Commit b97a8212 authored by Dan Frumin's avatar Dan Frumin

Update the counter increment atomic rule

parent 9efd0e45
...@@ -126,10 +126,10 @@ Section CG_Counter. ...@@ -126,10 +126,10 @@ Section CG_Counter.
Lemma bin_log_FG_increment_logatomic R P Γ E K x t τ : Lemma bin_log_FG_increment_logatomic R P Γ E K x t τ :
P - P -
(|={,E}=> n : nat, x ↦ᵢ #n R n (|={,E}=> n : nat, x ↦ᵢ #n R n
(( n : nat, x ↦ᵢ #n R n) ={E,}= True) ((x ↦ᵢ #n R n ={E,}= True)
( m, x ↦ᵢ # (S m) R m - P - (x ↦ᵢ #(S n) R n - P -
{E;Δ;Γ} fill K #m log t : τ)) {E;Δ;Γ} fill K #n log t : τ)))
- ({Δ;Γ} fill K (FG_increment #x) log t : τ). - {Δ;Γ} fill K (FG_increment #x) log t : τ.
Proof. Proof.
iIntros "HP #H". iIntros "HP #H".
iLöb as "IH". iLöb as "IH".
...@@ -140,18 +140,15 @@ Section CG_Counter. ...@@ -140,18 +140,15 @@ Section CG_Counter.
iMod "H" as (n) "[Hx [HR Hrev]]". iModIntro. iMod "H" as (n) "[Hx [HR Hrev]]". iModIntro.
iExists #n. iFrame. iNext. iIntros "Hx". iExists #n. iFrame. iNext. iIntros "Hx".
iDestruct "Hrev" as "[Hrev _]". iDestruct "Hrev" as "[Hrev _]".
iMod ("Hrev" with "[HR Hx]") as "_". iMod ("Hrev" with "[HR Hx]") as "_"; first iFrame.
{ iExists _. iFrame. } simpl. rel_rec_l. rel_op_l. rel_cas_l_atomic.
rel_rec_l.
rel_op_l.
rel_cas_l_atomic.
iMod "H2" as (n') "[Hx [HR HQ]]". iModIntro. simpl. iMod "H2" as (n') "[Hx [HR HQ]]". iModIntro. simpl.
destruct (decide (n = n')); subst. destruct (decide (n = n')); subst.
- iExists #n'. iFrame. - iExists #n'. iFrame.
iSplitR; eauto. { iDestruct 1 as %Hfoo. exfalso. done. } iSplitR; eauto. { iDestruct 1 as %Hfoo. exfalso. done. }
iIntros "_ !> Hx". simpl. iIntros "_ !> Hx". simpl.
iDestruct "HQ" as "[_ HQ]". iDestruct "HQ" as "[_ HQ]".
iSpecialize ("HQ" $! n' with "[Hx HR]"). { iFrame. } iSpecialize ("HQ" with "[$Hx $HR]").
rel_if_true_l. by iApply "HQ". rel_if_true_l. by iApply "HQ".
- iExists #n'. iFrame. - iExists #n'. iFrame.
iSplitL; eauto; last first. iSplitL; eauto; last first.
...@@ -159,8 +156,7 @@ Section CG_Counter. ...@@ -159,8 +156,7 @@ Section CG_Counter.
iIntros "_ !> Hx". simpl. iIntros "_ !> Hx". simpl.
rel_if_false_l. rel_if_false_l.
iDestruct "HQ" as "[HQ _]". iDestruct "HQ" as "[HQ _]".
iMod ("HQ" with "[Hx HR]"). iMod ("HQ" with "[$Hx $HR]").
{ iExists _; iFrame. }
rewrite /FG_increment. unlock. simpl. rewrite /FG_increment. unlock. simpl.
by iApply "IH". by iApply "IH".
Qed. Qed.
...@@ -169,15 +165,14 @@ Section CG_Counter. ...@@ -169,15 +165,14 @@ Section CG_Counter.
Lemma bin_log_counter_read_atomic_l R P Γ E K x t τ : Lemma bin_log_counter_read_atomic_l R P Γ E K x t τ :
P - P -
(|={,E}=> n : nat, x ↦ᵢ #n R n (|={,E}=> n : nat, x ↦ᵢ #n R n
(( n : nat, x ↦ᵢ #n R n) ={E,}= True) (x ↦ᵢ #n R n ={E,}= True)
( m : nat, x ↦ᵢ #m R m - P - (x ↦ᵢ #n R n - P -
{E;Δ;Γ} fill K #m log t : τ)) {E;Δ;Γ} fill K #n log t : τ))
- {Δ;Γ} fill K ((counter_read $/ LitV (Loc x)) #()) log t : τ. - {Δ;Γ} fill K ((counter_read $/ LitV (Loc x)) #()) log t : τ.
Proof. Proof.
iIntros "HP #H". iIntros "HP #H".
unfold counter_read. unlock. simpl. unfold counter_read. unlock. simpl.
rel_rec_l. rel_rec_l. rel_load_l_atomic.
rel_load_l_atomic.
iMod "H" as (n) "[Hx [HR Hfin]]". iModIntro. iMod "H" as (n) "[Hx [HR Hfin]]". iModIntro.
iExists _; iFrame "Hx". iNext. iExists _; iFrame "Hx". iNext.
iIntros "Hx". iIntros "Hx".
...@@ -196,12 +191,12 @@ Section CG_Counter. ...@@ -196,12 +191,12 @@ Section CG_Counter.
True%I); first done. True%I); first done.
iAlways. iInv counterN as ">Hcnt" "Hcl". iModIntro. iAlways. iInv counterN as ">Hcnt" "Hcl". iModIntro.
iDestruct "Hcnt" as (n) "(Hl & Hcnt & Hcnt')". iDestruct "Hcnt" as (n) "(Hl & Hcnt & Hcnt')".
iExists _; iFrame. clear n. iExists _; iFrame.
iSplit. iSplit.
- iDestruct 1 as (n) "(Hcnt & Hl & Hcnt')". - iIntros "(Hcnt & Hl & Hcnt')".
iApply ("Hcl" with "[-]"). iApply ("Hcl" with "[-]").
iNext. iExists _. iFrame. iNext. iExists _. iFrame.
- iIntros (m) "(Hcnt & Hl & Hcnt') _". - iIntros "(Hcnt & Hl & Hcnt') _".
rel_apply_r (bin_log_related_CG_increment_r with "Hcnt' Hl"). rel_apply_r (bin_log_related_CG_increment_r with "Hcnt' Hl").
{ solve_ndisj. } { solve_ndisj. }
iIntros "Hcnt' Hl". iIntros "Hcnt' Hl".
...@@ -229,11 +224,11 @@ Section CG_Counter. ...@@ -229,11 +224,11 @@ Section CG_Counter.
True%I); first done. True%I); first done.
iAlways. iInv counterN as (n) "[>Hl [>Hcnt >Hcnt']]" "Hclose". iAlways. iInv counterN as (n) "[>Hl [>Hcnt >Hcnt']]" "Hclose".
iModIntro. iModIntro.
iExists n. iFrame "Hcnt Hcnt' Hl". clear n. iExists n. iFrame "Hcnt Hcnt' Hl".
iSplit. iSplit.
- iDestruct 1 as (n) "(Hcnt & Hl & Hcnt')". iApply "Hclose". - iIntros "(Hcnt & Hl & Hcnt')". iApply "Hclose".
iNext. iExists n. by iFrame. iNext. iExists n. by iFrame.
- iIntros (m) "(Hcnt & Hl & Hcnt') _ /=". - iIntros "(Hcnt & Hl & Hcnt') _ /=".
rel_apply_r (bin_log_counter_read_r with "Hcnt'"). rel_apply_r (bin_log_counter_read_r with "Hcnt'").
{ solve_ndisj. } { solve_ndisj. }
iIntros "Hcnt'". iIntros "Hcnt'".
......
...@@ -196,8 +196,8 @@ Section refinement. ...@@ -196,8 +196,8 @@ Section refinement.
Lemma acquire_l_logatomic R P γ Δ Γ E K lo ln t τ : Lemma acquire_l_logatomic R P γ Δ Γ E K lo ln t τ :
P - P -
(|={,E}=> o n : nat, lo ↦ᵢ #o ln ↦ᵢ #n issuedTickets γ n R o (|={,E}=> o n : nat, lo ↦ᵢ #o ln ↦ᵢ #n issuedTickets γ n R o
(( o n : nat, lo ↦ᵢ #o ln ↦ᵢ #n issuedTickets γ n R o) ={E,}= True) ( o : nat, ( n : nat, lo ↦ᵢ #o ln ↦ᵢ #n issuedTickets γ n R o) ={E,}= True)
( o n : nat, lo ↦ᵢ #o ln ↦ᵢ #n issuedTickets γ n ticket γ o R o - P - ( o : nat, ( n : nat, lo ↦ᵢ #o ln ↦ᵢ #n issuedTickets γ n ticket γ o R o) - P -
{E;Δ;Γ} fill K #() log t : τ)) {E;Δ;Γ} fill K #() log t : τ))
- ({Δ;Γ} fill K (acquire (#lo, #ln)) log t : τ). - ({Δ;Γ} fill K (acquire (#lo, #ln)) log t : τ).
Proof. Proof.
...@@ -213,33 +213,32 @@ Section refinement. ...@@ -213,33 +213,32 @@ Section refinement.
{ iExists _. iFrame. } { iExists _. iFrame. }
iSplit. iSplit.
- iDestruct "Hrest" as "[H _]". - iDestruct "Hrest" as "[H _]".
iDestruct 1 as (n') "[Hln Ho]". iIntros "[Hln Ho]".
iDestruct "Ho" as (o') "[Ho HR]". iDestruct "Ho" as (o') "[Ho HR]".
iApply "H". iApply "H".
iExists _, _. iFrame. iExists _. iFrame.
- iDestruct "Hrest" as "[H _]". - iDestruct "Hrest" as "[H _]".
iIntros (n') "[Hln Ho] HP". iIntros "[Hln Ho] HP".
iDestruct "Ho" as (o') "[Ho [Hissued HR]]". iDestruct "Ho" as (o') "[Ho [Hissued HR]]".
iMod (issueNewTicket with "Hissued") as "[Hissued Hm]". iMod (issueNewTicket with "Hissued") as "[Hissued Hm]".
iMod ("H" with "[-HP Hm]") as "_". iMod ("H" with "[-HP Hm]") as "_".
{ iExists _,_. iFrame. } { iExists _. iFrame. } clear o o'.
rel_let_l. clear o n o'. rel_let_l. rel_rec_l.
rel_rec_l.
iLöb as "IH". iLöb as "IH".
unlock wait_loop. simpl. unlock wait_loop. simpl.
rel_rec_l. rel_proj_l. rel_rec_l. rel_proj_l.
rel_load_l_atomic. rel_load_l_atomic.
iMod "H2" as (o n) "(Hlo & Hln & Hissued & HR & Hrest)". iModIntro. iMod "H2" as (o n') "(Hlo & Hln & Hissued & HR & Hrest)". iModIntro.
iExists _. iFrame. iNext. iIntros "Hlo". iExists _. iFrame. iNext. iIntros "Hlo".
rel_op_l. rel_op_l.
case_decide; subst; rel_if_l. case_decide; subst; rel_if_l.
(* Whether the ticket is called out *) (* Whether the ticket is called out *)
+ iDestruct "Hrest" as "[_ H]". + iDestruct "Hrest" as "[_ H]".
iApply ("H" with "[-HP] HP"). iApply ("H" with "[-HP] HP").
{ iFrame. } { iExists _. iFrame. }
+ iDestruct "Hrest" as "[H _]". + iDestruct "Hrest" as "[H _]".
iMod ("H" with "[-HP Hm]") as "_". iMod ("H" with "[-HP Hm]") as "_".
{ iExists _,_; iFrame. } { iExists _. iFrame. }
rel_rec_l. iApply ("IH" with "HP Hm"). rel_rec_l. iApply ("IH" with "HP Hm").
Qed. Qed.
...@@ -263,12 +262,12 @@ Section refinement. ...@@ -263,12 +262,12 @@ Section refinement.
{ iExists _. iFrame. } { iExists _. iFrame. }
clear b o n. clear b o n.
iSplit. iSplit.
- iDestruct 1 as (o' n') "(Hlo & Hln & Hissued & Hrest)". - iIntros (o). iDestruct 1 as (n) "(Hlo & Hln & Hissued & Hrest)".
iDestruct "Hrest" as (b) "[Hl' Ht]". iDestruct "Hrest" as (b) "[Hl' Ht]".
iApply ("Hcl" with "[-]"). iApply ("Hcl" with "[-]").
iNext. iExists _,_,_. by iFrame. iNext. iExists _,_,_. by iFrame.
- iIntros (o n) "(Hlo & Hln & Hissued & Ht & Hrest) _". - iIntros (o). iDestruct 1 as (n) "(Hlo & Hln & Hissued & Ht & Hrest)".
iDestruct "Hrest" as (b) "[Hl' Ht']". iIntros "_". iDestruct "Hrest" as (b) "[Hl' Ht']".
destruct b. destruct b.
{ iDestruct (ticket_nondup with "Ht Ht'") as %[]. } { iDestruct (ticket_nondup with "Ht Ht'") as %[]. }
rel_apply_r (bin_log_related_acquire_r with "Hl'"). rel_apply_r (bin_log_related_acquire_r with "Hl'").
...@@ -293,10 +292,10 @@ Section refinement. ...@@ -293,10 +292,10 @@ Section refinement.
openI. openI.
iModIntro. iExists _; iFrame. iModIntro. iExists _; iFrame.
iSplit. iSplit.
- iDestruct 1 as (m) "[Hln ?]". - iIntros "[Hln ?]".
iApply ("Hcl" with "[-]"). iApply ("Hcl" with "[-]").
iNext. iExists _,_,_; by iFrame. iNext. iExists _,_,_; by iFrame.
- iIntros (m) "[Hln Hissued] _". - iIntros "[Hln Hissued] _".
iMod (issueNewTicket with "Hissued") as "[Hissued Hm]". iMod (issueNewTicket with "Hissued") as "[Hissued Hm]".
iMod ("Hcl" with "[-Hm]") as "_". iMod ("Hcl" with "[-Hm]") as "_".
{ iNext. iExists _,_,_; by iFrame. } { iNext. iExists _,_,_; by iFrame. }
......
...@@ -395,21 +395,21 @@ Section refinement. ...@@ -395,21 +395,21 @@ Section refinement.
- iSplitL "Hc2 Ht". - iSplitL "Hc2 Ht".
{ iLeft. iFrame. } { iLeft. iFrame. }
iSplit. iSplit.
{ iDestruct 1 as (m) "[Hc1 [(Hc2 & Ht) | (Hc2 & Ht & Ht' & %)]]"; { iIntros "[Hc1 [(Hc2 & Ht) | (Hc2 & Ht & Ht' & %)]]";
iApply ("Hcl" with "[-]"); iNext. iApply ("Hcl" with "[-]"); iNext.
+ iExists m. iLeft. iFrame. + iExists n. iLeft. iFrame.
+ iExists (m-1). iRight. + iExists (n-1). iRight.
rewrite minus_Sn_m // /= -minus_n_O. rewrite minus_Sn_m // /= -minus_n_O.
iFrame. } iFrame. }
{ iIntros (m) "[Hc1 Hc] _". { iIntros "[Hc1 Hc] _".
iDestruct "Hc" as "[[Hc2 Ht] | [Hc2 [Ht [Ht' %]]]]"; iDestruct "Hc" as "[[Hc2 Ht] | [Hc2 [Ht [Ht' %]]]]";
(rel_apply_r (bin_log_related_FG_increment_r with "Hc2"); first solve_ndisj); (rel_apply_r (bin_log_related_FG_increment_r with "Hc2"); first solve_ndisj);
iIntros "Hc2". iIntros "Hc2".
- iMod ("Hcl" with "[-]") as "_". - iMod ("Hcl" with "[-]") as "_".
{ iNext. iExists (S m). iFrame. iLeft; iFrame. } { iNext. iExists (S n). iFrame. iLeft; iFrame. }
rel_finish. rel_finish.
- iMod ("Hcl" with "[-]") as "_". - iMod ("Hcl" with "[-]") as "_".
{ iNext. iExists m. { iNext. iExists n.
rewrite minus_Sn_m // /= -minus_n_O. rewrite minus_Sn_m // /= -minus_n_O.
iFrame. iRight; iFrame. } iFrame. iRight; iFrame. }
rel_finish. } rel_finish. }
...@@ -418,23 +418,21 @@ Section refinement. ...@@ -418,23 +418,21 @@ Section refinement.
iDestruct "Ht" as "[$ $]". iDestruct "Ht" as "[$ $]".
iPureIntro. omega. } iPureIntro. omega. }
iSplit. iSplit.
{ iDestruct 1 as (m) "[Hc1 [(Hc2 & Ht) | (Hc2 & Ht & Ht' & %)]]"; { iIntros "[Hc1 [(Hc2 & Ht) | (Hc2 & Ht & Ht' & %)]]";
iApply ("Hcl" with "[-]"); iNext. iApply ("Hcl" with "[-]"); iNext.
+ iExists m. iLeft. iFrame. + iExists (S n). iLeft. iFrame.
+ iExists (m-1). iRight. + iExists n. iRight. iFrame.
rewrite minus_Sn_m // /= -minus_n_O. assert (S n - 1 = n) as -> by omega. done. }
iFrame. } { iIntros "[Hc1 Hc] _".
{ iIntros (m) "[Hc1 Hc] _".
iDestruct "Hc" as "[[Hc2 Ht] | [Hc2 [Ht [Ht' %]]]]"; iDestruct "Hc" as "[[Hc2 Ht] | [Hc2 [Ht [Ht' %]]]]";
(rel_apply_r (bin_log_related_FG_increment_r with "Hc2"); first solve_ndisj); (rel_apply_r (bin_log_related_FG_increment_r with "Hc2"); first solve_ndisj);
iIntros "Hc2". iIntros "Hc2".
- iMod ("Hcl" with "[-]") as "_". - iMod ("Hcl" with "[-]") as "_".
{ iNext. iExists (S m). iFrame. iLeft; iFrame. } { iNext. iExists (S (S n)). iFrame. iLeft; iFrame. }
rel_finish. rel_finish.
- iMod ("Hcl" with "[-]") as "_". - iMod ("Hcl" with "[-]") as "_".
{ iNext. iExists m. { iNext. iExists (S n). iRight. iFrame.
rewrite minus_Sn_m // /= -minus_n_O. by rewrite -minus_n_O. }
iFrame. iRight; iFrame. }
rel_finish. } rel_finish. }
Qed. Qed.
...@@ -560,16 +558,18 @@ Section refinement. ...@@ -560,16 +558,18 @@ Section refinement.
{ iSplitL "Hc2 Ht Ht'2". { iSplitL "Hc2 Ht Ht'2".
{ iRight. simpl. rewrite -minus_n_O. iFrame. iPureIntro. omega. } { iRight. simpl. rewrite -minus_n_O. iFrame. iPureIntro. omega. }
iSplit. iSplit.
- iIntros. iApply "Hcl". by iApply close_i6. - iIntros. iApply "Hcl". iApply close_i6.
- iIntros (m) "[Hc1 Hc2] Ht". iNext. iExists _; iFrame.
- iIntros "[Hc1 Hc2] Ht".
rel_seq_l. rel_seq_l.
iApply (refinement6_helper with "Hinv Hg Hf' Hcl Hc1 Hc2 Ht"). iApply (refinement6_helper with "Hinv Hg Hf' Hcl Hc1 Hc2 Ht").
} }
{ iSplitL "Hc2 Ht". { iSplitL "Hc2 Ht".
{ iLeft. by iFrame. } { iLeft. by iFrame. }
iSplit. iSplit.
- iIntros. iApply "Hcl". by iApply close_i6. - iIntros. iApply "Hcl". iApply close_i6.
- iIntros (m) "[Hc1 Hc2] Ht". iNext. iExists _; iFrame.
- iIntros "[Hc1 Hc2] Ht".
rel_seq_l. rel_seq_l.
iApply (refinement6_helper with "Hinv Hg Hf' Hcl Hc1 Hc2 Ht"). iApply (refinement6_helper with "Hinv Hg Hf' Hcl Hc1 Hc2 Ht").
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment