Extension of Coq language with generic loops.
Require Export ImpIO.
Import Notations.
Local Open Scope impure.
While-loop iterations
Axiom loop:
forall {
A B},
A * (
A -> ?? (
A+
B)) -> ??
B.
Extract Constant loop =>
"ImpLoopOracles.loop".
Section While_Loop.
Local Definition of "while-loop-invariant"
Let wli {
S}
cond body (
I:
S ->
Prop) :=
forall s,
I s ->
cond s =
true ->
WHEN (
body s) ~>
s' THEN I s'.
Program Definition while {
S}
cond body (
I:
S ->
Prop |
wli cond body I)
s0: ?? {
s | (
I s0 ->
I s) /\
cond s =
false}
:=
loop (
A:={
s |
I s0 ->
I s})
(
s0,
fun s =>
match (
cond s)
with
|
true =>
DO s' <~
mk_annot (
body s) ;;
RET (
inl (
A:={
s |
I s0 ->
I s })
s')
|
false =>
RET (
inr (
B:={
s | (
I s0 ->
I s) /\
cond s =
false})
s)
end).
Obligation 2.
unfold wli,
wlp in * |-;
eauto.
Qed.