counting.v b/theories/rust_typing/fraction_counting.v
index 5fba6142146d19ec41125c2bdaaf3f63d30d4eab..6f678a13bb86f0d22ac8c1ef145e46e37d4c3c32 100644
--- a/theories/rust_typing/fraction_counting.v
+++ b/theories/rust_typing/fraction_counting.v
@@ -134,9 +134,7 @@ Section laws.
rewrite ghost_map_auth_fractional. iDestruct "Hauth" as "(Hauth' & Hauth)".
rewrite Hfrac. iDestruct "Hprop" as "($ & Hprop)".
iSplitL "Hauth' Hprop".
- { iExists _, _. iFrame. iSplitR; first done. iSplitR; first done.
- iExists qr. iSplitR; done.
- }
+ { iExists _, _. iFrame. iSplitR; first done. iSplitR; done. }
iIntros "Hprop Hauth'".
iDestruct "Hauth'" as "(%M' & %next_fresh' & Hauth' & _ & _ & %qr' & % & Hfrac)".
iExists M, next_fresh. iDestruct (ghost_map_auth_agree with "Hauth Hauth'") as %<-.
@@ -215,7 +213,8 @@ Section laws.
iIntros "(%M & %nf & Hauth & %Hsz & %Hfresh & %q' & %Hrem & Hprop) (%q & Hprop' & %k & Helem)".
iPoseProof (ghost_map_lookup with "Hauth Helem") as "%Hlook".
iMod (ghost_map_delete with "Hauth Helem") as "Hauth".
- iModIntro. iExists (delete k M), nf. iFrame.
+ iModIntro. iExists (delete k M), nf.
+ iSplitL "Hauth"; first iFrame.
iSplitR. { iPureIntro.
rewrite dom_delete_L size_difference.
2: { apply singleton_subseteq_l. apply elem_of_dom. eauto. }
diff --git a/theories/rust_typing/functions.v b/theories/rust_typing/functions.v
index 28e04fa25cb9d84802f085c2c663e38b1e7fd26a..3a1822fd1b5c9b8d1d609caba4eca8d7e9b8202d 100644
--- a/theories/rust_typing/functions.v
+++ b/theories/rust_typing/functions.v
@@ -376,7 +376,7 @@ Section call.
simpl in Halg_st. rewrite /use_layout_alg' Halg_st in Hly'. rewrite /use_layout_alg' Halg_st in Hly''.
iExists _. iSplitR; first done.
iSplitR; first done. iSplitR; first done.
- iPoseProof (heap_mapsto_loc_in_bounds with "Hl") as "#Hlb".
+ iPoseProof (heap_pointsto_loc_in_bounds with "Hl") as "#Hlb".
rewrite Hly'. iFrame "Hlb". iSplitR; first done.
iExists _. iSplitR; first done. iModIntro. iExists _. iFrame.
rewrite uninit_own_spec.
@@ -396,7 +396,7 @@ Section call.
assert (ly = ly') as <-. { by eapply syn_type_has_layout_inj. }
iExists _. iSplitR; first done. iSplitR; first done.
iPoseProof (ty_own_val_sidecond with "Hvl") as "#$".
- iPoseProof (heap_mapsto_loc_in_bounds with "Ha") as "#Hlb".
+ iPoseProof (heap_pointsto_loc_in_bounds with "Ha") as "#Hlb".
rewrite Hlyv. iSplitR; first done. iSplitR; first done.
iExists _. iSplitR; first done. iNext. eauto with iFrame. }
iApply ("IH" with "[//] [//] [//] [//] [$] [$] [$]").
@@ -426,7 +426,7 @@ Section call.
rewrite !zip_fmap_r !big_sepL_fmap. iFrame.
iSplitR. { iPureIntro. apply Forall2_length in Halg.
- rewrite map_length in Halg. rewrite Hlen1 Hlen3 Halg fmap_length. done. }
+ rewrite length_map in Halg. rewrite Hlen1 Hlen3 Halg length_fmap. done. }
iSplitR; first done.
iIntros "Hcred Hat".
iPoseProof ("Hkill" with "HÏ") as "(Htok & Hkill)".
@@ -462,6 +462,10 @@ Proof.
Defined.
(** ** Notations *)
+
+(* TODO figure out how to annotate the scope properly *)
+Local Set Warnings "-inconsistent-scopes".
+
(* Hack: in order to make this compatible with Coq argument parsing, we declare a small helper notation for arguments *)
Declare Scope fnarg_scope.
Delimit Scope fnarg_scope with F.
@@ -473,8 +477,6 @@ Definition arg_ty_is_xrfn `{!typeGS Σ} (ty : sigT (λ rt : Type, type rt * rt)%
let '(existT _ (ty, r)) := ty in
ty_is_xrfn ty r.
-(* TODO figure out how to annotate the scope properly *)
-Local Set Warnings "-inconsistent-scopes".
Notation "'fn(∀' κs ':' n '|' tys ':' rts '|' x ':' A ',' E ';' Pa ')' '→' '∃' y ':' B ',' r '@' rty ';' Pr" :=
((fun κs tys =>
mk_fn_spec (A : Type) (fun x =>
@@ -702,7 +704,7 @@ Section function_subsume.
{ unfold INV. iModIntro. iIntros (? [rt [ty r]] ? ? Hlook) "(-> & Hi) Hs".
specialize (lookup_lt_Some _ _ _ Hlook) as Hlt1.
edestruct (lookup_lt_is_Some_2 lsa i) as (l1 & Hlook1).
- { rewrite vec_to_list_length. lia. }
+ { rewrite length_vec_to_list. lia. }
iPoseProof (big_sepL2_delete _ _ _ i with "Hi") as "(Ha & Hi)"; [done.. | ].
simpl. rewrite decide_True; last lia.
iExists (take (S i) lsa). rewrite -assoc. iR.
@@ -725,17 +727,17 @@ Section function_subsume.
if decide (i < n) then l â—â‚—[ Ï€, Owned false] # r @ (â— ty) else True)%I).
iPoseProof (iterate_elim0 INV with "Hc [] []") as "Hb".
{ unfold INV. iApply big_sepL2_intro.
- { rewrite vec_to_list_length. lia. }
+ { rewrite length_vec_to_list. lia. }
iModIntro. iIntros (?? [? []] ??).
setoid_rewrite decide_False; last lia. done. }
{ unfold INV. iModIntro. iIntros (? [l [rt [ty r]]] ? Hlook) "Hi Hs".
apply lookup_zip in Hlook as (Hlook1 & Hlook2).
rewrite firstn_all2 in Hlook1; first last.
- { rewrite vec_to_list_length. lia. }
+ { rewrite length_vec_to_list. lia. }
iDestruct "Hs" as "(Hs & $)". simpl.
rewrite -(list_insert_id lsa i l); last done.
rewrite -(list_insert_id (fp_atys ((F1 κs tys).(fn_p) a)) i (r :$@: ty)%F); last done.
- efeed pose proof (big_sepL2_insert lsa (fp_atys ((F1 κs tys).(fn_p) a)) i l (r :$@: ty)%F
+ opose proof* (big_sepL2_insert lsa (fp_atys ((F1 κs tys).(fn_p) a)) i l (r :$@: ty)%F
(λ i0 l0 '(existT rt0 (ty0, r0)), if decide (i0 < S i) then l0 â—â‚—[ Ï€, Owned false] # r0 @ (â— ty0) else True)%I 0%nat) as Hr.
{ eapply lookup_lt_Some; done. }
{ eapply lookup_lt_Some; done. }
@@ -764,7 +766,7 @@ Section function_subsume.
iModIntro. iIntros (?? [? []] Hlook1 Hlook2).
rewrite decide_True; first eauto.
rewrite zip_length.
- rewrite take_length.
+ rewrite length_take.
apply lookup_lt_Some in Hlook1.
apply lookup_lt_Some in Hlook2.
lia. }
@@ -785,8 +787,7 @@ Section function_subsume.
(* TODO could also allow prove_with_subtype etc here? *)
iModIntro.
simpl. iExists L2, [], R. iFrame.
- iSplitR "Hintro".
- { iModIntro. iExists _. iFrame. }
+ iSplitR "Hintro"; first done.
iIntros (??) "HE HL HP".
iPoseProof ("HEincl" with "HE") as "HE".
rewrite /llctx_find_llft_goal.
@@ -794,7 +795,7 @@ Section function_subsume.
iMod ("Hintro" with "[//] HE HL HP") as "(%L3 & HL & %L4 & %κs3 & % & % & Hc & HT)".
simpl.
iModIntro. iExists L3. iFrame.
- iExists _, _. iR. iExists _. iFrame.
+ by iExists _, _.
Qed.
Global Instance subsume_typed_function_inst π fn local_sts {lfts : nat} {rts : list Type} (eqp1 eqp2 : eq rts rts) (F1 : spec_with lfts rts fn_spec) (F2 : spec_with lfts rts fn_spec) :
Subsume (typed_function π fn local_sts (eqp1, F1)) (typed_function π fn local_sts (eqp2, F2)) | 10 :=
diff --git a/theories/rust_typing/hlist.v b/theories/rust_typing/hlist.v
index 61919afb8ed6a8b5e44b22dd7d194d0f06aff35f..7a9859ddeeca80f95164e68fe5873705e2d6230f 100644
--- a/theories/rust_typing/hlist.v
+++ b/theories/rust_typing/hlist.v
@@ -129,9 +129,9 @@ End hlist.
Ltac inv_hlist xl := let A := type of xl in
match eval hnf in A with hlist _ ?Xl =>
match eval hnf in Xl with
- | [] => revert dependent xl;
+ | [] => generalize dependent xl;
match goal with |- ∀xl, @?P xl => apply (hlist_nil_inv P) end
- | _ :: _ => revert dependent xl;
+ | _ :: _ => generalize dependent xl;
match goal with |- ∀xl, @?P xl => apply (hlist_cons_inv P) end;
(* Try going on recursively. *)
try (let x := fresh "x" in intros x xl; inv_hlist xl; revert x)
diff --git a/theories/rust_typing/lft_contexts.v b/theories/rust_typing/lft_contexts.v
index be17a920a8fada32378d612ef767aca0c8e7abce..6a4c5eac429d50902f633c177e4df10207370757 100644
--- a/theories/rust_typing/lft_contexts.v
+++ b/theories/rust_typing/lft_contexts.v
@@ -24,6 +24,7 @@ Class lctxGS Σ := LctxGS {
(* name for the decomposition map *)
lctx_decomp_name : gname;
}.
+
Global Hint Mode lctxGS - : typeclass_instances.
Class lctxGPreS Σ := LctxGPreS {
lctx_pre_name_inG :: ghost_mapG Σ lft gname;
@@ -665,7 +666,7 @@ Section lft_contexts.
iPoseProof ("Hcl_auth" with "[Hi1 Hex1 Hi2 Hex2] Hauth") as "Hauth".
{ iExists _, _, _. iFrame "Hd". rewrite Hmax !lft_tok_fractional. by iFrame. }
iApply "Hclose". iModIntro. iExists γ. iFrame "#∗".
- iExists _, _, _. eauto with iFrame.
+ eauto with iFrame.
Qed.
Lemma lctx_lft_alive_intersect κ1 κ2 :
@@ -1013,7 +1014,7 @@ Section lft_contexts.
generalize (elements M) as l.
induction l as [ | κ l IH].
- exists 1%positive. intros m ? []%elem_of_nil.
- - destruct IH as (i & IH). destruct (lft_fresh_strong κ κ') as (i' & Hi).
+ - destruct IH as (i & IH). destruct (lft_fresh κ κ') as (i' & Hi).
exists (Pos.max i i'). intros m Hlt [ | ]%elem_of_cons.
+ eapply Hi; last done. lia.
+ eapply IH; last done. lia.
@@ -1092,7 +1093,7 @@ Section lft_contexts.
iAssert (∃ κi κex qex, lft_decomp κ κi κex qex ∗ llctx_elt_interp (κ ⊑ₗ{ 0} κs))%I with "[Helt]" as "Ha".
{ iDestruct "Helt" as "(%γ & Hname & Hauth & #Hshape & Hkill)".
iDestruct "Hshape" as "(% & % & % & Hde & ?)".
- iExists _, _, _. iFrame "Hde". iExists _. iFrame. iExists _, _, _. eauto with iFrame. }
+ iExists _, _, _. iR. iExists _. iFrame. iExists _, _, _. eauto with iFrame. }
iDestruct "Ha" as "(% & % & % & Hde & Helt)".
iFrame. iPoseProof (llctx_elt_reclaim with "Helt Hde") as "(_ & $)"; done.
Qed.
@@ -1114,7 +1115,7 @@ Section lft_contexts.
iInv "LCTX" as "(%M & %M' & >Hauth_name & >Hauth_decomp & >%Hdom)" "Hcl".
set (κ' := lft_intersect_list κs ⊓ κex).
set (P := startlft_choose_pred (dom M) κ').
- iMod (lft_create_strong P with "LFT") as "(%i & %Hfresh & Htok & Hkill)";
+ iMod (lft_create_strong P with "LFT") as "(%i & %Hfresh & Htok)";
[apply startlft_choose_pred_infinite | solve_ndisj | ].
set (κ := positive_to_lft i ⊓ κ').
assert (M !! κ = None) as Hfresh'.
@@ -1140,12 +1141,12 @@ Section lft_contexts.
iMod ("Hcl" with "[Hauth_name Hauth_decomp]") as "_".
{ iExists _, _. iFrame. rewrite !dom_insert_L Hdom. done. }
iModIntro. iExists κ.
- iSplitL "Hkill Hfrac".
+ iSplitL "Hfrac".
{ iExists γfrac. iFrame "# Hfrac".
+ (*iMod (lft_kill_atomic)*)
iSplitR.
- - iExists _, _, _. iFrame "Hde".
- rewrite [_ ⊓ positive_to_lft _]lft_intersect_comm -lft_intersect_assoc. done.
- - iExists _, _, _. iFrame "Hde". done.
+ { by rewrite [_ ⊓ positive_to_lft _]lft_intersect_comm -lft_intersect_assoc. }
+ iPoseProof (lft_kill_atomic with "LFT") as "#Ha". iApply "Ha".
}
iSplitR.
{ iPureIntro. subst κ κ'.
@@ -1364,7 +1365,7 @@ Proof.
induction κs1 as [ | κ κs1 IH]; simpl.
{ intros. iApply lft_incl_static. }
intros Hincl.
- efeed pose proof (Hincl κ) as Helem.
+ opose proof* (Hincl κ) as Helem.
{ apply elem_of_cons; by left. }
iApply (lft_incl_trans _ (κ ⊓ lft_intersect_list κs2)); first last.
{ iApply lft_intersect_mono; first iApply lft_incl_refl.
diff --git a/theories/rust_typing/ltype_rules.v b/theories/rust_typing/ltype_rules.v
index 69f61e9d703f38c80069a128d44c5f6e86ec3210..046fe149933c85f5a068548d7e9aac69bfc1ffef 100644
--- a/theories/rust_typing/ltype_rules.v
+++ b/theories/rust_typing/ltype_rules.v
@@ -16,7 +16,7 @@ Proof.
+ iDestruct "Hincl" as "->". eauto.
+ rewrite /lty_of_ty_own.
iIntros "(%ly & Hst & Hly & Hsc & Hlb & % & ? & #Hb)". iExists ly. iFrame.
- iExists r'. iFrame. iModIntro. iMod "Hb". iModIntro.
+ iModIntro. iMod "Hb". iModIntro.
by iApply ty_shr_mono.
+ rewrite /lty_of_ty_own.
iDestruct "Hincl" as "(Hincl & ->)".
@@ -42,7 +42,7 @@ Proof.
+ iDestruct "Hincl" as "->". eauto.
+ rewrite !ltype_own_mut_ref_unfold /mut_ltype_own.
iIntros "(%ly & ? & ? & ? & %r' & %γ & ? & #Hb)".
- iExists ly. iFrame. iExists r', γ. iFrame. iModIntro. iMod "Hb".
+ iExists ly. iFrame. iModIntro. iMod "Hb".
iDestruct "Hb" as "(%li & Hf & Hb)". iModIntro. iExists li.
iSplitL "Hf". { by iApply frac_bor_shorten. }
iNext. iApply IH; last done.
@@ -63,7 +63,7 @@ Proof.
+ iDestruct "Hincl" as "->". eauto.
+ rewrite !ltype_own_shr_ref_unfold /shr_ltype_own.
iIntros "(%ly & ? & ? & ? & %r' & ? & #Hb)".
- iExists ly. iFrame. iExists r'. iFrame. iModIntro. iMod "Hb".
+ iExists ly. iFrame. iModIntro. iMod "Hb".
iDestruct "Hb" as "(%li & Hf & Hb)". iModIntro. iExists li.
iSplitL "Hf". { by iApply frac_bor_shorten. }
done.
@@ -82,7 +82,7 @@ Proof.
+ iDestruct "Hincl" as "->". eauto.
+ rewrite !ltype_own_box_unfold /box_ltype_own.
iIntros "(%ly & ? & ? & ? & %r' & ? & #Hb)".
- iExists ly. iFrame. iExists r'. iFrame. iModIntro. iMod "Hb".
+ iExists ly. iFrame. iModIntro. iMod "Hb".
iDestruct "Hb" as "(%li & Hf & Hb)". iModIntro. iExists li.
iSplitL "Hf". { by iApply frac_bor_shorten. }
iNext. iApply IH; last done. done.
@@ -101,7 +101,7 @@ Proof.
+ iDestruct "Hincl" as "->". eauto.
+ rewrite !ltype_own_owned_ptr_unfold /owned_ptr_ltype_own.
iIntros "(%ly & ? & ? & ? & %r' & %li & ? & #Hb)".
- iExists ly. iFrame. iExists r', li. iFrame. iModIntro. iMod "Hb".
+ iExists ly. iFrame. iModIntro. iMod "Hb".
iDestruct "Hb" as "(Hf & Hb)". iModIntro.
iSplitL "Hf". { by iApply frac_bor_shorten. }
iNext. iApply IH; last done. done.
@@ -120,7 +120,7 @@ Proof.
+ iDestruct "Hincl" as "->". eauto.
+ rewrite !ltype_own_struct_unfold /struct_ltype_own.
iIntros "(%sl & ? & ? & ? & ? & %r' & ? & #Hb)".
- iExists sl. iFrame. iExists r'. iFrame. iModIntro. iMod "Hb".
+ iExists sl. iFrame. iModIntro. iMod "Hb".
iApply (big_sepL_wand with "Hb").
iModIntro. iApply big_sepL_intro. iIntros "!>" (k [rt [lt r0]] Hlook).
apply pad_struct_lookup_Some_1 in Hlook as (n & ly & ? & [[? Hlook] | [? Heq]]).
@@ -149,7 +149,7 @@ Proof.
+ iDestruct "Hincl" as "->"; eauto.
+ rewrite !ltype_own_array_unfold /array_ltype_own.
iIntros "(%ly & Hst & Hly & Hlb & Ha & %r' & Hrfn & #Hb)".
- iExists ly. iFrame. iExists r'. iFrame.
+ iExists ly. iFrame.
iModIntro. iMod "Hb" as "(%Hlen2 & Hb)". iModIntro. iR.
iApply (big_sepL2_wand with "Hb").
iApply big_sepL2_intro. { rewrite interpret_iml_length //. }
@@ -205,7 +205,7 @@ Proof.
+ rewrite !ltype_own_shrblocked_unfold /shr_blocked_lty_own.
iDestruct "Hincl" as "(Hincl & ->)".
iIntros "(%ly & ? & ? & ? & ? & %r' & ? & ? & Hb & Hs & $ & $)".
- iExists ly. iFrame. iExists r'. iFrame.
+ iExists ly. iFrame.
iIntros "Hdead". iMod ("Hs" with "Hdead") as "Hdead". by iApply pinned_bor_shorten.
- iIntros (rt ty r l b1 b2) "#Hincl". simp_ltypes.
iSplitL; rewrite !ltype_own_ofty_unfold; iApply lty_of_ty_mono; done.
@@ -470,7 +470,7 @@ Section accessors.
iIntros "Hcred' !>". iIntros (v2 rt2 ty2 r2) "Hl %Hst_eq Hsc' Hv".
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iModIntro. rewrite -Hst_eq. iExists ly. iFrame "#∗%".
- iExists _. iSplitR; first done.
+ iSplitR; first done.
iNext. eauto with iFrame.
Qed.
@@ -745,7 +745,8 @@ Section deinit.
simpl. iPureIntro. eapply syn_type_has_layout_make_untyped; last done.
by eapply syn_type_has_layout_inj. }
iR. iSplitR. { rewrite /ty_own_val/=//. }
- iFrame. iR. iExists tt. iR. iModIntro. iExists _. iFrame.
+ iSplitL "Hlb"; first by iFrame. iR.
+ iExists tt. iR. iModIntro. iExists _. iFrame.
rewrite uninit_own_spec. iExists ly.
apply syn_type_has_layout_ptr_inv in Halg as ->. iSplitR; last done.
iPureIntro. destruct Hcompat as [<- | (ly1 & Hst' & ->)]; first done.
@@ -776,7 +777,8 @@ Section deinit.
simpl. iPureIntro. eapply syn_type_has_layout_make_untyped; last done.
by eapply syn_type_has_layout_inj. }
iR. iSplitR. { rewrite /ty_own_val/=//. }
- iFrame. iSplitR "Hl".
+ iSplitL "Hlb"; first by iFrame.
+ iSplitR "Hl".
{ iModIntro. destruct wl; last done. simpl. rewrite /num_cred. iFrame. iApply lc_succ; iFrame. }
iExists tt. iR. iModIntro. iExists _. iFrame.
rewrite uninit_own_spec. iExists ly.
@@ -807,7 +809,8 @@ Section deinit.
simpl. iPureIntro. eapply syn_type_has_layout_make_untyped; last done.
by eapply syn_type_has_layout_inj. }
iR. iSplitR. { rewrite /ty_own_val/=//. }
- iFrame. iR. iExists tt. iR. iModIntro. iExists _. iFrame.
+ iSplitL "Hlb"; first done. iR.
+ iExists tt. iR. iModIntro. iExists _. iFrame.
rewrite uninit_own_spec. iExists ly.
apply syn_type_has_layout_ptr_inv in Halg as ->. iSplitR; last done.
iPureIntro. destruct Hcompat as [<- | (ly1 & Hst' & ->)]; first done.
@@ -838,7 +841,8 @@ Section deinit.
simpl. iPureIntro. eapply syn_type_has_layout_make_untyped; last done.
by eapply syn_type_has_layout_inj. }
iR. iSplitR. { rewrite /ty_own_val/=//. }
- iFrame. iSplitR "Hl".
+ iSplitL "Hlb"; first by iFrame.
+ iSplitR "Hl".
{ iModIntro. destruct wl; last done. simpl. rewrite /num_cred. iFrame. iApply lc_succ; iFrame. }
iExists tt. iR. iModIntro. iExists _. iFrame.
rewrite uninit_own_spec. iExists ly.
@@ -856,14 +860,16 @@ Section deinit.
Proof.
iIntros (? Hstcomp) "Hl".
rewrite ltype_own_shr_ref_unfold /shr_ltype_own.
- iDestruct "Hl" as "(%ly & %Halg & % & ? & Hcreds & %r' & ? & Hb)".
+ iDestruct "Hl" as "(%ly & %Halg & % & Hlb & Hcreds & %r' & ? & Hb)".
iMod (maybe_use_credit with "Hcreds Hb") as "(? & ? & %l' & Hl & Hb)"; first done.
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iModIntro. iExists ly. simpl. iSplitR.
{ destruct Hstcomp as [<- | (ly1 & Hst' & ->)]; first done.
simpl. iPureIntro. eapply syn_type_has_layout_make_untyped; last done.
by eapply syn_type_has_layout_inj. }
- iR. iR. iFrame. iR. iExists tt. iR.
+ iR. iR.
+ iSplitL "Hlb"; first by iFrame. iR.
+ iExists tt. iR.
iModIntro. iExists l'. iFrame. rewrite uninit_own_spec. iExists ly.
apply syn_type_has_layout_ptr_inv in Halg as ->. iSplitR; last done.
iPureIntro. destruct Hstcomp as [<- | (ly1 & Hst' & ->)]; first done.
@@ -880,14 +886,16 @@ Section deinit.
Proof.
iIntros (? Hstcomp) "Hcred Hl".
rewrite ltype_own_shr_ref_unfold /shr_ltype_own.
- iDestruct "Hl" as "(%ly & %Halg & % & ? & Hcreds & %r' & ? & Hb)".
+ iDestruct "Hl" as "(%ly & %Halg & % & Hlb & Hcreds & %r' & ? & Hb)".
iMod (maybe_use_credit with "Hcreds Hb") as "(? & ? & %l' & Hl & Hb)"; first done.
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iModIntro. iExists ly. simpl. iSplitR.
{ destruct Hstcomp as [<- | (ly1 & Hst' & ->)]; first done.
simpl. iPureIntro. eapply syn_type_has_layout_make_untyped; last done.
by eapply syn_type_has_layout_inj. }
- iR. iR. iFrame. iSplitR "Hl".
+ iR. iR.
+ iSplitL "Hlb"; first by iFrame.
+ iSplitR "Hl".
{ destruct wl; last done. simpl. rewrite /num_cred. iFrame. iApply lc_succ; iFrame. }
iExists tt. iR.
iModIntro. iExists l'. iFrame. rewrite uninit_own_spec. iExists ly.
@@ -1054,5 +1062,3 @@ Ltac solve_type_proper_step :=
Ltac solve_proper_step := first [eassumption | solve_type_proper_step].
Ltac solve_type_proper :=
solve_proper_core ltac:(fun _ => solve_type_proper_step).
-
-
diff --git a/theories/rust_typing/ltypes.v b/theories/rust_typing/ltypes.v
index 22f6cee599d79db626f9d8ef9306eeed1bc13c40..49296281991cc78b596afc178e5135116066ae00 100644
--- a/theories/rust_typing/ltypes.v
+++ b/theories/rust_typing/ltypes.v
@@ -55,7 +55,7 @@ Section enum.
Global Arguments enum_lfts {_}.
Global Arguments enum_wf_E {_}.
Global Instance enum_rt_inhabited {rt} (e : enum rt) : Inhabited rt :=
- populate (e.(enum_xrt) e.(enum_xt_inhabited).(inhabitant)).
+ populate (e.(enum_xrt) e.(enum_xt_inhabited).(inhabitant)).
(*Set Universe Polymorphism.*)
Definition enum_tag_ty' {rt} (en : enum rt) (v : var_name) : sigT type :=
@@ -131,7 +131,7 @@ Section array.
+ intros (a & Hlook & Hle). destruct a as [ | a].
* simpl in *. injection Hlook as -> ->. rewrite decide_True; done.
* simpl in *. destruct (decide (i = j)) as [<- | Hneq].
- { by efeed pose proof (Hle 0); [lia | done | done | ]. }
+ { by opose proof* (Hle 0); [lia | done | done | ]. }
eapply IH. eexists. split; first done. intros. eapply (Hle (S b)); last done. lia.
+ destruct (decide (i = j)) as [<- | Hneq].
* intros [= ->]. exists 0. simpl. split; first done. intros. lia.
@@ -148,7 +148,7 @@ Section array.
split.
- intros Ha. destruct (decide (i = j)) as [<- | ]; first last.
{ eapply IH. intros. eapply (Ha (S b)); done. }
- by efeed pose proof (Ha 0); [done | done | ].
+ by opose proof* (Ha 0); [done | done | ].
- destruct (decide (i = j)) as [<- | ]; first done.
intros Ha b ??. destruct b as [ | b]; first (simpl; congruence).
simpl. intros Hlook. eapply IH; done.
@@ -166,12 +166,12 @@ Section array.
length (interpret_inserts iml ls) = length ls.
Proof.
induction iml as [ | [i x] iml IH]; simpl; first done.
- rewrite insert_length //.
+ rewrite length_insert //.
Qed.
Lemma interpret_iml_length {X} (def : X) (len : nat) (iml : list (nat * X)) :
length (interpret_iml def len iml) = len.
Proof.
- rewrite /interpret_iml interpret_inserts_length replicate_length //.
+ rewrite /interpret_iml interpret_inserts_length length_replicate //.
Qed.
Lemma lookup_interpret_inserts_Some_inv {X} (iml : list (nat * X)) (ls : list X) i x :
@@ -181,7 +181,7 @@ Section array.
intros Ha. specialize (lookup_lt_Some _ _ _ Ha) as Hlen.
induction iml as [ | [j y] iml IH] in i, Hlen, Ha |-*; simpl; first by eauto.
move: Ha. simpl in *.
- rewrite insert_length in Hlen.
+ rewrite length_insert in Hlen.
destruct (decide (i = j)) as [ <- | Hneq].
- rewrite list_lookup_insert; last done.
intros [= ->]. left. apply elem_of_cons. by left.
@@ -197,7 +197,7 @@ Section array.
Proof.
rewrite /interpret_iml. intros Ha.
specialize (lookup_lt_Some _ _ _ Ha) as Hlen.
- rewrite interpret_inserts_length replicate_length in Hlen.
+ rewrite interpret_inserts_length length_replicate in Hlen.
split; first done.
apply lookup_interpret_inserts_Some_inv in Ha as [ | Ha]; first by eauto.
apply lookup_replicate_1 in Ha as [ ]. by left.
@@ -574,8 +574,8 @@ Section ltype_def.
Global Instance place_rfn_interp_shared_pers {rt} (r : place_rfn rt) r' : Persistent (place_rfn_interp_shared r r').
Proof. destruct r; apply _. Qed.
(* NOTE: It's a bit unlucky that we have to rely on timelessness of this in some cases, in particular for some of the unfolding lemmas. *)
- Global Instance place_rfn_interp_shared_timeless {rt} (r : place_rfn rt) r' : Timeless (place_rfn_interp_shared r r').
- Proof. destruct r; apply _. Qed.
+ (* Global Instance place_rfn_interp_shared_timeless {rt} (r : place_rfn rt) r' : Timeless (place_rfn_interp_shared r r'). *)
+ (* Proof. destruct r; apply _. Qed. *)
Global Instance place_rfn_interp_owned_timeless {rt} (r : place_rfn rt) r' : Timeless (place_rfn_interp_owned r r').
Proof. destruct r; apply _. Qed.
Global Instance place_rfn_interp_mut_timeless {rt} (r : place_rfn rt) γ : Timeless (place_rfn_interp_mut r γ).
@@ -669,7 +669,7 @@ Section ltype_def.
- iDestruct "Hobs" as "Hobs". iPoseProof (gvar_agree with "Hauth Hobs") as "#->". eauto with iFrame.
- simpl. rewrite /Rel2. iDestruct "Hobs" as "(%v1 & %v2 & #Hpobs & Hobs & %Heq')". rewrite Heq'.
iPoseProof (gvar_agree with "Hauth Hobs") as "%Heq". rewrite Heq.
- iFrame. iR. iModIntro. iModIntro. iExists _, _. iFrame. iR. done.
+ iFrame. iR. iModIntro. iModIntro. iExists _. iR. done.
}
iMod ("Hcl_auth" with "[$Hauth]") as "($ & Htoka2)".
by iFrame.
@@ -1142,12 +1142,12 @@ Section ltype_def.
Proof.
induction lt as [ | | | | | | | |lts IH sls | rt def len lts IH | | | | | ] using lty_induction; simpl; [lia.. | | | lia | lia | lia | lia | lia].
- induction lts as [ | lt lts IH']; simpl; first done.
- efeed pose proof (IH lt) as IH0. { apply elem_of_cons. by left. }
- feed specialize IH'. { intros. apply IH. apply elem_of_cons. by right. }
+ opose proof* (IH lt) as IH0. { apply elem_of_cons. by left. }
+ ospecialize* IH'. { intros. apply IH. apply elem_of_cons. by right. }
unfold fmap in IH'. lia.
- induction lts as [ | [i lt] lts IH2]; simpl; first lia.
- efeed pose proof (IH i lt) as IH0. { apply elem_of_cons. by left. }
- feed specialize IH2. { intros. eapply IH. apply elem_of_cons. by right. }
+ opose proof* (IH i lt) as IH0. { apply elem_of_cons. by left. }
+ ospecialize* IH2. { intros. eapply IH. apply elem_of_cons. by right. }
unfold fmap in IH2. lia.
Qed.
@@ -2072,7 +2072,7 @@ Section ltype_def.
all: first [ done | rewrite (UIP_refl _ _ Heq) // | idtac].
- simp lty_own_pre. fold lty_rt.
do 5 f_equiv.
- { rewrite map_length. done. }
+ { rewrite length_map. done. }
do 2 f_equiv.
all: setoid_rewrite big_sepL_P_eq.
all: simpl.
@@ -2193,7 +2193,7 @@ Section ltype_def.
(∀ lt : lty, lt ∈ lts → ∀ k π r (Heq : lty_rt lt = lty_rt (lty_core lt)) l, lty_own_pre true lt k π (r) l ≡ lty_own_pre core (lty_core lt) k π (transport_rfn Heq r) l) →
([∗ list] i ↦ ty ∈ zip (fmap lty_core lts) r', ∃ Heq : lty_rt ty.1 = rt, ⌜lty_st ty.1 = st⌠∗ lty_own_pre core ty.1 k π (rew <- [place_rfn] Heq in ty.2) (l offset{ly}ₗ i)) ⊣⊢
([∗ list] i ↦ ty ∈ zip lts r', ∃ Heq : lty_rt ty.1 = rt, ⌜lty_st ty.1 = st⌠∗ lty_own_pre true ty.1 k π (rew <- [place_rfn] Heq in ty.2) (l offset{ly}ₗ i)).
- Proof.
+ Proof.
intros IH.
rewrite zip_fmap_l big_sepL_fmap.
apply big_sepL_proper.
@@ -2282,7 +2282,7 @@ Section ltype_def.
all: by repeat f_equiv.
- simp lty_own_pre. fold lty_rt.
do 5 f_equiv.
- { rewrite map_length. done. }
+ { rewrite length_map. done. }
do 2 f_equiv.
all: simpl.
all: setoid_rewrite big_sepL_P_eq.
@@ -2433,7 +2433,7 @@ Section ltype_def.
iIntros "(%sl & %Halg & %Hlen & %Hly & Hlb & %r' & Ha & #Hl)".
rewrite big_sepL_P_eq.
iExists sl. iR.
- rewrite fmap_length. iR. iR. iFrame.
+ rewrite length_fmap. iR. iR. iFrame.
(*set (Heq' := lty_core_rt_eq ).*)
simpl in r'.
simpl.
@@ -2781,7 +2781,7 @@ Section ltype_def.
{ eapply IH; last done. intros. eapply Ha. apply elem_of_cons; by right. }
destruct Hwf as [[Hwf Heq] ?].
clear IH.
- unshelve efeed pose proof (Ha i lt) as Ha.
+ unshelve opose proof* (Ha i lt) as Ha.
{ done. } { apply elem_of_cons; by left. }
subst rt. eapply P_irrel; done.
Qed.
@@ -3671,7 +3671,7 @@ Section ltype_def.
iR. iR. iFrame.
destruct k as [ wl | | ]; [ | done.. ].
iDestruct "Hl" as "(Hcred & %r' & Hrfn & Ha)".
- iFrame. rewrite Htag. iR. iExists r'. iFrame. iNext.
+ iFrame. rewrite Htag. iR. iNext.
iMod ("Ha") as "(<- & %Heq & Ha)".
iModIntro.
assert (Heq' : enum_variant_rt en r' = enum_tag_rt en (enum_tag en r')).
@@ -3687,7 +3687,7 @@ Section ltype_def.
iSplitR. { rewrite {1}Hrt /enum_tag_rt/enum_tag_ty' Htag//. }
destruct k as [ wl | | ]; [ | done.. ].
iDestruct "Hl" as "(Hcreds & %r' & Hrfn & Hl)".
- iFrame. iExists r'. iFrame.
+ iFrame.
iNext. iMod "Hl" as "(%Heq & <- & ? & Hl & ?)".
iModIntro. iR.
assert (Heq' : lty_rt (ltype_lty lte) = enum_variant_rt en r').
@@ -4923,7 +4923,7 @@ Section eqltype.
iDestruct "Hb" as "(%ly & Hst & ? & Hsc & ? & %r' & Hrfn & #Hb)".
iExists ly. rewrite Hst. iFrame.
iSplitL "Hsc"; first by iApply "Hsceq".
- iExists r'. iFrame. iModIntro. iMod "Hb". iModIntro.
+ iFrame. iModIntro. iMod "Hb". iModIntro.
iDestruct ("Hsub" $! r') as "(_ & _ & _ & Hshr)".
by iApply "Hshr".
Qed.
@@ -4984,7 +4984,7 @@ Section eqltype.
iDestruct ("Hsub" $! r') as "(_ & _ & #Hown & #Hshr)".
iExists ly. rewrite Hst. iFrame.
iSplitL "Hsc"; first by iApply "Hsceq".
- iExists r'. iFrame. iNext. iMod "Hb" as "(% & ? & Hv)". iExists _. iFrame.
+ iFrame. iNext. iMod "Hb" as "(% & ? & Hv)". iExists _. iFrame.
iModIntro. by iApply "Hown".
Qed.
Lemma subtype_subltype_owned E L {rt} `{!Inhabited rt} wl (ty1 : type rt) (ty2 : type rt) :
@@ -5204,8 +5204,7 @@ Section blocked.
iDestruct "Hblocked" as "(%ly & ? & ? & ? & ? & %r' & Hrfn & Hshr & Hunblock & Hcred)".
iMod ("Hunblock" with "Hdead") as "Hl".
iDestruct "Hl" as "(%v & Hl & Hv)".
- iModIntro. iExists ly. iFrame. iExists r'.
- iPoseProof (place_rfn_interp_shared_owned with "Hrfn") as "$".
+ iModIntro. iExists ly. iFrame.
iNext. eauto with iFrame.
Qed.
@@ -5234,7 +5233,7 @@ Section blocked.
rewrite !ltype_own_mut_ref_unfold /mut_ltype_own.
iDestruct "Hb" as "(%ly & ? & ? & ? & ? & %γ & %r' & Hrfn & Hb)".
iExists ly. iFrame.
- iModIntro. iExists _, _. iFrame "Hrfn". iNext.
+ iModIntro. iNext.
iMod "Hb" as "(%l' & Hl & Hb)".
iExists _. iFrame. rewrite -ltype_own_core_equiv.
iApply ("Hub_mut" with "Hdead Hb").
@@ -5264,7 +5263,7 @@ Section blocked.
rewrite !ltype_own_shr_ref_unfold /shr_ltype_own.
iDestruct "Hb" as "(%ly & ? & ? & ? & ? & %r' & Hrfn & Hb)".
iExists ly. iFrame.
- iModIntro. iExists _. iFrame "Hrfn". iNext.
+ iModIntro. iNext.
iMod "Hb" as "(%l' & Hl & Hb)".
iExists _. iFrame.
by iApply ltype_own_shared_to_core.
@@ -5294,7 +5293,7 @@ Section blocked.
rewrite !ltype_own_box_unfold /box_ltype_own.
iDestruct "Hb" as "(%ly & ? & ? & ? & ? & %r' & Hrfn & Hb)".
iExists ly. iFrame.
- iModIntro. iExists _. iFrame "Hrfn". iNext.
+ iModIntro. iNext.
iMod "Hb" as "(%l' & %ly' & Hl & ? & ? & ? & Hb)".
iExists _, _. iFrame. rewrite ltype_core_syn_type_eq. iFrame.
rewrite -ltype_own_core_equiv. iApply "Hub_own"; done.
@@ -5324,7 +5323,7 @@ Section blocked.
rewrite !ltype_own_owned_ptr_unfold /owned_ptr_ltype_own.
iDestruct "Hb" as "(%ly & ? & ? & ? & ? & %r' & %l' & Hrfn & Hb)".
iExists ly. iFrame.
- iModIntro. iExists _, _. iFrame "Hrfn". iNext.
+ iModIntro. iNext.
iMod "Hb" as "(%ly' & Hl & ? & ? & Hb)".
iExists _. iFrame. rewrite ltype_core_syn_type_eq. iFrame.
rewrite -ltype_own_core_equiv. iApply "Hub_own"; done.
@@ -5402,7 +5401,7 @@ Section blocked.
rewrite ltype_own_core_equiv /=. simp_ltypes.
rewrite !ltype_own_struct_unfold /struct_ltype_own.
iDestruct "Hb" as "(%sl & %Halg & %Hlen & ? & ? & ? & %r' & ? & Hb)".
- iExists sl. iFrame. iR. iR. iExists _. iFrame.
+ iExists sl. iFrame. iR. iR.
iModIntro. iNext. iMod "Hb".
rewrite hpzipl_hmap.
rewrite (pad_struct_ext _ (_ <$> _) _ (λ ly, map_core (struct_make_uninit_ltype ly))); first last.
@@ -5470,8 +5469,7 @@ Section blocked.
rewrite ltype_own_core_equiv /=. simp_ltypes.
rewrite !ltype_own_array_unfold /array_ltype_own.
iDestruct "Hb" as "(%ly & %Halg & % & % & ? & ? & %r' & ? & Hb)".
- iExists ly. iFrame. iR. iR. iR.
- iModIntro. iExists r'. iFrame.
+ iExists ly. iFrame. iR. iR. iR. iModIntro.
iEval (rewrite -(ltype_core_ofty def)).
rewrite interpret_iml_fmap big_sepL2_fmap_l.
iNext. iMod ("Hb") as "(%Hlen & Ha)". iR.
@@ -5499,8 +5497,8 @@ Section blocked.
rewrite !ltype_own_enum_unfold /enum_ltype_own.
iDestruct "Hb" as "(%el & %Halg & % & ? & %Htag & ? & %r' & ? & Hb)".
iExists el. iFrame. iR. iR. iR.
- iModIntro. iExists r'. iFrame.
- iNext. iMod "Hb" as "(%Heq & %Htag' & ? & Hb & ? & ?)".
+ iModIntro. iNext.
+ iMod "Hb" as "(%Heq & %Htag' & ? & Hb & ? & ?)".
iExists Heq. iR. rewrite ltype_core_syn_type_eq. iFrame.
iDestruct "Hub" as "(_ & #Hub_own)". iMod ("Hub_own" with "Hdead Hb") as "Hl".
rewrite ltype_own_core_equiv. done.
diff --git a/theories/rust_typing/maybe_uninit.v b/theories/rust_typing/maybe_uninit.v
index d3fd472b130b99ee556e472fd4404e7c6a472300..079d18a85fd5f87acdd96629c3d7f2173f8027ec 100644
--- a/theories/rust_typing/maybe_uninit.v
+++ b/theories/rust_typing/maybe_uninit.v
@@ -247,7 +247,7 @@ Section rules.
iMod "Hl" as "(%v & Hl & Hv)".
iModIntro. iExists ly. iR. iR. iSplitR. { rewrite /maybe_uninit. done. }
iFrame. iExists (Some (👻 γ)). iR. iModIntro.
- iExists v. iFrame. rewrite {2}/ty_own_val/=.
+ rewrite {2}/ty_own_val/=.
eauto with iFrame.
Qed.
Global Instance weak_subltype_maybe_uninit_ghost_inst E L {rt} (ty : type rt) γ r2 :
diff --git a/theories/rust_typing/mut_ref.v b/theories/rust_typing/mut_ref.v
index d386ad86ff1960d5d1737fba19759264627f8dbb..9b866b07af4f2cc4255c8411484f4e150b512626 100644
--- a/theories/rust_typing/mut_ref.v
+++ b/theories/rust_typing/mut_ref.v
@@ -135,7 +135,7 @@ Section mut_ref.
(* get a loc_in_bounds fact from the pointsto *)
iMod (bor_acc with "LFT Hl Htok_κ'") as "(>Hl & Hcl_l)"; first solve_ndisj.
- iPoseProof (heap_mapsto_loc_in_bounds with "Hl") as "#Hlb'".
+ iPoseProof (heap_pointsto_loc_in_bounds with "Hl") as "#Hlb'".
iMod ("Hcl_l" with "Hl") as "(Hl & Htok_κ')".
iCombine "Htok_κ Htok_κ'" as "Htoka1". rewrite lft_tok_sep.
iCombine "Htoka1 Htoka2" as "Htoka".
@@ -380,13 +380,14 @@ Section subltype.
iModIntro.
iIntros (Ï€ l). rewrite !ltype_own_mut_ref_unfold /mut_ltype_own /=.
iIntros "(%ly & ? & ? & ? & (%r' & %γ & Hrfn & #Hb))".
- iExists ly. iFrame. iExists _, _. iFrame.
+ iExists ly. iFrame.
iModIntro. iMod "Hb" as "(%li & Hs & Hb)". iModIntro.
iDestruct ("Heq" $! r') as "(%Hly_eq & #Hi1 & #Hc1)".
iExists li. iFrame. iApply ltype_own_shr_mono; last by iApply "Hi1".
iApply lft_intersect_mono; first done.
iApply lft_incl_refl.
Qed.
+
Lemma mut_ltype_incl_shared {rt} (lt1 : ltype rt) (lt2 : ltype rt) κ' r κ1 κ2 :
(∀ r, ltype_incl (Shared (κ1 ⊓ κ')) r r lt1 lt2) -∗
κ2 ⊑ κ1 -∗
@@ -439,7 +440,7 @@ Section subltype.
iIntros (Ï€ l). rewrite !ltype_own_mut_ref_unfold /mut_ltype_own /=.
iIntros "(%ly & ? & ? & ? & ? & (%γ' & %r' & Hrfn & Hl))".
iModIntro.
- iExists ly. iFrame. iExists γ', r'. iFrame "Hrfn".
+ iExists ly. iFrame.
iNext. iMod "Hl" as "(%l' & Hl & Hb)".
iExists l'. iFrame. iModIntro.
iApply ltype_own_uniq_mono; first done.
@@ -569,13 +570,14 @@ Section ltype_agree.
iModIntro. iIntros (Ï€ l). rewrite ltype_own_mut_ref_unfold /mut_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
iIntros "(%ly & ? & ? & Hlb & ? & %γ & %r' & Hrfn & Hb)".
iModIntro.
- iExists ly. iFrame "∗". iExists _. iFrame. iNext.
+ iExists ly. iFrame "∗". iNext.
iMod "Hb" as "(%l' & Hl & Hb)".
iExists l'. iFrame.
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iDestruct "Hb" as "(%ly' & ? & ? & Hsc & Hlb' & ? & Hrfn' & Hb)".
- iExists l'. iFrame. iExists ly'. iSplitR; first done. iFrame "∗". done.
+ iExists l'. iFrame. done.
Qed.
+
Lemma mut_ref_unfold_1_uniq κ κ' γ r :
⊢ ltype_incl' (Uniq κ' γ) r r (MutLtype (◠ty) κ) (◠(mut_ref κ ty)).
Proof.
@@ -595,18 +597,18 @@ Section ltype_agree.
iExists _. iFrame. rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iModIntro. iExists ly'. iFrame. done.
Qed.
+
Lemma mut_ref_unfold_1_shared κ κ' r :
⊢ ltype_incl' (Shared κ') r r (MutLtype (◠ty) κ) (◠(mut_ref κ ty)).
Proof.
- iModIntro.
- iIntros (Ï€ l). rewrite ltype_own_mut_ref_unfold /mut_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
+ iModIntro. iIntros (Ï€ l).
+ rewrite ltype_own_mut_ref_unfold /mut_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
iIntros "(%ly & %Hst & % & #Hlb & %ri & %γ & Hrfn & #Hb)".
injection Hst as <-. iExists _. iFrame "# ∗". iSplitR; first done. iSplitR; first done.
- iExists _. iFrame "∗". iModIntro. iMod "Hb" as "(%li & Hs & Hb)".
+ iModIntro. iMod "Hb" as "(%li & Hs & Hb)".
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iDestruct "Hb" as "(%ly' & >? & >? & >Hsc & >Hlb' & %r' & >Hrfn & #Hb)".
- (* TODO proof uses timelessness of Hrfn, can we do it without? *)
- iModIntro. iExists _, _, _. iFrame "∗ #". done.
+ iModIntro. iExists _, _. iFrame "∗ #". done.
Qed.
Local Lemma mut_ref_unfold_1' κ k r :
@@ -631,10 +633,11 @@ Section ltype_agree.
iModIntro. iIntros (Ï€ l). rewrite ltype_own_mut_ref_unfold /mut_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
iIntros "(%ly & ? & ? & _ & #Hlb & ? & %r' & Hrfn & Hb)". destruct r' as [r' γ'].
(*iApply except_0_if_intro.*)
- iModIntro. iExists ly. iFrame "∗ #". iExists γ', r'. iFrame. iNext.
+ iModIntro. iExists ly. iFrame "∗ #". iNext.
iMod "Hb" as "(%v & Hl & %l' & %ly' & -> & ? & ? & #Hlb' & Hsc & ? & Hrfn' & >Hb)".
iExists _. iFrame. rewrite ltype_own_ofty_unfold /lty_of_ty_own. iExists ly'. iFrame "∗ #". done.
Qed.
+
Lemma mut_ref_unfold_2_uniq κ κ' γ r :
⊢ ltype_incl' (Uniq κ' γ) r r (◠(mut_ref κ ty)) (MutLtype (◠ty) κ).
Proof.
@@ -654,18 +657,18 @@ Section ltype_agree.
iDestruct "Hb" as "(%ly' & Hst' & Hly' & Hsc & Hlb & ? & Hrfn & >Hb)".
iModIntro. iExists l', ly'. iFrame "∗". iSplitR; first done. by iFrame.
Qed.
+
Lemma mut_ref_unfold_2_shared κ κ' r :
⊢ ltype_incl' (Shared κ') r r (◠(mut_ref κ ty)) (MutLtype (◠ty) κ).
Proof.
iModIntro. iIntros (Ï€ l). rewrite ltype_own_mut_ref_unfold /mut_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
iIntros "(%ly & ? & ? & Hsc & Hlb & %r' & Hrfn & #Hb)". destruct r' as [r' γ'].
- iExists ly. iFrame "∗ #". iExists _, _. iFrame.
+ iExists ly. iFrame "∗ #".
iModIntro. iMod "Hb".
iDestruct "Hb" as "(%li & %ly' & %ri & ? & Hrfn' & Hs & ? & ? & Hlb & Hlb' & Hsc & #Hb)".
iModIntro. iExists li. iFrame.
iNext. rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iExists ly'. iFrame.
- iExists _. iFrame. done.
+ iExists ly'. by iFrame.
Qed.
Local Lemma mut_ref_unfold_2' κ k r :
@@ -676,6 +679,7 @@ Section ltype_agree.
- iApply mut_ref_unfold_2_shared.
- iApply mut_ref_unfold_2_uniq.
Qed.
+
Local Lemma mut_ref_unfold_2 κ k r :
⊢ ltype_incl k r r (◠(mut_ref κ ty)) (MutLtype (◠ty) κ).
Proof.
@@ -731,7 +735,7 @@ Section rules.
iExists _. simpl. iFrame. iR. iR.
iSplitL "Hcred'". { destruct wl; last done. by iFrame. }
iExists _. iR. iModIntro. iModIntro. iModIntro.
- iExists _. iFrame. rewrite uninit_own_spec. iExists _. iR.
+ rewrite uninit_own_spec. iExists _. iR.
iPureIntro. eapply syn_type_has_layout_ptr_inv in Hst. subst.
done.
Qed.
@@ -781,8 +785,7 @@ Section rules.
iIntros "Hcred' !>". iIntros (rt2 lt2 r2) "Hl Hb".
iModIntro. iSplitL.
- rewrite ltype_own_mut_ref_unfold /mut_ltype_own. iExists void*.
- iSplitR; first done. iFrame "Hlb % ∗".
- iExists _, _. iSplitR; first done. iNext. eauto with iFrame.
+ iSplitR; first done. by iFrame "Hlb % ∗".
- iIntros (bmin) "Hcond %Hrt". iDestruct "Hcond" as "[Hty Hrfn]".
subst. iSplit.
+ by iApply (mut_ltype_place_cond_ty).
@@ -937,8 +940,9 @@ Section rules.
iIntros (lt' r'') "Hpts #Hl'".
iMod ("Hclf" with "Hpts") as "Htok".
iFrame. iSplitL.
- { iModIntro. rewrite ltype_own_mut_ref_unfold /mut_ltype_own. iExists void*. iFrame "% #".
- iR. iExists _, _. iR. iModIntro. iModIntro. iExists _. iFrame "#". }
+ { iModIntro.
+ rewrite ltype_own_mut_ref_unfold /mut_ltype_own.
+ iExists void*. iFrame "% #". iR. by iExists _. }
iModIntro. iIntros (bmin) "Hincl Hcond".
iDestruct "Hcond" as "(Hcond_ty & Hcond_rfn)".
iModIntro. iSplit.
@@ -1375,7 +1379,7 @@ Section rules.
iPoseProof (gvar_pobs_agree_2 with "Hrfn Hobs") as "%Heq". subst r.
iModIntro. iExists _, _, _, _. iFrame. iApply maybe_logical_step_intro.
iL. rewrite ltype_own_mut_ref_unfold /mut_ltype_own.
- iExists _. iFrame. do 2 iR. iExists _, _. iR. iFrame.
+ iExists _. iFrame. do 2 iR. done.
- iExists _, _, _, _. iFrame. iApply maybe_logical_step_intro. by iFrame.
Qed.
Global Instance resolve_ghost_mut_owned_inst {rt} π E L l (lt : ltype rt) κ γ wl rm lb :
@@ -1421,7 +1425,7 @@ Section rules.
iPoseProof (gvar_pobs_agree_2 with "Hrfn Hobs") as "%Heq". subst r.
iModIntro. iExists _, _, _, _. iFrame. iApply maybe_logical_step_intro.
iL. rewrite ltype_own_mut_ref_unfold /mut_ltype_own.
- iExists _. iFrame. do 2 iR. iExists _, _. iR. iFrame.
+ iExists _. iFrame. do 2 iR. by iExists _.
- iExists _, _, _, _. iFrame. iApply maybe_logical_step_intro. by iFrame.
Qed.
Global Instance resolve_ghost_mut_shared_inst {rt} π E L l (lt : ltype rt) κ γ κ' rm lb :
diff --git a/theories/rust_typing/owned_ptr.v b/theories/rust_typing/owned_ptr.v
index 18bc96941ecff0439400dcc1c41489a632164c5f..74ab3f91a89d0d279d11091f0088f51e7a37076e 100644
--- a/theories/rust_typing/owned_ptr.v
+++ b/theories/rust_typing/owned_ptr.v
@@ -170,11 +170,10 @@ Section ofty.
rewrite ltype_own_ofty_unfold/lty_of_ty_own {2}/ty_own_val/=.
iSplit.
- iIntros "(%ly & %Hst & %Hly & #Hsc & #Hlb & (? & ?) & %r' & <- & Hb)".
- iExists _. iR. iR. iR. iFrame "# ∗". iExists _. iR. iFrame.
+ iExists _. iR. iR. iR. by iFrame "# ∗".
- iIntros "(%ly & %Hl & % & % & #Hlb & #Hsc & ? & ? & %r' & -> & Hb)".
apply val_of_loc_inj in Hl. subst.
- iExists _. iR. iR. iFrame "# ∗".
- iExists _. iR. done.
+ iExists _. iR. iR. by iFrame "# ∗".
Qed.
End ofty.
@@ -219,8 +218,8 @@ Section subltype.
iIntros "#Heq".
iModIntro.
iIntros (Ï€ l). rewrite !ltype_own_owned_ptr_unfold /owned_ptr_ltype_own.
- iIntros "(%ly & ? & ? & ? & %r' & %l' & Hrfn & #Hb)".
- iExists ly. iFrame.
+ iIntros "(%ly & Hsyn & Hly & Hlb & %r' & %l' & Hrfn & #Hb)".
+ iExists ly. iFrame "Hsyn Hly Hlb".
iExists _, _. iFrame.
iModIntro. iMod "Hb". iDestruct "Hb" as "(Hs & Hb)".
iDestruct ("Heq" $! _) as "(_ & Heq' & _)".
diff --git a/theories/rust_typing/products.v b/theories/rust_typing/products.v
index c85c5f7e4aa665bca7be6f030515d7a64147f3f6..6c3464f013528a4ffcf6d8add0cb20598e3a444a 100644
--- a/theories/rust_typing/products.v
+++ b/theories/rust_typing/products.v
@@ -124,7 +124,7 @@ Section structs.
Definition struct_make_uninit_type (ly : layout) : sigT (λ rt : Type, (type rt * place_rfn rt)%type) :=
existT (unit : Type) (uninit (UntypedSynType ly), #()).
- Lemma struct_own_val_extract_mapsto' π q sls sl l (tys : list (sigT (λ rt, type rt * place_rfn rt)%type)) ys :
+ Lemma struct_own_val_extract_pointsto' π q sls sl l (tys : list (sigT (λ rt, type rt * place_rfn rt)%type)) ys :
use_struct_layout_alg sls = Some sl →
length tys = length (sls_fields sls) →
loc_in_bounds l 0 (ly_size sl) -∗
@@ -148,17 +148,17 @@ Section structs.
assert (Forall2 (λ (v : val) (ly : layout), v `has_layout_val` ly) vs ((sl_members sl).*2)).
{ rewrite Forall2_fmap_r.
apply Forall2_same_length_lookup.
- split. { rewrite Hlen_eq /vs fmap_length//. }
+ split. { rewrite Hlen_eq /vs length_fmap//. }
intros i v' [n ly'] Hlook1 Hlook2.
apply list_lookup_fmap_Some in Hlook1 as ([v1 ly1] & Hlook1 & ->) .
simpl. specialize (Hsl _ _ Hlook1). move: Hsl.
rewrite Hlook2 /= => [= ->]. apply (Hlyv _ _ Hlook1). }
iSplitL "Hl".
- { iApply heap_mapsto_reshape_sl. { apply mjoin_has_struct_layout. done. }
+ { iApply heap_pointsto_reshape_sl. { apply mjoin_has_struct_layout. done. }
rewrite reshape_join. { iFrame "Hlb". by iApply big_sepL_fmap. }
apply Forall2_same_length_lookup.
- split. { rewrite !fmap_length//. }
+ split. { rewrite !length_fmap//. }
intros i v' sz Hlook1 Hlook2.
apply list_lookup_fmap_Some in Hlook1 as ([v1 ly1] & Hlook1 & ->) .
simpl. specialize (Hsl _ _ Hlook1). move: Hsl.
@@ -176,7 +176,7 @@ Section structs.
iModIntro. iIntros (k [? []] [v1 ly1] ? Hlook2) "(%r' & ? & ? & ? & ?)".
iExists _,_. iFrame. iPureIntro. apply (Hsl _ _ Hlook2). }
rewrite reshape_join; first last.
- { apply Forall2_same_length_lookup. rewrite !fmap_length Hlen_eq. split; first done.
+ { apply Forall2_same_length_lookup. rewrite !length_fmap Hlen_eq. split; first done.
intros ??? Hlook1 Hlook2.
apply list_lookup_fmap_Some in Hlook1 as ([v1 ly1] & Hlook1 & ->).
specialize (Hlyv _ _ Hlook1). rewrite Hlyv.
@@ -185,13 +185,13 @@ Section structs.
rewrite list_lookup_fmap in Hlook2. f_equiv.
rewrite Hsl in Hlook2. injection Hlook2 as [= ->]; done. }
iApply (big_sepL2_wand with "Hb").
- iApply big_sepL2_intro. { rewrite pad_struct_length Hlen_eq fmap_length //. }
+ iApply big_sepL2_intro. { rewrite pad_struct_length Hlen_eq length_fmap //. }
iModIntro. iIntros (?? [? []] ? ?). iIntros "(% & % & ? & ? & ? & ? & ?)".
rewrite /struct_own_el_val.
eauto with iFrame.
Qed.
- Lemma struct_own_val_extract_mapsto π q sls sl l (tys : list (sigT (λ rt, type rt * place_rfn rt)%type)) :
+ Lemma struct_own_val_extract_pointsto π q sls sl l (tys : list (sigT (λ rt, type rt * place_rfn rt)%type)) :
use_struct_layout_alg sls = Some sl →
length tys = length (sls_fields sls) →
loc_in_bounds l 0 (ly_size sl) -∗
@@ -211,11 +211,11 @@ Section structs.
iExists (v, ly0). rewrite /struct_own_el_loc'. eauto with iFrame. }
rewrite big_sepL_exists. iDestruct "Hl" as "(%ys & Hl)".
iExists (mjoin ys.*1).
- iPoseProof (struct_own_val_extract_mapsto' with "Hlb Hl") as "(Hl & %Ha & Hs)"; [done.. | ].
+ iPoseProof (struct_own_val_extract_pointsto' with "Hlb Hl") as "(Hl & %Ha & Hs)"; [done.. | ].
iFrame. iPureIntro. by apply mjoin_has_struct_layout.
Qed.
- Lemma struct_own_val_join_mapsto π q sls sl l v (tys : list (sigT (λ rt, type rt * place_rfn rt)%type)) :
+ Lemma struct_own_val_join_pointsto π q sls sl l v (tys : list (sigT (λ rt, type rt * place_rfn rt)%type)) :
use_struct_layout_alg sls = Some sl →
length tys = length (sls_fields sls) →
v `has_layout_val` sl →
@@ -226,14 +226,14 @@ Section structs.
∃ v, struct_own_el_loc π q v i sl.(sl_members) l (projT2 ty).2 (projT2 ty).1).
Proof.
iIntros (???) "Hl Hv".
- rewrite heap_mapsto_reshape_sl; last done.
+ rewrite heap_pointsto_reshape_sl; last done.
iDestruct "Hl" as "(_ & Hp)".
iPoseProof (big_sepL_extend_r (pad_struct (sl_members sl) tys struct_make_uninit_type) with "Hp") as "Hp".
- { rewrite pad_struct_length reshape_length !fmap_length//. }
+ { rewrite pad_struct_length length_reshape !length_fmap//. }
iPoseProof (big_sepL2_sep_1 with "Hv Hp") as "Ha".
iApply big_sepL2_elim_l. iApply (big_sepL2_wand with "Ha").
iApply big_sepL2_intro.
- { rewrite pad_struct_length reshape_length !fmap_length//. }
+ { rewrite pad_struct_length length_reshape !length_fmap//. }
iModIntro. iIntros (k v' [rt [ty r']] Hlook1 Hlook2).
iIntros "((%r'' & %ly' & Hrfn & %Hlook3 & %Hst & Hv) & Hp)".
iExists v', r'', ly'. iPoseProof (ty_own_val_sidecond with "Hv") as "#$".
@@ -348,17 +348,17 @@ Section structs.
{ iNext. iModIntro. iSplit.
- iIntros "(%v & Hl & %sl & %Hst' & %Hlen & %Hv & Hv)".
iExists sl. iR. iR.
- iApply (struct_own_val_join_mapsto with "Hl Hv"); [done | | done].
+ iApply (struct_own_val_join_pointsto with "Hl Hv"); [done | | done].
rewrite hpzipl_length//.
- iIntros "(%sl & %Hst' & %Hlen & Hl)".
assert (ly = sl) as ->.
{ apply use_struct_layout_alg_Some_inv in Hst'. by eapply syn_type_has_layout_inj. }
- iPoseProof (struct_own_val_extract_mapsto with "Hlb Hl") as "(%v & Hl & %Hlyv & Hv)".
+ iPoseProof (struct_own_val_extract_pointsto with "Hlb Hl") as "(%v & Hl & %Hlyv & Hv)".
{ done. }
{ rewrite hpzipl_length//. }
- iExists v. iFrame. iExists sl. iR. iR. iR. done.
+ iExists v. by iFrame.
}
iMod (bor_exists with "LFT Hb") as "(%sl & Hb)"; first done.
@@ -442,7 +442,7 @@ Section structs.
iApply (logical_step_wand with "Hb"). iIntros "(? & Htok)".
iMod ("Hvs" with "Htok").
iFrame. iModIntro. simpl.
- iExists _, _. iFrame. done.
+ by iExists _.
}
iPoseProof (logical_step_big_sepL2 with "Hb") as "Hb".
iModIntro. iApply (logical_step_wand with "Hb"). iIntros "Hb".
@@ -495,7 +495,7 @@ Section structs.
assert (ly0 = ly') as -> by by eapply syn_type_has_layout_inj.
rewrite Hly in Ha. by injection Ha.
}
- iFrame. iApply (big_sepL2_impl' with "Hmem"); [by rewrite !reshape_length |done|].
+ iFrame. iApply (big_sepL2_impl' with "Hmem"); [by rewrite !length_reshape |done|].
iIntros "!>" (k v1 ty1 v2 ty2 Hv1 Hty1 Hv2 Hty2) "Hv"; simplify_eq.
destruct ty1 as (rt1 & ty1 & r1).
rewrite mem_cast_struct_reshape // in Hv2; last congruence.
@@ -504,7 +504,7 @@ Section structs.
iDestruct "Hv" as "(%r' & % & Hrfn & %Hlook & % & Hv)". iExists r', _. iFrame.
move: Hty1 => /pad_struct_lookup_Some[|n[?[Hlook2 Hor1]]].
{ rewrite hpzipl_length Hlen. done. }
- move: Hpad => /pad_struct_lookup_Some[|?[?[? Hor2]]]. { rewrite fmap_length. congruence. } simplify_eq.
+ move: Hpad => /pad_struct_lookup_Some[|?[?[? Hor2]]]. { rewrite length_fmap. congruence. } simplify_eq.
destruct Hor1 as [[??] | [? ?]], Hor2 as [[? Hl] |[? ?]]; simplify_eq.
+ rewrite list_lookup_fmap in Hl. move: Hl => /fmap_Some[ot [??]]. simplify_eq.
iSplitR; first done. iSplitR; first done.
@@ -528,7 +528,7 @@ Section structs.
apply existT_inj in Heq1. apply existT_inj in Heq2. subst.
iSplitR; first done. iSplitR; first done.
iExists _; iPureIntro. split; first done.
- rewrite /has_layout_val replicate_length.
+ rewrite /has_layout_val length_replicate.
rewrite Hlook2 in Hlook. injection Hlook as [= ->].
split; first done. by apply Forall_true.
- iPureIntro. done.
@@ -642,7 +642,7 @@ Section structs.
apply Hne1. }
by apply IH.
- move => ty ty' Hst Hot ot mt /=. rewrite ty_has_op_type_unfold/= /is_struct_ot.
- rewrite !fmap_length !hzipl_length.
+ rewrite !length_fmap !hzipl_length.
rewrite Hst.
apply and_proper => Hsl.
destruct HT as [Ts' Hne ->].
@@ -741,7 +741,7 @@ Section structs.
eapply ty_lft_morphism_to_direct.
apply Hne1.
- move => ty ty' ot mt /=. rewrite ty_has_op_type_unfold/= /is_struct_ot.
- rewrite !fmap_length !hzipl_length.
+ rewrite !length_fmap !hzipl_length.
erewrite Hst.
apply and_proper => Hsl.
destruct HT as [Ts' Hne ->].
@@ -842,9 +842,9 @@ Section init.
destruct oname as [ name | ].
- (* named *)
intros Hf. apply Forall3_cons_inv_l in Hf as ([name2 st] & fields' & v & vs' & -> & -> & [Hst Hv] & Hf).
- rewrite app_length. erewrite IH; last done.
+ rewrite length_app. erewrite IH; last done.
simpl. rewrite Hv. done.
- - intros Hf. rewrite app_length replicate_length. erewrite IH; last done. done.
+ - intros Hf. rewrite length_app length_replicate. erewrite IH; last done. done.
Qed.
Lemma struct_init_val π sls sl vs {rts} (tys : hlist type rts) (rs : plist id rts) :
@@ -905,8 +905,8 @@ Section init.
iPoseProof (ty_own_val_has_layout with "Hv") as "%Hly"; first done.
rewrite -Hly.
iSplitL "Hv".
- { iExists _, _. iR. iR. iR. rewrite take_app. done. }
- rewrite drop_app.
+ { iExists _, _. iR. iR. iR. rewrite take_app_length. done. }
+ rewrite drop_app_length.
iApply ("IH" with "[//] [] [] [] Hvs").
+ simpl in *. iPureIntro. lia.
+ inversion Hpad. done.
@@ -914,7 +914,7 @@ Section init.
- (* padding *)
simpl in Hsts. simpl.
iSplitR; first last.
- { rewrite drop_app'; first last. { rewrite replicate_length//. }
+ { rewrite drop_app_length'; first last. { rewrite length_replicate//. }
iApply ("IH" with "[//] [//] [] [] Hv").
- inversion Hpad. done.
- simpl in Hsize. rewrite /fmap. iPureIntro. lia. }
@@ -924,10 +924,10 @@ Section init.
- inversion Hpad; subst. apply layout_wf_align_log_0. done.
- simpl in Hsize. rewrite MaxInt_eq. lia.
- apply ly_align_in_bounds_1. inversion Hpad; subst. done. }
- iR. rewrite take_app'; first last. { rewrite replicate_length//. }
+ iR. rewrite take_app_length'; first last. { rewrite length_replicate//. }
rewrite uninit_own_spec.
iExists ly. iR.
- rewrite /has_layout_val replicate_length //.
+ rewrite /has_layout_val length_replicate //.
Qed.
Lemma struct_zst_empty_typed π sls sl :
@@ -1074,10 +1074,10 @@ Section copy.
{ iPureIntro. simpl in *. lia. }
{ iPureIntro. simpl in *. subst fields1' tys1'.
move: Hlen2. rewrite !named_fields_field_names_length.
- rewrite /field_names omap_app/= !app_length /=. lia. }
- { iPureIntro. subst vs1' qs1a. rewrite !app_length/=. lia. }
- { iPureIntro. subst qs1a qs1a'. rewrite !app_length/=. lia. }
- { iPureIntro. subst vs1' fields1'. rewrite !app_length/=. lia. }
+ rewrite /field_names omap_app/= !length_app /=. lia. }
+ { iPureIntro. subst vs1' qs1a. rewrite !length_app/=. lia. }
+ { iPureIntro. subst qs1a qs1a'. rewrite !length_app/=. lia. }
+ { iPureIntro. subst vs1' fields1'. rewrite !length_app/=. lia. }
{ done. }
{ (* need to shift the indices etc *)
iPoseProof (big_sepL2_length with "Hshr") as "%Hlen7".
@@ -1086,7 +1086,7 @@ Section copy.
rewrite /struct_own_el_shr. simpl.
iIntros "((% & % & ? & Hlook & ? & ? & Hl) & $)".
iExists _, _. iFrame.
- rewrite /fields1' app_length -Nat.add_assoc -!app_assoc/=. iFrame. }
+ rewrite /fields1' length_app -Nat.add_assoc -!app_assoc/=. iFrame. }
{ iNext. subst tys1' fields1' vs1' qs1a'.
rewrite zip_app; last lia.
rewrite pad_struct_snoc_Some; first last.
@@ -1099,7 +1099,7 @@ Section copy.
iSplitR. {
iPureIntro. rewrite pad_struct_length. rewrite lookup_app_l.
- rewrite !lookup_app_r; [ | lia..]. rewrite !right_id !Nat.sub_diag//.
- - rewrite app_length/=. lia.
+ - rewrite length_app/=. lia.
}
rewrite pad_struct_length -app_assoc/=. iFrame.
}
@@ -1143,10 +1143,10 @@ Section copy.
{ iPureIntro. simpl in *. lia. }
{ iPureIntro. simpl in *. subst fields1'.
move: Hlen2. rewrite !named_fields_field_names_length.
- rewrite /field_names omap_app/= !app_length /=. lia. }
- { iPureIntro. subst vs1' qs1a. rewrite !app_length/=. lia. }
- { iPureIntro. subst qs1a qs1a'. rewrite !app_length/=. lia. }
- { iPureIntro. subst vs1' fields1'. rewrite !app_length/=. lia. }
+ rewrite /field_names omap_app/= !length_app /=. lia. }
+ { iPureIntro. subst vs1' qs1a. rewrite !length_app/=. lia. }
+ { iPureIntro. subst qs1a qs1a'. rewrite !length_app/=. lia. }
+ { iPureIntro. subst vs1' fields1'. rewrite !length_app/=. lia. }
{ iPureIntro. done. }
{ (* need to shift the indices etc *)
iPoseProof (big_sepL2_length with "Hshr") as "%Hlen7".
@@ -1155,7 +1155,7 @@ Section copy.
rewrite /struct_own_el_shr. simpl.
iIntros "((% & % & ? & Hlook & ? & ? & Hl) & $)".
iExists _, _. iFrame.
- rewrite /fields1' app_length -Nat.add_assoc -!app_assoc/=. iFrame. }
+ rewrite /fields1' length_app -Nat.add_assoc -!app_assoc/=. iFrame. }
{ iNext. subst fields1' vs1' qs1a'.
rewrite zip_app; last lia.
rewrite pad_struct_snoc_None; first last.
@@ -1167,7 +1167,7 @@ Section copy.
iSplitR. {
iPureIntro. rewrite pad_struct_length. rewrite lookup_app_l.
- rewrite !lookup_app_r; [ | lia..]. rewrite !right_id !Nat.sub_diag//.
- - rewrite app_length/=. lia.
+ - rewrite length_app/=. lia.
}
rewrite pad_struct_length -app_assoc/=. iFrame.
}
@@ -1243,19 +1243,19 @@ Section copy.
iAssert (([∗ list] i↦ty;vq ∈ pad_struct fields tys struct_make_uninit_type; zip vs qs',
▷ struct_own_el_loc π q' vq.1 i fields l (projT2 ty).2 (projT2 ty).1 ∗
(▷ (l +ₗ offset_of_idx fields i) ↦{q'} vq.1 -∗ ▷ (l +ₗ offset_of_idx fields i) ↦{vq.2} vq.1)))%I with "[Hloc]" as "Hloc".
- { rewrite big_sepL2_later; first last. { rewrite pad_struct_length zip_with_length. lia. }
- iApply (big_sepL2_wand with "Hloc"). iApply big_sepL2_intro. { rewrite pad_struct_length zip_with_length. lia. }
+ { rewrite big_sepL2_later; first last. { rewrite pad_struct_length length_zip_with. lia. }
+ iApply (big_sepL2_wand with "Hloc"). iApply big_sepL2_intro. { rewrite pad_struct_length length_zip_with. lia. }
iModIntro. iIntros (k [rt [ty r]] [v q''] Hlook1 Hlook2) "Hloc".
simpl. rewrite /struct_own_el_loc.
iDestruct "Hloc" as "(%r' & %ly & Hrfn & Hlook & Hst & Hty & Hl & Hlyv & Hv)".
iPoseProof (Fractional_fractional_le (λ q, _) q'' q' with "Hl") as "(Hl & Hal)".
{ eapply (Hmin k). apply lookup_zip in Hlook2. apply Hlook2. }
- iFrame. iNext. eauto with iFrame.
+ iFrame.
}
rewrite big_sepL2_sep. iDestruct "Hloc" as "(Hloc & Hcl_loc)".
iPoseProof (big_sepL2_elim_l with "Hcl_loc") as "Hcl_loc".
- rewrite -big_sepL2_later; first last. { rewrite pad_struct_length zip_with_length. lia. }
+ rewrite -big_sepL2_later; first last. { rewrite pad_struct_length length_zip_with. lia. }
rewrite -(big_sepL2_fmap_r (λ x, x.1) (λ _ _ y2, struct_own_el_loc _ _ y2 _ _ _ _ _)).
rewrite fst_zip; first last. { lia. }
@@ -1264,12 +1264,12 @@ Section copy.
iIntros "Hloc".
iPoseProof (big_sepL2_length with "Hcl") as "%Hlen".
- rewrite zip_with_length in Hlen.
+ rewrite length_zip_with in Hlen.
iPoseProof (big_sepL2_to_zip with "Hcl") as "Hcl".
rewrite [zip qs qs']zip_flip zip_fmap_r zip_assoc_r -list_fmap_compose big_sepL_fmap.
iPoseProof (big_sepL_extend_r qs with "Hcl_loc") as "Hcl_loc".
- { rewrite zip_with_length. lia. }
+ { rewrite length_zip_with. lia. }
iPoseProof (big_sepL2_to_zip with "Hcl_loc") as "Hcl_loc".
iPoseProof (big_sepL_sep_2 with "Hcl Hcl_loc") as "Hcl".
@@ -1277,7 +1277,7 @@ Section copy.
{ lia. }
iPoseProof (big_sepL2_to_zip with "Hloc") as "Hloc".
iPoseProof (big_sepL_extend_r qs with "Hloc") as "Hloc".
- { rewrite zip_with_length. lia. }
+ { rewrite length_zip_with. lia. }
iPoseProof (big_sepL2_to_zip with "Hloc") as "Hloc".
iPoseProof (big_sepL_sep_2 with "Hcl Hloc") as "Hcl".
rewrite zip_assoc_l big_sepL_fmap.
@@ -1290,7 +1290,7 @@ Section copy.
iDestruct "Ha" as "((Ha & Hcl) & Hl)".
iPoseProof ("Hcl" with "Hl") as "Hl".
iApply ("Ha" with "Hl"). }
- rewrite zip_with_length. lia. }
+ rewrite length_zip_with. lia. }
lia. }
(* now collapse the whole sequence *)
@@ -1337,19 +1337,18 @@ Section copy.
iModIntro. iIntros (? [? []] ? ? ?) "(% & % & ? & ? & ? & ? & ? & ? & ?)". rewrite /struct_own_el_loc'. eauto with iFrame. }
rewrite big_sepL2_exists_r. iDestruct "Hs" as "(%l3 & >%Hlen2 & Ha)".
iExists l3. iR. iModIntro. iNext. done. }
- iPoseProof (struct_own_val_extract_mapsto' with "Hlb Hs") as "(Hl & >%Hlyv & Hs)".
+ iPoseProof (struct_own_val_extract_pointsto' with "Hlb Hs") as "(Hl & >%Hlyv & Hs)".
{ done. }
{ rewrite hpzipl_length. done. }
rewrite fst_zip in Hlyv; last lia.
iExists q', (mjoin vs). simpl. iFrame.
iSplitL "Hl Hs".
- { iModIntro. iNext. rewrite fst_zip; last lia. iFrame. iExists _. iR. iR.
- iSplitR. { iPureIntro. by apply mjoin_has_struct_layout. }
- done. }
+ { iModIntro. iNext. rewrite fst_zip; last lia. iFrame. iR. iR.
+ iPureIntro. by apply mjoin_has_struct_layout. }
iModIntro. iIntros "Hpts".
iApply ("Hcl" with "[Hpts]").
- iApply big_sepL_later. iNext. rewrite heap_mapsto_reshape_sl; last by apply mjoin_has_struct_layout.
+ iApply big_sepL_later. iNext. rewrite heap_pointsto_reshape_sl; last by apply mjoin_has_struct_layout.
iDestruct "Hpts" as "(_ & Hpts)". rewrite reshape_join; first done.
rewrite Forall2_fmap_r. eapply Forall2_impl; first done.
done.
@@ -1491,7 +1490,7 @@ Section subtype.
apply hpzipl_lookup_inv_hzipl_pzipl in Hlook1 as (Hlook11 & Hlook12).
apply hpzipl_lookup_inv_hzipl_pzipl in Hlook2 as (Hlook21 & Hlook22).
rewrite Hlook22 in Hlook12. injection Hlook12 as [= <-%existT_inj].
- efeed pose proof (hzipl_hzipl2_lookup _ tys1 tys2) as Hlook; [done.. | ].
+ opose proof* (hzipl_hzipl2_lookup _ tys1 tys2) as Hlook; [done.. | ].
specialize (Forall_lookup_1 _ _ _ _ Hsubt Hlook) as Hx.
iPoseProof (full_subtype_acc_noend with "HE HL") as "Ha"; first apply Hx.
destruct r2.
@@ -1869,8 +1868,7 @@ Section unfold.
eapply use_layout_alg_struct_Some_inv in Halg as (sl & Halg & ->).
(*assert (ly = sl) as ->. { eapply syn_type_has_layout_inj; first done.*)
(*eapply use_struct_layout_alg_Some_inv. done. }*)
- iExists sl. do 4 iR.
- iFrame. iExists r'. iFrame.
+ iExists sl. do 4 iR. iFrame.
iModIntro. iNext. iMod "Hv" as "(%v & Hl & Hv)".
iDestruct "Hv" as "(%sl' & %Halg' & _ & %Hly' & Hb)".
assert (sl' = sl) as ->. { by eapply struct_layout_spec_has_layout_inj. }
@@ -1878,14 +1876,14 @@ Section unfold.
set (f := (λ '(existT x (a, b)), existT x (◠a, b))%I).
rewrite (pad_struct_ext _ _ _ (λ ly, f (struct_make_uninit_type ly))); last done.
rewrite pad_struct_fmap big_sepL_fmap.
- rewrite /struct_own_el_val heap_mapsto_reshape_sl; last done.
+ rewrite /struct_own_el_val heap_pointsto_reshape_sl; last done.
iDestruct "Hl" as "(_ & Hl)".
iPoseProof (big_sepL2_sep_sepL_l with "[$Hl $Hb]") as "Ha".
iApply (big_sepL2_elim_l). iApply big_sepL2_fupd.
iApply (big_sepL2_wand with "Ha").
iApply big_sepL2_intro.
- { rewrite reshape_length pad_struct_length fmap_length fmap_length //. }
+ { rewrite length_reshape pad_struct_length length_fmap length_fmap //. }
iIntros "!>" (k w [rt [ty r0]] Hlook1 Hlook2) => /=.
iIntros "(Hl & %r0' & %ly & Hrfn & %Hmem & %st & Hty)".
iExists ly. iSplitR; first done. simp_ltypes.
@@ -1896,7 +1894,7 @@ Section unfold.
iPoseProof (ty_own_val_sidecond with "Hty") as "#$".
iSplitR. { iApply loc_in_bounds_sl_offset; done. }
iSplitR; first done.
- iExists _. iFrame. iModIntro. iNext. iModIntro. iExists w. iFrame.
+ iExists _. by iFrame.
Qed.
Lemma struct_t_unfold_1_shared {rts : list Type} (tys : hlist type rts) (sls : struct_layout_spec) κ r :
@@ -1955,13 +1953,13 @@ Section unfold.
set (f := (λ '(existT x (a, b)), existT x (◠a, b))%I).
rewrite (pad_struct_ext _ _ _ (λ ly, f $ struct_make_uninit_type ly)); last done.
rewrite pad_struct_fmap big_sepL_fmap.
- rewrite heap_mapsto_reshape_sl; last done. iDestruct "Hl" as "(_ & Hl)".
+ rewrite heap_pointsto_reshape_sl; last done. iDestruct "Hl" as "(_ & Hl)".
iPoseProof (big_sepL2_sep_sepL_l with "[$Hl $Hb]") as "Ha".
iApply big_sepL2_elim_l.
iApply (big_sepL2_wand with "Ha").
iApply big_sepL2_intro.
- { rewrite reshape_length pad_struct_length fmap_length fmap_length //. }
+ { rewrite length_reshape pad_struct_length length_fmap length_fmap //. }
iIntros "!>" (k w [rt [ty r0]] Hlook1 Hlook2) => /=.
iIntros "(Hl & %r0' & %ly & Hrfn & %Hmem & %st & Hty)".
iExists ly. iSplitR; first done. simp_ltypes.
@@ -1973,7 +1971,7 @@ Section unfold.
iPoseProof (ty_own_val_sidecond with "Hty") as "#$".
iSplitR. { iApply loc_in_bounds_sl_offset; done. }
iSplitR; first done.
- iExists _. iFrame. iModIntro. iModIntro. iExists w. iFrame.
+ iExists _. by iFrame.
* iIntros "(%r' & Hauth & Hb)". iExists r'. iFrame "Hauth".
iMod "Hb".
specialize (struct_layout_field_aligned _ _ Hly) as Hfield_ly.
@@ -1989,7 +1987,7 @@ Section unfold.
iInduction (slm) as [ | [m ly] slm] "IH" forall (l slsm rts tys r' Hlen Hsc Hfield_ly); simpl.
{ iExists [].
- iSplitR. { iApply heap_mapsto_nil. iApply loc_in_bounds_shorten_suf; last done. lia. }
+ iSplitR. { iApply heap_pointsto_nil. iApply loc_in_bounds_shorten_suf; last done. lia. }
iSplitR; first done. done. }
rewrite -Hsc in Hlen.
iDestruct "Hb" as "(Hb0 & Hb)".
@@ -2029,15 +2027,15 @@ Section unfold.
move: Halg0. simp_ltypes. intros Halg0.
assert (ly0 = ly) as -> by by eapply syn_type_has_layout_inj.
iPoseProof (ty_own_val_has_layout with "Hb0") as "#%Hly0'"; first done.
- iExists (v0 ++ v1). rewrite heap_mapsto_app.
+ iExists (v0 ++ v1). rewrite heap_pointsto_app.
iSplitL "Hl0 Hl1".
{ rewrite /offset_of_idx. simpl. rewrite shift_loc_0_nat. iFrame "Hl0".
rewrite Hly0'. done. }
- iSplitR. { iPureIntro. rewrite app_length Hv1_len Hly0'. done. }
+ iSplitR. { iPureIntro. rewrite length_app Hv1_len Hly0'. done. }
iSplitL "Hb0 Hrfn0".
{ iExists _, ly. iFrame. iSplitR; first done. iSplitR; first done.
- rewrite -Hly0'. rewrite take_app. done. }
- rewrite -Hly0'. rewrite drop_app. done.
+ rewrite -Hly0'. rewrite take_app_length. done. }
+ rewrite -Hly0'. rewrite drop_app_length. done.
-- simpl in Hlen. simpl.
(* use the iH *)
iSpecialize ("IH" $! (l +â‚— ly_size ly) slsm rts tys r').
@@ -2069,15 +2067,15 @@ Section unfold.
move: Halg0. simp_ltypes. intros Halg0.
assert (ly0 = ly) as -> by by eapply syn_type_has_layout_inj.
iPoseProof (ty_own_val_has_layout with "Hb0") as "#%Hly0'"; first done.
- iExists (v0 ++ v1). rewrite heap_mapsto_app.
+ iExists (v0 ++ v1). rewrite heap_pointsto_app.
iSplitL "Hl0 Hl1".
{ rewrite /offset_of_idx. simpl. rewrite shift_loc_0_nat. iFrame "Hl0".
rewrite Hly0'. done. }
- iSplitR. { iPureIntro. rewrite app_length Hv1_len Hly0'. done. }
+ iSplitR. { iPureIntro. rewrite length_app Hv1_len Hly0'. done. }
iSplitL "Hb0 Hrfn0".
{ iExists _, ly. iFrame. iSplitR; first done. iSplitR; first done.
- rewrite -Hly0'. rewrite take_app. done. }
- rewrite -Hly0'. rewrite drop_app. done.
+ rewrite -Hly0'. rewrite take_app_length. done. }
+ rewrite -Hly0'. rewrite drop_app_length. done.
Qed.
Lemma struct_t_unfold_1_uniq {rts : list Type} (tys : hlist type rts) (sls : struct_layout_spec) κ γ r :
@@ -2132,8 +2130,7 @@ Section unfold.
iIntros "(%sl & %Halg & %Hsc & %Hly & #Hlb & ? & %r' & Hrfn & Hb)".
iExists sl. iSplitR. { iPureIntro. eapply use_struct_layout_alg_Some_inv. done. }
iSplitR; first done. iSplitR; first done.
- iSplitR; first done. iModIntro. iFrame. iExists r'. iFrame "Hrfn".
- iNext. iMod "Hb".
+ iSplitR; first done. iModIntro. iFrame. iNext. iMod "Hb".
specialize (struct_layout_field_aligned _ _ Hly) as Hfield_ly.
(* generalize *)
(* TODO mostly duplicated with the Uniq lemma above *)
@@ -2148,7 +2145,7 @@ Section unfold.
iInduction (slm) as [ | [m ly] slm] "IH" forall (l slsm rts tys r' Hsc Hlen Hfield_ly); simpl.
{ iExists [].
- iSplitR. { iApply heap_mapsto_nil. iApply loc_in_bounds_shorten_suf; last done. lia. }
+ iSplitR. { iApply heap_pointsto_nil. iApply loc_in_bounds_shorten_suf; last done. lia. }
iSplitR; first done. iModIntro. done. }
rewrite -Hsc in Hlen.
iDestruct "Hb" as "(Hb0 & Hb)".
@@ -2188,15 +2185,15 @@ Section unfold.
assert (ly0 = ly) as -> by by eapply syn_type_has_layout_inj.
iPoseProof (ty_own_val_has_layout with "Hb0") as "#%Hly0'"; first done.
iModIntro.
- iExists (v0 ++ v1). rewrite heap_mapsto_app.
+ iExists (v0 ++ v1). rewrite heap_pointsto_app.
iSplitL "Hl0 Hl1".
{ rewrite /offset_of_idx. simpl. rewrite shift_loc_0_nat. iFrame "Hl0".
rewrite Hly0'. done. }
- iSplitR. { iPureIntro. rewrite app_length Hv1_len Hly0'. done. }
+ iSplitR. { iPureIntro. rewrite length_app Hv1_len Hly0'. done. }
iSplitL "Hb0 Hrfn0".
{ iExists _, ly. iFrame. iSplitR; first done. iSplitR; first done.
- rewrite -Hly0'. rewrite take_app. done. }
- rewrite -Hly0'. rewrite drop_app. done.
+ rewrite -Hly0'. rewrite take_app_length. done. }
+ rewrite -Hly0'. rewrite drop_app_length. done.
-- simpl in Hlen. simpl.
(* use the iH *)
iSpecialize ("IH" $! (l +â‚— ly_size ly) slsm rts tys r').
@@ -2229,16 +2226,17 @@ Section unfold.
move: Halg0. simp_ltypes. intros Halg0.
assert (ly0 = ly) as -> by by eapply syn_type_has_layout_inj.
iPoseProof (ty_own_val_has_layout with "Hb0") as "#%Hly0'"; first done.
- iExists (v0 ++ v1). rewrite heap_mapsto_app.
+ iExists (v0 ++ v1). rewrite heap_pointsto_app.
iSplitL "Hl0 Hl1".
{ rewrite /offset_of_idx. simpl. rewrite shift_loc_0_nat. iFrame "Hl0".
rewrite Hly0'. done. }
- iSplitR. { iPureIntro. rewrite app_length Hv1_len Hly0'. done. }
+ iSplitR. { iPureIntro. rewrite length_app Hv1_len Hly0'. done. }
iSplitL "Hb0 Hrfn0".
{ iExists _, ly. iFrame. iSplitR; first done. iSplitR; first done.
- rewrite -Hly0'. rewrite take_app. done. }
- rewrite -Hly0'. rewrite drop_app. done.
+ rewrite -Hly0'. rewrite take_app_length. done. }
+ rewrite -Hly0'. rewrite drop_app_length. done.
Qed.
+
Lemma struct_t_unfold_2_shared {rts : list Type} (tys : hlist type rts) (sls : struct_layout_spec) κ r :
⊢ ltype_incl' (Shared κ) r r (StructLtype (hmap (λ _, OfTy) tys) sls) (◠(struct_t sls tys))%I.
Proof.
@@ -2249,7 +2247,7 @@ Section unfold.
iSplitR; first done. iSplitR; first done. iFrame "Hlb".
iExists r'. iFrame "Hrfn". iModIntro. iMod "Hb".
- rewrite /ty_shr /=. iExists sl. do 4 iR.
+ rewrite /ty_shr /=. do 3 iR.
rewrite -big_sepL_fupd.
rewrite hpzipl_hmap.
set (f := (λ '(existT x (a, b)), existT x (◠a, b))%I).
@@ -2264,6 +2262,7 @@ Section unfold.
move: Hst. simp_ltypes => Hst. assert (ly0 = ly) as ->. { by eapply syn_type_has_layout_inj. }
iFrame "# ∗". iSplit; done.
Qed.
+
Lemma struct_t_unfold_2_uniq {rts : list Type} (tys : hlist type rts) (sls : struct_layout_spec) κ γ r :
⊢ ltype_incl' (Uniq κ γ) r r (StructLtype (hmap (λ _, OfTy) tys) sls) (◠(struct_t sls tys))%I.
Proof.
@@ -2411,7 +2410,7 @@ Section lemmas.
Proof.
induction fields as [ | [x st] fields IH] in i |-*; simpl; first lia.
intros Ha. destruct i; first by eauto.
- efeed pose proof (IH i) as Hb; first lia.
+ opose proof* (IH i) as Hb; first lia.
destruct Hb as (? & ? & Hlook & Hlook'). eauto.
Qed.
@@ -2425,12 +2424,12 @@ Section lemmas.
rewrite /ty_own_val /=.
iIntros "(%ly & %Halg & %Hly & _)".
apply use_layout_alg_struct_Some_inv in Halg as (sl & Halg & ->).
- iExists sl. iR. rewrite replicate_length. iR. iR.
+ iExists sl. iR. rewrite length_replicate. iR. iR.
iApply big_sepL2_intro.
- { rewrite pad_struct_length reshape_length !fmap_length //. }
+ { rewrite pad_struct_length length_reshape !length_fmap //. }
iModIntro. iIntros (k v1 [rt [ty r]] Hlook1 Hlook2).
apply pad_struct_lookup_Some in Hlook2; first last.
- { rewrite hpzipl_length replicate_length.
+ { rewrite hpzipl_length length_replicate.
erewrite struct_layout_spec_has_layout_fields_length; done. }
destruct Hlook2 as (n & ly & Hlook2 & [ [? Hlook3] | [-> Heq]]).
- apply hpzipl_lookup_inv_hzipl_pzipl in Hlook3 as [Hlook31 Hlook32].
@@ -2665,8 +2664,7 @@ Section rules.
iApply (logical_step_intro_maybe with "Hat"). iIntros "Hcred' !>".
iIntros (rts' lts' r) "%Hlen_eq Hb".
rewrite ltype_own_struct_unfold /struct_ltype_own.
- iExists sl. rewrite Hlen_eq. iFrame "%#∗".
- iExists r. iSplitR; first done. iModIntro. done.
+ iExists sl. rewrite Hlen_eq. by iFrame "%#∗".
Qed.
Definition sigT_ltype_core : (sigT (λ rt, ltype rt * place_rfn rt)%type) → (sigT (λ rt, ltype rt * place_rfn rt)%type) := λ '(existT _ (lt, r)), existT _ (ltype_core lt, r).
@@ -2873,7 +2871,7 @@ Section rules.
∃ ly : layout, ⌜snd <$> sl_members sl !! i = Some ly⌠∗ ⌜syn_type_has_layout (ltype_st (projT2 ty).1) ly⌠∗ ltype_own (projT2 ty).1 (Owned false) π (projT2 ty).2 (l +ₗ offset_of_idx (sl_members sl) i)))%I).
iMod (fupd_mask_subseteq lftE) as "Hcl_F"; first done.
iDestruct "Hcred" as "(Hcred1 & Hcred)".
- efeed pose proof struct_layout_spec_has_layout_fields_length as Ha; first done.
+ opose proof* struct_layout_spec_has_layout_fields_length as Ha; first done.
iMod ("Hb_cl" $! V with "[] Hcred1 [Hauth Hl]") as "(Hb & Htok)".
{ iNext. iIntros "(%r' & Hauth & Hb) Hdead".
iModIntro. iNext. iExists r'. iFrame "Hauth".
@@ -2954,8 +2952,7 @@ Section rules.
iMod "Hb"; iModIntro; iApply (big_sepL_impl with "Hb");
iIntros "!>" (? [? []] ?); eauto. }
{ rewrite ltype_own_struct_unfold /struct_ltype_own.
- iExists sl. iFrame "% ∗". rewrite Hlen'. iR. iR. iR.
- iExists rs'. iR. iModIntro. iFrame. }
+ iExists sl. iFrame "% ∗". rewrite Hlen'. by do 3 iR. }
Qed.
Lemma struct_ltype_acc_shared {rts} F π (lts : hlist ltype rts) (r : plist place_rfn rts) l sls κ :
@@ -2982,8 +2979,7 @@ Section rules.
iModIntro. iFrame.
iIntros (rts' lts' r) "%Hlen_eq #Hb'".
rewrite ltype_own_struct_unfold /struct_ltype_own.
- iExists sl. rewrite Hlen_eq. iFrame "%#∗".
- iExists r. iSplitR; first done. iModIntro. done.
+ iExists sl. rewrite Hlen_eq. by iFrame "%#∗".
Qed.
(** Place lemmas for products *)
@@ -3005,9 +3001,9 @@ Section rules.
2: { rewrite -Hlto. apply hzipl_lookup_hnth. done. }
rewrite (big_sepL2_insert _ _ _ _ _ (λ _ a b, typed_place_cond_ty _ _ _) 0%nat); simpl.
2: { rewrite hzipl_length. lia. }
- 2: { rewrite insert_length hzipl_length. lia. }
+ 2: { rewrite length_insert hzipl_length. lia. }
iSplitL "Hcond"; first done.
- iApply big_sepL2_intro. { rewrite insert_length; done. }
+ iApply big_sepL2_intro. { rewrite length_insert; done. }
iIntros "!>" (k [rt1 lt1] [rt2 lt2] Hlook1 Hlook2).
case_decide as Heqki; first done.
rewrite list_lookup_insert_ne in Hlook2; last done.
@@ -3031,9 +3027,9 @@ Section rules.
2: { rewrite -Hro. apply pzipl_lookup_pnth. done. }
rewrite (big_sepL2_insert _ _ _ _ _ (λ _ a b, _) 0%nat); simpl.
2: { rewrite pzipl_length. lia. }
- 2: { rewrite insert_length pzipl_length. lia. }
+ 2: { rewrite length_insert pzipl_length. lia. }
iSplitL "Hcond"; first done.
- iApply big_sepL2_intro. { rewrite insert_length; done. }
+ iApply big_sepL2_intro. { rewrite length_insert; done. }
iIntros "!>" (k [rt1 r1] [rt2 r2] Hlook1 Hlook2).
case_decide as Heqki; first done.
rewrite list_lookup_insert_ne in Hlook2; last done.
@@ -3121,7 +3117,7 @@ Section rules.
{ rewrite -Hst2. done. }
iFrame.
iMod ("Hcl" with "[] Hb") as "Hb".
- { rewrite insert_length //. }
+ { rewrite length_insert //. }
iFrame. iPureIntro. done.
- (* weak *)
destruct weak as [ weak | ]; last done.
@@ -3380,7 +3376,7 @@ Section rules.
iSplitR. { rewrite Hlen'. done. }
iApply (logical_step_compose with "Hl2"). iApply (logical_step_wand with "Hl").
iIntros "(Hl & HR1) (Hl2 & HR2)".
- simpl. iFrame.
+ simpl. iFrame "HR1 HR2".
iSplitL "Hl". { iExists _, _. iFrame. done. }
iApply (big_sepL_mono with "Hl2"). intros ? [? []] ?. by rewrite Nat.add_succ_r.
Qed.
@@ -3460,7 +3456,7 @@ Section rules.
rewrite ltype_own_struct_unfold /struct_ltype_own.
iExists _. iFrame "∗%".
iSplitR. { by rewrite -Hleneq. }
- iExists _. iR. iNext. by iFrame.
+ done.
Qed.
Global Instance stratify_ltype_struct_owned_inst {rts} π E L mu mdu ma {M} (m : M) l (lts : hlist ltype rts) (rs : plist place_rfn rts) sls wl :
StratifyLtype π E L mu mdu ma m l (StructLtype lts sls) (#rs) (Owned wl) :=
@@ -3967,7 +3963,7 @@ Section rules.
simpl. iPoseProof (gvar_pobs_agree_2 with "Hinterp HObs") as "#<-".
iExists _, _, _, _. iFrame. iApply maybe_logical_step_intro.
iL. rewrite ltype_own_struct_unfold /struct_ltype_own.
- iExists _. iFrame. iExists _. iR. by iFrame.
+ iExists _. by iFrame.
- iExists _, _, _, _. iFrame. iApply maybe_logical_step_intro. by iFrame.
Qed.
Definition resolve_ghost_struct_Owned_inst := [instance @resolve_ghost_struct_Owned].
@@ -4010,7 +4006,7 @@ Section rules.
simpl. iPoseProof (gvar_pobs_agree_2 with "Hinterp HObs") as "#<-".
iExists _, _, _, _. iFrame. iApply maybe_logical_step_intro.
iL. rewrite ltype_own_struct_unfold /struct_ltype_own.
- iExists _. iFrame. iExists _. iR. by iFrame.
+ iExists _. by iFrame.
- iExists _, _, _, _. iFrame. iApply maybe_logical_step_intro. by iFrame.
Qed.
Definition resolve_ghost_struct_Shared_inst := [instance @resolve_ghost_struct_Shared].
diff --git a/theories/rust_typing/program_rules.v b/theories/rust_typing/program_rules.v
index ea58810a0604075f1cce3d85df4f9b0297f88ded..0e999e9216ed5f681daa8be9026dbb7ae454144b 100644
--- a/theories/rust_typing/program_rules.v
+++ b/theories/rust_typing/program_rules.v
@@ -950,7 +950,7 @@ Section typing.
Proof.
iIntros "HT". iIntros (F ?) "#CTX #HE HL".
iMod ("HT" with "[//] CTX HE HL") as "(HL & %upd & Hcond & HT)".
- iFrame. iExists upd. iFrame.
+ iFrame.
destruct upd.
- subst rt2. iDestruct "Hcond" as "(%Heq & Heq & Hub)".
rewrite (UIP_refl _ _ Heq).
@@ -3250,7 +3250,7 @@ Section typing.
iPoseProof (ty_shr_mono with "Hinclκ Hl") as "$".
iR. iFrame "Hlb Hsc". iModIntro. iR.
iSplitR. { rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iExists ly. iR. iR. iFrame "∗ #". iExists _. iR. done. }
+ iExists ly. iR. iR. by iFrame "∗ #". }
iFrame. iSplitL; first iApply typed_place_cond_ty_refl_ofty.
iApply typed_place_cond_rfn_refl.
Qed.
diff --git a/theories/rust_typing/programs.v b/theories/rust_typing/programs.v
index 08c6e5f07c72497898276275d02df170c9c837dd..b739b703040c51261f425dc1386990b6880104d6 100644
--- a/theories/rust_typing/programs.v
+++ b/theories/rust_typing/programs.v
@@ -531,8 +531,7 @@ Section judgments.
iDestruct "Hl" as "(%ly & %Halg & % & ? & #Hlb & ? & %r' & -> & HT)".
iMod (fupd_mask_mono with "HT") as "(%v & Hl & Hv)"; first done.
iMod (HQ with "[//] Hv") as "(Hv & #HQ')".
- iSplitL. { iModIntro. iExists _. iFrame. iR. iR. iR. iExists _. iR.
- iModIntro. eauto 8 with iFrame. }
+ iSplitL. { iModIntro. iExists _. iFrame. do 4 iR. done. }
iModIntro. iFrame "HQ'". iExists _. iFrame "Hlb".
rewrite /enter_cache_hint. done.
Qed.
@@ -705,7 +704,7 @@ Section judgments.
Φ v) -∗
(*typed_stmt_post_cond Ï€ Ï fn R L')*)
WPs s {{fn.(rf_fn).(f_code), Φ}})%I.
- Global Arguments typed_stmt _ _ _%E _ _%I _.
+ Global Arguments typed_stmt _ _ _%_E _ _%_I _.
(* [P] is an invariant on the context. *)
Definition typed_block (P : elctx → llctx → iProp Σ) (b : label) (fn : runtime_function) (R : typed_stmt_R_t) (Ï : lft) : iProp Σ :=
@@ -3417,7 +3416,7 @@ Section relate_list.
- iR.
iApply (big_sepL2_wand with "(Ha [] [//])").
{ iPureIntro. lia. }
- iApply big_sepL2_intro; first (by rewrite !replicate_length).
+ iApply big_sepL2_intro; first (by rewrite !length_replicate).
iModIntro. iIntros (?????). rewrite Nat.add_succ_r. eauto.
- iSplitR. { iApply "HR"; simpl in Hinv; iPureIntro; first [lia | done]. }
iApply (big_sepL2_mono with "(Ha [] [//])"); last by (iPureIntro; lia).
@@ -3438,7 +3437,7 @@ Section relate_list.
case_decide.
- iR.
iApply (big_sepL2_wand with "Ha").
- iApply big_sepL2_intro; first (by rewrite !replicate_length).
+ iApply big_sepL2_intro; first (by rewrite !length_replicate).
iModIntro. iIntros (?????). rewrite Nat.add_succ_r. eauto.
- iSplitR. { iApply "HR"; simpl in Hinv; iPureIntro; first [lia | done]. }
iApply (big_sepL2_mono with "Ha"). iIntros (?????). rewrite Nat.add_succ_r. done.
@@ -3451,7 +3450,7 @@ Section relate_list.
Proof.
iIntros (Hel) "Ha %Hinv %".
iSpecialize ("Ha" with "[] [//]").
- { rewrite insert_length in Hinv. done. }
+ { rewrite length_insert in Hinv. done. }
iInduction l1 as [ | a l1] "IH" forall (l2 i i0 Hel Hinv); simpl; first done.
destruct l2 as [ | b l2]. { destruct i; done. }
destruct i as [ | i].
@@ -3526,7 +3525,7 @@ Section relate_list.
(⌜i0 + length (<[i:=a]> l1) ≤ fr_cap R⌠-∗ ⌜fr_inv R⌠-∗ [∗ list] i1↦a0;b0 ∈ <[i:=a]> l1;l2, if decide ((i1 + i0)%nat ∈ ig) then True else fr_core_rel R E L (i1 + i0) a0 b0).
Proof.
iIntros (Hnel Hi Hlook) "HR Ha %Hinv %". iSpecialize ("Ha" with "[] [//]").
- { iPureIntro. rewrite insert_length in Hinv. lia. }
+ { iPureIntro. rewrite length_insert in Hinv. lia. }
iInduction l1 as [ | a' l1] "IH" forall (l2 i i0 Hnel Hi Hlook Hinv).
{ simpl in *. lia. }
destruct i as [ | i]; simpl.
@@ -3601,7 +3600,7 @@ Section relate_list.
iMod ("Ha" with "[//] CTX HE HL") as "(Ha & HL & HT)".
iMod ("HT" with "[//] CTX HE HL") as "(Hb & $ & $)".
iModIntro. iIntros "%Hinv %".
- rewrite app_length in Hinv.
+ rewrite length_app in Hinv.
iSpecialize ("Ha" with "[] [//]").
{ iPureIntro. lia. }
iSpecialize ("Hb" with "[] [//]").
@@ -3611,7 +3610,7 @@ Section relate_list.
iApply (big_sepL2_mono with "Hb").
iIntros. rewrite Nat.add_assoc [(k + _)%nat]Nat.add_comm//.
- iDestruct "Ha" as "(Ha & Hb & $)". iIntros "%Hinv %".
- rewrite app_length in Hinv.
+ rewrite length_app in Hinv.
iSpecialize ("Ha" with "[] [//]").
{ iPureIntro. lia. }
iSpecialize ("Hb" with "[] [//]").
@@ -3863,7 +3862,7 @@ Section fold_list.
(⌜i0 + length (<[i:=x]> l1) ≤ fp_cap R⌠-∗ ⌜fp_inv R⌠-∗ [∗ list] i1↦a ∈ <[i:=x]> l1, if decide ((i1 + i0)%nat ∈ ig) then True else fp_core_pred R E L (i1 + i0) a).
Proof.
iIntros (Hel) "Ha". iIntros "%Hinv %". iSpecialize ("Ha" with "[] [//]").
- { rewrite insert_length in Hinv. done. }
+ { rewrite length_insert in Hinv. done. }
iInduction l1 as [ | a l1] "IH" forall (i i0 Hel Hinv); simpl; first done.
destruct i as [ | i].
- simpl.
@@ -3948,7 +3947,7 @@ Section fold_list.
Proof.
iIntros (Hnel Hi) "HR Ha".
iIntros "%Hinv %". iSpecialize ("Ha" with "[] [//]").
- { iPureIntro. rewrite insert_length in Hinv. lia. }
+ { iPureIntro. rewrite length_insert in Hinv. lia. }
iInduction l1 as [ | a' l1] "IH" forall (i i0 Hnel Hi Hinv).
{ simpl in *. lia. }
destruct i as [ | i]; simpl.
@@ -4011,14 +4010,14 @@ Section fold_list.
- iIntros "Ha" (??) "#CTX #HE HL".
iMod ("Ha" with "[//] CTX HE HL") as "(Ha & HL & HT)".
iMod ("HT" with "[//] CTX HE HL") as "(Hb & $ & $)".
- iModIntro. iIntros "%Hinv %". rewrite app_length in Hinv.
+ iModIntro. iIntros "%Hinv %". rewrite length_app in Hinv.
iSpecialize ("Ha" with "[] [//]"). { iPureIntro. lia. }
iSpecialize ("Hb" with "[] [//]"). { iPureIntro. lia. }
rewrite big_sepL_app. iFrame.
iApply (big_sepL_mono with "Hb").
iIntros. rewrite Nat.add_assoc [(k + _)%nat]Nat.add_comm//.
- iIntros "(Ha & Hb & $)".
- iIntros "%Hinv %". rewrite app_length in Hinv.
+ iIntros "%Hinv %". rewrite length_app in Hinv.
iSpecialize ("Ha" with "[] [//]"). { iPureIntro. lia. }
iSpecialize ("Hb" with "[] [//]"). { iPureIntro. lia. }
rewrite big_sepL_app. iFrame.
diff --git a/theories/rust_typing/shims.v b/theories/rust_typing/shims.v
index 120b307d54cc2936dc8b571e2e65f520f06a7756..5e8418976e6809c26f033cabf545f916077830be 100644
--- a/theories/rust_typing/shims.v
+++ b/theories/rust_typing/shims.v
@@ -59,7 +59,7 @@ Proof.
{ apply Nat2Z.inj_le. etrans; first apply Hb.
rewrite Nat2Z.inj_pow. nia.
}
- apply PeanoNat.Nat.pow_le_mono_r_iff in Hle; last lia.
+ apply PeanoNat.Nat.pow_le_mono_r_iff in Hle; [| lia ].
nia.
Qed.
Lemma ly_align_log_in_usize ly :
@@ -298,7 +298,7 @@ Proof.
iPoseProof (ofty_value_untyped_from_array with "Hs") as "Hs".
{ rewrite Hlen_s ly_size_mk_array_layout. lia. }
iPoseProof (ofty_value_untyped_from_array with "Ht") as "Ht".
- { rewrite app_length take_length drop_length. rewrite Hlen_t Hlen_s !ly_size_mk_array_layout. lia. }
+ { rewrite length_app length_take length_drop. rewrite Hlen_t Hlen_s !ly_size_mk_array_layout. lia. }
iApply typed_stmt_annot_skip.
repeat liRStep; liShow.
@@ -309,9 +309,9 @@ Proof.
Unshelve.
