Commit 36c6dc3a by Robbert Krebbers

### Better use of canonical structures.

parent a198e45b
 ... ... @@ -12,27 +12,27 @@ Arguments agree_car {_} _ _. Arguments agree_is_valid {_} _ _. Section agree. Context `{Cofe A}. Context {A : cofeT}. Global Instance agree_validN : ValidN (agree A) := λ n x, Instance agree_validN : ValidN (agree A) := λ n x, agree_is_valid x n ∧ ∀ n', n' ≤ n → x n' ={n'}= x n. Lemma agree_valid_le (x : agree A) n n' : agree_is_valid x n → n' ≤ n → agree_is_valid x n'. Proof. induction 2; eauto using agree_valid_S. Qed. Global Instance agree_valid : Valid (agree A) := λ x, ∀ n, ✓{n} x. Global Instance agree_equiv : Equiv (agree A) := λ x y, Instance agree_valid : Valid (agree A) := λ x, ∀ n, ✓{n} x. Instance agree_equiv : Equiv (agree A) := λ x y, (∀ n, agree_is_valid x n ↔ agree_is_valid y n) ∧ (∀ n, agree_is_valid x n → x n ={n}= y n). Global Instance agree_dist : Dist (agree A) := λ n x y, Instance agree_dist : Dist (agree A) := λ n x y, (∀ n', n' ≤ n → agree_is_valid x n' ↔ agree_is_valid y n') ∧ (∀ n', n' ≤ n → agree_is_valid x n' → x n' ={n'}= y n'). Global Program Instance agree_compl : Compl (agree A) := λ c, Program Instance agree_compl : Compl (agree A) := λ c, {| agree_car n := c n n; agree_is_valid n := agree_is_valid (c n) n |}. Next Obligation. intros; apply agree_valid_0. Qed. Next Obligation. intros c n ?; apply (chain_cauchy c n (S n)), agree_valid_S; auto. Qed. Instance agree_cofe : Cofe (agree A). Definition agree_cofe_mixin : CofeMixin (agree A). Proof. split. * intros x y; split. ... ... @@ -49,14 +49,15 @@ Proof. by split; intros; apply agree_valid_0. * by intros c n; split; intros; apply (chain_cauchy c). Qed. Canonical Structure agreeC := CofeT agree_cofe_mixin. Global Program Instance agree_op : Op (agree A) := λ x y, Program Instance agree_op : Op (agree A) := λ x y, {| agree_car := x; agree_is_valid n := agree_is_valid x n ∧ agree_is_valid y n ∧ x ={n}= y |}. Next Obligation. by intros; simpl; split_ands; try apply agree_valid_0. Qed. Next Obligation. naive_solver eauto using agree_valid_S, dist_S. Qed. Global Instance agree_unit : Unit (agree A) := id. Global Instance agree_minus : Minus (agree A) := λ x y, x. Instance agree_unit : Unit (agree A) := id. Instance agree_minus : Minus (agree A) := λ x y, x. Instance: Commutative (≡) (@op (agree A) _). Proof. intros x y; split; [naive_solver|by intros n (?&?&Hxy); apply Hxy]. Qed. Definition agree_idempotent (x : agree A) : x ⋅ x ≡ x. ... ... @@ -70,7 +71,7 @@ Proof. * etransitivity; [apply Hxy|symmetry; apply Hy, Hy']; eauto using agree_valid_le. Qed. Instance: Proper (dist n ==> dist n ==> dist n) op. Instance: Proper (dist n ==> dist n ==> dist n) (@op (agree A) _). Proof. by intros n x1 x2 Hx y1 y2 Hy; rewrite Hy !(commutative _ _ y2) Hx. Qed. Instance: Proper ((≡) ==> (≡) ==> (≡)) op := ne_proper_2 _. Instance: Associative (≡) (@op (agree A) _). ... ... @@ -84,7 +85,7 @@ Proof. split; [|by intros ?; exists y]. by intros [z Hz]; rewrite Hz (associative _) agree_idempotent. Qed. Global Instance agree_cmra : CMRA (agree A). Definition agree_cmra_mixin : CMRAMixin (agree A). Proof. split; try (apply _ || done). * intros n x y Hxy [? Hx]; split; [by apply Hxy|intros n' ?]. ... ... @@ -103,12 +104,15 @@ Qed. Lemma agree_op_inv (x y1 y2 : agree A) n : ✓{n} x → x ={n}= y1 ⋅ y2 → y1 ={n}= y2. Proof. by intros [??] Hxy; apply Hxy. Qed. Global Instance agree_extend : CMRAExtend (agree A). Definition agree_cmra_extend_mixin : CMRAExtendMixin (agree A). Proof. intros n x y1 y2 ? Hx; exists (x,x); simpl; split. * by rewrite agree_idempotent. * by rewrite Hx (agree_op_inv x y1 y2) // agree_idempotent. Qed. Canonical Structure agreeRA : cmraT := CMRAT agree_cofe_mixin agree_cmra_mixin agree_cmra_extend_mixin. Program Definition to_agree (x : A) : agree A := {| agree_car n := x; agree_is_valid n := True |}. Solve Obligations with done. ... ... @@ -125,12 +129,20 @@ Proof. Qed. End agree. Arguments agreeC : clear implicits. Arguments agreeRA : clear implicits. Program Definition agree_map {A B} (f : A → B) (x : agree A) : agree B := {| agree_car n := f (x n); agree_is_valid := agree_is_valid x |}. Solve Obligations with auto using agree_valid_0, agree_valid_S. Lemma agree_map_id {A} (x : agree A) : agree_map id x = x. Proof. by destruct x. Qed. Lemma agree_map_compose {A B C} (f : A → B) (g : B → C) (x : agree A) : agree_map (g ∘ f) x = agree_map g (agree_map f x). Proof. done. Qed. Section agree_map. Context `{Cofe A, Cofe B} (f : A → B) `{Hf: ∀ n, Proper (dist n ==> dist n) f}. Context {A B : cofeT} (f : A → B) `{Hf: ∀ n, Proper (dist n ==> dist n) f}. Global Instance agree_map_ne n : Proper (dist n ==> dist n) (agree_map f). Proof. by intros x1 x2 Hx; split; simpl; intros; [apply Hx|apply Hf, Hx]. Qed. Global Instance agree_map_proper : ... ... @@ -147,13 +159,7 @@ Section agree_map. try apply Hxy; try apply Hf; eauto using @agree_valid_le. Qed. End agree_map. Lemma agree_map_id {A} (x : agree A) : agree_map id x = x. Proof. by destruct x. Qed. Lemma agree_map_compose {A B C} (f : A → B) (g : B → C) (x : agree A) : agree_map (g ∘ f) x = agree_map g (agree_map f x). Proof. done. Qed. Canonical Structure agreeRA (A : cofeT) : cmraT := CMRAT (agree A). Definition agreeRA_map {A B} (f : A -n> B) : agreeRA A -n> agreeRA B := CofeMor (agree_map f : agreeRA A → agreeRA B). Instance agreeRA_map_ne A B n : Proper (dist n ==> dist n) (@agreeRA_map A B). ... ...
 ... ... @@ -10,22 +10,24 @@ Notation "◯ x" := (Auth ExclUnit x) (at level 20). Notation "● x" := (Auth (Excl x) ∅) (at level 20). (* COFE *) Instance auth_equiv `{Equiv A} : Equiv (auth A) := λ x y, Section cofe. Context {A : cofeT}. Instance auth_equiv : Equiv (auth A) := λ x y, authoritative x ≡ authoritative y ∧ own x ≡ own y. Instance auth_dist `{Dist A} : Dist (auth A) := λ n x y, Instance auth_dist : Dist (auth A) := λ n x y, authoritative x ={n}= authoritative y ∧ own x ={n}= own y. Instance Auth_ne `{Dist A} : Proper (dist n ==> dist n ==> dist n) (@Auth A). Global Instance Auth_ne : Proper (dist n ==> dist n ==> dist n) (@Auth A). Proof. by split. Qed. Instance authoritative_ne `{Dist A} : Proper (dist n ==> dist n) (@authoritative A). Global Instance authoritative_ne: Proper (dist n ==> dist n) (@authoritative A). Proof. by destruct 1. Qed. Instance own_ne `{Dist A} : Proper (dist n ==> dist n) (@own A). Global Instance own_ne : Proper (dist n ==> dist n) (@own A). Proof. by destruct 1. Qed. Instance auth_compl `{Cofe A} : Compl (auth A) := λ c, Instance auth_compl : Compl (auth A) := λ c, Auth (compl (chain_map authoritative c)) (compl (chain_map own c)). Local Instance auth_cofe `{Cofe A} : Cofe (auth A). Definition auth_cofe_mixin : CofeMixin (auth A). Proof. split. * intros x y; unfold dist, auth_dist, equiv, auth_equiv. ... ... @@ -39,53 +41,59 @@ Proof. * intros c n; split. apply (conv_compl (chain_map authoritative c) n). apply (conv_compl (chain_map own c) n). Qed. Instance Auth_timeless `{Dist A, Equiv A} (x : excl A) (y : A) : Canonical Structure authC := CofeT auth_cofe_mixin. Instance Auth_timeless (x : excl A) (y : A) : Timeless x → Timeless y → Timeless (Auth x y). Proof. by intros ?? [??] [??]; split; apply (timeless _). Qed. Proof. by intros ?? [??] [??]; split; simpl in *; apply (timeless _). Qed. End cofe. Arguments authC : clear implicits. (* CMRA *) Instance auth_empty `{Empty A} : Empty (auth A) := Auth ∅ ∅. Instance auth_valid `{Equiv A, Valid A, Op A} : Valid (auth A) := λ x, Section cmra. Context {A : cmraT}. Global Instance auth_empty `{Empty A} : Empty (auth A) := Auth ∅ ∅. Instance auth_valid : Valid (auth A) := λ x, match authoritative x with | Excl a => own x ≼ a ∧ ✓ a | ExclUnit => ✓ (own x) | ExclBot => False end. Arguments auth_valid _ _ _ _ !_ /. Instance auth_validN `{Dist A, ValidN A, Op A} : ValidN (auth A) := λ n x, Global Arguments auth_valid !_ /. Instance auth_validN : ValidN (auth A) := λ n x, match authoritative x with | Excl a => own x ≼{n} a ∧ ✓{n} a | ExclUnit => ✓{n} (own x) | ExclBot => n = 0 end. Arguments auth_validN _ _ _ _ _ !_ /. Instance auth_unit `{Unit A} : Unit (auth A) := λ x, Global Arguments auth_validN _ !_ /. Instance auth_unit : Unit (auth A) := λ x, Auth (unit (authoritative x)) (unit (own x)). Instance auth_op `{Op A} : Op (auth A) := λ x y, Instance auth_op : Op (auth A) := λ x y, Auth (authoritative x ⋅ authoritative y) (own x ⋅ own y). Instance auth_minus `{Minus A} : Minus (auth A) := λ x y, Instance auth_minus : Minus (auth A) := λ x y, Auth (authoritative x ⩪ authoritative y) (own x ⩪ own y). Lemma auth_included `{Equiv A, Op A} (x y : auth A) : Lemma auth_included (x y : auth A) : x ≼ y ↔ authoritative x ≼ authoritative y ∧ own x ≼ own y. Proof. split; [intros [[z1 z2] Hz]; split; [exists z1|exists z2]; apply Hz|]. intros [[z1 Hz1] [z2 Hz2]]; exists (Auth z1 z2); split; auto. Qed. Lemma auth_includedN `{Dist A, Op A} n (x y : auth A) : Lemma auth_includedN n (x y : auth A) : x ≼{n} y ↔ authoritative x ≼{n} authoritative y ∧ own x ≼{n} own y. Proof. split; [intros [[z1 z2] Hz]; split; [exists z1|exists z2]; apply Hz|]. intros [[z1 Hz1] [z2 Hz2]]; exists (Auth z1 z2); split; auto. Qed. Lemma authoritative_validN `{CMRA A} n (x : auth A) : ✓{n} x → ✓{n} (authoritative x). Lemma authoritative_validN n (x : auth A) : ✓{n} x → ✓{n} (authoritative x). Proof. by destruct x as [[]]. Qed. Lemma own_validN `{CMRA A} n (x : auth A) : ✓{n} x → ✓{n} (own x). Lemma own_validN n (x : auth A) : ✓{n} x → ✓{n} (own x). Proof. destruct x as [[]]; naive_solver eauto using cmra_valid_includedN. Qed. Instance auth_cmra `{CMRA A} : CMRA (auth A). Definition auth_cmra_mixin : CMRAMixin (auth A). Proof. split. * apply _. * by intros n x y1 y2 [Hy Hy']; split; simpl; rewrite ?Hy ?Hy'. * by intros n y1 y2 [Hy Hy']; split; simpl; rewrite ?Hy ?Hy'. * intros n [x a] [y b] [Hx Ha]; simpl in *; ... ... @@ -103,14 +111,14 @@ Proof. * by split; simpl; rewrite ?(ra_unit_idempotent _). * intros n ??; rewrite! auth_includedN; intros [??]. by split; simpl; apply cmra_unit_preserving. * assert (∀ n a b1 b2, b1 ⋅ b2 ≼{n} a → b1 ≼{n} a). * assert (∀ n (a b1 b2 : A), b1 ⋅ b2 ≼{n} a → b1 ≼{n} a). { intros n a b1 b2 <-; apply cmra_included_l. } intros n [[a1| |] b1] [[a2| |] b2]; naive_solver eauto using cmra_valid_op_l, cmra_valid_includedN. * by intros n ??; rewrite auth_includedN; intros [??]; split; simpl; apply cmra_op_minus. Qed. Instance auth_cmra_extend `{CMRA A, !CMRAExtend A} : CMRAExtend (auth A). Definition auth_cmra_extend_mixin : CMRAExtendMixin (auth A). Proof. intros n x y1 y2 ? [??]; simpl in *. destruct (cmra_extend_op n (authoritative x) (authoritative y1) ... ... @@ -119,39 +127,49 @@ Proof. as (z2&?&?&?); auto using own_validN. by exists (Auth (z1.1) (z2.1), Auth (z1.2) (z2.2)). Qed. Instance auth_ra_empty `{CMRA A, Empty A, !RAIdentity A} : RAIdentity (auth A). Canonical Structure authRA : cmraT := CMRAT auth_cofe_mixin auth_cmra_mixin auth_cmra_extend_mixin. Instance auth_ra_empty `{Empty A} : RAIdentity A → RAIdentity (auth A). Proof. split; [apply (ra_empty_valid (A:=A))|]. split; simpl; [apply ra_empty_valid|]. by intros x; constructor; simpl; rewrite (left_id _ _). Qed. Instance auth_frag_valid_timeless `{CMRA A} (x : A) : Global Instance auth_frag_valid_timeless (x : A) : ValidTimeless x → ValidTimeless (◯ x). Proof. by intros ??; apply (valid_timeless x). Qed. Instance auth_valid_timeless `{CMRA A, Empty A, !RAIdentity A} (x : A) : Global Instance auth_valid_timeless `{Empty A, !RAIdentity A} (x : A) : ValidTimeless x → ValidTimeless (● x). Proof. by intros ? [??]; split; [apply ra_empty_least|apply (valid_timeless x)]. Qed. Lemma auth_frag_op `{CMRA A} a b : ◯ (a ⋅ b) ≡ ◯ a ⋅ ◯ b. Lemma auth_frag_op (a b : A) : ◯ (a ⋅ b) ≡ ◯ a ⋅ ◯ b. Proof. done. Qed. Lemma auth_includedN' n (x y : authC A) : x ≼{n} y ↔ authoritative x ≼{n} authoritative y ∧ own x ≼{n} own y. Proof. split; [intros [[z1 z2] Hz]; split; [exists z1|exists z2]; apply Hz|]. intros [[z1 Hz1] [z2 Hz2]]; exists (Auth z1 z2); split; auto. Qed. End cmra. Arguments authRA : clear implicits. (* Functor *) Definition authRA (A : cmraT) : cmraT := CMRAT (auth A). Instance auth_fmap : FMap auth := λ A B f x, Auth (f <\$> authoritative x) (f (own x)). Instance auth_fmap_cmra_ne `{Dist A, Dist B} n : Instance auth_fmap_cmra_ne {A B : cmraT} n : Proper ((dist n ==> dist n) ==> dist n ==> dist n) (@fmap auth _ A B). Proof. intros f g Hf [??] [??] [??]; split; [by apply excl_fmap_cmra_ne|by apply Hf]. Qed. Instance auth_fmap_cmra_monotone `{CMRA A, CMRA B} (f : A → B) : Instance auth_fmap_cmra_monotone {A B : cmraT} (f : A → B) : (∀ n, Proper (dist n ==> dist n) f) → CMRAMonotone f → CMRAMonotone (fmap f : auth A → auth B). Proof. split. * by intros n [x a] [y b]; rewrite !auth_includedN; simpl; intros [??]; split; apply includedN_preserving. * intros n [[a| |] b]; * by intros n [x a] [y b]; rewrite !auth_includedN /=; intros [??]; split; simpl; apply: includedN_preserving. * intros n [[a| |] b]; rewrite /= /cmra_validN; naive_solver eauto using @includedN_preserving, @validN_preserving. Qed. Definition authRA_map {A B : cmraT} (f : A -n> B) : authRA A -n> authRA B := ... ...
 ... ... @@ -10,37 +10,29 @@ Notation "x ≼{ n } y" := (includedN n x y) Instance: Params (@includedN) 4. Hint Extern 0 (?x ≼{_} ?x) => reflexivity. Class CMRA A `{Equiv A, Compl A, Unit A, Op A, Valid A, ValidN A, Minus A} := { Record CMRAMixin A `{Dist A, Equiv A, Unit A, Op A, Valid A, ValidN A, Minus A} := { (* setoids *) cmra_cofe :> Cofe A; cmra_op_ne n x :> Proper (dist n ==> dist n) (op x); cmra_unit_ne n :> Proper (dist n ==> dist n) unit; cmra_valid_ne n :> Proper (dist n ==> impl) (✓{n}); cmra_minus_ne n :> Proper (dist n ==> dist n ==> dist n) minus; mixin_cmra_op_ne n (x : A) : Proper (dist n ==> dist n) (op x); mixin_cmra_unit_ne n : Proper (dist n ==> dist n) unit; mixin_cmra_valid_ne n : Proper (dist n ==> impl) (✓{n}); mixin_cmra_minus_ne n : Proper (dist n ==> dist n ==> dist n) minus; (* valid *) cmra_valid_0 x : ✓{0} x; cmra_valid_S n x : ✓{S n} x → ✓{n} x; cmra_valid_validN x : ✓ x ↔ ∀ n, ✓{n} x; mixin_cmra_valid_0 x : ✓{0} x; mixin_cmra_valid_S n x : ✓{S n} x → ✓{n} x; mixin_cmra_valid_validN x : ✓ x ↔ ∀ n, ✓{n} x; (* monoid *) cmra_associative : Associative (≡) (⋅); cmra_commutative : Commutative (≡) (⋅); cmra_unit_l x : unit x ⋅ x ≡ x; cmra_unit_idempotent x : unit (unit x) ≡ unit x; cmra_unit_preserving n x y : x ≼{n} y → unit x ≼{n} unit y; cmra_valid_op_l n x y : ✓{n} (x ⋅ y) → ✓{n} x; cmra_op_minus n x y : x ≼{n} y → x ⋅ y ⩪ x ={n}= y mixin_cmra_associative : Associative (≡) (⋅); mixin_cmra_commutative : Commutative (≡) (⋅); mixin_cmra_unit_l x : unit x ⋅ x ≡ x; mixin_cmra_unit_idempotent x : unit (unit x) ≡ unit x; mixin_cmra_unit_preserving n x y : x ≼{n} y → unit x ≼{n} unit y; mixin_cmra_valid_op_l n x y : ✓{n} (x ⋅ y) → ✓{n} x; mixin_cmra_op_minus n x y : x ≼{n} y → x ⋅ y ⩪ x ={n}= y }. Class CMRAExtend A `{Equiv A, Dist A, Op A, ValidN A} := cmra_extend_op n x y1 y2 : ✓{n} x → x ={n}= y1 ⋅ y2 → { z | x ≡ z.1 ⋅ z.2 ∧ z ={n}= (y1,y2) }. Class CMRAMonotone `{Dist A, Op A, ValidN A, Dist B, Op B, ValidN B} (f : A → B) := { includedN_preserving n x y : x ≼{n} y → f x ≼{n} f y; validN_preserving n x : ✓{n} x → ✓{n} (f x) }. Hint Extern 0 (✓{0} _) => apply cmra_valid_0. Definition CMRAExtendMixin A `{Equiv A, Dist A, Op A, ValidN A} := ∀ n x y1 y2, ✓{n} x → x ={n}= y1 ⋅ y2 → { z | x ≡ z.1 ⋅ z.2 ∧ z.1 ={n}= y1 ∧ z.2 ={n}= y2 }. (** Bundeled version *) Structure cmraT := CMRAT { ... ... @@ -53,32 +45,73 @@ Structure cmraT := CMRAT { cmra_valid : Valid cmra_car; cmra_validN : ValidN cmra_car; cmra_minus : Minus cmra_car; cmra_cmra : CMRA cmra_car; cmra_extend : CMRAExtend cmra_car cmra_cofe_mixin : CofeMixin cmra_car; cmra_mixin : CMRAMixin cmra_car; cmra_extend_mixin : CMRAExtendMixin cmra_car }. Arguments CMRAT _ {_ _ _ _ _ _ _ _ _ _}. Arguments cmra_car _ : simpl never. Arguments cmra_equiv _ _ _ : simpl never. Arguments cmra_dist _ _ _ _ : simpl never. Arguments cmra_compl _ _ : simpl never. Arguments cmra_unit _ _ : simpl never. Arguments cmra_op _ _ _ : simpl never. Arguments cmra_valid _ _ : simpl never. Arguments cmra_validN _ _ _ : simpl never. Arguments cmra_minus _ _ _ : simpl never. Arguments cmra_cmra _ : simpl never. Arguments CMRAT {_ _ _ _ _ _ _ _ _} _ _ _. Arguments cmra_car : simpl never. Arguments cmra_equiv : simpl never. Arguments cmra_dist : simpl never. Arguments cmra_compl : simpl never. Arguments cmra_unit : simpl never. Arguments cmra_op : simpl never. Arguments cmra_valid : simpl never. Arguments cmra_validN : simpl never. Arguments cmra_minus : simpl never. Arguments cmra_cofe_mixin : simpl never. Arguments cmra_mixin : simpl never. Arguments cmra_extend_mixin : simpl never. Add Printing Constructor cmraT. Existing Instances cmra_equiv cmra_dist cmra_compl cmra_unit cmra_op cmra_valid cmra_validN cmra_minus cmra_cmra cmra_extend. Coercion cmra_cofeC (A : cmraT) : cofeT := CofeT A. Existing Instances cmra_unit cmra_op cmra_valid cmra_validN cmra_minus. Coercion cmra_cofeC (A : cmraT) : cofeT := CofeT (cmra_cofe_mixin A). Canonical Structure cmra_cofeC. (** Lifting properties from the mixin *) Section cmra_mixin. Context {A : cmraT}. Implicit Types x y : A. Global Instance cmra_op_ne n (x : A) : Proper (dist n ==> dist n) (op x). Proof. apply (mixin_cmra_op_ne _ (cmra_mixin A)). Qed. Global Instance cmra_unit_ne n : Proper (dist n ==> dist n) (@unit A _). Proof. apply (mixin_cmra_unit_ne _ (cmra_mixin A)). Qed. Global Instance cmra_valid_ne n : Proper (dist n ==> impl) (@validN A _ n). Proof. apply (mixin_cmra_valid_ne _ (cmra_mixin A)). Qed. Global Instance cmra_minus_ne n : Proper (dist n ==> dist n ==> dist n) (@minus A _). Proof. apply (mixin_cmra_minus_ne _ (cmra_mixin A)). Qed. Lemma cmra_valid_0 x : ✓{0} x. Proof. apply (mixin_cmra_valid_0 _ (cmra_mixin A)). Qed. Lemma cmra_valid_S n x : ✓{S n} x → ✓{n} x. Proof. apply (mixin_cmra_valid_S _ (cmra_mixin A)). Qed. Lemma cmra_valid_validN x : ✓ x ↔ ∀ n, ✓{n} x. Proof. apply (mixin_cmra_valid_validN _ (cmra_mixin A)). Qed. Lemma cmra_unit_preserving n x y : x ≼{n} y → unit x ≼{n} unit y. Proof. apply (mixin_cmra_unit_preserving _ (cmra_mixin A)). Qed. Lemma cmra_valid_op_l n x y : ✓{n} (x ⋅ y) → ✓{n} x. Proof. apply (mixin_cmra_valid_op_l _ (cmra_mixin A)). Qed. Lemma cmra_op_minus n x y : x ≼{n} y → x ⋅ y ⩪ x ={n}= y. Proof. apply (mixin_cmra_op_minus _ (cmra_mixin A)). Qed. Lemma cmra_extend_op n x y1 y2 : ✓{n} x → x ={n}= y1 ⋅ y2 → { z | x ≡ z.1 ⋅ z.2 ∧ z.1 ={n}= y1 ∧ z.2 ={n}= y2 }. Proof. apply (cmra_extend_mixin A). Qed. End cmra_mixin. Hint Extern 0 (✓{0} _) => apply cmra_valid_0. (** Morphisms *) Class CMRAMonotone {A B : cmraT} (f : A → B) := { includedN_preserving n x y : x ≼{n} y → f x ≼{n} f y; validN_preserving n x : ✓{n} x → ✓{n} (f x) }. (** Updates *) Definition cmra_updateP `{Op A, ValidN A} (x : A) (P : A → Prop) := ∀ z n, Definition cmra_updateP {A : cmraT} (x : A) (P : A → Prop) := ∀ z n, ✓{n} (x ⋅ z) → ∃ y, P y ∧ ✓{n} (y ⋅ z). Instance: Params (@cmra_updateP) 3. Infix "⇝:" := cmra_updateP (at level 70). Definition cmra_update `{Op A, ValidN A} (x y : A) := ∀ z n, Definition cmra_update {A : cmraT} (x y : A) := ∀ z n, ✓{n} (x ⋅ z) → ✓{n} (y ⋅ z). Infix "⇝" := cmra_update (at level 70). Instance: Params (@cmra_update) 3. ... ... @@ -86,13 +119,13 @@ Instance: Params (@cmra_update) 3. (** Timeless validity *) (* Not sure whether this is useful, see the rule [uPred_valid_elim_timeless] in logic.v *) Class ValidTimeless `{Valid A, ValidN A} (x : A) := Class ValidTimeless {A : cmraT} (x : A) := valid_timeless : validN 1 x → valid x. Arguments valid_timeless {_ _ _} _ {_} _. Arguments valid_timeless {_} _ {_} _. (** Properties **) Section cmra. Context `{cmra : CMRA A}. Context {A : cmraT}. Implicit Types x y z : A. Lemma cmra_included_includedN x y : x ≼ y ↔ ∀ n, x ≼{n} y. ... ... @@ -102,17 +135,17 @@ Proof. symmetry; apply cmra_op_minus, Hxy. Qed. Global Instance cmra_valid_ne' : Proper (dist n ==> iff) (✓{n}) | 1. Global Instance cmra_valid_ne' : Proper (dist n ==> iff) (✓{n} : A → _) | 1. Proof. by split; apply cmra_valid_ne. Qed. Global Instance cmra_valid_proper : Proper ((≡) ==> iff) (✓{n}) | 1. Global Instance cmra_valid_proper : Proper ((≡) ==> iff) (✓{n} : A → _) | 1. Proof. by intros n x1 x2 Hx; apply cmra_valid_ne', equiv_dist. Qed. Global Instance cmra_ra : RA A. Proof. split; try by (destruct cmra; split; try by (destruct (@cmra_mixin A); eauto using ne_proper, ne_proper_2 with typeclass_instances). * by intros x1 x2 Hx; rewrite !cmra_valid_validN; intros ? n; rewrite -Hx. * intros x y; rewrite !cmra_included_includedN. eauto using cmra_unit_preserving. eauto using @cmra_unit_preserving. * intros x y; rewrite !cmra_valid_validN; intros ? n. by apply cmra_valid_op_l with y. * intros x y [z Hz]; apply equiv_dist; intros n. ... ... @@ -122,17 +155,16 @@ Lemma cmra_valid_op_r x y n : ✓{n} (x ⋅ y) → ✓{n} y. Proof. rewrite (commutative _ x); apply cmra_valid_op_l. Qed. Lemma cmra_valid_le x n n' : ✓{n} x → n' ≤ n → ✓{n'} x. Proof. induction 2; eauto using cmra_valid_S. Qed. Global Instance ra_op_ne n : Proper (dist n ==> dist n ==> dist n) (⋅). Global Instance ra_op_ne n : Proper (dist n ==> dist n ==> dist n) (@op A _). Proof. intros x1 x2 Hx y1 y2 Hy. by rewrite Hy (commutative _ x1) Hx (commutative _ y2). Qed. Lemma cmra_unit_valid x n : ✓{n} x → ✓{n} (unit x). Proof. rewrite -{1}(cmra_unit_l x); apply cmra_valid_op_l. Qed. Proof. rewrite -{1}(ra_unit_l x); apply cmra_valid_op_l. Qed. (** * Timeless *) Lemma cmra_timeless_included_l `{!CMRAExtend A} x y : Timeless x → ✓{1} y → x ≼{1} y → x ≼ y. Lemma cmra_timeless_included_l x y : Timeless x → ✓{1} y → x ≼{1} y → x ≼ y.