Commit c958e6ec authored by Dan Frumin's avatar Dan Frumin

[F_mu_ref_conc] simplify the refinement proof for the stack example

parent 10632f27
This diff is collapsed.
......@@ -28,6 +28,10 @@ Section Rules.
by iIntros ([=]%auth_own_valid%singleton_valid%dec_agree_op_inv).
Qed.
(* stacklink Q := {((Loc l), nil) l ↦ˢᵗᵏ (InjL #()) }
{((Loc l), cons y2 z2) y1 z1, l ↦ˢᵗᵏ (y1, z1)
(y1, y2) Q
stacklink Q (z1, z2) }*)
Program Definition StackLink_pre (Q : D) : D -n> D := λne P v,
( l w, v.1 = LocV l l ↦ˢᵗᵏ w
((w = InjLV UnitV v.2 = FoldV (InjLV UnitV))
......@@ -46,20 +50,23 @@ Section Rules.
((w = InjLV UnitV v.2 = FoldV (InjLV UnitV))
( y1 z1 y2 z2, w = InjRV (PairV y1 (FoldV z1))
v.2 = FoldV (InjRV (PairV y2 z2))
Q (y1, y2) @StackLink Q (z1, z2))))%I.
Q (y1, y2) StackLink Q (z1, z2))))%I.
Proof. by rewrite {1}/StackLink fixpoint_unfold. Qed.
Global Opaque StackLink. (* So that we can only use the unfold above. *)
Global Instance StackLink_persistent (Q : D) v `{ vw, PersistentP (Q vw)} :
PersistentP (StackLink Q v).
Proof.
Proof.
iIntros "H". iLöb as "IH" forall (v). rewrite StackLink_unfold.
iDestruct "H" as (l w) "[% [#Hl [#Hr|Hr]]]"; subst.
{ iExists l, w; iAlways; eauto. }
iDestruct "Hr" as (y1 z1 y2 z2) "[#H1 [#H2 [#HQ H']]]".
rewrite later_forall. iDestruct ("IH" with "* H'") as "#H''". iClear "H'".
iAlways. eauto 20.
iDestruct "H" as (l w) "[% [#Hl [[% %]|Hr]]]"; subst.
{ iExists l, _; iAlways; eauto. }
iDestruct "Hr" as (y1 z1 y2 z2) "[% [% [#HQ Hrec]]]"; subst.
rewrite later_forall.
iSpecialize ("IH" $! (z1, z2)). rewrite later_wand.
iSpecialize ("IH" with "Hrec"). rewrite -always_later.
iDestruct "IH" as "#IH".
iAlways. iExists _,_; eauto 20.
Qed.
Lemma stackR_alloc (h : stackUR) (i : loc) (v : val) :
......@@ -79,7 +86,7 @@ Section Rules.
stack_owns h l ↦ᵢ v == stack_owns (<[l := DecAgree v]> h) l ↦ˢᵗᵏ v.
Proof.
iIntros "[[Hown Hall] Hl]".
iDestruct (own_valid with "Hown") as %Hvalid.
iDestruct (own_valid with "Hown") as %Hvalid.
destruct (h !! l) as [av|] eqn:?.
{ iDestruct (big_sepM_lookup with "Hall") as "Hl'"; first done.
destruct av as [v'|]; last by iExFalso.
......
From iris_logrel.F_mu_ref_conc Require Import lang.
From iris.program_logic Require Import language.
Set Default Proof Using "Type".
Import lang.
Coercion App : expr >-> Funclass.
(* No scope for the values, does not conflict and scope is often not inferred
properly. *)
Notation "# l" := (LocV l%Z%V) (at level 8, format "# l").
Notation "# l" := (Loc l%Z%V) (at level 8, format "# l") : expr_scope.
(** Syntax inspired by Coq/Ocaml. Constructions with higher precedence come
first. *)
Notation "( e1 , e2 , .. , en )" := (Pair .. (Pair e1 e2) .. en) : expr_scope.
Notation "( e1 , e2 , .. , en )" := (PairV .. (PairV e1 e2) .. en) : val_scope.
Notation "'case:' e0 'of' 'InjL' => e1 | 'InjR' => e2 'end'" :=
(Case e0 e1 e2)
(e0, e1, e2 at level 200) : expr_scope.
Notation "()" := Unit : expr_scope.
Notation "()" := UnitV : val_scope.
Notation "! e" := (Load e%E) (at level 9, right associativity) : expr_scope.
Notation "'ref' e" := (Alloc e%E)
(at level 30, right associativity) : expr_scope.
(* The unicode is already part of the notation "_ ← _; _" for bind. *)
Notation "e1 <- e2" := (Store e1%E e2%E) (at level 80) : expr_scope.
Notation "'rec:' e" := (Rec e%E)
(at level 102, e at level 200) : expr_scope.
Notation "'rec:' e" := (locked (RecV e%E))
(at level 102, e at level 200) : val_scope.
Notation "'if:' e1 'then' e2 'else' e3" := (If e1%E e2%E e3%E)
(at level 200, e1, e2, e3 at level 200) : expr_scope.
Notation "'Λ:' e" := (TLam e%E)
(at level 102, e at level 200) : expr_scope.
Notation "'Λ:' e" := (TLamV e%E)
(at level 102, e at level 200) : val_scope.
......@@ -35,6 +35,7 @@ F_mu_ref_conc/soundness_unary.v
F_mu_ref_conc/context_refinement.v
F_mu_ref_conc/soundness_binary.v
F_mu_ref_conc/tactics.v
F_mu_ref_conc/notation.v
F_mu_ref_conc/examples/lock.v
F_mu_ref_conc/examples/counter.v
F_mu_ref_conc/examples/stack/stack_rules.v
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment