Commit 016104c0 authored by Ralf Jung's avatar Ralf Jung

prepare for merging into iris-examples

parent 568d6266
*.vo
*.vio
*.v.d
*.glob
*.cache
*.aux
\#*\#
.\#*
*~
*.bak
Makefile.coq
Makefile.coq.conf
.coq-native/
build-dep
_opam
.coqdeps.d
image: ralfjung/opam-ci:opam2
stages:
- build
variables:
CPU_CORES: "10"
.template: &template
stage: build
tags:
- fp
script:
- git clone https://gitlab.mpi-sws.org/iris/ci.git ci -b opam2
- ci/buildjob
cache:
key: "$CI_JOB_NAME"
paths:
- opamroot/
only:
- master
- /^ci/
except:
- triggers
- schedules
## Build jobs
build-coq.8.8.2:
<<: *template
variables:
OPAM_PINS: "coq version 8.8.2"
build-iris.dev:
<<: *template
variables:
OPAM_PINS: "coq version 8.8.2 coq-stdpp.dev git git+https://gitlab.mpi-sws.org/iris/stdpp.git#$STDPP_REV coq-iris.dev git git+https://gitlab.mpi-sws.org/FP/iris-coq.git#$IRIS_REV"
except:
only:
- triggers
- schedules
All files in this development are distributed under the terms of the BSD
license, included below.
------------------------------------------------------------------------------
BSD LICENCE
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
* Neither the name of the <organization> nor the
names of its contributors may be used to endorse or promote products
derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# Forward most targets to Coq makefile (with some trick to make this phony)
%: Makefile.coq phony
+@make -f Makefile.coq $@
all: Makefile.coq
+@make -f Makefile.coq all
.PHONY: all
clean: Makefile.coq
+@make -f Makefile.coq clean
find theories $$(test -d tests && echo tests) \( -name "*.d" -o -name "*.vo" -o -name "*.aux" -o -name "*.cache" -o -name "*.glob" -o -name "*.vio" \) -print -delete
rm -f Makefile.coq
.PHONY: clean
# Create Coq Makefile.
Makefile.coq: _CoqProject Makefile
"$(COQBIN)coq_makefile" -f _CoqProject -o Makefile.coq
# Install build-dependencies
build-dep/opam: opam Makefile
@echo "# Creating build-dep package."
@mkdir -p build-dep
@sed <opam -E 's/^(build|install|remove):.*/\1: []/; s/^name: *"(.*)" */name: "\1-builddep"/' >build-dep/opam
@fgrep builddep build-dep/opam >/dev/null || (echo "sed failed to fix the package name" && exit 1) # sanity check
build-dep: build-dep/opam phony
@# We want opam to not just instal the build-deps now, but to also keep satisfying these
@# constraints. Otherwise, `opam upgrade` may well update some packages to versions
@# that are incompatible with our build requirements.
@# To achieve this, we create a fake opam package that has our build-dependencies as
@# dependencies, but does not actually install anything.
@# Reinstalling is needed with opam 1 in case the pin already exists, but the builddep
@# package changed.
@BUILD_DEP_PACKAGE="$$(egrep "^name:" build-dep/opam | sed 's/^name: *"\(.*\)" */\1/')" && \
echo "# Pinning build-dep package." && \
opam pin add -k path $(OPAMFLAGS) "$$BUILD_DEP_PACKAGE".dev build-dep && \
((! opam --version | grep "^1\." > /dev/null) || ( \
echo "# Reinstalling build-dep package." && \
opam reinstall $(OPAMFLAGS) "$$BUILD_DEP_PACKAGE" \
))
# Some files that do *not* need to be forwarded to Makefile.coq
Makefile: ;
_CoqProject: ;
opam: ;
# Phony wildcard targets
phony: ;
.PHONY: phony
# IRIS-ATOMIC
Atomicity related verification based on Iris logic.
## Prerequisites
This version is known to compile with:
- Coq 8.8.2
- A development version of [Iris](https://gitlab.mpi-sws.org/FP/iris-coq/)
## Building from source
When building from source, we recommend to use opam (1.2.2 or newer) for
installing the dependencies. This requires the following two repositories:
opam repo add coq-released https://coq.inria.fr/opam/released
opam repo add iris-dev https://gitlab.mpi-sws.org/FP/opam-dev.git
Once you got opam set up, run `make build-dep` to install the right versions
of the dependencies.
