Th2.3: prove If rule

wp.v

@@ -83,8 +83,8 @@ Fixpoint interp (inst: Instr) (mem: MemCpo) : MemCpo :=
         | seq instr1 instr2 => interp instr2 (interp instr1 (MemElem mem0))
         | ifelse guard instrIf instrElse =>
             if ((guard mem0) =? 0) % Z
-                then interp instrIf mem
+                then interp instrElse mem
-                else interp instrElse mem
+                else interp instrIf mem
         | while guard body =>
             let fix while_chain (mem: MemCpo) (n: nat): MemCpo :=
                 match n with
@@ -155,7 +155,7 @@ Notation "a [[ x <- 'expr' z ]]" := (substAssertExpr a x z)
     (at level 50, left associativity).
 
 Definition assertOfExpr : Expr -> Assert :=
-    fun expr mem => expr mem <> 0%Z.
+    fun expr mem => (expr mem <> 0)%Z.
 
 Definition assertImplLogical (a1 a2: Assert): Prop :=
     forall (m: Mem), (a1 m) -> (a2 m).
@@ -240,4 +240,12 @@ Proof.
         apply (IHdeduction2 m). unfold hoare_consequence in IHdeduction1.
         specialize IHdeduction1 with mem as IH1_mem.
         rewrite mRel in IH1_mem. apply IH1_mem. assumption.
-    - 
+    - destruct (expr mem =? 0)%Z eqn:branchEqn.
+        * apply (IHdeduction2 mem). unfold assertOfExpr.
+          unfold assertAnd. split.
+            + assumption.
+            + unfold assertNot. rewrite <- Z.eqb_eq. congruence.
+        * apply (IHdeduction1 mem). unfold assertOfExpr.
+          unfold assertAnd. split.
+            + assumption.
+            + rewrite <- Z.eqb_eq. congruence.