+ cbn. rewrite -list_fmap_insert.
rewrite insert_app_r_alt; first last.
- { rewrite take_length. lia. }
- rewrite take_length reshape_length.
- rewrite Nat.min_l; first last. { rewrite replicate_length. lia. }
+ { rewrite length_take. lia. }
+ rewrite length_take length_reshape.
+ rewrite Nat.min_l; first last. { rewrite length_replicate. lia. }
rewrite Nat.sub_diag.
f_equiv.
rename select (reshape _ v_s !! i = Some _) into Hlook.
@@ -321,17 +321,17 @@ Proof.
erewrite take_S_r; last done.
rewrite -app_assoc.
f_equiv.
- rewrite insert_take_drop; first last. { rewrite drop_length reshape_length replicate_length. lia. }
+ rewrite insert_take_drop; first last. { rewrite length_drop length_reshape length_replicate. lia. }
rewrite take_0 drop_drop. rewrite Nat.add_1_r. done.
+ rewrite take_ge; last solve_goal with nia.
rewrite drop_ge; last solve_goal with nia.
by rewrite app_nil_r.
- + rewrite drop_ge; first last. { rewrite reshape_length replicate_length. lia. }
+ + rewrite drop_ge; first last. { rewrite length_reshape length_replicate. lia. }
rewrite app_nil_r.
rewrite drop_ge; first last. { solve_goal with nia. }
rewrite app_nil_r.
assert (len ≤ i) as Hle by lia. clear -Hle Hlen_s.
- rewrite take_ge. 2: { rewrite reshape_length replicate_length. lia. }
+ rewrite take_ge. 2: { rewrite length_reshape length_replicate. lia. }
rewrite take_ge; first done.
rewrite Hlen_s /mk_array_layout{1}/ly_size/=. nia.
Qed.
@@ -506,7 +506,7 @@ Proof.
destruct caesium_config.enforce_alignment; last done.
eapply Z.divide_1_l. }
iSplitR; first done.
- iPoseProof (heap_mapsto_loc_in_bounds with "Hl") as "#Hlb".
+ iPoseProof (heap_pointsto_loc_in_bounds with "Hl") as "#Hlb".
iSplitR; first done. iSplitR; first done.
iExists (). iSplitR; first done.
iModIntro. iExists []. iFrame. rewrite /ty_own_val /= //. }
@@ -768,12 +768,12 @@ Proof.
{ solve_layout_alg. }
iExists ly. simpl. iSplitR; first done.
iSplitR; first done. iSplitR; first done.
- iPoseProof (heap_mapsto_loc_in_bounds with "Hl") as "#Hlb".
- iSplitR. { rewrite replicate_length /ly /ly_size /=. done. }
+ iPoseProof (heap_pointsto_loc_in_bounds with "Hl") as "#Hlb".
+ iSplitR. { rewrite length_replicate /ly /ly_size /=. done. }
iSplitR; first done.
iExists tt. iSplitR; first done.
iModIntro. iExists _. iFrame. rewrite uninit_own_spec. iExists ly.
- iSplitR; first done. iPureIntro. rewrite /has_layout_val replicate_length /ly /ly_size //. }
+ iSplitR; first done. iPureIntro. rewrite /has_layout_val length_replicate /ly /ly_size //. }
iRevert "Hf".
@@ -945,7 +945,7 @@ Proof.
Unshelve. all: prepare_sideconditions; normalize_and_simpl_goal; try solve_goal; try (unfold_common_defs; solve_goal); unsolved_sidecond_hook.
{ rewrite /has_layout_loc/layout_wf/aligned_to /ly_align/u8/=. destruct caesium_config.enforce_alignment; last done. apply Z.divide_1_l. }
{ rewrite /has_layout_loc/layout_wf/aligned_to /ly_align/u8/=. destruct caesium_config.enforce_alignment; last done. apply Z.divide_1_l. }
- { rewrite /has_layout_val drop_length/=. rewrite Hlen/new_ly/ly_size/=. lia. }
+ { rewrite /has_layout_val length_drop/=. rewrite Hlen/new_ly/ly_size/=. lia. }
Qed.
@@ -1045,7 +1045,7 @@ Proof.
unfold_no_enrich. inv_layout_alg.
match goal with | H: Z.of_nat (ly_size ?Hly) ≠0%Z |- _ => rename Hly into T_st_ly end.
have: (Z.of_nat $ ly_size T_st_ly) ∈ usize_t by done.
- efeed pose proof (ly_align_log_in_usize T_st_ly) as Ha; first done.
+ opose proof* (ly_align_log_in_usize T_st_ly) as Ha; first done.
move: Ha. rewrite int_elem_of_it_iff int_elem_of_it_iff.
intros [? Halign]%(val_of_Z_is_Some None) [? Hsz]%(val_of_Z_is_Some None).
iDestruct "CTX" as "(LFT & TIME & LLCTX)".
@@ -1065,12 +1065,12 @@ Proof.
{ iExists _, _. iSplitR; first done. iSplitR; first done.
match goal with | H : CACHED (use_layout_alg (ty_syn_type T) = Some ?ly) |- _ => rename ly into T_ly; rename H into H_T end.
iR.
- iPoseProof (heap_mapsto_loc_in_bounds with "Hl") as "#Hlb".
- rewrite replicate_length. iFrame "Hlb". simpl. iSplitR; first done. iFrame.
+ iPoseProof (heap_pointsto_loc_in_bounds with "Hl") as "#Hlb".
+ rewrite length_replicate. iFrame "Hlb". simpl. iSplitR; first done. iFrame.
iSplitL "Hfree". { by iApply freeable_freeable_nz. }
iExists (). iSplitR; first done. iNext. iModIntro.
- iExists _. iFrame. rewrite uninit_own_spec. iExists T_ly.
- iSplitR; first done. rewrite /has_layout_val replicate_length //. }
+ rewrite uninit_own_spec. iExists T_ly.
+ iSplitR; first done. rewrite /has_layout_val length_replicate //. }
iSplitR; first done.
repeat liRStep; liShow.
diff --git a/theories/rust_typing/shr_ref.v b/theories/rust_typing/shr_ref.v
index 09c3c58e1e0a3becbb52a3d94d074c9eaf14029e..3697c579279f9f8755d3a2f1c87fcd348cbaa98f 100644
--- a/theories/rust_typing/shr_ref.v
+++ b/theories/rust_typing/shr_ref.v
@@ -69,11 +69,9 @@ Section shr_ref.
iModIntro.
iApply logical_step_intro.
rewrite -!lft_tok_sep. iFrame.
- iExists l', ly', r'.
+ iExists ly'.
iSplitR. { inversion Halg; subst; done. }
- iSplitR; first done. iSplitR; first done.
- iSplitR; first done. iSplitR; first done.
- iFrame.
+ do 3 iR. iFrame "Hsc".
Qed.
Next Obligation.
iIntros (? ? ? κ' κ'' π r l) "#Hord H".
@@ -114,8 +112,8 @@ Section shr_ref.
iSplitL "Hmt1". { iNext. iFrame "Hmt1". iExists li, ly', r'. iFrame "#". eauto. }
iIntros "Hmt1".
iApply "Hclose". iModIntro. rewrite -{3}(Qp.div_2 q').
- iPoseProof (heap_mapsto_agree with "Hmt1 Hmt2") as "%Heq"; first done.
- rewrite heap_mapsto_fractional. iFrame.
+ iPoseProof (heap_pointsto_agree with "Hmt1 Hmt2") as "%Heq"; first done.
+ rewrite heap_pointsto_fractional. iFrame.
Qed.
Global Instance shr_ref_type_contractive {rt : Type} κ : TypeContractive (shr_ref (rt:=rt) κ).
@@ -148,7 +146,7 @@ Section ofty.
iExists _, _, _. iR. iR. iR. iFrame "#". done.
-iIntros "(%l' & %ly & %r' & %Hl & % & % & #Hsc & #Hlb & <- & #Ha)".
apply val_of_loc_inj in Hl. subst.
- iExists _. iR. iR. iFrame "#". iExists _. iR. done.
+ iExists _. iR. iR. iFrame "#". done.
Qed.
End ofty.
@@ -298,7 +296,7 @@ Section subltype.
iIntros (Ï€ l). rewrite !ltype_own_shr_ref_unfold /shr_ltype_own.
iIntros "(%ly & ? & ? & Hlb & %ri & Hrfn & #Hb)".
iExists ly. iFrame. rewrite -?Hd -?Hly_eq. iFrame.
- iExists ri. iFrame. iModIntro. iMod "Hb".
+ iModIntro. iMod "Hb".
iDestruct "Hb" as "(%li & Hs & Hb)". iModIntro. iExists li. iFrame. iNext.
iDestruct ("Heq" $! _) as "(_ & Hi1 & _)".
iApply ltype_own_shr_mono; last by iApply "Hi1". done.
@@ -356,7 +354,7 @@ Section subltype.
iIntros "(%ly & ? & ? & Hlb & ? & %ri & Hrfn & Hb)".
iModIntro.
iExists ly. iFrame. rewrite -?Hd -?Hly_eq.
- iFrame. iExists ri. iFrame. iNext.
+ iFrame. iNext.
iMod "Hb" as "(%li & Hli & Hb)". iExists li. iFrame "Hli".
iDestruct ("Heq" $! _) as "(_ & Heq' & _)".
iApply ltype_own_shr_mono; last by iApply "Heq'". done.
@@ -486,24 +484,28 @@ Section ltype_agree.
iIntros "(%ly & ? & ? & #Hlb & ? & %ri & Hrfn & Hb)".
iModIntro.
iExists ly.
- iFrame. iFrame "Hlb". iExists _. iFrame. iNext. iMod "Hb" as "(%l' & Hl & Hb)".
+ iFrame. iR. iNext. iMod "Hb" as "(%l' & Hl & Hb)".
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iDestruct "Hb" as "(%ly' & ? & ? & Hsc & Hlb' & %ri' & Hrfn' & Hb)".
- iExists l'. iFrame. iExists l', _, _. iFrame. done.
+ iModIntro. iFrame. done.
Qed.
+
Lemma shr_ref_unfold_1_shared κ κ' r :
⊢ ltype_incl' (Shared κ') r r (ShrLtype (◠ty) κ) (◠(shr_ref κ ty)).
Proof.
- iModIntro. iIntros (Ï€ l). rewrite ltype_own_shr_ref_unfold /shr_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
+ iModIntro. iIntros (Ï€ l).
+ rewrite ltype_own_shr_ref_unfold /shr_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
iIntros "(%ly & %Ha & % & #Hlb & %ri & Hrfn & #Hb)".
- iExists ly. iFrame. iFrame "Hlb %". iExists _. iFrame.
+ iExists ly. iFrame. do 3 iR.
iModIntro. iMod "Hb".
iDestruct "Hb" as "(%li & #Hs & Hb)".
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iDestruct "Hb" as "(%ly' & >? & >? & >Hsc & >Hlb' & %r' & >Hrfn & Hb)". iModIntro.
+ iDestruct "Hb" as "(%ly' & >? & >? & >Hsc & >Hlb' & %r' & >Hrfn & Hb)".
+ iModIntro.
iExists _, _, _. iFrame. iSplitR; last done.
injection Ha as <-. done.
Qed.
+
Lemma shr_ref_unfold_1_uniq κ κ' γ r :
⊢ ltype_incl' (Uniq κ' γ) r r (ShrLtype (◠ty) κ) (◠(shr_ref κ ty)).
Proof.
@@ -520,8 +522,7 @@ Section ltype_agree.
iMod "Hb" as "(%v & Hl & Hb)".
iDestruct "Hb" as "(%li & %ly' & %ri & -> & ? & ? & Hlb & Hsc & Hrfn & Hb)".
iExists _. iFrame. rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iFrame. iExists ly'. iFrame.
- iExists _. by iFrame.
+ by iFrame.
- iNext. iModIntro. iSplit.
* iIntros "(%r' & Hauth & Hb)". iExists _. iFrame.
iMod "Hb" as "(%l' & Hl & Hb)". iExists l'. iFrame.
@@ -535,8 +536,7 @@ Section ltype_agree.
iExists _. iFrame.
rewrite ltype_own_core_equiv. simp_ltype.
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iFrame. iExists ly'. iFrame.
- iExists _. by iFrame.
+ by iFrame.
Qed.
Local Lemma shr_ref_unfold_1' κ k r :
@@ -560,28 +560,31 @@ Section ltype_agree.
Proof.
iModIntro. iIntros (Ï€ l). rewrite ltype_own_shr_ref_unfold /shr_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
iIntros "(%ly & ? & ? & Hsc & Hlb & ? & %r' & Hrfn & Hb)".
- iModIntro. iExists ly. iFrame. iExists _. iFrame.
- iNext. iMod "Hb" as "(%v & Hl & %li & %ly' & %ri & -> & ? & ? & Hlb' & Hsc' & Hrfn' & Hb)".
- iExists _. iFrame. rewrite ltype_own_ofty_unfold /lty_of_ty_own.
+ iModIntro. iExists ly. iFrame.
+ iModIntro.
+ iMod "Hb" as "(%v & Hl & %li & %ly' & %ri & -> & ? & ? & Hlb' & Hsc' & Hrfn' & Hb)".
+ iModIntro.
+ iFrame. rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iExists ly'. iFrame.
- iExists _. by iFrame.
Qed.
+
Lemma shr_ref_unfold_2_shared κ κ' r :
⊢ ltype_incl' (Shared κ') r r (◠(shr_ref κ ty)) (ShrLtype (◠ty) κ).
Proof.
iModIntro. iIntros (Ï€ l). rewrite ltype_own_shr_ref_unfold /shr_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
iIntros "(%ly & ? & ? & Hsc & Hlb & %r' & Hrfn & #Hb)". iExists ly. iFrame.
- iExists r'. iFrame. iModIntro. iMod "Hb".
+ iModIntro. iMod "Hb".
iDestruct "Hb" as "(%li & %ly' & %ri & ? & ? & ? & Hlb' & Hsc & Hrfn & Hs & Hb)".
iModIntro. iExists _. iFrame. iNext. iDestruct "Hb" as "#Hb".
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iExists ly'. iFrame.
- iExists _. iFrame. done.
+ iExists ly'. by iFrame.
Qed.
+
Lemma shr_ref_unfold_2_uniq κ κ' γ r :
⊢ ltype_incl' (Uniq κ' γ) r r (◠(shr_ref κ ty)) (ShrLtype (◠ty) κ).
Proof.
- iModIntro. iIntros (Ï€ l). rewrite ltype_own_shr_ref_unfold /shr_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
+ iModIntro. iIntros (Ï€ l).
+ rewrite ltype_own_shr_ref_unfold /shr_ltype_own ltype_own_ofty_unfold /lty_of_ty_own.
(* same proof as above essentially *)
iIntros "(%ly & ? & ? & Hsc & ? & ? & ? & Hb)". iExists ly. iFrame. iMod "Hb". iModIntro.
iApply (pinned_bor_iff with "[] [] Hb").
@@ -590,8 +593,7 @@ Section ltype_agree.
iMod "Hb" as "(%v & Hl & Hb)".
iDestruct "Hb" as "(%li & %ly' & %ri & -> & ? & ? & Hlb & Hsc & Hrfn & Hb)".
iExists _. iFrame. rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iExists ly'. iFrame.
- iExists _. by iFrame.
+ iExists ly'. by iFrame.
* iIntros "(%r' & Hauth & Hb)". iExists _. iFrame.
iMod "Hb" as "(%l' & Hl & Hb)".
iExists l'. iFrame. rewrite ltype_own_ofty_unfold /lty_of_ty_own.
@@ -603,8 +605,7 @@ Section ltype_agree.
iDestruct "Hb" as "(%li & %ly' & %ri & -> & ? & ? & Hlb & Hsc & Hrfn & Hb)".
iExists _. iFrame. rewrite ltype_own_core_equiv. simp_ltypes.
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
- iExists ly'. iFrame.
- iExists _. by iFrame.
+ iExists ly'. by iFrame.
* iIntros "(%r' & Hauth & Hb)". iExists _. iFrame.
iMod "Hb" as "(%l' & Hl & Hb)".
iExists l'. iFrame. rewrite ltype_own_core_equiv. simp_ltype.
@@ -613,7 +614,6 @@ Section ltype_agree.
iExists l', _, _. iFrame. done.
Qed.
-
Local Lemma shr_ref_unfold_2' κ k r :
⊢ ltype_incl' k r r (◠(shr_ref κ ty)) (ShrLtype (◠ty) κ).
Proof.
@@ -622,6 +622,7 @@ Section ltype_agree.
- iApply shr_ref_unfold_2_shared.
- iApply shr_ref_unfold_2_uniq.
Qed.
+
Lemma shr_ref_unfold_2 κ k r :
⊢ ltype_incl k r r (◠(shr_ref κ ty)) (ShrLtype (◠ty) κ).
Proof.
@@ -697,7 +698,7 @@ Section acc.
iModIntro. iSplitL.
- rewrite ltype_own_shr_ref_unfold /shr_ltype_own. iExists void*.
iSplitR; first done. iFrame "Hlb % ∗".
- iExists _. iSplitR; first done. iNext. eauto with iFrame.
+ iSplitR; first done. iNext. eauto with iFrame.
- iIntros "Hcond %Hrt". iDestruct "Hcond" as "[Hty Hrfn]".
subst. iSplit.
+ by iApply (shr_ltype_place_cond_ty).
@@ -826,8 +827,7 @@ Section acc.
iIntros (lt' r'') "Hpts #Hl'".
iMod ("Hclf" with "Hpts") as "Htok".
iFrame. iSplitL.
- { iModIntro. rewrite ltype_own_shr_ref_unfold /shr_ltype_own. iExists void*. iFrame "% #".
- iR. iExists _. iR. iModIntro. iModIntro. iExists _. iFrame "#". }
+ { iModIntro. rewrite ltype_own_shr_ref_unfold /shr_ltype_own. iExists void*. by iFrame "% #". }
iModIntro. iIntros (bmin) "Hincl Hcond".
iDestruct "Hcond" as "(Hcond_ty & Hcond_rfn)".
iModIntro. iSplit.
diff --git a/theories/rust_typing/type.v b/theories/rust_typing/type.v
index 3a8f5988cc471968c4872be30cf12e3005c66bfe..83afdbafd401175b93ece6a8fefcac0c2766a22e 100644
--- a/theories/rust_typing/type.v
+++ b/theories/rust_typing/type.v
@@ -1010,7 +1010,7 @@ Ltac dist_later_2_intro :=
refine (dist_later_2_intro _ _ _ _);
intros ??.
-Class TypeDist `{!typeGS Σ} {rt} (n : nat) (ty1 ty2 : type rt) : Type := {
+Class TypeDist `{!typeGS Σ} {rt} (n : nat) (ty1 ty2 : type rt) : Prop := {
type_dist_st :
ty1.(ty_syn_type) = ty2.(ty_syn_type);
type_dist_sc :
@@ -1022,7 +1022,7 @@ Class TypeDist `{!typeGS Σ} {rt} (n : nat) (ty1 ty2 : type rt) : Type := {
type_dist_shr :
(∀ κ Ï€ r l, (l â—â‚—{Ï€, κ} r @ ty1 ≡{n}≡ l â—â‚—{Ï€, κ} r @ ty2)%I);
}.
-Class TypeDist2 `{!typeGS Σ} {rt} (n : nat) (ty1 ty2 : type rt) : Type := {
+Class TypeDist2 `{!typeGS Σ} {rt} (n : nat) (ty1 ty2 : type rt) : Prop := {
type_dist2_st :
ty1.(ty_syn_type) = ty2.(ty_syn_type);
type_dist2_sc :
@@ -1034,7 +1034,7 @@ Class TypeDist2 `{!typeGS Σ} {rt} (n : nat) (ty1 ty2 : type rt) : Type := {
type_dist2_shr :
(∀ κ Ï€ r l, (l â—â‚—{Ï€, κ} r @ ty1 ≡{n}≡ l â—â‚—{Ï€, κ} r @ ty2)%I);
}.
-Class TypeDistLater `{!typeGS Σ} {rt} (n : nat) (ty1 ty2 : type rt) : Type := {
+Class TypeDistLater `{!typeGS Σ} {rt} (n : nat) (ty1 ty2 : type rt) : Prop := {
type_dist_later_st :
ty1.(ty_syn_type) = ty2.(ty_syn_type);
type_dist_later_sc :
@@ -1046,7 +1046,7 @@ Class TypeDistLater `{!typeGS Σ} {rt} (n : nat) (ty1 ty2 : type rt) : Type := {
type_dist_later_shr :
(∀ κ Ï€ r l, dist_later n (l â—â‚—{Ï€, κ} r @ ty1)%I (l â—â‚—{Ï€, κ} r @ ty2)%I);
}.
-Class TypeDistLater2 `{!typeGS Σ} {rt} (n : nat) (ty1 ty2 : type rt) : Type := {
+Class TypeDistLater2 `{!typeGS Σ} {rt} (n : nat) (ty1 ty2 : type rt) : Prop := {
type_dist_later2_st :
ty1.(ty_syn_type) = ty2.(ty_syn_type);
type_dist_later2_sc :
@@ -1872,8 +1872,8 @@ Section copy.
iSplitL "Hmt1"; first by auto with iFrame.
iIntros "Hmt1".
iApply "Hclose". iModIntro. rewrite -{3}(Qp.div_2 q').
- iPoseProof (heap_mapsto_agree with "Hmt1 Hmt2") as "%Heq"; first done.
- rewrite heap_mapsto_fractional. iFrame.
+ iPoseProof (heap_pointsto_agree with "Hmt1 Hmt2") as "%Heq"; first done.
+ rewrite heap_pointsto_fractional. iFrame.
Qed.
Global Instance copy_equiv `{!typeGS Σ} {rt} : Proper (equiv ==> impl) (@Copyable _ _ rt).
diff --git a/theories/rust_typing/typing.v b/theories/rust_typing/typing.v
index 46f89021900211f6e1a3502d09f41501a5ff95a8..9b2dcf693b7bf2c01ae3249f13e7d5fc711a6c82 100644
--- a/theories/rust_typing/typing.v
+++ b/theories/rust_typing/typing.v
@@ -3,7 +3,7 @@ From refinedrust Require Export automation.loc_eq manual automation.
From refinedrust Require Export simpl.
(* In my experience, this has led to more problems with [normalize_autorewrite] rewriting below definitions too eagerly. *)
-Export Unset Keyed Unification.
+#[export] Unset Keyed Unification.
(* For some reason, we need to declare this instance here for stuff to work, despite exporting [simpl] as the last thing above! So weird! *)
Global Instance simpl_exist_plist_cons' {X : Type} (F : X → Type) (x : X) xs (Q : plist F (x :: xs) → Prop) :
diff --git a/theories/rust_typing/uninit.v b/theories/rust_typing/uninit.v
index 6f558983273399e17830194e56b20cece873e736..c62560ba719bab653be33537ba25bb67eed80894 100644
--- a/theories/rust_typing/uninit.v
+++ b/theories/rust_typing/uninit.v
@@ -321,7 +321,7 @@ li_tactic (compute_layout_goal (ty_syn_type ty1)) (λ ly1,
rewrite ltype_own_ofty_unfold /lty_of_ty_own. simpl.
iExists ly. iSplitR; first done. iSplitR; first done.
iSplitR; first done. iFrame. iExists _. iSplitR; first done.
- iModIntro. iModIntro. iExists v. iFrame.
+ iModIntro. iModIntro.
iExists ly. iSplitR; first done. iSplitR; first done.
iPureIntro. rewrite Forall_forall. done.
Qed.
diff --git a/theories/rust_typing/uninit_def.v b/theories/rust_typing/uninit_def.v
index 825a83749f187b30d6f57c09d0a2152e906b430a..3b15f0469245fbcdcf5bf435bd35107c1e5355ab 100644
--- a/theories/rust_typing/uninit_def.v
+++ b/theories/rust_typing/uninit_def.v
@@ -72,9 +72,9 @@ Section bytewise.
iIntros (?[Hv HP]). iSplitL.
- eapply Forall_take in HP; iSplitL; last done.
iPureIntro. rewrite /has_layout_val in Hv.
- by rewrite /has_layout_val take_length min_l // Hv.
+ by rewrite /has_layout_val length_take min_l // Hv.
- eapply Forall_drop in HP; iSplitL; last done.
- iPureIntro. by rewrite /has_layout_val drop_length Hv.
+ iPureIntro. by rewrite /has_layout_val length_drop Hv.
Qed.
(* the corresponding lemma for shared ownership does not seem provable currently: how should we split the fractured borrow?*)
(* TODO: check if this is a fundamental limitation / why are fractured borrows not covariant in their predicate? *)
@@ -88,7 +88,7 @@ Section bytewise.
Proof.
iIntros (??) "(%Hv1 & %HP1) (%Hv2 & %HP2)".
iSplitL; iPureIntro.
- - rewrite /has_layout_val app_length Hv1 Hv2.
+ - rewrite /has_layout_val length_app Hv1 Hv2.
rewrite {2}/ly_size/=. lia.
- by apply Forall_app.
Qed.
diff --git a/theories/rust_typing/util.v b/theories/rust_typing/util.v
index 587040344729edd00167b4c994a11076a84dc2bd..efb5b6cdcfb2a62f78cf2d26f9de55126ad126a4 100644
--- a/theories/rust_typing/util.v
+++ b/theories/rust_typing/util.v
@@ -156,9 +156,9 @@ Proof.
{ rewrite elem_of_nil; done. }
rewrite elem_of_cons.
intros [-> | Hel].
- - rewrite take_length. lia.
+ - rewrite length_take. lia.
- eapply IH; last apply Hel.
- rewrite drop_length. lia.
+ rewrite length_drop. lia.
Qed.
Lemma reshape_replicate_0 {A} (xs : list A) n :
@@ -551,7 +551,7 @@ Proof.
{ iIntros "_ $ _ "; done. }
iIntros "Hl HP #Hstep".
rewrite big_sepL_app.
- rewrite !app_length/=.
+ rewrite !length_app/=.
rewrite Nat.add_0_r. iDestruct "Hl" as "(Hl & Ha & _)".
rewrite Nat.add_succ_r Nat.add_0_r.
iPoseProof ("Hstep" with "[] HP Ha") as "HP".
@@ -566,7 +566,7 @@ Lemma big_sepL2_from_big_sepL {Σ} {A B} (l : list (A * B)) (Φ : _ → _ → _
([∗ list] i ↦ x ∈ l, Φ i x.1 x.2) ⊢
[∗ list] i ↦ x; y ∈ l.*1; l.*2, Φ i x y.
Proof.
- iIntros "Ha". iApply big_sepL2_alt. rewrite !fmap_length. iR.
+ iIntros "Ha". iApply big_sepL2_alt. rewrite !length_fmap. iR.
rewrite zip_fst_snd//.
Qed.
Lemma big_sepL2_from_zip {Σ} {A B} (l1 : list A) (l2 : list B) (Φ : _ → _ → _ → iProp Σ) :
@@ -626,11 +626,11 @@ Proof.
rewrite big_sepL2_to_zip.
rewrite big_sepL_exists. iDestruct "Ha" as "(%l3 & Ha)".
iPoseProof (big_sepL2_length with "Ha") as "%Hlen2".
- rewrite zip_with_length in Hlen2.
+ rewrite length_zip_with in Hlen2.
rewrite big_sepL2_to_zip.
rewrite zip_assoc_l big_sepL_fmap.
iExists l3. iSplitR. { iPureIntro. lia. }
- iApply (big_sepL2_from_zip). { rewrite zip_with_length. lia. }
+ iApply (big_sepL2_from_zip). { rewrite length_zip_with. lia. }
iApply (big_sepL_impl with "Ha").
iModIntro. iIntros (? [? [? ?]] ?); simpl. eauto.
Qed.
diff --git a/theories/rust_typing/value.v b/theories/rust_typing/value.v
index 8028ff884461c49c30e1a4bd8ed35aa197e5c706..a7c2c7b3afe08b117ac0eb7f6d1b2b49f2b66cb4 100644
--- a/theories/rust_typing/value.v
+++ b/theories/rust_typing/value.v
@@ -176,7 +176,7 @@ Section lemmas.
iExists _. iR. simpl.
iPureIntro. split_and!.
- eapply is_memcast_val_untyped_app; [ | done..]. done.
- - rewrite /has_layout_val. rewrite app_length. lia.
+ - rewrite /has_layout_val. rewrite length_app. lia.
- done.
Qed.
@@ -196,16 +196,16 @@ Section lemmas.
apply use_op_alg_untyped_inv in Hot as ->.
apply syn_type_has_layout_untyped_inv in Hst as (<- & Hwf & Hsz' & ?).
apply is_memcast_val_untyped_inv in Hmc as <-.
- rewrite /has_layout_val/= app_length in Hly.
+ rewrite /has_layout_val/= length_app in Hly.
simpl in *.
iSplit.
- iPureIntro. exists (UntypedOp ly2). split; first done.
- split. { left. rewrite take_app//. }
- split. { rewrite take_app. rewrite /has_layout_val/=. lia. }
+ split. { left. rewrite take_app_length//. }
+ split. { rewrite take_app_length. rewrite /has_layout_val/=. lia. }
apply syn_type_has_layout_untyped; try naive_solver lia.
- iPureIntro. exists (UntypedOp ly3). split; first done.
- split. { left. rewrite drop_app//. }
- split. { rewrite drop_app. rewrite /has_layout_val/=. lia. }
+ split. { left. rewrite drop_app_length//. }
+ split. { rewrite drop_app_length. rewrite /has_layout_val/=. lia. }
apply syn_type_has_layout_untyped; naive_solver lia.
Qed.
End lemmas.
@@ -225,8 +225,7 @@ Section ofty_lemmas.
iMod (fupd_mask_mono with "Hb") as "(%v & Hl & Hv)"; first done.
iPoseProof (value_has_length with "Hv") as "(% & %)"; first done.
assert (ly' = ly) as -> by by eapply syn_type_has_layout_inj.
- iR. iModIntro. iExists _. iFrame. iR. iR. iExists _. iR.
- iModIntro. eauto with iFrame.
+ iR. iModIntro. iExists _. by iFrame.
Qed.
(* NOTE: We can make this into a typed value afterwards using [ofty_value_untyped_make_typed] *)
@@ -248,10 +247,9 @@ Section ofty_lemmas.
rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iExists _. simpl.
iSplitR. { iPureIntro. eapply syn_type_has_layout_make_untyped; done. }
- iSplitR; first done. iFrame.
- iExists _. iSplitR; first done. iModIntro.
- iExists v. by iFrame.
+ iSplitR; first done. by iFrame.
Qed.
+
Lemma ofty_own_split_value_untyped_lc π F l wl {rt} (ty : type rt) r ly :
lftE ⊆ F →
syn_type_has_layout (ty_syn_type ty) ly →
@@ -281,12 +279,13 @@ Section ofty_lemmas.
iDestruct "Hl" as "(%ly & %Halg & % & Hsc & Hlb & Hcred & %r' & Hrfn & Hb)".
simpl in Halg.
iExists ly.
- iFrame. iFrame "%".
+ iFrame "%".
iPoseProof (ty_own_val_sidecond with "Hv") as "#$".
assert ((∃ ly1, st = UntypedSynType ly1 ∧ syn_type_has_layout (ty_syn_type ty) ly1 ∧ ty_has_op_type ty (UntypedOp ly1) MCCopy) ∨ (ty_has_op_type ty (use_op_alg' (ty_syn_type ty)) MCCopy ∧ ty_syn_type ty = st)) as Hb.
{ destruct st; eauto. }
iSplitR. { iPureIntro. destruct Hb as [(ly1 & -> & ? & ?) | (? & <-)]; last done.
apply syn_type_has_layout_untyped_inv in Halg as (-> & _). done. }
+ iFrame "Hlb Hcred".
iExists r. iSplitR; first done.
iNext. iMod "Hb" as "(%v' & Hl & Hv')". iModIntro.
iDestruct "Hrfn" as "<-".
@@ -379,7 +378,7 @@ Section ofty_lemmas.
iMod (fupd_mask_mono with "Hb2") as "(%v2 & Hl2 & Hv2)"; first done.
iModIntro.
iExists (v1 ++ v2).
- rewrite heap_mapsto_app. iFrame.
+ rewrite heap_pointsto_app. iFrame.
iPoseProof (ty_has_layout with "Hv1") as "(%ly' & %Halg & %Hlyv)".
apply syn_type_has_layout_untyped_inv in Halg as (-> & ? & ?).
iSplitL "Hl2". { rewrite /has_layout_val in Hlyv. rewrite Hlyv. done. }
@@ -407,34 +406,27 @@ Section ofty_lemmas.
iMod (fupd_mask_mono with "Hb") as "(%v & Hl & Hv)"; first done.
specialize (syn_type_has_layout_untyped_inv _ _ Halg) as (-> & ? & ? &?).
rewrite Hsz. rewrite -loc_in_bounds_split_suf. iDestruct "Hlb" as "(Hlb1 & Hlb2)".
- efeed pose proof (ly_align_in_bounds_mono ly1 ly2); [done.. | ].
- efeed pose proof (ly_align_in_bounds_mono ly1 ly3); [lia | done | ].
+ opose proof* (ly_align_in_bounds_mono ly1 ly2); [done.. | ].
+ opose proof* (ly_align_in_bounds_mono ly1 ly3); [lia | done | ].
iPoseProof (value_has_length with "Hv") as "(%Hlen1 & %Hlen2)"; first done.
- rewrite app_length in Hlen1.
+ rewrite length_app in Hlen1.
iPoseProof (value_untyped_app_split _ _ _ _ ly1 ly2 ly3 with "Hv") as "(Hv1 & Hv2)".
- { done. }
- { done. }
- { done. }
- { done. }
- { done. }
- { done. }
+ 1-6: done.
(rewrite -{1}(take_drop (length v2) v)).
- rewrite heap_mapsto_app. iDestruct "Hl" as "(Hl1 & Hl2)".
+ rewrite heap_pointsto_app. iDestruct "Hl" as "(Hl1 & Hl2)".
iSplitL "Hv1 Hl1 Hlb1".
- iModIntro. rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iExists ly2. iSplitR. { iPureIntro. apply syn_type_has_layout_untyped; naive_solver lia. }
iSplitR. { iPureIntro. eapply has_layout_loc_trans; first done. lia. }
- simpl. iR. iFrame. iR. iExists v2. iR.
- iModIntro. iExists _. iFrame.
+ simpl. by iFrame.
- iModIntro. rewrite ltype_own_ofty_unfold /lty_of_ty_own.
iExists ly3. iSplitR. { iPureIntro. apply syn_type_has_layout_untyped; naive_solver lia. }
iSplitR. { iPureIntro. apply has_layout_loc_shift_loc_nat.
+ eapply has_layout_loc_trans; first done. lia.
+ trans (ly_align ly2); first last. { rewrite -Nat2Z.divide//. }
rewrite -Nat2Z.divide. apply Zdivide_nat_pow. done. }
- simpl. iR. iFrame. iExists v3. iR.
- iModIntro. iExists _. iFrame.
- rewrite take_length. rewrite Hszeq Nat.min_l; first done.
+ simpl. iR. iFrame. iR.
+ iModIntro. rewrite length_take. rewrite Hszeq Nat.min_l; first done.
lia.
Qed.
@@ -460,7 +452,7 @@ Section ofty_lemmas.
- simpl. lia.
- simpl. rewrite !ly_size_mk_array_layout. lia.
- rewrite take_drop//.
- - rewrite take_length. simpl.
+ - rewrite length_take. simpl.
apply syn_type_has_layout_untyped_inv in Hstly as (-> & ? & ? & ?).
rewrite Hlen !ly_size_mk_array_layout. lia.
- by apply array_layout_wf.
@@ -901,7 +893,7 @@ Section rules.
iPoseProof (ty_memcast_compat with "Hv") as "Hid"; first done. simpl.
iModIntro. iExists _, _,_, _. iFrame.
(* strong update *)
- iExists _, _, _, ResultStrong. iFrame.
+ iExists ResultStrong.
iSplitR; first done.
iR.
done.
@@ -944,7 +936,7 @@ Section rules.
iMod "Hcl_F" as "_".
iModIntro. iExists _, _,_, _. iFrame.
(* strong update *)
- iExists _, _, _, ResultStrong. iFrame.
+ iExists ResultStrong. iFrame.
iSplitR; first done.
iR.
done.
@@ -990,7 +982,7 @@ Section rules.
(*iPoseProof (ty_memcast_compat with "Hv") as "Hid"; first done. simpl.*)
iModIntro. iExists _, _, (value_t (ty_syn_type ty)), _. iFrame "∗ #".
(* strong update *)
- iExists _, _, _, ResultStrong. iFrame.
+ iExists ResultStrong. iFrame.
do 2 iR.
iApply "Hs". done.
Qed.
@@ -1033,7 +1025,7 @@ Section rules.
iPoseProof (ty_memcast_compat with "Hv") as "Hid"; first done. simpl.
iModIntro. iExists _, _,_, _. iFrame.
(* strong update *)
- iExists _, _, _, ResultStrong. iFrame.
+ iExists ResultStrong. iFrame.
iSplitR; first done.
iR.
done.