Skip to content
Snippets Groups Projects

Compute service example

Merged Compute service example
jonas/compute_list_par into master
Merged Jonas Kastberg requested to merge jonas/compute_list_par into master
Compare
and
7 files
+ 568
5
Compare changes
  • Side-by-side
  • Inline
Files
7
theories/logrel/examples/compute_client_list.v 0 → 100644
+ 400
0
 
From iris.algebra Require Import frac.
 
From iris.heap_lang Require Import metatheory.
 
From actris.utils Require Import llist.
 
From actris.channel Require Import proofmode proto channel.
 
From actris.logrel Require Import term_typing_rules session_typing_rules
 
subtyping_rules napp.
 
From actris.logrel.lib Require Import par_start.
 
From actris.logrel.examples Require Import compute_service.
 
 
Definition send_all_par : val :=
 
rec: "go" "c" "xs" "lk" "counter" :=
 
if: lisnil "xs" then
 
acquire "lk";; select "c" #stop;; release "lk";; #()
 
else
 
acquire "lk";;
 
select "c" #cont;; send "c" (lpop "xs");;
 
"counter" <- !"counter"+#1;;
 
release "lk";;
 
"go" "c" "xs" "lk" "counter".
 
 
Definition recv_all_par : val :=
 
rec: "go" "c" "ys" "n" "lk" "counter" :=
 
if: "n" = #0 then #() else
 
acquire "lk";;
 
if: (#0 = !"counter") then
 
release "lk";; "go" "c" "ys" "n" "lk" "counter"
 
else
 
let: "x" := recv "c" in
 
"counter" <- !"counter"-#1;;
 
release "lk";;
 
"go" "c" "ys" ("n"-#1) "lk" "counter";;
 
lcons "x" "ys".
 
 
Definition compute_client : val :=
 
λ: "xs" "c",
 
let: "n" := llength "xs" in
 
let: "counter" := ref #0 in
 
let: "ys" := lnil #() in
 
let: "lk" := newlock #() in
 
(send_all_par "c" "xs" "lk" "counter" |||
 
recv_all_par "c" "ys" "n" "lk" "counter");; "ys".
 
 
Definition lty_list_aux `{!heapG Σ} (A : ltty Σ) (X : ltty Σ) : ltty Σ :=
 
ref_uniq (() + (A * X)).
 
Instance lty_list_aux_contractive `{!heapG Σ} A :
 
Contractive (@lty_list_aux Σ _ A).
 
Proof. solve_proto_contractive. Qed.
 
Definition lty_list `{!heapG Σ} (A : ltty Σ) : ltty Σ := lty_rec (lty_list_aux A).
 
 
Notation "'list' A" := (lty_list A) (at level 10) : lty_scope.
 
 
Section compute_example.
 
Context `{heapG Σ, chanG Σ, lockG Σ, spawnG Σ}.
 
Context `{!inG Σ fracR}.
 
 
Definition compute_type_client_aux (rec : lsty Σ) : lsty Σ :=
 
lty_select $ <[cont := (<!! A> TY () A; <??> TY A ; rec)%lty]> $
 
<[stop := END%lty]>∅.
 
Instance compute_type_client_contractive :
 
Contractive (compute_type_client_aux).
 
Proof. solve_proto_contractive. Qed.
 
Definition compute_type_client : lsty Σ :=
 
lty_rec (compute_type_client_aux).
 
Global Instance compute_type_client_unfold :
 
ProtoUnfold (lsty_car (compute_type_client))
 
(lsty_car (compute_type_client_aux compute_type_client)).
 
Proof. apply proto_unfold_eq, (fixpoint_unfold compute_type_client_aux). Qed.
 
 
Definition list_pred (A : ltty Σ) : val val iProp Σ :=
 
(λ v w : val, v = w ltty_car A v)%I.
 
 
Lemma llength_spec A (l : loc) :
 
{{{ ltty_car (list A) #l }}} llength #l
 
{{{ xs (n:Z), RET #n; Z.of_nat (length xs) = n
 
llist (λ v w , v = w ltty_car A v) l xs }}}.
 
Proof.
 
iIntros "!>" (Φ) "Hl HΦ".
 
iLöb as "IH" forall (l Φ).
 
wp_lam.
 
rewrite {2}/lty_list /lty_rec /lty_list_aux fixpoint_unfold.
 
iDestruct "Hl" as (ltmp l' [=<-]) "[Hl [ Hl' | Hl' ]]".
 
- wp_load. iDestruct "Hl'" as (xs ->) "Hl'". wp_pures.
 
iAssert (llist (list_pred A) l [])%I with "[Hl Hl']" as "Hl".
 
{ rewrite /llist. iDestruct "Hl'" as %->. iApply "Hl". }
 
iApply "HΦ". eauto with iFrame.
 
- wp_load. iDestruct "Hl'" as (xs ->) "Hl'". wp_pures.
 
iDestruct "Hl'" as (x vl' ->) "[HA Hl']".
 
(* iDestruct "Hl'" as (l' xs ->) "[Hl' Hl'']". *)
 
wp_pures.
 
rewrite fixpoint_unfold.
 
iDestruct "Hl'" as (l' xs ->) "[Hl' Hl'']".
 
wp_apply ("IH" with "[Hl' Hl'']").
 
{ rewrite /lty_list /lty_rec.
 
iEval (rewrite fixpoint_unfold).
 
iExists _, _. iFrame "Hl' Hl''". done. }
 
iIntros (ys n) "[<- H]".
 
iAssert (llist (list_pred A) l (x :: ys))%I with "[Hl HA H]" as "Hl".
 
{ iExists x, l'. eauto with iFrame. }
 
wp_pures. iApply "HΦ". iFrame "Hl". by rewrite (Nat2Z.inj_add 1).
 
Qed.
 
 
Definition cont_type (A : ltty Σ) : lsty Σ :=
 
(lty_select (<[ cont := <!!> TY () A ; END ]>∅))%lty.
 
Definition stop_type : lsty Σ :=
 
(lty_select (<[ stop := END ]>∅))%lty.
 
Definition recv_type (A : ltty Σ) : lsty Σ :=
 
(<??> TY A ; END)%lty.
 
 
Definition compute_type_invariant
 
γ (A : ltty Σ) (c : val) (counter : loc) : iProp Σ :=
 
( (n : nat) (b : bool),
 
(if b then True else own γ 1%Qp)
 
counter #n
 
c (lsty_car (lty_napp (recv_type A) n <++>
 
(if b then compute_type_client else END)%lty)))%I.
 
 
Lemma compute_type_client_unfold_app_cont A :
 
compute_type_client <:
 
(cont_type A <++> (recv_type A <++> compute_type_client)).
 
Proof.
 
rewrite {1}/compute_type_client /lty_rec fixpoint_unfold.
 
replace (fixpoint (compute_type_client_aux)) with
 
(compute_type_client) by eauto.
 
rewrite /compute_type_client_aux.
 
iApply lty_le_trans.
 
{ iApply lty_le_select.
 
iApply (big_sepM2_insert _ _ (<[stop:=END%lty]>∅));
 
[ done | done | ].
 
iSplit.
 
- iExists A. iApply lty_le_refl.
 
- iApply big_sepM2_insert; [ done | done | ].
 
iSplit; [ iApply lty_le_refl | done ]. }
 
iApply lty_le_trans.
 
{ iApply lty_le_select_subseteq.
 
apply insert_mono, insert_subseteq; done. }
 
rewrite /cont_type /recv_type.
 
iPoseProof (lty_le_app_select) as "[_ Hle]".
 
iApply (lty_le_trans); last by iApply "Hle".
 
rewrite fmap_insert fmap_empty.
 
rewrite lty_app_send lty_app_end_l.
 
rewrite lty_app_recv lty_app_end_l.
 
iApply lty_le_refl.
 
Qed.
 
 
Lemma compute_type_client_unfold_app_stop :
 
compute_type_client <: lty_select (<[stop := END%lty]>∅).
 
Proof.
 
rewrite {1}/compute_type_client /lty_rec fixpoint_unfold.
 
replace (fixpoint (compute_type_client_aux)) with
 
(compute_type_client) by eauto.
 
rewrite /compute_type_client_aux.
 
iApply lty_le_select_subseteq.
 
rewrite insert_commute; [ | eauto ].
 
apply insert_mono, insert_subseteq; done.
 
Qed.
 
 
Lemma recv_type_cont_type_swap A B :
 
recv_type B <++> cont_type A <: cont_type A <++> recv_type B.
 
Proof.
 
iApply lty_le_trans.
 
rewrite lty_app_recv lty_app_end_l.
 
iApply lty_le_swap_recv_select. rewrite fmap_insert fmap_empty.
 
iPoseProof (lty_le_app_select) as "[_ Hle]".
 
iApply (lty_le_trans); last by iApply "Hle".
 
rewrite fmap_insert fmap_empty.
 
iApply lty_le_select.
 
iApply big_sepM2_insert; [ done | done | ].
 
iSplit; [ | done ].
 
rewrite lty_app_send lty_app_end_l.
 
iApply lty_le_swap_recv_send.
 
Qed.
 
 
Lemma recv_type_stop_type_swap B :
 
recv_type B <++> stop_type <: stop_type <++> recv_type B.
 
Proof.
 
iApply lty_le_trans.
 
rewrite lty_app_recv lty_app_end_l.
 
iApply lty_le_swap_recv_select. rewrite fmap_insert fmap_empty.
 
iPoseProof (lty_le_app_select) as "[_ Hle]".
 
iApply (lty_le_trans); last by iApply "Hle".
 
rewrite fmap_insert fmap_empty.
 
iApply lty_le_select.
 
iApply big_sepM2_insert; [ done | done | ].
 
iSplit; [ | done ].
 
rewrite lty_app_end_l. eauto.
 
Qed.
 
 
Lemma send_all_par_spec γ γf A c l xs lk counter :
 
{{{ llist (list_pred (() A)) l xs own γf 1%Qp
 
is_lock γ lk (compute_type_invariant γf A c counter) }}}
 
send_all_par c #l lk #counter
 
{{{ RET #(); llist (list_pred (() A)) l []
 
is_lock γ lk (compute_type_invariant γf A c counter) }}}.
 
Proof.
 
iIntros (Φ) "(Hl & Hf & #Hlk) HΦ".
 
iInduction xs as [|x xs] "IH".
 
{ wp_lam. wp_apply (lisnil_spec with "Hl"); iIntros "Hl".
 
rewrite /select.
 
wp_apply (acquire_spec with "Hlk").
 
iIntros "[Hlocked HI]".
 
iDestruct "HI" as (n [ | ]) "(Hf' & Hcounter & Hc)"; last first.
 
{ by iDestruct (own_valid_2 with "Hf Hf'") as %[]. }
 
iDestruct (iProto_mapsto_le with "Hc []") as "Hc".
 
{ iApply iProto_le_trans.
 
{ iApply iProto_le_app; [ iApply iProto_le_refl | ].
 
iApply compute_type_client_unfold_app_stop. }
 
rewrite -lsty_car_app.
 
iApply lsty_car_mono.
 
iApply lty_napp_swap.
 
iApply recv_type_stop_type_swap. }
 
wp_send with "[]"; [ eauto | ].
 
wp_apply (release_spec with "[-HΦ Hl]").
 
{ iFrame "Hlk Hlocked".
 
iExists n, false.
 
rewrite lookup_total_insert -lsty_car_app lty_app_end_l lty_app_end_r.
 
iFrame "Hf Hcounter Hc". }
 
iIntros "_". wp_pures. iApply "HΦ". iFrame "Hl Hlk Hsf". }
 
wp_lam. wp_apply (lisnil_spec with "Hl"); iIntros "Hl".
 
wp_apply (acquire_spec with "Hlk").
 
iIntros "[Hlocked HI]".
 
iDestruct "HI" as (n [ | ]) "(Hf' & Hcounter & Hc)"; last first.
 
{ by iDestruct (own_valid_2 with "Hf Hf'") as %[]. }
 
iDestruct (iProto_mapsto_le with "Hc []") as "Hc".
 
{ iApply iProto_le_trans.
 
{ iApply iProto_le_app; [ iApply iProto_le_refl | ].
 
iApply compute_type_client_unfold_app_cont. }
 
rewrite assoc. rewrite assoc. rewrite assoc.
 
iApply iProto_le_app; [ | iApply iProto_le_refl ].
 
iApply iProto_le_app; [ | iApply iProto_le_refl ].
 
rewrite -lsty_car_app.
 
iApply lsty_car_mono.
 
iApply lty_napp_swap.
 
iApply recv_type_cont_type_swap. }
 
rewrite /select.
 
wp_send with "[]"; [ eauto | ].
 
rewrite lookup_total_insert.
 
wp_apply (lpop_spec with "Hl"); iIntros (v) "[HIx Hl]".
 
wp_send with "[HIx]".
 
{ iDestruct "HIx" as (->) "$HIx". }
 
wp_load. wp_store.
 
wp_apply (release_spec with "[-HΦ Hf Hl]").
 
{ iFrame "Hlk Hlocked".
 
iExists (n+1), true.
 
rewrite assoc.
 
rewrite left_id.
 
rewrite assoc.
 
repeat rewrite -lsty_car_app.
 
rewrite -lty_napp_S_r.
 
rewrite Nat.add_succ_r.
 
rewrite -plus_n_O.
 
replace (Z.of_nat n + 1)%Z with (Z.of_nat (S n)) by lia.
 
iFrame "Hc Hcounter". }
 
iIntros "_". wp_pures.
 
iApply ("IH" with "Hl Hf").
 
iApply "HΦ".
 
Qed.
 
 
Lemma recv_all_par_spec γ γf A c l n lk counter :
 
{{{ llist (list_pred A) l []
 
is_lock γ lk (compute_type_invariant γf A c counter) }}}
 
recv_all_par c #l #n lk #counter
 
{{{ ys, RET #(); n = length ys
 
llist (list_pred A) l ys
 
is_lock γ lk (compute_type_invariant γf A c counter) }}}.
 
Proof.
 
iIntros (Φ) "(Hl & #Hlk) HΦ".
 
iLöb as "IH" forall (n Φ).
 
destruct n as [ | n ].
 
{ wp_lam. wp_pures. iApply "HΦ". by iFrame "Hl Hlk". }
 
wp_lam.
 
wp_apply (acquire_spec with "Hlk").
 
iIntros "[Hlocked HI]".
 
iDestruct "HI" as (m b) "(Hb & Hcounter & Hc)".
 
wp_load.
 
destruct m as [ | m ].
 
{ wp_apply (release_spec with "[$Hlocked $Hlk Hb Hcounter Hc]").
 
{ iExists 0, b. iFrame "Hb Hcounter Hc". }
 
iIntros "_". wp_pures. iApply ("IH" with "Hl").
 
iApply "HΦ". }
 
wp_recv (w) as "Hw". wp_pures.
 
rewrite Nat2Z.inj_succ.
 
wp_load. wp_store.
 
replace (Z.succ (Z.of_nat m) - 1)%Z with (Z.of_nat m) by lia.
 
wp_apply (release_spec with "[$Hlocked $Hlk Hb Hcounter Hc]").
 
{ replace (Z.succ (Z.of_nat m) - 1)%Z with (Z.of_nat m) by lia.
 
iExists m, b. iFrame "Hb Hcounter Hc". }
 
iIntros "_".
 
wp_pures.
 
replace (Z.of_nat (S n) - 1)%Z with (Z.of_nat (n)) by lia.
 
wp_apply ("IH" with "Hl").
 
iIntros (ys). iDestruct 1 as (Heq) "(Hl & Hc)".
 
wp_apply (lcons_spec with "[$Hl $Hw//]").
 
iIntros "Hl". iApply "HΦ". iFrame.
 
iPureIntro. by rewrite Heq.
 
Qed.
 
 
Lemma llist_lty_list lys ys A :
 
llist (list_pred A) lys ys -∗
 
ltty_car (lty_list A) #lys.
 
Proof.
 
iIntros "Hlys".
 
iInduction ys as [|y ys] "IH" forall (lys).
 
- rewrite /lty_list /lty_rec fixpoint_unfold.
 
iExists lys, NONEV. rewrite /llist. iFrame "Hlys".
 
iSplit; [ done | ].
 
iLeft. eauto.
 
- iDestruct "Hlys" as (vb l'') "[[-> HB] [Hl' Hrec]]".
 
iEval (rewrite /lty_list /lty_rec fixpoint_unfold).
 
iExists lys, _. iFrame "Hl'".
 
iSplit; [ done | ].
 
rewrite /lty_list /lty_rec.
 
iRight. iExists _. iSplit; [ done | ]. iExists _, _. iSplit; [ done | ].
 
iFrame "HB". by iApply ("IH" with "Hrec").
 
Qed.
 
 
Lemma ltyped_compute_client Γ (A : ltty Σ) :
 
Γ compute_client : lty_list (() A)
 
chan compute_type_client
 
lty_list A.
 
Proof.
 
iApply ltyped_val_ltyped.
 
iApply ltyped_val_lam.
 
iApply ltyped_post_nil.
 
iApply (ltyped_lam [EnvItem "xs" _]).
 
iIntros "!>" (vs) "HΓ". simplify_map_eq.
 
iDestruct (env_ltyped_cons _ _ "c" with "HΓ") as (vc ->) "[Hc HΓ]".
 
iDestruct (env_ltyped_cons _ _ "xs" with "HΓ") as (vlxs ->) "[Hlxs HΓ]".
 
rewrite /lty_list /lty_rec fixpoint_unfold.
 
iDestruct "Hlxs" as (l' v ->) "[Hlxs Hv]".
 
wp_apply (llength_spec with "[Hlxs Hv]").
 
{ iEval (rewrite /lty_list /lty_rec fixpoint_unfold).
 
iExists l', v. eauto with iFrame. }
 
iIntros (xs n) "[<- Hlxs]".
 
wp_alloc counter as "Hcounter".
 
wp_apply (lnil_spec); [ done | ].
 
iIntros (lys) "Hlys".
 
iMod (own_alloc 1%Qp) as (γf) "Hf"; [ done | ].
 
wp_apply (newlock_spec (compute_type_invariant γf A vc counter)
 
with "[Hcounter Hc]").
 
{ iExists 0, true. repeat rewrite left_id. iFrame "Hcounter Hc". }
 
iIntros (lk γ) "#Hlk".
 
wp_apply (par_spec
 
(λ v, v = #())%I
 
(λ v, ys, v = #() llist (list_pred A) lys ys)%I
 
with "[Hlxs Hf] [Hlys]").
 
{ wp_apply (send_all_par_spec with "[$Hlxs $Hf $Hlk]").
 
iIntros "(Hlxs & _)". eauto. }
 
{ wp_apply (recv_all_par_spec with "[$Hlys $Hlk]").
 
iIntros (ys) "(Heq & Hlys & _)".
 
iExists ys. iFrame. eauto. }
 
iIntros (w1 w2) "[-> Hw2]".
 
iDestruct "Hw2" as (ys) "(-> & Hlys)".
 
iIntros "!>".
 
wp_pures. iFrame "HΓ".
 
by iApply llist_lty_list.
 
Qed.
 
 
Lemma lty_le_compute_type_dual :
 
lty_dual compute_type_service <: compute_type_client.
 
Proof.
 
rewrite /compute_type_client /compute_type_service.
 
iLöb as "IH".
 
iApply lty_le_r; [ | iApply lty_bi_le_sym; iApply lty_le_rec_unfold ].
 
iApply lty_le_dual_l.
 
iApply lty_le_r; [ | iApply lty_bi_le_sym; iApply lty_le_rec_unfold ].
 
iApply lty_le_l; [ iApply lty_le_dual_select | ].
 
iApply lty_le_branch. rewrite fmap_insert fmap_insert fmap_empty.
 
iApply big_sepM2_insert; [ done | done | ].
 
iSplit.
 
- iApply lty_le_l; [ iApply lty_le_dual_send_exist | ].
 
iIntros (As). iExists (As).
 
iApply lty_le_recv; [ iApply lty_le_refl | ].
 
iApply lty_le_l; [ iApply lty_le_dual_recv | ].
 
iApply lty_le_send; [ iApply lty_le_refl | ].
 
iIntros "!>!>!>". iApply lty_le_dual_l. iApply "IH".
 
- iApply big_sepM2_insert; [ done | done | ]. iSplit; [ | done ].
 
iApply lty_le_l; [ iApply lty_le_dual_end | iApply lty_le_refl ].
 
Qed.
 
 
Lemma ltyped_compute_list_par A e Γ Γ' :
 
(Γ e : lty_list (() A) Γ') -∗
 
Γ par_start (compute_service) (compute_client e) :
 
(() * (lty_list A)) Γ'.
 
Proof.
 
iIntros "He".
 
iApply (ltyped_app with "[He]").
 
{ iApply (ltyped_app with "He").
 
iApply ltyped_compute_client. }
 
iApply ltyped_app.
 
{ iApply ltyped_compute_service. }
 
iApply ltyped_subsumption; [ iApply env_le_refl | | iApply env_le_refl | ].
 
{ iApply lty_le_arr; [ iApply lty_le_refl | ].
 
iApply lty_le_arr; [ | iApply lty_le_refl ].
 
iApply lty_le_arr; [ | iApply lty_le_refl ].
 
iApply lty_le_chan.
 
iApply lty_le_compute_type_dual. }
 
iApply ltyped_par_start.
 
Qed.
 
 
End compute_example.