Commit 9bd501fe authored by Zhen Zhang's avatar Zhen Zhang

Add doc and other minor fixes

parent e2800785
(* Logically atomic triple *)
From iris.program_logic Require Export hoare weakestpre pviewshifts. From iris.program_logic Require Export hoare weakestpre pviewshifts.
From iris.prelude Require Export coPset. From iris.prelude Require Export coPset.
Import uPred. Import uPred.
...@@ -6,9 +8,9 @@ Section atomic. ...@@ -6,9 +8,9 @@ Section atomic.
Context `{irisG Λ Σ} (A: Type). Context `{irisG Λ Σ} (A: Type).
Definition atomic_triple_base Definition atomic_triple_base
(α: A iProp Σ) (α: A iProp Σ) (* atomic pre-condition *)
(β: A val _ iProp Σ) (β: A val _ iProp Σ) (* atomic post-condition *)
(Ei Eo: coPset) (Ei Eo: coPset) (* inside/outside masks *)
(e: expr _) P Q : iProp Σ := (e: expr _) P Q : iProp Σ :=
((P ={Eo, Ei}=> x:A, ((P ={Eo, Ei}=> x:A,
α x α x
......
(* evmap.v -- generalized heap-like monoid *) (* evmap.v -- generalized heap-like monoid composite *)
From iris.program_logic Require Export invariants weakestpre. From iris.program_logic Require Export invariants weakestpre.
From iris.algebra Require Export auth frac gmap dec_agree. From iris.algebra Require Export auth frac gmap dec_agree.
From iris.proofmode Require Import tactics. From iris.proofmode Require Import tactics.
Section evmap. Section evmap.
Context (K A: Type) (Q: cmraT) `{Countable K, EqDecision A(* , CMRADiscrete Q *)}. Context (K A: Type) (Q: cmraT) `{Countable K, EqDecision A}.
Definition evkR := prodR Q (dec_agreeR A). Definition evkR := prodR Q (dec_agreeR A).
Definition evmapR := gmapUR K evkR. Definition evmapR := gmapUR K evkR.
Definition evidenceR := authR evmapR. Definition evidenceR := authR evmapR.
...@@ -14,6 +14,7 @@ Section evmap. ...@@ -14,6 +14,7 @@ Section evmap.
Instance subG_evidenceΣ {Σ} : subG evidenceΣ Σ evidenceG Σ. Instance subG_evidenceΣ {Σ} : subG evidenceΣ Σ evidenceG Σ.
Proof. intros [?%subG_inG _]%subG_inv. split; apply _. Qed. Proof. intros [?%subG_inG _]%subG_inv. split; apply _. Qed.
(* Some basic supporting lemmas *)
Lemma map_agree_eq m m' (hd: K) (p q: Q) (x y: A): Lemma map_agree_eq m m' (hd: K) (p q: Q) (x y: A):
m !! hd = Some (p, DecAgree y) m !! hd = Some (p, DecAgree y)
m = {[hd := (q, DecAgree x)]} m' x = y. m = {[hd := (q, DecAgree x)]} m' x = y.
...@@ -48,6 +49,7 @@ Section evmapR. ...@@ -48,6 +49,7 @@ Section evmapR.
Context (K A: Type) `{Countable K, EqDecision A}. Context (K A: Type) `{Countable K, EqDecision A}.
Context `{!inG Σ (authR (evmapR K A unitR))}. Context `{!inG Σ (authR (evmapR K A unitR))}.
(* Evidence that k immutably maps to some fixed v *)
Definition ev γm (k : K) (v: A) := own γm ( {[ k := ((), DecAgree v) ]})%I. Definition ev γm (k : K) (v: A) := own γm ( {[ k := ((), DecAgree v) ]})%I.
Global Instance persistent_ev γm k v : PersistentP (ev γm k v). Global Instance persistent_ev γm k v : PersistentP (ev γm k v).
...@@ -91,6 +93,17 @@ Section evmapR. ...@@ -91,6 +93,17 @@ Section evmapR.
exfalso. subst. rewrite H0 in H1. exfalso. subst. rewrite H0 in H1.
by destruct H1 as [? ?]. by destruct H1 as [? ?].
Qed. Qed.
Lemma ev_map_witness γm m hd x:
ev γm hd x own γm ( m) m !! hd = Some (, DecAgree x).
Proof.
iIntros "[#Hev Hom]".
destruct (m !! hd) as [[[] agy]|] eqn:Heqn.
- iDestruct (map_agree_eq' with "[-]") as %H'=>//; first by iFrame.
by subst.
- iExFalso. iApply map_agree_none'=>//.
by iFrame.
Qed.
Lemma evmap_frag_agree_split γm p q1 q2 (a1 a2: A): Lemma evmap_frag_agree_split γm p q1 q2 (a1 a2: A):
own γm ( {[p := (q1, DecAgree a1)]}) own γm ( {[p := (q1, DecAgree a1)]})
...@@ -111,4 +124,3 @@ Section evmapR. ...@@ -111,4 +124,3 @@ Section evmapR.
apply dec_agree_op_inv in Hvalid. inversion Hvalid. subst. auto. apply dec_agree_op_inv in Hvalid. inversion Hvalid. subst. auto.
Qed. Qed.
End evmapR. End evmapR.
...@@ -345,8 +345,8 @@ Section proof. ...@@ -345,8 +345,8 @@ Section proof.
- iDestruct (big_sepM_delete_later _ m with "HRs") as "[Hp Hrs]"=>//. - iDestruct (big_sepM_delete_later _ m with "HRs") as "[Hp Hrs]"=>//.
iDestruct "Hp" as (?) "[>% [Hpr ?]]"; subst. iDestruct "Hp" as (?) "[>% [Hpr ?]]"; subst.
iDestruct "Hpr" as (ts' p') "(>% & >Hp' & Hp)". iDestruct "Hpr" as (ts' p') "(>% & >Hp' & Hp)".
subst. iDestruct (map_agree_eq' _ _ γs m with "[Hom Hhd]") as %H=>//; first iFrame. subst. iDestruct (ev_map_witness _ _ _ m with "[Hom Hhd]") as %H=>//; first iFrame.
inversion H. subst. rewrite Heqn in H. inversion H. subst.
iDestruct (evmap_frag_agree_split with "[Hp']") as "%"; first iFrame "Hev Hp'". subst. iDestruct (evmap_frag_agree_split with "[Hp']") as "%"; first iFrame "Hev Hp'". subst.
destruct ts' as [[[[γx γ1] γ3] γ4] γq]. destruct ts' as [[[[γx γ1] γ3] γ4] γq].
iDestruct "Hp" as "[Hp | [Hp | [ Hp | Hp]]]". iDestruct "Hp" as "[Hp | [Hp | [ Hp | Hp]]]".
...@@ -356,32 +356,32 @@ Section proof. ...@@ -356,32 +356,32 @@ Section proof.
wp_load. iVs ("Hclose" with "[-Ho3 HΦ Hhd]"). wp_load. iVs ("Hclose" with "[-Ho3 HΦ Hhd]").
{ iNext. iFrame. iExists xs, hd. iFrame. iExists m. iFrame. { iNext. iFrame. iExists xs, hd. iFrame. iExists m. iFrame.
iDestruct (big_sepM_delete _ m with "[-]") as "?"=>//. iDestruct (big_sepM_delete _ m with "[-]") as "?"=>//.
iFrame. iExists #p'. iSplitR; first auto. iExists (γx, γ1, γ3, γ4, γq), p'. iFrame. iExists #p. iSplitR; first auto. iExists (γx, γ1, γ3, γ4, γq), p.
iSplitR; first auto. iFrame. iSplitR; first auto. iFrame.
iRight. iLeft. iExists f, x. iFrame. } iRight. iLeft. iExists f, x. iFrame. }
iVsIntro. wp_match. iVsIntro. wp_match.
wp_bind (try_srv _ _). iApply try_srv_spec=>//. wp_bind (try_srv _ _). iApply try_srv_spec=>//.
iFrame "#". wp_seq. iFrame "#". wp_seq.
iAssert ( hd, evs γs hd #p')%I with "[Hhd]" as "Hhd"; eauto. iAssert ( hd, evs γs hd #p)%I with "[Hhd]" as "Hhd"; eauto.
by iApply ("IH" with "Ho3 Hhd"). by iApply ("IH" with "Ho3 Hhd").
+ iDestruct "Hp" as (f x) "(Hp & Hx & Ho2 & Ho4)". + iDestruct "Hp" as (f x) "(Hp & Hx & Ho2 & Ho4)".
wp_load. wp_load.
iVs ("Hclose" with "[-Ho3 HΦ Hhd]"). iVs ("Hclose" with "[-Ho3 HΦ Hhd]").
{ iNext. iFrame. iExists xs, hd. iFrame. iExists m. iFrame. { iNext. iFrame. iExists xs, hd. iFrame. iExists m. iFrame.
iDestruct (big_sepM_delete _ m with "[-]") as "?"=>//. iDestruct (big_sepM_delete _ m with "[-]") as "?"=>//.
iFrame. iExists #p'. iSplitR; auto. iExists (γx, γ1, γ3, γ4, γq), p'. iFrame. iExists #p. iSplitR; auto. iExists (γx, γ1, γ3, γ4, γq), p.
iSplitR; first auto. iFrame. iSplitR; first auto. iFrame.
iRight. iRight. iLeft. iExists f, x. iFrame. } iRight. iRight. iLeft. iExists f, x. iFrame. }
iVsIntro. wp_match. iVsIntro. wp_match.
wp_bind (try_srv _ _). iApply try_srv_spec=>//. wp_bind (try_srv _ _). iApply try_srv_spec=>//.
iFrame "#". wp_seq. iFrame "#". wp_seq.
iAssert ( hd, evs γs hd #p')%I with "[Hhd]" as "Hhd"; eauto. iAssert ( hd, evs γs hd #p)%I with "[Hhd]" as "Hhd"; eauto.
by iApply ("IH" with "Ho3 Hhd"). by iApply ("IH" with "Ho3 Hhd").
+ iDestruct "Hp" as (x y) "[>Hp Hs']". iDestruct "Hs'" as (Q) "(>Hx & HoQ & HQ & >Ho1 & >Ho4)". + iDestruct "Hp" as (x y) "[>Hp Hs']". iDestruct "Hs'" as (Q) "(>Hx & HoQ & HQ & >Ho1 & >Ho4)".
wp_load. iVs ("Hclose" with "[-Ho4 HΦ Hx HoQ HQ]"). wp_load. iVs ("Hclose" with "[-Ho4 HΦ Hx HoQ HQ]").
{ iNext. iFrame. iExists xs, hd. iFrame. iExists m. iFrame. { iNext. iFrame. iExists xs, hd. iFrame. iExists m. iFrame.
iDestruct (big_sepM_delete _ m with "[-]") as "?"=>//. iDestruct (big_sepM_delete _ m with "[-]") as "?"=>//.
iFrame. iExists #p'. iSplitR; auto. iExists (γx, γ1, γ3, γ4, γq), p'. iFrame. iExists #p. iSplitR; auto. iExists (γx, γ1, γ3, γ4, γq), p.
iSplitR; first auto. iFrame. iSplitR; first auto. iFrame.
iLeft. iExists y. iFrame. } iLeft. iExists y. iFrame. }
iVsIntro. wp_match. iApply ("HΦ" with "[-]"). iFrame. iVsIntro. wp_match. iApply ("HΦ" with "[-]"). iFrame.
......
...@@ -197,13 +197,10 @@ Lemma new_stack_spec' Φ RI: ...@@ -197,13 +197,10 @@ Lemma new_stack_spec' Φ RI:
- destruct (decide (x = x')) as [->|Hneq]. - destruct (decide (x = x')) as [->|Hneq].
+ iIntros (hd _) "(HR & Hom & Hxs)". + iIntros (hd _) "(HR & Hom & Hxs)".
simpl. iDestruct "Hxs" as (hd' q) "[Hhd [#Hev Hxs']]". simpl. iDestruct "Hxs" as (hd' q) "[Hhd [#Hev Hxs']]".
rewrite /ev. destruct (m !! hd) as [[q' [x|]]|] eqn:Heqn. rewrite /evs.
* iDestruct (big_sepM_delete_later (perR R) m with "HR") as "[Hp HRm]"=>//. iDestruct (ev_map_witness _ _ _ m with "[Hev Hom]") as %H'; first by iFrame.
iDestruct (map_agree_eq' _ _ _ m with "[Hom]") as %H'=>//; first iFrame=>//. iDestruct (big_sepM_delete_later (perR R) m with "HR") as "[Hp HRm]"=>//.
subst. iExists hd. inversion H'. subst. destruct q'. by iFrame. iExists hd. by iFrame.
* iDestruct (big_sepM_delete_later (perR R) m with "HR") as "[Hp HRm]"=>//.
iDestruct (map_agree_eq' _ _ _ m with "[Hom]") as "%"=>//; first iFrame=>//.
* iExFalso. iApply (map_agree_none' _ _ _ m)=>//. iFrame=>//.
+ iIntros (hd ?). + iIntros (hd ?).
assert (x xs'); first set_solver. assert (x xs'); first set_solver.
iIntros "(HRs & Hom & Hxs')". iIntros "(HRs & Hom & Hxs')".
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment