Modify notation, state theorem 2.3

2017-12-05 00:27:35 +01:00 · 2017-12-05 00:27:35 +01:00 · d1b62ad2b5
commit d1b62ad2b5
parent 7e2c2e08dc
1 changed files with 37 additions and 14 deletions
--- a/wp.v
+++ b/wp.v
@ -164,37 +164,60 @@ Definition assertImplLogical : Assert -> Assert -> Prop :=
 (***** Hoare provability *****************************************************)
 Parameter  hoare_provability : Assert -> Instr -> Assert -> Prop.
-Notation "[| pre  |] instr  [| post |]" := (hoare_provability pre instr post)
+Notation "|- [| pre  |] instr  [| post |]" :=
-        (at level 30): assert.
+        (hoare_provability pre instr post) (at level 30): assert.
-Axiom h_skip: forall (asser: Assert), ( [|asser|] skip [|asser|]) % assert.
+Axiom h_skip: forall (asser: Assert), ( |- [|asser|] skip [|asser|]) % assert.
 Axiom h_abort: forall (a1:Assert), forall (a2: Assert),
-    ([|a1|] abort [|a2|]) % assert.
+    (|- [|a1|] abort [|a2|]) % assert.
 Axiom h_assign: forall (asser: Assert), forall (x: Var), forall (e: Expr),
-    ([| asser [[ x <- expr e ]] |] (assign x e) [|asser|]) % assert.
+    (|- [| asser [[ x <- expr e ]] |] (assign x e) [|asser|]) % assert.
 Axiom h_conseq:
    forall (a1: Assert), forall (a1': Assert),
    forall (a2: Assert), forall (a2': Assert),
    forall (s: Instr),
-    ([| a1' |] s [| a2' |]) % assert ->
+    (|- [| a1' |] s [| a2' |]) % assert ->
            (assertImplLogical a1 a1') ->
            (assertImplLogical a2' a2) ->
-            ([| a1 |] s [| a2 |]) % assert.
+            (|- [| a1 |] s [| a2 |]) % assert.
 Axiom h_seq:
    forall (a1: Assert), forall (a2: Assert), forall (a3: Assert),
    forall (s1: Instr), forall (s2: Instr),
-    ([|a1|] s1 [|a2|]) % assert -> ([|a2|] s2 [|a3|]) % assert ->
+    (|- [|a1|] s1 [|a2|]) % assert -> (|- [|a2|] s2 [|a3|]) % assert ->
-            ([|a1|] (seq s1 s2) [|a3|]) % assert.
+            (|- [|a1|] (seq s1 s2) [|a3|]) % assert.
 Axiom h_if:
    forall (a1: Assert), forall (a2: Assert),
    forall (e: Expr),
    forall (s1: Instr), forall (s2: Instr),
-    ([| a1 /\ (assertOfExpr e) |] s1 [| a2 |]) % assert ->
+    (|- [| a1 /\ (assertOfExpr e) |] s1 [| a2 |]) % assert ->
-        ([| a1 /\ ~ (assertOfExpr e) |] s2 [| a2 |]) % assert ->
+        (|- [| a1 /\ ~ (assertOfExpr e) |] s2 [| a2 |]) % assert ->
-        ([| a1 |] (ifelse e s1 s2) [| a2 |]) % assert.
+        (|- [| a1 |] (ifelse e s1 s2) [| a2 |]) % assert.
 Axiom h_while:
    forall (inv: Assert),
    forall (e: Expr),
    forall (s: Instr),
-    ([| inv /\ (assertOfExpr e) |] s [| inv |]) % assert ->
+    (|- [| inv /\ (assertOfExpr e) |] s [| inv |]) % assert ->
-        ([| inv |] (while e s) [| inv /\ ~ (assertOfExpr e) |]) % assert.
+        (|- [| inv |] (while e s) [| inv /\ ~ (assertOfExpr e) |]) % assert.
 (***** Hoare: provability implies consequence ********************************)
 Definition conseq_or_bottom (y: Assert) (m: MemCpo) :=
    match m with
    | CpoError _ => True
    | CpoElem _ m0 => y m0
    end.
 Definition hoare_consequence (pre: Assert) (instr: Instr) (post: Assert) :=
    forall mem: Mem,
    (pre mem) -> (conseq_or_bottom post (interp instr (MemElem mem))).
 Notation "|= [| pre  |] instr  [| post |]" :=
        (hoare_consequence pre instr post) (at level 30): assert.
 Theorem hoare_provability_implies_consequence :
    forall (pre: Assert), forall (s: Instr), forall (post: Assert),
    ( |- [| pre |] s [| post |] ) % assert
            -> ( |= [| pre |] s [| post |] ) % assert.
 Proof.
    (* TODO *)
 Admitted.