yiyunliu/sp-eta-postpone
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Start the soundness proof for check_sub

Browse source
This commit is contained in:
Yiyun Liu 2025-03-06 19:20:54 -05:00
parent 6f154cc9c6
commit fe52d78ec5
2 changed files with 122 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

23
theories/executable_correct.v
View file

@ -164,3 +164,26 @@ Proof.
sfirstorder unfold:HRed.nf.
+ sauto lq:on use:hred_deter.
Qed.
Ltac simp_sub := with_strategy opaque [check_equal] simpl.
Lemma check_sub_sound :
(forall a b (h : algo_dom a b), forall q, check_sub q a b h -> if q then a b else b a) /\
(forall a b (h : algo_dom_r a b), forall q, check_sub_r q a b h -> if q then a b else b a).
Proof.
apply algo_dom_mutual; try done.
- move => a [] //=; hauto qb:on.
- move => a0 a1 []//=; hauto qb:on.
- simpl. move => i j [];
sauto lq:on use:Reflect.Nat_leb_le.
- admit.
- hauto l:on.
- move => i j q h.
have {}h : nat_eqdec i j by sfirstorder.
case : nat_eqdec h => //=; sauto lq:on.
- simp_sub.
move => p0 p1 u0 u1 i i0 dom ihdom q.
move /andP => [/andP [h00 h01] h1].
best use:check_sub_
best b:on use:check_equal_sound.