Commit 0dcb2adc authored by Ralf Jung's avatar Ralf Jung
Browse files

explain how the ghost state for the counter example can be implemented

parent de7262e2
......@@ -87,6 +87,12 @@ Module inv. Section inv.
(* We have tokens for a little "two-state STS": [start] -> [finish].
state. [start] also asserts the exact state; it is only ever owned by the
invariant. [finished] is duplicable. *)
(* Posssible implementations of these axioms:
* Using the STS monoid of a two-state STS, where [start] is the
authoritative saying the state is exactly [start], and [finish]
is the "we are at least in state [finish]" typically owned by threads.
* Ex () +_⊥ ()
Context (gname : Type).
Context (start finished : gname iProp).
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment