Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Iris
Iris
Commits
7de018e3
Commit
7de018e3
authored
Jan 19, 2019
by
Ralf Jung
Browse files
logically atomic increment on physical heap
parent
da045e6b
Pipeline
#13905
passed with stage
in 10 minutes and 59 seconds
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Sidebyside
Showing
1 changed file
with
33 additions
and
1 deletion
+33
1
theories/heap_lang/lib/increment.v
theories/heap_lang/lib/increment.v
+33
1
No files found.
theories/heap_lang/lib/increment.v
View file @
7de018e3
...
...
@@ 8,12 +8,41 @@ Set Default Proof Using "Type".
(** Show that implementing fetchandadd on top of CAS preserves logical
atomicity. *)
(** First: logically atomic increment directly on top of the physical heap. *)
Section
increment_physical
.
Context
`
{!
heapG
Σ
}.
Definition
incr_phy
:
val
:
=
rec
:
"incr"
"l"
:
=
let
:
"oldv"
:
=
!
"l"
in
if
:
CAS
"l"
"oldv"
(
"oldv"
+
#
1
)
then
"oldv"
(* return old value if success *)
else
"incr"
"l"
.
Lemma
incr_phy_spec
(
l
:
loc
)
:
<<<
∀
(
v
:
Z
),
l
↦
#
v
>>>
incr_phy
#
l
@
⊤
<<<
l
↦
#(
v
+
1
),
RET
#
v
>>>.
Proof
.
iApply
wp_atomic_intro
.
iIntros
(
Φ
)
"AU"
.
iL
ö
b
as
"IH"
.
wp_lam
.
wp_bind
(!
_
)%
E
.
iMod
"AU"
as
(
v
)
"[Hl [Hclose _]]"
.
wp_load
.
iMod
(
"Hclose"
with
"Hl"
)
as
"AU"
.
iModIntro
.
wp_pures
.
wp_bind
(
CAS
_
_
_
)%
E
.
iMod
"AU"
as
(
w
)
"[Hl Hclose]"
.
destruct
(
decide
(#
v
=
#
w
))
as
[[=
>]
Hx
].

wp_cas_suc
.
iDestruct
"Hclose"
as
"[_ Hclose]"
.
iMod
(
"Hclose"
with
"Hl"
)
as
"HΦ"
.
iModIntro
.
wp_if
.
done
.

wp_cas_fail
.
iDestruct
"Hclose"
as
"[Hclose _]"
.
iMod
(
"Hclose"
with
"Hl"
)
as
"AU"
.
iModIntro
.
wp_if
.
iApply
"IH"
.
done
.
Qed
.
End
increment_physical
.
(** Next: logically atomic increment on top of an arbitrary logically atomic heap *)
Section
increment
.
Context
`
{!
heapG
Σ
}
{
aheap
:
atomic_heap
Σ
}.
Import
atomic_heap
.
notation
.
Definition
incr
:
val
:
=
Definition
incr
:
val
:
=
rec
:
"incr"
"l"
:
=
let
:
"oldv"
:
=
!
"l"
in
if
:
CAS
"l"
"oldv"
(
"oldv"
+
#
1
)
...
...
@@ 42,12 +71,15 @@ Section increment.
wp_if
.
iApply
"IH"
.
done
.
Qed
.
(** A "weak increment": assumes that there is no race *)
Definition
weak_incr
:
val
:
=
rec
:
"weak_incr"
"l"
:
=
let
:
"oldv"
:
=
!
"l"
in
"l"
<
(
"oldv"
+
#
1
)
;;
"oldv"
(* return old value *)
.
(** Logically atomic spec for weak increment. Also an example for what TaDA
calls "private precondition". *)
(* TODO: Generalize to q and 1q, based on some theory for a "maybemapsto"
connective that works on [option Qp] (the type of 1q). *)
Lemma
weak_incr_spec
(
l
:
loc
)
(
v
:
Z
)
:
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment