cancelable_invariants.v 3.92 KB
Newer Older
Jacques-Henri Jourdan's avatar
Jacques-Henri Jourdan committed
1
From iris.base_logic.lib Require Export invariants fractional.
Robbert Krebbers's avatar
Robbert Krebbers committed
2
From iris.algebra Require Export frac.
3
From iris.proofmode Require Import tactics.
4
Set Default Proof Using "Type".
Robbert Krebbers's avatar
Robbert Krebbers committed
5 6 7
Import uPred.

Class cinvG Σ := cinv_inG :> inG Σ fracR.
8 9 10 11
Definition cinvΣ : gFunctors := #[GFunctor fracR].

Instance subG_cinvΣ {Σ} : subG cinvΣ Σ  cinvG Σ.
Proof. solve_inG. Qed.
Robbert Krebbers's avatar
Robbert Krebbers committed
12 13

Section defs.
14
  Context `{invG Σ, cinvG Σ}.
Robbert Krebbers's avatar
Robbert Krebbers committed
15 16 17 18

  Definition cinv_own (γ : gname) (p : frac) : iProp Σ := own γ p.

  Definition cinv (N : namespace) (γ : gname) (P : iProp Σ) : iProp Σ :=
19
    ( P',   (P  P')  inv N (P'  cinv_own γ 1%Qp))%I.
Robbert Krebbers's avatar
Robbert Krebbers committed
20 21
End defs.

22
Instance: Params (@cinv) 5.
Robbert Krebbers's avatar
Robbert Krebbers committed
23 24

Section proofs.
25
  Context `{invG Σ, cinvG Σ}.
Robbert Krebbers's avatar
Robbert Krebbers committed
26

27
  Global Instance cinv_own_timeless γ p : Timeless (cinv_own γ p).
Robbert Krebbers's avatar
Robbert Krebbers committed
28 29
  Proof. rewrite /cinv_own; apply _. Qed.

30 31
  Global Instance cinv_contractive N γ : Contractive (cinv N γ).
  Proof. solve_contractive. Qed.
32
  Global Instance cinv_ne N γ : NonExpansive (cinv N γ).
33
  Proof. exact: contractive_ne. Qed.
Robbert Krebbers's avatar
Robbert Krebbers committed
34
  Global Instance cinv_proper N γ : Proper (() ==> ()) (cinv N γ).
35
  Proof. exact: ne_proper. Qed.
Robbert Krebbers's avatar
Robbert Krebbers committed
36

37
  Global Instance cinv_persistent N γ P : Persistent (cinv N γ P).
Robbert Krebbers's avatar
Robbert Krebbers committed
38 39
  Proof. rewrite /cinv; apply _. Qed.

Robbert Krebbers's avatar
Robbert Krebbers committed
40
  Global Instance cinv_own_fractional γ : Fractional (cinv_own γ).
Jacques-Henri Jourdan's avatar
Jacques-Henri Jourdan committed
41
  Proof. intros ??. by rewrite -own_op. Qed.
Robbert Krebbers's avatar
Robbert Krebbers committed
42
  Global Instance cinv_own_as_fractional γ q :
Jacques-Henri Jourdan's avatar
Jacques-Henri Jourdan committed
43
    AsFractional (cinv_own γ q) (cinv_own γ) q.
44
  Proof. split. done. apply _. Qed.
Robbert Krebbers's avatar
Robbert Krebbers committed
45

46 47
  Lemma cinv_own_valid γ q1 q2 : cinv_own γ q1 - cinv_own γ q2 -  (q1 + q2)%Qp.
  Proof. apply (own_valid_2 γ q1 q2). Qed.
Robbert Krebbers's avatar
Robbert Krebbers committed
48

49 50 51 52 53
  Lemma cinv_own_1_l γ q : cinv_own γ 1 - cinv_own γ q - False.
  Proof.
    iIntros "H1 H2".
    iDestruct (cinv_own_valid with "H1 H2") as %[]%(exclusive_l 1%Qp).
  Qed.
Robbert Krebbers's avatar
Robbert Krebbers committed
54

55 56 57 58 59 60 61 62 63
  Lemma cinv_iff N γ P P' :
      (P  P') - cinv N γ P - cinv N γ P'.
  Proof.
    iIntros "#HP' Hinv". iDestruct "Hinv" as (P'') "[#HP'' Hinv]".
    iExists _. iFrame "Hinv". iNext. iAlways. iSplit.
    - iIntros "?". iApply "HP''". iApply "HP'". done.
    - iIntros "?". iApply "HP'". iApply "HP''". done.
  Qed.

64 65
  Lemma cinv_alloc_strong (G : gset gname) E N :
    (|={E}=>  γ,  γ  G   cinv_own γ 1   P,  P ={E}= cinv N γ P)%I.
Robbert Krebbers's avatar
Robbert Krebbers committed
66
  Proof.
67 68
    iMod (own_alloc_strong 1%Qp G) as (γ) "[Hfresh Hγ]"; first done.
    iExists γ; iIntros "!> {$Hγ $Hfresh}" (P) "HP".
69
    iMod (inv_alloc N _ (P  own γ 1%Qp)%I with "[HP]"); first by eauto.
70 71 72
    iIntros "!>". iExists P. iSplit; last done. iIntros "!# !>"; iSplit; auto.
  Qed.

73 74 75 76 77 78 79 80 81 82 83 84 85 86 87
  Lemma cinv_open_strong E N γ p P :
    N  E 
    cinv N γ P - cinv_own γ p ={E,E∖↑N}=
     P  cinv_own γ p  ( P  cinv_own γ 1 ={E∖↑N,E}= True).
  Proof.
    iIntros (?) "#Hinv Hγ". iDestruct "Hinv" as (P') "[#HP' Hinv]".
    iInv N as "[HP | >Hγ']" "Hclose".
    - iIntros "!> {$Hγ}". iSplitL "HP".
      + iNext. iApply "HP'". done.
      + iIntros "[HP|Hγ]".
        * iApply "Hclose". iLeft. iNext. by iApply "HP'".
        * iApply "Hclose". iRight. by iNext.
    - iDestruct (cinv_own_1_l with "Hγ' Hγ") as %[].
  Qed.

88 89 90 91
  Lemma cinv_alloc E N P :  P ={E}=  γ, cinv N γ P  cinv_own γ 1.
  Proof.
    iIntros "HP". iMod (cinv_alloc_strong  E N) as (γ _) "[Hγ Halloc]".
    iExists γ. iFrame "Hγ". by iApply "Halloc".
Robbert Krebbers's avatar
Robbert Krebbers committed
92 93
  Qed.

94
  Lemma cinv_cancel E N γ P : N  E  cinv N γ P - cinv_own γ 1 ={E}=  P.
Robbert Krebbers's avatar
Robbert Krebbers committed
95
  Proof.
96 97 98
    iIntros (?) "#Hinv Hγ".
    iMod (cinv_open_strong with "Hinv Hγ") as "($ & Hγ & H)"; first done.
    iApply "H". by iRight.
Robbert Krebbers's avatar
Robbert Krebbers committed
99 100 101
  Qed.

  Lemma cinv_open E N γ p P :
102
    N  E 
103
    cinv N γ P - cinv_own γ p ={E,E∖↑N}=  P  cinv_own γ p  ( P ={E∖↑N,E}= True).
Robbert Krebbers's avatar
Robbert Krebbers committed
104
  Proof.
105 106 107
    iIntros (?) "#Hinv Hγ".
    iMod (cinv_open_strong with "Hinv Hγ") as "($ & $ & H)"; first done.
    iIntros "!> HP". iApply "H"; auto.
Robbert Krebbers's avatar
Robbert Krebbers committed
108 109
  Qed.
End proofs.
110 111

Typeclasses Opaque cinv_own cinv.