Run `make -jN` to build the full development, where `N` is the number of your
CPU cores.
To update, do `git pull`. After an update, the development may fail to compile
because of outdated dependencies. To fix that, please run `opam update`
followed by `make build-dep`.
-Q theories iris_atomic
-arg -w -arg -notation-overridden,-redundant-canonical-projection,-several-object-files
theories/sync.v
theories/simple_sync.v
theories/flat.v
theories/atomic_sync.v
theories/treiber.v
theories/misc.v
theories/peritem.v
theories/atomic_pcas.v
*.pdf
*.aux
*.log
*.out
*.synctex.gz
*.txss
*.thm
*.toc
*.bbl
*.blg
*.bcf
*.run.xml
_*_.tex
auto/*.el
_minted-atomic/
all: atomic.tex
xelatex -shell-escape atomic.tex
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
% Locallabel
%
% Copyright (C) 2001, 2002, 2003 Didier Rmy
%
% Author : Didier Remy
% Version : 1.1.1
% Bug Reports : to author
% Web Site : http://pauillac.inria.fr/~remy/latex/
%
% Locallabel is free software; you can redistribute it and/or modify
% it under the terms of the GNU General Public License as published by
% the Free Software Foundation; either version 2, or (at your option)
% any later version.
%
% Locallabel is distributed in the hope that it will be useful,
% but WITHOUT ANY WARRANTY; without even the implied warranty of
% MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
% GNU General Public License for more details
% (http://pauillac.inria.fr/~remy/license/GPL).
%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
% File locallabel.sty (LaTeX macros)
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%%
%% Identification
\NeedsTeXFormat{LaTeX2e}
\ProvidesPackage{locallabel}
[2001/23/02 v0.92 Locallabel]
%% Preliminary declarations
%% Options
%% More declarations
%% We use two counters: The global counter is incremented at each reset.
%% Its value is the ``group'' of a local.
%% The local counter is the last numeric value of a bound label in the
%% current group. The value of a label #1 is globally set to
%% \csname llb@\the\c@llb@global-#1\endcsname
%% The global command \csname llb@\the\c@llb@global-#1*\endcsname is
%% use to ensure that a label is only bound once. Usually a label is
%% bound and declared at the same time with \llabel. It may also be bound in
%% advance, with \lbind, for instance so as to control the numbering.
%% Then, another \llabel must be used to declare it in the text.
%% If no \lbind has been used before, the \llabel calls \lbind implicitlt.
\newcounter{llb@global}
\newcounter{llb@local}
\newcommand \llb@find [1]
{\expandafter \ifx \csname llb@\the\c@llb@global-#1\endcsname \relax
\message {*** Local label #1 undefined in this context}%
\edef \llb@current {#1??}%
\else
\edef \llb@current {\csname llb@\the\c@llb@global-#1\endcsname}%
\fi}
\newcommand \llb@make [1]
{\expandafter \ifx \csname llb@\the\c@llb@global-#1\endcsname \relax
\stepcounter{llb@local}\relax \expandafter
\xdef \csname llb@\the\c@llb@global-#1\endcsname {\the\c@llb@local}%
\edef \llb@current {\the\c@llb@local}%
\else
\expandafter \ifx \csname llb@\the\c@llb@global-#1*\endcsname \relax
\message {*** Local label #1 already defined in this countext!}%
\edef \llb@current {\csname llb@\the\c@llb@global-#1\endcsname ??}%
\else
\expandafter \global \expandafter \let
\csname llb@\the\c@llb@global-#1*\endcsname \relax
\edef \llb@current {\csname llb@\the\c@llb@global-#1\endcsname}
\fi
\fi
}
%%% Redefine those macros to change typsetting
\newcommand \thelocallabel {\the \c@llb@local}
\newcommand \LlabelTypeset [1] {(\textrm {\bfseries #1})}
\newcommand \LrefTypeset [1] {(\textrm {#1)}}
\newcommand \glabel [1]{\LlabelTypeset{\softtarget {#1}{#1}}}
\newcommand \gref [1]{\LrefTypeset{\softlink {#1}{#1}}}
%%% To reset all local labels---which just increment a global prefix.
\newcommand \locallabelreset[1][0]%
{\stepcounter {llb@global}\setcounter {llb@local}{#1}}
%%% Make a new local label, typeset it, and bind to the given name
\def \llb@relax {\relax}
\newcommand {\llabel}[2][\relax]%
{\llb@make{#2}%
\def \@test {#1}\ifx \@test\llb@relax\else
\edef \@currentlabel {\the\c@llb@local}%
\def \@test {#1}\ifx \@test\empty \def \@test{#2}\fi
\label{\@test}%
\fi%
\LlabelTypeset {\softtarget{llb@\the\c@llb@global-#2}{\llb@current}}}
%%% Retreive the local label of given name and type set it.
\newcommand \lref [1]
{\llb@find {#1}%
\LrefTypeset {\softlink {llb@\the\c@llb@global-#1}{\llb@current}}}
%%% Make a new local label and bind it to the given name but do not typeset
%%% it. Typesetting may then be done with \llabel non locally. Useful to
%%% control the order of numberring.
\newcommand \lbind [1]
{\llb@make {#1}%
\expandafter \global \expandafter
\let \csname llb@\the\c@llb@global-#1*\endcsname \empty}
\AtBeginDocument {%
\@ifundefined{softlink}{\let \softlink \@secondoftwo}{}%
\@ifundefined{softtarget}{\let \softtarget \@secondoftwo}{}%
}
\NeedsTeXFormat{LaTeX2e}[1999/12/01]
\ProvidesPackage{pftools}
\@ifundefined{basedir}{%
\RequirePackage{locallabel}
}{%
\RequirePackage{\basedir locallabel}
}%
\RequirePackage{Tabbing} % Avoid the standard tabbing environment. Its \< conflicts with the semantic package.
\RequirePackage{xparse}
\RequirePackage{xcolor}
%% Biimplication inference rules
% \biimp above below
% The double lines obtained by the simpler
% "\mprset{fraction={===}}" overlap the conclusion (e.g., the
% mask E_M in an atomic triple).
\newcommand*{\biimp}[2]{%
\hbox{%
\ooalign{%
$\genfrac{}{}{1.6pt}1{#1}{#2}$\cr%
$\color{white}\genfrac{}{}{0.8pt}1{\phantom{#1}}{\phantom{#2}}$%
}%
}%
}
\newcommand{\BIIMP}{\mprset{myfraction=\biimp}}
%% inferH is infer with hyperlinked names.
% \savelabel lab text: Arrange for \ref{lab} to print text and to link to the current spot.
\newcommand*{\savelabel}[2]{%
% Think @currentlabel : text ref.
\edef\@currentlabel{#2}% Save text
\phantomsection% Correct hyper reference link
\label{#1}% Print text and store name↦text.
}
% \textlabel label text: Print and label text.
\newcommand*{\textlabel}[2]{{#2}\savelabel{#1}{#2}}
% \rulenamestyle visible
\newcommand*{\rulenamestyle}[1]{{\TirNameStyle{#1}}} % From mathpartir.sty.
% \ruleref [discharged] lab
\def\optionaldischarge#1{%
\if\relax\detokenize{#1}\relax\else\ensuremath{^{#1}}\fi}
\newcommand*{\ruleref}[2][]{\textmd{\rulenamestyle{\ref{#2}}}\optionaldischarge{#1}}
\newcommand*{\fakeruleref}[2][]{\rulenamestyle{#2}\optionaldischarge{#1}}
% \rulename label
\newcommand*{\rulename}[1]{\rulenamestyle{\textlabel{#1}{#1}}}
% \inferhref name lab premise conclusion
\newcommand*{\inferhref}[4]{%
\inferrule*[lab=\textlabel{#2}{#1}]{#3}{#4}%
}
% \infernH name premise conclusion, if name a valid label.
\newcommand*{\inferH}[3]{\inferhref{#1}{#1}{#2}{#3}}
\newcommand*{\axiom}[1]{\infer{}{#1}}
\newcommand*{\axiomhref}[3]{\inferhref{#1}{#2}{}{#3}}
\newcommand*{\axiomH}[2]{\inferH{#1}{}{#2}}
\newcommand*{\inferhrefB}[4]{{\BIIMP\inferhref{#1}{#2}{#3}{#4}}}
\newcommand*{\inferB}[3][]{{\BIIMP\infer[#1]{#2}{#3}}}
\newcommand*{\inferHB}[3]{{\BIIMP\inferH{#1}{#2}{#3}}}
\newcommand*{\taghref}[2]{\label{#2}\tag{\rulenamestyle{#1}}}
\newcommand*{\tagH}[1]{\taghref{#1}{#1}}
% The sanity checks in \lbind and \llabel
% don't work properly in amsmath environments
% which perhaps lay out their contents more
% than once. Use \lbind in such cases.
% Sigh.
\newcommand*{\tagL}[1]{\lbind{#1}\tag*{\llabel{#1}}}
\newcommand*\ind[1][\quad]{#1\TAB=\TAB+}
\newcommand*\unind{\TAB-}
\newcommand\IND[1][\quad]{\\*\ind[#1]}
\newcommand\UNIND{\unind \\}
% Attribution: http://tex.stackexchange.com/questions/119473/tabbing-and-line-wrapping
\newlength\pf@width
\newcommand*{\CMT}[1]{%
\setlength\pf@width{\linewidth}%
\addtolength\pf@width{\@totalleftmargin}%
\addtolength\pf@width{-\dimen\@curtab}%
\parbox[t]{\pf@width}{\nobelowdisplayskip{#1}\ifhmode\strut\fi}}
\colorlet{rescolor}{rgb:red,0;green,30;blue,55}
\colorlet{ctxcolor}{black}
\colorlet{codecolor}{rgb:red,76;green,177;blue,36}
\newcommand*\res[1]{{\color{rescolor}\ensuremath{#1}}}
%When \left\{ … \right\} looks ugly, remember Dave says you want \bracket.
\NewDocumentCommand{\RES}{s m O{}}{%
$\displaystyle{{\left\{\res{%
\IfBooleanTF{#1}{\begin{inbox}[l]#2\end{inbox}}{#2}%
}\right\}}_{#3}}$}
\NewDocumentCommand{\ARES}{m O{}}{%
${\displaystyle{\bracket\langle\rangle{\color{rescolor}{#1}}}_{#2}}$}
\newcommand*{\CODE}[1]{%
${\displaystyle{\color{codecolor}#1}}$}
\newcommand*{\VARS}[1]{%
Vars: ${\color{ctxcolor}\displaystyle{#1}}$}
\newcommand*{\CTX}[1]{%
Context: ${\color{ctxcolor}\displaystyle{#1}}$}
\newcommand*{\GOAL}[1]{%
Goal: ${\displaystyle{#1}}$}
\newcommand*{\SUFF}[1]{%
Suff: ${\displaystyle{#1}}$}
\newcommand*{\PFHAVE}[1]{%
Have: ${\displaystyle{#1}}$}
\let\pf@origqedhere\qedhere
\def\pf@setup{%
% A version of \qedhere that accounts for tabbing.
\def\qedhere{\TAB`\pf@origqedhere}%
}
\newcommand*{\TAGL}[1]{\TAB`\llabel{#1}}
% The starred version lacks leading and trailing vertical space.
\newenvironment{proofoutline*}
{\partopsep=\z@skip \topsep=\z@skip% avoid initial space
\parskip\z@skip% avoid trailing space
\pf@setup\par\begingroup\Tabbing\ignorespaces}
{\endTabbing\endgroup\unskip\ignorespacesafterend}
\newenvironment{proofoutline}
{\pf@setup\par\begingroup\Tabbing\ignorespaces}
{\endTabbing\endgroup\ignorespacesafterend}
\endinput
\makeatletter%
\@ifundefined{basedir}{%
\newcommand\basedir{}%
}{}%
\makeatother%
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% PACKAGES
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%\usepackage{amsmath}
\usepackage{amsfonts}
\usepackage{amsthm}
\usepackage{amssymb}
\usepackage{stmaryrd}
\usepackage{\basedir mathpartir}
\usepackage{\basedir pftools}
\usepackage{\basedir iris}
\usepackage{xcolor} % for print version
\usepackage{graphicx}
\usepackage{enumitem}
\usepackage{semantic}
\usepackage{csquotes}
\usepackage{hyperref}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% SETUP
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\SetSymbolFont{stmry}{bold}{U}{stmry}{m}{n} % this fixes warnings when \boldsymbol is used with stmaryrd included
\extrarowheight=\jot % else, arrays are scrunched compared to, say, aligned
\newcolumntype{.}{@{}}
% Array {rMcMl} modifies array {rcl}, putting mathrel-style spacing
% around the centered column. (We used this, for example, in laying
% out some of Iris' axioms. Generally, aligned is simpler but aligned
% does not work in mathpar because \\ inherits mathpar's 2em vskip.)
% The capital M stands for THICKMuskip. The smaller medmuskip would be
% right for mathbin-style spacing.
\newcolumntype{M}{@{\mskip\thickmuskip}}
\definecolor{StringRed}{rgb}{.637,0.082,0.082}
\definecolor{CommentGreen}{rgb}{0.0,0.55,0.3}
\definecolor{KeywordBlue}{rgb}{0.0,0.3,0.55}
\definecolor{LinkColor}{rgb}{0.55,0.0,0.3}
\definecolor{CiteColor}{rgb}{0.55,0.0,0.3}
\definecolor{HighlightColor}{rgb}{0.0,0.0,0.0}
\definecolor{grey}{rgb}{0.5,0.5,0.5}
\definecolor{red}{rgb}{1,0,0}
\hypersetup{%
linktocpage=true, pdfstartview=FitV,
breaklinks=true, pageanchor=true, pdfpagemode=UseOutlines,
plainpages=false, bookmarksnumbered, bookmarksopen=true, bookmarksopenlevel=3,
hypertexnames=true, pdfhighlight=/O,
colorlinks=true,linkcolor=LinkColor,citecolor=CiteColor,
urlcolor=LinkColor
}
%\theoremstyle{definition}
%\newtheorem{prop}{Prop}
\newtheorem{defn}{Definition}
\newtheorem{cor}{Corollary}
\newtheorem{conj}{Conj}
\newtheorem{lem}{Lemma}
\newtheorem{thm}{Theorem}
\newtheorem{exercise}{Exercise}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%% GENERIC MACROS
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\newcommand*{\Sref}[1]{\hyperref[#1]{\S\ref*{#1}}}
\newcommand*{\secref}[1]{\hyperref[#1]{Section~\ref*{#1}}}
\newcommand*{\lemref}[1]{\hyperref[#1]{Lemma~\ref*{#1}}}
\newcommand{\corref}[1]{\hyperref[#1]{Cor.~\ref*{#1}}}
\newcommand*{\defref}[1]{\hyperref[#1]{Definition~\ref*{#1}}}
\newcommand*{\egref}[1]{\hyperref[#1]{Example~\ref*{#1}}}
\newcommand*{\appendixref}[1]{\hyperref[#1]{Appendix~\ref*{#1}}}
\newcommand*{\figref}[1]{\hyperref[#1]{Figure~\ref*{#1}}}
\newcommand*{\tabref}[1]{\hyperref[#1]{Table~\ref*{#1}}}
\newcommand{\changes}{{\bf\color{red}{Changes}}}
\newcommand{\TODO}{\vskip 4pt {\color{red}\bf TODO}}
\newcommand{\ie}{\emph{i.e.,} }
\newcommand{\eg}{\emph{e.g.,} }
\newcommand{\etal}{\emph{et~al.}}
\newcommand{\wrt}{w.r.t.~}
\newcommand{\aaron}[1]{{\color{red}\textbf{AT: #1}}}
\newcommand{\derek}[1]{{\color{red}\textbf{DD: #1}}}
\newcommand{\lars}[1]{{\color{red}\textbf{LB: #1}}}
\newcommand{\kasper}[1]{{\color{red}\textbf{KS: #1}}}
\newcommand{\ralf}[1]{{\color{red}\textbf{RJ: #1}}}
\newcommand{\dave}[1]{{\color{red}\textbf{PDS: #1}}}
\newcommand{\hush}[1]{}
\newcommand{\relaxguys}{%
\let\aaron\hush%
\let\derek\hush%
\let\lars\hush%
\let\kasper\hush%
\let\ralf\hush%
\let\dave\hush%
}
opam-version: "1.2"
name: "coq-iris-atomic"
maintainer: "Zhen Zhang, Ralf Jung"
authors: "Zhen Zhang"
homepage: "http://plv.mpi-sws.org/iris/"
bug-reports: "https://gitlab.mpi-sws.org/FP/iris-atomic/issues"
dev-repo: "https://gitlab.mpi-sws.org/FP/iris-atomic.git"
build: [make "-j%{jobs}%"]
install: [make "install"]
remove: ["rm" "-rf" "%{lib}%/coq/user-contrib/iris_atomic"]
depends: [
"coq-iris" { (= "dev.2018-10-31.4.4a1eb8a3") | (= "dev") }
]
From iris.program_logic Require Export weakestpre hoare.
From iris.heap_lang Require Export lang proofmode notation.
From iris.heap_lang.lib Require Import spin_lock.
From iris.algebra Require Import agree frac.
From iris_atomic Require Import sync atomic_sync.
Import uPred.
Section atomic_pair.
Context `{!heapG Σ, !lockG Σ, !syncG Σ,
!inG Σ (prodR fracR (agreeR (prodC valC valC)))} (N : namespace).
Definition pcas_seq : val :=
λ: "ls" "ab",
if: !(Fst "ls") = Fst "ab"
then if: !(Snd "ls") = Fst "ab"
then Fst "ls" <- Snd "ab";; Snd "ls" <- Snd "ab";; #true
else #false
else #false.
Local Opaque pcas_seq.
Definition α (x: val) (_: val) : iProp Σ := ( a b: val, x = (a, b)%V)%I.
Definition ϕ (ls: val) (xs: val) : iProp Σ :=
( (l1 l2: loc) (x1 x2: val),
ls = (#l1, #l2)%V xs = (x1, x2)%V l1 x1 l2 x2)%I.
Definition β (ab: val) (xs xs': val) (v: val) : iProp Σ :=
⌜∃ a b x1 x2 x1' x2': val,
ab = (a, b)%V xs = (x1, x2)%V xs' = (x1', x2')%V
((v = #true x1 = a x2 = a x1' = b x2' = b)
(v = #false (x1 a x2 a) xs = xs'))%I.
Local Opaque β.
(* TODO: This needs updating for the new atomic_syncer.
Lemma pcas_seq_spec x: atomic_seq_spec ϕ α β ⊤ pcas_seq x.
Proof.
iIntros (_ l) "!# _". wp_seq. iPureIntro.
iIntros (x Φ g HN) "(#Hh & Hg & #Hα & HΦ)".
iDestruct "Hg" as (l1 l2 x1 x2) "(% & % & Hl1 & Hl2)".
iDestruct "Hα" as (a b) "%".
subst. simpl. iApply wp_fupd. wp_let. wp_proj. wp_load. wp_proj.
wp_op=>[?|Hx1na].
- subst.
wp_if. wp_proj. wp_load. wp_proj.
wp_op=>[?|Hx2na]. subst.
+ wp_if. wp_proj. wp_proj. wp_store. wp_proj. wp_proj. wp_store.
iDestruct ("HΦ" $! #true (b, b)%V) as "HΦ".
iApply ("HΦ" with "[Hl1 Hl2]").
{ iExists l1, l2, b, b. iFrame. eauto. }
rewrite /β. iPureIntro.
exists a, b, a, a, b, b.
repeat (split; first done). left. eauto.
+ wp_if.
iDestruct ("HΦ" $! #false (a, x2)%V) as "H".
iApply ("H" with "[Hl1 Hl2]").
{ iExists l1, l2, a, x2. iFrame. eauto. }
rewrite /β. iPureIntro.
exists a, b, a, x2, a, x2. repeat (split; first done). right. eauto.
- subst. wp_if.
iDestruct ("HΦ" $! #false (x1, x2)%V) as "H".
iApply ("H" with "[Hl1 Hl2]").
{ iExists l1, l2, x1, x2. iFrame. eauto. }
rewrite /β. iPureIntro.
exists a, b, x1, x2, x1, x2.
repeat (split; first done). right. eauto.
Qed.
Lemma pcas_atomic_spec (mk_syncer: val) (l1 l2: loc) (x1 x2: val) :
heapN ⊥ N → mk_syncer_spec N mk_syncer →
heap_ctx ∗ l1 ↦ x1 ∗ l2 ↦ x2
⊢ WP sync mk_syncer pcas_seq (LitV l1, LitV l2)%V {{ f, ∃ γ, gHalf γ (x1, x2)%V ∗ ∀ x, □ atomic_triple' α β ⊤ ⊤ f x γ }}.
Proof.
iIntros (HN Hmk_syncer) "(#Hh & Hl1 & Hl2)".
iDestruct (atomic_spec with "[Hl1 Hl2]") as "Hspec"=>//.
- apply pcas_seq_spec.
- iFrame "Hh". iExists l1, l2, x1, x2. iFrame. eauto.
Qed.*)
End atomic_pair.
......@@ -3,7 +3,6 @@ From iris.program_logic Require Export weakestpre atomic.
From iris.heap_lang Require Export lang.
From iris.heap_lang Require Import proofmode notation.
From iris.algebra Require Import frac auth gmap csum.
From iris_atomic Require Import misc.
Definition new_stack: val := λ: <>, ref (ref NONE).
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment